[ViewVC] Diff of: svn/ircd-hybrid/trunk/src/hostmask.c

Comparing ircd-hybrid/trunk/src/hostmask.c (file contents):
Revision 3469 by michael, Sat May 3 17:55:53 2014 UTC vs.
Revision 6868 by michael, Mon Nov 30 20:03:49 2015 UTC

+/*
+ *  ircd-hybrid: an advanced, lightweight Internet Relay Chat Daemon (ircd)
-<
+ *  Copyright (c) 2001-2014 ircd-hybrid development team
->
+ *  Copyright (c) 2001-2015 ircd-hybrid development team
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
-<
+ *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
->
+ *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
+ *  USA
+ */
+                         ch = ch - 'a' + 10; \
+                       } while (0);
-+
+/* Hashtable stuff...now external as it's used in m_stats.c */
-+
+dlink_list atable[ATABLE_SIZE];
-+
+/* The mask parser/type determination code... */
+/* int try_parse_v6_netmask(const char *, struct irc_ssaddr *, int *);
+ * Side effects: None
+ * Comments: Called from parse_netmask
+ */
-–
+/* Fixed so ::/0 (any IPv6 address) is valid
-–
+   Also a bug in DigitParse above.
-–
+   -Gozem 2002-07-19 gozem@linux.nu
-–
+*/
-–
+#ifdef IPV6
+static int
+try_parse_v6_netmask(const char *text, struct irc_ssaddr *addr, int *b)
+  int bits = 128;
+  int deficit = 0;
+  short dc[8];
-<
+  struct sockaddr_in6 *v6 = (struct sockaddr_in6 *)addr;
->
+  struct sockaddr_in6 *const v6 = (struct sockaddr_in6 *)addr;
+  for (const char *p = text; (c = *p); ++p)
+      else
-<
+        /* If there were less than 4 hex digits, e.g. :ABC: shift right
-<
+         * so we don't interpret it as ABC0 -A1kmm */
->
+        /*
->
+         * If there were less than 4 hex digits, e.g. :ABC: shift right
->
+         * so we don't interpret it as ABC0 -A1kmm
->
+         */
+        d[dp] = d[dp] >> 4 * nyble;
+        nyble = 4;
-+
+        if (++dp >= 8)
+          return HM_HOST;
+    *b = bits;
+  return HM_IPV6;
-–
+#endif
+/* int try_parse_v4_netmask(const char *, struct irc_ssaddr *, int *);
+ * Input: A possible IPV4 address as a string.
+  unsigned char addb[4];
+  int n = 0, bits = 0;
+  char c;
-<
+  struct sockaddr_in *v4 = (struct sockaddr_in *)addr;
->
+  struct sockaddr_in *const v4 = (struct sockaddr_in *)addr;
+  digits[n++] = text;
+    else if (c == '*')
-<
+      if (*(p + 1) || n == 0 || *(p - 1) != '.')
->
+      if (*(p + 1) || n == 1 || *(p - 1) != '.')
+        return HM_HOST;
+      bits = (n - 1) * 8;
+  if (strchr(text, '.'))
+    return try_parse_v4_netmask(text, addr, b);
-–
+#ifdef IPV6
+  if (strchr(text, ':'))
+    return try_parse_v6_netmask(text, addr, b);
-<
+#endif
->
+  return HM_HOST;
+ * Output: if match, -1 else 0
+ * Side effects: None
+ */
-–
+#ifdef IPV6
+int
+match_ipv6(const struct irc_ssaddr *addr, const struct irc_ssaddr *mask, int bits)
+  int i, m, n = bits / 8;
-<
+  const struct sockaddr_in6 *v6 = (const struct sockaddr_in6 *)addr;
-<
+  const struct sockaddr_in6 *v6mask = (const struct sockaddr_in6 *)mask;
->
+  const struct sockaddr_in6 *const v6 = (const struct sockaddr_in6 *)addr;
->
+  const struct sockaddr_in6 *const v6mask = (const struct sockaddr_in6 *)mask;
+  for (i = 0; i < n; ++i)
+    if (v6->sin6_addr.s6_addr[i] != v6mask->sin6_addr.s6_addr[i])
+    return -1;
+  return 0;
-–
+#endif
+/* int match_ipv4(struct irc_ssaddr *, struct irc_ssaddr *, int)
+ * Input: An IP address, an IP mask, the number of bits in the mask.
