/[svn]/ircd-hybrid/branches/8.2.x/src/conf.c
ViewVC logotype

Contents of /ircd-hybrid/branches/8.2.x/src/conf.c

Parent Directory Parent Directory | Revision Log Revision Log


Revision 9897 - (show annotations)
Sun Jan 17 06:18:18 2021 UTC (18 months, 3 weeks ago) by michael
File MIME type: text/x-chdr
File size: 37257 byte(s)
- The `general::dots_in_ident` configuration directive has been renamed to `general::specials_in_ident`
  and now covers the '-' and '_' characters in addition to '.'

1 /*
2 * ircd-hybrid: an advanced, lightweight Internet Relay Chat Daemon (ircd)
3 *
4 * Copyright (c) 1997-2021 ircd-hybrid development team
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
19 * USA
20 */
21
22 /*! \file conf.c
23 * \brief Configuration file functions.
24 * \version $Id$
25 */
26
27 #include "stdinc.h"
28 #include "list.h"
29 #include "ircd_defs.h"
30 #include "parse.h"
31 #include "conf.h"
32 #include "conf_cluster.h"
33 #include "conf_gecos.h"
34 #include "conf_pseudo.h"
35 #include "conf_resv.h"
36 #include "conf_service.h"
37 #include "conf_shared.h"
38 #include "server.h"
39 #include "channel.h"
40 #include "client.h"
41 #include "event.h"
42 #include "irc_string.h"
43 #include "s_bsd.h"
44 #include "ircd.h"
45 #include "listener.h"
46 #include "hostmask.h"
47 #include "modules.h"
48 #include "numeric.h"
49 #include "fdlist.h"
50 #include "log.h"
51 #include "send.h"
52 #include "memory.h"
53 #include "res.h"
54 #include "user.h"
55 #include "channel_mode.h"
56 #include "misc.h"
57 #include "conf_db.h"
58 #include "conf_class.h"
59 #include "motd.h"
60 #include "ipcache.h"
61 #include "isupport.h"
62 #include "whowas.h"
63
64
65 struct config_channel_entry ConfigChannel;
66 struct config_serverhide_entry ConfigServerHide;
67 struct config_general_entry ConfigGeneral;
68 struct config_log_entry ConfigLog = { .use_logging = 1 };
69 struct config_serverinfo_entry ConfigServerInfo;
70 struct config_admin_entry ConfigAdminInfo;
71 struct conf_parser_context conf_parser_ctx;
72
73 /* general conf items link list root, other than k lines etc. */
74 dlink_list connect_items;
75 dlink_list operator_items;
76
77 extern unsigned int lineno;
78 extern char linebuf[];
79 extern char conffilebuf[IRCD_BUFSIZE];
80 extern int yyparse(); /* defined in y.tab.c */
81
82
83 /* conf_dns_callback()
84 *
85 * inputs - pointer to struct MaskItem
86 * - pointer to DNSReply reply
87 * output - none
88 * side effects - called when resolver query finishes
89 * if the query resulted in a successful search, hp will contain
90 * a non-null pointer, otherwise hp will be null.
91 * if successful save hp in the conf item it was called with
92 */
93 static void
94 conf_dns_callback(void *vptr, const struct irc_ssaddr *addr, const char *name, size_t namelength)
95 {
96 struct MaskItem *const conf = vptr;
97
98 conf->dns_pending = false;
99
100 if (addr)
101 *conf->addr = *addr;
102 else
103 conf->dns_failed = true;
104 }
105
106 /* conf_resolve_host()
107 *
108 * start DNS lookups of all hostnames in the conf
109 * line and convert an IP addresses in a.b.c.d number for to IP#s.
110 */
111 void
112 conf_dns_lookup(struct MaskItem *conf)
113 {
114 struct addrinfo hints, *res;
115
116 /*
117 * Do name lookup now on hostnames given and store the
118 * ip numbers in conf structure.
119 */
120 memset(&hints, 0, sizeof(hints));
121
122 hints.ai_family = AF_UNSPEC;
123 hints.ai_socktype = SOCK_STREAM;
124
125 /* Get us ready for a bind() and don't bother doing dns lookup */
126 hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST;
127
128 if (getaddrinfo(conf->host, NULL, &hints, &res))
129 {
130 /*
131 * By this point conf->host possibly is not a numerical network address. Do a nameserver
132 * lookup of the conf host. If the conf entry is currently doing a ns lookup do nothing.
