]>
Commit | Line | Data |
---|---|---|
5ada3782 | 1 | #include <stdlib.h> |
2129448c | 2 | #include <string.h> |
2bf602e9 | 3 | #include <strings.h> |
9097ab05 | 4 | #include <stdio.h> |
5ada3782 CP |
5 | |
6 | #include "../lib/sstring.h" | |
2129448c | 7 | #include "../core/hooks.h" |
45989eab | 8 | #include "../core/nsmalloc.h" |
4ea9375d | 9 | #include "../lib/irc_string.h" |
acd5f58f | 10 | #include "../irc/irc.h" |
5ada3782 CP |
11 | #include "trusts.h" |
12 | ||
13 | trustgroup *tglist; | |
14 | ||
4be1aaf2 CP |
15 | void th_dbupdatecounts(trusthost *); |
16 | void tg_dbupdatecounts(trustgroup *); | |
17 | ||
34e3de85 GB |
18 | static trusthost *th_getnextchildbyhost(trusthost *, trusthost *); |
19 | ||
5ada3782 CP |
20 | void trusts_freeall(void) { |
21 | trustgroup *tg, *ntg; | |
22 | trusthost *th, *nth; | |
23 | ||
24 | for(tg=tglist;tg;tg=ntg) { | |
25 | ntg = tg->next; | |
26 | for(th=tg->hosts;th;th=nth) { | |
27 | nth = th->next; | |
28 | ||
29 | th_free(th); | |
30 | } | |
31 | ||
2ab0a1e7 | 32 | tg_free(tg, 1); |
5ada3782 CP |
33 | } |
34 | ||
35 | tglist = NULL; | |
36 | } | |
37 | ||
38 | trustgroup *tg_getbyid(unsigned int id) { | |
39 | trustgroup *tg; | |
40 | ||
41 | for(tg=tglist;tg;tg=tg->next) | |
42 | if(tg->id == id) | |
43 | return tg; | |
44 | ||
45 | return NULL; | |
46 | } | |
47 | ||
48 | void th_free(trusthost *th) { | |
2ab0a1e7 CP |
49 | triggerhook(HOOK_TRUSTS_LOSTHOST, th); |
50 | ||
45989eab | 51 | nsfree(POOL_TRUSTS, th); |
5ada3782 CP |
52 | } |
53 | ||
34e3de85 GB |
54 | static void th_updatechildren(trusthost *th) { |
55 | trusthost *nth = NULL; | |
56 | ||
57 | th->children = NULL; | |
58 | ||
59 | for(;;) { | |
60 | nth = th_getnextchildbyhost(th, nth); | |
61 | if(!nth) | |
62 | break; | |
63 | ||
64 | nth->nextbychild = th->children; | |
65 | th->children = nth; | |
66 | } | |
67 | } | |
68 | ||
69 | void th_linktree(void) { | |
70 | trustgroup *tg; | |
71 | trusthost *th; | |
72 | ||
73 | /* ugh */ | |
74 | for(tg=tglist;tg;tg=tg->next) | |
75 | for(th=tg->hosts;th;th=th->next) | |
6e6e98da | 76 | th->parent = th_getsmallestsupersetbyhost(&th->ip, th->bits); |
34e3de85 GB |
77 | |
78 | for(tg=tglist;tg;tg=tg->next) | |
79 | for(th=tg->hosts;th;th=th->next) | |
80 | if(th->parent) | |
81 | th_updatechildren(th->parent); | |
82 | } | |
83 | ||
82a316e7 | 84 | trusthost *th_add(trusthost *ith) { |
65f34016 CP |
85 | trusthost *th; |
86 | ||
45989eab | 87 | th = nsmalloc(POOL_TRUSTS, sizeof(trusthost)); |
65f34016 | 88 | if(!th) |
d2c08930 | 89 | return NULL; |
65f34016 | 90 | |
82a316e7 | 91 | memcpy(th, ith, sizeof(trusthost)); |
5ada3782 | 92 | |
1bbe1ac3 | 93 | th->users = NULL; |
1bbe1ac3 CP |
94 | th->count = 0; |
95 | ||
34e3de85 GB |
96 | th->parent = NULL; |
97 | th->children = NULL; | |
98 | ||
99 | th->marker = 0; | |
100 | ||
82a316e7 CP |
101 | th->next = th->group->hosts; |
102 | th->group->hosts = th; | |
5ada3782 | 103 | |
d2c08930 | 104 | return th; |
5ada3782 CP |
105 | } |
106 | ||
2ab0a1e7 CP |
107 | void tg_free(trustgroup *tg, int created) { |
108 | if(created) | |
109 | triggerhook(HOOK_TRUSTS_LOSTGROUP, tg); | |
2129448c | 110 | |
