26 |
|
#include "memory.h" |
27 |
|
#include "ircd_defs.h" |
28 |
|
#include "list.h" |
29 |
< |
#include "s_conf.h" |
29 |
> |
#include "conf.h" |
30 |
|
#include "hostmask.h" |
31 |
– |
#include "numeric.h" |
31 |
|
#include "send.h" |
32 |
|
#include "irc_string.h" |
33 |
+ |
#include "ircd.h" |
34 |
|
|
35 |
– |
#ifdef IPV6 |
36 |
– |
static int try_parse_v6_netmask(const char *, struct irc_ssaddr *, int *); |
37 |
– |
static unsigned long hash_ipv6(struct irc_ssaddr *, int); |
38 |
– |
#endif |
39 |
– |
static int try_parse_v4_netmask(const char *, struct irc_ssaddr *, int *); |
40 |
– |
static unsigned long hash_ipv4(struct irc_ssaddr *, int); |
35 |
|
|
36 |
|
#define DigitParse(ch) do { \ |
37 |
|
if (ch >= '0' && ch <= '9') \ |
40 |
|
ch = ch - 'A' + 10; \ |
41 |
|
else if (ch >= 'a' && ch <= 'f') \ |
42 |
|
ch = ch - 'a' + 10; \ |
43 |
< |
} while(0); |
43 |
> |
} while (0); |
44 |
|
|
45 |
|
/* The mask parser/type determination code... */ |
46 |
|
|
68 |
|
int bits = 128; |
69 |
|
int deficit = 0; |
70 |
|
short dc[8]; |
71 |
< |
struct sockaddr_in6 *v6 = (struct sockaddr_in6*) addr; |
71 |
> |
struct sockaddr_in6 *v6 = (struct sockaddr_in6 *)addr; |
72 |
|
|
73 |
|
for (p = text; (c = *p); p++) |
74 |
|
if (IsXDigit(c)) |
110 |
|
d[dp] = d[dp] >> 4 * nyble; |
111 |
|
dp++; |
112 |
|
bits = strtoul(p + 1, &after, 10); |
113 |
+ |
|
114 |
|
if (bits < 0 || *after) |
115 |
|
return HM_HOST; |
116 |
|
if (bits > dp * 4 && !(finsert >= 0 && bits <= 128)) |
121 |
|
return HM_HOST; |
122 |
|
|
123 |
|
d[dp] = d[dp] >> 4 * nyble; |
124 |
+ |
|
125 |
|
if (c == 0) |
126 |
|
dp++; |
127 |
|
if (finsert < 0 && bits == 0) |
128 |
|
bits = dp * 16; |
129 |
+ |
|
130 |
|
/* How many words are missing? -A1kmm */ |
131 |
|
deficit = bits / 16 + ((bits % 16) ? 1 : 0) - dp; |
132 |
+ |
|
133 |
|
/* Now fill in the gaps(from ::) in the copied table... -A1kmm */ |
134 |
|
for (dp = 0, nyble = 0; dp < 8; dp++) |
135 |
|
{ |
141 |
|
else |
142 |
|
dc[dp] = d[nyble++]; |
143 |
|
} |
144 |
+ |
|
145 |
|
/* Set unused bits to 0... -A1kmm */ |
146 |
|
if (bits < 128 && (bits % 16 != 0)) |
147 |
|
dc[bits / 16] &= ~((1 << (15 - bits % 16)) - 1); |
148 |
|
for (dp = bits / 16 + (bits % 16 ? 1 : 0); dp < 8; dp++) |
149 |
|
dc[dp] = 0; |
150 |
+ |
|
151 |
|
/* And assign... -A1kmm */ |
152 |
|
if (addr) |
153 |
|
for (dp = 0; dp < 8; dp++) |
154 |
|
/* The cast is a kludge to make netbsd work. */ |
155 |
|
((unsigned short *)&v6->sin6_addr)[dp] = htons(dc[dp]); |
156 |
+ |
|
157 |
|
if (b != NULL) |
158 |
|
*b = bits; |
159 |
|
return HM_IPV6; |
175 |
|
unsigned char addb[4]; |
176 |
|
int n = 0, bits = 0; |
177 |
|
char c; |
178 |
< |
struct sockaddr_in *v4 = (struct sockaddr_in*) addr; |
178 |
> |
struct sockaddr_in *v4 = (struct sockaddr_in *)addr; |
179 |
|
|
180 |
|
digits[n++] = text; |
181 |
|
|
186 |
|
{ |
187 |
|
if (n >= 4) |
188 |
|
return HM_HOST; |
189 |
+ |
|
190 |
|
digits[n++] = p + 1; |
191 |
|
} |
192 |
|
else if (c == '*') |
193 |
|
{ |
194 |
|
if (*(p + 1) || n == 0 || *(p - 1) != '.') |
195 |
|
return HM_HOST; |
196 |
+ |
|
197 |
|
bits = (n - 1) * 8; |
198 |
|
break; |
199 |
|
} |
201 |
|
{ |
202 |
|
char *after; |
203 |
|
bits = strtoul(p + 1, &after, 10); |
204 |
+ |
|
205 |
|
if (!bits || *after) |
206 |
|
return HM_HOST; |
207 |
|
if (bits > n * 8) |
208 |
|
return HM_HOST; |
209 |
+ |
|
210 |
|
break; |
211 |
|
} |
212 |
|
else |
217 |
|
if (bits) |
218 |
|
while (n < 4) |
219 |
|
digits[n++] = "0"; |
220 |
+ |
|
221 |
|
for (n = 0; n < 4; n++) |
222 |
|
addb[n] = strtoul(digits[n], NULL, 10); |
223 |
+ |
|
224 |
|
if (bits == 0) |
225 |
|
bits = 32; |
226 |
+ |
|
227 |
|
/* Set unused bits to 0... -A1kmm */ |
228 |
|
if (bits < 32 && bits % 8) |
229 |
|
addb[bits / 8] &= ~((1 << (8 - bits % 8)) - 1); |
