]>
Commit | Line | Data |
---|---|---|
5ada3782 | 1 | #include <stdlib.h> |
2129448c | 2 | #include <string.h> |
9097ab05 | 3 | #include <stdio.h> |
5ada3782 CP |
4 | |
5 | #include "../lib/sstring.h" | |
2129448c | 6 | #include "../core/hooks.h" |
45989eab | 7 | #include "../core/nsmalloc.h" |
4ea9375d | 8 | #include "../lib/irc_string.h" |
5ada3782 CP |
9 | #include "trusts.h" |
10 | ||
11 | trustgroup *tglist; | |
12 | ||
4be1aaf2 CP |
13 | void th_dbupdatecounts(trusthost *); |
14 | void tg_dbupdatecounts(trustgroup *); | |
15 | ||
b76fd8e6 CP |
16 | static trusthost *th_getnextchildbyhost(trusthost *, trusthost *); |
17 | ||
5ada3782 CP |
18 | void trusts_freeall(void) { |
19 | trustgroup *tg, *ntg; | |
20 | trusthost *th, *nth; | |
21 | ||
22 | for(tg=tglist;tg;tg=ntg) { | |
23 | ntg = tg->next; | |
24 | for(th=tg->hosts;th;th=nth) { | |
25 | nth = th->next; | |
26 | ||
27 | th_free(th); | |
28 | } | |
29 | ||
2ab0a1e7 | 30 | tg_free(tg, 1); |
5ada3782 CP |
31 | } |
32 | ||
33 | tglist = NULL; | |
34 | } | |
35 | ||
36 | trustgroup *tg_getbyid(unsigned int id) { | |
37 | trustgroup *tg; | |
38 | ||
39 | for(tg=tglist;tg;tg=tg->next) | |
40 | if(tg->id == id) | |
41 | return tg; | |
42 | ||
43 | return NULL; | |
44 | } | |
45 | ||
46 | void th_free(trusthost *th) { | |
2ab0a1e7 CP |
47 | triggerhook(HOOK_TRUSTS_LOSTHOST, th); |
48 | ||
45989eab | 49 | nsfree(POOL_TRUSTS, th); |
5ada3782 CP |
50 | } |
51 | ||
b76fd8e6 CP |
52 | static void th_updatechildren(trusthost *th) { |
53 | trusthost *nth = NULL; | |
54 | ||
55 | th->children = NULL; | |
56 | ||
57 | for(;;) { | |
58 | nth = th_getnextchildbyhost(th, nth); | |
59 | if(!nth) | |
60 | break; | |
61 | ||
62 | nth->nextbychild = th->children; | |
63 | th->children = nth; | |
64 | } | |
65 | } | |
66 | ||
67 | void th_linktree(void) { | |
68 | trustgroup *tg; | |
69 | trusthost *th; | |
70 | ||
71 | /* ugh */ | |
72 | for(tg=tglist;tg;tg=tg->next) | |
73 | for(th=tg->hosts;th;th=th->next) | |
74 | th->parent = th_getsmallestsupersetbyhost(th->ip, th->mask); | |
75 | ||
76 | for(tg=tglist;tg;tg=tg->next) | |
77 | for(th=tg->hosts;th;th=th->next) | |
78 | if(th->parent) | |
79 | th_updatechildren(th->parent); | |
80 | } | |
81 | ||
82a316e7 | 82 | trusthost *th_add(trusthost *ith) { |
65f34016 CP |
83 | trusthost *th; |
84 | ||
45989eab | 85 | th = nsmalloc(POOL_TRUSTS, sizeof(trusthost)); |
65f34016 | 86 | if(!th) |
d2c08930 | 87 | return NULL; |
65f34016 | 88 | |
82a316e7 | 89 | memcpy(th, ith, sizeof(trusthost)); |
5ada3782 | 90 | |
1bbe1ac3 | 91 | th->users = NULL; |
1bbe1ac3 CP |
92 | th->count = 0; |
93 | ||
b76fd8e6 CP |
94 | th->parent = NULL; |
95 | th->children = NULL; | |
96 | ||
6ebeb438 CP |
97 | th->marker = 0; |
98 | ||
82a316e7 CP |
99 | th->next = th->group->hosts; |
100 | th->group->hosts = th; | |
5ada3782 | 101 | |
d2c08930 | 102 | return th; |
5ada3782 CP |
103 | } |
104 | ||
2ab0a1e7 CP |
105 | void tg_free(trustgroup *tg, int created) { |
106 | if(created) | |
