[irc/quakenet/newserv.git] / trusts / data.c

#include <stdlib.h>
#include <string.h>
#include <stdio.h>

#include "../lib/sstring.h"
#include "../core/hooks.h"
#include "../core/nsmalloc.h"
#include "../lib/irc_string.h"
#include "trusts.h"

trustgroup *tglist;

void th_dbupdatecounts(trusthost *);
void tg_dbupdatecounts(trustgroup *);

void trusts_freeall(void) {
  trustgroup *tg, *ntg;
  trusthost *th, *nth;

  for(tg=tglist;tg;tg=ntg) {
    ntg = tg->next;
    for(th=tg->hosts;th;th=nth) {
      nth = th->next;

      th_free(th);
    }

    tg_free(tg);
  }

  tglist = NULL;
}

trustgroup *tg_getbyid(unsigned int id) {
  trustgroup *tg;

  for(tg=tglist;tg;tg=tg->next)
    if(tg->id == id)
      return tg;

  return NULL;
}

void th_free(trusthost *th) {
  nsfree(POOL_TRUSTS, th);
}

trusthost *th_add(trustgroup *tg, unsigned int id, char *host, unsigned int maxusage, time_t lastseen) {
  u_int32_t ip, mask;
  trusthost *th;

  if(!trusts_str2cidr(host, &ip, &mask))
    return NULL;

  th = nsmalloc(POOL_TRUSTS, sizeof(trusthost));
  if(!th)
    return NULL;

  th->id = id;
  th->maxusage = maxusage;
  th->lastseen = lastseen;
  th->ip = ip;
  th->mask = mask;

  th->users = NULL;
  th->group = tg;
  th->count = 0;

  th->next = tg->hosts;
  tg->hosts = th;

  return th;
}

void tg_free(trustgroup *tg) {
  triggerhook(HOOK_TRUSTS_LOSTGROUP, tg);

  freesstring(tg->name);
  freesstring(tg->createdby);
  freesstring(tg->contact);
  freesstring(tg->comment);
  nsfree(POOL_TRUSTS, tg);
}

trustgroup *tg_add(unsigned int id, char *name, unsigned int trustedfor, int mode, unsigned int maxperident, unsigned int maxusage, time_t expires, time_t lastseen, time_t lastmaxuserreset, char *createdby, char *contact, char *comment) {
  trustgroup *tg = nsmalloc(POOL_TRUSTS, sizeof(trustgroup));
  if(!tg)
    return NULL;

  tg->name = getsstring(name, TRUSTNAMELEN);
  tg->createdby = getsstring(createdby, NICKLEN);
  tg->contact = getsstring(contact, CONTACTLEN);
  tg->comment = getsstring(comment, COMMENTLEN);
  if(!tg->name || !tg->createdby || !tg->contact || !tg->comment) {
    tg_free(tg);
    return NULL;
  }

  tg->id = id;
  tg->trustedfor = trustedfor;
  tg->mode = mode;
  tg->maxperident = maxperident;
  tg->maxusage = maxusage;
  tg->expires = expires;
  tg->lastseen = lastseen;
  tg->lastmaxuserreset = lastmaxuserreset;
  tg->hosts = NULL;

  tg->count = 0;

  memset(tg->exts, 0, sizeof(tg->exts));

  tg->next = tglist;
  tglist = tg;

  triggerhook(HOOK_TRUSTS_NEWGROUP, tg);

  return tg;
}

trusthost *th_getbyhost(uint32_t ip) {
  trustgroup *tg;
  trusthost *th, *result = NULL;
  uint32_t mask;

  for(tg=tglist;tg;tg=tg->next) {
    for(th=tg->hosts;th;th=th->next) {
      if((ip & th->mask) == th->ip) {
        if(!result || (th->mask > mask)) {
          mask = th->mask;
          result = th;
        }
      }
    }
  }

  return result;
}

trusthost *th_getbyhostandmask(uint32_t ip, uint32_t mask) {
  trustgroup *tg;
  trusthost *th;

  for(tg=tglist;tg;tg=tg->next)
    for(th=tg->hosts;th;th=th->next)
      if((th->ip == ip) && (th->mask == mask))
        return th;

  return NULL;
}

/* returns the ip with the smallest prefix that is still a superset of the given host */
trusthost *th_getsmallestsupersetbyhost(uint32_t ip, uint32_t mask) {
  trustgroup *tg;
  trusthost *th, *result = NULL;
  uint32_t smask;

  for(tg=tglist;tg;tg=tg->next) {
    for(th=tg->hosts;th;th=th->next) {
      if(th->ip == (ip & th->mask)) {
        if((th->mask < mask) && (!result || (th->mask > smask))) {
          smask = th->mask;
          result = th;
        }
      }
    }
  }

