]> jfr.im git - irc/quakenet/newserv.git/blob - trusts/trusts_policy.c
projects / irc / quakenet / newserv.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Cleaned up the trust socket code a bit.
[irc/quakenet/newserv.git] / trusts / trusts_policy.c
1 #include <stdio.h>
2 #include <stdlib.h>
3 #include <stdarg.h>
4 #include <unistd.h>
5 #include <sys/types.h>
6 #include <sys/socket.h>
7 #include <netinet/in.h>
8
9 #ifndef __USE_MISC
10 #define __USE_MISC /* inet_aton */
11 #endif
12
13 #include <arpa/inet.h>
14 #include <sys/un.h>
15 #include <sys/poll.h>
16 #include <errno.h>
17 #include <fcntl.h>
18
19 #include "../lib/version.h"
20 #include "../lib/hmac.h"
21 #include "../core/events.h"
22 #include "../core/schedule.h"
23 #include "../core/nsmalloc.h"
24 #include "../core/hooks.h"
25 #include "../core/config.h"
26 #include "../control/control.h"
27 #include "../lib/irc_string.h"
28 #include "../irc/irc.h"
29 #include "../glines/glines.h"
30 #include "trusts.h"
31
32 MODULE_VERSION("");
33
34 static int countext, enforcepolicy_irc, enforcepolicy_auth;
35
36 #define TRUSTBUFSIZE 8192
37 #define TRUSTPASSLEN 128
38 #define NONCELEN 16
39
40 typedef struct trustsocket {
41 int fd;
42 int authed;
43 char authuser[SERVERLEN+1];
44 char buf[TRUSTBUFSIZE];
45 unsigned char nonce[NONCELEN];
46 int size;
47 time_t connected;
48 time_t timeout;
49 int accepted;
50 int rejected;
51
52 struct trustsocket *next;
53 } trustsocket;
54
55 static trustsocket *tslist;
56 static int listenerfd = -1;
57 static FILE *urandom;
58
59 typedef struct trustaccount {
60 int used;
61 char server[SERVERLEN+1];
62 char password[TRUSTPASSLEN+1];
63 } trustaccount;
64
65 trustaccount trustaccounts[MAXSERVERS];
66
67 static int checkconnectionth(const char *username, struct irc_in_addr *ip, trusthost *th, int hooknum, int usercountadjustment, char *message, size_t messagelen) {
68 trustgroup *tg;
69
70 if(messagelen>0)
71 message[0] = '\0';
72
73 if(!th || !trustsdbloaded)
74 return POLICY_SUCCESS;
75
76 tg = th->group;
77
78 /*
79 * the purpose of this logic is to avoid spam like this:
80 * WARNING: tgX exceeded limit: 11 connected vs 10 max
81 * (goes back down to 10)
82 * WARNING: tgX exceeded limit: 11 connected vs 10 max
83 */
84
85 if(hooknum == HOOK_TRUSTS_NEWNICK) {
86 patricia_node_t *head, *node;
87 int nodecount = 0;
88
89 head = refnode(iptree, ip, th->nodebits);
90 PATRICIA_WALK(head, node)
91 {
92 nodecount += node->usercount;
93 }
94 PATRICIA_WALK_END;
95 derefnode(iptree, head);
96
97 if(th->maxpernode && nodecount + usercountadjustment > th->maxpernode) {
98 controlwall(NO_OPER, NL_TRUSTS, "Hard connection limit exceeded on subnet: %s (group: %s): %d connected, %d max.", trusts_cidr2str(ip, th->nodebits), tg->name->content, nodecount + usercountadjustment, th->maxpernode);
99 snprintf(message, messagelen, "Too many connections from your host (%s) - see http://www.quakenet.org/help/trusts/connection-limit for details.", IPtostr(*ip));
100 return POLICY_FAILURE_NODECOUNT;
101 }
102
103 if(tg->trustedfor && tg->count + usercountadjustment > tg->trustedfor) {
104 if(tg->count > (long)tg->exts[countext]) {
105 tg->exts[countext] = (void *)(long)tg->count;
106
107 controlwall(NO_OPER, NL_TRUSTS, "Hard connection limit exceeded (group %s): %d connected, %d max.", tg->name->content, tg->count + usercountadjustment, tg->trustedfor);
