biboumi.1.rst 33 KB
Newer Older
louiz’'s avatar
louiz’ committed
1
======================
louiz’'s avatar
louiz’ committed
2
Biboumi(1) User Manual
louiz’'s avatar
louiz’ committed
3
======================
louiz’'s avatar
louiz’ committed
4
5
6

.. contents:: :depth: 2

louiz’'s avatar
louiz’ committed
7
NAME
louiz’'s avatar
louiz’ committed
8
====
louiz’'s avatar
louiz’ committed
9

louiz’'s avatar
louiz’ committed
10
biboumi - XMPP gateway to IRC
louiz’'s avatar
louiz’ committed
11

louiz’'s avatar
louiz’ committed
12
13
Description
===========
louiz’'s avatar
louiz’ committed
14
15
16
17
18

Biboumi is an XMPP gateway that connects to IRC servers and translates
between the two protocols. It can be used to access IRC channels using any
XMPP client as if these channels were XMPP MUCs.

louiz’'s avatar
louiz’ committed
19
20
Synopsis
========
21

louiz’'s avatar
louiz’ committed
22
biboumi [*config_filename*]
23

louiz’'s avatar
louiz’ committed
24
25
Options
=======
louiz’'s avatar
louiz’ committed
26

27
Available command line options:
louiz’'s avatar
louiz’ committed
28

louiz’'s avatar
louiz’ committed
29
30
config_filename
---------------
louiz’'s avatar
louiz’ committed
31

32
Specify the file to read for configuration. See the `Configuration`_ section for more
louiz’'s avatar
louiz’ committed
33
details on its content.
louiz’'s avatar
louiz’ committed
34

louiz’'s avatar
louiz’ committed
35
36
Configuration
=============
louiz’'s avatar
louiz’ committed
37

38
39
40
41
42
43
The configuration file uses a simple format of the form ``option=value``.

The values from the configuration file can be overridden by environment
variables, with the name all in upper case and prefixed with "BIBOUMI_".
For example, if the environment contains “BIBOUMI_PASSWORD=blah", this will
override the value of the “password” option in the configuration file.
44

45
46
47
48
Sending SIGUSR1 or SIGUSR2 (see kill(1)) to the process will force it to
re-read the configuration and make it close and re-open the log files. You
can use this to change any configuration option at runtime, or do a log
rotation.
49

50
Here is a description of every possible option:
louiz’'s avatar
louiz’ committed
51

louiz’'s avatar
louiz’ committed
52
53
hostname
--------
54

louiz’'s avatar
louiz’ committed
55
56
57
58
Mandatory. The hostname served by the XMPP gateway.  This domain must be
configured in the XMPP server as an external component.  See the manual
for your XMPP server for more information.  For prosody, see
http://prosody.im/doc/components#adding_an_external_component
59

louiz’'s avatar
louiz’ committed
60
61
password
--------
62

louiz’'s avatar
louiz’ committed
63
64
65
Mandatory. The password used to authenticate the XMPP component to your
XMPP server.  This password must be configured in the XMPP server,
associated with the external component on *hostname*.
66

louiz’'s avatar
louiz’ committed
67
68
xmpp_server_ip
--------------
69

louiz’'s avatar
louiz’ committed
70
71
72
The IP address to connect to the XMPP server on. The connection to the
XMPP server is unencrypted, so the biboumi instance and the server should
normally be on the same host. The default value is 127.0.0.1.
73

louiz’'s avatar
louiz’ committed
74
75
port
----
76

louiz’'s avatar
louiz’ committed
77
78
The TCP port to use to connect to the local XMPP component. The default
value is 5347.
79

80
81
82
83
84
85
86
87
88
89
90
91
92
93
db_name
-------

The name of the database to use. This option can only be used if biboumi
has been compiled with a database support (Sqlite3 and/or PostgreSQL). If
the value begins with the postgresql scheme, “postgresql://” or
“postgres://”, then biboumi will try to connect to the PostgreSQL database
specified by the URI. See
https://www.postgresql.org/docs/current/static/libpq-connect.html#idm46428693970032
for all possible values. For example the value could be
“postgresql://user:secret@localhost”. If the value does not start with the
postgresql scheme, then it specifies a filename that will be opened with
Sqlite3. For example the value could be “/var/lib/biboumi/biboumi.sqlite”.

louiz’'s avatar
louiz’ committed
94
95
admin
-----
louiz’'s avatar
louiz’ committed
96

louiz’'s avatar
louiz’ committed
97
The bare JID of the gateway administrator. This JID will have more
louiz’'s avatar
louiz’ committed
98
99
privileges than other standard users, for example some administration
ad-hoc commands will only be available to that JID.
louiz’'s avatar
louiz’ committed
100

101
102
If you need more than one administrator, separate them with a colon (:).

louiz’'s avatar
louiz’ committed
103
104
105
106
107
fixed_irc_server
----------------