  return result;
}

/* returns the first ip that is a subset it comes across */
trusthost *th_getsubsetbyhost(uint32_t ip, uint32_t mask) {
  trustgroup *tg;
  trusthost *th;

  for(tg=tglist;tg;tg=tg->next)
    for(th=tg->hosts;th;th=th->next)
      if((th->ip & mask) == ip)
        if(th->mask > mask)
          return th;

  return NULL;
}

void th_getsuperandsubsets(uint32_t ip, uint32_t mask, trusthost **superset, trusthost **subset) {
  *superset = th_getsmallestsupersetbyhost(ip, mask);
  *subset = th_getsubsetbyhost(ip, mask);
}

void trusts_flush(void) {
  trustgroup *tg;
  trusthost *th;
  time_t t = time(NULL);

  for(tg=tglist;tg;tg=tg->next) {
    if(tg->count > 0)
      tg->lastseen = t;

    tg_dbupdatecounts(tg);

    for(th=tg->hosts;th;th=th->next) {
      if(th->count > 0)
        th->lastseen = t;

      th_dbupdatecounts(th);
    }
  }
}

trustgroup *tg_strtotg(char *name) {
  unsigned long id;
  trustgroup *tg;

  /* legacy format */
  if(name[0] == '#') {
    id = strtoul(&name[1], NULL, 10);
    if(!id)
      return NULL;

    for(tg=tglist;tg;tg=tg->next)
      if(tg->id == id)
        return tg;
  }

  for(tg=tglist;tg;tg=tg->next)
    if(!match(name, tg->name->content))
      return tg;

  id = strtoul(name, NULL, 10);
  if(!id)
    return NULL;

  /* legacy format */
  for(tg=tglist;tg;tg=tg->next)
    if(tg->id == id)
      return tg;

  return NULL;
}

void th_adjusthosts(trusthost *th, trusthost *superset, trusthost *subset) {
  /*
   * First and foremost, CIDR doesn't allow hosts to cross boundaries, i.e. everything with a smaller prefix
   * is entirely contained with the prefix that is one smaller.
   * e.g. 0.0.0.0/23, 0.0.0.128/23, you can't have a single prefix for 0.0.0.64-0.0.0.192, instead
   * you have two, 0.0.0.64/26 and 0.0.0.128/26.
   *
   * This makes the code MUCH easier as the entire thing is one huge set/tree.
   *
   * Four cases here:
   * 1: host isn't covered by any existing hosts.
   * 2: host is covered by a less specific one only, e.g. adding 0.0.0.1/32, while 0.0.0.0/24 already exists.
   * 3: host is covered by a more specific one only, e.g. adding 0.0.0.0/24 while 0.0.0.1/32 already exists
   *    (note there might be more than one more specific host, e.g. 0.0.0.1/32 and 0.0.0.2/32).
   * 4: covered by more and less specific cases, e.g. adding 0.0.0.0/24 to: { 0.0.0.1/32, 0.0.0.2/32, 0.0.0.0/16 }.
   *
   * CASE 1
   * ------
   *
   * !superset && !subset
   *
   * Scan through the host hash and add any clients which match our host, this is exactly the same as case 3
   * but without needing to check (though checking doesn't hurt), so we'll just use the code for that.
   *
   * CASE 2
   * ------
   *
   * superset && !subset
   *
   * We have the less specific host in 'superset', we know it is the only one so pull out clients in it's
   * ->users list matching our new host.
   * No need to look for extra hosts in the main nick hash as they're all covered already.
   *
   * CASE 3
   * ------
   *
   * !superset && subset
   *
   * We have one host in 'subset', but there might be more than one, we don't care though!
   * We can scan the entire host hash and pull out any hosts that match us and don't have
   * a trust group already, this ignores any with a more specific prefix.
   *
   * CASE 4
   * ------
   *
   * superset && subset
   *
   * Here we first fix up the ones less specific then us, so we just perform what we did for case 2,
   * then we perform what we did for case 3.
   *
   * So in summary:
   *   CASE 1: DO 3
   *   CASE 2: (work)
   *   CASE 3: (work)
   *   CASE 4: DO 2; DO 3
   * Or:
   *   if(2 || 4)     : DO 2
   *   if(1 || 3 || 4): DO 3
   */