133 */
134 if (conf->dns_pending == true)
135 return;
136
137 conf->dns_pending = true;
138
139 if (conf->aftype == AF_INET)
140 gethost_byname_type(conf_dns_callback, conf, conf->host, T_A);
141 else
142 gethost_byname_type(conf_dns_callback, conf, conf->host, T_AAAA);
143 return;
144 }
145
146 assert(res);
147
148 memcpy(conf->addr, res->ai_addr, res->ai_addrlen);
149 conf->addr->ss_len = res->ai_addrlen;
150
151 freeaddrinfo(res);
152 }
153
154 /* map_to_list()
155 *
156 * inputs - ConfType conf
157 * output - pointer to dlink_list to use
158 * side effects - none
159 */
160 static dlink_list *
161 map_to_list(enum maskitem_type type)
162 {
163 switch (type)
164 {
165 case CONF_OPER:
166 return &operator_items;
167 break;
168 case CONF_SERVER:
169 return &connect_items;
170 break;
171 default:
172 return NULL;
173 }
174 }
175
176 struct MaskItem *
177 conf_make(enum maskitem_type type)
178 {
179 struct MaskItem *const conf = xcalloc(sizeof(*conf));
180 dlink_list *list = NULL;
181
182 conf->type = type;
183 conf->active = true;
184 conf->aftype = AF_INET;
185
186 if ((list = map_to_list(type)))
187 dlinkAdd(conf, &conf->node, list);
188 return conf;
189 }
190
191 void
192 conf_free(struct MaskItem *conf)
193 {
194 dlink_node *node = NULL, *node_next = NULL;
195 dlink_list *list = NULL;
196
197 if ((list = map_to_list(conf->type)))
198 dlinkFindDelete(list, conf);
199
200 xfree(conf->name);
201
202 if (conf->dns_pending == true)
203 delete_resolver_queries(conf);
204 if (conf->passwd)
205 memset(conf->passwd, 0, strlen(conf->passwd));
206 if (conf->spasswd)
207 memset(conf->spasswd, 0, strlen(conf->spasswd));
208
209 conf->class = NULL;
210
211 xfree(conf->passwd);
212 xfree(conf->spasswd);
213 xfree(conf->reason);
214 xfree(conf->certfp);
215 xfree(conf->whois);
216 xfree(conf->user);
217 xfree(conf->host);
218 xfree(conf->addr);
219 xfree(conf->bind);
220 xfree(conf->cipher_list);
221
222 DLINK_FOREACH_SAFE(node, node_next, conf->hub_list.head)
223 {
224 xfree(node->data);
225 dlinkDelete(node, &conf->hub_list);
226 free_dlink_node(node);
227 }
228
229 DLINK_FOREACH_SAFE(node, node_next, conf->leaf_list.head)
230 {
231 xfree(node->data);
232 dlinkDelete(node, &conf->leaf_list);
233 free_dlink_node(node);
234 }
235
236 xfree(conf);
237 }
238
239 /* attach_iline()
240 *
241 * inputs - client pointer
242 * - conf pointer
243 * output -
244 * side effects - do actual attach
245 */
246 static int
247 attach_iline(struct Client *client, struct MaskItem *conf)
248 {
249 const struct ClassItem *const class = conf->class;
250 bool a_limit_reached = false;
251
252 struct ip_entry *ipcache = ipcache_record_find_or_add(&client->ip);
253 ++ipcache->count_local;
254 AddFlag(client, FLAGS_IPHASH);
255
256 if (class->max_total && class->ref_count >= class->max_total)
257 a_limit_reached = true;
258 else if (class->max_perip_local && ipcache->count_local > class->max_perip_local)
259 a_limit_reached = true;
260 else if (class->max_perip_global &&
261 (ipcache->count_local + ipcache->count_remote) > class->max_perip_global)
262 a_limit_reached = true;
263 else if (class_ip_limit_add(conf->class, &client->ip, IsConfExemptLimits(conf)) == true)
264 a_limit_reached = true;
265
266 if (a_limit_reached == true)
267 {
268 if (!IsConfExemptLimits(conf))
269 return TOO_MANY; /* Already at maximum allowed */
270
271 sendto_one_notice(client, &me, ":*** Your connection class is full, "
272 "but you have exceed_limit = yes;");
273 }
274
275 return conf_attach(client, conf);
276 }
277
278 /* verify_access()
279 *
280 * inputs - pointer to client to verify
281 * output - 0 if success -'ve if not
282 * side effect - find the first (best) I line to attach.
283 */
284 static int
285 verify_access(struct Client *client)
286 {
287 struct MaskItem *conf;
288
289 if (HasFlag(client, FLAGS_GOTID))
290 conf = find_address_conf(client->host, client->username, &client->ip,
291 client->connection->password);
292 else
293 {
294 char non_ident[USERLEN + 1] = "~";
295
296 strlcpy(non_ident + 1, client->username, sizeof(non_ident) - 1);
297 conf = find_address_conf(client->host, non_ident, &client->ip,
298 client->connection->password);
299 }
300
301 if (conf == NULL)
302 return NOT_AUTHORIZED;
303
304 assert(IsConfClient(conf) || IsConfKill(conf));
305
306 if (IsConfKill(conf))
307 {
308 sendto_one_notice(client, &me, ":*** Banned: %s", conf->reason);
309 return BANNED_CLIENT;
310 }
311
312 if (IsConfRedir(conf))
313 {
314 sendto_one_numeric(client, &me, RPL_REDIR,
315 conf->name ? conf->name : "",
316 conf->port);
317 return NOT_AUTHORIZED;
318 }
319
320 /* Preserve x->host in x->realhost before it gets overwritten. */
321 strlcpy(client->realhost, client->host, sizeof(client->realhost));
322
323 if (IsConfDoSpoofIp(conf))
324 strlcpy(client->host, conf->name, sizeof(client->host));
325
326 return attach_iline(client, conf);
327 }
328
329 /* check_client()
330 *
331 * inputs - pointer to client
332 * output - 0 = Success
333 * NOT_AUTHORIZED (-1) = Access denied (no I line match)
334 * IRCD_SOCKET_ERROR (-2) = Bad socket.
335 * I_LINE_FULL (-3) = I-line is full
336 * TOO_MANY (-4) = Too many connections from hostname
337 * BANNED_CLIENT (-5) = K-lined
338 * side effects - Ordinary client access check.
339 * Look for conf lines which have the same
340 * status as the flags passed.
341 */
342 bool
343 conf_check_client(struct Client *client)
344 {
345 const char *error = NULL;
346 bool warn = true;
347
348 switch (verify_access(client))
349 {
350 case TOO_MANY:
351 error = "too many connections on IP";
352 break;
353 case I_LINE_FULL:
354 error = "connection class is full";
355 break;
356 case NOT_AUTHORIZED:
357 error = "not authorized";
358 break;
359 case BANNED_CLIENT:
360 error = "banned from server";
361 warn = false;
362 break;
363 }
364
365 if (error)
366 {
367 char buf[REASONLEN + 1];
368 snprintf(buf, sizeof(buf), "Connection rejected - %s", error);
369
370 ++ServerStats.is_ref;
371
372 if (warn == true)
373 sendto_realops_flags(UMODE_REJ, L_ALL, SEND_NOTICE, "Rejecting client connection from %s: %s",
374 client_get_name(client, SHOW_IP), error);
375
376 ilog(LOG_TYPE_IRCD, "Rejecting client connection from %s: %s",
377 client_get_name(client, SHOW_IP), error);
378 exit_client(client, buf);
379 return false;
380 }
381
382 return true;
383 }
384
385 /*! \brief Disassociate configuration from the client. Also removes a class
386 * from the list if marked for deleting.
