1 |
michael |
5052 |
/* |
2 |
|
|
* Copyright (C) 2002 Erik Fears |
3 |
|
|
* |
4 |
|
|
* This program is free software; you can redistribute it and/or |
5 |
|
|
* modify it under the terms of the GNU General Public License |
6 |
|
|
* as published by the Free Software Foundation; either version 2 |
7 |
|
|
* of the License, or (at your option) any later version. |
8 |
|
|
* |
9 |
|
|
* This program is distributed in the hope that it will be useful, |
10 |
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
11 |
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
12 |
|
|
* GNU General Public License for more details. |
13 |
|
|
* |
14 |
|
|
* You should have received a copy of the GNU General Public License |
15 |
|
|
* along with this program; if not, write to |
16 |
|
|
* |
17 |
|
|
* The Free Software Foundation, Inc. |
18 |
|
|
* 59 Temple Place - Suite 330 |
19 |
|
|
* Boston, MA 02111-1307, USA. |
20 |
|
|
* |
21 |
|
|
* |
22 |
|
|
*/ |
23 |
|
|
|
24 |
|
|
#include "setup.h" |
25 |
|
|
|
26 |
|
|
#include <stdio.h> |
27 |
|
|
#include <unistd.h> |
28 |
|
|
#include <assert.h> |
29 |
|
|
|
30 |
|
|
#ifdef STDC_HEADERS |
31 |
|
|
# include <stdlib.h> |
32 |
|
|
# include <string.h> |
33 |
|
|
#endif |
34 |
|
|
|
35 |
|
|
#ifdef TIME_WITH_SYS_TIME |
36 |
|
|
# include <sys/time.h> |
37 |
|
|
# include <time.h> |
38 |
|
|
#else |
39 |
|
|
# ifdef HAVE_SYS_TIME_H |
40 |
|
|
# include <sys/time.h> |
41 |
|
|
# else |
42 |
|
|
# include <time.h> |
43 |
|
|
# endif |
44 |
|
|
#endif |
45 |
|
|
|
46 |
|
|
#include <errno.h> |
47 |
|
|
#include <fcntl.h> |
48 |
|
|
|
49 |
michael |
5165 |
#include <sys/types.h> |
50 |
|
|
#include <sys/socket.h> |
51 |
|
|
#include <netdb.h> |
52 |
|
|
|
53 |
michael |
5052 |
#ifdef HAVE_SYS_POLL_H |
54 |
|
|
# include <sys/poll.h> |
55 |
|
|
#endif |
56 |
|
|
|
57 |
|
|
#include "inet.h" |
58 |
|
|
#include "compat.h" |
59 |
|
|
#include "config.h" |
60 |
|
|
#include "irc.h" |
61 |
|
|
#include "log.h" |
62 |
|
|
#include "opercmd.h" |
63 |
|
|
#include "stats.h" |
64 |
|
|
#include "dnsbl.h" |
65 |
|
|
#include "extern.h" |
66 |
|
|
#include "options.h" |
67 |
|
|
#include "negcache.h" |
68 |
|
|
#include "malloc.h" |
69 |
|
|
#include "match.h" |
70 |
|
|
#include "scan.h" |
71 |
|
|
|
72 |
|
|
/* Libopm */ |
73 |
|
|
|
74 |
|
|
#include "libopm/src/opm.h" |
75 |
|
|
#include "libopm/src/opm_common.h" |
76 |
|
|
#include "libopm/src/opm_error.h" |
77 |
|
|
#include "libopm/src/opm_types.h" |
78 |
|
|
|
79 |
|
|
|
80 |
|
|
/* GLOBAL LISTS */ |
81 |
|
|
|
82 |
|
|
static list_t *SCANNERS = NULL; /* List of OPM_T */ |
83 |
|
|
static list_t *MASKS = NULL; /* Associative list of masks->scanners */ |
84 |
|
|
|
85 |
|
|
|
86 |
|
|
/* Negative Cache */ |
87 |
|
|
struct cnode *nc_head; |
88 |
|
|
|
89 |
|
|
|
90 |
|
|
/* Function declarations */ |
91 |
|
|
|
92 |
|
|
struct scan_struct *scan_create(char **, char *); |
93 |
|
|
void scan_free(struct scan_struct *); |
94 |
michael |
5072 |
static void scan_irckline(struct scan_struct *, const char *, const char *); |
95 |
michael |
5052 |
static void scan_negative(struct scan_struct *); |
96 |
|
|
static void scan_log(OPM_REMOTE_T *); |
97 |
|
|
|
98 |
|
|
/** Callbacks for LIBOPM */ |
99 |
|
|
void scan_open_proxy(OPM_T *, OPM_REMOTE_T *, int, void *); |
100 |
|
|
void scan_negotiation_failed(OPM_T *, OPM_REMOTE_T *, int, void *); |
101 |
|
|
static void scan_timeout(OPM_T *, OPM_REMOTE_T *, int, void *); |
102 |
|
|
static void scan_end(OPM_T *, OPM_REMOTE_T *, int, void *); |
103 |
|
|
static void scan_handle_error(OPM_T *, OPM_REMOTE_T *, int, void *); |
104 |
|
|
|
105 |
|
|
extern FILE *scanlogfile; |
106 |
|
|
|
107 |
michael |
5114 |
|
108 |
michael |
5052 |
/* scan_cycle |
109 |
|
|
* |
110 |
|
|
* Perform scanner tasks. |
111 |
|
|
*/ |
112 |
michael |
5114 |
void |
113 |
|
|
scan_cycle(void) |
114 |
michael |
5052 |
{ |
115 |
michael |
5114 |
node_t *p; |
116 |
michael |
5052 |
|
117 |
michael |
5114 |
/* Cycle through the blacklist first.. */ |
118 |
|
|
dnsbl_cycle(); |
119 |
michael |
5052 |
|
120 |
michael |
5114 |
/* Cycle each scanner object */ |
121 |
|
|
LIST_FOREACH(p, SCANNERS->head) |
122 |
|
|
{ |
123 |
|
|
struct scanner_struct *scs = p->data; |
124 |
|
|
opm_cycle(scs->scanner); |
125 |
|
|
} |
126 |
michael |
5052 |
} |
127 |
|
|
|
128 |
|
|
/* scan_timer |
129 |
|
|
* |
130 |
|
|
* Perform actions that are to be performed every ~1 second. |
131 |
|
|
* |
132 |
|
|
* Parameters: NONE |
133 |
|
|
* Return: NONE |
134 |
|
|
* |
135 |
|
|
*/ |
136 |
michael |
5114 |
void |
137 |
|
|
scan_timer(void) |
138 |
michael |
5052 |
{ |
139 |
michael |
5114 |
static int nc_counter; |
140 |
michael |
5052 |
|
141 |
michael |
5114 |
if (OptionsItem->negcache > 0) |
142 |
|
|
{ |
143 |
|
|
if (nc_counter++ >= NEG_CACHE_REBUILD) |
144 |
|
|
{ |
145 |
|
|
/* |
146 |
|
|
* Time to rebuild the negative |
147 |
|
|
* cache. |
148 |
|
|
*/ |
149 |
|
|
if (OPT_DEBUG) |
150 |
|
|
log_printf("SCAN -> Rebuilding negative cache"); |
151 |
michael |
5052 |
|
152 |
michael |
5114 |
negcache_rebuild(); |
153 |
|
|
nc_counter = 0; |
154 |
|
|
} |