+int
+match_ipv4(const struct irc_ssaddr *addr, const struct irc_ssaddr *mask, int bits)
-<
+  const struct sockaddr_in *v4 = (const struct sockaddr_in *)addr;
-<
+  const struct sockaddr_in *v4mask = (const struct sockaddr_in *)mask;
->
+  const struct sockaddr_in *const v4 = (const struct sockaddr_in *)addr;
->
+  const struct sockaddr_in *const v4mask = (const struct sockaddr_in *)mask;
+  if ((ntohl(v4->sin_addr.s_addr) & ~((1 << (32 - bits)) - 1)) !=
+      ntohl(v4mask->sin_addr.s_addr))
+mask_addr(struct irc_ssaddr *ip, int bits)
+  int mask;
-–
+#ifdef IPV6
+  struct sockaddr_in6 *v6_base_ip;
+  int i, m, n;
-–
+#endif
+  struct sockaddr_in *v4_base_ip;
-<
+#ifdef IPV6
-<
+  if (ip->ss.ss_family != AF_INET6)
-<
+#endif
->
+  if (ip->ss.ss_family == AF_INET)
-+
+    uint32_t tmp = 0;
+    v4_base_ip = (struct sockaddr_in *)ip;
+    mask = ~((1 << (32 - bits)) - 1);
-<
+    v4_base_ip->sin_addr.s_addr = htonl(ntohl(v4_base_ip->sin_addr.s_addr) & mask);
->
+    tmp = ntohl(v4_base_ip->sin_addr.s_addr);
->
+    v4_base_ip->sin_addr.s_addr = htonl(tmp & mask);
-–
+#ifdef IPV6
+  else
+    n = bits / 8;
+    m = bits % 8;
+    v6_base_ip = (struct sockaddr_in6 *)ip;
-<
+    mask = ~((1 << (8 - m)) -1 );
->
+    mask = ~((1 << (8 - m)) - 1);
+    v6_base_ip->sin6_addr.s6_addr[n] = v6_base_ip->sin6_addr.s6_addr[n] & mask;
+    for (i = n + 1; i < 16; i++)
+      v6_base_ip->sin6_addr.s6_addr[i] = 0;
-–
+#endif
-–
+}
-–
-–
+/* Hashtable stuff...now external as its used in m_stats.c */
-–
+dlink_list atable[ATABLE_SIZE];
-–
-–
+void
-–
+init_host_hash(void)
-–
+{
-–
+  memset(&atable, 0, sizeof(atable));
+/* unsigned long hash_ipv4(struct irc_ssaddr*)
+  if (bits != 0)
-<
+    const struct sockaddr_in *v4 = (const struct sockaddr_in *)addr;
->
+    const struct sockaddr_in *const v4 = (const struct sockaddr_in *)addr;
+    uint32_t av = ntohl(v4->sin_addr.s_addr) & ~((1 << (32 - bits)) - 1);
+    return (av ^ (av >> 12) ^ (av >> 24)) & (ATABLE_SIZE - 1);
+ * Output: A hash value of the IP address.
+ * Side effects: None
+ */
-–
+#ifdef IPV6
+static uint32_t
+hash_ipv6(const struct irc_ssaddr *addr, int bits)
+  uint32_t v = 0, n;
-<
+  const struct sockaddr_in6 *v6 = (const struct sockaddr_in6 *)addr;
->
+  const struct sockaddr_in6 *const v6 = (const struct sockaddr_in6 *)addr;
+  for (n = 0; n < 16; ++n)
+    else
+      return v & (ATABLE_SIZE - 1);
-+
+  return v & (ATABLE_SIZE - 1);
-–
+#endif
+/* int hash_text(const char *start)
+ * Input: The start of the text to hash.
+ * should always be true (i.e. conf->flags & CONF_FLAGS_NEED_PASSWORD == 0)
+ */
+struct MaskItem *
-<
+find_conf_by_address(const char *name, struct irc_ssaddr *addr, unsigned int type,
->
+find_conf_by_address(const char *name, const struct irc_ssaddr *addr, unsigned int type,
+                     int fam, const char *username, const char *password, int do_match)
+  unsigned int hprecv = 0;
-<
+  dlink_node *ptr = NULL;
->
+  dlink_node *node = NULL;
+  struct MaskItem *hprec = NULL;
+  struct AddressRec *arec = NULL;
+  int b;
+  if (addr)
+    /* Check for IPV6 matches... */
-–
+#ifdef IPV6
+    if (fam == AF_INET6)
+      for (b = 128; b >= 0; b -= 16)
-<
+        DLINK_FOREACH(ptr, atable[hash_ipv6(addr, b)].head)
->
+        DLINK_FOREACH(node, atable[hash_ipv6(addr, b)].head)
-<
+          arec = ptr->data;
->
+          arec = node->data;