107 | triggerhook(HOOK_TRUSTS_LOSTGROUP, tg); | |
2129448c | 108 | |
5ada3782 CP |
109 | freesstring(tg->name); |
110 | freesstring(tg->createdby); | |
111 | freesstring(tg->contact); | |
112 | freesstring(tg->comment); | |
45989eab | 113 | nsfree(POOL_TRUSTS, tg); |
5ada3782 CP |
114 | } |
115 | ||
82a316e7 | 116 | trustgroup *tg_add(trustgroup *itg) { |
45989eab | 117 | trustgroup *tg = nsmalloc(POOL_TRUSTS, sizeof(trustgroup)); |
5ada3782 | 118 | if(!tg) |
d2c08930 | 119 | return NULL; |
5ada3782 | 120 | |
82a316e7 CP |
121 | memcpy(tg, itg, sizeof(trustgroup)); |
122 | ||
123 | tg->name = getsstring(tg->name->content, TRUSTNAMELEN); | |
1f685425 | 124 | tg->createdby = getsstring(tg->createdby->content, CREATEDBYLEN); |
82a316e7 CP |
125 | tg->contact = getsstring(tg->contact->content, CONTACTLEN); |
126 | tg->comment = getsstring(tg->comment->content, COMMENTLEN); | |
5ada3782 | 127 | if(!tg->name || !tg->createdby || !tg->contact || !tg->comment) { |
2ab0a1e7 | 128 | tg_free(tg, 0); |
d2c08930 | 129 | return NULL; |
5ada3782 CP |
130 | } |
131 | ||
65f34016 | 132 | tg->hosts = NULL; |
6ebeb438 | 133 | tg->marker = 0; |
1bbe1ac3 CP |
134 | tg->count = 0; |
135 | ||
2129448c CP |
136 | memset(tg->exts, 0, sizeof(tg->exts)); |
137 | ||
5ada3782 CP |
138 | tg->next = tglist; |
139 | tglist = tg; | |
140 | ||
2129448c CP |
141 | triggerhook(HOOK_TRUSTS_NEWGROUP, tg); |
142 | ||
d2c08930 | 143 | return tg; |
5ada3782 | 144 | } |
1bbe1ac3 | 145 | |
d2c08930 | 146 | trusthost *th_getbyhost(uint32_t ip) { |
1bbe1ac3 | 147 | trustgroup *tg; |
fdcbe91d CP |
148 | trusthost *th, *result = NULL; |
149 | uint32_t mask; | |
1bbe1ac3 | 150 | |
fdcbe91d CP |
151 | for(tg=tglist;tg;tg=tg->next) { |
152 | for(th=tg->hosts;th;th=th->next) { | |
d2c08930 | 153 | if((ip & th->mask) == th->ip) { |
fdcbe91d CP |
154 | if(!result || (th->mask > mask)) { |
155 | mask = th->mask; | |
156 | result = th; | |
157 | } | |
158 | } | |
159 | } | |
160 | } | |
1bbe1ac3 | 161 | |
fdcbe91d | 162 | return result; |
1bbe1ac3 | 163 | } |
4be1aaf2 | 164 | |
9097ab05 | 165 | trusthost *th_getbyhostandmask(uint32_t ip, uint32_t mask) { |
d2c08930 CP |
166 | trustgroup *tg; |
167 | trusthost *th; | |
168 | ||
169 | for(tg=tglist;tg;tg=tg->next) | |
170 | for(th=tg->hosts;th;th=th->next) | |
9097ab05 | 171 | if((th->ip == ip) && (th->mask == mask)) |
d2c08930 CP |
172 | return th; |
173 | ||
174 | return NULL; | |
175 | } | |
176 | ||
9097ab05 CP |
177 | /* returns the ip with the smallest prefix that is still a superset of the given host */ |
178 | trusthost *th_getsmallestsupersetbyhost(uint32_t ip, uint32_t mask) { | |
179 | trustgroup *tg; | |
180 | trusthost *th, *result = NULL; | |
181 | uint32_t smask; | |
182 | ||
183 | for(tg=tglist;tg;tg=tg->next) { | |
184 | for(th=tg->hosts;th;th=th->next) { | |
185 | if(th->ip == (ip & th->mask)) { | |
186 | if((th->mask < mask) && (!result || (th->mask > smask))) { | |
187 | smask = th->mask; | |
188 | result = th; | |
189 | } | |