5ada3782 CP |
111 | freesstring(tg->name); |
112 | freesstring(tg->createdby); | |
113 | freesstring(tg->contact); | |
114 | freesstring(tg->comment); | |
45989eab | 115 | nsfree(POOL_TRUSTS, tg); |
5ada3782 CP |
116 | } |
117 | ||
82a316e7 | 118 | trustgroup *tg_add(trustgroup *itg) { |
45989eab | 119 | trustgroup *tg = nsmalloc(POOL_TRUSTS, sizeof(trustgroup)); |
5ada3782 | 120 | if(!tg) |
d2c08930 | 121 | return NULL; |
5ada3782 | 122 | |
82a316e7 CP |
123 | memcpy(tg, itg, sizeof(trustgroup)); |
124 | ||
125 | tg->name = getsstring(tg->name->content, TRUSTNAMELEN); | |
1f685425 | 126 | tg->createdby = getsstring(tg->createdby->content, CREATEDBYLEN); |
82a316e7 CP |
127 | tg->contact = getsstring(tg->contact->content, CONTACTLEN); |
128 | tg->comment = getsstring(tg->comment->content, COMMENTLEN); | |
5ada3782 | 129 | if(!tg->name || !tg->createdby || !tg->contact || !tg->comment) { |
2ab0a1e7 | 130 | tg_free(tg, 0); |
d2c08930 | 131 | return NULL; |
5ada3782 CP |
132 | } |
133 | ||
65f34016 | 134 | tg->hosts = NULL; |
34e3de85 | 135 | tg->marker = 0; |
1bbe1ac3 CP |
136 | tg->count = 0; |
137 | ||
2129448c CP |
138 | memset(tg->exts, 0, sizeof(tg->exts)); |
139 | ||
5ada3782 CP |
140 | tg->next = tglist; |
141 | tglist = tg; | |
142 | ||
2129448c CP |
143 | triggerhook(HOOK_TRUSTS_NEWGROUP, tg); |
144 | ||
d2c08930 | 145 | return tg; |
5ada3782 | 146 | } |
1bbe1ac3 | 147 | |
6e6e98da | 148 | trusthost *th_getbyhost(struct irc_in_addr *ip) { |
1bbe1ac3 | 149 | trustgroup *tg; |
fdcbe91d | 150 | trusthost *th, *result = NULL; |
6e6e98da | 151 | uint32_t bits; |
1bbe1ac3 | 152 | |
fdcbe91d CP |
153 | for(tg=tglist;tg;tg=tg->next) { |
154 | for(th=tg->hosts;th;th=th->next) { | |
6e6e98da GB |
155 | if(ipmask_check(ip, &th->ip, th->bits)) { |
156 | if(!result || (th->bits > bits)) { | |
157 | bits = th->bits; | |
fdcbe91d CP |
158 | result = th; |
159 | } | |
160 | } | |
161 | } | |
162 | } | |
1bbe1ac3 | 163 | |
fdcbe91d | 164 | return result; |
1bbe1ac3 | 165 | } |
4be1aaf2 | 166 | |
6e6e98da | 167 | trusthost *th_getbyhostandmask(struct irc_in_addr *ip, uint32_t bits) { |
d2c08930 CP |
168 | trustgroup *tg; |
169 | trusthost *th; | |
170 | ||
171 | for(tg=tglist;tg;tg=tg->next) | |
172 | for(th=tg->hosts;th;th=th->next) | |
6e6e98da | 173 | if(ipmask_check(ip, &th->ip, 128) && th->bits == bits) |
d2c08930 CP |
174 | return th; |
175 | ||
176 | return NULL; | |
177 | } | |
178 | ||
9097ab05 | 179 | /* returns the ip with the smallest prefix that is still a superset of the given host */ |
6e6e98da | 180 | trusthost *th_getsmallestsupersetbyhost(struct irc_in_addr *ip, uint32_t bits) { |
9097ab05 CP |
181 | trustgroup *tg; |
182 | trusthost *th, *result = NULL; | |
6e6e98da | 183 | uint32_t sbits; |
9097ab05 CP |
184 | |
185 | for(tg=tglist;tg;tg=tg->next) { | |
186 | for(th=tg->hosts;th;th=th->next) { | |
6e6e98da GB |
187 | if(ipmask_check(ip, &th->ip, th->bits)) { |
188 | if((th->bits < bits) && (!result || (th->bits > sbits))) { | |
189 | sbits = th->bits; | |
9097ab05 CP |
190 | result = th; |
191 | } | |
192 | } | |
193 | } | |
194 | } | |
195 | ||
196 | return result; | |
197 | } | |
