1 |
/* |
2 |
* ircd-hybrid: an advanced, lightweight Internet Relay Chat Daemon (ircd) |
3 |
* |
4 |
* Copyright (c) 1997-2020 ircd-hybrid development team |
5 |
* |
6 |
* This program is free software; you can redistribute it and/or modify |
7 |
* it under the terms of the GNU General Public License as published by |
8 |
* the Free Software Foundation; either version 2 of the License, or |
9 |
* (at your option) any later version. |
10 |
* |
11 |
* This program is distributed in the hope that it will be useful, |
12 |
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
13 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
14 |
* GNU General Public License for more details. |
15 |
* |
16 |
* You should have received a copy of the GNU General Public License |
17 |
* along with this program; if not, write to the Free Software |
18 |
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 |
19 |
* USA |
20 |
*/ |
21 |
|
22 |
/*! \file conf.c |
23 |
* \brief Configuration file functions. |
24 |
* \version $Id$ |
25 |
*/ |
26 |
|
27 |
#include "stdinc.h" |
28 |
#include "list.h" |
29 |
#include "ircd_defs.h" |
30 |
#include "parse.h" |
31 |
#include "conf.h" |
32 |
#include "conf_cluster.h" |
33 |
#include "conf_gecos.h" |
34 |
#include "conf_pseudo.h" |
35 |
#include "conf_resv.h" |
36 |
#include "conf_service.h" |
37 |
#include "conf_shared.h" |
38 |
#include "server.h" |
39 |
#include "channel.h" |
40 |
#include "client.h" |
41 |
#include "event.h" |
42 |
#include "irc_string.h" |
43 |
#include "s_bsd.h" |
44 |
#include "ircd.h" |
45 |
#include "listener.h" |
46 |
#include "hostmask.h" |
47 |
#include "modules.h" |
48 |
#include "numeric.h" |
49 |
#include "fdlist.h" |
50 |
#include "log.h" |
51 |
#include "send.h" |
52 |
#include "memory.h" |
53 |
#include "res.h" |
54 |
#include "user.h" |
55 |
#include "channel_mode.h" |
56 |
#include "misc.h" |
57 |
#include "conf_db.h" |
58 |
#include "conf_class.h" |
59 |
#include "motd.h" |
60 |
#include "ipcache.h" |
61 |
#include "isupport.h" |
62 |
#include "whowas.h" |
63 |
|
64 |
|
65 |
struct config_channel_entry ConfigChannel; |
66 |
struct config_serverhide_entry ConfigServerHide; |
67 |
struct config_general_entry ConfigGeneral; |
68 |
struct config_log_entry ConfigLog = { .use_logging = 1 }; |
69 |
struct config_serverinfo_entry ConfigServerInfo; |
70 |
struct config_admin_entry ConfigAdminInfo; |
71 |
struct conf_parser_context conf_parser_ctx; |
72 |
|
73 |
/* general conf items link list root, other than k lines etc. */ |
74 |
dlink_list connect_items; |
75 |
dlink_list operator_items; |
76 |
|
77 |
extern unsigned int lineno; |
78 |
extern char linebuf[]; |
79 |
extern char conffilebuf[IRCD_BUFSIZE]; |
80 |
extern int yyparse(); /* defined in y.tab.c */ |
81 |
|
82 |
|
83 |
/* conf_dns_callback() |
84 |
* |
85 |
* inputs - pointer to struct MaskItem |
86 |
* - pointer to DNSReply reply |
87 |
* output - none |
88 |
* side effects - called when resolver query finishes |
89 |
* if the query resulted in a successful search, hp will contain |
90 |
* a non-null pointer, otherwise hp will be null. |
91 |
* if successful save hp in the conf item it was called with |
92 |
*/ |
93 |
static void |
94 |
conf_dns_callback(void *vptr, const struct irc_ssaddr *addr, const char *name, size_t namelength) |
95 |
{ |
96 |
struct MaskItem *const conf = vptr; |
97 |
|
98 |
conf->dns_pending = false; |
99 |
|
100 |
if (addr) |
101 |
memcpy(conf->addr, addr, sizeof(*conf->addr)); |
102 |
else |
103 |
conf->dns_failed = true; |
104 |
} |
105 |
|
106 |
/* conf_dns_lookup() |
107 |
* |
108 |
* do a nameserver lookup of the conf host |
109 |
* if the conf entry is currently doing a ns lookup do nothing, otherwise |
110 |
* allocate a dns_query and start ns lookup. |
111 |
*/ |
112 |
static void |
113 |
conf_dns_lookup(struct MaskItem *conf) |
114 |
{ |
115 |
if (conf->dns_pending == true) |
116 |
return; |
117 |
|
118 |
conf->dns_pending = true; |
119 |
|
120 |
if (conf->aftype == AF_INET) |
121 |
gethost_byname_type(conf_dns_callback, conf, conf->host, T_A); |
122 |
else |
123 |
gethost_byname_type(conf_dns_callback, conf, conf->host, T_AAAA); |
124 |
} |
125 |
|
126 |
/* map_to_list() |
127 |
* |
128 |
* inputs - ConfType conf |
129 |
* output - pointer to dlink_list to use |
130 |
* side effects - none |
131 |
*/ |
132 |
static dlink_list * |
133 |
map_to_list(enum maskitem_type type) |
134 |
{ |
135 |
switch (type) |
136 |
{ |
137 |
case CONF_OPER: |
138 |
return &operator_items; |
139 |
break; |
140 |
case CONF_SERVER: |
141 |
return &connect_items; |
142 |
break; |
143 |
default: |
144 |
return NULL; |
145 |
} |
146 |
} |
147 |
|
148 |
struct MaskItem * |
149 |
conf_make(enum maskitem_type type) |
150 |
{ |
151 |
struct MaskItem *const conf = xcalloc(sizeof(*conf)); |
152 |
dlink_list *list = NULL; |
153 |
|
154 |
conf->type = type; |
155 |
conf->active = true; |
156 |
conf->aftype = AF_INET; |
157 |
|
158 |
if ((list = map_to_list(type))) |
159 |
dlinkAdd(conf, &conf->node, list); |
160 |
return conf; |
161 |
} |
162 |
|
163 |
void |
164 |
conf_free(struct MaskItem *conf) |
165 |
{ |
166 |
dlink_node *node = NULL, *node_next = NULL; |
167 |
dlink_list *list = NULL; |
168 |
|
169 |
if ((list = map_to_list(conf->type))) |
170 |
dlinkFindDelete(list, conf); |
171 |
|
172 |
xfree(conf->name); |
173 |
|
174 |
if (conf->dns_pending == true) |
175 |
delete_resolver_queries(conf); |
176 |
if (conf->passwd) |
177 |
memset(conf->passwd, 0, strlen(conf->passwd)); |
178 |
if (conf->spasswd) |
179 |
memset(conf->spasswd, 0, strlen(conf->spasswd)); |
180 |
|
181 |
conf->class = NULL; |
182 |
|
183 |
xfree(conf->passwd); |
184 |
xfree(conf->spasswd); |
185 |
xfree(conf->reason); |
186 |
xfree(conf->certfp); |
187 |