155 |
|
|
} |
156 |
michael |
5052 |
} |
157 |
|
|
|
158 |
|
|
/* scan_gettype(int protocol) |
159 |
|
|
* |
160 |
|
|
* Return human readable name of OPM PROTOCOL given OPM_TYPE_PROTOCOL |
161 |
|
|
* |
162 |
|
|
* Parameters: |
163 |
|
|
* protocol: Protocol to return (from libopm/src/opm_types.h) |
164 |
|
|
* |
165 |
|
|
* Return: |
166 |
|
|
* Pointer to static string containing human readable form of protocol |
167 |
|
|
* name |
168 |
|
|
* |
169 |
|
|
*/ |
170 |
michael |
5114 |
const char * |
171 |
|
|
scan_gettype(int protocol) |
172 |
michael |
5052 |
{ |
173 |
michael |
5114 |
static const char *undef = "undefined"; |
174 |
|
|
static struct protocol_assoc protocols[] = |
175 |
|
|
{ |
176 |
|
|
{ OPM_TYPE_HTTP, "HTTP" }, |
177 |
|
|
{ OPM_TYPE_HTTPPOST, "HTTPPOST" }, |
178 |
|
|
{ OPM_TYPE_SOCKS4, "SOCKS4" }, |
179 |
|
|
{ OPM_TYPE_SOCKS5, "SOCKS5" }, |
180 |
|
|
{ OPM_TYPE_WINGATE, "WINGATE" }, |
181 |
|
|
{ OPM_TYPE_ROUTER, "ROUTER" } |
182 |
|
|
}; |
183 |
michael |
5052 |
|
184 |
michael |
5116 |
for (unsigned int i = 0; i < (sizeof(protocols) / sizeof(struct protocol_assoc)); ++i) |
185 |
michael |
5114 |
if (protocol == protocols[i].type) |
186 |
|
|
return protocols[i].name; |
187 |
michael |
5052 |
|
188 |
michael |
5114 |
return undef; |
189 |
michael |
5052 |
} |
190 |
|
|
|
191 |
|
|
/* scan_init |
192 |
|
|
|
193 |
|
|
Initialize scanner and masks list based on configuration. |
194 |
|
|
|
195 |
|
|
Parameters: |
196 |
|
|
None |
197 |
|
|
|
198 |
|
|
Return: |
199 |
|
|
None |
200 |
|
|
*/ |
201 |
michael |
5114 |
void |
202 |
|
|
scan_init(void) |
203 |
michael |
5052 |
{ |
204 |
michael |
5116 |
node_t *p, *p2, *p3, *p4, *node; |
205 |
|
|
struct UserConf *uc; |
206 |
|
|
struct ScannerConf *sc; |
207 |
|
|
struct ProtocolConf *pc; |
208 |
|
|
struct scanner_struct *scs; |
209 |
|
|
char *mask; |
210 |
|
|
char *scannername; |
211 |
michael |
5052 |
|
212 |
michael |
5116 |
/* FIXME: If rehash code is ever added, cleanup would need done here. */ |
213 |
michael |
5052 |
|
214 |
michael |
5116 |
SCANNERS = list_create(); |
215 |
|
|
MASKS = list_create(); |
216 |
michael |
5052 |
|
217 |
michael |
5116 |
/* Setup each individual scanner */ |
218 |
|
|
LIST_FOREACH(p, ScannerItemList->head) |
219 |
|
|
{ |
220 |
|
|
sc = p->data; |
221 |
|
|
scs = MyMalloc(sizeof *scs); |
222 |
michael |
5052 |
|
223 |
michael |
5116 |
if (OPT_DEBUG) |
224 |
|
|
log_printf("SCAN -> Setting up scanner [%s]", sc->name); |
225 |
michael |
5052 |
|
226 |
michael |
5116 |
/* Build the scanner */ |
227 |
|
|
scs->scanner = opm_create(); |
228 |
|
|
scs->name = xstrdup(sc->name); |
229 |
|
|
scs->masks = list_create(); |
230 |
michael |
5052 |
|
231 |
michael |
5116 |
/* Setup configuration */ |
232 |
michael |
5121 |
opm_config(scs->scanner, OPM_CONFIG_FD_LIMIT, &sc->fd); |
233 |
michael |
5116 |
opm_config(scs->scanner, OPM_CONFIG_SCAN_IP, sc->target_ip); |
234 |
michael |
5121 |
opm_config(scs->scanner, OPM_CONFIG_SCAN_PORT, &sc->target_port); |
235 |
|
|
opm_config(scs->scanner, OPM_CONFIG_TIMEOUT, &sc->timeout); |
236 |
|
|
opm_config(scs->scanner, OPM_CONFIG_MAX_READ, &sc->max_read); |
237 |
michael |
5116 |
opm_config(scs->scanner, OPM_CONFIG_BIND_IP, sc->vhost); |
238 |
michael |
5052 |
|
239 |
michael |
5116 |
/* add target strings */ |
240 |
|
|
LIST_FOREACH(p2, sc->target_string->head) |
241 |
|
|
opm_config(scs->scanner, OPM_CONFIG_TARGET_STRING, (char *) p2->data); |
242 |
michael |
5052 |
|
243 |
michael |
5116 |
/* Setup callbacks */ |
244 |
|
|
opm_callback(scs->scanner, OPM_CALLBACK_OPENPROXY, &scan_open_proxy, scs); |
245 |
|
|
opm_callback(scs->scanner, OPM_CALLBACK_NEGFAIL, &scan_negotiation_failed, scs); |
246 |
|
|
opm_callback(scs->scanner, OPM_CALLBACK_TIMEOUT, &scan_timeout, scs); |
247 |
|
|
opm_callback(scs->scanner, OPM_CALLBACK_END, &scan_end, scs); |
248 |
|
|
opm_callback(scs->scanner, OPM_CALLBACK_ERROR, &scan_handle_error, scs); |
249 |
michael |
5052 |
|
250 |
michael |
5116 |
/* Setup the protocols */ |
251 |
|
|
LIST_FOREACH(p2, sc->protocols->head) |
252 |
|
|
{ |
253 |
|
|
pc = p2->data; |
254 |
michael |
5052 |
|
255 |
michael |
5116 |
if (OPT_DEBUG >= 2) |
256 |
|
|
log_printf("SCAN -> Adding protocol %s:%d to scanner [%s]", |
257 |
|
|
scan_gettype(pc->type), pc->port, scs->name); |
258 |
michael |
5052 |
|
259 |
michael |
5116 |
if (opm_addtype(scs->scanner, pc->type, pc->port) == OPM_ERR_BADPROTOCOL) |
260 |
|
|
log_printf("SCAN -> Error bad protocol %s:%d in scanner [%s]", |
261 |
|
|
scan_gettype(pc->type), pc->port, scs->name); |
262 |
|
|
} |
263 |
michael |
5052 |
|
264 |
michael |
5116 |
node = node_create(scs); |
265 |
|
|
list_add(SCANNERS, node); |
266 |
|
|
} |
267 |
michael |
5052 |
|
268 |
michael |
5116 |
/* Give scanners a list of masks they scan */ |
269 |
|
|
LIST_FOREACH(p, SCANNERS->head) |
270 |
|
|
{ |
271 |
|
|
scs = p->data; |
272 |
michael |
5052 |
|
273 |
michael |
5116 |
LIST_FOREACH(p2, UserItemList->head) |
274 |
|
|
{ |
275 |
|
|
uc = p2->data; |
276 |
michael |
5052 |
|
277 |
michael |
5116 |
LIST_FOREACH(p3, uc->scanners->head) |
278 |
|
|
{ |