387 * \param client Client to operate on
388 * \param type Type of conf to detach
389 */
390 void
391 conf_detach(struct Client *client, enum maskitem_type type)
392 {
393 dlink_node *node, *node_next;
394
395 DLINK_FOREACH_SAFE(node, node_next, client->connection->confs.head)
396 {
397 struct MaskItem *conf = node->data;
398
399 assert(conf->type & (CONF_CLIENT | CONF_OPER | CONF_SERVER));
400 assert(conf->ref_count > 0);
401 assert(conf->class->ref_count > 0);
402
403 if (!(conf->type & type))
404 continue;
405
406 dlinkDelete(node, &client->connection->confs);
407 free_dlink_node(node);
408
409 if (conf->type == CONF_CLIENT)
410 class_ip_limit_remove(conf->class, &client->ip);
411
412 if (--conf->class->ref_count == 0 && conf->class->active == false)
413 {
414 class_free(conf->class);
415 conf->class = NULL;
416 }
417
418 if (--conf->ref_count == 0 && conf->active == false)
419 conf_free(conf);
420 }
421 }
422
423 /*! \brief Associate a specific configuration entry to a *local* client (this
424 * is the one which used in accepting the connection). Note, that this
425 * automatically changes the attachment if there was an old one.
426 * \param client Client to attach the conf to
427 * \param conf Configuration record to attach
428 */
429 int
430 conf_attach(struct Client *client, struct MaskItem *conf)
431 {
432 if (dlinkFind(&client->connection->confs, conf))
433 return 1;
434
435 conf->class->ref_count++;
436 conf->ref_count++;
437
438 dlinkAdd(conf, make_dlink_node(), &client->connection->confs);
439
440 return 0;
441 }
442
443 /* find_conf_name()
444 *
445 * inputs - pointer to conf link list to search
446 * - pointer to name to find
447 * - int mask of type of conf to find
448 * output - NULL or pointer to conf found
449 * side effects - find a conf entry which matches the name
450 * and has the given mask.
451 */
452 struct MaskItem *
453 find_conf_name(dlink_list *list, const char *name, enum maskitem_type type)
454 {
455 dlink_node *node = NULL;
456
457 DLINK_FOREACH(node, list->head)
458 {
459 struct MaskItem *conf = node->data;
460
461 if (conf->type == type)
462 {
463 if (conf->name && !irccmp(conf->name, name))
464 return conf;
465 }
466 }
467
468 return NULL;
469 }
470
471 /*! \brief Find a connect {} conf that has a name that matches \a name.
472 * \param name Name to match
473 * \param compare Pointer to function to be used for string matching
474 */
475 struct MaskItem *
476 connect_find(const char *name, int (*compare)(const char *, const char *))
477 {
478 dlink_node *node;
479
480 DLINK_FOREACH(node, connect_items.head)
481 {
482 struct MaskItem *conf = node->data;
483
484 if (compare(name, conf->name) == 0)
485 return conf;
486 }
487
488 return NULL;
489 }
490
491 /* find_exact_name_conf()
492 *
493 * inputs - type of link list to look in
494 * - pointer to name string to find
495 * - pointer to user
496 * - pointer to host
497 * output - NULL or pointer to found struct MaskItem
498 * side effects - looks for an exact match on name field
499 */
500 struct MaskItem *
501 operator_find(const struct Client *client, const char *name)
502 {
503 dlink_node *node;
504
505 DLINK_FOREACH(node, operator_items.head)
506 {
507 struct MaskItem *conf = node->data;
508
509 if (irccmp(conf->name, name) == 0)
510 {
511 if (client == NULL)
512 return conf;
513
514 if (conf->class->max_total &&
515 conf->class->max_total <= conf->class->ref_count)
516 continue;
517
518 if (match(conf->user, client->username) == 0)
519 {
520 switch (conf->htype)
521 {
522 case HM_HOST:
523 if (match(conf->host, client->realhost) == 0 ||
524 match(conf->host, client->sockhost) == 0 || match(conf->host, client->host) == 0)
525 return conf;
526 break;
527 case HM_IPV6:
528 case HM_IPV4:
529 if (address_compare(&client->ip, conf->addr, false, false, conf->bits) == true)
530 return conf;
531 break;
532 default:
533 assert(0);
534 }
535 }
536 }
537 }
538
539 return NULL;
540 }
541
542 /* conf_set_defaults()
543 *
544 * inputs - NONE
545 * output - NONE
546 * side effects - Set default values here.
547 * This is called **PRIOR** to parsing the
548 * configuration file. If you want to do some validation
549 * of values later, put them in validate_conf().
550 */
551 static void
552 conf_set_defaults(void)
553 {
554 /*
555 * Verify init_class() ran, this should be an unnecessary check
556 * but it's not much work.