xfree(conf->whois); |
188 |
xfree(conf->user); |
189 |
xfree(conf->host); |
190 |
xfree(conf->addr); |
191 |
xfree(conf->bind); |
192 |
xfree(conf->cipher_list); |
193 |
|
194 |
DLINK_FOREACH_SAFE(node, node_next, conf->hub_list.head) |
195 |
{ |
196 |
xfree(node->data); |
197 |
dlinkDelete(node, &conf->hub_list); |
198 |
free_dlink_node(node); |
199 |
} |
200 |
|
201 |
DLINK_FOREACH_SAFE(node, node_next, conf->leaf_list.head) |
202 |
{ |
203 |
xfree(node->data); |
204 |
dlinkDelete(node, &conf->leaf_list); |
205 |
free_dlink_node(node); |
206 |
} |
207 |
|
208 |
xfree(conf); |
209 |
} |
210 |
|
211 |
/* attach_iline() |
212 |
* |
213 |
* inputs - client pointer |
214 |
* - conf pointer |
215 |
* output - |
216 |
* side effects - do actual attach |
217 |
*/ |
218 |
static int |
219 |
attach_iline(struct Client *client_p, struct MaskItem *conf) |
220 |
{ |
221 |
const struct ClassItem *const class = conf->class; |
222 |
bool a_limit_reached = false; |
223 |
|
224 |
struct ip_entry *ipcache = ipcache_record_find_or_add(&client_p->ip); |
225 |
++ipcache->count_local; |
226 |
AddFlag(client_p, FLAGS_IPHASH); |
227 |
|
228 |
if (class->max_total && class->ref_count >= class->max_total) |
229 |
a_limit_reached = true; |
230 |
else if (class->max_perip_local && ipcache->count_local > class->max_perip_local) |
231 |
a_limit_reached = true; |
232 |
else if (class->max_perip_global && |
233 |
(ipcache->count_local + ipcache->count_remote) > class->max_perip_global) |
234 |
a_limit_reached = true; |
235 |
|
236 |
if (a_limit_reached == true) |
237 |
{ |
238 |
if (!IsConfExemptLimits(conf)) |
239 |
return TOO_MANY; /* Already at maximum allowed */ |
240 |
|
241 |
sendto_one_notice(client_p, &me, ":*** Your connection class is full, " |
242 |
"but you have exceed_limit = yes;"); |
243 |
} |
244 |
|
245 |
return conf_attach(client_p, conf); |
246 |
} |
247 |
|
248 |
/* verify_access() |
249 |
* |
250 |
* inputs - pointer to client to verify |
251 |
* output - 0 if success -'ve if not |
252 |
* side effect - find the first (best) I line to attach. |
253 |
*/ |
254 |
static int |
255 |
verify_access(struct Client *client_p) |
256 |
{ |
257 |
struct MaskItem *conf; |
258 |
|
259 |
if (HasFlag(client_p, FLAGS_GOTID)) |
260 |
conf = find_address_conf(client_p->host, client_p->username, &client_p->ip, |
261 |
client_p->connection->password); |
262 |
else |
263 |
{ |
264 |
char non_ident[USERLEN + 1] = "~"; |
265 |
|
266 |
strlcpy(non_ident + 1, client_p->username, sizeof(non_ident) - 1); |
267 |
conf = find_address_conf(client_p->host, non_ident, &client_p->ip, |
268 |
client_p->connection->password); |
269 |
} |
270 |
|
271 |
if (conf == NULL) |
272 |
return NOT_AUTHORIZED; |
273 |
|
274 |
assert(IsConfClient(conf) || IsConfKill(conf)); |
275 |
|
276 |
if (IsConfKill(conf)) |
277 |
{ |
278 |
sendto_one_notice(client_p, &me, ":*** Banned: %s", conf->reason); |
279 |
return BANNED_CLIENT; |
280 |
} |
281 |
|
282 |
if (IsConfRedir(conf)) |
283 |
{ |
284 |
sendto_one_numeric(client_p, &me, RPL_REDIR, |
285 |
conf->name ? conf->name : "", |
286 |
conf->port); |
287 |
return NOT_AUTHORIZED; |
288 |
} |
289 |
|
290 |
if (IsConfDoSpoofIp(conf)) |
291 |
{ |
292 |
if (IsConfSpoofNotice(conf)) |
293 |
sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE, "%s spoofing: %s as %s", |
294 |
client_p->name, client_p->host, conf->name); |
295 |
|
296 |
strlcpy(client_p->host, conf->name, sizeof(client_p->host)); |
297 |
} |
298 |
|
299 |
return attach_iline(client_p, conf); |
300 |
} |
301 |
|
302 |
/* check_client() |
303 |
* |
304 |
* inputs - pointer to client |
305 |
* output - 0 = Success |
306 |
* NOT_AUTHORIZED (-1) = Access denied (no I line match) |
307 |
* IRCD_SOCKET_ERROR (-2) = Bad socket. |
308 |
* I_LINE_FULL (-3) = I-line is full |
309 |
* TOO_MANY (-4) = Too many connections from hostname |
310 |
* BANNED_CLIENT (-5) = K-lined |
311 |
* side effects - Ordinary client access check. |
312 |
* Look for conf lines which have the same |
313 |
* status as the flags passed. |
314 |
*/ |
315 |
bool |
316 |
check_client(struct Client *source_p) |
317 |
{ |
318 |
int i; |
319 |
|
320 |
if ((i = verify_access(source_p))) |
321 |
ilog(LOG_TYPE_IRCD, "Access denied: %s[%s]", |
322 |
source_p->name, source_p->sockhost); |
323 |
|
324 |
switch (i) |
325 |
{ |
326 |
case TOO_MANY: |
327 |
sendto_realops_flags(UMODE_FULL, L_ALL, SEND_NOTICE, |
328 |
"Too many on IP for %s (%s).", |
329 |
client_get_name(source_p, SHOW_IP), |
330 |
source_p->sockhost); |
331 |
ilog(LOG_TYPE_IRCD, "Too many connections on IP from %s.", |
332 |
client_get_name(source_p, SHOW_IP)); |
333 |
++ServerStats.is_ref; |
334 |
exit_client(source_p, "No more connections allowed on that IP"); |
335 |
break; |
336 |
|
337 |
case I_LINE_FULL: |
338 |
sendto_realops_flags(UMODE_FULL, L_ALL, SEND_NOTICE, |
339 |
"auth {} block is full for %s (%s).", |
340 |
client_get_name(source_p, SHOW_IP), |
341 |
source_p->sockhost); |
342 |
ilog(LOG_TYPE_IRCD, "Too many connections from %s.", |
343 |
client_get_name(source_p, SHOW_IP)); |
344 |
++ServerStats.is_ref; |
345 |
exit_client(source_p, "No more connections allowed in your connection class"); |
346 |
break; |
347 |
|
348 |
case NOT_AUTHORIZED: |
349 |
/* jdc - lists server name & port connections are on */ |
350 |
/* a purely cosmetical change */ |
351 |
sendto_realops_flags(UMODE_UNAUTH, L_ALL, SEND_NOTICE, |
352 |
"Unauthorized client connection from %s on [%s/%u].", |
353 |
client_get_name(source_p, SHOW_IP), |
354 |
source_p->connection->listener->name, |
355 |
source_p->connection->listener->port); |
356 |
ilog(LOG_TYPE_IRCD, "Unauthorized client connection from %s on [%s/%u].", |
357 |
client_get_name(source_p, SHOW_IP), |
358 |
source_p->connection->listener->name, |