If this option contains the hostname of an IRC server (for example
irc.example.org), then biboumi will enforce the connexion to that IRC
108
109
110
111
server only.  This means that a JID like ``#chan@biboumi.example.com``
must be used instead of ``#chan%irc.example.org@biboumi.example.com``. The
`%` character loses any meaning in the JIDs.  It can appear in the JID but
will not be interpreted as a separator (thus the JID
112
``#channel%hello@biboumi.example.com`` points to the channel named
113
114
115
116
``#channel%hello`` on the configured IRC server) This option can for
example be used by an administrator that just wants to let their users
join their own IRC server using an XMPP client, while forbidding access to
any other IRC server.
louiz’'s avatar
louiz’ committed
117

118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
persistent_by_default
---------------------

If this option is set to `true`, all rooms will be persistent by default:
the value of the “persistent” option in the global configuration of each
user will be “true”, but the value of each individual room will still
default to false. This means that a user just needs to change the global
“persistent” configuration option to false in order to override this.

If it is set to false (the default value), all rooms are not persistent by
default.

Each room can be configured individually by each user, to override this
default value. See `Ad-hoc commands`_.

louiz’'s avatar
louiz’ committed
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
realname_customization
----------------------

If this option is set to “false” (default is “true”), the users will not be
able to use the ad-hoc commands that lets them configure their realname and
username.

realname_from_jid
-----------------

If this option is set to “true”, the realname and username of each biboumi
user will be extracted from their JID.  The realname is their bare JID, and
the username is the node-part of their JID.  Note that if
``realname_customization`` is “true”, each user will still be able to
customize their realname and username, this option just decides the default
realname and username.

If this option is set to “false” (the default value), the realname and
username of each user will be set to the nick they used to connect to the
IRC server.

webirc_password
---------------

Configure a password to be communicated to the IRC server, as part of the
WEBIRC message (see https://kiwiirc.com/docs/webirc).  If this option is
set, an additional DNS resolution of the hostname of each XMPP server will
be made when connecting to an IRC server.

log_file
--------
louiz’'s avatar
louiz’ committed
164

louiz’'s avatar
louiz’ committed
165
166
A filename into which logs are written.  If none is provided, the logs are
written on standard output.
167

louiz’'s avatar
louiz’ committed
168
169
log_level
---------
170

louiz’'s avatar
louiz’ committed
171
172
173
Indicate what type of log messages to write in the logs.  Value can be
from 0 to 3.  0 is debug, 1 is info, 2 is warning, 3 is error.  The
default is 0, but a more practical value for production use is 1.
174

louiz’'s avatar
louiz’ committed
175
176
ca_file
-------
177

louiz’'s avatar
louiz’ committed
178
Specifies which file should be used as the list of trusted CA when
louiz’'s avatar
louiz’ committed
179
180
negociating a TLS session. By default this value is unset and biboumi
tries a list of well-known paths.
louiz’'s avatar
louiz’ committed
181

louiz’'s avatar
louiz’ committed
182
183
outgoing_bind
-------------
louiz’'s avatar
louiz’ committed
184

louiz’'s avatar
louiz’ committed
185
186
187
188
189
An address (IPv4 or IPv6) to bind the outgoing sockets to.  If no value is
specified, it will use the one assigned by the operating system.  You can
for example use outgoing_bind=192.168.1.11 to force biboumi to use the
interface with this address.  Note that this is only used for connections
to IRC servers.
louiz’'s avatar
louiz’ committed
190

louiz’'s avatar
louiz’ committed
191
192
193
identd_port
-----------

louiz’'s avatar
louiz’ committed
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
The TCP port on which to listen for identd queries.  The default is the
standard value: 113. To be able to listen on this privileged port, biboumi
needs to have certain capabilities: on linux, using systemd, this can be
achieved by adding `AmbientCapabilities=CAP_NET_BIND_SERVICE` to the unit
file. On other systems, other solutions exist, like the portacl module on
FreeBSD.

If biboumi’s identd server is properly started, it will receive queries from
the IRC servers asking for the “identity” of each IRC connection made to it.
Biboumi will answer with a hash of the JID that made the connection. This is
useful for the IRC server to be able to distinguish the different users, and
be able to deal with the absuses without having to simply ban the IP. Without
this identd server, moderation is a lot harder, because all the different
users of a single biboumi instance all share the same IP, and they can’t be
distinguished by the IRC servers.
louiz’'s avatar
louiz’ committed
209

210
211
To disable the built-in identd, you may set identd_port to 0.

212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
policy_directory
----------------

A directory that should contain the policy files, used to customize
Botan’s behaviour when negociating the TLS connections with the IRC
servers. If not specified, the directory is the one where biboumi’s
configuration file is located: for example if biboumi reads its
configuration from /etc/biboumi/biboumi.cfg, the policy_directory value
will be /etc/biboumi.