248 |
|
parse_netmask(const char *text, struct irc_ssaddr *addr, int *b) |
249 |
|
{ |
250 |
|
#ifdef IPV6 |
251 |
< |
if (strchr(text, ':')) |
251 |
> |
if (strchr(text, ':')) |
252 |
|
return try_parse_v6_netmask(text, addr, b); |
253 |
|
#endif |
254 |
|
if (strchr(text, '.')) |
264 |
|
*/ |
265 |
|
#ifdef IPV6 |
266 |
|
int |
267 |
< |
match_ipv6(struct irc_ssaddr *addr, struct irc_ssaddr *mask, int bits) |
267 |
> |
match_ipv6(const struct irc_ssaddr *addr, const struct irc_ssaddr *mask, int bits) |
268 |
|
{ |
269 |
|
int i, m, n = bits / 8; |
270 |
< |
struct sockaddr_in6 *v6 = (struct sockaddr_in6*)addr; |
271 |
< |
struct sockaddr_in6 *v6mask = (struct sockaddr_in6*)mask; |
270 |
> |
const struct sockaddr_in6 *v6 = (const struct sockaddr_in6 *)addr; |
271 |
> |
const struct sockaddr_in6 *v6mask = (const struct sockaddr_in6 *)mask; |
272 |
|
|
273 |
|
for (i = 0; i < n; i++) |
274 |
|
if (v6->sin6_addr.s6_addr[i] != v6mask->sin6_addr.s6_addr[i]) |
281 |
|
return 0; |
282 |
|
} |
283 |
|
#endif |
284 |
+ |
|
285 |
|
/* int match_ipv4(struct irc_ssaddr *, struct irc_ssaddr *, int) |
286 |
|
* Input: An IP address, an IP mask, the number of bits in the mask. |
287 |
|
* Output: if match, -1 else 0 |
288 |
|
* Side Effects: None |
289 |
|
*/ |
290 |
|
int |
291 |
< |
match_ipv4(struct irc_ssaddr *addr, struct irc_ssaddr *mask, int bits) |
291 |
> |
match_ipv4(const struct irc_ssaddr *addr, const struct irc_ssaddr *mask, int bits) |
292 |
|
{ |
293 |
< |
struct sockaddr_in *v4 = (struct sockaddr_in*) addr; |
294 |
< |
struct sockaddr_in *v4mask = (struct sockaddr_in*) mask; |
293 |
> |
const struct sockaddr_in *v4 = (const struct sockaddr_in *)addr; |
294 |
> |
const struct sockaddr_in *v4mask = (const struct sockaddr_in *)mask; |
295 |
> |
|
296 |
|
if ((ntohl(v4->sin_addr.s_addr) & ~((1 << (32 - bits)) - 1)) != |
297 |
|
ntohl(v4mask->sin_addr.s_addr)) |
298 |
|
return 0; |
321 |
|
if (ip->ss.ss_family != AF_INET6) |
322 |
|
#endif |
323 |
|
{ |
324 |
< |
v4_base_ip = (struct sockaddr_in*)ip; |
324 |
> |
v4_base_ip = (struct sockaddr_in *)ip; |
325 |
> |
|
326 |
|
mask = ~((1 << (32 - bits)) - 1); |
327 |
< |
v4_base_ip->sin_addr.s_addr = |
317 |
< |
htonl(ntohl(v4_base_ip->sin_addr.s_addr) & mask); |
327 |
> |
v4_base_ip->sin_addr.s_addr = htonl(ntohl(v4_base_ip->sin_addr.s_addr) & mask); |
328 |
|
} |
329 |
|
#ifdef IPV6 |
330 |
|
else |
331 |
|
{ |
332 |
|
n = bits / 8; |
333 |
|
m = bits % 8; |
334 |
< |
v6_base_ip = (struct sockaddr_in6*)ip; |
334 |
> |
v6_base_ip = (struct sockaddr_in6 *)ip; |
335 |
|
|
336 |
|
mask = ~((1 << (8 - m)) -1 ); |
337 |
|
v6_base_ip->sin6_addr.s6_addr[n] = v6_base_ip->sin6_addr.s6_addr[n] & mask; |
338 |
+ |
|
339 |
|
for (i = n + 1; i < 16; i++) |
340 |
|
v6_base_ip->sin6_addr.s6_addr[i] = 0; |
341 |
|
} |
343 |
|
} |
344 |
|
|
345 |
|
/* Hashtable stuff...now external as its used in m_stats.c */ |
346 |
< |
struct AddressRec *atable[ATABLE_SIZE]; |
346 |
> |
dlink_list atable[ATABLE_SIZE]; |
347 |
|
|
348 |
|
void |
349 |
|
init_host_hash(void) |
356 |
|
* Output: A hash value of the IP address. |
357 |
|
* Side effects: None |
358 |
|
*/ |
359 |
< |
static unsigned long |
359 |
> |
static uint32_t |
360 |
|
hash_ipv4(struct irc_ssaddr *addr, int bits) |
361 |
|
{ |
362 |
|
if (bits != 0) |
363 |
|
{ |
364 |
|
struct sockaddr_in *v4 = (struct sockaddr_in *)addr; |
365 |
< |
unsigned long av = ntohl(v4->sin_addr.s_addr) & ~((1 << (32 - bits)) - 1); |
366 |
< |
return((av ^ (av >> 12) ^ (av >> 24)) & (ATABLE_SIZE - 1)); |
365 |
> |
uint32_t av = ntohl(v4->sin_addr.s_addr) & ~((1 << (32 - bits)) - 1); |
366 |
> |
|
367 |
> |
return (av ^ (av >> 12) ^ (av >> 24)) & (ATABLE_SIZE - 1); |
368 |
|
} |
369 |
|
|
370 |
< |
return(0); |
370 |
> |
return 0; |