359 |
source_p->connection->listener->port); |
360 |
|
361 |
++ServerStats.is_ref; |
362 |
exit_client(source_p, "You are not authorized to use this server"); |
363 |
break; |
364 |
|
365 |
case BANNED_CLIENT: |
366 |
++ServerStats.is_ref; |
367 |
exit_client(source_p, "Banned"); |
368 |
break; |
369 |
|
370 |
case 0: |
371 |
default: |
372 |
break; |
373 |
} |
374 |
|
375 |
if (i < 0) |
376 |
return false; |
377 |
return true; |
378 |
} |
379 |
|
380 |
/*! \brief Disassociate configuration from the client. Also removes a class |
381 |
* from the list if marked for deleting. |
382 |
* \param client_p Client to operate on |
383 |
* \param type Type of conf to detach |
384 |
*/ |
385 |
void |
386 |
conf_detach(struct Client *client_p, enum maskitem_type type) |
387 |
{ |
388 |
dlink_node *node, *node_next; |
389 |
|
390 |
DLINK_FOREACH_SAFE(node, node_next, client_p->connection->confs.head) |
391 |
{ |
392 |
struct MaskItem *conf = node->data; |
393 |
|
394 |
assert(conf->type & (CONF_CLIENT | CONF_OPER | CONF_SERVER)); |
395 |
assert(conf->ref_count > 0); |
396 |
assert(conf->class->ref_count > 0); |
397 |
|
398 |
if (!(conf->type & type)) |
399 |
continue; |
400 |
|
401 |
dlinkDelete(node, &client_p->connection->confs); |
402 |
free_dlink_node(node); |
403 |
|
404 |
if (conf->type == CONF_CLIENT) |
405 |
class_ip_limit_remove(conf->class, &client_p->ip); |
406 |
|
407 |
if (--conf->class->ref_count == 0 && conf->class->active == false) |
408 |
{ |
409 |
class_free(conf->class); |
410 |
conf->class = NULL; |
411 |
} |
412 |
|
413 |
if (--conf->ref_count == 0 && conf->active == false) |
414 |
conf_free(conf); |
415 |
} |
416 |
} |
417 |
|
418 |
/*! \brief Associate a specific configuration entry to a *local* client (this |
419 |
* is the one which used in accepting the connection). Note, that this |
420 |
* automatically changes the attachment if there was an old one. |
421 |
* \param client_p Client to attach the conf to |
422 |
* \param conf Configuration record to attach |
423 |
*/ |
424 |
int |
425 |
conf_attach(struct Client *client_p, struct MaskItem *conf) |
426 |
{ |
427 |
if (dlinkFind(&client_p->connection->confs, conf)) |
428 |
return 1; |
429 |
|
430 |
if (conf->type == CONF_CLIENT) |
431 |
if (class_ip_limit_add(conf->class, &client_p->ip, IsConfExemptLimits(conf)) == true) |
432 |
return TOO_MANY; /* Already at maximum allowed */ |
433 |
|
434 |
conf->class->ref_count++; |
435 |
conf->ref_count++; |
436 |
|
437 |
dlinkAdd(conf, make_dlink_node(), &client_p->connection->confs); |
438 |
|
439 |
return 0; |
440 |
} |
441 |
|
442 |
/* find_conf_name() |
443 |
* |
444 |
* inputs - pointer to conf link list to search |
445 |
* - pointer to name to find |
446 |
* - int mask of type of conf to find |
447 |
* output - NULL or pointer to conf found |
448 |
* side effects - find a conf entry which matches the name |
449 |
* and has the given mask. |
450 |
*/ |
451 |
struct MaskItem * |
452 |
find_conf_name(dlink_list *list, const char *name, enum maskitem_type type) |
453 |
{ |
454 |
dlink_node *node = NULL; |
455 |
|
456 |
DLINK_FOREACH(node, list->head) |
457 |
{ |
458 |
struct MaskItem *conf = node->data; |
459 |
|
460 |
if (conf->type == type) |
461 |
{ |
462 |
if (conf->name && !irccmp(conf->name, name)) |
463 |
return conf; |
464 |
} |
465 |
} |
466 |
|
467 |
return NULL; |
468 |
} |
469 |
|
470 |
/*! \brief Find a connect {} conf that has a name that matches \a name. |
471 |
* \param name Name to match |
472 |
* \param compare Pointer to function to be used for string matching |
473 |
*/ |
474 |
struct MaskItem * |
475 |
connect_find(const char *name, int (*compare)(const char *, const char *)) |
476 |
{ |
477 |
dlink_node *node; |
478 |
|
479 |
DLINK_FOREACH(node, connect_items.head) |
480 |
{ |
481 |
struct MaskItem *conf = node->data; |
482 |
|
483 |
if (!compare(name, conf->name)) |
484 |
return conf; |
485 |
} |
486 |
|
487 |
return NULL; |
488 |
} |
489 |
|
490 |
/* find_exact_name_conf() |
491 |
* |
492 |
* inputs - type of link list to look in |
493 |
* - pointer to name string to find |
494 |
* - pointer to user |
495 |
* - pointer to host |
496 |
* output - NULL or pointer to found struct MaskItem |
497 |
* side effects - looks for an exact match on name field |
498 |
*/ |
499 |
struct MaskItem * |
500 |
operator_find(const struct Client *who, const char *name) |
501 |
{ |
502 |
dlink_node *node = NULL; |
503 |
|
504 |
DLINK_FOREACH(node, operator_items.head) |
505 |
{ |
506 |
struct MaskItem *conf = node->data; |
507 |
|
508 |
if (!irccmp(conf->name, name)) |
509 |
{ |
510 |
if (!who) |
511 |
return conf; |
512 |
|
513 |
if (!match(conf->user, who->username)) |
514 |
{ |
515 |
switch (conf->htype) |
516 |
{ |
517 |
case HM_HOST: |
518 |
if (!match(conf->host, who->host) || !match(conf->host, who->sockhost)) |
519 |
if (!conf->class->max_total || conf->class->ref_count < conf->class->max_total) |
520 |
return conf; |
521 |
break; |
522 |
case HM_IPV4: |
523 |
if (who->ip.ss.ss_family == AF_INET) |
524 |
if (match_ipv4(&who->ip, conf->addr, conf->bits)) |
525 |
if (!conf->class->max_total || conf->class->ref_count < conf->class->max_total) |
526 |
return conf; |
527 |
break; |
528 |
case HM_IPV6: |
529 |
if (who->ip.ss.ss_family == AF_INET6) |
530 |
if (match_ipv6(&who->ip, conf->addr, conf->bits)) |
531 |
if (!conf->class->max_total || conf->class->ref_count < conf->class->max_total) |
532 |
return conf; |
533 |
break; |
534 |
default: |
535 |
assert(0); |
536 |
} |
537 |
} |
538 |
} |
539 |
} |
540 |
|
541 |
return NULL; |
542 |
} |
543 |
|
544 |
/* set_default_conf() |
545 |
* |
546 |
* inputs - NONE |
547 |
* output - NONE |
548 |
* side effects - Set default values here. |
549 |
* This is called **PRIOR** to parsing the |