279 |
|
|
scannername = p3->data; |
280 |
michael |
5052 |
|
281 |
michael |
5116 |
/* Add all these masks to scanner */ |
282 |
|
|
if (strcasecmp(scannername, scs->name) == 0) |
283 |
|
|
{ |
284 |
|
|
LIST_FOREACH(p4, uc->masks->head) |
285 |
|
|
{ |
286 |
|
|
mask = p4->data; |
287 |
michael |
5052 |
|
288 |
michael |
5116 |
if (OPT_DEBUG) |
289 |
|
|
log_printf("SCAN -> Linking the mask [%s] to scanner [%s]", mask, scannername); |
290 |
michael |
5052 |
|
291 |
michael |
5116 |
node = node_create(xstrdup(mask)); |
292 |
|
|
list_add(scs->masks, node); |
293 |
|
|
} |
294 |
michael |
5052 |
|
295 |
michael |
5116 |
break; |
296 |
|
|
} |
297 |
michael |
5052 |
} |
298 |
michael |
5116 |
} |
299 |
|
|
} |
300 |
michael |
5052 |
|
301 |
michael |
5116 |
/* Initialise negative cache */ |
302 |
|
|
if (OptionsItem->negcache > 0) |
303 |
|
|
{ |
304 |
|
|
if (OPT_DEBUG >= 2) |
305 |
|
|
log_printf("SCAN -> Initializing negative cache"); |
306 |
|
|
|
307 |
|
|
nc_init(&nc_head); |
308 |
|
|
} |
309 |
michael |
5052 |
} |
310 |
|
|
|
311 |
|
|
|
312 |
|
|
/* scan_connect |
313 |
|
|
* |
314 |
|
|
* scan_connect is called when m_notice (irc.c) matches a connection |
315 |
|
|
* notice and parses the connecting user out of it. |
316 |
|
|
* |
317 |
|
|
* Parameters: |
318 |
|
|
* user: Parsed items from the connection notice: |
319 |
|
|
* user[0] = connecting users nickname |
320 |
|
|
* user[1] = connecting users username |
321 |
|
|
* user[2] = connecting users hostname |
322 |
|
|
* user[3] = connecting users IP |
323 |
|
|
* msg = Original connect notice |
324 |
|
|
* Return: NONE |
325 |
|
|
* |
326 |
|
|
*/ |
327 |
michael |
5116 |
void |
328 |
|
|
scan_connect(char **user, char *msg) |
329 |
michael |
5052 |
{ |
330 |
michael |
5116 |
struct bopm_sockaddr ip; |
331 |
|
|
node_t *p, *p2; |
332 |
|
|
struct scan_struct *ss; |
333 |
|
|
struct scanner_struct *scs; |
334 |
|
|
char *scsmask; |
335 |
|
|
int ret; |
336 |
michael |
5052 |
|
337 |
michael |
5116 |
/* |
338 |
|
|
* Have to use MSGLENMAX here because it is unknown what the max size of |
339 |
|
|
* username/hostname can be. Some ircds use really mad values for |
340 |
|
|
* these. |
341 |
|
|
*/ |
342 |
|
|
static char mask[MSGLENMAX]; |
343 |
|
|
static char ipmask[MSGLENMAX]; |
344 |
michael |
5052 |
|
345 |
michael |
5116 |
/* Check negcache before anything */ |
346 |
|
|
if (OptionsItem->negcache > 0) |
347 |
|
|
{ |
348 |
michael |
5165 |
struct addrinfo hints, *res; |
349 |
|
|
|
350 |
|
|
memset(&hints, 0, sizeof(hints)); |
351 |
|
|
hints.ai_family = AF_INET; |
352 |
|
|
hints.ai_socktype = SOCK_STREAM; |
353 |
|
|
hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST; |
354 |
|
|
|
355 |
|
|
if (getaddrinfo(user[3], NULL, &hints, &res)) |
356 |
michael |
5052 |
{ |
357 |
|
|
log_printf("SCAN -> Invalid IPv4 address '%s'!", user[3]); |
358 |
|
|
return; |
359 |
|
|
} |
360 |
|
|
else |
361 |
|
|
{ |
362 |
michael |
5165 |
memcpy(&ip.sa4.sin_addr, &((struct sockaddr_in *)res->ai_addr)->sin_addr, res->ai_addrlen); |
363 |
|
|
freeaddrinfo(res); |
364 |
|
|
|
365 |
michael |
5116 |
if (check_neg_cache(ip.sa4.sin_addr.s_addr)) |
366 |
michael |
5052 |
{ |
367 |
michael |
5116 |
if (OPT_DEBUG) |
368 |
michael |
5052 |
log_printf("SCAN -> %s!%s@%s (%s) is negatively cached. " |
369 |
|
|
"Skipping all tests.", user[0], user[1], user[2], |
370 |
|
|
user[3]); |
371 |
michael |
5116 |
|
372 |
michael |
5052 |
return; |
373 |
|
|
} |
374 |
|
|
} |
375 |
|
|
} |
376 |
|
|
|
377 |
|
|
/* Generate user mask */ |
378 |
|
|
snprintf(mask, MSGLENMAX, "%s!%s@%s", user[0], user[1], user[2]); |
379 |
|
|
snprintf(ipmask, MSGLENMAX, "%s!%s@%s", user[0], user[1], user[3]); |
380 |
|
|
|
381 |
|
|
/* Check exempt list now that we have a mask */ |
382 |
michael |
5116 |
if (scan_checkexempt(mask, ipmask)) |
383 |
michael |
5052 |
{ |
384 |
michael |
5116 |
if (OPT_DEBUG) |
385 |
michael |
5052 |
log_printf("SCAN -> %s is exempt from scanning", mask); |
386 |
|
|
return; |
387 |
|
|
} |
388 |
|
|
|
389 |
|
|
/* create scan_struct */ |
390 |
|
|
ss = scan_create(user, msg); |
391 |
|
|
|
392 |
|
|
/* Store ss in the remote struct, so that in callbacks we have ss */ |
393 |
|
|
ss->remote->data = ss; |
394 |
|
|
|
395 |
|
|
/* Start checking our DNSBLs */ |
396 |
michael |
5116 |
if (LIST_SIZE(OpmItem->blacklists) > 0) |
397 |
michael |
5052 |
dnsbl_add(ss); |
398 |
|
|
|
399 |
|
|
/* Add ss->remote to all matching scanners */ |
400 |
|
|
LIST_FOREACH(p, SCANNERS->head) |
401 |
|
|
{ |
402 |
michael |
5091 |
scs = p->data; |
403 |
michael |
5052 |
LIST_FOREACH(p2, scs->masks->head) |
404 |
|
|
{ |
405 |
michael |
5091 |
scsmask = p2->data; |
406 |
michael |
5116 |
if (!match(scsmask, mask)) |
407 |
michael |
5052 |
{ |
408 |
michael |
5116 |
if (OPT_DEBUG) |
409 |
michael |
5052 |
log_printf("SCAN -> Passing %s to scanner [%s]", mask, |
410 |
|
|
scs->name); |
411 |
|
|
|
412 |
michael |
5116 |
if ((ret = opm_scan(scs->scanner, ss->remote)) != OPM_SUCCESS) |
413 |
michael |
5052 |
{ |
414 |
michael |
5116 |
switch (ret) |
415 |
michael |
5052 |
{ |
416 |
|
|
case OPM_ERR_NOPROTOCOLS: |