108 snprintf(message, messagelen, "Too many connections from your trust (%s) - see http://www.quakenet.org/help/trusts/connection-limit for details.", IPtostr(*ip));
109 }
110
111 snprintf(message, messagelen, "Too many connections from your trust (%s) - see http://www.quakenet.org/help/trusts/connection-limit for details.", IPtostr(*ip));
112 return POLICY_FAILURE_GROUPCOUNT;
113 }
114
115 if((tg->flags & TRUST_ENFORCE_IDENT) && (username[0] == '~')) {
116 controlwall(NO_OPER, NL_TRUSTS, "Ident required: %s@%s (group: %s).", username, IPtostr(*ip), tg->name->content);
117 snprintf(message, messagelen, "IDENTD required from your host (%s) - see http://www.quakenet.org/help/trusts/connection-limit for details.", IPtostr(*ip));
118 return POLICY_FAILURE_IDENTD;
119 }
120
121 if(tg->maxperident > 0) {
122 int identcount = 0;
123 trusthost *th2;
124 nick *tnp;
125
126 for(th2=tg->hosts;th2;th2=th2->next) {
127 for(tnp=th2->users;tnp;tnp=nextbytrust(tnp)) {
128 if(!ircd_strcmp(tnp->ident, username))
129 identcount++;
130 }
131 }
132
133 if(identcount + usercountadjustment > tg->maxperident) {
134 controlwall(NO_OPER, NL_TRUSTS, "Hard ident limit exceeded: %s@%s (group: %s): %d connected, %d max.", username, IPtostr(*ip), tg->name->content, identcount + usercountadjustment, tg->maxperident);
135 snprintf(message, messagelen, "Too many connections from your username (%s@%s) - see http://www.quakenet.org/help/trusts/connection-limit for details.", username, IPtostr(*ip));
136 return POLICY_FAILURE_IDENTCOUNT;
137 }
138 }
139 } else {
140 if(tg->count < tg->maxusage)
141 tg->exts[countext] = (void *)(long)tg->count;
142 }
143
144 if(tg->trustedfor > 0)
145 snprintf(message, messagelen, "Trust has %d out of %d allowed connections.", tg->count + usercountadjustment, tg->trustedfor);
146
147 return POLICY_SUCCESS;
148 }
149
150 static int checkconnection(const char *username, struct irc_in_addr *ip, int hooknum, int cloneadjustment, char *message, size_t messagelen) {
151 struct irc_in_addr ip_canonicalized;
152 ip_canonicalize_tunnel(&ip_canonicalized, ip);
153
154 return checkconnectionth(username, &ip_canonicalized, th_getbyhost(&ip_canonicalized), hooknum, cloneadjustment, message, messagelen);
155 }
156
157 static int trustdowrite(trustsocket *sock, char *format, ...) {
158 char buf[1024];
159 va_list va;
160 int r;
161
162 va_start(va, format);
163 r = vsnprintf(buf, sizeof(buf), format, va);
164 va_end(va);
165
166 if(r >= sizeof(buf))
167 r = sizeof(buf) - 1;
168
169 buf[r] = '\n';
170
171 if(write(sock->fd, buf, r + 1) != r + 1)
172 return 0;
173 return 1;
174 }
175
176 static int policycheck_auth(trustsocket *sock, const char *sequence_id, const char *username, const char *host) {
177 char message[512];
178 int verdict;
179 struct irc_in_addr ip;
180 unsigned char bits;
181
182 if(!ipmask_parse(host, &ip, &bits)) {
183 sock->accepted++;
184 return trustdowrite(sock, "PASS %s", sequence_id);
185 }
186
187 verdict = checkconnection(username, &ip, HOOK_TRUSTS_NEWNICK, 1, message, sizeof(message));
188
189 if(!enforcepolicy_auth)
190 verdict = POLICY_SUCCESS;
191
192 if (verdict == POLICY_SUCCESS) {
193 sock->accepted++;
194
195 if(message[0])
196 return trustdowrite(sock, "PASS %s %s", sequence_id, message);
197 else
198 return trustdowrite(sock, "PASS %s", sequence_id);
199 } else {
200 sock->rejected++;