550 |
* configuration file. If you want to do some validation |
551 |
* of values later, put them in validate_conf(). |
552 |
*/ |
553 |
static void |
554 |
set_default_conf(void) |
555 |
{ |
556 |
/* verify init_class() ran, this should be an unnecessary check |
557 |
* but its not much work. |
558 |
*/ |
559 |
assert(class_default == class_get_list()->tail->data); |
560 |
|
561 |
ConfigServerInfo.network_name = xstrdup(NETWORK_NAME_DEFAULT); |
562 |
ConfigServerInfo.network_desc = xstrdup(NETWORK_DESC_DEFAULT); |
563 |
ConfigServerInfo.default_max_clients = MAXCLIENTS_MAX; |
564 |
ConfigServerInfo.max_nick_length = 9; |
565 |
ConfigServerInfo.max_topic_length = 80; |
566 |
ConfigServerInfo.hub = 0; |
567 |
|
568 |
log_iterate(log_free); |
569 |
|
570 |
ConfigLog.use_logging = 1; |
571 |
|
572 |
ConfigChannel.disable_fake_channels = 0; |
573 |
ConfigChannel.invite_client_count = 10; |
574 |
ConfigChannel.invite_client_time = 300; |
575 |
ConfigChannel.invite_delay_channel = 5; |
576 |
ConfigChannel.invite_expire_time = 1800; |
577 |
ConfigChannel.knock_client_count = 1; |
578 |
ConfigChannel.knock_client_time = 300; |
579 |
ConfigChannel.knock_delay_channel = 60; |
580 |
ConfigChannel.max_channels = 25; |
581 |
ConfigChannel.max_invites = 20; |
582 |
ConfigChannel.max_bans = 100; |
583 |
ConfigChannel.max_bans_large = 500; |
584 |
ConfigChannel.default_join_flood_count = 18; |
585 |
ConfigChannel.default_join_flood_time = 6; |
586 |
|
587 |
ConfigServerHide.flatten_links = 0; |
588 |
ConfigServerHide.flatten_links_delay = 300; |
589 |
ConfigServerHide.hidden = 0; |
590 |
ConfigServerHide.hide_servers = 0; |
591 |
ConfigServerHide.hide_services = 0; |
592 |
ConfigServerHide.hidden_name = xstrdup(NETWORK_NAME_DEFAULT); |
593 |
ConfigServerHide.hide_server_ips = 0; |
594 |
ConfigServerHide.disable_remote_commands = 0; |
595 |
|
596 |
ConfigGeneral.away_count = 2; |
597 |
ConfigGeneral.away_time = 10; |
598 |
ConfigGeneral.max_watch = 50; |
599 |
ConfigGeneral.whowas_history_length = 15000; |
600 |
ConfigGeneral.cycle_on_host_change = 1; |
601 |
ConfigGeneral.dline_min_cidr = 16; |
602 |
ConfigGeneral.dline_min_cidr6 = 48; |
603 |
ConfigGeneral.kline_min_cidr = 16; |
604 |
ConfigGeneral.kline_min_cidr6 = 48; |
605 |
ConfigGeneral.invisible_on_connect = 1; |
606 |
ConfigGeneral.disable_auth = 0; |
607 |
ConfigGeneral.kill_chase_time_limit = 90; |
608 |
ConfigGeneral.default_floodcount = 8; |
609 |
ConfigGeneral.default_floodtime = 1; |
610 |
ConfigGeneral.failed_oper_notice = 1; |
611 |
ConfigGeneral.dots_in_ident = 0; |
612 |
ConfigGeneral.min_nonwildcard = 4; |
613 |
ConfigGeneral.min_nonwildcard_simple = 3; |
614 |
ConfigGeneral.max_accept = 50; |
615 |
ConfigGeneral.anti_nick_flood = 0; |
616 |
ConfigGeneral.max_nick_time = 20; |
617 |
ConfigGeneral.max_nick_changes = 5; |
618 |
ConfigGeneral.anti_spam_exit_message_time = 0; |
619 |
ConfigGeneral.ts_warn_delta = 30; |
620 |
ConfigGeneral.ts_max_delta = 600; |
621 |
ConfigGeneral.warn_no_connect_block = 1; |
622 |
ConfigGeneral.stats_e_disabled = 0; |
623 |
ConfigGeneral.stats_i_oper_only = 1; /* 1 = masked */ |
624 |
ConfigGeneral.stats_k_oper_only = 1; /* 1 = masked */ |
625 |
ConfigGeneral.stats_o_oper_only = 1; |
626 |
ConfigGeneral.stats_m_oper_only = 1; |
627 |
ConfigGeneral.stats_P_oper_only = 0; |
628 |
ConfigGeneral.stats_u_oper_only = 0; |
629 |
ConfigGeneral.caller_id_wait = 60; |
630 |
ConfigGeneral.opers_bypass_callerid = 1; |
631 |
ConfigGeneral.pace_wait = 10; |
632 |
ConfigGeneral.pace_wait_simple = 1; |
633 |
ConfigGeneral.short_motd = 0; |
634 |
ConfigGeneral.ping_cookie = 0; |
635 |
ConfigGeneral.no_oper_flood = 0; |
636 |
ConfigGeneral.max_targets = MAX_TARGETS_DEFAULT; |
637 |
ConfigGeneral.oper_only_umodes = UMODE_DEBUG | UMODE_LOCOPS | UMODE_HIDDEN | UMODE_FARCONNECT | |
638 |
UMODE_UNAUTH | UMODE_EXTERNAL | UMODE_BOTS | UMODE_NCHANGE | |
639 |
UMODE_SPY | UMODE_FULL | UMODE_SKILL | UMODE_REJ | UMODE_CCONN; |
640 |
ConfigGeneral.oper_umodes = UMODE_BOTS | UMODE_LOCOPS | UMODE_SERVNOTICE | UMODE_WALLOP; |
641 |
ConfigGeneral.throttle_count = 1; |
642 |
ConfigGeneral.throttle_time = 1; |
643 |
} |
644 |
|
645 |
static void |
646 |
validate_conf(void) |
647 |
{ |
648 |
if (EmptyString(ConfigServerInfo.network_name)) |
649 |
ConfigServerInfo.network_name = xstrdup(NETWORK_NAME_DEFAULT); |
650 |
|
651 |
if (EmptyString(ConfigServerInfo.network_desc)) |
652 |
ConfigServerInfo.network_desc = xstrdup(NETWORK_DESC_DEFAULT); |
653 |
} |
654 |
|
655 |
/* read_conf() |
656 |
* |
657 |
* inputs - file descriptor pointing to config file to use |
658 |
* output - None |
659 |
* side effects - Read configuration file. |
660 |
*/ |
661 |
static void |
662 |
read_conf(FILE *file) |
663 |
{ |
664 |
lineno = 1; |
665 |
|
666 |
set_default_conf(); /* Set default values prior to conf parsing */ |
667 |
conf_parser_ctx.pass = 1; |
668 |
yyparse(); /* Pick up the classes first */ |
669 |
|
670 |
rewind(file); |
671 |
|
672 |
conf_parser_ctx.pass = 2; |
673 |
yyparse(); /* Load the values from the conf */ |
674 |
validate_conf(); /* Check to make sure some values are still okay. */ |
675 |
/* Some global values are also loaded here. */ |
676 |
whowas_trim(); /* Attempt to trim whowas list if necessary */ |
677 |
class_delete_marked(); /* Delete unused classes that are marked for deletion */ |
678 |
} |
679 |
|
680 |
/* conf_rehash() |
681 |
* |
682 |
* Actual REHASH service routine. Called with sig == 0 if it has been called |
683 |
* as a result of an operator issuing this command, else assume it has been |
684 |
* called as a result of the server receiving a HUP signal. |
685 |
*/ |
686 |
void |
687 |
conf_rehash(bool sig) |
688 |
{ |
689 |
if (sig == true) |
690 |
{ |
691 |