198 | ||
199 | /* returns the first ip that is a subset it comes across */ | |
6e6e98da | 200 | trusthost *th_getsubsetbyhost(struct irc_in_addr *ip, uint32_t bits) { |
9097ab05 CP |
201 | trustgroup *tg; |
202 | trusthost *th; | |
203 | ||
204 | for(tg=tglist;tg;tg=tg->next) | |
205 | for(th=tg->hosts;th;th=th->next) | |
6e6e98da GB |
206 | if(ipmask_check(ip, &th->ip, th->bits)) |
207 | if(th->bits > bits) | |
9097ab05 CP |
208 | return th; |
209 | ||
210 | return NULL; | |
211 | } | |
212 | ||
34e3de85 GB |
213 | /* NOT reentrant obviously */ |
214 | static trusthost *th_getnextchildbyhost(trusthost *orig, trusthost *th) { | |
215 | if(!th) { | |
216 | trustgroup *tg; | |
217 | ||
218 | tg = tglist; | |
219 | for(tg=tglist;tg;tg=tg->next) { | |
220 | th = tg->hosts; | |
221 | if(th) | |
222 | break; | |
223 | } | |
224 | ||
225 | /* INVARIANT: tg => th */ | |
226 | if(!tg) | |
227 | return NULL; | |
228 | ||
229 | if(th->parent == orig) | |
230 | return th; | |
231 | } | |
232 | ||
233 | for(;;) { | |
234 | if(th->next) { | |
235 | th = th->next; | |
236 | } else { | |
9a9f4372 GB |
237 | trustgroup *tg = th->group; |
238 | ||
239 | do { | |
240 | tg = tg->next; | |
241 | } while (tg && !tg->hosts); | |
242 | ||
243 | if(!tg) | |
34e3de85 | 244 | return NULL; |
9a9f4372 GB |
245 | |
246 | th = tg->hosts; | |
34e3de85 GB |
247 | } |
248 | ||
9a9f4372 | 249 | if(th->parent == orig) |
34e3de85 GB |
250 | return th; |
251 | } | |
252 | } | |
253 | ||
6e6e98da GB |
254 | void th_getsuperandsubsets(struct irc_in_addr *ip, uint32_t bits, trusthost **superset, trusthost **subset) { |
255 | *superset = th_getsmallestsupersetbyhost(ip, bits); | |
256 | *subset = th_getsubsetbyhost(ip, bits); | |
9097ab05 CP |
257 | } |
258 | ||
b9c52ee0 | 259 | void trusts_flush(void (*thflush)(trusthost *), void (*tgflush)(trustgroup *)) { |
4be1aaf2 CP |
260 | trustgroup *tg; |
261 | trusthost *th; | |
acd5f58f | 262 | time_t t = getnettime(); |
4be1aaf2 CP |
263 | |
264 | for(tg=tglist;tg;tg=tg->next) { | |
265 | if(tg->count > 0) | |
266 | tg->lastseen = t; | |
267 | ||
b9c52ee0 | 268 | tgflush(tg); |
4be1aaf2 CP |
269 | |
270 | for(th=tg->hosts;th;th=th->next) { | |
271 | if(th->count > 0) | |
272 | th->lastseen = t; | |
273 | ||
b9c52ee0 | 274 | thflush(th); |
4be1aaf2 CP |
275 | } |
276 | } | |
277 | } | |
4ea9375d CP |
278 | |
279 | trustgroup *tg_strtotg(char *name) { | |
280 | unsigned long id; | |
281 | trustgroup *tg; | |
282 | ||
283 | /* legacy format */ | |
284 | if(name[0] == '#') { | |
73653516 CP |
285 | char *endp; |
286 | id = strtoul(&name[1], &endp, 10); | |
287 | if(!id || *endp) | |
4ea9375d CP |
288 | return NULL; |
289 | ||
73653516 | 290 | return tg_getbyid(id); |
4ea9375d CP |
291 | } |
292 | ||
293 | for(tg=tglist;tg;tg=tg->next) | |
2bf602e9 | 294 | if(!strcasecmp(name, tg->name->content)) |
4ea9375d CP |
295 | return tg; |
296 | ||
297 | return NULL; | |
298 | } | |
9097ab05 CP |
299 | |
300 | void th_adjusthosts(trusthost *th, trusthost *superset, trusthost *subset) { | |
301 | /* | |
302 | * First and foremost, CIDR doesn't allow hosts to cross boundaries, i.e. everything with a smaller prefix | |