201
202 controlwall(NO_OPER, NL_TRUSTS, "Rejected connection from %s@%s using IAuth: %s", username, host, message);
203 return trustdowrite(sock, "KILL %s %s", sequence_id, message);
204 }
205 }
206
207 static int trustkillconnection(trustsocket *sock, char *reason) {
208 trustdowrite(sock, "QUIT %s", reason);
209 return 0;
210 }
211
212 static void trustfreeconnection(trustsocket *sock, int unlink) {
213 trustsocket **pnext = &tslist;
214
215 if(!unlink) {
216 deregisterhandler(sock->fd, 1);
217 nsfree(POOL_TRUSTS, sock);
218 return;
219 }
220
221 for(trustsocket *ts=tslist;ts;ts=ts->next) {
222 if(ts == sock) {
223 *pnext = sock->next;
224 trustfreeconnection(sock, 0);
225 break;
226 }
227
228 pnext = &(sock->next);
229 }
230 }
231
232 static int handletrustauth(trustsocket *sock, char *server_name, char *mac) {
233 int i;
234 char *password = NULL;
235 unsigned char digest[16];
236 char noncehexbuf[NONCELEN * 2 + 1];
237 char hexbuf[sizeof(digest) * 2 + 1];
238
239 for(i=0;i<MAXSERVERS;i++) {
240 if(trustaccounts[i].used && strcmp(trustaccounts[i].server, server_name) == 0) {
241 password = trustaccounts[i].password;
242 break;
243 }
244 }
245
246 if (!password) {
247 controlwall(NO_OPER, NL_TRUSTS, "Invalid servername for policy socket: '%s'", server_name);
248 return trustkillconnection(sock, "Invalid servername.");
249 }
250
251 hmacmd5 h;
252 hmacmd5_init(&h, (unsigned char *)password, strlen(password));
253 hmacmd5_update(&h, (unsigned char *)hmac_printhex(sock->nonce, noncehexbuf, NONCELEN), NONCELEN * 2);
254 hmacmd5_final(&h, digest);
255 if(hmac_strcmp(mac, hmac_printhex(digest, hexbuf, sizeof(digest)))) {
256 controlwall(NO_OPER, NL_TRUSTS, "Invalid password for policy socket with servername '%s'.", server_name);
257 return trustkillconnection(sock, "Bad MAC.");
258 }
259
260 sock->authed = 1;
261 strncpy(sock->authuser, server_name, SERVERLEN);
262
263 controlwall(NO_OPER, NL_TRUSTS, "Successful authentication for policy socket with servername '%s'.", server_name);
264 return trustdowrite(sock, "AUTHOK");
265 }
266
267 #define MAXTOKENS 10
268 static int handletrustline(trustsocket *sock, char *line) {
269 char *command, *p, *lastpos;
270 char *tokens[MAXTOKENS];
271 int tokensfound = -1;
272
273 for(command=lastpos=p=line;*p;p++) {
274 if(*p == ' ') {
275 *p = '\0';
276 if(tokensfound == MAXTOKENS)
277 return trustkillconnection(sock, "too many tokens");
278
279 if(tokensfound >= 0) {
280 tokens[tokensfound++] = lastpos;
281 } else {
282 tokensfound++;
283 }
284 lastpos = p + 1;
285 }
286 }
287 if(lastpos != p) {
288 if(tokensfound == MAXTOKENS)
289 return trustkillconnection(sock, "too many tokens");
290 tokens[tokensfound++] = lastpos;
291 }
292
293 if(!sock->authed && !strcmp("AUTH", command)) {
294 if(tokensfound != 2)
295 return trustkillconnection(sock, "incorrect arg count for command.");
296
297 return handletrustauth(sock, tokens[0], tokens[1]);
298 } else if(sock->authed && !strcmp("CHECK", command)) {
299 if(tokensfound != 3)
300 return trustkillconnection(sock, "incorrect arg count for command.");
301
302 policycheck_auth(sock, tokens[0], tokens[1], tokens[2]);
303 return 1;
304 } else {
305 Error("trusts_policy", ERR_WARNING, "Bad command: %s", command);
306 return 0;
307 }
308 }
309
310 static trustsocket *findtrustsocketbyfd(int fd) {
311 for(trustsocket *ts=tslist;ts;ts=ts->next)