417 |
|
|
continue; |
418 |
|
|
break; |
419 |
|
|
case OPM_ERR_BADADDR: |
420 |
|
|
log_printf("OPM -> Bad address %s [%s].", |
421 |
|
|
(ss->manual_target ? ss->manual_target->name : |
422 |
|
|
"(unknown)"), ss->ip); |
423 |
|
|
break; |
424 |
|
|
default: |
425 |
|
|
log_printf("OPM -> Unknown error %s [%s].", |
426 |
|
|
(ss->manual_target ? ss->manual_target->name : |
427 |
|
|
"(unknown)"), ss->ip); |
428 |
|
|
break; |
429 |
|
|
} |
430 |
|
|
} |
431 |
|
|
else |
432 |
michael |
5116 |
++ss->scans; /* Increase scan count only if OPM_SUCCESS */ |
433 |
michael |
5052 |
|
434 |
michael |
5116 |
break; /* Continue to next scanner */ |
435 |
michael |
5052 |
} |
436 |
|
|
} |
437 |
|
|
} |
438 |
|
|
|
439 |
michael |
5116 |
/* All scanners returned !OPM_SUCCESS and there were no dnsbl checks */ |
440 |
|
|
if (ss->scans == 0) |
441 |
|
|
scan_free(ss); |
442 |
michael |
5052 |
} |
443 |
|
|
|
444 |
|
|
/* scan_create |
445 |
|
|
* |
446 |
michael |
5116 |
* Allocate scan struct, including user information and REMOTE |
447 |
michael |
5052 |
* for LIBOPM. |
448 |
|
|
* |
449 |
|
|
* Parameters: |
450 |
|
|
* user: Parsed items from the connection notice: |
451 |
|
|
* user[0] = connecting users nickname |
452 |
|
|
* user[1] = connecting users username |
453 |
|
|
* user[2] = connecting users hostname |
454 |
|
|
* user[3] = connecting users IP |
455 |
|
|
* msg = Original connect notice (used as PROOF) |
456 |
|
|
* |
457 |
|
|
* Return: Pointer to new scan_struct |
458 |
|
|
* |
459 |
|
|
*/ |
460 |
michael |
5116 |
struct scan_struct * |
461 |
|
|
scan_create(char **user, char *msg) |
462 |
michael |
5052 |
{ |
463 |
michael |
5116 |
struct scan_struct *ss = MyMalloc(sizeof *ss); |
464 |
michael |
5052 |
|
465 |
michael |
5116 |
ss->irc_nick = xstrdup(user[0]); |
466 |
|
|
ss->irc_username = xstrdup(user[1]); |
467 |
|
|
ss->irc_hostname = xstrdup(user[2]); |
468 |
|
|
ss->ip = xstrdup(user[3]); |
469 |
|
|
ss->proof = xstrdup(msg); |
470 |
michael |
5052 |
|
471 |
michael |
5116 |
ss->remote = opm_remote_create(ss->ip); |
472 |
|
|
ss->scans = 0; |
473 |
|
|
ss->positive = 0; |
474 |
|
|
ss->manual_target = NULL; |
475 |
michael |
5052 |
|
476 |
michael |
5116 |
assert(ss->remote); |
477 |
|
|
return ss; |
478 |
michael |
5052 |
} |
479 |
|
|
|
480 |
|
|
/* scan_free |
481 |
|
|
* |
482 |
|
|
* Free a scan_struct. This should only be done if the scan struct has |
483 |
|
|
* no scans left! |
484 |
|
|
* |
485 |
|
|
* Parameters: |
486 |
|
|
* ss: scan_struct to free |
487 |
michael |
5116 |
* |
488 |
michael |
5052 |
* Return: NONE |
489 |
|
|
*/ |
490 |
michael |
5114 |
void |
491 |
|
|
scan_free(struct scan_struct *ss) |
492 |
michael |
5052 |
{ |
493 |
michael |
5114 |
if (ss == NULL) |
494 |
|
|
return; |
495 |
michael |
5052 |
|
496 |
michael |
5114 |
MyFree(ss->irc_nick); |
497 |
|
|
MyFree(ss->irc_username); |
498 |
|
|
MyFree(ss->irc_hostname); |
499 |
|
|
MyFree(ss->ip); |
500 |
|
|
MyFree(ss->proof); |
501 |
michael |
5052 |
|
502 |
michael |
5114 |
opm_remote_free(ss->remote); |
503 |
|
|
MyFree(ss); |
504 |
michael |
5052 |
} |
505 |
|
|
|
506 |
|
|
/* scan_checkfinished |
507 |
|
|
* |
508 |
|
|
* Check if a scan is complete (ss->scans <= 0) |
509 |
|
|
* and free it if need be. |
510 |
|
|
*/ |
511 |
michael |
5114 |
void |
512 |
|
|
scan_checkfinished(struct scan_struct *ss) |
513 |
michael |
5052 |
{ |
514 |
michael |
5116 |
if (ss->scans <= 0) |
515 |
|
|
{ |
516 |
|
|
if (ss->manual_target) |
517 |
|
|
irc_send("PRIVMSG %s :CHECK -> All tests on %s completed.", |
518 |
michael |
5052 |
ss->manual_target->name, ss->ip); |
519 |
michael |
5116 |
else |
520 |
|
|
{ |
521 |
|
|
if (OPT_DEBUG) |
522 |
|
|
/* If there was a manual_target, then irc_nick, etc is NULL. */ |
523 |
|
|
log_printf("SCAN -> All tests on %s!%s@%s complete.", |
524 |
|
|
ss->irc_nick, ss->irc_username, ss->irc_hostname); |
525 |
michael |
5052 |
|
526 |
michael |
5116 |
/* Scan was a negative */ |
527 |
|
|
if (!ss->positive) |
528 |
|
|
scan_negative(ss); |
529 |
|
|
} |
530 |
michael |
5052 |
|
531 |
michael |
5116 |
scan_free(ss); |
532 |
|
|
} |
533 |
michael |
5052 |
} |
534 |
|
|
|
535 |
|
|
/* scan_positive |
536 |
|
|
* |
537 |
|
|
* Remote host (defined by ss) has been found positive by one or more |
538 |
|
|
* tests. |
539 |
|
|
* |
540 |
|
|
* Parameters: |
541 |
michael |
5116 |
* ss: scan_struct containing information regarding positive host |
542 |
michael |
5052 |
* kline: command to send to IRC server to ban the user (see scan_irckline) |
543 |
|
|
* type: string of the type of proxy found to be running on the host |
544 |
|
|
* |
545 |
|
|
* Return: NONE |
546 |
|
|
* |
547 |
|
|
*/ |
548 |
michael |
5114 |
void |
549 |
|
|
scan_positive(struct scan_struct *ss, const char *kline, const char *type) |
550 |
michael |
5052 |
{ |
551 |
michael |
5114 |
node_t *node; |
552 |
michael |
5052 |
|
553 |
michael |
5114 |
/* If already a positive, don't kline/close again */ |
554 |
|
|
if (ss->positive) |
555 |
|
|
return; |
556 |
michael |
5052 |
|
557 |
michael |
5114 |
/* Format KLINE and send to IRC server */ |