sendto_realops_flags(UMODE_SERVNOTICE, L_ALL, SEND_NOTICE, |
692 |
"Got signal SIGHUP, reloading configuration file(s)"); |
693 |
ilog(LOG_TYPE_IRCD, "Got signal SIGHUP, reloading configuration file(s)"); |
694 |
} |
695 |
|
696 |
restart_resolver(); |
697 |
|
698 |
/* don't close listeners until we know we can go ahead with the rehash */ |
699 |
|
700 |
read_conf_files(false); |
701 |
|
702 |
load_conf_modules(); |
703 |
check_conf_klines(); |
704 |
} |
705 |
|
706 |
/* lookup_confhost() |
707 |
* |
708 |
* start DNS lookups of all hostnames in the conf |
709 |
* line and convert an IP addresses in a.b.c.d number for to IP#s. |
710 |
*/ |
711 |
void |
712 |
lookup_confhost(struct MaskItem *conf) |
713 |
{ |
714 |
struct addrinfo hints, *res; |
715 |
|
716 |
/* |
717 |
* Do name lookup now on hostnames given and store the |
718 |
* ip numbers in conf structure. |
719 |
*/ |
720 |
memset(&hints, 0, sizeof(hints)); |
721 |
|
722 |
hints.ai_family = AF_UNSPEC; |
723 |
hints.ai_socktype = SOCK_STREAM; |
724 |
|
725 |
/* Get us ready for a bind() and don't bother doing dns lookup */ |
726 |
hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST; |
727 |
|
728 |
if (getaddrinfo(conf->host, NULL, &hints, &res)) |
729 |
{ |
730 |
conf_dns_lookup(conf); |
731 |
return; |
732 |
} |
733 |
|
734 |
assert(res); |
735 |
|
736 |
memcpy(conf->addr, res->ai_addr, res->ai_addrlen); |
737 |
conf->addr->ss_len = res->ai_addrlen; |
738 |
|
739 |
freeaddrinfo(res); |
740 |
} |
741 |
|
742 |
/* conf_connect_allowed() |
743 |
* |
744 |
* inputs - pointer to inaddr |
745 |
* - int type ipv4 or ipv6 |
746 |
* output - BANNED or accepted |
747 |
* side effects - none |
748 |
*/ |
749 |
int |
750 |
conf_connect_allowed(struct irc_ssaddr *addr) |
751 |
{ |
752 |
struct ip_entry *ip_found = NULL; |
753 |
const struct MaskItem *conf = find_dline_conf(addr); |
754 |
|
755 |
if (conf) |
756 |
{ |
757 |
/* DLINE exempt also gets you out of static limits/pacing... */ |
758 |
if (conf->type == CONF_EXEMPT) |
759 |
return 0; |
760 |
return BANNED_CLIENT; |
761 |
} |
762 |
|
763 |
ip_found = ipcache_record_find_or_add(addr); |
764 |
|
765 |
if ((event_base->time.sec_monotonic - ip_found->last_attempt) < ConfigGeneral.throttle_time) |
766 |
{ |
767 |
if (ip_found->connection_count >= ConfigGeneral.throttle_count) |
768 |
return TOO_FAST; |
769 |
|
770 |
++ip_found->connection_count; |
771 |
} |
772 |
else |
773 |
ip_found->connection_count = 1; |
774 |
|
775 |
ip_found->last_attempt = event_base->time.sec_monotonic; |
776 |
return 0; |
777 |
} |
778 |
|
779 |
/* cleanup_tklines() |
780 |
* |
781 |
* inputs - NONE |
782 |
* output - NONE |
783 |
* side effects - call function to expire temporary k/d lines |
784 |
* This is an event started off in ircd.c |
785 |
*/ |
786 |
void |
787 |
cleanup_tklines(void *unused) |
788 |
{ |
789 |
hostmask_expire_temporary(); |
790 |
gecos_expire(); |
791 |
resv_expire(); |
792 |
} |
793 |
|
794 |
/* |
795 |
* Input: A client to find the active operator {} name for. |
796 |
* Output: The nick!user@host{oper} of the oper. |
797 |
* "oper" is server name for remote opers |
798 |
* Side effects: None. |
799 |
*/ |
800 |
const char * |
801 |
get_oper_name(const struct Client *client_p) |
802 |
{ |
803 |
static char buffer[IRCD_BUFSIZE]; |
804 |
|
805 |
if (IsServer(client_p)) |
806 |
return client_p->name; |
807 |
|
808 |
if (MyConnect(client_p)) |
809 |
{ |
810 |
const dlink_node *const node = client_p->connection->confs.head; |
811 |
|
812 |
if (node) |
813 |
{ |
814 |
const struct MaskItem *const conf = node->data; |
815 |
|
816 |
if (conf->type == CONF_OPER) |
817 |
{ |
818 |
snprintf(buffer, sizeof(buffer), "%s!%s@%s{%s}", client_p->name, |
819 |
client_p->username, client_p->host, conf->name); |
820 |
return buffer; |
821 |
} |
822 |
} |
823 |
|
824 |
/* |
825 |
* Probably should assert here for now. If there is an oper out there |
826 |
* with no operator {} conf attached, it would be good for us to know... |
827 |
*/ |
828 |
assert(0); /* Oper without oper conf! */ |
829 |
} |
830 |
|
831 |
snprintf(buffer, sizeof(buffer), "%s!%s@%s{%s}", client_p->name, |
832 |
client_p->username, client_p->host, client_p->servptr->name); |
833 |
return buffer; |
834 |
} |
835 |
|
836 |
/* clear_out_old_conf() |
837 |
* |
838 |
* inputs - none |
839 |
* output - none |
840 |
* side effects - Clear out the old configuration |
841 |
*/ |
842 |
static void |
843 |
clear_out_old_conf(void) |
844 |
{ |
845 |
dlink_node *node = NULL, *node_next = NULL; |
846 |
dlink_list *free_items [] = { |
847 |
&connect_items, &operator_items, NULL |
848 |
}; |
849 |
|
850 |
dlink_list ** iterator = free_items; /* C is dumb */ |
851 |
|
852 |
/* We only need to free anything allocated by yyparse() here. |
853 |
* Resetting structs, etc, is taken care of by set_default_conf(). |
854 |
*/ |
855 |
|
856 |
for (; *iterator; iterator++) |
857 |
{ |
858 |
DLINK_FOREACH_SAFE(node, node_next, (*iterator)->head) |
859 |
{ |
860 |
struct MaskItem *conf = node->data; |
861 |
|
862 |
conf->active = false; |
863 |
dlinkDelete(&conf->node, *iterator); |
864 |
|
865 |
if (!conf->ref_count) |
866 |
conf_free(conf); |
867 |
} |
868 |
} |
869 |
|
870 |
/* |
871 |
* Don't delete the class table, rather mark all entries for deletion. |
872 |
* The table is cleaned up by class_delete_marked. - avalon |
873 |
*/ |
874 |
class_mark_for_deletion(); |
875 |
|
876 |
clear_out_address_conf(); |
877 |
|
878 |
modules_conf_clear(); /* Clear modules {} items */ |
879 |
|
880 |
motd_clear(); /* Clear motd {} items and re-cache default motd */ |
881 |
|
882 |
cluster_clear(); /* Clear cluster {} items */ |
883 |
|
884 |
gecos_clear(); /* Clear gecos {} items */ |
885 |
|
886 |
resv_clear(); /* Clear resv {} items */ |
887 |