312 if(ts->fd==fd)
313 return ts;
314
315 return NULL;
316 }
317
318 static int handletrustclient(trustsocket *sock) {
319 int r, remaining = TRUSTBUFSIZE - sock->size, i;
320 char *lastpos, *c;
321
322 if(!remaining) {
323 trustkillconnection(sock, "Buffer overflow.");
324 return 0;
325 }
326
327 r = read(sock->fd, sock->buf + sock->size, remaining);
328 if(r <= 0)
329 return 0;
330
331 sock->size+=r;
332 lastpos = sock->buf;
333
334 for(c=sock->buf,i=0;i<sock->size;i++,c++) {
335 if(*c != '\n')
336 continue;
337 *c = '\0';
338 if(!handletrustline(sock, lastpos))
339 return 0;
340
341 lastpos = c + 1; /* is this ok? */
342 }
343 sock->size-=lastpos - sock->buf;
344 memmove(sock->buf, lastpos, sock->size);
345
346 return 1;
347 }
348
349 static void processtrustclient(int fd, short events) {
350 trustsocket *sock = findtrustsocketbyfd(fd);
351
352 if(!sock)
353 return;
354
355 if(events & POLLIN)
356 if(!handletrustclient(sock))
357 trustfreeconnection(sock, 1);
358 }
359
360 static void trustdotimeout(void *arg) {
361 time_t t = time(NULL);
362 trustsocket **pnext, *next, *sock;
363
364 pnext = &tslist;
365
366 for(sock=tslist;sock;) {
367 next = sock->next;
368
369 if(!sock->authed && t >= sock->timeout) {
370 trustkillconnection(sock, "Auth timeout.");
371 *pnext = sock->next;
372 trustfreeconnection(sock, 0);
373 } else {
374 pnext = &(sock->next);
375 }
376
377 sock=next;
378 }
379 }
380
381 static void processtrustlistener(int fd, short events) {
382 if(events & POLLIN) {
383 trustsocket *sock;
384 char buf[NONCELEN * 2 + 1];
385
386 int newfd = accept(fd, NULL, NULL), flags;
387 if(newfd == -1)
388 return;
389
390 flags = fcntl(newfd, F_GETFL, 0);
391 if(flags < 0) {
392 Error("trusts_policy", ERR_WARNING, "Unable to set socket non-blocking.");
393 close(newfd);
394 return;
395 }
396
397 if(fcntl(fd, F_SETFL, flags|O_NONBLOCK) < 0) {
398 Error("trusts_policy", ERR_WARNING, "Unable to set socket non-blocking.");
399 close(newfd);
400 return;
401 }
402
403 registerhandler(newfd, POLLIN|POLLERR|POLLHUP, processtrustclient);
404
405 sock = nsmalloc(POOL_TRUSTS, sizeof(trustsocket));
406 if(!sock) {
407 deregisterhandler(newfd, 1);
408 return;
409 }
410
411 sock->fd = newfd;
412 sock->next = tslist;
413 tslist = sock;
414
415 if(fread((char *)sock->nonce, 1, NONCELEN, urandom) != NONCELEN) {
416 Error("trusts_policy", ERR_WARNING, "Error getting random bytes.");
417 deregisterhandler(newfd, 1);
418 tslist = sock->next;
419 nsfree(POOL_TRUSTS, sock);
420 } else {
421 sock->authed = 0;
422 sock->size = 0;
423 sock->connected = time(NULL);
424 sock->timeout = time(NULL) + 30;
425 sock->accepted = 0;
426 sock->rejected = 0;
427 if(!trustdowrite(sock, "AUTH %s", hmac_printhex(sock->nonce, buf, NONCELEN))) {
428 Error("trusts_policy", ERR_WARNING, "Error writing auth to fd %d.", newfd);
429 deregisterhandler(newfd, 1);
430 tslist = sock->next;
431 nsfree(POOL_TRUSTS, sock);
432 return;
433 }
434 }
435 }
436 }
437
438 static int createlistenersock(int port) {
439 struct sockaddr_in s;
440 int fd;
441 int optval;
442
443 memset(&s, 0, sizeof(struct sockaddr_in));
444 s.sin_family = AF_INET;
445 s.sin_addr.s_addr = INADDR_ANY;
446 s.sin_port = htons(port);
447
448 fd = socket(PF_INET, SOCK_STREAM, 0);
449 if(fd < 0) {
450 Error("trusts_policy", ERR_WARNING, "Unable to get socket for trustfd.");
451 return -1;