557 */
558 assert(class_default == class_get_list()->tail->data);
559
560 ConfigServerInfo.network_name = xstrdup(NETWORK_NAME_DEFAULT);
561 ConfigServerInfo.network_description = xstrdup(NETWORK_DESCRIPTION_DEFAULT);
562 ConfigServerInfo.default_max_clients = MAXCLIENTS_MAX;
563 ConfigServerInfo.max_nick_length = 9;
564 ConfigServerInfo.max_topic_length = 80;
565 ConfigServerInfo.hub = 0;
566
567 log_iterate(log_free);
568
569 ConfigLog.use_logging = 1;
570
571 ConfigChannel.enable_extbans = 0;
572 ConfigChannel.disable_fake_channels = 0;
573 ConfigChannel.invite_client_count = 10;
574 ConfigChannel.invite_client_time = 300;
575 ConfigChannel.invite_delay_channel = 5;
576 ConfigChannel.invite_expire_time = 1800;
577 ConfigChannel.knock_client_count = 1;
578 ConfigChannel.knock_client_time = 300;
579 ConfigChannel.knock_delay_channel = 60;
580 ConfigChannel.max_channels = 25;
581 ConfigChannel.max_invites = 20;
582 ConfigChannel.max_bans = 100;
583 ConfigChannel.max_bans_large = 500;
584 ConfigChannel.default_join_flood_count = 18;
585 ConfigChannel.default_join_flood_time = 6;
586
587 ConfigServerHide.flatten_links = 0;
588 ConfigServerHide.flatten_links_delay = 300;
589 ConfigServerHide.hidden = 0;
590 ConfigServerHide.hide_servers = 0;
591 ConfigServerHide.hide_services = 0;
592 ConfigServerHide.hidden_name = xstrdup(NETWORK_NAME_DEFAULT);
593 ConfigServerHide.hide_server_ips = 0;
594 ConfigServerHide.disable_remote_commands = 0;
595
596 ConfigGeneral.away_count = 2;
597 ConfigGeneral.away_time = 10;
598 ConfigGeneral.max_monitor = 50;
599 ConfigGeneral.whowas_history_length = 15000;
600 ConfigGeneral.cycle_on_host_change = 1;
601 ConfigGeneral.dline_min_cidr = 16;
602 ConfigGeneral.dline_min_cidr6 = 48;
603 ConfigGeneral.kline_min_cidr = 16;
604 ConfigGeneral.kline_min_cidr6 = 48;
605 ConfigGeneral.invisible_on_connect = 1;
606 ConfigGeneral.disable_auth = 0;
607 ConfigGeneral.kill_chase_time_limit = 90;
608 ConfigGeneral.default_floodcount = 8;
609 ConfigGeneral.default_floodtime = 1;
610 ConfigGeneral.failed_oper_notice = 1;
611 ConfigGeneral.specials_in_ident = 0;
612 ConfigGeneral.min_nonwildcard = 4;
613 ConfigGeneral.min_nonwildcard_simple = 3;
614 ConfigGeneral.max_accept = 50;
615 ConfigGeneral.anti_nick_flood = 0;
616 ConfigGeneral.max_nick_time = 20;
617 ConfigGeneral.max_nick_changes = 5;
618 ConfigGeneral.anti_spam_exit_message_time = 0;
619 ConfigGeneral.ts_warn_delta = 30;
620 ConfigGeneral.ts_max_delta = 600;
621 ConfigGeneral.warn_no_connect_block = 1;
622 ConfigGeneral.stats_e_disabled = 0;
623 ConfigGeneral.stats_i_oper_only = 1; /* 1 = masked */
624 ConfigGeneral.stats_k_oper_only = 1; /* 1 = masked */
625 ConfigGeneral.stats_o_oper_only = 1;
626 ConfigGeneral.stats_m_oper_only = 1;
627 ConfigGeneral.stats_P_oper_only = 0;
628 ConfigGeneral.stats_u_oper_only = 0;
629 ConfigGeneral.caller_id_wait = 60;
630 ConfigGeneral.opers_bypass_callerid = 1;
631 ConfigGeneral.pace_wait = 10;
632 ConfigGeneral.pace_wait_simple = 1;
633 ConfigGeneral.short_motd = 0;
634 ConfigGeneral.ping_cookie = 0;
635 ConfigGeneral.no_oper_flood = 0;
636 ConfigGeneral.max_targets = MAX_TARGETS_DEFAULT;
637 ConfigGeneral.oper_only_umodes = UMODE_DEBUG | UMODE_LOCOPS | UMODE_HIDDEN | UMODE_FARCONNECT |
638 UMODE_EXTERNAL | UMODE_FLOOD | UMODE_NCHANGE |
639 UMODE_SPY | UMODE_SKILL | UMODE_REJ | UMODE_CCONN;
640 ConfigGeneral.oper_umodes = UMODE_FLOOD | UMODE_LOCOPS | UMODE_SERVNOTICE | UMODE_WALLOP;
641 ConfigGeneral.throttle_count = 1;
642 ConfigGeneral.throttle_time = 1;
643 }
644
645 static void
646 conf_validate(void)
647 {
648 if (EmptyString(ConfigServerInfo.network_name))
649 ConfigServerInfo.network_name = xstrdup(NETWORK_NAME_DEFAULT);
650
651 if (EmptyString(ConfigServerInfo.network_description))
652 ConfigServerInfo.network_description = xstrdup(NETWORK_DESCRIPTION_DEFAULT);
653 }
654
655 /* conf_read()
656 *
657 * inputs - file descriptor pointing to config file to use
658 * output - None
659 * side effects - Read configuration file.
660 */
661 static void
662 conf_read(FILE *file)
663 {
664 lineno = 1;
665
666 conf_set_defaults(); /* Set default values prior to conf parsing */
667 conf_parser_ctx.pass = 1;
668 yyparse(); /* Pick up the classes first */
669
670 rewind(file);
671
672 conf_parser_ctx.pass = 2;
673 yyparse(); /* Load the values from the conf */
674 conf_validate(); /* Check to make sure some values are still okay. */
675 /* Some global values are also loaded here. */
676 whowas_trim(); /* Attempt to trim whowas list if necessary */
677 class_delete_marked(); /* Delete unused classes that are marked for deletion */
678 }
679
680 /* conf_rehash()
681 *
682 * Actual REHASH service routine. Called with sig == 0 if it has been called
683 * as a result of an operator issuing this command, else assume it has been
684 * called as a result of the server receiving a HUP signal.