190 | } | |
191 | } | |
192 | } | |
193 | ||
194 | return result; | |
195 | } | |
196 | ||
197 | /* returns the first ip that is a subset it comes across */ | |
198 | trusthost *th_getsubsetbyhost(uint32_t ip, uint32_t mask) { | |
199 | trustgroup *tg; | |
200 | trusthost *th; | |
201 | ||
202 | for(tg=tglist;tg;tg=tg->next) | |
203 | for(th=tg->hosts;th;th=th->next) | |
204 | if((th->ip & mask) == ip) | |
205 | if(th->mask > mask) | |
206 | return th; | |
207 | ||
208 | return NULL; | |
209 | } | |
210 | ||
b76fd8e6 CP |
211 | /* NOT reentrant obviously */ |
212 | static trusthost *th_getnextchildbyhost(trusthost *orig, trusthost *th) { | |
213 | if(!th) { | |
214 | trustgroup *tg; | |
215 | ||
216 | tg = tglist; | |
217 | for(tg=tglist;tg;tg=tg->next) { | |
218 | th = tg->hosts; | |
219 | if(th) | |
220 | break; | |
221 | } | |
222 | ||
223 | /* INVARIANT: tg => th */ | |
224 | if(!tg) | |
225 | return NULL; | |
226 | ||
227 | if(th->parent == orig) | |
228 | return th; | |
229 | } | |
230 | ||
231 | for(;;) { | |
232 | if(th->next) { | |
233 | th = th->next; | |
234 | } else { | |
235 | if(!th->group->next) | |
236 | return NULL; | |
237 | th = th->group->next->hosts; | |
238 | } | |
239 | ||
240 | if(th->parent == orig) | |
241 | return th; | |
242 | } | |
243 | } | |
244 | ||
9097ab05 CP |
245 | void th_getsuperandsubsets(uint32_t ip, uint32_t mask, trusthost **superset, trusthost **subset) { |
246 | *superset = th_getsmallestsupersetbyhost(ip, mask); | |
247 | *subset = th_getsubsetbyhost(ip, mask); | |
248 | } | |
249 | ||
b9c52ee0 | 250 | void trusts_flush(void (*thflush)(trusthost *), void (*tgflush)(trustgroup *)) { |
4be1aaf2 CP |
251 | trustgroup *tg; |
252 | trusthost *th; | |
253 | time_t t = time(NULL); | |
254 | ||
255 | for(tg=tglist;tg;tg=tg->next) { | |
256 | if(tg->count > 0) | |
257 | tg->lastseen = t; | |
258 | ||
b9c52ee0 | 259 | tgflush(tg); |
4be1aaf2 CP |
260 | |
261 | for(th=tg->hosts;th;th=th->next) { | |
262 | if(th->count > 0) | |
263 | th->lastseen = t; | |
264 | ||
b9c52ee0 | 265 | thflush(th); |
4be1aaf2 CP |
266 | } |
267 | } | |
268 | } | |
4ea9375d CP |
269 | |
270 | trustgroup *tg_strtotg(char *name) { | |
271 | unsigned long id; | |
272 | trustgroup *tg; | |
273 | ||
274 | /* legacy format */ | |
275 | if(name[0] == '#') { | |
73653516 CP |
276 | char *endp; |
277 | id = strtoul(&name[1], &endp, 10); | |
278 | if(!id || *endp) | |
4ea9375d CP |
279 | return NULL; |
280 | ||
73653516 | 281 | return tg_getbyid(id); |
4ea9375d CP |
282 | } |
283 | ||
284 | for(tg=tglist;tg;tg=tg->next) | |
73653516 | 285 | if(!strcmp(name, tg->name->content)) |
4ea9375d CP |
286 | return tg; |
287 | ||
288 | return NULL; | |
289 | } | |
9097ab05 CP |
290 | |
291 | void th_adjusthosts(trusthost *th, trusthost *superset, trusthost *subset) { | |
292 | /* | |
293 | * First and foremost, CIDR doesn't allow hosts to cross boundaries, i.e. everything with a smaller prefix | |
294 | * is entirely contained with the prefix that is one smaller. | |