452 }
453
454 optval = 1;
455 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval));
456
457 if(bind(fd, (struct sockaddr *)&s, sizeof(struct sockaddr_in)) < 0) {
458 Error("trusts_policy", ERR_WARNING, "Unable to bind trustfd.");
459 close(fd);
460 return -1;
461 }
462
463 if(listen(fd, 5) < 0) {
464 Error("trusts_policy", ERR_WARNING, "Unable to listen on trustfd.");
465 close(fd);
466 return -1;
467 }
468
469 registerhandler(fd, POLLIN, processtrustlistener);
470
471 return fd;
472 }
473
474 static void policycheck_irc(int hooknum, void *arg) {
475 void **args = arg;
476 nick *np = args[0];
477 long moving = (long)args[1];
478 char message[512];
479 int verdict;
480
481 if(moving)
482 return;
483
484 verdict = checkconnectionth(np->ident, &np->p_nodeaddr, gettrusthost(np), hooknum, 0, message, sizeof(message));
485
486 if(!enforcepolicy_irc)
487 verdict = POLICY_SUCCESS;
488
489 switch (verdict) {
490 case POLICY_FAILURE_NODECOUNT:
491 glinebynick(np, POLICY_GLINE_DURATION, message, GLINE_IGNORE_TRUST, "trusts_policy");
492 break;
493 case POLICY_FAILURE_IDENTD:
494 glinebyip("~*", &np->p_ipaddr, 128, POLICY_GLINE_DURATION, message, GLINE_ALWAYS_USER|GLINE_IGNORE_TRUST, "trusts_policy");
495 break;
496 case POLICY_FAILURE_IDENTCOUNT:
497 glinebynick(np, POLICY_GLINE_DURATION, message, GLINE_ALWAYS_USER|GLINE_IGNORE_TRUST, "trusts_policy");
498 break;
499 }
500 }
501
502 static int trusts_cmdtrustpolicyirc(void *source, int cargc, char **cargv) {
503 nick *sender = source;
504
505 if(cargc < 1) {
506 controlreply(sender, "Use of glines for trust policy enforcement is currently %s.", enforcepolicy_irc?"enabled":"disabled");
507 return CMD_OK;
508 }
509
510 enforcepolicy_irc = atoi(cargv[0]);
511 controlwall(NO_OPER, NL_TRUSTS, "%s %s use of glines for trust policy enforcement.", controlid(sender), enforcepolicy_irc?"enabled":"disabled");
512 controlreply(sender, "Use of glines for trust policy enforcement is now %s.", enforcepolicy_irc?"enabled":"disabled");
513
514 return CMD_OK;
515 }
516
517 static int trusts_cmdtrustpolicyauth(void *source, int cargc, char **cargv) {
518 nick *sender = source;
519
520 if(cargc < 1) {
521 controlreply(sender, "Trust policy enforcement with IAuth is currently %s.", enforcepolicy_auth?"enabled":"disabled");
522 return CMD_OK;
523 }
524
525 enforcepolicy_auth = atoi(cargv[0]);
526 controlwall(NO_OPER, NL_TRUSTS, "%s %s trust policy enforcement with IAuth.", controlid(sender), enforcepolicy_auth?"enabled":"disabled");
527 controlreply(sender, "Trust policy enforcement with IAuth is now %s.", enforcepolicy_auth?"enabled":"disabled");
528
529 return CMD_OK;
530 }
531
532
533 static int trusts_cmdtrustsockets(void *source, int cargc, char **cargv) {
534 nick *sender = source;
535 time_t now;
536 trustsocket *sock;
537
538 time(&now);
539
540 controlreply(sender, "Server Connected for Accepted Rejected");
541
542 for(sock=tslist;sock;sock=sock->next)
543 controlreply(sender, "%-20s %20s %10d %15d", sock->authed?sock->authuser:"<not authenticated>", longtoduration(now - sock->connected, 0), sock->accepted, sock->rejected);
544
545 controlreply(sender, "-- End of list.");
546 return CMD_OK;
547 }
548
549 void loadtrustaccounts(void) {
550 array *accts;
551
552 memset(trustaccounts, 0, sizeof(trustaccounts));
553
554 accts = getconfigitems("trusts_policy", "server");
555 if(!accts) {