TLS configuration
=================

Various settings of the TLS connections can be customized using policy
files. The files should be located in the directory specified by the
configuration option `policy_directory`_.  When attempting to connect to
an IRC server using TLS, biboumi will use Botan’s default TLS policy, and
then will try to load some policy files to override the values found in
these files.  For example, if policy_directory is /etc/biboumi, when
trying to connect to irc.example.com, biboumi will try to read
/etc/biboumi/policy.txt, use the values found to override the default
values, then it will try to read /etc/biboumi/irc.example.com.policy.txt
and re-override the policy with the values found in this file.

The policy.txt file applies to all the connections, and
irc.example.policy.txt will only apply (in addition to policy.txt) when
connecting to that specific server.

To see the list of possible options to configure, refer to `Botan’s TLS
documentation <https://botan.randombit.net/manual/tls.html#tls-policies>`_.

By default, biboumi provides a few policy files, to work around some
issues found with a few well-known IRC servers.
louiz’'s avatar
louiz’ committed
246

louiz’'s avatar
louiz’ committed
247
248
Usage
=====
louiz’'s avatar
louiz’ committed
249

louiz’'s avatar
louiz’ committed
250
251
252
253
254
Biboumi acts as a server, it should be run as a daemon that lives in the
background for as long as it is needed.  Note that biboumi does not
daemonize itself, this task should be done by your init system (SysVinit,
systemd, upstart).

louiz’'s avatar
louiz’ committed
255
256
257
When started, biboumi connects, without encryption (see `Security`_), to the
local XMPP server on the port ``5347`` and authenticates with the provided
password.  Biboumi then serves the configured ``hostname``: this means that
louiz’'s avatar
louiz’ committed
258
259
260
all XMPP stanza with a `to` JID on that domain will be forwarded to biboumi
by the XMPP server, and biboumi will only send messages coming from that
hostname.
louiz’'s avatar
louiz’ committed
261

louiz’'s avatar
louiz’ committed
262
263
When a user joins an IRC channel on an IRC server (see `Join an IRC
channel`_), biboumi connects to the remote IRC server, sets the user’s nick
louiz’'s avatar
louiz’ committed
264
265
266
267
268
269
as requested, and then tries to join the specified channel.  If the same
user subsequently tries to connect to an other channel on the same server,
the same IRC connection is used.  If, however, an other user wants to join
an IRC channel on that same IRC server, biboumi opens a new connection to
that server.  Biboumi connects once to each IRC server, for each user on it.

270
271
272
273
274
275
276
277
Additionally, if one user is using more than one clients (with the same bare
JID), they can join the same IRC channel (on the same server) behind one
single nickname.  Biboumi will forward all the messages (the channel ones and
the private ones) and the presences to all the resources behind that nick.
There is no need to have multiple nicknames and multiple connections to be
able to take part in a conversation (or idle) in a channel from a mobile client
while the desktop client is still connected, for example.

louiz’'s avatar
louiz’ committed
278
To cleanly shutdown the component, send a SIGINT or SIGTERM signal to it.
louiz’'s avatar
louiz’ committed
279
It will send messages to all connected IRC and XMPP servers to indicate a
louiz’'s avatar
louiz’ committed
280
281
282
283
reason why the users are being disconnected.  Biboumi exits when the end of
communication is acknowledged by all IRC servers.  If one or more IRC
servers do not respond, biboumi will only exit if it receives the same
signal again or if a 2 seconds delay has passed.
louiz’'s avatar
louiz’ committed
284

louiz’'s avatar
louiz’ committed
285
286
Addressing
----------
louiz’'s avatar
louiz’ committed
287
288

IRC entities are represented by XMPP JIDs.  The domain part of the JID is
289
290
the domain served by biboumi (the part after the `@`, biboumi.example.com in
the examples), and the local part (the part before the `@`) depends on the
louiz’'s avatar
louiz’ committed
291
concerned entity.
louiz’'s avatar
louiz’ committed
292

293
294
IRC channels and IRC users have a local part formed like this:
``name`` % ``irc_server``.
louiz’'s avatar
louiz’ committed
295

296
297
298
299
``name`` can be a channel name or an user nickname. The distinction between
the two is based on the first character: by default, if the name starts with
``'#'`` or ``'&'`` (but this can be overridden by the server, using the
ISUPPORT extension) then it’s a channel name, otherwise this is a nickname.
louiz’'s avatar
louiz’ committed
300

301
There is two ways to address an IRC user, using a local part like this:
302
303
``nickname`` % ``irc_server`` or by using the in-room address of the
participant, like this:
louiz’'s avatar
louiz’ committed
304
``channel_name`` % ``irc_server`` @ ``biboumi.example.com`` / ``Nickname``
305
306

The second JID is available only to be compatible with XMPP clients when the
louiz’'s avatar
louiz’ committed
307
308
user wants to send a private message to the participant ``Nickname`` in the
room ``channel_name%irc_server@biboumi.example.com``.
309

louiz’'s avatar
louiz’ committed
310
311
312
313
314
On XMPP, the node part of the JID can only be lowercase.  On the other hand,
IRC nicknames are case-insensitive, this means that the nicknames toto,
Toto, tOtO and TOTO all represent the same IRC user.  This means you can
talk to the user toto, and this will work.

