ircd-hybrid-8/contrib/m_spoof.c

/*
 *  ircd-hybrid: an advanced Internet Relay Chat Daemon(ircd).
 *  m_spoof.c: Supports dynamic auth{} creation/deletion.
 *
 *  Copyright (C) 2002 by the past and present ircd coders, and others.
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
 *  USA
 *
 *  $Id$
 */

/* MODULE CONFIGURATION FOLLOWS -- please read!! */

/*
 * change to #define if you want to propagate received SPOOF/DELSPOOF messages
 * to other servers. This allows you create subnets inside which spoofs are
 * propagated. By manipulating PROPAGATE_SPOOF and RECEIVE_SPOOF, you can
 * prepare boundary hubs of such subnets.
 *
 * I realize a shared{} could be better, but I don't want to touch core code.
 *
 * If you decide to enable this, remember to load m_spoof on all servers
 * I am connected to, or you'll get plenty of "Unknown command" errors...
 */
#undef PROPAGATE_SPOOF

/*
 * this server is allowed to receive spoofs/delspoofs from other servers.
 * Use in conjunction with PROPAGATE_SPOOF (on target servers).
 */
#undef RECEIVE_SPOOF

/* where to put dynamic auth's -- this must be included from ircd.conf!
 * Ideally put .include "spoof.conf" before all other auths.
 * #undef if you want only a propagating hub server, not storing any data */
#define SPOOF_FILE "etc/spoof.conf"

/* disable if you don't want opers notices/logs */
#define LOG_SPOOF


/* END OF MODULE CONFIGURATION */

/* Usage: SPOOF <umask@hmask> <free.form.spoof|-> [flags|- [password]]
 *            -- Appends an auth{} block. Flags consist of characters:
 *            t (no_tilde), i (need_ident), k (kline_exempt),
 *            g (gline_exempt), l (exceed_limit), o (class = "opers"),
 *            f (can_flood), p (need_password), everything other is ignored.
 *        DELSPOOF <umask@hmask>
 *            -- Removes an auth{} block of exact umask@hmask, if found
 *
 * These commands are restricted to admins, so make sure your oper{} block
 * has admin = yes or so.
 */

#if !defined(PROPAGATE_SPOOF) && !defined(SPOOF_FILE)
#error You disabled both SPOOF_FILE and PROPAGATE_SPOOF, what do you expect me to do?
#endif

/* List of ircd includes from ../include/ */
#include "stdinc.h"
#include "list.h"
#include "client.h"
#include "hash.h"
#include "hostmask.h"
#include "ircd.h"
#include "irc_string.h"
#include "sprintf_irc.h"
#include "numeric.h"
#include "fdlist.h"
#include "s_bsd.h"
#include "s_conf.h"
#include "s_log.h"
#include "s_serv.h"
#include "send.h"
#include "parse.h"
#include "modules.h"


#ifdef SPOOF_FILE
static void
try_flag(FBFILE *f, int *flags, int flag, const char *string)
{
  if ((*flags & flag))
  {
    fbputs(string, f, strlen(string));

    *flags &= ~flag;
    fbputs(*flags ? ", " : ";\n", f, 2);
  }
}
#endif

static void
mo_spoof(struct Client *client_p, struct Client *source_p,
         int parc, char *parv[])
{
  char *host, *spoof, *password;
  const char *tmp = NULL;
  const char *user = NULL;
  const char *flags = NULL;
  int i = 0;
#ifdef SPOOF_FILE
  int class_opers;
  FBFILE *f;
  char buffer[1024];
  struct AddressRec *arec;
#endif

  if (MyConnect(source_p) && !HasUMode(source_p, UMODE_ADMIN))
  {
    sendto_one(source_p, form_str(ERR_NOPRIVS),
               me.name, source_p->name, "SPOOF");
    return;
  }

  /* check the user@host mask */
  if (strchr(parv[1], '!') != NULL)
  {
    syntax:
    if (MyConnect(source_p))
      sendto_one(source_p, ":%s NOTICE %s :Syntax: SPOOF <umask@hmask> "
                 "<spoof/-> [flags/- [password]]", me.name, source_p->name);
    return;
  }