371 |
|
} |
372 |
|
|
373 |
|
/* unsigned long hash_ipv6(struct irc_ssaddr*) |
376 |
|
* Side effects: None |
377 |
|
*/ |
378 |
|
#ifdef IPV6 |
379 |
< |
static unsigned long |
379 |
> |
static uint32_t |
380 |
|
hash_ipv6(struct irc_ssaddr *addr, int bits) |
381 |
|
{ |
382 |
< |
unsigned long v = 0, n; |
383 |
< |
struct sockaddr_in6 *v6 = (struct sockaddr_in6*) addr; |
384 |
< |
|
382 |
> |
uint32_t v = 0, n; |
383 |
> |
struct sockaddr_in6 *v6 = (struct sockaddr_in6 *)addr; |
384 |
> |
|
385 |
|
for (n = 0; n < 16; n++) |
386 |
|
{ |
387 |
|
if (bits >= 8) |
406 |
|
* Output: The hash of the string between 1 and (TH_MAX-1) |
407 |
|
* Side-effects: None. |
408 |
|
*/ |
409 |
< |
static int |
409 |
> |
static uint32_t |
410 |
|
hash_text(const char *start) |
411 |
|
{ |
412 |
|
const char *p = start; |
413 |
< |
unsigned long h = 0; |
413 |
> |
uint32_t h = 0; |
414 |
|
|
415 |
< |
while (*p) |
416 |
< |
{ |
417 |
< |
h = (h << 4) - (h + (unsigned char)ToLower(*p++)); |
418 |
< |
} |
407 |
< |
return (h & (ATABLE_SIZE - 1)); |
415 |
> |
for (; *p; ++p) |
416 |
> |
h = (h << 4) - (h + (unsigned char)ToLower(*p)); |
417 |
> |
|
418 |
> |
return h & (ATABLE_SIZE - 1); |
419 |
|
} |
420 |
|
|
421 |
|
/* unsigned long get_hash_mask(const char *) |
424 |
|
* wildcard in the string. |
425 |
|
* Side-effects: None. |
426 |
|
*/ |
427 |
< |
static unsigned long |
427 |
> |
static uint32_t |
428 |
|
get_mask_hash(const char *text) |
429 |
|
{ |
430 |
|
const char *hp = "", *p; |
448 |
|
* should always be true (i.e. aconf->flags & CONF_FLAGS_NEED_PASSWORD == 0) |
449 |
|
*/ |
450 |
|
struct AccessItem * |
451 |
< |
find_conf_by_address(const char *name, struct irc_ssaddr *addr, int type, |
452 |
< |
int fam, const char *username, const char *password) |
451 |
> |
find_conf_by_address(const char *name, struct irc_ssaddr *addr, unsigned int type, |
452 |
> |
int fam, const char *username, const char *password, int do_match) |
453 |
|
{ |
454 |
< |
unsigned long hprecv = 0; |
454 |
> |
unsigned int hprecv = 0; |
455 |
> |
dlink_node *ptr = NULL; |
456 |
|
struct AccessItem *hprec = NULL; |
457 |
|
struct AddressRec *arec; |
458 |
|
int b; |
459 |
+ |
int (*cmpfunc)(const char *, const char *) = do_match ? match : irccmp; |
460 |
|
|
461 |
|
if (username == NULL) |
462 |
|
username = ""; |
471 |
|
{ |
472 |
|
for (b = 128; b >= 0; b -= 16) |
473 |
|
{ |
474 |
< |
for (arec = atable[hash_ipv6(addr, b)]; arec; arec = arec->next) |
474 |
> |
DLINK_FOREACH(ptr, atable[hash_ipv6(addr, b)].head) |
475 |
> |
{ |
476 |
> |
arec = ptr->data; |
477 |
> |
|
478 |
|
if (arec->type == (type & ~0x1) && |
479 |
|
arec->precedence > hprecv && |
480 |
|
arec->masktype == HM_IPV6 && |
481 |
|
match_ipv6(addr, &arec->Mask.ipa.addr, |
482 |
|
arec->Mask.ipa.bits) && |
483 |
< |
(type & 0x1 || match(arec->username, username)) && |
483 |
> |
(type & 0x1 || cmpfunc(arec->username, username) == do_match) && |
484 |
|
(IsNeedPassword(arec->aconf) || arec->aconf->passwd == NULL || |
485 |
|
match_conf_password(password, arec->aconf))) |
486 |
|
{ |
487 |
|
hprecv = arec->precedence; |
488 |
|
hprec = arec->aconf; |
489 |
|
} |
490 |
+ |
} |
491 |
|
} |
492 |
|
} |
493 |
|
else |
496 |
|
{ |
497 |
|
for (b = 32; b >= 0; b -= 8) |
498 |
|
{ |
499 |
< |
for (arec = atable[hash_ipv4(addr, b)]; arec; arec = arec->next) |
499 |
> |
DLINK_FOREACH(ptr, atable[hash_ipv4(addr, b)].head) |
500 |
> |
{ |
501 |
> |
arec = ptr->data; |
502 |
> |
|
503 |
|
if (arec->type == (type & ~0x1) && |
504 |
|
arec->precedence > hprecv && |
505 |
|
arec->masktype == HM_IPV4 && |
506 |
|
match_ipv4(addr, &arec->Mask.ipa.addr, |
507 |
|
arec->Mask.ipa.bits) && |
508 |
< |
(type & 0x1 || match(arec->username, username)) && |
508 |
> |