295 | * e.g. 0.0.0.0/23, 0.0.0.128/23, you can't have a single prefix for 0.0.0.64-0.0.0.192, instead | |
296 | * you have two, 0.0.0.64/26 and 0.0.0.128/26. | |
297 | * | |
298 | * This makes the code MUCH easier as the entire thing is one huge set/tree. | |
299 | * | |
300 | * Four cases here: | |
301 | * 1: host isn't covered by any existing hosts. | |
302 | * 2: host is covered by a less specific one only, e.g. adding 0.0.0.1/32, while 0.0.0.0/24 already exists. | |
303 | * 3: host is covered by a more specific one only, e.g. adding 0.0.0.0/24 while 0.0.0.1/32 already exists | |
304 | * (note there might be more than one more specific host, e.g. 0.0.0.1/32 and 0.0.0.2/32). | |
305 | * 4: covered by more and less specific cases, e.g. adding 0.0.0.0/24 to: { 0.0.0.1/32, 0.0.0.2/32, 0.0.0.0/16 }. | |
306 | * | |
307 | * CASE 1 | |
308 | * ------ | |
309 | * | |
310 | * !superset && !subset | |
311 | * | |
312 | * Scan through the host hash and add any clients which match our host, this is exactly the same as case 3 | |
313 | * but without needing to check (though checking doesn't hurt), so we'll just use the code for that. | |
314 | * | |
315 | * CASE 2 | |
316 | * ------ | |
317 | * | |
318 | * superset && !subset | |
319 | * | |
320 | * We have the less specific host in 'superset', we know it is the only one so pull out clients in it's | |
321 | * ->users list matching our new host. | |
322 | * No need to look for extra hosts in the main nick hash as they're all covered already. | |
323 | * | |
324 | * CASE 3 | |
325 | * ------ | |
326 | * | |
327 | * !superset && subset | |
328 | * | |
329 | * We have one host in 'subset', but there might be more than one, we don't care though! | |
330 | * We can scan the entire host hash and pull out any hosts that match us and don't have | |
331 | * a trust group already, this ignores any with a more specific prefix. | |
332 | * | |
333 | * CASE 4 | |
334 | * ------ | |
335 | * | |
336 | * superset && subset | |
337 | * | |
338 | * Here we first fix up the ones less specific then us, so we just perform what we did for case 2, | |
339 | * then we perform what we did for case 3. | |
340 | * | |
341 | * So in summary: | |
342 | * CASE 1: DO 3 | |
343 | * CASE 2: (work) | |
344 | * CASE 3: (work) | |
345 | * CASE 4: DO 2; DO 3 | |
346 | * Or: | |
347 | * if(2 || 4) : DO 2 | |
348 | * if(1 || 3 || 4): DO 3 | |
349 | */ | |
350 | ||
351 | /* we let the compiler do the boolean minimisation for clarity reasons */ | |
352 | ||
353 | if((superset && !subset) || (superset && subset)) { /* cases 2 and 4 */ | |
354 | nick *np, *nnp; | |
355 | for(np=superset->users;np;np=nnp) { | |
356 | nnp = nextbytrust(np); | |
357 | if((irc_in_addr_v4_to_int(&np->p_ipaddr) & th->mask) == th->ip) { | |
358 | trusts_lostnick(np, 1); | |
359 | trusts_newnick(np, 1); | |
360 | } | |
361 | } | |
362 | } | |
363 | ||
364 | if((!superset && !subset) || (!superset && subset) || (superset && subset)) { /* cases 1, 3 and 4 */ | |