  (void) collapse(parv[1]);

  for (tmp = parv[1]; *tmp; tmp++)
    if (!IsKWildChar(*tmp))
      if (++i >= ConfigFileEntry.min_nonwildcard)
        break;
  if (i < ConfigFileEntry.min_nonwildcard)
  {
    if (MyConnect(source_p))
      sendto_one(source_p, ":%s NOTICE %s :Not enough non-wildcard characters "
                           "in user@host mask",
                           me.name, source_p->name);
    return;
  }

  host = strchr(parv[1], '@');
  if (host)
  {
    user = parv[1];
    *host = '\0';
    host++;
  }
  else
  {
    user = "*";
    host = parv[1];
  }

  /* check the spoof field */
  spoof = parv[2];
  if (spoof == NULL || !*spoof)
    goto syntax;

  if (spoof[0] != '-' || spoof[1] != '\0')
  {
    for (tmp = spoof; *tmp; tmp++)
      if (!IsHostChar(*tmp)) {
        if (MyConnect(source_p))
          sendto_one(source_p, ":%s NOTICE %s :The spoof [%s] is invalid",
                     me.name, source_p->name, spoof);
        return;
      }
    if (strlen(spoof) >= HOSTLEN) {
      if (MyConnect(source_p))
        sendto_one(source_p, ":%s NOTICE %s :Spoofs must be less than %d.."
                             "ignoring it", me.name, source_p->name, HOSTLEN);
      return;
    }
  }

  flags = (parc > 3) ? parv[3] : "-";
  password = (parc > 4 && parv[4][0]) ? parv[4] : NULL;

#ifdef PROPAGATE_SPOOF
  sendto_server(client_p, NULL, NOCAPS, NOCAPS,
                ":%s SPOOF %s@%s %s %s :%s",
                source_p->name, user, host, spoof, flags, password ? password : "");
#endif

#ifdef SPOOF_FILE
  /* Walk through auth {} items and check if we have another auth block
   * for this hostname */
  for (i = 0; i < ATABLE_SIZE; i++)
    for (arec = atable[i]; arec; arec = arec->next)
      if (arec->type == CONF_CLIENT && !irccmp(arec->aconf->host, host) &&
        !irccmp(arec->aconf->user, user))
      {
        /* auth entry already exists */
        if (MyConnect(source_p))
          sendto_one(source_p,
                     ":%s NOTICE %s :auth for %s@%s already exists, you need "
                     "to use /DELSPOOF first", me.name, source_p->name, user, host);
#ifdef LOG_SPOOF
        sendto_realops_flags(UMODE_ALL, L_ALL,
                             "%s attemped to re-add auth for %s@%s "
                             "[spoof: %s, flags: %s]", source_p->name, user, host,
                             spoof, flags);
#endif
        return;
      }

  /* Add the spoof to the the spoof file */
  if ((f = fbopen(SPOOF_FILE, "a")) == NULL)
  {
    sendto_realops_flags(UMODE_ALL, L_ALL,
                         "Could not open %s file, auth for %s@%s "
                         "[spoof: %s, flags: %s, requested by %s] not added",
                         SPOOF_FILE, user, host, spoof, flags, source_p->name);
    return;
  }

  /* write the auth {} block */
  fbputs("auth {\n", f, 7);
  i = ircsprintf(buffer, "\tuser = \"%s@%s\";\n", user, host);
  fbputs(buffer, f, i);
  if (spoof[0] != '-' || spoof[1] != '\0')
  {
    i = ircsprintf(buffer, "\tspoof = \"%s\";\n", spoof);
    fbputs(buffer, f, i);
  }
  if (password)
  {
    i = ircsprintf(buffer, "\tpassword = \"%s\";\n", password);
    fbputs(buffer, f, i);
  }

  /* process given flags */
  i = class_opers = 0;
  for (tmp = flags; *tmp; ++tmp)
    switch (*tmp)
    {
      case 't': i |= CONF_FLAGS_NO_TILDE;      /* no_tilde = yes; */
                break;
      case 'i': i |= CONF_FLAGS_NEED_IDENTD;   /* need_ident = yes; */
                break;
      case 'k': i |= CONF_FLAGS_EXEMPTKLINE;   /* kline_exempt = yes; */
                break;
      case 'g': i |= CONF_FLAGS_EXEMPTGLINE;   /* gline_exempt = yes; */
                break;
      case 'l': i |= CONF_FLAGS_NOLIMIT;       /* exceed_limit = yes; */
                break;
      case 'o': class_opers = 1;               /* class = "opers"; */
                break;
      case 'f': i |= CONF_FLAGS_CAN_FLOOD;     /* can_flood = yes; */
                break;
      case 'p': i|= CONF_FLAGS_NEED_PASSWORD;  /* need_password = yes; */
    }