303 | * is entirely contained with the prefix that is one smaller. | |
304 | * e.g. 0.0.0.0/23, 0.0.0.128/23, you can't have a single prefix for 0.0.0.64-0.0.0.192, instead | |
305 | * you have two, 0.0.0.64/26 and 0.0.0.128/26. | |
306 | * | |
307 | * This makes the code MUCH easier as the entire thing is one huge set/tree. | |
308 | * | |
309 | * Four cases here: | |
310 | * 1: host isn't covered by any existing hosts. | |
311 | * 2: host is covered by a less specific one only, e.g. adding 0.0.0.1/32, while 0.0.0.0/24 already exists. | |
312 | * 3: host is covered by a more specific one only, e.g. adding 0.0.0.0/24 while 0.0.0.1/32 already exists | |
313 | * (note there might be more than one more specific host, e.g. 0.0.0.1/32 and 0.0.0.2/32). | |
314 | * 4: covered by more and less specific cases, e.g. adding 0.0.0.0/24 to: { 0.0.0.1/32, 0.0.0.2/32, 0.0.0.0/16 }. | |
315 | * | |
316 | * CASE 1 | |
317 | * ------ | |
318 | * | |
319 | * !superset && !subset | |
320 | * | |
321 | * Scan through the host hash and add any clients which match our host, this is exactly the same as case 3 | |
322 | * but without needing to check (though checking doesn't hurt), so we'll just use the code for that. | |
323 | * | |
324 | * CASE 2 | |
325 | * ------ | |
326 | * | |
327 | * superset && !subset | |
328 | * | |
329 | * We have the less specific host in 'superset', we know it is the only one so pull out clients in it's | |
330 | * ->users list matching our new host. | |
331 | * No need to look for extra hosts in the main nick hash as they're all covered already. | |
332 | * | |
333 | * CASE 3 | |
334 | * ------ | |
335 | * | |
336 | * !superset && subset | |
337 | * | |
338 | * We have one host in 'subset', but there might be more than one, we don't care though! | |
339 | * We can scan the entire host hash and pull out any hosts that match us and don't have | |
340 | * a trust group already, this ignores any with a more specific prefix. | |
341 | * | |
342 | * CASE 4 | |
343 | * ------ | |
344 | * | |
345 | * superset && subset | |
346 | * | |
347 | * Here we first fix up the ones less specific then us, so we just perform what we did for case 2, | |
348 | * then we perform what we did for case 3. | |
349 | * | |
350 | * So in summary: | |
351 | * CASE 1: DO 3 | |
352 | * CASE 2: (work) | |
353 | * CASE 3: (work) | |
354 | * CASE 4: DO 2; DO 3 | |
355 | * Or: | |
356 | * if(2 || 4) : DO 2 | |
357 | * if(1 || 3 || 4): DO 3 | |
358 | */ | |
359 | ||
360 | /* we let the compiler do the boolean minimisation for clarity reasons */ | |
361 | ||
362 | if((superset && !subset) || (superset && subset)) { /* cases 2 and 4 */ | |
363 | nick *np, *nnp; | |
364 | for(np=superset->users;np;np=nnp) { | |
365 | nnp = nextbytrust(np); | |
6e6e98da | 366 | if(ipmask_check(&np->p_nodeaddr, &th->ip, th->bits)) { |
9097ab05 CP |
367 | trusts_lostnick(np, 1); |
368 | trusts_newnick(np, 1); | |
369 | } | |
370 | } | |
371 | } | |
372 | ||
373 | if((!superset && !subset) || (!superset && subset) || (superset && subset)) { /* cases 1, 3 and 4 */ | |
374 | nick *np; | |
375 | int i; | |
376 | ||
377 | for(i=0;i<NICKHASHSIZE;i++) | |