(type & 0x1 || cmpfunc(arec->username, username) == do_match) && |
509 |
|
(IsNeedPassword(arec->aconf) || arec->aconf->passwd == NULL || |
510 |
|
match_conf_password(password, arec->aconf))) |
511 |
|
{ |
512 |
|
hprecv = arec->precedence; |
513 |
|
hprec = arec->aconf; |
514 |
|
} |
515 |
+ |
} |
516 |
|
} |
517 |
|
} |
518 |
|
} |
523 |
|
|
524 |
|
while (1) |
525 |
|
{ |
526 |
< |
for (arec = atable[hash_text(p)]; arec != NULL; arec = arec->next) |
527 |
< |
if ((arec->type == (type & ~0x1)) && |
526 |
> |
DLINK_FOREACH(ptr, atable[hash_text(p)].head) |
527 |
> |
{ |
528 |
> |
arec = ptr->data; |
529 |
> |
if ((arec->type == (type & ~0x1)) && |
530 |
|
arec->precedence > hprecv && |
531 |
|
(arec->masktype == HM_HOST) && |
532 |
< |
match(arec->Mask.hostname, name) && |
533 |
< |
(type & 0x1 || match(arec->username, username)) && |
532 |
> |
cmpfunc(arec->Mask.hostname, name) == do_match && |
533 |
> |
(type & 0x1 || cmpfunc(arec->username, username) == do_match) && |
534 |
|
(IsNeedPassword(arec->aconf) || arec->aconf->passwd == NULL || |
535 |
|
match_conf_password(password, arec->aconf))) |
536 |
|
{ |
537 |
|
hprecv = arec->precedence; |
538 |
|
hprec = arec->aconf; |
539 |
|
} |
540 |
+ |
} |
541 |
|
p = strchr(p, '.'); |
542 |
|
if (p == NULL) |
543 |
|
break; |
544 |
|
p++; |
545 |
|
} |
546 |
< |
for (arec = atable[0]; arec; arec = arec->next) |
546 |
> |
|
547 |
> |
DLINK_FOREACH(ptr, atable[0].head) |
548 |
> |
{ |
549 |
> |
arec = ptr->data; |
550 |
> |
|
551 |
|
if (arec->type == (type & ~0x1) && |
552 |
|
arec->precedence > hprecv && |
553 |
|
arec->masktype == HM_HOST && |
554 |
< |
match(arec->Mask.hostname, name) && |
555 |
< |
(type & 0x1 || match(arec->username, username)) && |
554 |
> |
cmpfunc(arec->Mask.hostname, name) == do_match && |
555 |
> |
(type & 0x1 || cmpfunc(arec->username, username) == do_match) && |
556 |
|
(IsNeedPassword(arec->aconf) || arec->aconf->passwd == NULL || |
557 |
|
match_conf_password(password, arec->aconf))) |
558 |
|
{ |
559 |
|
hprecv = arec->precedence; |
560 |
|
hprec = arec->aconf; |
561 |
|
} |
562 |
+ |
} |
563 |
|
} |
564 |
|
|
565 |
|
return hprec; |
577 |
|
{ |
578 |
|
struct AccessItem *iconf, *kconf; |
579 |
|
|
580 |
< |
/* Find the best I-line... If none, return NULL -A1kmm */ |
580 |
> |
/* Find the best auth{} block... If none, return NULL -A1kmm */ |
581 |
|
if ((iconf = find_conf_by_address(host, ip, CONF_CLIENT, aftype, user, |
582 |
< |
password)) == NULL) |
583 |
< |
return(NULL); |
582 |
> |
password, 1)) == NULL) |
583 |
> |
return NULL; |
584 |
|
|
585 |
< |
/* If they are exempt from K-lines, return the best I-line. -A1kmm */ |
585 |
> |
/* If they are exempt from K-lines, return the best auth{} block. -A1kmm */ |
586 |
|
if (IsConfExemptKline(iconf)) |
587 |
< |
return(iconf); |
587 |
> |
return iconf; |
588 |
|
|
589 |
|
/* Find the best K-line... -A1kmm */ |
590 |
< |
kconf = find_conf_by_address(host, ip, CONF_KILL, aftype, user, NULL); |
590 |
> |
kconf = find_conf_by_address(host, ip, CONF_KLINE, aftype, user, NULL, 1); |
591 |
|
|
592 |
< |
/* If they are K-lined, return the K-line. Otherwise, return the |
593 |
< |
* I-line. -A1kmm */ |
592 |
> |
/* |
593 |
> |
* If they are K-lined, return the K-line. Otherwise, return the |
594 |
> |
* auth{} block. -A1kmm |
595 |
> |
*/ |
596 |
|
if (kconf != NULL) |
597 |
< |
return(kconf); |
597 |
> |
return kconf; |
598 |
|
|
599 |
< |
kconf = find_conf_by_address(host, ip, CONF_GLINE, aftype, user, NULL); |
599 |
> |
kconf = find_conf_by_address(host, ip, CONF_GLINE, aftype, user, NULL, 1); |
600 |
|
if (kconf != NULL && !IsConfExemptGline(iconf)) |
601 |
< |
return(kconf); |
601 |
> |
return kconf; |
602 |
|
|
603 |
< |
return(iconf); |
573 |
< |
} |
574 |
< |
|
575 |
< |
struct AccessItem * |
576 |
< |
