ViewVC Help
View File | Revision Log | Show Annotations | View Changeset | Root Listing
root/svn/ircd-hybrid-7.3/modules/m_whois.c
Revision: 93
Committed: Sat Oct 8 11:24:01 2005 UTC (18 years, 5 months ago) by michael
Content type: text/x-csrc
Original Path: ircd-hybrid-7.2/modules/m_whois.c
File size: 11392 byte(s)
Log Message:
- Fixed bug in m_whois() that would allow users to send a WHOIS to remote
  servers with an empty argument via "WHOIS someserver.org :"

File Contents

# Content
1 /*
2 * ircd-hybrid: an advanced Internet Relay Chat Daemon(ircd).
3 * m_whois.c: Shows who a user is.
4 *
5 * Copyright (C) 2005 by the past and present ircd coders, and others.
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program; if not, write to the Free Software
19 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
20 * USA
21 *
22 * $Id$
23 */
24
25 #include "stdinc.h"
26 #include "fdlist.h"
27 #include "tools.h"
28 #include "common.h"
29 #include "handlers.h"
30 #include "client.h"
31 #include "hash.h"
32 #include "channel.h"
33 #include "channel_mode.h"
34 #include "ircd.h"
35 #include "numeric.h"
36 #include "s_conf.h"
37 #include "s_misc.h"
38 #include "s_serv.h"
39 #include "send.h"
40 #include "list.h"
41 #include "irc_string.h"
42 #include "sprintf_irc.h"
43 #include "msg.h"
44 #include "parse.h"
45 #include "modules.h"
46 #include "hook.h"
47
48 static void do_whois(struct Client *, int, char **);
49 static int single_whois(struct Client *, struct Client *);
50 static void whois_person(struct Client *, struct Client *);
51 static int global_whois(struct Client *, const char *);
52
53 static void m_whois(struct Client *, struct Client *, int, char *[]);
54 static void mo_whois(struct Client *, struct Client *, int, char *[]);
55
56 struct Message whois_msgtab = {
57 "WHOIS", 0, 0, 0, 0, MFLG_SLOW, 0,
58 { m_unregistered, m_whois, mo_whois, m_ignore, mo_whois, m_ignore }
59 };
60
61 #ifndef STATIC_MODULES
62 const char *_version = "$Revision$";
63 static struct Callback *whois_cb;
64
65 static void *
66 va_whois(va_list args)
67 {
68 struct Client *source_p = va_arg(args, struct Client *);
69 int parc = va_arg(args, int);
70 char **parv = va_arg(args, char **);
71
72 do_whois(source_p, parc, parv);
73 return NULL;
74 }
75
76 void
77 _modinit(void)
78 {
79 whois_cb = register_callback("doing_whois", va_whois);
80 mod_add_cmd(&whois_msgtab);
81 }
82
83 void
84 _moddeinit(void)
85 {
86 mod_del_cmd(&whois_msgtab);
87 uninstall_hook(whois_cb, va_whois);
88 }
89 #endif
90
91 /*
92 ** m_whois
93 ** parv[0] = sender prefix
94 ** parv[1] = nickname masklist
95 */
96 static void
97 m_whois(struct Client *client_p, struct Client *source_p,
98 int parc, char *parv[])
99 {
100 static time_t last_used = 0;
101
102 if (parc < 2 || EmptyString(parv[1]))
103 {
104 sendto_one(source_p, form_str(ERR_NONICKNAMEGIVEN),
105 me.name, source_p->name);
106 return;
107 }
108
109 if (parc > 2 && !EmptyString(parv[2]))
110 {
111 /* seeing as this is going across servers, we should limit it */
112 if ((last_used + ConfigFileEntry.pace_wait_simple) > CurrentTime)
113 {
114 sendto_one(source_p, form_str(RPL_LOAD2HI),
115 me.name, source_p->name);
116 return;
117 }
118 else
119 last_used = CurrentTime;
120
121 /* if we have serverhide enabled, they can either ask the clients
122 * server, or our server.. I dont see why they would need to ask
123 * anything else for info about the client.. --fl_
124 */
125 if (ConfigFileEntry.disable_remote)
126 parv[1] = parv[2];
127
128 if (hunt_server(client_p, source_p, ":%s WHOIS %s :%s", 1,
129 parc, parv) != HUNTED_ISME)
130 return;
131
132 parv[1] = parv[2];
133 }
134
135 #ifdef STATIC_MODULES
136 do_whois(source_p, parc, parv);
137 #else
138 execute_callback(whois_cb, source_p, parc, parv);
139 #endif
140 }
141
142 /*
143 ** mo_whois
144 ** parv[0] = sender prefix
145 ** parv[1] = nickname masklist