  if (i)
  {
    fbputs("\tflags = ", f, 9);
    try_flag(f, &i, CONF_FLAGS_NO_TILDE, "no_tilde");
    try_flag(f, &i, CONF_FLAGS_NEED_IDENTD, "need_ident");
    try_flag(f, &i, CONF_FLAGS_EXEMPTKLINE, "kline_exempt");
    try_flag(f, &i, CONF_FLAGS_EXEMPTGLINE, "gline_exempt");
    try_flag(f, &i, CONF_FLAGS_NOLIMIT, "exceed_limit");
    try_flag(f, &i, CONF_FLAGS_CAN_FLOOD, "can_flood");
    try_flag(f, &i, CONF_FLAGS_NEED_PASSWORD, "need_password");
  }

  if (class_opers)
    fbputs("\tclass = \"opers\";\n", f, 18);
  else
    fbputs("\tclass = \"users\";\n", f, 18);

  fbputs("};\n\n", f, 4);
  fbclose(f);

  rehash(0);
#endif

#ifdef LOG_SPOOF
  sendto_realops_flags(UMODE_ALL, L_ALL,
                       "%s added auth for %s@%s [spoof: %s, flags: %s]",
                       source_p->name, user, host, spoof, flags);
  ilog(LOG_TYPE_IRCD, "%s added auth for %s@%s [spoof: %s, flags: %s]",
                source_p->name, user, host, spoof, flags);
#endif
}

/* Now, our job is a bit harder. I will scan through the SPOOF_FILE
 * and read all auths{} (assuming they are written in our line formatting..),
 * then rewrite them skipping the one to delete. --adx */
static void
mo_delspoof(struct Client *client_p, struct Client *source_p,
            int parc, char *parv[])
{
#ifdef SPOOF_FILE
  FBFILE *f, *fout;
  int ignore_it = 1, spoof_found = 0;
  char buffer[1024], *tmp;
#endif
  const char *user = NULL;
  char *host = NULL;

  if (MyConnect(source_p) && !HasUMode(source_p, UMODE_ADMIN))
  {
    sendto_one(source_p, form_str(ERR_NOPRIVS), me.name, parv[0], "DELSPOOF");
    return;
  }

  if (parv[1] == NULL || !*parv[1])
  {
    if (MyConnect(source_p))
      sendto_one(source_p, ":%s NOTICE %s :Syntax: /DELSPOOF <user@host>",
                           me.name, source_p->name);
    return;
  }

  /* check user@host mask */
  (void) collapse(parv[1]);

  host = strchr(parv[1], '@');
  if (host != NULL)
  {
    user = parv[1];
    *host = '\0';
    host++;
  }
  else
  {
    user = "*";
    host = parv[1];
  }

#ifdef PROPAGATE_SPOOF
  sendto_server(client_p, NULL, NOCAPS, NOCAPS,
                ":%s DELSPOOF %s@%s", source_p->name, user, host);
#endif

#ifdef SPOOF_FILE
  if ((f = fbopen(SPOOF_FILE, "r")) == NULL)
  {
    sendto_realops_flags(UMODE_ALL, L_ALL,
                         "Could not open %s file, auth for %s@%s not deleted "
                         "(requested by %s)",
                         SPOOF_FILE, user, host, source_p->name);
    return;
  }

  if ((fout = fbopen(SPOOF_FILE ".new", "w")) == NULL)
  {
    sendto_realops_flags(UMODE_ALL, L_ALL,
                         "Could not create %s.new file, auth for %s@%s not "
                         "deleted (requested by %s)",
                         SPOOF_FILE, user, host, source_p->name);
    return;
  }

  while (fbgets(buffer, 1024, f))
  {
    if (!ircncmp(buffer, "auth {", 6))
    {
      /* don't process it yet.. we have to check whether the user="..."; field
       * matches the user@host mask which is being deleted
       */
      ignore_it = 1;
      continue;
    }

    /* a simple parser substitute... */
    for (tmp = buffer; *tmp == '\t' || *tmp == ' '; tmp++)
      ;
    if (!ircncmp(tmp, "user", 4))
    {
      for (tmp += 4; *tmp == '\t' || *tmp == ' '; tmp++)
        ;
      if (*tmp == '=') {
        for (++tmp; *tmp == '\t' || *tmp == ' '; tmp++)
          ;
        if (*tmp == '\"')
        {
          /* yuppi, we've just reached the user="..."; field */
          int matches;
          char *tmp2 = strchr(++tmp, '\"');

          if (tmp2 != NULL)
            *tmp2 = '\0';
          tmp2 = strchr(tmp, '@');