|
888 |
service_clear(); /* Clear service {} items */ |
889 |
|
890 |
shared_clear(); /* Clear shared {} items */ |
891 |
|
892 |
pseudo_clear(); /* Clear pseudo {} items */ |
893 |
|
894 |
/* Clean out ConfigServerInfo */ |
895 |
xfree(ConfigServerInfo.description); |
896 |
ConfigServerInfo.description = NULL; |
897 |
xfree(ConfigServerInfo.network_name); |
898 |
ConfigServerInfo.network_name = NULL; |
899 |
xfree(ConfigServerInfo.network_desc); |
900 |
ConfigServerInfo.network_desc = NULL; |
901 |
xfree(ConfigServerInfo.rsa_private_key_file); |
902 |
ConfigServerInfo.rsa_private_key_file = NULL; |
903 |
xfree(ConfigServerInfo.ssl_certificate_file); |
904 |
ConfigServerInfo.ssl_certificate_file = NULL; |
905 |
xfree(ConfigServerInfo.ssl_dh_param_file); |
906 |
ConfigServerInfo.ssl_dh_param_file = NULL; |
907 |
xfree(ConfigServerInfo.ssl_dh_elliptic_curve); |
908 |
ConfigServerInfo.ssl_dh_elliptic_curve = NULL; |
909 |
xfree(ConfigServerInfo.ssl_cipher_list); |
910 |
ConfigServerInfo.ssl_cipher_list = NULL; |
911 |
xfree(ConfigServerInfo.ssl_message_digest_algorithm); |
912 |
ConfigServerInfo.ssl_message_digest_algorithm = NULL; |
913 |
|
914 |
/* Clean out ConfigAdminInfo */ |
915 |
xfree(ConfigAdminInfo.name); |
916 |
ConfigAdminInfo.name = NULL; |
917 |
xfree(ConfigAdminInfo.email); |
918 |
ConfigAdminInfo.email = NULL; |
919 |
xfree(ConfigAdminInfo.description); |
920 |
ConfigAdminInfo.description = NULL; |
921 |
|
922 |
/* Clean out ConfigServerHide */ |
923 |
xfree(ConfigServerHide.flatten_links_file); |
924 |
ConfigServerHide.flatten_links_file = NULL; |
925 |
xfree(ConfigServerHide.hidden_name); |
926 |
ConfigServerHide.hidden_name = NULL; |
927 |
|
928 |
/* Clean out listeners */ |
929 |
listener_close_marked(); |
930 |
} |
931 |
|
932 |
static void |
933 |
conf_handle_tls(bool cold) |
934 |
{ |
935 |
if (tls_new_cred() == false) |
936 |
{ |
937 |
if (cold == true) |
938 |
{ |
939 |
ilog(LOG_TYPE_IRCD, "Error while initializing TLS"); |
940 |
exit(EXIT_FAILURE); |
941 |
} |
942 |
else |
943 |
{ |
944 |
/* Failed to load new settings/certs, old ones remain active */ |
945 |
sendto_realops_flags(UMODE_SERVNOTICE, L_ALL, SEND_NOTICE, |
946 |
"Error reloading TLS settings, check the ircd log"); // report_crypto_errors logs this |
947 |
} |
948 |
} |
949 |
} |
950 |
|
951 |
/* read_conf_files() |
952 |
* |
953 |
* inputs - cold start YES or NO |
954 |
* output - none |
955 |
* side effects - read all conf files needed, ircd.conf kline.conf etc. |
956 |
*/ |
957 |
void |
958 |
read_conf_files(bool cold) |
959 |
{ |
960 |
const char *filename = NULL; |
961 |
char chanmodes[IRCD_BUFSIZE] = ""; |
962 |
char chanlimit[IRCD_BUFSIZE] = ""; |
963 |
|
964 |
conf_parser_ctx.boot = cold; |
965 |
filename = ConfigGeneral.configfile; |
966 |
|
967 |
/* We need to know the initial filename for the yyerror() to report |
968 |
FIXME: The full path is in conffilenamebuf first time since we |
969 |
don't know anything else |
970 |
|
971 |
- Gozem 2002-07-21 |
972 |
*/ |
973 |
strlcpy(conffilebuf, filename, sizeof(conffilebuf)); |
974 |
|
975 |
if ((conf_parser_ctx.conf_file = fopen(filename, "r")) == NULL) |
976 |
{ |
977 |
if (cold == true) |
978 |
{ |
979 |
ilog(LOG_TYPE_IRCD, "Unable to read configuration file '%s': %s", |
980 |
filename, strerror(errno)); |
981 |
exit(EXIT_FAILURE); |
982 |
} |
983 |
else |
984 |
{ |
985 |
sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE, |
986 |
"Unable to read configuration file '%s': %s", |
987 |
filename, strerror(errno)); |
988 |
return; |
989 |
} |
990 |
} |
991 |
|
992 |
if (cold == false) |
993 |
clear_out_old_conf(); |
994 |
|
995 |
read_conf(conf_parser_ctx.conf_file); |
996 |
fclose(conf_parser_ctx.conf_file); |
997 |
|
998 |
log_iterate(log_reopen); |
999 |
conf_handle_tls(cold); |
1000 |
|
1001 |
isupport_add("NICKLEN", NULL, ConfigServerInfo.max_nick_length); |
1002 |
isupport_add("NETWORK", ConfigServerInfo.network_name, -1); |
1003 |
|
1004 |
snprintf(chanmodes, sizeof(chanmodes), "beI:%u", ConfigChannel.max_bans); |
1005 |
isupport_add("MAXLIST", chanmodes, -1); |
1006 |
isupport_add("MAXTARGETS", NULL, ConfigGeneral.max_targets); |
1007 |
isupport_add("CHANTYPES", "#", -1); |
1008 |
|
1009 |
snprintf(chanlimit, sizeof(chanlimit), "#:%u", |
1010 |
ConfigChannel.max_channels); |
1011 |
isupport_add("CHANLIMIT", chanlimit, -1); |
1012 |
snprintf(chanmodes, sizeof(chanmodes), "%s", "beI,k,l,cimnprstuCLMNORST"); |
1013 |
isupport_add("CHANNELLEN", NULL, CHANNELLEN); |
1014 |
isupport_add("TOPICLEN", NULL, ConfigServerInfo.max_topic_length); |
1015 |
isupport_add("CHANMODES", chanmodes, -1); |
1016 |
} |
1017 |
|
1018 |
/* conf_add_class_to_conf() |
1019 |
* |
1020 |
* inputs - pointer to config item |
1021 |
* output - NONE |
1022 |
* side effects - Add a class pointer to a conf |
1023 |
*/ |
1024 |
void |
1025 |
conf_add_class_to_conf(struct MaskItem *conf, const char *name) |
1026 |
{ |
1027 |
if (EmptyString(name) || (conf->class = class_find(name, true)) == NULL) |
1028 |
{ |
1029 |
conf->class = class_default; |
1030 |
|
1031 |
if (conf->type == CONF_CLIENT || conf->type == CONF_OPER) |
1032 |
sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE, |
1033 |
"Warning *** Defaulting to default class for %s@%s", |
1034 |
conf->user, conf->host); |
1035 |
else |
1036 |
sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE, |
1037 |
"Warning *** Defaulting to default class for %s", |
1038 |
conf->name); |
1039 |
} |
1040 |
} |
1041 |
|
1042 |
/* yyerror() |
1043 |
* |
1044 |
* inputs - message from parser |
1045 |
* output - NONE |
1046 |
* side effects - message to opers and log file entry is made |
1047 |
*/ |
1048 |
void |
1049 |
yyerror(const char *msg) |
1050 |
{ |
1051 |
if (conf_parser_ctx.pass != 1) |