146 */
147 static void
148 mo_whois(struct Client *client_p, struct Client *source_p,
149 int parc, char *parv[])
150 {
151 if (parc < 2 || EmptyString(parv[1]))
152 {
153 sendto_one(source_p, form_str(ERR_NONICKNAMEGIVEN),
154 me.name, source_p->name);
155 return;
156 }
157
158 if (parc > 2 && !EmptyString(parv[2]))
159 {
160 if (hunt_server(client_p, source_p, ":%s WHOIS %s :%s", 1,
161 parc, parv) != HUNTED_ISME)
162 return;
163
164 parv[1] = parv[2];
165 }
166
167 #ifdef STATIC_MODULES
168 do_whois(source_p, parc, parv);
169 #else
170 execute_callback(whois_cb, source_p, parc, parv);
171 #endif
172 }
173
174 /* do_whois()
175 *
176 * inputs - pointer to /whois source
177 * - number of parameters
178 * - pointer to parameters array
179 * output - pointer to void
180 * side effects - Does whois
181 */
182 static void
183 do_whois(struct Client *source_p, int parc, char **parv)
184 {
185 struct Client *target_p;
186 char *nick;
187 char *p = NULL;
188 int found = 0;
189
190 nick = parv[1];
191 while (*nick == ',')
192 nick++;
193 if ((p = strchr(nick,',')) != NULL)
194 *p = '\0';
195
196 if (*nick == '\0')
197 return;
198
199 collapse(nick);
200
201 if (strpbrk(nick, "?#*") == NULL)
202 {
203 if ((target_p = find_client(nick)) != NULL)
204 {
205 if (IsServer(source_p->from))
206 client_burst_if_needed(source_p->from, target_p);
207
208 if (IsClient(target_p))
209 {
210 whois_person(source_p, target_p);
211 found = 1;
212 }
213 }
214 else if (!ServerInfo.hub && uplink && IsCapable(uplink, CAP_LL))
215 {
216 if (parc > 2)
217 sendto_one(uplink,":%s WHOIS %s :%s",
218 source_p->name, nick, nick);
219 else
220 sendto_one(uplink,":%s WHOIS %s",
221 source_p->name, nick);
222 return;
223 }
224 }
225 else /* wilds is true */
226 {
227 /* disallow wild card whois on lazylink leafs for now */
228 if (!ServerInfo.hub && uplink && IsCapable(uplink, CAP_LL))
229 return;
230
231 /* Oh-oh wilds is true so have to do it the hard expensive way */
232 if (MyClient(source_p))
233 found = global_whois(source_p, nick);
234 }
235
236 if (!found)
237 {
238 if (!IsDigit(*nick))
239 sendto_one(source_p, form_str(ERR_NOSUCHNICK),
240 me.name, source_p->name, nick);
241 }
242
243 sendto_one(source_p, form_str(RPL_ENDOFWHOIS),
244 me.name, source_p->name, parv[1]);
245 }
246
247 /* global_whois()
248 *
249 * Inputs - source_p client to report to
250 * - target_p client to report on
251 * Output - if found return 1
252 * Side Effects - do a single whois on given client
253 * writing results to source_p
254 */
255 static int
256 global_whois(struct Client *source_p, const char *nick)
257 {
258 dlink_node *ptr;
259 struct Client *target_p;
260 int found = 0;
261
262 DLINK_FOREACH(ptr, global_client_list.head)
263 {
264 target_p = ptr->data;
265
266 if (!IsClient(target_p))
267 continue;
268
269 if (!match(nick, target_p->name))
270 continue;
271
272 assert(target_p->servptr != NULL);
273
274 /* 'Rules' established for sending a WHOIS reply:
275 *
276 *
277 * - if wildcards are being used dont send a reply if
278 * the querier isnt any common channels and the
279 * client in question is invisible and wildcards are
280 * in use (allow exact matches only);
281 *
282 * - only send replies about common or public channels
283 * the target user(s) are on;
284 */
285
286 found |= single_whois(source_p, target_p);
287 }
288
289 return (found);
290 }
291
292 /* single_whois()
293 *
294 * Inputs - source_p client to report to
295 * - target_p client to report on
296 * Output - if found return 1
297 * Side Effects - do a single whois on given client
298 * writing results to source_p
299 */
300 static int
301 single_whois(struct Client *source_p, struct Client *target_p)
302 {
303 dlink_node *ptr;
304 struct Channel *chptr;
305
306 if (!IsInvisible(target_p) || target_p == source_p)
307 {
308 /* always show user if they are visible (no +i) */
309 whois_person(source_p, target_p);