  /* we let the compiler do the boolean minimisation for clarity reasons */

  if((superset && !subset) || (superset && subset)) { /* cases 2 and 4 */
    nick *np, *nnp;
    for(np=superset->users;np;np=nnp) {
      nnp = nextbytrust(np);
      if((irc_in_addr_v4_to_int(&np->p_ipaddr) & th->mask) == th->ip) {
        trusts_lostnick(np, 1);
        trusts_newnick(np, 1);
      }
    }
  }

  if((!superset && !subset) || (!superset && subset) || (superset && subset)) { /* cases 1, 3 and 4 */
    nick *np;
    int i;

    for(i=0;i<NICKHASHSIZE;i++)
      for(np=nicktable[i];np;np=np->next)
        if(!gettrusthost(np) && ((irc_in_addr_v4_to_int(&np->p_ipaddr) & th->mask) == th->ip))
          trusts_newnick(np, 1);
  }
}
Commit	Line	Data
5ada3782	1	#include <stdlib.h>
2129448c	2	#include <string.h>
9097ab05	3	#include <stdio.h>
5ada3782 CP	4
5ada3782 CP	5	#include "../lib/sstring.h"
2129448c	6	#include "../core/hooks.h"
45989eab	7	#include "../core/nsmalloc.h"
4ea9375d	8	#include "../lib/irc_string.h"
5ada3782 CP	9	#include "trusts.h"
	10
	11	trustgroup *tglist;
	12
4be1aaf2 CP	13	void th_dbupdatecounts(trusthost *);
	14	void tg_dbupdatecounts(trustgroup *);
	15
5ada3782 CP	16	void trusts_freeall(void) {
	17	trustgroup tg, ntg;
	18	trusthost th, nth;
	19
	20	for(tg=tglist;tg;tg=ntg) {
	21	ntg = tg->next;
	22	for(th=tg->hosts;th;th=nth) {
	23	nth = th->next;
	24
	25	th_free(th);
	26	}
	27
	28	tg_free(tg);
	29	}
	30
	31	tglist = NULL;
	32	}
	33
	34	trustgroup *tg_getbyid(unsigned int id) {
	35	trustgroup *tg;
	36
	37	for(tg=tglist;tg;tg=tg->next)
	38	if(tg->id == id)
	39	return tg;
	40
	41	return NULL;
	42	}
	43
	44	void th_free(trusthost *th) {
45989eab	45	nsfree(POOL_TRUSTS, th);
5ada3782 CP	46	}
5ada3782 CP	47
d2c08930	48	trusthost th_add(trustgroup tg, unsigned int id, char *host, unsigned int maxusage, time_t lastseen) {
65f34016 CP	49	u_int32_t ip, mask;
	50	trusthost *th;
	51
	52	if(!trusts_str2cidr(host, &ip, &mask))
d2c08930	53	return NULL;
5ada3782	54
45989eab	55	th = nsmalloc(POOL_TRUSTS, sizeof(trusthost));
65f34016	56	if(!th)
d2c08930	57	return NULL;
65f34016	58
9bf9e8a1	59	th->id = id;
4be1aaf2	60	th->maxusage = maxusage;
5ada3782	61	th->lastseen = lastseen;
65f34016 CP	62	th->ip = ip;
65f34016 CP	63	th->mask = mask;
5ada3782	64
1bbe1ac3 CP	65	th->users = NULL;
	66	th->group = tg;
	67	th->count = 0;
	68
5ada3782 CP	69	th->next = tg->hosts;
	70	tg->hosts = th;
	71
d2c08930	72	return th;
5ada3782 CP	73	}
	74
	75	void tg_free(trustgroup *tg) {
2129448c CP	76	triggerhook(HOOK_TRUSTS_LOSTGROUP, tg);
2129448c CP	77
5ada3782 CP	78	freesstring(tg->name);
	79	freesstring(tg->createdby);
	80	freesstring(tg->contact);
	81	freesstring(tg->comment);
45989eab	82	nsfree(POOL_TRUSTS, tg);
5ada3782 CP	83	}
5ada3782 CP	84
d2c08930	85	trustgroup tg_add(unsigned int id, char name, unsigned int trustedfor, int mode, unsigned int maxperident, unsigned int maxusage, time_t expires, time_t lastseen, time_t lastmaxuserreset, char createdby, char contact, char *comment) {
45989eab	86	trustgroup *tg = nsmalloc(POOL_TRUSTS, sizeof(trustgroup));
5ada3782	87	if(!tg)
d2c08930	88	return NULL;
5ada3782 CP	89
	90	tg->name = getsstring(name, TRUSTNAMELEN);
	91	tg->createdby = getsstring(createdby, NICKLEN);
	92	tg->contact = getsstring(contact, CONTACTLEN);
	93	tg->comment = getsstring(comment, COMMENTLEN);
	94	if(!tg->name \|\| !tg->createdby \|\| !tg->contact \|\| !tg->comment) {