+          if ((arec->type == type) &&
+              arec->precedence > hprecv &&
-<
+    else
-<
+#endif
-<
+    if (fam == AF_INET)
->
+    else if (fam == AF_INET)
+      for (b = 32; b >= 0; b -= 8)
-<
+        DLINK_FOREACH(ptr, atable[hash_ipv4(addr, b)].head)
->
+        DLINK_FOREACH(node, atable[hash_ipv4(addr, b)].head)
-<
+          arec = ptr->data;
->
+          arec = node->data;
+          if ((arec->type == type) &&
+              arec->precedence > hprecv &&
+    while (1)
-<
+        DLINK_FOREACH(ptr, atable[hash_text(p)].head)
->
+        DLINK_FOREACH(node, atable[hash_text(p)].head)
-<
+          arec = ptr->data;
->
+          arec = node->data;
+          if ((arec->type == type) &&
+            arec->precedence > hprecv &&
+            (arec->masktype == HM_HOST) &&
+      ++p;
-<
+    DLINK_FOREACH(ptr, atable[0].head)
->
+    DLINK_FOREACH(node, atable[0].head)
-<
+      arec = ptr->data;
->
+      arec = node->data;
+      if (arec->type == type &&
+          arec->precedence > hprecv &&
+ * Side-effects: None
+ */
+struct MaskItem *
-<
+find_address_conf(const char *host, const char *user,
-<
+                  struct irc_ssaddr *ip, int aftype, char *password)
->
+find_address_conf(const char *host, const char *user, const struct irc_ssaddr *ip,
->
+                  int aftype, const char *password)
+  struct MaskItem *authcnf = NULL, *killcnf = NULL;
+  /*
+   * If they are K-lined, return the K-line. Otherwise, return the
-<
+   * auth{} block. -A1kmm
->
+   * auth {} block. -A1kmm
+   */
+  if (killcnf)
+    return killcnf;
-–
+  if (IsConfExemptGline(authcnf))
-–
+    return authcnf;
-–
-–
+  killcnf = find_conf_by_address(host, ip, CONF_GLINE, aftype, user, NULL, 1);
-–
+  if (killcnf)
-–
+    return killcnf;
-–
+  return authcnf;
+ * Side effects: None.
+ */
+struct MaskItem *
-<
+find_dline_conf(struct irc_ssaddr *addr, int aftype)
->
+find_dline_conf(const struct irc_ssaddr *addr, int aftype)
+  struct MaskItem *eline;
+struct AddressRec *
+add_conf_by_address(const unsigned int type, struct MaskItem *conf)
-–
+  const char *hostname = conf->host;
-–
+  const char *username = conf->user;
-–
+  static unsigned int prec_value = 0xFFFFFFFF;
-–
+  int bits = 0;
+  struct AddressRec *arec = NULL;
-+
+  const char *const hostname = conf->host;
-+
+  const char *const username = conf->user;
-+
+  static unsigned int prec_value = UINT_MAX;
-+
+  int bits = 0;
+  assert(type && !EmptyString(hostname));
-<
+  arec = MyMalloc(sizeof(struct AddressRec));
->
+  arec = MyCalloc(sizeof(struct AddressRec));
+  arec->masktype = parse_netmask(hostname, &arec->Mask.ipa.addr, &bits);
+  arec->Mask.ipa.bits = bits;
+  arec->username = username;
+      bits -= bits % 8;
+      dlinkAdd(arec, &arec->node, &atable[hash_ipv4(&arec->Mask.ipa.addr, bits)]);
+      break;
-–
+#ifdef IPV6
+    case HM_IPV6:
+      /* We have to do this, since we do not re-hash for every bit -A1kmm. */
+      bits -= bits % 16;
+      dlinkAdd(arec, &arec->node, &atable[hash_ipv6(&arec->Mask.ipa.addr, bits)]);
+      break;
-–
+#endif
+    default: /* HM_HOST */
+      arec->Mask.hostname = hostname;
+      dlinkAdd(arec, &arec->node, &atable[get_mask_hash(hostname)]);
+  int bits = 0;
+  uint32_t hv = 0;
-<
+  dlink_node *ptr = NULL, *ptr_next = NULL;
->
+  dlink_node *node = NULL;
+  struct irc_ssaddr addr;