685 */
686 void
687 conf_rehash(bool sig)
688 {
689 if (sig == true)
690 {
691 sendto_realops_flags(UMODE_SERVNOTICE, L_ALL, SEND_NOTICE,
692 "Got signal SIGHUP, reloading configuration file(s)");
693 ilog(LOG_TYPE_IRCD, "Got signal SIGHUP, reloading configuration file(s)");
694 }
695
696 restart_resolver();
697
698 /* don't close listeners until we know we can go ahead with the rehash */
699
700 conf_read_files(false);
701
702 load_conf_modules();
703 check_conf_klines();
704 }
705
706 /* conf_connect_allowed()
707 *
708 * inputs - pointer to inaddr
709 * - int type ipv4 or ipv6
710 * output - BANNED or accepted
711 * side effects - none
712 */
713 int
714 conf_connect_allowed(struct irc_ssaddr *addr)
715 {
716 const struct MaskItem *conf = find_dline_conf(addr);
717
718 if (conf)
719 {
720 /* DLINE exempt also gets you out of static limits/pacing... */
721 if (conf->type == CONF_EXEMPT)
722 return 0;
723 return BANNED_CLIENT;
724 }
725
726 struct ip_entry *ip_found = ipcache_record_find_or_add(addr);
727 if ((event_base->time.sec_monotonic - ip_found->last_attempt) < ConfigGeneral.throttle_time)
728 {
729 if (ip_found->connection_count >= ConfigGeneral.throttle_count)
730 return TOO_FAST;
731
732 ++ip_found->connection_count;
733 }
734 else
735 ip_found->connection_count = 1;
736
737 ip_found->last_attempt = event_base->time.sec_monotonic;
738 return 0;
739 }
740
741 /* cleanup_tklines()
742 *
743 * inputs - NONE
744 * output - NONE
745 * side effects - call function to expire temporary k/d lines
746 * This is an event started off in ircd.c
747 */
748 void
749 cleanup_tklines(void *unused)
750 {
751 hostmask_expire_temporary();
752 gecos_expire();
753 resv_expire();
754 }
755
756 /*
757 * Input: A client to find the active operator {} name for.
758 * Output: The nick!user@host{oper} of the oper.
759 * "oper" is server name for remote opers
760 * Side effects: None.
761 */
762 const char *
763 get_oper_name(const struct Client *client)
764 {
765 static char buf[IRCD_BUFSIZE];
766
767 if (IsServer(client))
768 return client->name;
769
770 if (MyConnect(client))
771 {
772 const dlink_node *const node = client->connection->confs.head;
773
774 if (node)
775 {
776 const struct MaskItem *const conf = node->data;
777
778 if (conf->type == CONF_OPER)
779 {
780 snprintf(buf, sizeof(buf), "%s!%s@%s{%s}", client->name,
781 client->username, client->host, conf->name);
782 return buf;
783 }
784 }
785
786 /*
787 * Probably should assert here for now. If there is an oper out there
788 * with no operator {} conf attached, it would be good for us to know...
789 */
790 assert(0); /* Oper without oper conf! */
791 }
792
793 snprintf(buf, sizeof(buf), "%s!%s@%s{%s}", client->name,
794 client->username, client->host, client->servptr->name);
795 return buf;
796 }
797
798 /* conf_clear()
799 *
800 * inputs - none
801 * output - none
802 * side effects - Clear out the old configuration
803 */
804 static void
805 conf_clear(void)
806 {
807 dlink_node *node = NULL, *node_next = NULL;
808 dlink_list *free_items [] = {
809 &connect_items, &operator_items, NULL
810 };
811
812 dlink_list ** iterator = free_items; /* C is dumb */
813
814 /* We only need to free anything allocated by yyparse() here.
815 * Resetting structs, etc, is taken care of by conf_set_defaults().
816 */
817
818 for (; *iterator; iterator++)
819 {
820 DLINK_FOREACH_SAFE(node, node_next, (*iterator)->head)
821 {
822 struct MaskItem *conf = node->data;
823
824 conf->active = false;
825 dlinkDelete(&conf->node, *iterator);
826
827 if (!conf->ref_count)
828 conf_free(conf);
829 }
830 }
831
832 /*
833 * Don't delete the class table, rather mark all entries for deletion.
834 * The table is cleaned up by class_delete_marked. - avalon
835 */
836 class_mark_for_deletion();
837
838 clear_out_address_conf();
839
840 modules_conf_clear(); /* Clear modules {} items */
841
842 motd_clear(); /* Clear motd {} items and re-cache default motd */
843
844 cluster_clear(); /* Clear cluster {} items */
845
846 gecos_clear(); /* Clear gecos {} items */
847
848 resv_clear(); /* Clear resv {} items */
849
850 service_clear(); /* Clear service {} items */
851
852 shared_clear(); /* Clear shared {} items */
853
854 pseudo_clear(); /* Clear pseudo {} items */
855
856 /* Clean out ConfigServerInfo */
857 xfree(ConfigServerInfo.description);
858 ConfigServerInfo.description = NULL;
859 xfree(ConfigServerInfo.network_name);
860 ConfigServerInfo.network_name = NULL;
861 xfree(ConfigServerInfo.network_description);
862 ConfigServerInfo.network_description = NULL;
863 xfree(ConfigServerInfo.rsa_private_key_file);
864 ConfigServerInfo.rsa_private_key_file = NULL;
865 xfree(ConfigServerInfo.tls_certificate_file);
866 ConfigServerInfo.tls_certificate_file = NULL;
867 xfree(ConfigServerInfo.tls_dh_param_file);
868 ConfigServerInfo.tls_dh_param_file = NULL;
869 xfree(ConfigServerInfo.tls_supported_groups);
870 ConfigServerInfo.tls_supported_groups = NULL;
871 xfree(ConfigServerInfo.tls_cipher_list);
872 ConfigServerInfo.tls_cipher_list = NULL;
873 xfree(ConfigServerInfo.tls_cipher_suites);
874 ConfigServerInfo.tls_cipher_suites = NULL;
875 xfree(ConfigServerInfo.tls_message_digest_algorithm);
876 ConfigServerInfo.tls_message_digest_algorithm = NULL;
877
878 /* Clean out ConfigAdminInfo */
879 xfree(ConfigAdminInfo.name);
880 ConfigAdminInfo.name = NULL;
881 xfree(ConfigAdminInfo.email);
882 ConfigAdminInfo.email = NULL;
883 xfree(ConfigAdminInfo.description);
884 ConfigAdminInfo.description = NULL;
885
886 /* Clean out ConfigServerHide */
887 xfree(ConfigServerHide.flatten_links_file);
888 ConfigServerHide.flatten_links_file = NULL;
889 xfree(ConfigServerHide.hidden_name);
890 ConfigServerHide.hidden_name = NULL;
891
892 /* Clean out listeners */
893 listener_close_marked();
894 }
895
896 static void
897 conf_handle_tls(bool cold)
898 {
899 if (tls_new_credentials() == false)
900 {
901 if (cold == true)
902 {
903 ilog(LOG_TYPE_IRCD, "Error while initializing TLS");
904 exit(EXIT_FAILURE);
905 }
906 else
907 {
908 /* Failed to load new settings/certs, old ones remain active */
909 sendto_realops_flags(UMODE_SERVNOTICE, L_ALL, SEND_NOTICE,
910 "Error reloading TLS settings, check the ircd log"); // report_crypto_errors logs this
911 }
912 }
913 }
914
915 /* read_conf_files()
916 *
917 * inputs - cold start YES or NO
918 * output - none
919 * side effects - read all conf files needed, ircd.conf kline.conf etc.