          /* is it matching our mask? */
          if (tmp2 == NULL)
            matches = !irccmp(user, "*") && !irccmp(host, tmp);
          else
          {
            *tmp2++ = '\0';
            matches = !irccmp(user, tmp) && !irccmp(host, tmp2);
          }

          if (!matches)
          {
            /* no.. so leave it unchanged */
            if (ignore_it)
            {
              ignore_it = 0;
              fbputs("auth {\n", fout, 7);
              /* user="..." should be the first field in the auth {}; block,
               * otherwise we could have problems...
               */
            }

            fbputs("\tuser = \"", fout, 9);
            if (tmp2 == NULL)
              fbputs("*", fout, 1);
            else
              fbputs(tmp, fout, strlen(tmp));
            fbputs("@", fout, 1);
            fbputs(tmp2, fout, strlen(tmp2));
            fbputs("\";\n", fout, 3);
          }
          else
          {
            /* we've got it! - omit and continue working */
            spoof_found = 1;
          }

          continue;
        }
      }
    }

    if (!ignore_it)
      fbputs(buffer, fout, strlen(buffer));
  }

  fbclose(f);
  fbclose(fout);

  if (!spoof_found)
  {
    if (MyConnect(source_p))
      sendto_one(source_p, ":%s NOTICE %s :No auth for %s@%s found",
                 me.name, source_p->name, user, host);
    unlink(SPOOF_FILE ".new");
    return;
  }

  unlink(SPOOF_FILE);
  rename(SPOOF_FILE ".new", SPOOF_FILE);
  rehash(0);
#endif

#ifdef LOG_SPOOF
  sendto_realops_flags(UMODE_ALL, L_ALL, "%s deleted auth for %s@%s",
                       source_p->name, user, host);
#endif
}

static struct Message spoof_msgtab = {
  "SPOOF", 0, 0, 3, MAXPARA, MFLG_SLOW, 0,
#ifdef RECEIVE_SPOOF
  {m_unregistered, m_not_oper, mo_spoof, m_ignore, mo_spoof, m_ignore}
#else
  {m_unregistered, m_not_oper, m_ignore, m_ignore, mo_spoof, m_ignore}
#endif
};

static struct Message delspoof_msgtab = {
  "DELSPOOF", 0, 0, 1, MAXPARA, MFLG_SLOW, 0,
#ifdef RECEIVE_SPOOF
  {m_unregistered, m_not_oper, mo_delspoof, m_ignore, mo_delspoof, m_ignore}
#else
  {m_unregistered, m_not_oper, m_ignore, m_ignore, mo_delspoof, m_ignore}
#endif
};

static void
module_init(void)
{
  mod_add_cmd(&spoof_msgtab);
  mod_add_cmd(&delspoof_msgtab);
}

static void
module_exit(void)
{
  mod_del_cmd(&delspoof_msgtab);
  mod_del_cmd(&spoof_msgtab);
}