find_gline_conf(const char *host, const char *user, |
577 |
< |
struct irc_ssaddr *ip, int aftype) |
578 |
< |
{ |
579 |
< |
struct AccessItem *eline; |
580 |
< |
|
581 |
< |
eline = find_conf_by_address(host, ip, CONF_EXEMPTKLINE, aftype, |
582 |
< |
user, NULL); |
583 |
< |
if (eline != NULL) |
584 |
< |
return(eline); |
585 |
< |
|
586 |
< |
return(find_conf_by_address(host, ip, CONF_GLINE, aftype, user, NULL)); |
587 |
< |
} |
588 |
< |
|
589 |
< |
/* find_kline_conf |
590 |
< |
* |
591 |
< |
* inputs - pointer to hostname |
592 |
< |
* - pointer to username |
593 |
< |
* - incoming IP and type (IPv4 vs. IPv6) |
594 |
< |
* outut - pointer to kline conf if found NULL if not |
595 |
< |
* side effects - |
596 |
< |
*/ |
597 |
< |
struct AccessItem * |
598 |
< |
find_kline_conf(const char *host, const char *user, |
599 |
< |
struct irc_ssaddr *ip, int aftype) |
600 |
< |
{ |
601 |
< |
struct AccessItem *eline; |
602 |
< |
|
603 |
< |
eline = find_conf_by_address(host, ip, CONF_EXEMPTKLINE, aftype, |
604 |
< |
user, NULL); |
605 |
< |
if (eline != NULL) |
606 |
< |
return(eline); |
607 |
< |
|
608 |
< |
return(find_conf_by_address(host, ip, CONF_KILL, aftype, user, NULL)); |
603 |
> |
return iconf; |
604 |
|
} |
605 |
|
|
606 |
|
/* struct AccessItem* find_dline_conf(struct irc_ssaddr*, int) |
615 |
|
struct AccessItem *eline; |
616 |
|
|
617 |
|
eline = find_conf_by_address(NULL, addr, CONF_EXEMPTDLINE | 1, aftype, |
618 |
< |
NULL, NULL); |
618 |
> |
NULL, NULL, 1); |
619 |
|
if (eline != NULL) |
620 |
< |
return(eline); |
621 |
< |
return(find_conf_by_address(NULL, addr, CONF_DLINE | 1, aftype, NULL, NULL)); |
620 |
> |
return eline; |
621 |
> |
|
622 |
> |
return find_conf_by_address(NULL, addr, CONF_DLINE | 1, aftype, NULL, NULL, 1); |
623 |
|
} |
624 |
|
|
625 |
|
/* void add_conf_by_address(int, struct AccessItem *aconf) |
628 |
|
* Side-effects: Adds this entry to the hash table. |
629 |
|
*/ |
630 |
|
void |
631 |
< |
add_conf_by_address(int type, struct AccessItem *aconf) |
631 |
> |
add_conf_by_address(const unsigned int type, struct AccessItem *aconf) |
632 |
|
{ |
633 |
|
const char *address; |
634 |
|
const char *username; |
635 |
< |
static unsigned long prec_value = 0xFFFFFFFF; |
636 |
< |
int masktype, bits; |
641 |
< |
unsigned long hv; |
635 |
> |
static unsigned int prec_value = 0xFFFFFFFF; |
636 |
> |
int bits = 0; |
637 |
|
struct AddressRec *arec; |
638 |
|
|
639 |
|
address = aconf->host; |
646 |
|
address = "/NOMATCH!/"; |
647 |
|
|
648 |
|
arec = MyMalloc(sizeof(struct AddressRec)); |
649 |
< |
masktype = parse_netmask(address, &arec->Mask.ipa.addr, &bits); |
649 |
> |
arec->masktype = parse_netmask(address, &arec->Mask.ipa.addr, &bits); |
650 |
|
arec->Mask.ipa.bits = bits; |
656 |
– |
arec->masktype = masktype; |
657 |
– |
#ifdef IPV6 |
658 |
– |
if (masktype == HM_IPV6) |
659 |
– |
{ |
660 |
– |
/* We have to do this, since we do not re-hash for every bit -A1kmm. */ |
661 |
– |
bits -= bits % 16; |
662 |
– |
arec->next = atable[(hv = hash_ipv6(&arec->Mask.ipa.addr, bits))]; |
663 |
– |
atable[hv] = arec; |
664 |
– |
} |
665 |
– |
else |
666 |
– |
#endif |
667 |
– |
if (masktype == HM_IPV4) |
668 |
– |
{ |
669 |
– |
/* We have to do this, since we do not re-hash for every bit -A1kmm. */ |
670 |
– |
bits -= bits % 8; |
671 |
– |
arec->next = atable[(hv = hash_ipv4(&arec->Mask.ipa.addr, bits))]; |
672 |
– |
atable[hv] = arec; |
673 |
– |
} |
674 |
– |
else |
675 |
– |
{ |
676 |
– |
arec->Mask.hostname = address; |
677 |
– |
arec->next = atable[(hv = get_mask_hash(address))]; |
678 |
– |
atable[hv] = arec; |
679 |
– |
} |
651 |
|
arec->username = username; |
652 |
|
arec->aconf = aconf; |
653 |
|
arec->precedence = prec_value--; |
654 |
|
arec->type = type; |
655 |
+ |
|
656 |