558 |
|
|
scan_irckline(ss, kline, type); |
559 |
michael |
5052 |
|
560 |
michael |
5114 |
/* Speed up the cleanup procedure */ |
561 |
|
|
/* Close all scans prematurely */ |
562 |
|
|
LIST_FOREACH(node, SCANNERS->head) |
563 |
|
|
{ |
564 |
|
|
OPM_T *scanner = ((struct scanner_struct *)node->data)->scanner; |
565 |
|
|
opm_end(scanner, ss->remote); |
566 |
|
|
} |
567 |
michael |
5052 |
|
568 |
michael |
5114 |
/* Set it as a positive (to avoid a scan_negative call later on */ |
569 |
|
|
ss->positive = 1; |
570 |
michael |
5052 |
} |
571 |
|
|
|
572 |
|
|
/* scan_open_proxy CALLBACK |
573 |
|
|
* |
574 |
|
|
* Called by libopm when a proxy is verified open. |
575 |
|
|
* |
576 |
|
|
* Parameters: |
577 |
|
|
* scanner: Scanner that found the open proxy. |
578 |
|
|
* remote: Remote struct containing information regarding remote end |
579 |
|
|
* |
580 |
|
|
* Return: NONE |
581 |
|
|
*/ |
582 |
michael |
5114 |
void |
583 |
|
|
scan_open_proxy(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *data) |
584 |
michael |
5052 |
{ |
585 |
michael |
5116 |
struct scan_struct *ss; |
586 |
|
|
struct scanner_struct *scs; |
587 |
michael |
5052 |
|
588 |
michael |
5116 |
/* Record that a scan happened */ |
589 |
|
|
scan_log(remote); |
590 |
michael |
5052 |
|
591 |
michael |
5116 |
scs = data; |
592 |
|
|
ss = remote->data; |
593 |
michael |
5052 |
|
594 |
michael |
5116 |
if (ss->manual_target == NULL) |
595 |
|
|
{ |
596 |
|
|
/* kline and close scan */ |
597 |
|
|
scan_positive(ss, IRCItem->kline, scan_gettype(remote->protocol)); |
598 |
michael |
5052 |
|
599 |
michael |
5116 |
/* Report to blacklist */ |
600 |
|
|
dnsbl_report(ss); |
601 |
michael |
5052 |
|
602 |
michael |
5116 |
irc_send_channels("OPEN PROXY -> %s!%s@%s %s:%d (%s) [%s]", |
603 |
|
|
ss->irc_nick, ss->irc_username, ss->irc_hostname, remote->ip, |
604 |
|
|
remote->port, scan_gettype(remote->protocol), scs->name); |
605 |
|
|
log_printf("SCAN -> OPEN PROXY %s!%s@%s %s:%d (%s) [%s]", |
606 |
|
|
ss->irc_nick, ss->irc_username, ss->irc_hostname, remote->ip, |
607 |
|
|
remote->port, scan_gettype(remote->protocol), scs->name); |
608 |
|
|
} |
609 |
|
|
else |
610 |
|
|
{ |
611 |
|
|
irc_send("PRIVMSG %s :CHECK -> OPEN PROXY %s:%d (%s) [%s]", |
612 |
|
|
ss->manual_target->name, remote->ip, remote->port, |
613 |
|
|
scan_gettype(remote->protocol), scs->name); |
614 |
|
|
log_printf("SCAN -> OPEN PROXY %s:%d (%s) [%s]", remote->ip, |
615 |
|
|
remote->port, scan_gettype(remote->protocol), scs->name); |
616 |
|
|
} |
617 |
michael |
5052 |
|
618 |
michael |
5116 |
/* Record the proxy for stats purposes */ |
619 |
|
|
stats_openproxy(remote->protocol); |
620 |
michael |
5052 |
} |
621 |
|
|
|
622 |
|
|
/* scan_negotiation_failed CALLBACK |
623 |
|
|
* |
624 |
|
|
* Called by libopm when negotiation of a specific protocol failed. |
625 |
|
|
* |
626 |
|
|
* Parameters: |
627 |
|
|
* scanner: Scanner where the negotiation failed. |
628 |
|
|
* remote: Remote struct containing information regarding remote end |
629 |
|
|
* |
630 |
|
|
* Return: NONE |
631 |
|
|
* |
632 |
|
|
*/ |
633 |
michael |
5116 |
void |
634 |
|
|
scan_negotiation_failed(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *data) |
635 |
michael |
5052 |
{ |
636 |
michael |
5116 |
//struct scan_struct *ss; |
637 |
|
|
struct scanner_struct *scs; |
638 |
michael |
5052 |
|
639 |
michael |
5116 |
/* Record that a scan happened */ |
640 |
|
|
scan_log(remote); |
641 |
michael |
5052 |
|
642 |
michael |
5116 |
scs = data; |
643 |
|
|
//ss = remote->data; |
644 |
michael |
5052 |
|
645 |
michael |
5116 |
if (OPT_DEBUG) |
646 |
|
|
log_printf("SCAN -> Negotiation failed %s:%d (%s) [%s] (%d bytes read)", |
647 |
|
|
remote->ip, remote->port, scan_gettype(remote->protocol), |
648 |
|
|
scs->name, remote->bytes_read); |
649 |
michael |
5052 |
/* |
650 |
michael |
5116 |
if (ss->manual_target) |
651 |
|
|
irc_send("PRIVMSG %s :CHECK -> Negotiation failed %s:%d (%s) [%s] " |
652 |
|
|
"(%d bytes read)", ss->manual_target->name, remote->ip, |
653 |
|
|
remote->port, scan_gettype(remote->protocol), scs->name, |
654 |
|
|
remote->bytes_read); |
655 |
michael |
5052 |
*/ |
656 |
|
|
} |
657 |
|
|
|
658 |
|
|
/* scan_timeout CALLBACK |
659 |
|
|
* |
660 |
|
|
* Called by libopm when the negotiation of a specific protocol timed out. |
661 |
|
|
* |
662 |
|
|
* Parameters: |
663 |
|
|
* scanner: Scanner where the connection timed out. |
664 |
|
|
* remote: Remote struct containing information regarding remote end |
665 |
|
|
* |
666 |
|
|
* Return: NONE |
667 |
|
|
* |
668 |
|
|
*/ |
669 |
michael |
5116 |
static void |
670 |
|
|
scan_timeout(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *data) |
671 |
michael |
5052 |
{ |
672 |
michael |
5116 |
//struct scan_struct *ss; |
673 |
|
|
struct scanner_struct *scs; |
674 |
michael |
5052 |
|
675 |
michael |
5116 |
/* Record that a scan happened */ |
676 |
|
|
scan_log(remote); |
677 |
michael |
5052 |
|
678 |
michael |
5116 |
scs = data; |
679 |
|
|
//ss = remote->data; |
680 |
michael |
5052 |
|
681 |
michael |
5116 |
if (OPT_DEBUG) |
682 |
|
|