315
316
317
Also note that some IRC nicknames or channels may contain characters that are
not allowed in the local part of a JID (for example '@').  If you need to send a
message to a nick containing such a character, you can use a jid like
louiz’'s avatar
louiz’ committed
318
``%irc.example.com@biboumi.example.com/AnnoyingNickn@me``, because the JID
319
``AnnoyingNickn@me%irc.example.com@biboumi.example.com`` would not work.
320
And if you need to address a channel that contains such invalid characters, you
louiz’'s avatar
louiz’ committed
321
have to use `jid-escaping <http://www.xmpp.org/extensions/xep-0106.html#escaping>`_,
322
323
324
325
and replace each of these characters with their escaped version, for example to
join the channel ``#b@byfoot``, you need to use the following JID:
``#b\40byfoot%irc.example.com@biboumi.example.com``.

326

louiz’'s avatar
louiz’ committed
327
328
Examples:

louiz’'s avatar
louiz’ committed
329
* ``#foo%irc.example.com@biboumi.example.com`` is the #foo IRC channel, on the
louiz’'s avatar
louiz’ committed
330
331
332
  irc.example.com IRC server, and this is served by the biboumi instance on
  biboumi.example.com

333
* ``toto%irc.example.com@biboumi.example.com`` is the IRC user named toto, or
louiz’'s avatar
louiz’ committed
334
335
  TotO, etc.

louiz’'s avatar
louiz’ committed
336
* ``irc.example.com@biboumi.example.com`` is the IRC server irc.example.com.
louiz’'s avatar
louiz’ committed
337

louiz’'s avatar
louiz’ committed
338
339
340
Note: Some JIDs are valid but make no sense in the context of
biboumi:

louiz’'s avatar
louiz’ committed
341
* ``#test%@biboumi.example.com``, or any other JID that does not contain an
louiz’'s avatar
louiz’ committed
342
343
344
345
346
347
348
  IRC server is invalid. Any message to that kind of JID will trigger an
  error, or will be ignored.

If compiled with Libidn, an IRC channel participant has a bare JID
representing the “hostname” provided by the IRC server.  This JID can only
be used to set IRC modes (for example to ban a user based on its IP), or to
identify user. It cannot be used to contact that user using biboumi.
louiz’'s avatar
louiz’ committed
349

louiz’'s avatar
louiz’ committed
350
351
Join an IRC channel
-------------------
louiz’'s avatar
louiz’ committed
352

louiz’'s avatar
louiz’ committed
353
354
To join an IRC channel ``#foo`` on the IRC server ``irc.example.com``,
join the XMPP MUC ``#foo%irc.example.com@biboumi.example.com``.
louiz’'s avatar
louiz’ committed
355

louiz’'s avatar
louiz’ committed
356
357
Connect to an IRC server
------------------------
358
359
360

The connection to the IRC server is automatically made when the user tries
to join any channel on that IRC server.  The connection is closed whenever
361
the last channel on that server is left by the user.
362

363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
Roster
------

You can add some JIDs provided by biboumi into your own roster, to receive
presence from them. Biboumi will always automatically accept your requests.

Biboumi’s JID
-------------

By adding the component JID into your roster, the user will receive an available
presence whenever it is started, and an unavailable presence whenever it is being
shutdown.  This is useful to quickly view if that biboumi instance is started or
not.

IRC server JID
--------------

These presence will appear online in the user’s roster whenever they are
381
connected to that IRC server (see `Connect to an IRC server`_ for more
382
383
384
385
details). This is useful to keep track of which server an user is connected
to: this is sometimes hard to remember, when they have many clients, or if
they are using persistent channels.

louiz’'s avatar
louiz’ committed
386
387
Channel messages
----------------
louiz’'s avatar
louiz’ committed
388
389
390
391
392

On XMPP, unlike on IRC, the displayed order of the messages is the same for
all participants of a MUC.  Biboumi can not however provide this feature, as
it cannot know whether the IRC server has received and forwarded the
messages to other users.  This means that the order of the messages
louiz’'s avatar
louiz’ committed
393
displayed in your XMPP client may not be the same as the order on other
louiz’'s avatar
louiz’ committed
394
IRC users’.
louiz’'s avatar
louiz’ committed
395

396
397
398
History
-------

399
Public channel messages are saved into archives, inside the database, unless
400
the `record_history` option is set to false by that user (see `Ad-hoc commands`_).
401
Private messages (messages that are sent directly to a nickname, not a
402
channel) are never stored in the database.
403
404
405
406
407

A channel history can be retrieved by using `Message archive management (MAM)
<https://xmpp.org/extensions/xep-0313.htm>`_ on the channel JID.  The results
can be filtered by start and end dates.