+ |
switch (arec->masktype) |
657 |
+ |
{ |
658 |
+ |
case HM_IPV4: |
659 |
+ |
/* We have to do this, since we do not re-hash for every bit -A1kmm. */ |
660 |
+ |
bits -= bits % 8; |
661 |
+ |
dlinkAdd(arec, &arec->node, &atable[hash_ipv4(&arec->Mask.ipa.addr, bits)]); |
662 |
+ |
break; |
663 |
+ |
#ifdef IPV6 |
664 |
+ |
case HM_IPV6: |
665 |
+ |
/* We have to do this, since we do not re-hash for every bit -A1kmm. */ |
666 |
+ |
bits -= bits % 16; |
667 |
+ |
dlinkAdd(arec, &arec->node, &atable[hash_ipv6(&arec->Mask.ipa.addr, bits)]); |
668 |
+ |
break; |
669 |
+ |
#endif |
670 |
+ |
default: /* HM_HOST */ |
671 |
+ |
arec->Mask.hostname = address; |
672 |
+ |
dlinkAdd(arec, &arec->node, &atable[get_mask_hash(address)]); |
673 |
+ |
break; |
674 |
+ |
} |
675 |
|
} |
676 |
|
|
677 |
|
/* void delete_one_address(const char*, struct AccessItem*) |
683 |
|
void |
684 |
|
delete_one_address_conf(const char *address, struct AccessItem *aconf) |
685 |
|
{ |
686 |
< |
int masktype, bits; |
687 |
< |
unsigned long hv; |
688 |
< |
struct AddressRec *arec, *arecl = NULL; |
686 |
> |
int bits = 0; |
687 |
> |
uint32_t hv = 0; |
688 |
> |
dlink_node *ptr = NULL, *ptr_next = NULL; |
689 |
|
struct irc_ssaddr addr; |
699 |
– |
masktype = parse_netmask(address, &addr, &bits); |
690 |
|
|
691 |
< |
#ifdef IPV6 |
702 |
< |
if (masktype == HM_IPV6) |
691 |
> |
switch (parse_netmask(address, &addr, &bits)) |
692 |
|
{ |
693 |
< |
/* We have to do this, since we do not re-hash for every bit -A1kmm. */ |
694 |
< |
bits -= bits % 16; |
695 |
< |
hv = hash_ipv6(&addr, bits); |
696 |
< |
} |
697 |
< |
else |
693 |
> |
case HM_IPV4: |
694 |
> |
/* We have to do this, since we do not re-hash for every bit -A1kmm. */ |
695 |
> |
bits -= bits % 8; |
696 |
> |
hv = hash_ipv4(&addr, bits); |
697 |
> |
break; |
698 |
> |
#ifdef IPV6 |
699 |
> |
case HM_IPV6: |
700 |
> |
/* We have to do this, since we do not re-hash for every bit -A1kmm. */ |
701 |
> |
bits -= bits % 16; |
702 |
> |
hv = hash_ipv6(&addr, bits); |
703 |
> |
break; |
704 |
|
#endif |
705 |
< |
if (masktype == HM_IPV4) |
706 |
< |
{ |
707 |
< |
/* We have to do this, since we do not re-hash for every bit -A1kmm. */ |
713 |
< |
bits -= bits % 8; |
714 |
< |
hv = hash_ipv4(&addr, bits); |
705 |
> |
default: /* HM_HOST */ |
706 |
> |
hv = get_mask_hash(address); |
707 |
> |
break; |
708 |
|
} |
709 |
< |
else |
710 |
< |
hv = get_mask_hash(address); |
718 |
< |
for (arec = atable[hv]; arec; arec = arec->next) |
709 |
> |
|
710 |
> |
DLINK_FOREACH_SAFE(ptr, ptr_next, atable[hv].head) |
711 |
|
{ |
712 |
+ |
struct AddressRec *arec = ptr->data; |
713 |
+ |
|
714 |
|
if (arec->aconf == aconf) |
715 |
|
{ |
716 |
< |
if (arecl) |
723 |
< |
arecl->next = arec->next; |
724 |
< |
else |
725 |
< |
atable[hv] = arec->next; |
716 |
> |
dlinkDelete(&arec->node, &atable[hv]); |
717 |
|
aconf->status |= CONF_ILLEGAL; |
718 |
< |
if (aconf->clients == 0) |
718 |
> |
|
719 |
> |
if (!aconf->clients) |
720 |
|
free_access_item(aconf); |
721 |
+ |
|
722 |
|
MyFree(arec); |
723 |
|
return; |
724 |
|
} |
732 |
– |
arecl = arec; |
725 |
|
} |
726 |
|
} |
727 |
|
|
735 |
|
void |
736 |
|
clear_out_address_conf(void) |
737 |
|
{ |
738 |
< |
int i; |
739 |
< |
struct AddressRec *arec; |
748 |
< |
struct AddressRec *last_arec; |
749 |
< |
struct AddressRec *next_arec; |
738 |
> |
unsigned int i = 0; |
739 |
> |
dlink_node *ptr = NULL, *ptr_next = NULL; |
740 |
|
|
741 |
< |
for (i = 0; i < ATABLE_SIZE; i++) |
741 |
> |
for (i = 0; i < ATABLE_SIZE; ++i) |
742 |
|
{ |
743 |
< |
last_arec = NULL; |
754 |
< |
for (arec = atable[i]; arec; arec = next_arec) |
743 |
> |
DLINK_FOREACH_SAFE(ptr, ptr_next, atable[i].head) |
744 |
|
{ |
745 |
< |
/* We keep the temporary K-lines and destroy the |
757 |