log_printf("SCAN -> Negotiation timed out %s:%d (%s) [%s] (%d bytes read)", |
683 |
|
|
remote->ip, remote->port, |
684 |
|
|
scan_gettype(remote->protocol), scs->name, |
685 |
|
|
remote->bytes_read); |
686 |
michael |
5052 |
/* |
687 |
michael |
5116 |
if (ss->manual_target) |
688 |
|
|
irc_send("PRIVMSG %s :CHECK -> Negotiation timed out %s:%d (%s) [%s] " |
689 |
|
|
"(%d bytes read)", ss->manual_target->name, remote->ip, |
690 |
|
|
remote->port, scan_gettype(remote->protocol), scs->name, |
691 |
|
|
remote->bytes_read); |
692 |
michael |
5052 |
*/ |
693 |
|
|
} |
694 |
|
|
|
695 |
|
|
/* scan_end CALLBACK |
696 |
|
|
* |
697 |
|
|
* Called by libopm when a specific SCAN has completed (all protocols in |
698 |
|
|
* that scan). |
699 |
|
|
* |
700 |
|
|
* Parameters: |
701 |
|
|
* scanner: Scanner the scan ended on. |
702 |
|
|
* remote: Remote struct containing information regarding remote end |
703 |
|
|
* |
704 |
|
|
* Return: NONE |
705 |
|
|
*/ |
706 |
michael |
5116 |
static void |
707 |
|
|
scan_end(OPM_T *scanner, OPM_REMOTE_T *remote, int notused, void *data) |
708 |
michael |
5052 |
{ |
709 |
michael |
5116 |
struct scan_struct *ss; |
710 |
|
|
struct scanner_struct *scs; |
711 |
michael |
5052 |
|
712 |
michael |
5116 |
scs = data; |
713 |
|
|
ss = remote->data; |
714 |
michael |
5052 |
|
715 |
michael |
5116 |
if (OPT_DEBUG) |
716 |
|
|
log_printf("SCAN -> Scan %s [%s] completed", remote->ip, scs->name); |
717 |
michael |
5052 |
|
718 |
michael |
5116 |
--ss->scans; |
719 |
|
|
scan_checkfinished(ss); |
720 |
michael |
5052 |
} |
721 |
|
|
|
722 |
|
|
/* scan_handle_error CALLBACK |
723 |
|
|
* |
724 |
|
|
* Called by libopm when an error occurs with a specific connection. This |
725 |
|
|
* does not mean the entire scan has ended. |
726 |
|
|
* |
727 |
|
|
* Parameters: |
728 |
|
|
* scanner: Scanner where the error occured. |
729 |
|
|
* remote: Remote struct containing information regarding remote end |
730 |
|
|
* err: OPM_ERROR code describing the error. |
731 |
|
|
* |
732 |
|
|
* Return: NONE |
733 |
|
|
*/ |
734 |
michael |
5116 |
static void |
735 |
|
|
scan_handle_error(OPM_T *scanner, OPM_REMOTE_T *remote, int err, void *data) |
736 |
michael |
5052 |
{ |
737 |
michael |
5116 |
struct scan_struct *ss; |
738 |
|
|
struct scanner_struct *scs; |
739 |
michael |
5052 |
|
740 |
michael |
5116 |
scs = data; |
741 |
|
|
ss = remote->data; |
742 |
michael |
5052 |
|
743 |
michael |
5116 |
switch (err) |
744 |
|
|
{ |
745 |
michael |
5052 |
case OPM_ERR_MAX_READ: |
746 |
michael |
5116 |
if (OPT_DEBUG >= 2) |
747 |
michael |
5052 |
log_printf("SCAN -> Max read on %s:%d (%s) [%s] (%d bytes read)", |
748 |
|
|
remote->ip, remote->port, scan_gettype(remote->protocol), |
749 |
|
|
scs->name, remote->bytes_read); |
750 |
michael |
5114 |
|
751 |
michael |
5116 |
if (ss->manual_target) |
752 |
michael |
5052 |
irc_send("PRIVMSG %s :CHECK -> Negotiation failed %s:%d (%s) " |
753 |
|
|
"[%s] (%d bytes read)", ss->manual_target->name, |
754 |
|
|
remote->ip, remote->port, scan_gettype(remote->protocol), |
755 |
|
|
scs->name, remote->bytes_read); |
756 |
michael |
5116 |
|
757 |
michael |
5052 |
break; |
758 |
|
|
case OPM_ERR_BIND: |
759 |
|
|
log_printf("SCAN -> Bind error on %s:%d (%s) [%s]", remote->ip, |
760 |
|
|
remote->port, scan_gettype(remote->protocol), scs->name); |
761 |
|
|
break; |
762 |
|
|
case OPM_ERR_NOFD: |
763 |
|
|
log_printf("SCAN -> File descriptor allocation error %s:%d (%s) " |
764 |
|
|
"[%s]", remote->ip, remote->port, |
765 |
|
|
scan_gettype(remote->protocol), scs->name); |
766 |
michael |
5114 |
|
767 |
michael |
5116 |
if (ss->manual_target) |
768 |
michael |
5052 |
irc_send("PRIVMSG %s :CHECK -> Scan failed %s:%d (%s) [%s] " |
769 |
|
|
"(file descriptor allocation error)", |
770 |
|
|
ss->manual_target->name, remote->ip, remote->port, |
771 |
|
|
scan_gettype(remote->protocol), scs->name); |
772 |
|
|
break; |
773 |
michael |
5116 |
default: /* Unknown Error! */ |
774 |
|
|
if (OPT_DEBUG) |
775 |
|
|
log_printf("SCAN -> Unknown error %s:%d (%s) [%s]", remote->ip, |
776 |
michael |
5052 |
remote->port, scan_gettype(remote->protocol), scs->name); |
777 |
|
|
break; |
778 |
michael |
5116 |
} |
779 |
michael |
5052 |
} |
780 |
|
|
|
781 |
|
|
/* scan_negative |
782 |
|
|
* |
783 |
|
|
* Remote host (defined by ss) has passed all tests. |
784 |
|
|
* |
785 |
|
|
* Parameters: |
786 |
|
|
* ss: scan_struct containing information regarding negative host. |
787 |
|
|
* |
788 |
|
|
* Return: NONE |
789 |
|
|
* |
790 |
|
|
*/ |
791 |
michael |
5114 |
static void |
792 |
|
|
scan_negative(struct scan_struct *ss) |
793 |
|
|
{ |
794 |
|
|
/* Insert IP in negcache */ |
795 |
|
|
if (OptionsItem->negcache > 0) |
796 |
|
|
{ |
797 |
|
|
if (OPT_DEBUG >= 2) |
798 |
|
|
log_printf("SCAN -> Adding %s to negative cache", ss->ip); |
799 |
michael |
5052 |
|
800 |
michael |
5114 |
negcache_insert(ss->ip); |
801 |
|
|
} |
802 |
michael |
5052 |
} |
803 |
|
|
|
804 |
|
|
/* scan_irckline |
805 |
|
|
* |
806 |
|
|
* ss has been found as a positive host and is to be klined. |
807 |
|
|