408
409
410
411
412
413
414
415
416
417
418
When a channel is joined, if the client doesn’t specify any limit, biboumi
sends the `max_history_length` last messages found in the database as the
MUC history.  If a client wants to only use MAM for the archives (because
it’s more convenient and powerful), it should request to receive no
history by using an attribute maxchars='0' or maxstanzas='0' as defined in
XEP 0045, and do a proper MAM request instead.

Note: the maxchars attribute is ignored unless its value is exactly 0.
Supporting it properly would be very hard and would introduce a lot of
complexity for almost no benefit.

419
420
421
422
423
424
425
426
For a given channel, each user has her or his own archive.  The content of
the archives are never shared, and thus a user can not use someone else’s
archive to get the messages that they didn’t receive when they were offline.
Although this feature would be very convenient, this would introduce a very
important privacy issue: for example if a biboumi gateway is used by two
users, by querying the archive one user would be able to know whether or not
the other user was in a room at a given time.

427

louiz’'s avatar
louiz’ committed
428
429
List channels
-------------
louiz’'s avatar
louiz’ committed
430
431
432

You can list the IRC channels on a given IRC server by sending an XMPP disco
items request on the IRC server JID.  The number of channels on some servers
433
434
is huge so the result stanza may be very big, unless your client supports
result set management (XEP 0059)
louiz’'s avatar
louiz’ committed
435

louiz’'s avatar
louiz’ committed
436
437
Nicknames
---------
louiz’'s avatar
louiz’ committed
438
439
440

On IRC, nicknames are server-wide.  This means that one user only has one
single nickname at one given time on all the channels of a server. This is
louiz’'s avatar
louiz’ committed
441
different from XMPP where a user can have a different nick on each MUC,
louiz’'s avatar
louiz’ committed
442
443
444
445
446
447
448
even if these MUCs are on the same server.

This means that the nick you choose when joining your first IRC channel on a
given IRC server will be your nickname in all other channels that you join
on that same IRC server.
If you explicitely change your nickname on one channel, your nickname will
be changed on all channels on the same server as well.
449
450
451
452
453
Joining a new channel with a different nick, however, will not change your
nick.  The provided nick will be ignored, in order to avoid changing your
nick on the whole server by mistake.  If you want to have a different
nickname in the channel you’re going to join, you need to do it explicitly
with the NICK command before joining the channel.
louiz’'s avatar
louiz’ committed
454

louiz’'s avatar
louiz’ committed
455
456
Private messages
----------------
louiz’'s avatar
louiz’ committed
457
458
459

Private messages are handled differently on IRC and on XMPP.  On IRC, you
talk directly to one server-user: toto on the channel #foo is the same user
louiz’'s avatar
louiz’ committed
460
as toto on the channel #bar (as long as these two channels are on the same
461
IRC server).  By default you will receive private messages from the “global”
462
user (aka nickname%irc.example.com@biboumi.example.com), unless you
463
previously sent a message to an in-room participant (something like
louiz’'s avatar
louiz’ committed
464
\#test%irc.example.com@biboumi.example.com/nickname), in which case future
465
messages from that same user will be received from that same “in-room” JID.
louiz’'s avatar
louiz’ committed
466

louiz’'s avatar
louiz’ committed
467
468
Notices
-------
louiz’'s avatar
louiz’ committed
469
470
471
472

Notices are received exactly like private messages.  It is not possible to
send a notice.

louiz’'s avatar
louiz’ committed
473
474
475
476
Topic
-----

The topic can be set and retrieved seemlessly. The unique difference is that
louiz’'s avatar
louiz’ committed
477
478
if an XMPP user tries to set a multiline topic, every line return (\\n) will
be replaced by a space, because the IRC server wouldn’t accept it.
louiz’'s avatar
louiz’ committed
479

480
481
482
Invitations
-----------

483
484
485
If the invited JID is a user JID served by this biboumi instance, it will forward the
invitation to the target nick, over IRC.
Otherwise, the mediated instance will directly be sent to the invited JID, over XMPP.
486

487
488
489
490
491
Example: if the user wishes to invite the IRC user “FooBar” into a room, they can
invite one of the following “JIDs” (one of them is not a JID, actually):

- foobar%anything@biboumi.example.com
- anything@biboumi.example.com/FooBar
492
493
- FooBar

494
495
496
497
498
(Note that the “anything” parts are simply ignored because they carry no
additional meaning for biboumi: we already know which IRC server is targeted
using the JID of the target channel.)