< |
* permanent ones, just to be confusing :) -A1kmm |
758 |
< |
*/ |
759 |
< |
next_arec = arec->next; |
745 |
> |
struct AddressRec *arec = ptr->data; |
746 |
|
|
747 |
< |
if (arec->aconf->flags & CONF_FLAGS_TEMPORARY) |
748 |
< |
{ |
749 |
< |
last_arec = arec; |
750 |
< |
} |
751 |
< |
else |
752 |
< |
{ |
767 |
< |
/* unlink it from link list - Dianora */ |
768 |
< |
|
769 |
< |
if (last_arec == NULL) |
770 |
< |
{ |
771 |
< |
atable[i] = next_arec; |
772 |
< |
} |
773 |
< |
else |
774 |
< |
{ |
775 |
< |
last_arec->next = next_arec; |
776 |
< |
} |
747 |
> |
/* |
748 |
> |
* We keep the temporary K-lines and destroy the permanent ones, |
749 |
> |
* just to be confusing :) -A1kmm |
750 |
> |
*/ |
751 |
> |
if (arec->aconf->hold || IsConfDatabase(arec->aconf)) |
752 |
> |
continue; |
753 |
|
|
754 |
< |
arec->aconf->status |= CONF_ILLEGAL; |
755 |
< |
if (arec->aconf->clients == 0) |
756 |
< |
free_access_item(arec->aconf); |
757 |
< |
MyFree(arec); |
758 |
< |
} |
754 |
> |
dlinkDelete(&arec->node, &atable[i]); |
755 |
> |
arec->aconf->status |= CONF_ILLEGAL; |
756 |
> |
|
757 |
> |
if (!arec->aconf->clients) |
758 |
> |
free_access_item(arec->aconf); |
759 |
> |
MyFree(arec); |
760 |
|
} |
761 |
|
} |
762 |
|
} |
763 |
|
|
764 |
< |
/* |
765 |
< |
* show_iline_prefix() |
789 |
< |
* |
790 |
< |
* inputs - pointer to struct Client requesting output |
791 |
< |
* - pointer to struct AccessItem |
792 |
< |
* - name to which iline prefix will be prefixed to |
793 |
< |
* output - pointer to static string with prefixes listed in ascii form |
794 |
< |
* side effects - NONE |
795 |
< |
*/ |
796 |
< |
char * |
797 |
< |
show_iline_prefix(struct Client *sptr, struct AccessItem *aconf, const char *name) |
798 |
< |
{ |
799 |
< |
static char prefix_of_host[USERLEN + 14]; |
800 |
< |
char *prefix_ptr; |
801 |
< |
|
802 |
< |
prefix_ptr = prefix_of_host; |
803 |
< |
if (IsNoTilde(aconf)) |
804 |
< |
*prefix_ptr++ = '-'; |
805 |
< |
if (IsLimitIp(aconf)) |
806 |
< |
*prefix_ptr++ = '!'; |
807 |
< |
if (IsNeedIdentd(aconf)) |
808 |
< |
*prefix_ptr++ = '+'; |
809 |
< |
if (!IsNeedPassword(aconf)) |
810 |
< |
*prefix_ptr++ = '&'; |
811 |
< |
if (IsConfExemptResv(aconf)) |
812 |
< |
*prefix_ptr++ = '$'; |
813 |
< |
if (IsNoMatchIp(aconf)) |
814 |
< |
*prefix_ptr++ = '%'; |
815 |
< |
if (IsConfDoSpoofIp(aconf)) |
816 |
< |
*prefix_ptr++ = '='; |
817 |
< |
if (MyOper(sptr) && IsConfExemptKline(aconf)) |
818 |
< |
*prefix_ptr++ = '^'; |
819 |
< |
if (MyOper(sptr) && IsConfExemptGline(aconf)) |
820 |
< |
*prefix_ptr++ = '_'; |
821 |
< |
if (MyOper(sptr) && IsConfExemptLimits(aconf)) |
822 |
< |
*prefix_ptr++ = '>'; |
823 |
< |
if (IsConfCanFlood(aconf)) |
824 |
< |
*prefix_ptr++ = '|'; |
825 |
< |
strlcpy(prefix_ptr, name, USERLEN+1); |
826 |
< |
|
827 |
< |
return(prefix_of_host); |
828 |
< |
} |
829 |
< |
|
830 |
< |
/* report_auth() |
831 |
< |
* |
832 |
< |
* Inputs: pointer to client to report to |
833 |
< |
* Output: None |
834 |
< |
* Side effects: Reports configured auth{} blocks to client_p |
835 |
< |
*/ |
836 |
< |
void |
837 |
< |
report_auth(struct Client *client_p) |
764 |
> |
static void |
765 |
> |
hostmask_send_expiration(struct AddressRec *arec) |
766 |
|
{ |
767 |
< |
struct AddressRec *arec; |
840 |
< |
struct ConfItem *conf; |
841 |
< |
struct AccessItem *aconf; |
842 |
< |
int i; |
843 |
< |
|
844 |
< |
for (i = 0; i < ATABLE_SIZE; i++) |
845 |
< |
{ |
846 |
< |
for (arec = atable[i]; arec; arec = arec->next) |
847 |
< |
{ |
848 |
< |
if (arec->type == CONF_CLIENT) |
849 |
< |
{ |
850 |
< |
aconf = arec->aconf; |
767 |
> |
char ban_type = '\0'; |
768 |
|
|
769 |
< |
if (!MyOper(client_p) && IsConfDoSpoofIp(aconf)) |
770 |
< |
continue; |
769 |
> |
if (!ConfigFileEntry.tkline_expire_notices) |