378 | for(np=nicktable[i];np;np=np->next) | |
6e6e98da | 379 | if(!gettrusthost(np) && ipmask_check(&np->p_nodeaddr, &th->ip, th->bits)) |
9097ab05 CP |
380 | trusts_newnick(np, 1); |
381 | } | |
382 | } | |
6ebeb438 | 383 | |
34e3de85 GB |
384 | unsigned int nexttgmarker(void) { |
385 | static unsigned int tgmarker = 0; | |
386 | trustgroup *tg; | |
387 | ||
388 | tgmarker++; | |
389 | if(!tgmarker) { | |
390 | /* If we wrapped to zero, zap the marker on all groups */ | |
391 | for(tg=tglist;tg;tg=tg->next) | |
392 | tg->marker=0; | |
393 | ||
394 | tgmarker++; | |
395 | } | |
396 | ||
397 | return tgmarker; | |
398 | } | |
399 | ||
400 | unsigned int nextthmarker(void) { | |
401 | static unsigned int thmarker = 0; | |
402 | trustgroup *tg; | |
403 | trusthost *th; | |
404 | ||
405 | thmarker++; | |
406 | if(!thmarker) { | |
407 | /* If we wrapped to zero, zap the marker on all hosts */ | |
408 | for(tg=tglist;tg;tg=tg->next) | |
409 | for(th=tg->hosts;th;th=th->next) | |
410 | th->marker=0; | |
411 | ||
412 | thmarker++; | |
413 | } | |
414 | ||
415 | return thmarker; | |
416 | } | |
417 | ||
2ab0a1e7 | 418 | trusthost *th_getbyid(unsigned int id) { |
82a316e7 | 419 | trustgroup *tg; |
2ab0a1e7 | 420 | trusthost *th; |
82a316e7 CP |
421 | |
422 | for(tg=tglist;tg;tg=tg->next) | |
2ab0a1e7 CP |
423 | for(th=tg->hosts;th;th=th->next) |
424 | if(th->id == id) | |
425 | return th; | |
82a316e7 CP |
426 | |
427 | return NULL; | |
428 | } | |
429 | ||
2ab0a1e7 CP |
430 | int tg_modify(trustgroup *oldtg, trustgroup *newtg) { |
431 | trustgroup vnewtg; | |
432 | ||
433 | memcpy(&vnewtg, oldtg, sizeof(trustgroup)); | |
434 | ||
435 | /* unfortunately we can't just memcpy the new one over */ | |
436 | ||
437 | vnewtg.name = getsstring(newtg->name->content, TRUSTNAMELEN); | |
1f685425 | 438 | vnewtg.createdby = getsstring(newtg->createdby->content, CREATEDBYLEN); |
2ab0a1e7 CP |
439 | vnewtg.contact = getsstring(newtg->contact->content, CONTACTLEN); |
440 | vnewtg.comment = getsstring(newtg->comment->content, COMMENTLEN); | |
f803c9ca | 441 | if(!vnewtg.name || !vnewtg.createdby || !vnewtg.contact || !vnewtg.comment) { |
2ab0a1e7 CP |
442 | freesstring(vnewtg.name); |
443 | freesstring(vnewtg.createdby); | |
444 | freesstring(vnewtg.contact); | |
445 | freesstring(vnewtg.comment); | |
446 | return 0; | |
447 | } | |
448 | ||
449 | /* id remains the same, count/hosts/marker/next/exts are ignored */ | |
450 | vnewtg.trustedfor = newtg->trustedfor; | |
de723023 | 451 | vnewtg.flags = newtg->flags; |
2ab0a1e7 CP |
452 | vnewtg.maxperident = newtg->maxperident; |
453 | vnewtg.maxusage = newtg->maxusage; | |
454 | vnewtg.expires = newtg->expires; | |
455 | vnewtg.lastseen = newtg->lastseen; | |
1f685425 | 456 | vnewtg.lastmaxusereset = newtg->lastmaxusereset; |
2ab0a1e7 CP |
457 | |
458 | memcpy(oldtg, &vnewtg, sizeof(trustgroup)); | |
459 | ||
460 | return 1; | |
461 | } | |
058f68c5 GB |
462 | |
463 | int th_modify(trusthost *oldth, trusthost *newth) { | |
464 | oldth->maxpernode = newth->maxpernode; | |
465 | oldth->nodebits = newth->nodebits; | |
466 | ||
467 | return 1; | |
468 | } | |
469 |