556 Error("trusts_policy", ERR_INFO, "No servers added.");
557 } else {
558 sstring **servers = (sstring **)(accts->content);
559 int i;
560 for(i=0;i<accts->cursi;i++) {
561 char server[512];
562 char *pos;
563
564 if(i>=MAXSERVERS) {
565 Error("trusts_policy", ERR_INFO, "Too many servers specified.");
566 break;
567 }
568
569 strncpy(server, servers[i]->content, sizeof(server));
570
571 pos = strchr(server, ',');
572
573 if(!pos) {
574 Error("trusts_policy", ERR_INFO, "Server line is missing password: %s", server);
575 continue;
576 }
577
578 *pos = '\0';
579
580 trustaccounts[i].used = 1;
581 strncpy(trustaccounts[i].server, server, SERVERLEN);
582 strncpy(trustaccounts[i].password, pos+1, TRUSTPASSLEN);
583 }
584 }
585 }
586
587 static void trustaccounts_rehash(int hooknum, void *arg) {
588 loadtrustaccounts();
589 }
590
591 void _init(void) {
592 sstring *m;
593 int trustport;
594
595 countext = registertgext("count");
596 if(countext == -1)
597 return;
598
599 m = getconfigitem("trusts_policy", "enforcepolicy_irc");
600 if(m)
601 enforcepolicy_irc = atoi(m->content);
602
603 m = getconfigitem("trusts_policy", "enforcepolicy_auth");
604 if(m)
605 enforcepolicy_auth = atoi(m->content);
606
607 m = getconfigitem("trusts_policy", "trustport");
608 if(m)
609 trustport = atoi(m->content);
610 else
611 trustport = DEFAULT_TRUSTPORT;
612
613 if(trustport)
614 listenerfd = createlistenersock(trustport);
615
616 loadtrustaccounts();
617
618 registerhook(HOOK_TRUSTS_NEWNICK, policycheck_irc);
619 registerhook(HOOK_TRUSTS_LOSTNICK, &policycheck_irc);
620 registerhook(HOOK_CORE_REHASH, trustaccounts_rehash);
621
622 registercontrolhelpcmd("trustpolicyirc", NO_DEVELOPER, 1, trusts_cmdtrustpolicyirc, "Usage: trustpolicyirc ?1|0?\nEnables or disables policy enforcement (IRC). Shows current status when no parameter is specified.");
623 registercontrolhelpcmd("trustpolicyauth", NO_DEVELOPER, 1, trusts_cmdtrustpolicyauth, "Usage: trustpolicyauth ?1|0?\nEnables or disables policy enforcement (IAuth). Shows current status when no parameter is specified.");
624 registercontrolhelpcmd("trustsockets", NO_DEVELOPER, 0, trusts_cmdtrustsockets, "Usage: trustsockets\nLists all currently active TRUST sockets.");
625
626 schedulerecurring(time(NULL)+1, 0, 5, trustdotimeout, NULL);
627
628 urandom = fopen("/dev/urandom", "rb");
629 if(!urandom)
630 Error("trusts_policy", ERR_ERROR, "Couldn't open /dev/urandom.");
631 }
632
633 void _fini(void) {
634 trustsocket *sock, *next;
635
636 if(countext == -1)
637 return;
638
639 releasetgext(countext);
640
641 deregisterhook(HOOK_TRUSTS_NEWNICK, policycheck_irc);
642 deregisterhook(HOOK_TRUSTS_LOSTNICK, policycheck_irc);
643 deregisterhook(HOOK_CORE_REHASH, trustaccounts_rehash);
644
645 deregistercontrolcmd("trustpolicyirc", trusts_cmdtrustpolicyirc);
646 deregistercontrolcmd("trustpolicyauth", trusts_cmdtrustpolicyauth);
647 deregistercontrolcmd("trustsockets", trusts_cmdtrustsockets);
648
649 deleteallschedules(trustdotimeout);
650
651 if (urandom)
652 fclose(urandom);
653
654 if (listenerfd != -1)
655 deregisterhandler(listenerfd, 1);
656
657 for(sock=tslist;sock;) {
658 next = sock->next;
659
660 trustkillconnection(sock, "Unloading module.");
661 trustfreeconnection(sock, 0);
662
663 sock = next;
664 }
665 }
Unnamed repository; edit this file 'description' to name the repository.