Otherwise, any valid JID can be used, to invite any XMPP user.
499

louiz’'s avatar
louiz’ committed
500
501
Kicks and bans
--------------
louiz’'s avatar
louiz’ committed
502
503
504

Kicks are transparently translated from one protocol to another.  However
banning an XMPP participant has no effect.  To ban an user you need to set a
louiz’'s avatar
louiz’ committed
505
mode +b on that user nick or host (see `IRC modes`_) and then kick it.
louiz’'s avatar
louiz’ committed
506

louiz’'s avatar
louiz’ committed
507
508
Encoding
--------
louiz’'s avatar
louiz’ committed
509

louiz’'s avatar
louiz’ committed
510
On XMPP, the encoding is always ``UTF-8``, whereas on IRC the encoding of
louiz’'s avatar
louiz’ committed
511
512
513
514
515
each message can be anything.

This means that biboumi has to convert everything coming from IRC into UTF-8
without knowing the encoding of the received messages.  To do so, it checks
if each message is UTF-8 valid, if not it tries to convert from
louiz’'s avatar
louiz’ committed
516
``iso_8859-1`` (because this appears to be the most common case, at least
louiz’'s avatar
louiz’ committed
517
on the channels I visit) to ``UTF-8``.  If that conversion fails at some
louiz’'s avatar
louiz’ committed
518
point, a placeholder character ``'�'`` is inserted to indicate this
louiz’'s avatar
louiz’ committed
519
520
521
522
523
decoding error.

Messages are always sent in UTF-8 over IRC, no conversion is done in that
direction.

louiz’'s avatar
louiz’ committed
524
525
IRC modes
---------
louiz’'s avatar
louiz’ committed
526

louiz’'s avatar
louiz’ committed
527
One feature that doesn’t exist on XMPP but does on IRC is the ``modes``.
louiz’'s avatar
louiz’ committed
528
Although some of these modes have a correspondance in the XMPP world (for
louiz’'s avatar
louiz’ committed
529
example the ``+o`` mode on a user corresponds to the ``moderator`` role in
louiz’'s avatar
louiz’ committed
530
XMPP), it is impossible to map all these modes to an XMPP feature.  To
louiz’'s avatar
louiz’ committed
531
532
533
circumvent this problem, biboumi provides a raw notification when modes are
changed, and lets the user change the modes directly.

louiz’'s avatar
louiz’ committed
534
To change modes, simply send a message starting with “``/mode``” followed by
louiz’'s avatar
louiz’ committed
535
536
537
538
539
the modes and the arguments you want to send to the IRC server.  For example
“/mode +aho louiz”.  Note that your XMPP client may interprete messages
begining with “/” like a command.  To actually send a message starting with
a slash, you may need to start your message with “//mode” or “/say /mode”,
depending on your client.
louiz’'s avatar
louiz’ committed
540
541
542
543
544
545
546
547

When a mode is changed, the user is notified by a message coming from the
MUC bare JID, looking like “Mode #foo [+ov] [toto tutu]”.  In addition, if
the mode change can be translated to an XMPP feature, the user will be
notified of this XMPP event as well. For example if a mode “+o toto” is
received, then toto’s role will be changed to moderator.  The mapping
between IRC modes and XMPP features is as follow:

louiz’'s avatar
louiz’ committed
548
549
``+q``
  Sets the participant’s role to ``moderator`` and its affiliation to ``owner``.
louiz’'s avatar
louiz’ committed
550

louiz’'s avatar
louiz’ committed
551
552
``+a``
  Sets the participant’s role to ``moderator`` and its affiliation to ``owner``.
louiz’'s avatar
louiz’ committed
553

louiz’'s avatar
louiz’ committed
554
555
``+o``
  Sets the participant’s role to ``moderator`` and its affiliation to  ``admin``.
556

louiz’'s avatar
louiz’ committed
557
558
``+h``
  Sets the participant’s role to ``moderator`` and its affiliation to  ``member``.
559

louiz’'s avatar
louiz’ committed
560
``+v``
561
  Sets the participant’s role to ``participant`` and its affiliation to ``member``.
louiz’'s avatar
louiz’ committed
562

563
564
Similarly, when a biboumi user changes some participant's affiliation or role, biboumi translates that in an IRC mode change.

louiz’'s avatar
louiz’ committed
565
Affiliation set to ``none``
566
567
  Sets mode to -vhoaq

louiz’'s avatar
louiz’ committed
568
Affiliation set to ``member``
569
570
  Sets mode to +v-hoaq

louiz’'s avatar
louiz’ committed
571
Role set to ``moderator``
572
573
  Sets mode to +h-oaq

louiz’'s avatar
louiz’ committed
574
Affiliation set to ``admin``
575
576
  Sets mode to +o-aq

louiz’'s avatar
louiz’ committed
577
Affiliation set to ``owner``
578
579
  Sets mode to +a-q

louiz’'s avatar
louiz’ committed
580
581
Ad-hoc commands
---------------
louiz’'s avatar
louiz’ committed
582
583

Biboumi supports a few ad-hoc commands, as described in the XEP 0050.
584
585
Different ad-hoc commands are available for each JID type.