	95	tg_free(tg);
d2c08930	96	return NULL;
5ada3782 CP	97	}
	98
	99	tg->id = id;
	100	tg->trustedfor = trustedfor;
	101	tg->mode = mode;
	102	tg->maxperident = maxperident;
4be1aaf2	103	tg->maxusage = maxusage;
5ada3782 CP	104	tg->expires = expires;
	105	tg->lastseen = lastseen;
	106	tg->lastmaxuserreset = lastmaxuserreset;
65f34016	107	tg->hosts = NULL;
5ada3782	108
1bbe1ac3 CP	109	tg->count = 0;
1bbe1ac3 CP	110
2129448c CP	111	memset(tg->exts, 0, sizeof(tg->exts));
2129448c CP	112
5ada3782 CP	113	tg->next = tglist;
	114	tglist = tg;
	115
2129448c CP	116	triggerhook(HOOK_TRUSTS_NEWGROUP, tg);
2129448c CP	117
d2c08930	118	return tg;
5ada3782	119	}
1bbe1ac3	120
d2c08930	121	trusthost *th_getbyhost(uint32_t ip) {
1bbe1ac3	122	trustgroup *tg;
fdcbe91d CP	123	trusthost th, result = NULL;
fdcbe91d CP	124	uint32_t mask;
1bbe1ac3	125
fdcbe91d CP	126	for(tg=tglist;tg;tg=tg->next) {
fdcbe91d CP	127	for(th=tg->hosts;th;th=th->next) {
d2c08930	128	if((ip & th->mask) == th->ip) {
fdcbe91d CP	129	if(!result \|\| (th->mask > mask)) {
	130	mask = th->mask;
	131	result = th;
	132	}
	133	}
	134	}
	135	}
1bbe1ac3	136
fdcbe91d	137	return result;
1bbe1ac3	138	}
4be1aaf2	139
9097ab05	140	trusthost *th_getbyhostandmask(uint32_t ip, uint32_t mask) {
d2c08930 CP	141	trustgroup *tg;
	142	trusthost *th;
	143
	144	for(tg=tglist;tg;tg=tg->next)
	145	for(th=tg->hosts;th;th=th->next)
9097ab05	146	if((th->ip == ip) && (th->mask == mask))
d2c08930 CP	147	return th;
	148
	149	return NULL;
	150	}
	151
9097ab05 CP	152	/* returns the ip with the smallest prefix that is still a superset of the given host */
	153	trusthost *th_getsmallestsupersetbyhost(uint32_t ip, uint32_t mask) {
	154	trustgroup *tg;
	155	trusthost th, result = NULL;
	156	uint32_t smask;
	157
	158	for(tg=tglist;tg;tg=tg->next) {
	159	for(th=tg->hosts;th;th=th->next) {
	160	if(th->ip == (ip & th->mask)) {
	161	if((th->mask < mask) && (!result \|\| (th->mask > smask))) {
	162	smask = th->mask;
	163	result = th;
	164	}
	165	}
	166	}
	167	}
	168
	169	return result;
	170	}
	171
	172	/* returns the first ip that is a subset it comes across */
	173	trusthost *th_getsubsetbyhost(uint32_t ip, uint32_t mask) {
	174	trustgroup *tg;
	175	trusthost *th;
	176
	177	for(tg=tglist;tg;tg=tg->next)
	178	for(th=tg->hosts;th;th=th->next)
	179	if((th->ip & mask) == ip)
	180	if(th->mask > mask)
	181	return th;
	182
	183	return NULL;
	184	}
	185
	186	void th_getsuperandsubsets(uint32_t ip, uint32_t mask, trusthost superset, trusthost subset) {
	187	*superset = th_getsmallestsupersetbyhost(ip, mask);
	188	*subset = th_getsubsetbyhost(ip, mask);
	189	}
	190
4be1aaf2 CP	191	void trusts_flush(void) {
	192	trustgroup *tg;
	193	trusthost *th;
	194	time_t t = time(NULL);
	195
	196	for(tg=tglist;tg;tg=tg->next) {
	197	if(tg->count > 0)
	198	tg->lastseen = t;
	199
	200	tg_dbupdatecounts(tg);
	201
	202	for(th=tg->hosts;th;th=th->next) {
	203	if(th->count > 0)
	204	th->lastseen = t;
	205
	206	th_dbupdatecounts(th);
	207	}
	208	}
	209	}
4ea9375d CP	210
	211	trustgroup tg_strtotg(char name) {
	212	unsigned long id;
	213	trustgroup *tg;
	214
	215	/* legacy format */
	216	if(name[0] == '#') {
	217	id = strtoul(&name[1], NULL, 10);
17e84978	218	if(!id)
4ea9375d CP	219	return NULL;
	220
	221	for(tg=tglist;tg;tg=tg->next)
	222	if(tg->id == id)
	223	return tg;
	224	}
	225
	226	for(tg=tglist;tg;tg=tg->next)
	227	if(!match(name, tg->name->content))