770 |
> |
return; |
771 |
|
|
772 |
< |
conf = unmap_conf_item(aconf); |
773 |
< |
|
774 |
< |
/* We are doing a partial list, based on what matches the u@h of the |
775 |
< |
* sender, so prepare the strings for comparing --fl_ |
776 |
< |
*/ |
777 |
< |
if (ConfigFileEntry.hide_spoof_ips) |
778 |
< |
sendto_one(client_p, form_str(RPL_STATSILINE), me.name, |
779 |
< |
client_p->name, 'I', |
780 |
< |
conf->name == NULL ? "*" : conf->name, |
781 |
< |
show_iline_prefix(client_p, aconf, aconf->user), |
782 |
< |
IsConfDoSpoofIp(aconf) ? "255.255.255.255" : |
866 |
< |
aconf->host, aconf->port, |
867 |
< |
aconf->class_ptr ? aconf->class_ptr->name : "<default>"); |
868 |
< |
|
869 |
< |
else |
870 |
< |
sendto_one(client_p, form_str(RPL_STATSILINE), me.name, |
871 |
< |
client_p->name, 'I', |
872 |
< |
conf->name == NULL ? "*" : conf->name, |
873 |
< |
show_iline_prefix(client_p, aconf, aconf->user), |
874 |
< |
aconf->host, aconf->port, |
875 |
< |
aconf->class_ptr ? aconf->class_ptr->name : "<default>"); |
876 |
< |
} |
877 |
< |
} |
772 |
> |
switch (arec->type) |
773 |
> |
{ |
774 |
> |
case CONF_KLINE: |
775 |
> |
ban_type = 'K'; |
776 |
> |
break; |
777 |
> |
case CONF_DLINE: |
778 |
> |
ban_type = 'D'; |
779 |
> |
break; |
780 |
> |
case CONF_GLINE: |
781 |
> |
ban_type = 'G'; |
782 |
> |
break; |
783 |
|
} |
784 |
+ |
|
785 |
+ |
sendto_realops_flags(UMODE_ALL, L_ALL, SEND_NOTICE, |
786 |
+ |
"Temporary %c-line for [%s@%s] expired", ban_type, |
787 |
+ |
(arec->aconf->user) ? arec->aconf->user : "*", |
788 |
+ |
(arec->aconf->host) ? arec->aconf->host : "*"); |
789 |
|
} |
790 |
|
|
881 |
– |
/* report_Klines() |
882 |
– |
* Inputs: Client to report to, |
883 |
– |
* type(==0 for perm, !=0 for temporary) |
884 |
– |
* mask |
885 |
– |
* Output: None |
886 |
– |
* Side effects: Reports configured K(or k)-lines to client_p. |
887 |
– |
*/ |
791 |
|
void |
792 |
< |
report_Klines(struct Client *client_p, int tkline) |
792 |
> |
hostmask_expire_temporary(void) |
793 |
|
{ |
794 |
< |
struct AddressRec *arec = NULL; |
795 |
< |
struct AccessItem *aconf = NULL; |
893 |
< |
int i; |
894 |
< |
const char *p = NULL; |
895 |
< |
|
896 |
< |
if (tkline) |
897 |
< |
p = "k"; |
898 |
< |
else |
899 |
< |
p = "K"; |
794 |
> |
unsigned int i = 0; |
795 |
> |
dlink_node *ptr = NULL, *ptr_next = NULL; |
796 |
|
|
797 |
< |
for (i = 0; i < ATABLE_SIZE; i++) |
797 |
> |
for (i = 0; i < ATABLE_SIZE; ++i) |
798 |
|
{ |
799 |
< |
for (arec = atable[i]; arec; arec = arec->next) |
799 |
> |
DLINK_FOREACH_SAFE(ptr, ptr_next, atable[i].head) |
800 |
|
{ |
801 |
< |
if (arec->type == CONF_KILL) |
801 |
> |
struct AddressRec *arec = ptr->data; |
802 |
> |
|
803 |
> |
if (!arec->aconf->hold || arec->aconf->hold > CurrentTime) |
804 |
> |
continue; |
805 |
> |
|
806 |
> |
switch (arec->type) |
807 |
|
{ |
808 |
< |
if ((tkline && !((aconf = arec->aconf)->flags & CONF_FLAGS_TEMPORARY)) || |
809 |
< |
(!tkline && ((aconf = arec->aconf)->flags & CONF_FLAGS_TEMPORARY))) |
810 |
< |
continue; |
811 |
< |
|
812 |
< |
if (HasUMode(client_p, UMODE_OPER)) |
813 |
< |
sendto_one(client_p, form_str(RPL_STATSKLINE), me.name, |
814 |
< |
client_p->name, p, aconf->host, aconf->user, |
815 |
< |
aconf->reason, aconf->oper_reason ? aconf->oper_reason : ""); |
816 |
< |
else |
916 |
< |
sendto_one(client_p, form_str(RPL_STATSKLINE), me.name, |
917 |
< |
client_p->name, p, aconf->host, aconf->user, |
918 |
< |
aconf->reason, ""); |
808 |
> |
case CONF_KLINE: |
809 |
> |
case CONF_DLINE: |
810 |
> |
case CONF_GLINE: |
811 |
> |
hostmask_send_expiration(arec); |
812 |
> |
|
813 |
> |
dlinkDelete(&arec->node, &atable[i]); |
814 |
> |
free_access_item(arec->aconf); |
815 |
> |
MyFree(arec); |
816 |
> |
break; |
817 |
|
} |
818 |
|
} |
819 |
|
} |