louiz’'s avatar
louiz’ committed
586
587
On the gateway itself (e.g on the JID biboumi.example.com):
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
louiz’'s avatar
louiz’ committed
588

louiz’'s avatar
louiz’ committed
589
- ping: Just respond “pong”
louiz’'s avatar
louiz’ committed
590

louiz’'s avatar
louiz’ committed
591
592
- hello: Provide a form, where the user enters their name, and biboumi
  responds with a nice greeting.
louiz’'s avatar
louiz’ committed
593

louiz’'s avatar
louiz’ committed
594
595
596
597
598
599
600
- disconnect-user: Only available to the administrator. The user provides
  a list of JIDs, and a quit message. All the selected users are
  disconnected from all the IRC servers to which they were connected,
  using the provided quit message. Sending SIGINT to biboumi is equivalent
  to using this command by selecting all the connected JIDs and using the
  “Gateway shutdown” quit message, except that biboumi does not exit when
  using this ad-hoc command.
louiz’'s avatar
louiz’ committed
601

louiz’'s avatar
louiz’ committed
602
603
604
605
606
- disconnect-from-irc-servers: Disconnect a single user from one or more
  IRC server.  The user is immediately disconnected by closing the socket,
  no message is sent to the IRC server, but the user is of course notified
  with an XMPP message.  The administrator can disconnect any user, while
  the other users can only disconnect themselves.
607

louiz’'s avatar
louiz’ committed
608
609
610
611
612
613
- configure: Lets each user configure some options that applies globally.
  The provided configuration form contains these fields:
    * Record History: whether or not history messages should be saved in
      the database.
    * Max history length: The maximum number of lines in the history
      that the server is allowed to send when joining a channel.
614
615
616
617
618
619
620

    * Persistent: Overrides the value specified in each individual channel.
      If this option is set to true, all channels are persistent, whether
      or not their specific value is true or false. This option is true by
      default for everyone if the `persistent_by_default` configuration
      option is true, otherwise it’s false. See below for more details on
      what a persistent channel is. This value is
louiz’'s avatar
louiz’ committed
621

louiz’'s avatar
louiz’ committed
622
623
On a server JID (e.g on the JID chat.freenode.org@biboumi.example.com)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
624

625
- configure: Lets each user configure some options that applies to the
louiz’'s avatar
louiz’ committed
626
627
  concerned IRC server.  The provided configuration form contains these
  fields:
628
629
630
631
632
633
634

    * Address: This address (IPv4, IPv6 or hostname) will be used, when
      biboumi connects to this server. This is a very handy way to have a
      custom name for a network, and be able to edit the address to use
      if one endpoint for that server is dead, but continue using the same
      JID. For example, a user could configure the server
      “freenode@biboumi.example.com”, set “chat.freenode.net” in its
louiz’'s avatar
louiz’ committed
635
      “Address” field, and then they would be able to use “freenode” as
636
637
638
      the network name forever: if “chat.freenode.net” breaks for some
      reason, it can be changed to “irc.freenode.org” instead, and the user
      would not need to change all their bookmarks and settings.
louiz’'s avatar
louiz’ committed
639
640
641
642
643
644
645
646
647
648
649
    * Realname: The customized “real name” as it will appear on the
      user’s whois. This option is not available if biboumi is configured
      with realname_customization to false.
    * Username: The “user” part in your `user@host`. This option is not
      available if biboumi is configured with realname_customization to
      false.
    * In encoding: The incoming encoding. Any received message that is not
      proper UTF-8 will be converted will be converted from the configured
      In encoding into UTF-8. If the conversion fails at some point, some
      characters will be replaced by the placeholders.
    * Out encoding: Currently ignored.
650
651
652
653
654
    * After-connection IRC commands: Raw IRC commands that will be sent
      one by one to the server immediately after the connection has been
      successful. It can for example be used to identify yourself using
      NickServ, with a command like this: `PRIVMSG NickServ :identify
      PASSWORD`.
louiz’'s avatar
louiz’ committed
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
    * Ports: The list of TCP ports to use when connecting to this IRC server.
      This list will be tried in sequence, until the connection succeeds for
      one of them. The connection made on these ports will not use TLS, the
      communication will be insecure. The default list contains 6697 and 6670.
    * TLS ports: A second list of ports to try when connecting to the IRC
      server. The only difference is that TLS will be used if the connection
      is established on one of these ports. All the ports in this list will
      be tried before using the other plain-text ports list. To entirely
      disable any non-TLS connection, just remove all the values from the
      “normal” ports list. The default list contains 6697.
    * Verify certificate: If set to true (the default value), when connecting
      on a TLS port, the connection will be aborted if the certificate is
      not valid (for example if it’s not signed by a known authority, or if
      the domain name doesn’t match, etc). Set it to false if you want to
      connect on a server with a self-signed certificate.
    * SHA-1 fingerprint of the TLS certificate to trust: if you know the hash
      of the certificate that the server is supposed to use, and you only want
      to accept this one, set its SHA-1 hash in this field.
673
674
675
676
677
678
    * Nickname: A nickname that will be used instead of the nickname provided
      in the initial presence sent to join a channel. This can be used if the
      user always wants to have the same nickname on a given server, and not
      have to bother with setting that nick in all the bookmarks on that
      server. The nickname can still manually be changed with a standard nick
      change presence.
louiz’'s avatar
louiz’ committed
679
680
681
682
683
684
685
    * Server password: A password that will be sent just after the connection,
      in a PASS command. This is usually used in private servers, where you’re
      only allowed to connect if you have the password. Note that, although
      this is NOT a password that will be sent to NickServ (or some author
      authentication service), some server (notably Freenode) use it as if it
      was sent to NickServ to identify your nickname.