+  switch (parse_netmask(address, &addr, &bits))
+      bits -= bits % 8;
+      hv = hash_ipv4(&addr, bits);
+      break;
-–
+#ifdef IPV6
+    case HM_IPV6:
+      /* We have to do this, since we do not re-hash for every bit -A1kmm. */
+      bits -= bits % 16;
+      hv = hash_ipv6(&addr, bits);
+      break;
-–
+#endif
+    default: /* HM_HOST */
+      hv = get_mask_hash(address);
+      break;
-<
+  DLINK_FOREACH_SAFE(ptr, ptr_next, atable[hv].head)
->
+  DLINK_FOREACH(node, atable[hv].head)
-<
+    struct AddressRec *arec = ptr->data;
->
+    struct AddressRec *arec = node->data;
+    if (arec->conf == conf)
+void
+clear_out_address_conf(void)
-<
+  dlink_node *ptr = NULL, *ptr_next = NULL;
->
+  dlink_node *node = NULL, *node_next = NULL;
+  for (unsigned int i = 0; i < ATABLE_SIZE; ++i)
-<
+    DLINK_FOREACH_SAFE(ptr, ptr_next, atable[i].head)
->
+    DLINK_FOREACH_SAFE(node, node_next, atable[i].head)
-<
+      struct AddressRec *arec = ptr->data;
->
+      struct AddressRec *arec = node->data;
+      /*
-<
+       * We keep the temporary K-lines and destroy the permanent ones,
-<
+       * just to be confusing :) -A1kmm
->
+       * Destroy the ircd.conf items and keep those that are in the databases
+       */
-<
+      if (arec->conf->until || IsConfDatabase(arec->conf))
->
+      if (IsConfDatabase(arec->conf))
+        continue;
+      dlinkDelete(&arec->node, &atable[i]);
-+
+      arec->conf->active = 0;
+      if (!arec->conf->ref_count)
+        conf_free(arec->conf);
+static void
-<
+hostmask_send_expiration(struct AddressRec *arec)
->
+hostmask_send_expiration(const struct AddressRec *const arec)
+  char ban_type = '\0';
-<
+  if (!ConfigFileEntry.tkline_expire_notices)
->
+  if (!ConfigGeneral.tkline_expire_notices)
+    return;
+  switch (arec->type)
+    case CONF_DLINE:
+      ban_type = 'D';
+      break;
-–
+    case CONF_GLINE:
-–
+      ban_type = 'G';
-–
+      break;
+    default: break;
-<
+  sendto_realops_flags(UMODE_ALL, L_ALL, SEND_NOTICE,
->
+  sendto_realops_flags(UMODE_SERVNOTICE, L_ALL, SEND_NOTICE,
+                       "Temporary %c-line for [%s@%s] expired", ban_type,
+                       (arec->conf->user) ? arec->conf->user : "*",
+                       (arec->conf->host) ? arec->conf->host : "*");
+void
+hostmask_expire_temporary(void)
-<
+  dlink_node *ptr = NULL, *ptr_next = NULL;
->
+  dlink_node *node = NULL, *node_next = NULL;
+  for (unsigned int i = 0; i < ATABLE_SIZE; ++i)
-<
+    DLINK_FOREACH_SAFE(ptr, ptr_next, atable[i].head)
->
+    DLINK_FOREACH_SAFE(node, node_next, atable[i].head)
-<
+      struct AddressRec *arec = ptr->data;
->
+      struct AddressRec *arec = node->data;
+      if (!arec->conf->until || arec->conf->until > CurrentTime)
+        continue;
+        case CONF_KLINE:
+        case CONF_DLINE:
-–
+        case CONF_GLINE:
+          hostmask_send_expiration(arec);
+          dlinkDelete(&arec->node, &atable[i]);

Diff Legend

-–
+Removed lines
-+
+Added lines
-<
+Changed lines (old)
->
+Changed lines (new)

Comparing ircd-hybrid/trunk/src/hostmask.c (file contents): Revision 3469 by michael, Sat May 3 17:55:53 2014 UTC vs. Revision 6868 by michael, Mon Nov 30 20:03:49 2015 UTC

Diff Legend

Comparing ircd-hybrid/trunk/src/hostmask.c (file contents):
Revision 3469 by michael, Sat May 3 17:55:53 2014 UTC vs.
Revision 6868 by michael, Mon Nov 30 20:03:49 2015 UTC