1052 |
return; |
1053 |
|
1054 |
const char *p = stripws(linebuf); |
1055 |
sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE, |
1056 |
"\"%s\", line %u: %s: %s", |
1057 |
conffilebuf, lineno, msg, p); |
1058 |
ilog(LOG_TYPE_IRCD, "\"%s\", line %u: %s: %s", |
1059 |
conffilebuf, lineno, msg, p); |
1060 |
} |
1061 |
|
1062 |
void |
1063 |
conf_error_report(const char *msg) |
1064 |
{ |
1065 |
const char *p = stripws(linebuf); |
1066 |
sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE, |
1067 |
"\"%s\", line %u: %s: %s", |
1068 |
conffilebuf, lineno, msg, p); |
1069 |
ilog(LOG_TYPE_IRCD, "\"%s\", line %u: %s: %s", |
1070 |
conffilebuf, lineno, msg, p); |
1071 |
} |
1072 |
|
1073 |
/* |
1074 |
* valid_tkline() |
1075 |
* |
1076 |
* inputs - pointer to ascii string to check |
1077 |
* - whether the specified time is in seconds or minutes |
1078 |
* output - -1 not enough parameters |
1079 |
* - 0 if not an integer number, else the number |
1080 |
* side effects - none |
1081 |
* Originally written by Dianora (Diane, db@db.net) |
1082 |
*/ |
1083 |
uintmax_t |
1084 |
valid_tkline(const char *data, const int minutes) |
1085 |
{ |
1086 |
const unsigned char *p = (const unsigned char *)data; |
1087 |
unsigned char tmpch = '\0'; |
1088 |
uintmax_t result = 0; |
1089 |
|
1090 |
while ((tmpch = *p++)) |
1091 |
{ |
1092 |
if (!IsDigit(tmpch)) |
1093 |
return 0; |
1094 |
|
1095 |
result *= 10; |
1096 |
result += (tmpch & 0xF); |
1097 |
} |
1098 |
|
1099 |
/* |
1100 |
* In the degenerate case where oper does a /quote kline 0 user@host :reason |
1101 |
* i.e. they specifically use 0, I am going to return 1 instead as a return |
1102 |
* value of non-zero is used to flag it as a temporary kline |
1103 |
*/ |
1104 |
if (result == 0) |
1105 |
result = 1; |
1106 |
|
1107 |
/* |
1108 |
* If the incoming time is in seconds convert it to minutes for the purpose |
1109 |
* of this calculation |
1110 |
*/ |
1111 |
if (minutes == 0) |
1112 |
result = result / 60; |
1113 |
|
1114 |
if (result > MAX_TDKLINE_TIME) |
1115 |
result = MAX_TDKLINE_TIME; |
1116 |
|
1117 |
result = result * 60; /* Turn it into seconds */ |
1118 |
|
1119 |
return result; |
1120 |
} |
1121 |
|
1122 |
/* valid_wild_card_simple() |
1123 |
* |
1124 |
* inputs - data to check for sufficient non-wildcard characters |
1125 |
* outputs - 1 if valid, else 0 |
1126 |
* side effects - none |
1127 |
*/ |
1128 |
bool |
1129 |
valid_wild_card_simple(const char *data) |
1130 |
{ |
1131 |
const unsigned char *p = (const unsigned char *)data; |
1132 |
unsigned char tmpch = '\0'; |
1133 |
unsigned int nonwild = 0, wild = 0; |
1134 |
|
1135 |
while ((tmpch = *p++)) |
1136 |
{ |
1137 |
if (tmpch == '\\' && *p) |
1138 |
{ |
1139 |
++p; |
1140 |
if (++nonwild >= ConfigGeneral.min_nonwildcard_simple) |
1141 |
return true; |
1142 |
} |
1143 |
else if (!IsMWildChar(tmpch)) |
1144 |
{ |
1145 |
if (++nonwild >= ConfigGeneral.min_nonwildcard_simple) |
1146 |
return true; |
1147 |
} |
1148 |
else |
1149 |
++wild; |
1150 |
} |
1151 |
|
1152 |
return wild == 0; |
1153 |
} |
1154 |
|
1155 |
/* valid_wild_card() |
1156 |
* |
1157 |
* input - pointer to client |
1158 |
* - int flag, 0 for no warning oper 1 for warning oper |
1159 |
* - count of following varargs to check |
1160 |
* output - 0 if not valid, 1 if valid |
1161 |
* side effects - NOTICE is given to source_p if warn is 1 |
1162 |
*/ |
1163 |
bool |
1164 |
valid_wild_card(int count, ...) |
1165 |
{ |
1166 |
unsigned char tmpch = '\0'; |
1167 |
unsigned int nonwild = 0; |
1168 |
va_list args; |
1169 |
|
1170 |
/* |
1171 |
* Now we must check the user and host to make sure there |
1172 |
* are at least NONWILDCHARS non-wildcard characters in |
1173 |
* them, otherwise assume they are attempting to kline |
1174 |
* *@* or some variant of that. This code will also catch |
1175 |
* people attempting to kline *@*.tld, as long as NONWILDCHARS |
1176 |
* is greater than 3. In that case, there are only 3 non-wild |
1177 |
* characters (tld), so if NONWILDCHARS is 4, the kline will |
1178 |
* be disallowed. |
1179 |
* -wnder |
1180 |
*/ |
1181 |
|
1182 |
va_start(args, count); |
1183 |
|
1184 |
while (count--) |
1185 |
{ |
1186 |
const unsigned char *p = va_arg(args, const unsigned char *); |
1187 |
if (p == NULL) |
1188 |
continue; |
1189 |
|
1190 |
while ((tmpch = *p++)) |
1191 |
{ |
1192 |
if (!IsKWildChar(tmpch)) |
1193 |
{ |
1194 |
/* |
1195 |
* If we find enough non-wild characters, we can |
1196 |
* break - no point in searching further. |
1197 |
*/ |
1198 |
if (++nonwild >= ConfigGeneral.min_nonwildcard) |
1199 |
{ |
1200 |
va_end(args); |
1201 |
return true; |
1202 |
} |
1203 |
} |
1204 |
} |
1205 |
} |
1206 |
|
1207 |
va_end(args); |
1208 |
return false; |
1209 |
} |
1210 |
|
1211 |
/* XXX should this go into a separate file ? -Dianora */ |
1212 |
/* parse_aline |
1213 |
* |
1214 |
* input - pointer to cmd name being used |
1215 |
* - pointer to client using cmd |
1216 |
* - parc parameter count |
1217 |
* - parv[] list of parameters to parse |
1218 |
* - parse_flags bit map of things to test |
1219 |
* - pointer to user or string to parse into |
1220 |
* - pointer to host or NULL to parse into if non NULL |
1221 |
* - pointer to optional tkline time or NULL |
1222 |
* - pointer to target_server to parse into if non NULL |
1223 |
* - pointer to reason to parse into |
1224 |
* |
1225 |
* output - 1 if valid, 0 if not valid |
1226 |
* side effects - A generalised k/d/x etc. line parser, |
1227 |
* "ALINE [time] user@host|string [ON] target :reason" |
1228 |
* will parse returning a parsed user, host if |
1229 |
* h_p pointer is non NULL, string otherwise. |
1230 |
* if tkline_time pointer is non NULL a tk line will be set |
1231 |
* to non zero if found. |