920 */
921 void
922 conf_read_files(bool cold)
923 {
924 char buf[IRCD_BUFSIZE];
925
926 conf_parser_ctx.boot = cold;
927 conf_parser_ctx.conf_file = fopen(ConfigGeneral.configfile, "r");
928
929 if (conf_parser_ctx.conf_file == NULL)
930 {
931 if (cold == true)
932 {
933 ilog(LOG_TYPE_IRCD, "Unable to read configuration file '%s': %s",
934 ConfigGeneral.configfile, strerror(errno));
935 exit(EXIT_FAILURE);
936 }
937 else
938 {
939 sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE,
940 "Unable to read configuration file '%s': %s",
941 ConfigGeneral.configfile, strerror(errno));
942 return;
943 }
944 }
945
946 /*
947 * We need to know the initial filename for the yyerror() to report
948 *
949 * FIXME: The full path is in conffilenamebuf first time since we
950 * don't know anything else
951 *
952 * - Gozem 2002-07-21
953 */
954 strlcpy(conffilebuf, ConfigGeneral.configfile, sizeof(conffilebuf));
955
956 if (cold == false)
957 conf_clear();
958
959 conf_read(conf_parser_ctx.conf_file);
960 fclose(conf_parser_ctx.conf_file);
961
962 log_iterate(log_reopen);
963 conf_handle_tls(cold);
964
965 isupport_add("NICKLEN", NULL, ConfigServerInfo.max_nick_length);
966 isupport_add("NETWORK", ConfigServerInfo.network_name, -1);
967
968 snprintf(buf, sizeof(buf), "beI:%u", ConfigChannel.max_bans);
969 isupport_add("MAXLIST", buf, -1);
970
971 isupport_add("MAXTARGETS", NULL, ConfigGeneral.max_targets);
972 isupport_add("CHANTYPES", "#", -1);
973
974 snprintf(buf, sizeof(buf), "#:%u", ConfigChannel.max_channels);
975 isupport_add("CHANLIMIT", buf, -1);
976
977 isupport_add("CHANNELLEN", NULL, CHANNELLEN);
978 isupport_add("TOPICLEN", NULL, ConfigServerInfo.max_topic_length);
979
980 snprintf(buf, sizeof(buf), "%s", "beI,k,l,cimnprstuCKLMNORST");
981 isupport_add("CHANMODES", buf, -1);
982 }
983
984 /* conf_add_class_to_conf()
985 *
986 * inputs - pointer to config item
987 * output - NONE
988 * side effects - Add a class pointer to a conf
989 */
990 void
991 conf_add_class_to_conf(struct MaskItem *conf, const char *name)
992 {
993 if (EmptyString(name) || (conf->class = class_find(name, true)) == NULL)
994 {
995 conf->class = class_default;
996
997 if (conf->type == CONF_CLIENT || conf->type == CONF_OPER)
998 sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE,
999 "Warning *** Defaulting to default class for %s@%s",
1000 conf->user, conf->host);
1001 else
1002 sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE,
1003 "Warning *** Defaulting to default class for %s",
1004 conf->name);
1005 }
1006 }
1007
1008 /* yyerror()
1009 *
1010 * inputs - message from parser
1011 * output - NONE
1012 * side effects - message to opers and log file entry is made
1013 */
1014 void
1015 yyerror(const char *msg)
1016 {
1017 if (conf_parser_ctx.pass != 1)
1018 return;
1019
1020 const char *p = stripws(linebuf);
1021 sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE,
1022 "\"%s\", line %u: %s: %s",
1023 conffilebuf, lineno, msg, p);
1024 ilog(LOG_TYPE_IRCD, "\"%s\", line %u: %s: %s",
1025 conffilebuf, lineno, msg, p);
1026 }
1027
1028 void
1029 conf_error_report(const char *msg)
1030 {
1031 const char *p = stripws(linebuf);
1032 sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE,
1033 "\"%s\", line %u: %s: %s",
1034 conffilebuf, lineno, msg, p);
1035 ilog(LOG_TYPE_IRCD, "\"%s\", line %u: %s: %s",
1036 conffilebuf, lineno, msg, p);
1037 }
1038
1039 /*
1040 * valid_tkline()
1041 *
1042 * inputs - pointer to ascii string to check
1043 * - whether the specified time is in seconds or minutes
1044 * output - -1 not enough parameters
1045 * - 0 if not an integer number, else the number
1046 * side effects - none
1047 * Originally written by Dianora (Diane, db@db.net)
1048 */
1049 uintmax_t
1050 valid_tkline(const char *data, const int minutes)
1051 {
1052 const unsigned char *p = (const unsigned char *)data;
1053 unsigned char tmpch = '\0';
1054 uintmax_t result = 0;
1055
1056 while ((tmpch = *p++))
1057 {
1058 if (!IsDigit(tmpch))
1059 return 0;
1060
1061 result *= 10;