365 | nick *np; | |
366 | int i; | |
367 | ||
368 | for(i=0;i<NICKHASHSIZE;i++) | |
369 | for(np=nicktable[i];np;np=np->next) | |
370 | if(!gettrusthost(np) && ((irc_in_addr_v4_to_int(&np->p_ipaddr) & th->mask) == th->ip)) | |
371 | trusts_newnick(np, 1); | |
372 | } | |
373 | } | |
6ebeb438 CP |
374 | |
375 | unsigned int nexttgmarker(void) { | |
376 | static unsigned int tgmarker = 0; | |
377 | trustgroup *tg; | |
378 | ||
379 | tgmarker++; | |
380 | if(!tgmarker) { | |
381 | /* If we wrapped to zero, zap the marker on all groups */ | |
382 | for(tg=tglist;tg;tg=tg->next) | |
383 | tg->marker=0; | |
384 | ||
385 | tgmarker++; | |
386 | } | |
387 | ||
388 | return tgmarker; | |
389 | } | |
390 | ||
391 | unsigned int nextthmarker(void) { | |
392 | static unsigned int thmarker = 0; | |
393 | trustgroup *tg; | |
394 | trusthost *th; | |
395 | ||
396 | thmarker++; | |
397 | if(!thmarker) { | |
398 | /* If we wrapped to zero, zap the marker on all hosts */ | |
399 | for(tg=tglist;tg;tg=tg->next) | |
400 | for(th=tg->hosts;th;th=th->next) | |
401 | th->marker=0; | |
402 | ||
403 | thmarker++; | |
404 | } | |
405 | ||
406 | return thmarker; | |
407 | } | |
82a316e7 | 408 | |
2ab0a1e7 | 409 | trusthost *th_getbyid(unsigned int id) { |
82a316e7 | 410 | trustgroup *tg; |
2ab0a1e7 | 411 | trusthost *th; |
82a316e7 CP |
412 | |
413 | for(tg=tglist;tg;tg=tg->next) | |
2ab0a1e7 CP |
414 | for(th=tg->hosts;th;th=th->next) |
415 | if(th->id == id) | |
416 | return th; | |
82a316e7 CP |
417 | |
418 | return NULL; | |
419 | } | |
420 | ||
2ab0a1e7 CP |
421 | int tg_modify(trustgroup *oldtg, trustgroup *newtg) { |
422 | trustgroup vnewtg; | |
423 | ||
424 | memcpy(&vnewtg, oldtg, sizeof(trustgroup)); | |
425 | ||
426 | /* unfortunately we can't just memcpy the new one over */ | |
427 | ||
428 | vnewtg.name = getsstring(newtg->name->content, TRUSTNAMELEN); | |
1f685425 | 429 | vnewtg.createdby = getsstring(newtg->createdby->content, CREATEDBYLEN); |
2ab0a1e7 CP |
430 | vnewtg.contact = getsstring(newtg->contact->content, CONTACTLEN); |
431 | vnewtg.comment = getsstring(newtg->comment->content, COMMENTLEN); | |
f803c9ca | 432 | if(!vnewtg.name || !vnewtg.createdby || !vnewtg.contact || !vnewtg.comment) { |
2ab0a1e7 CP |
433 | freesstring(vnewtg.name); |
434 | freesstring(vnewtg.createdby); | |
435 | freesstring(vnewtg.contact); | |
436 | freesstring(vnewtg.comment); | |
437 | return 0; | |
438 | } | |
439 | ||
440 | /* id remains the same, count/hosts/marker/next/exts are ignored */ | |
441 | vnewtg.trustedfor = newtg->trustedfor; | |
442 | vnewtg.mode = newtg->mode; | |
443 | vnewtg.maxperident = newtg->maxperident; | |
444 | vnewtg.maxusage = newtg->maxusage; | |
445 | vnewtg.expires = newtg->expires; | |
446 | vnewtg.lastseen = newtg->lastseen; | |
1f685425 | 447 | vnewtg.lastmaxusereset = newtg->lastmaxusereset; |
2ab0a1e7 CP |
448 | |
449 | memcpy(oldtg, &vnewtg, sizeof(trustgroup)); | |
450 | ||
451 | return 1; | |
452 | } |