1232 |
* if tkline_time pointer is NULL and tk line is found, |
1233 |
* error is reported. |
1234 |
* if target_server is NULL and an "ON" is found error |
1235 |
* is reported. |
1236 |
* if reason pointer is NULL ignore pointer, |
1237 |
* this allows use of parse_a_line in unkline etc. |
1238 |
* |
1239 |
* - Dianora |
1240 |
*/ |
1241 |
bool |
1242 |
parse_aline(const char *cmd, struct Client *source_p, int parc, char **parv, struct aline_ctx *aline) |
1243 |
{ |
1244 |
static char default_reason[] = CONF_NOREASON; |
1245 |
static char user[USERLEN * 2 + 1]; |
1246 |
static char host[HOSTLEN * 2 + 1]; |
1247 |
|
1248 |
++parv; |
1249 |
--parc; |
1250 |
|
1251 |
if (aline->add == true && (aline->duration = valid_tkline(*parv, TK_MINUTES))) |
1252 |
{ |
1253 |
++parv; |
1254 |
--parc; |
1255 |
} |
1256 |
|
1257 |
if (parc == 0) |
1258 |
{ |
1259 |
sendto_one_numeric(source_p, &me, ERR_NEEDMOREPARAMS, cmd); |
1260 |
return false; |
1261 |
} |
1262 |
|
1263 |
if (aline->simple_mask == true) |
1264 |
{ |
1265 |
aline->mask = *parv; |
1266 |
aline->user = NULL; |
1267 |
aline->host = NULL; |
1268 |
} |
1269 |
else |
1270 |
{ |
1271 |
struct split_nuh_item nuh; |
1272 |
|
1273 |
nuh.nuhmask = *parv; |
1274 |
nuh.nickptr = NULL; |
1275 |
nuh.userptr = user; |
1276 |
nuh.hostptr = host; |
1277 |
|
1278 |
nuh.nicksize = 0; |
1279 |
nuh.usersize = sizeof(user); |
1280 |
nuh.hostsize = sizeof(host); |
1281 |
|
1282 |
split_nuh(&nuh); |
1283 |
|
1284 |
aline->mask = NULL; |
1285 |
aline->user = user; |
1286 |
aline->host = host; |
1287 |
} |
1288 |
|
1289 |
++parv; |
1290 |
--parc; |
1291 |
|
1292 |
if (parc) |
1293 |
{ |
1294 |
if (irccmp(*parv, "ON") == 0) |
1295 |
{ |
1296 |
++parv; |
1297 |
--parc; |
1298 |
|
1299 |
if (!HasOFlag(source_p, OPER_FLAG_REMOTEBAN)) |
1300 |
{ |
1301 |
sendto_one_numeric(source_p, &me, ERR_NOPRIVS, "remoteban"); |
1302 |
return false; |
1303 |
} |
1304 |
|
1305 |
if (parc == 0 || EmptyString(*parv)) |
1306 |
{ |
1307 |
sendto_one_numeric(source_p, &me, ERR_NEEDMOREPARAMS, cmd); |
1308 |
return false; |
1309 |
} |
1310 |
|
1311 |
aline->server = *parv; |
1312 |
++parv; |
1313 |
--parc; |
1314 |
} |
1315 |
else |
1316 |
aline->server = NULL; |
1317 |
} |
1318 |
|
1319 |
if (aline->add == true) |
1320 |
{ |
1321 |
if (parc == 0 || EmptyString(*parv)) |
1322 |
aline->reason = default_reason; |
1323 |
else |
1324 |
aline->reason = *parv; |
1325 |
} |
1326 |
|
1327 |
return true; |
1328 |
} |
1329 |
|
1330 |
/* match_conf_password() |
1331 |
* |
1332 |
* inputs - pointer to given password |
1333 |
* - pointer to Conf |
1334 |
* output - 1 or 0 if match |
1335 |
* side effects - none |
1336 |
*/ |
1337 |
bool |
1338 |
match_conf_password(const char *password, const struct MaskItem *conf) |
1339 |
{ |
1340 |
const char *encr = NULL; |
1341 |
|
1342 |
if (EmptyString(password) || EmptyString(conf->passwd)) |
1343 |
return false; |
1344 |
|
1345 |
if (conf->flags & CONF_FLAGS_ENCRYPTED) |
1346 |
encr = crypt(password, conf->passwd); |
1347 |
else |
1348 |
encr = password; |
1349 |
|
1350 |
return encr && strcmp(encr, conf->passwd) == 0; |
1351 |
} |
1352 |
|
1353 |
/* |
1354 |
* split_nuh |
1355 |
* |
1356 |
* inputs - pointer to original mask (modified in place) |
1357 |
* - pointer to pointer where nick should go |
1358 |
* - pointer to pointer where user should go |
1359 |
* - pointer to pointer where host should go |
1360 |
* output - NONE |
1361 |
* side effects - mask is modified in place |
1362 |
* If nick pointer is NULL, ignore writing to it |
1363 |
* this allows us to use this function elsewhere. |
1364 |
* |
1365 |
* mask nick user host |
1366 |
* ---------------------- ------- ------- ------ |
1367 |
* Dianora!db@db.net Dianora db db.net |
1368 |
* Dianora Dianora * * |
1369 |
* db.net * * db.net |
1370 |
* OR if nick pointer is NULL |
1371 |
* Dianora - * Dianora |
1372 |
* Dianora! Dianora * * |
1373 |
* Dianora!@ Dianora * * |
1374 |
* Dianora!db Dianora db * |
1375 |
* Dianora!@db.net Dianora * db.net |
1376 |
* db@db.net * db db.net |
1377 |
* !@ * * * |
1378 |
* @ * * * |
1379 |
* ! * * * |
1380 |
*/ |
1381 |
void |
1382 |
split_nuh(struct split_nuh_item *const iptr) |
1383 |
{ |
1384 |
char *p = NULL, *q = NULL; |
1385 |
|
1386 |
if (iptr->nickptr) |
1387 |
strlcpy(iptr->nickptr, "*", iptr->nicksize); |
1388 |
|
1389 |
if (iptr->userptr) |
1390 |
strlcpy(iptr->userptr, "*", iptr->usersize); |
1391 |
|
1392 |
if (iptr->hostptr) |
1393 |
strlcpy(iptr->hostptr, "*", iptr->hostsize); |
1394 |
|
1395 |
if ((p = strchr(iptr->nuhmask, '!'))) |
1396 |
{ |
1397 |
*p = '\0'; |
1398 |
|
1399 |
if (iptr->nickptr && *iptr->nuhmask) |
1400 |
strlcpy(iptr->nickptr, iptr->nuhmask, iptr->nicksize); |
1401 |
|
1402 |
if ((q = strchr(++p, '@'))) |
1403 |
{ |
1404 |
*q++ = '\0'; |
1405 |
|
1406 |
if (*p) |
1407 |
strlcpy(iptr->userptr, p, iptr->usersize); |
1408 |
|
1409 |
if (*q) |
1410 |
strlcpy(iptr->hostptr, q, iptr->hostsize); |
1411 |
} |
1412 |
else |
1413 |
{ |
1414 |
if (*p) |
1415 |
strlcpy(iptr->userptr, p, iptr->usersize); |
1416 |
} |
1417 |
} |
1418 |
else |
1419 |
{ |
1420 |
/* No ! found so lets look for a user@host */ |
1421 |
if ((p = strchr(iptr->nuhmask, '@'))) |
1422 |
{ |
1423 |
/* if found a @ */ |
1424 |
*p++ = '\0'; |
1425 |
|
1426 |
if (*iptr->nuhmask) |
1427 |
strlcpy(iptr->userptr, iptr->nuhmask, iptr->usersize); |
1428 |
|
1429 |
if (*p) |
1430 |
strlcpy(iptr->hostptr, p, iptr->hostsize); |
1431 |
} |
1432 |
else |
1433 |
{ |
1434 |
/* No @ found */ |
1435 |
if (iptr->nickptr == NULL || strpbrk(iptr->nuhmask, ".:")) |
1436 |
strlcpy(iptr->hostptr, iptr->nuhmask, iptr->hostsize); |
1437 |
else |
1438 |
strlcpy(iptr->nickptr, iptr->nuhmask, iptr->nicksize); |
1439 |
} |
1440 |
} |
1441 |
} |