310 return 1;
311 }
312
313 /* target_p is +i. Check if it is on any common channels with source_p */
314 DLINK_FOREACH(ptr, target_p->channel.head)
315 {
316 chptr = ((struct Membership *) ptr->data)->chptr;
317 if (IsMember(source_p, chptr))
318 {
319 whois_person(source_p, target_p);
320 return 1;
321 }
322 }
323
324 return 0;
325 }
326
327 /* whois_person()
328 *
329 * inputs - source_p client to report to
330 * - target_p client to report on
331 * output - NONE
332 * side effects -
333 */
334 static void
335 whois_person(struct Client *source_p, struct Client *target_p)
336 {
337 char buf[IRCD_BUFSIZE];
338 dlink_node *lp;
339 struct Client *server_p;
340 struct Channel *chptr;
341 struct Membership *ms;
342 int cur_len = 0;
343 int mlen;
344 char *t = NULL;
345 int tlen;
346 int reply_to_send = NO;
347
348 server_p = target_p->servptr;
349
350 sendto_one(source_p, form_str(RPL_WHOISUSER),
351 me.name, source_p->name, target_p->name,
352 target_p->username, target_p->host, target_p->info);
353
354 cur_len = mlen = ircsprintf(buf, form_str(RPL_WHOISCHANNELS),
355 me.name, source_p->name, target_p->name, "");
356 t = buf + mlen;
357
358 DLINK_FOREACH(lp, target_p->channel.head)
359 {
360 ms = lp->data;
361 chptr = ms->chptr;
362
363 if (ShowChannel(source_p, chptr))
364 {
365 /* Don't show local channels if user is doing a remote whois */
366 if (!MyConnect(source_p) && (chptr->chname[0] == '&'))
367 continue;
368
369 if ((cur_len + 3 + strlen(chptr->chname) + 1) > (IRCD_BUFSIZE - 2))
370 {
371 *(t - 1) = '\0';
372 sendto_one(source_p, "%s", buf);
373 cur_len = mlen;
374 t = buf + mlen;
375 }
376
377 tlen = ircsprintf(t, "%s%s ", get_member_status(ms, YES), chptr->chname);
378 t += tlen;
379 cur_len += tlen;
380 reply_to_send = YES;
381 }
382 }
383
384 if (reply_to_send)
385 {
386 *(t - 1) = '\0';
387 sendto_one(source_p, "%s", buf);
388 }
389
390 if (IsOper(source_p) || !ConfigServerHide.hide_servers || target_p == source_p)
391 sendto_one(source_p, form_str(RPL_WHOISSERVER),
392 me.name, source_p->name, target_p->name,
393 server_p->name, server_p->info);
394 else
395 sendto_one(source_p, form_str(RPL_WHOISSERVER),
396 me.name, source_p->name, target_p->name,
397 ConfigServerHide.hidden_name,
398 ServerInfo.network_desc);
399
400 if (target_p->away != NULL)
401 sendto_one(source_p, form_str(RPL_AWAY),
402 me.name, source_p->name, target_p->name,
403 target_p->away);
404
405 if (IsOper(target_p))
406 sendto_one(source_p, form_str((IsAdmin(target_p) &&
407 !IsOperHiddenAdmin(target_p)) ? RPL_WHOISADMIN :
408 RPL_WHOISOPERATOR), me.name, source_p->name, target_p->name);
409
410 if (IsOper(source_p) && IsCaptured(target_p))
411 sendto_one(source_p, form_str(RPL_ISCAPTURED),
412 me.name, source_p->name, target_p->name);
413
414 if (ConfigFileEntry.use_whois_actually && (target_p->sockhost[0] != '\0') &&
415 !(ConfigFileEntry.hide_spoof_ips && IsIPSpoof(target_p)) &&
416 !(target_p->sockhost[0] == '0' && target_p->sockhost[1] == '\0'))
417 {
418 if (IsAdmin(source_p) || source_p == target_p)
419 sendto_one(source_p, form_str(RPL_WHOISACTUALLY),
420 me.name, source_p->name, target_p->name, target_p->sockhost);
421 else
422 sendto_one(source_p, form_str(RPL_WHOISACTUALLY),
423 me.name, source_p->name, target_p->name,
424 IsIPSpoof(target_p) || IsOper(target_p) ?
425 "255.255.255.255" : target_p->sockhost);
426 }
427
428 if (MyConnect(target_p)) /* Can't do any of this if not local! db */
429 {
430 #ifdef HAVE_LIBCRYPTO
431 if (target_p->localClient->fd.ssl)
432 sendto_one(source_p, form_str(RPL_WHOISSSL),
433 me.name, source_p->name, target_p->name);
434 #endif
435 sendto_one(source_p, form_str(RPL_WHOISIDLE),
436 me.name, source_p->name, target_p->name,
437 CurrentTime - target_p->localClient->last,
438 target_p->firsttime);
439 }
440 }

Properties

Name Value
svn:eol-style native
svn:keywords Id Revision