struct module module_entry = {
  .node    = { NULL, NULL, NULL },
  .name    = NULL,
  .version = "$Revision$",
  .handle  = NULL,
  .modinit = module_init,
  .modexit = module_exit,
  .flags   = 0
};
Revision:	1268
Committed:	Wed Jan 18 08:20:31 2012 UTC (12 years, 3 months ago) by michael
Content type:	text/x-csrc
File size:	14505 byte(s)
Log Message:	- get contributed modules to work with new module api
#	Content
1	/*
2	* ircd-hybrid: an advanced Internet Relay Chat Daemon(ircd).
3	* m_spoof.c: Supports dynamic auth{} creation/deletion.
4	*
5	* Copyright (C) 2002 by the past and present ircd coders, and others.
6	*
7	* This program is free software; you can redistribute it and/or modify
8	* it under the terms of the GNU General Public License as published by
9	* the Free Software Foundation; either version 2 of the License, or
10	* (at your option) any later version.
11	*
12	* This program is distributed in the hope that it will be useful,
13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15	* GNU General Public License for more details.
16	*
17	* You should have received a copy of the GNU General Public License
18	* along with this program; if not, write to the Free Software
19	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
20	* USA
21	*
22	* $Id$
23	*/
24
25	/* MODULE CONFIGURATION FOLLOWS -- please read!! */
26
27	/*
28	* change to #define if you want to propagate received SPOOF/DELSPOOF messages
29	* to other servers. This allows you create subnets inside which spoofs are
30	* propagated. By manipulating PROPAGATE_SPOOF and RECEIVE_SPOOF, you can
31	* prepare boundary hubs of such subnets.
32	*
33	* I realize a shared{} could be better, but I don't want to touch core code.
34	*
35	* If you decide to enable this, remember to load m_spoof on all servers
36	* I am connected to, or you'll get plenty of "Unknown command" errors...
37	*/
38	#undef PROPAGATE_SPOOF
39
40	/*
41	* this server is allowed to receive spoofs/delspoofs from other servers.
42	* Use in conjunction with PROPAGATE_SPOOF (on target servers).
43	*/
44	#undef RECEIVE_SPOOF
45
46	/* where to put dynamic auth's -- this must be included from ircd.conf!
47	* Ideally put .include "spoof.conf" before all other auths.
48	* #undef if you want only a propagating hub server, not storing any data */
49	#define SPOOF_FILE "etc/spoof.conf"
50
51	/* disable if you don't want opers notices/logs */
52	#define LOG_SPOOF
53
54
55	/* END OF MODULE CONFIGURATION */
56
57	/* Usage: SPOOF <umask@hmask> <free.form.spoof\|-> [flags\|- [password]]
58	* -- Appends an auth{} block. Flags consist of characters:
59	* t (no_tilde), i (need_ident), k (kline_exempt),
60	* g (gline_exempt), l (exceed_limit), o (class = "opers"),
61	* f (can_flood), p (need_password), everything other is ignored.
62	* DELSPOOF <umask@hmask>
63	* -- Removes an auth{} block of exact umask@hmask, if found
64	*
65	* These commands are restricted to admins, so make sure your oper{} block
66	* has admin = yes or so.
67	*/
68
69	#if !defined(PROPAGATE_SPOOF) && !defined(SPOOF_FILE)
70	#error You disabled both SPOOF_FILE and PROPAGATE_SPOOF, what do you expect me to do?
71	#endif
72
73	/* List of ircd includes from ../include/ */
74	#include "stdinc.h"
75	#include "list.h"
76	#include "client.h"
77	#include "hash.h"
78	#include "hostmask.h"
79	#include "ircd.h"
80	#include "irc_string.h"
81	#include "sprintf_irc.h"
82	#include "numeric.h"
83	#include "fdlist.h"
84	#include "s_bsd.h"
85	#include "s_conf.h"
86	#include "s_log.h"
87	#include "s_serv.h"
88	#include "send.h"
89	#include "parse.h"
90	#include "modules.h"
91