* Format a kline message using the kline message provided |
808 |
|
|
* as a format, then pass it to irc_send() to be sent to the remote server. |
809 |
|
|
* |
810 |
|
|
* Parameters: |
811 |
|
|
* ss: scan_struct containing information regarding host to be klined |
812 |
|
|
* format: kline message to format |
813 |
|
|
* type: type of proxy found (%t format character) |
814 |
|
|
* |
815 |
|
|
* Return: NONE |
816 |
|
|
* |
817 |
|
|
*/ |
818 |
michael |
5114 |
static void |
819 |
|
|
scan_irckline(struct scan_struct *ss, const char *format, const char *type) |
820 |
michael |
5052 |
{ |
821 |
michael |
5114 |
char message[MSGLENMAX]; /* OUTPUT */ |
822 |
michael |
5052 |
|
823 |
michael |
5114 |
unsigned int pos = 0; /* position in format */ |
824 |
|
|
unsigned int len = 0; /* position in message */ |
825 |
|
|
unsigned int size = 0; /* temporary size buffer */ |
826 |
|
|
unsigned int i; |
827 |
|
|
struct kline_format_assoc table[] = |
828 |
|
|
{ |
829 |
|
|
{'i', NULL, FORMATTYPE_STRING }, |
830 |
|
|
{'h', NULL, FORMATTYPE_STRING }, |
831 |
|
|
{'u', NULL, FORMATTYPE_STRING }, |
832 |
|
|
{'n', NULL, FORMATTYPE_STRING }, |
833 |
|
|
{'t', NULL, FORMATTYPE_STRING } |
834 |
|
|
}; |
835 |
michael |
5052 |
|
836 |
michael |
5114 |
table[0].data = ss->ip; |
837 |
|
|
table[1].data = ss->irc_hostname; |
838 |
|
|
table[2].data = ss->irc_username; |
839 |
|
|
table[3].data = ss->irc_nick; |
840 |
|
|
table[4].data = type; |
841 |
michael |
5052 |
|
842 |
michael |
5114 |
/* |
843 |
|
|
* Copy format to message character by character, inserting any matching |
844 |
|
|
* data after %. |
845 |
|
|
*/ |
846 |
|
|
while (format[pos] != '\0' && len < (MSGLENMAX - 2)) |
847 |
|
|
{ |
848 |
|
|
switch (format[pos]) |
849 |
|
|
{ |
850 |
michael |
5052 |
|
851 |
|
|
case '%': |
852 |
|
|
/* % is the last char in the string, move on */ |
853 |
|
|
if(format[pos + 1] == '\0') |
854 |
|
|
continue; |
855 |
|
|
|
856 |
|
|
/* %% escapes % and becomes % */ |
857 |
|
|
if(format[pos + 1] == '%') |
858 |
|
|
{ |
859 |
|
|
message[len++] = '%'; |
860 |
|
|
pos++; /* skip past the escaped % */ |
861 |
|
|
break; |
862 |
|
|
} |
863 |
|
|
|
864 |
|
|
/* Safe to check against table now */ |
865 |
|
|
for(i = 0; i < (sizeof(table) / sizeof(struct kline_format_assoc)); i++) |
866 |
|
|
{ |
867 |
|
|
if(table[i].key == format[pos + 1]) |
868 |
|
|
{ |
869 |
|
|
switch(table[i].type) |
870 |
|
|
{ |
871 |
|
|
case FORMATTYPE_STRING: |
872 |
|
|
|
873 |
michael |
5072 |
size = strlen(table[i].data); |
874 |
michael |
5052 |
|
875 |
|
|
/* Check if the new string can fit! */ |
876 |
|
|
if( (size + len) > (MSGLENMAX - 1) ) |
877 |
|
|
break; |
878 |
|
|
else |
879 |
|
|
{ |
880 |
michael |
5098 |
strlcat(message, table[i].data, sizeof(message)); |
881 |
michael |
5052 |
len += size; |
882 |
|
|
} |
883 |
|
|
|
884 |
|
|
default: |
885 |
|
|
break; |
886 |
|
|
} |
887 |
|
|
} |
888 |
|
|
} |
889 |
|
|
/* Skip key character */ |
890 |
|
|
pos++; |
891 |
|
|
break; |
892 |
|
|
|
893 |
|
|
default: |
894 |
|
|
message[len++] = format[pos]; |
895 |
|
|
message[len] = '\0'; |
896 |
|
|
break; |
897 |
|
|
} |
898 |
|
|
/* continue to next character in format */ |
899 |
|
|
pos++; |
900 |
michael |
5114 |
} |
901 |
|
|
|
902 |
|
|
irc_send("%s", message); |
903 |
michael |
5052 |
} |
904 |
|
|
|
905 |
|
|
/* scan_manual |
906 |
|
|
* |
907 |
|
|
* Create a manual scan. A manual scan is a scan where the |
908 |
|
|
* scan_struct contains a manual_target pointer. |
909 |
|
|
*/ |
910 |
michael |
5114 |
void |
911 |
|
|
scan_manual(char *param, struct ChannelConf *target) |
912 |
michael |
5052 |
{ |
913 |
michael |
5114 |
struct in_addr *addr; |
914 |
|
|
struct scan_struct *ss; |
915 |
|
|
struct scanner_struct *scs; |
916 |
|
|
char *ip; |
917 |
|
|
char *scannername; |
918 |
|
|
node_t *p; |
919 |
|
|
int ret; |
920 |
michael |
5052 |
|
921 |
michael |
5114 |
/* If there were no parameters sent, simply alert the user and return */ |
922 |
|
|
if (param == NULL) |
923 |
|
|
{ |
924 |
|
|
irc_send("PRIVMSG %s :OPM -> Invalid parameters.", target->name); |
925 |
|
|
return; |
926 |
|
|
} |
927 |
michael |
5052 |
|
928 |
michael |
5114 |
/* |
929 |
|
|
* Try to extract a scanner name from param, otherwise we'll be |
930 |
|
|
* adding to all scanners |
931 |
|
|
*/ |
932 |
|
|
ip = param; |
933 |
michael |
5052 |
|
934 |
michael |
5114 |
if ((scannername = strchr(param, ' '))) |
935 |
|
|
{ |
936 |
|
|
*scannername = '\0'; |
937 |
|
|
scannername++; |
938 |
|
|
} |
939 |
michael |
5052 |
|
940 |
michael |
5114 |
/* If IP is a hostname, resolve it using gethostbyname (which will block!) */ |
941 |
|
|
if ((addr = firedns_resolveip4(ip)) == NULL) |
942 |
|
|
{ |
943 |
|
|
irc_send("PRIVMSG %s :CHECK -> Error resolving host '%s': %s", |
944 |
michael |
5052 |
target->name, ip, firedns_strerror(fdns_errno)); |
945 |
michael |
5114 |
return; |
946 |
|
|
} |
947 |
michael |
5052 |
|
948 |
michael |
5114 |
/* IP = the resolved IP now (it was the ip OR hostname before) */ |
949 |
|
|
ip = inet_ntoa(*addr); |
950 |
michael |
5052 |
|
951 |
michael |
5114 |
ss = MyMalloc(sizeof *ss); |