	228	return tg;
	229
	230	id = strtoul(name, NULL, 10);
17e84978	231	if(!id)
4ea9375d CP	232	return NULL;
	233
	234	/* legacy format */
	235	for(tg=tglist;tg;tg=tg->next)
	236	if(tg->id == id)
	237	return tg;
	238
	239	return NULL;
	240	}
9097ab05 CP	241
	242	void th_adjusthosts(trusthost th, trusthost superset, trusthost *subset) {
	243	/*
	244	* First and foremost, CIDR doesn't allow hosts to cross boundaries, i.e. everything with a smaller prefix
	245	* is entirely contained with the prefix that is one smaller.
	246	* e.g. 0.0.0.0/23, 0.0.0.128/23, you can't have a single prefix for 0.0.0.64-0.0.0.192, instead
	247	* you have two, 0.0.0.64/26 and 0.0.0.128/26.
	248	*
	249	* This makes the code MUCH easier as the entire thing is one huge set/tree.
	250	*
	251	* Four cases here:
	252	* 1: host isn't covered by any existing hosts.
	253	* 2: host is covered by a less specific one only, e.g. adding 0.0.0.1/32, while 0.0.0.0/24 already exists.
	254	* 3: host is covered by a more specific one only, e.g. adding 0.0.0.0/24 while 0.0.0.1/32 already exists
	255	* (note there might be more than one more specific host, e.g. 0.0.0.1/32 and 0.0.0.2/32).
	256	* 4: covered by more and less specific cases, e.g. adding 0.0.0.0/24 to: { 0.0.0.1/32, 0.0.0.2/32, 0.0.0.0/16 }.
	257	*
	258	* CASE 1
	259	* ------
	260	*
	261	* !superset && !subset
	262	*
	263	* Scan through the host hash and add any clients which match our host, this is exactly the same as case 3
	264	* but without needing to check (though checking doesn't hurt), so we'll just use the code for that.
	265	*
	266	* CASE 2
	267	* ------
	268	*
	269	* superset && !subset
	270	*
	271	* We have the less specific host in 'superset', we know it is the only one so pull out clients in it's
	272	* ->users list matching our new host.
	273	* No need to look for extra hosts in the main nick hash as they're all covered already.
	274	*
	275	* CASE 3
	276	* ------
	277	*
	278	* !superset && subset
	279	*
	280	* We have one host in 'subset', but there might be more than one, we don't care though!
	281	* We can scan the entire host hash and pull out any hosts that match us and don't have
	282	* a trust group already, this ignores any with a more specific prefix.
	283	*
	284	* CASE 4
	285	* ------
	286	*
	287	* superset && subset
	288	*
	289	* Here we first fix up the ones less specific then us, so we just perform what we did for case 2,
	290	* then we perform what we did for case 3.
	291	*
	292	* So in summary:
	293	* CASE 1: DO 3
	294	* CASE 2: (work)
	295	* CASE 3: (work)
	296	* CASE 4: DO 2; DO 3
	297	* Or:
	298	* if(2 \|\| 4) : DO 2
	299	* if(1 \|\| 3 \|\| 4): DO 3
	300	*/
	301
	302	/* we let the compiler do the boolean minimisation for clarity reasons */
	303
	304	if((superset && !subset) \|\| (superset && subset)) { /* cases 2 and 4 */
305	nick np, nnp;
306	for(np=superset->users;np;np=nnp) {
307	nnp = nextbytrust(np);
308	if((irc_in_addr_v4_to_int(&np->p_ipaddr) & th->mask) == th->ip) {
309	trusts_lostnick(np, 1);
310	trusts_newnick(np, 1);
311	}
312	}
313	}
314
315	if((!superset && !subset) \|\| (!superset && subset) \|\| (superset && subset)) { /* cases 1, 3 and 4 */
316	nick *np;
317	int i;
318
319	for(i=0;i<NICKHASHSIZE;i++)
320	for(np=nicktable[i];np;np=np->next)
321	if(!gettrusthost(np) && ((irc_in_addr_v4_to_int(&np->p_ipaddr) & th->mask) == th->ip))
322	trusts_newnick(np, 1);
323	}
324	}