1062 result += (tmpch & 0xF);
1063 }
1064
1065 /*
1066 * In the degenerate case where oper does a /quote kline 0 user@host :reason
1067 * i.e. they specifically use 0, I am going to return 1 instead as a return
1068 * value of non-zero is used to flag it as a temporary kline
1069 */
1070 if (result == 0)
1071 result = 1;
1072
1073 /*
1074 * If the incoming time is in seconds convert it to minutes for the purpose
1075 * of this calculation
1076 */
1077 if (minutes == 0)
1078 result = result / 60;
1079
1080 if (result > MAX_TDKLINE_TIME)
1081 result = MAX_TDKLINE_TIME;
1082
1083 result = result * 60; /* Turn it into seconds */
1084
1085 return result;
1086 }
1087
1088 /* valid_wild_card_simple()
1089 *
1090 * inputs - data to check for sufficient non-wildcard characters
1091 * outputs - 1 if valid, else 0
1092 * side effects - none
1093 */
1094 bool
1095 valid_wild_card_simple(const char *data)
1096 {
1097 const unsigned char *p = (const unsigned char *)data;
1098 unsigned char tmpch = '\0';
1099 unsigned int nonwild = 0, wild = 0;
1100
1101 while ((tmpch = *p++))
1102 {
1103 if (tmpch == '\\' && *p)
1104 {
1105 ++p;
1106 if (++nonwild >= ConfigGeneral.min_nonwildcard_simple)
1107 return true;
1108 }
1109 else if (!IsMWildChar(tmpch))
1110 {
1111 if (++nonwild >= ConfigGeneral.min_nonwildcard_simple)
1112 return true;
1113 }
1114 else
1115 ++wild;
1116 }
1117
1118 return wild == 0;
1119 }
1120
1121 /* valid_wild_card()
1122 *
1123 * input - pointer to client
1124 * - int flag, 0 for no warning oper 1 for warning oper
1125 * - count of following varargs to check
1126 * output - 0 if not valid, 1 if valid
1127 * side effects - NOTICE is given to client if warn is 1
1128 */
1129 bool
1130 valid_wild_card(int count, ...)
1131 {
1132 unsigned char tmpch = '\0';
1133 unsigned int nonwild = 0;
1134 va_list args;
1135
1136 /*
1137 * Now we must check the user and host to make sure there
1138 * are at least NONWILDCHARS non-wildcard characters in
1139 * them, otherwise assume they are attempting to kline
1140 * *@* or some variant of that. This code will also catch
1141 * people attempting to kline *@*.tld, as long as NONWILDCHARS
1142 * is greater than 3. In that case, there are only 3 non-wild
1143 * characters (tld), so if NONWILDCHARS is 4, the kline will
1144 * be disallowed.
1145 * -wnder
1146 */
1147
1148 va_start(args, count);
1149
1150 while (count--)
1151 {
1152 const unsigned char *p = va_arg(args, const unsigned char *);
1153 if (p == NULL)
1154 continue;
1155
1156 while ((tmpch = *p++))
1157 {
1158 if (!IsKWildChar(tmpch))
1159 {
1160 /*
1161 * If we find enough non-wild characters, we can
1162 * break - no point in searching further.
1163 */
1164 if (++nonwild >= ConfigGeneral.min_nonwildcard)
1165 {
1166 va_end(args);
1167 return true;
1168 }
1169 }
1170 }
1171 }
1172
1173 va_end(args);
1174 return false;
1175 }
1176
1177 /* XXX should this go into a separate file ? -Dianora */
1178 /* parse_aline
1179 *
1180 * input - pointer to cmd name being used
1181 * - pointer to client using cmd
1182 * - parc parameter count
1183 * - parv[] list of parameters to parse
1184 * - parse_flags bit map of things to test
1185 * - pointer to user or string to parse into
1186 * - pointer to host or NULL to parse into if non NULL
1187 * - pointer to optional tkline time or NULL
1188 * - pointer to target_server to parse into if non NULL
1189 * - pointer to reason to parse into
1190 *
1191 * output - 1 if valid, 0 if not valid
1192 * side effects - A generalised k/d/x etc. line parser,
1193 * "ALINE [time] user@host|string [ON] target :reason"
1194 * will parse returning a parsed user, host if
1195 * h_p pointer is non NULL, string otherwise.
1196 * if tkline_time pointer is non NULL a tk line will be set
1197 * to non zero if found.
1198 * if tkline_time pointer is NULL and tk line is found,
1199 * error is reported.
1200 * if target_server is NULL and an "ON" is found error
1201 * is reported.
1202 * if reason pointer is NULL ignore pointer,
1203 * this allows use of parse_a_line in unkline etc.