952 |
michael |
5089 |
|
953 |
michael |
5114 |
/* These don't exist in a manual scan */ |
954 |
|
|
ss->irc_nick = NULL; |
955 |
|
|
ss->irc_username = NULL; |
956 |
|
|
ss->irc_hostname = NULL; |
957 |
|
|
ss->proof = NULL; |
958 |
michael |
5052 |
|
959 |
michael |
5114 |
ss->ip = xstrdup(ip); |
960 |
michael |
5052 |
|
961 |
michael |
5114 |
ss->remote = opm_remote_create(ss->ip); |
962 |
|
|
ss->remote->data = ss; |
963 |
|
|
ss->scans = 0; |
964 |
|
|
ss->positive = 0; |
965 |
michael |
5052 |
|
966 |
michael |
5114 |
ss->manual_target = target; |
967 |
michael |
5052 |
|
968 |
michael |
5114 |
assert(ss->remote); |
969 |
michael |
5052 |
|
970 |
michael |
5114 |
if (scannername) |
971 |
|
|
irc_send("PRIVMSG %s :CHECK -> Checking '%s' for open proxies [%s]", |
972 |
|
|
target->name, ip, scannername); |
973 |
|
|
else |
974 |
|
|
irc_send("PRIVMSG %s :CHECK -> Checking '%s' for open proxies on all " |
975 |
|
|
"scanners", target->name, ip); |
976 |
michael |
5052 |
|
977 |
michael |
5114 |
if (LIST_SIZE(OpmItem->blacklists) > 0) |
978 |
|
|
dnsbl_add(ss); |
979 |
michael |
5052 |
|
980 |
|
|
/* Add ss->remote to all scanners */ |
981 |
|
|
LIST_FOREACH(p, SCANNERS->head) |
982 |
|
|
{ |
983 |
michael |
5091 |
scs = p->data; |
984 |
michael |
5052 |
|
985 |
|
|
/* If we have a scannername, only allow that scanner |
986 |
|
|
to be used */ |
987 |
michael |
5114 |
if (scannername) |
988 |
|
|
if (strcasecmp(scannername, scs->name)) |
989 |
michael |
5052 |
continue; |
990 |
|
|
|
991 |
michael |
5114 |
if (OPT_DEBUG) |
992 |
michael |
5052 |
log_printf("SCAN -> Passing %s to scanner [%s] (MANUAL SCAN)", ip, |
993 |
|
|
scs->name); |
994 |
|
|
|
995 |
michael |
5114 |
if ((ret = opm_scan(scs->scanner, ss->remote)) != OPM_SUCCESS) |
996 |
michael |
5052 |
{ |
997 |
michael |
5114 |
switch (ret) |
998 |
michael |
5052 |
{ |
999 |
|
|
case OPM_ERR_NOPROTOCOLS: |
1000 |
|
|
break; |
1001 |
|
|
case OPM_ERR_BADADDR: |
1002 |
|
|
irc_send("PRIVMSG %s :OPM -> Bad address %s [%s]", |
1003 |
|
|
ss->manual_target->name, ss->ip, scs->name); |
1004 |
|
|
break; |
1005 |
|
|
default: |
1006 |
|
|
irc_send("PRIVMSG %s :OPM -> Unknown error %s [%s]", |
1007 |
|
|
ss->manual_target->name, ss->ip, scs->name); |
1008 |
|
|
break; |
1009 |
|
|
} |
1010 |
|
|
} |
1011 |
|
|
else |
1012 |
michael |
5116 |
++ss->scans; /* Increase scan count only if OPM_SUCCESS */ |
1013 |
michael |
5052 |
} |
1014 |
|
|
|
1015 |
michael |
5114 |
/* |
1016 |
|
|
* If all of the scanners gave !OPM_SUCCESS and there were no dnsbl checks, |
1017 |
|
|
* cleanup here |
1018 |
|
|
*/ |
1019 |
|
|
if (ss->scans == 0) |
1020 |
|
|
{ |
1021 |
|
|
if (scannername) |
1022 |
|
|
irc_send("PRIVMSG %s :CHECK -> No such scanner '%s', or '%s' has " |
1023 |
michael |
5052 |
"0 protocols.", ss->manual_target->name, scannername, |
1024 |
|
|
scannername); |
1025 |
|
|
|
1026 |
michael |
5114 |
irc_send("PRIVMSG %s :CHECK -> No scans active on '%s', aborting scan.", |
1027 |
|
|
ss->manual_target->name, ss->ip); |
1028 |
|
|
scan_free(ss); |
1029 |
|
|
} |
1030 |
michael |
5052 |
} |
1031 |
|
|
|
1032 |
|
|
/* scan_checkexempt |
1033 |
|
|
* |
1034 |
|
|
* Check mask against exempt list. |
1035 |
|
|
* |
1036 |
|
|
* Parameters: |
1037 |
|
|
* mask: Mask to check |
1038 |
|
|
* |
1039 |
|
|
* Return: |
1040 |
|
|
* 1 if mask is in list |
1041 |
|
|
* 0 if mask is not in list |
1042 |
|
|
*/ |
1043 |
michael |
5114 |
int |
1044 |
|
|
scan_checkexempt(char *mask, char *ipmask) |
1045 |
michael |
5052 |
{ |
1046 |
michael |
5114 |
node_t *node; |
1047 |
|
|
char *exempt_mask; |
1048 |
michael |
5052 |
|
1049 |
michael |
5114 |
LIST_FOREACH(node, ExemptItem->masks->head) |
1050 |
|
|
{ |
1051 |
|
|
exempt_mask = node->data; |
1052 |
michael |
5052 |
|
1053 |
michael |
5114 |
if (!match(exempt_mask, mask) || !match(exempt_mask, ipmask)) |
1054 |
|
|
return 1; |
1055 |
|
|
} |
1056 |
|
|
|
1057 |
|
|
return 0; |
1058 |
michael |
5052 |
} |
1059 |
|
|
|
1060 |
|
|
/* scan_log |
1061 |
|
|
* |
1062 |
|
|
* Log the fact that a given ip/port/protocol has just been scanned, if the |
1063 |
|
|
* user has asked for this to be logged. |
1064 |
|
|
* |
1065 |
|
|
* Parameters: |
1066 |
|
|
* remote: OPM_REMOTE_T for the remote end |
1067 |
|
|
*/ |
1068 |
michael |
5114 |
static void |
1069 |
|
|
scan_log(OPM_REMOTE_T *remote) |
1070 |
michael |
5052 |
{ |
1071 |
michael |
5114 |
char buf_present[25]; |
1072 |
|
|
time_t present; |
1073 |
|
|
struct tm *tm_present; |
1074 |
|
|
struct scan_struct *ss = remote->data; |
1075 |
michael |
5052 |
|
1076 |
michael |
5114 |
if (!(OptionsItem->scanlog && scanlogfile)) |
1077 |
|
|
return; |
1078 |
michael |
5052 |
|
1079 |
michael |
5114 |
time(&present); |
1080 |
|
|
tm_present = gmtime(&present); |
1081 |
|
|
strftime(buf_present, sizeof(buf_present), "%b %d %H:%M:%S %Y", tm_present); |
1082 |
michael |
5052 |
|
1083 |
michael |
5114 |
fprintf(scanlogfile, "[%s] %s:%d (%s) \"%s\"\n", buf_present, remote->ip, |
1084 |
|
|
remote->port, scan_gettype(remote->protocol), ss->proof); |
1085 |
|
|
fflush(scanlogfile); |
1086 |
michael |
5052 |
} |