686
687
688
689
690
- get-irc-connection-info: Returns some information about the IRC server,
  for the executing user. It lets the user know if they are connected to
  this server, from what port, with or without TLS, and it gives the list
  of joined IRC channel, with a detailed list of which resource is in which
  channel.
691

louiz’'s avatar
louiz’ committed
692
693
On a channel JID (e.g on the JID #test%chat.freenode.org@biboumi.example.com)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
694

695
- configure: Lets each user configure some options that applies to the
louiz’'s avatar
louiz’ committed
696
697
698
699
  concerned IRC channel.  Some of these options, if not configured for a
  specific channel, defaults to the value configured at the IRC server
  level.  For example the encoding can be specified for both the channel
  and the server.  If an encoding is not specified for a channel, the
louiz’'s avatar
louiz’ committed
700
701
702
703
704
  encoding configured in the server applies. The provided configuration
  form contains these fields:
    * In encoding: see the option with the same name in the server configuration
      form.
    * Out encoding: Currently ignored.
louiz’'s avatar
louiz’ committed
705
706
707
708
709
710
711
    * Persistent: If set to true, biboumi will stay in this channel even when
      all the XMPP resources have left the room. I.e. it will not send a PART
      command, and will stay idle in the channel until the connection is
      forcibly closed. If a resource comes back in the room again, and if
      the archiving of messages is enabled for this room, the client will
      receive the messages that where sent in this channel. This option can be
      used to make biboumi act as an IRC bouncer.
712
713
714
715
716
    * Record History: whether or not history messages should be saved in
      the database, for this specific channel. If the value is “unset” (the
      default), then the value configured globally is used. This option is there,
      for example, to be able to enable history recording globally while disabling
      it for a few specific “private” channels.
717

louiz’'s avatar
louiz’ committed
718
719
Raw IRC messages
----------------
louiz’'s avatar
louiz’ committed
720
721
722
723

Biboumi tries to support as many IRC features as possible, but doesn’t
handle everything yet (or ever).  In order to let the user send any
arbitrary IRC message, biboumi forwards any XMPP message received on an IRC
724
Server JID (see `Addressing`_) as a raw command to that IRC server.
louiz’'s avatar
louiz’ committed
725
726

For example, to WHOIS the user Foo on the server irc.example.com, a user can
727
send the message “WHOIS Foo” to ``irc.example.com@biboumi.example.com``.
louiz’'s avatar
louiz’ committed
728
729

The message will be forwarded as is, without any modification appart from
730
731
adding ``\r\n`` at the end (to make it a valid IRC message).  You need to
have a little bit of understanding of the IRC protocol to use this feature.
louiz’'s avatar
louiz’ committed
732

louiz’'s avatar
louiz’ committed
733
734
Security
========
louiz’'s avatar
louiz’ committed
735

736
737
738
739
740
741
The connection to the XMPP server can only be made on localhost.  The
XMPP server is not supposed to accept non-local connections from components.
Thus, encryption is not used to connect to the local XMPP server because it
is useless.

If compiled with the Botan library, biboumi can use TLS when communicating
742
with the IRC servers.  It will first try ports 6697 and 6670 and use TLS if
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
it succeeds, if connection fails on both these ports, the connection is
established on port 6667 without any encryption.

Biboumi does not check if the received JIDs are properly formatted using
nodeprep.  This must be done by the XMPP server to which biboumi is directly
connected.

Note if you use a biboumi that you have no control on: remember that the
administrator of the gateway you use is able to view all your IRC
conversations, whether you’re using encryption or not.  This is exactly as
if you were running your IRC client on someone else’s server.  Only use
biboumi if you trust its administrator (or, better, if you are the
administrator) or if you don’t intend to have any private conversation.

Biboumi does not provide a way to ban users from connecting to it, has no
protection against flood or any sort of abuse that your users may cause on
the IRC servers. Some XMPP server however offer the possibility to restrict
what JID can access a gateway. Use that feature if you wish to grant access
to your biboumi instance only to a list of trusted users.
762