1204 *
1205 * - Dianora
1206 */
1207 bool
1208 parse_aline(const char *cmd, struct Client *client, int parc, char **parv, struct aline_ctx *aline)
1209 {
1210 static char default_reason[] = CONF_NOREASON;
1211 static char user[USERLEN * 2 + 1];
1212 static char host[HOSTLEN * 2 + 1];
1213
1214 ++parv;
1215 --parc;
1216
1217 if (aline->add == true && (aline->duration = valid_tkline(*parv, TK_MINUTES)))
1218 {
1219 ++parv;
1220 --parc;
1221 }
1222
1223 if (parc == 0)
1224 {
1225 sendto_one_numeric(client, &me, ERR_NEEDMOREPARAMS, cmd);
1226 return false;
1227 }
1228
1229 if (aline->simple_mask == true)
1230 {
1231 aline->mask = *parv;
1232 aline->user = NULL;
1233 aline->host = NULL;
1234 }
1235 else
1236 {
1237 struct split_nuh_item nuh;
1238
1239 nuh.nuhmask = *parv;
1240 nuh.nickptr = NULL;
1241 nuh.userptr = user;
1242 nuh.hostptr = host;
1243
1244 nuh.nicksize = 0;
1245 nuh.usersize = sizeof(user);
1246 nuh.hostsize = sizeof(host);
1247
1248 split_nuh(&nuh);
1249
1250 aline->mask = NULL;
1251 aline->user = user;
1252 aline->host = host;
1253 }
1254
1255 ++parv;
1256 --parc;
1257
1258 if (parc)
1259 {
1260 if (irccmp(*parv, "ON") == 0)
1261 {
1262 ++parv;
1263 --parc;
1264
1265 if (!HasOFlag(client, OPER_FLAG_REMOTEBAN))
1266 {
1267 sendto_one_numeric(client, &me, ERR_NOPRIVS, "remoteban");
1268 return false;
1269 }
1270
1271 if (parc == 0 || EmptyString(*parv))
1272 {
1273 sendto_one_numeric(client, &me, ERR_NEEDMOREPARAMS, cmd);
1274 return false;
1275 }
1276
1277 aline->server = *parv;
1278 ++parv;
1279 --parc;
1280 }
1281 else
1282 aline->server = NULL;
1283 }
1284
1285 if (aline->add == true)
1286 {
1287 if (parc == 0 || EmptyString(*parv))
1288 aline->reason = default_reason;
1289 else
1290 aline->reason = *parv;
1291 }
1292
1293 return true;
1294 }
1295
1296 /* match_conf_password()
1297 *
1298 * inputs - pointer to given password
1299 * - pointer to Conf
1300 * output - 1 or 0 if match
1301 * side effects - none
1302 */
1303 bool
1304 match_conf_password(const char *password, const struct MaskItem *conf)
1305 {
1306 const char *encr = NULL;
1307
1308 if (EmptyString(password) || EmptyString(conf->passwd))
1309 return false;
1310
1311 if (conf->flags & CONF_FLAGS_ENCRYPTED)
1312 encr = crypt(password, conf->passwd);
1313 else
1314 encr = password;
1315
1316 return encr && strcmp(encr, conf->passwd) == 0;
1317 }
1318
1319 /*
1320 * split_nuh
1321 *
1322 * inputs - pointer to original mask (modified in place)
1323 * - pointer to pointer where nick should go
1324 * - pointer to pointer where user should go
1325 * - pointer to pointer where host should go
1326 * output - NONE
1327 * side effects - mask is modified in place
1328 * If nick pointer is NULL, ignore writing to it
1329 * this allows us to use this function elsewhere.
1330 *
1331 * mask nick user host
1332 * ---------------------- ------- ------- ------
1333 * Dianora!db@db.net Dianora db db.net
1334 * Dianora Dianora * *
1335 * db.net * * db.net
1336 * OR if nick pointer is NULL
1337 * Dianora - * Dianora
1338 * Dianora! Dianora * *
1339 * Dianora!@ Dianora * *
1340 * Dianora!db Dianora db *
1341 * Dianora!@db.net Dianora * db.net
1342 * db@db.net * db db.net
1343 * !@ * * *
1344 * @ * * *
1345 * ! * * *
1346 */
1347 void
1348 split_nuh(struct split_nuh_item *const iptr)
1349 {
1350 char *p = NULL, *q = NULL;
1351
1352 if (iptr->nickptr)
1353 strlcpy(iptr->nickptr, "*", iptr->nicksize);
1354
1355 if (iptr->userptr)
1356 strlcpy(iptr->userptr, "*", iptr->usersize);
1357
1358 if (iptr->hostptr)
1359 strlcpy(iptr->hostptr, "*", iptr->hostsize);
1360
1361 if ((p = strchr(iptr->nuhmask, '!')))
1362 {
1363 *p = '\0';
1364
1365 if (iptr->nickptr && *iptr->nuhmask)
1366 strlcpy(iptr->nickptr, iptr->nuhmask, iptr->nicksize);
1367
1368 if ((q = strchr(++p, '@')))
1369 {
1370 *q++ = '\0';
1371
1372 if (*p)
1373 strlcpy(iptr->userptr, p, iptr->usersize);
1374
1375 if (*q)
1376 strlcpy(iptr->hostptr, q, iptr->hostsize);
1377 }
1378 else
1379 {
1380 if (*p)
1381 strlcpy(iptr->userptr, p, iptr->usersize);
1382 }
1383 }
1384 else
1385 {
1386 /* No ! found so lets look for a user@host */
1387 if ((p = strchr(iptr->nuhmask, '@')))
1388 {
1389 /* if found a @ */
1390 *p++ = '\0';
1391
1392 if (*iptr->nuhmask)
1393 strlcpy(iptr->userptr, iptr->nuhmask, iptr->usersize);
1394
1395 if (*p)
1396 strlcpy(iptr->hostptr, p, iptr->hostsize);
1397 }
1398 else
1399 {
1400 /* No @ found */
1401 if (iptr->nickptr == NULL || strpbrk(iptr->nuhmask, ".:"))
1402 strlcpy(iptr->hostptr, iptr->nuhmask, iptr->hostsize);
1403 else
1404 strlcpy(iptr->nickptr, iptr->nuhmask, iptr->nicksize);
1405 }
1406 }
1407 }

Properties

Name Value
svn:eol-style native
svn:keywords Id

svnadmin@ircd-hybrid.org
ViewVC Help
Powered by ViewVC 1.1.28