92
93	#ifdef SPOOF_FILE
94	static void
95	try_flag(FBFILE f, int flags, int flag, const char *string)
96	{
97	if ((*flags & flag))
98	{
99	fbputs(string, f, strlen(string));
100
101	*flags &= ~flag;
102	fbputs(*flags ? ", " : ";\n", f, 2);
103	}
104	}
105	#endif
106
107	static void
108	mo_spoof(struct Client client_p, struct Client source_p,
109	int parc, char *parv[])
110	{
111	char host, spoof, *password;
112	const char *tmp = NULL;
113	const char *user = NULL;
114	const char *flags = NULL;
115	int i = 0;
116	#ifdef SPOOF_FILE
117	int class_opers;
118	FBFILE *f;
119	char buffer[1024];
120	struct AddressRec *arec;
121	#endif
122
123	if (MyConnect(source_p) && !HasUMode(source_p, UMODE_ADMIN))
124	{
125	sendto_one(source_p, form_str(ERR_NOPRIVS),
126	me.name, source_p->name, "SPOOF");
127	return;
128	}
129
130	/* check the user@host mask */
131	if (strchr(parv[1], '!') != NULL)
132	{
133	syntax:
134	if (MyConnect(source_p))
135	sendto_one(source_p, ":%s NOTICE %s :Syntax: SPOOF <umask@hmask> "
136	"<spoof/-> [flags/- [password]]", me.name, source_p->name);
137	return;
138	}
139
140	(void) collapse(parv[1]);
141
142	for (tmp = parv[1]; *tmp; tmp++)
143	if (!IsKWildChar(*tmp))
144	if (++i >= ConfigFileEntry.min_nonwildcard)
145	break;
146	if (i < ConfigFileEntry.min_nonwildcard)
147	{
148	if (MyConnect(source_p))
149	sendto_one(source_p, ":%s NOTICE %s :Not enough non-wildcard characters "
150	"in user@host mask",
151	me.name, source_p->name);
152	return;
153	}
154
155	host = strchr(parv[1], '@');
156	if (host)
157	{
158	user = parv[1];
159	*host = '\0';
160	host++;
161	}
162	else
163	{
164	user = "*";
165	host = parv[1];
166	}
167
168	/* check the spoof field */
169	spoof = parv[2];
170	if (spoof == NULL \|\| !*spoof)
171	goto syntax;
172
173	if (spoof[0] != '-' \|\| spoof[1] != '\0')
174	{
175	for (tmp = spoof; *tmp; tmp++)
176	if (!IsHostChar(*tmp)) {
177	if (MyConnect(source_p))
178	sendto_one(source_p, ":%s NOTICE %s :The spoof [%s] is invalid",
179	me.name, source_p->name, spoof);
180	return;
181	}
182	if (strlen(spoof) >= HOSTLEN) {
183	if (MyConnect(source_p))
184	sendto_one(source_p, ":%s NOTICE %s :Spoofs must be less than %d.."
185	"ignoring it", me.name, source_p->name, HOSTLEN);
186	return;
187	}
188	}
189
190	flags = (parc > 3) ? parv[3] : "-";
191	password = (parc > 4 && parv[4][0]) ? parv[4] : NULL;
192
193	#ifdef PROPAGATE_SPOOF
194	sendto_server(client_p, NULL, NOCAPS, NOCAPS,
195	":%s SPOOF %s@%s %s %s :%s",
196	source_p->name, user, host, spoof, flags, password ? password : "");
197	#endif
198
199	#ifdef SPOOF_FILE
200	/* Walk through auth {} items and check if we have another auth block
201	* for this hostname */
202	for (i = 0; i < ATABLE_SIZE; i++)
203	for (arec = atable[i]; arec; arec = arec->next)
204	if (arec->type == CONF_CLIENT && !irccmp(arec->aconf->host, host) &&
205	!irccmp(arec->aconf->user, user))
206	{
207	/* auth entry already exists */
208	if (MyConnect(source_p))
209	sendto_one(source_p,
210	":%s NOTICE %s :auth for %s@%s already exists, you need "
211	"to use /DELSPOOF first", me.name, source_p->name, user, host);
212	#ifdef LOG_SPOOF
213	sendto_realops_flags(UMODE_ALL, L_ALL,
214	"%s attemped to re-add auth for %s@%s "
215	"[spoof: %s, flags: %s]", source_p->name, user, host,
216	spoof, flags);
217	#endif
218	return;
219	}
220
221	/* Add the spoof to the the spoof file */
222	if ((f = fbopen(SPOOF_FILE, "a")) == NULL)
223	{
224	sendto_realops_flags(UMODE_ALL, L_ALL,
225	"Could not open %s file, auth for %s@%s "
226	"[spoof: %s, flags: %s, requested by %s] not added",
227	SPOOF_FILE, user, host, spoof, flags, source_p->name);
228	return;
229	}
230
231	/* write the auth {} block */
232	fbputs("auth {\n", f, 7);
233	i = ircsprintf(buffer, "\tuser = \"%s@%s\";\n", user, host);
234	fbputs(buffer, f, i);
235	if (spoof[0] != '-' \|\| spoof[1] != '\0')
236	{
237	i = ircsprintf(buffer, "\tspoof = \"%s\";\n", spoof);
238	fbputs(buffer, f, i);
239	}
240	if (password)
241	{
242	i = ircsprintf(buffer, "\tpassword = \"%s\";\n", password);
243	fbputs(buffer, f, i);
244	}
245
246	/* process given flags */
247	i = class_opers = 0;
248	for (tmp = flags; *tmp; ++tmp)
249	switch (*tmp)
250	{
251	case 't': i \|= CONF_FLAGS_NO_TILDE; /* no_tilde = yes; */
252	break;
253	case 'i': i \|= CONF_FLAGS_NEED_IDENTD; /* need_ident = yes; */
254	break;
255	case 'k': i \|= CONF_FLAGS_EXEMPTKLINE; /* kline_exempt = yes; */
256	break;
257	case 'g': i \|= CONF_FLAGS_EXEMPTGLINE; /* gline_exempt = yes; */
258	break;
259	case 'l': i \|= CONF_FLAGS_NOLIMIT; /* exceed_limit = yes; */
260	break;
261	case 'o': class_opers = 1; /* class = "opers"; */
262	break;
263	case 'f': i \|= CONF_FLAGS_CAN_FLOOD; /* can_flood = yes; */
264	break;
265	case 'p': i\|= CONF_FLAGS_NEED_PASSWORD; /* need_password = yes; */
266	}
267
268	if (i)
269	{
270	fbputs("\tflags = ", f, 9);
271	try_flag(f, &i, CONF_FLAGS_NO_TILDE, "no_tilde");
272	try_flag(f, &i, CONF_FLAGS_NEED_IDENTD, "need_ident");
273	try_flag(f, &i, CONF_FLAGS_EXEMPTKLINE, "kline_exempt");
274	try_flag(f, &i, CONF_FLAGS_EXEMPTGLINE, "gline_exempt");
275	try_flag(f, &i, CONF_FLAGS_NOLIMIT, "exceed_limit");
276	try_flag(f, &i, CONF_FLAGS_CAN_FLOOD, "can_flood");
277	try_flag(f, &i, CONF_FLAGS_NEED_PASSWORD, "need_password");
278	}
279
280	if (class_opers)
281	fbputs("\tclass = \"opers\";\n", f, 18);
282	else
283	fbputs("\tclass = \"users\";\n", f, 18);
284
285	fbputs("};\n\n", f, 4);
286	fbclose(f);
287
288	rehash(0);
289	#endif
290
291	#ifdef LOG_SPOOF
292	sendto_realops_flags(UMODE_ALL, L_ALL,
293	"%s added auth for %s@%s [spoof: %s, flags: %s]",
294	source_p->name, user, host, spoof, flags);
295	ilog(LOG_TYPE_IRCD, "%s added auth for %s@%s [spoof: %s, flags: %s]",
296	source_p->name, user, host, spoof, flags);
297	#endif
298	}
299
300	/* Now, our job is a bit harder. I will scan through the SPOOF_FILE
301	* and read all auths{} (assuming they are written in our line formatting..),
302	* then rewrite them skipping the one to delete. --adx */
303	static void
304	mo_delspoof(struct Client client_p, struct Client source_p,
305	int parc, char *parv[])
306	{
307	#ifdef SPOOF_FILE
308	FBFILE f, fout;
309	int ignore_it = 1, spoof_found = 0;
310	char buffer[1024], *tmp;
311	#endif
312	const char *user = NULL;
313	char *host = NULL;
314
315	if (MyConnect(source_p) && !HasUMode(source_p, UMODE_ADMIN))
316	{
317	sendto_one(source_p, form_str(ERR_NOPRIVS), me.name, parv[0], "DELSPOOF");
318	return;
319	}
320
321	if (parv[1] == NULL \|\| !*parv[1])
322	{
323	if (MyConnect(source_p))
324	sendto_one(source_p, ":%s NOTICE %s :Syntax: /DELSPOOF <user@host>",
325	me.name, source_p->name);
326	return;
327	}
328
329	/* check user@host mask */
330	(void) collapse(parv[1]);
331
332	host = strchr(parv[1], '@');
333	if (host != NULL)
334	{
335	user = parv[1];
336	*host = '\0';
337	host++;
338	}
339	else
340	{
341	user = "*";
342	host = parv[1];
343	}
344
345	#ifdef PROPAGATE_SPOOF
346	sendto_server(client_p, NULL, NOCAPS, NOCAPS,
347	":%s DELSPOOF %s@%s", source_p->name, user, host);
348	#endif
349
350	#ifdef SPOOF_FILE
351	if ((f = fbopen(SPOOF_FILE, "r")) == NULL)
352	{
353	sendto_realops_flags(UMODE_ALL, L_ALL,
354	"Could not open %s file, auth for %s@%s not deleted "
355	"(requested by %s)",
356	SPOOF_FILE, user, host, source_p->name);
357	return;
358	}
359
360	if ((fout = fbopen(SPOOF_FILE ".new", "w")) == NULL)
361	{
362	sendto_realops_flags(UMODE_ALL, L_ALL,
363	"Could not create %s.new file, auth for %s@%s not "
364	"deleted (requested by %s)",
365	SPOOF_FILE, user, host, source_p->name);
366	return;
367	}
368
369	while (fbgets(buffer, 1024, f))
370	{
371	if (!ircncmp(buffer, "auth {", 6))
372	{
373	/* don't process it yet.. we have to check whether the user="..."; field
374	* matches the user@host mask which is being deleted
375	*/
376	ignore_it = 1;
377	continue;
378	}
379
380	/* a simple parser substitute... */
381	for (tmp = buffer; tmp == '\t' \|\| tmp == ' '; tmp++)
382	;
383	if (!ircncmp(tmp, "user", 4))
384	{
385	for (tmp += 4; tmp == '\t' \|\| tmp == ' '; tmp++)
386	;
387	if (*tmp == '=') {
388	for (++tmp; tmp == '\t' \|\| tmp == ' '; tmp++)
389	;
390	if (*tmp == '\"')
391	{
392	/* yuppi, we've just reached the user="..."; field */
393	int matches;
394	char *tmp2 = strchr(++tmp, '\"');
395
396	if (tmp2 != NULL)
397	*tmp2 = '\0';
398	tmp2 = strchr(tmp, '@');
399
400	/* is it matching our mask? */
401	if (tmp2 == NULL)
402	matches = !irccmp(user, "*") && !irccmp(host, tmp);
403	else
404	{
405	*tmp2++ = '\0';
406	matches = !irccmp(user, tmp) && !irccmp(host, tmp2);
407	}
408
409	if (!matches)
410	{
411	/* no.. so leave it unchanged */
412	if (ignore_it)
413	{
414	ignore_it = 0;
415	fbputs("auth {\n", fout, 7);
416	/* user="..." should be the first field in the auth {}; block,
417	* otherwise we could have problems...
418	*/
419	}
420
421	fbputs("\tuser = \"", fout, 9);
422	if (tmp2 == NULL)
423	fbputs("*", fout, 1);
424	else
425	fbputs(tmp, fout, strlen(tmp));
426	fbputs("@", fout, 1);
427	fbputs(tmp2, fout, strlen(tmp2));
428	fbputs("\";\n", fout, 3);
429	}
430	else
431	{
432	/* we've got it! - omit and continue working */
433	spoof_found = 1;
434	}
435
436	continue;
437	}
438	}
439	}
440
441	if (!ignore_it)
442	fbputs(buffer, fout, strlen(buffer));
443	}
444
445	fbclose(f);
446	fbclose(fout);
447
448	if (!spoof_found)
449	{
450	if (MyConnect(source_p))
451	sendto_one(source_p, ":%s NOTICE %s :No auth for %s@%s found",
452	me.name, source_p->name, user, host);
453	unlink(SPOOF_FILE ".new");
454	return;
455	}
456
457	unlink(SPOOF_FILE);
458	rename(SPOOF_FILE ".new", SPOOF_FILE);
459	rehash(0);
460	#endif
461
462	#ifdef LOG_SPOOF
463	sendto_realops_flags(UMODE_ALL, L_ALL, "%s deleted auth for %s@%s",
464	source_p->name, user, host);
465	#endif
466	}
467
468	static struct Message spoof_msgtab = {
469	"SPOOF", 0, 0, 3, MAXPARA, MFLG_SLOW, 0,
470	#ifdef RECEIVE_SPOOF
471	{m_unregistered, m_not_oper, mo_spoof, m_ignore, mo_spoof, m_ignore}
472	#else
473	{m_unregistered, m_not_oper, m_ignore, m_ignore, mo_spoof, m_ignore}
474	#endif
475	};
476
477	static struct Message delspoof_msgtab = {
478	"DELSPOOF", 0, 0, 1, MAXPARA, MFLG_SLOW, 0,
479	#ifdef RECEIVE_SPOOF
480	{m_unregistered, m_not_oper, mo_delspoof, m_ignore, mo_delspoof, m_ignore}
481	#else
482	{m_unregistered, m_not_oper, m_ignore, m_ignore, mo_delspoof, m_ignore}
483	#endif
484	};
485
486	static void
487	module_init(void)
488	{
489	mod_add_cmd(&spoof_msgtab);
490	mod_add_cmd(&delspoof_msgtab);
491	}
492
493	static void
494	module_exit(void)
495	{
496	mod_del_cmd(&delspoof_msgtab);
497	mod_del_cmd(&spoof_msgtab);
498	}
499
500	struct module module_entry = {
501	.node = { NULL, NULL, NULL },
502	.name = NULL,
503	.version = "$Revision$",
504	.handle = NULL,
505	.modinit = module_init,
506	.modexit = module_exit,
507	.flags = 0
508	};