]> jfr.im git - irc/quakenet/newserv.git/blob - trusts/trusts_policy.c
projects / irc / quakenet / newserv.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Added missing colons.
[irc/quakenet/newserv.git] / trusts / trusts_policy.c
1 #include <stdio.h>
2 #include <stdlib.h>
3 #include <stdarg.h>
4 #include <unistd.h>
5 #include <sys/types.h>
6 #include <sys/socket.h>
7 #include <netinet/in.h>
8
9 #ifndef __USE_MISC
10 #define __USE_MISC /* inet_aton */
11 #endif
12
13 #include <arpa/inet.h>
14 #include <sys/un.h>
15 #include <sys/poll.h>
16 #include <errno.h>
17 #include <fcntl.h>
18
19 #include "../lib/hmac.h"
20 #include "../core/events.h"
21 #include "../core/schedule.h"
22 #include "../core/nsmalloc.h"
23 #include "../core/hooks.h"
24 #include "../core/config.h"
25 #include "../control/control.h"
26 #include "../lib/irc_string.h"
27 #include "../irc/irc.h"
28 #include "../glines/glines.h"
29 #include "trusts.h"
30
31 static int countext, enforcepolicy;
32
33 #define TRUSTBUFSIZE 8192
34 #define TRUSTPASSLEN 128
35 #define NONCELEN 16
36
37 typedef struct trustsocket {
38 int fd;
39 int authed;
40 char authuser[SERVERLEN+1];
41 char buf[TRUSTBUFSIZE];
42 unsigned char nonce[NONCELEN];
43 int size;
44 time_t connected;
45 time_t timeout;
46 int accepted;
47 int rejected;
48
49 struct trustsocket *next;
50 } trustsocket;
51
52 static trustsocket *tslist;
53 static int listenerfd = -1;
54 static FILE *urandom;
55
56 typedef struct trustaccount {
57 int used;
58 char server[SERVERLEN+1];
59 char password[TRUSTPASSLEN+1];
60 } trustaccount;
61
62 trustaccount trustaccounts[MAXSERVERS];
63
64 static int checkconnectionth(const char *username, struct irc_in_addr *ip, trusthost *th, int hooknum, int usercountadjustment, char *message, size_t messagelen) {
65 trustgroup *tg;
66
67 if(messagelen>0)
68 message[0] = '\0';
69
70 if(!th)
71 return POLICY_SUCCESS;
72
73 tg = th->group;
74
75 /*
76 * the purpose of this logic is to avoid spam like this:
77 * WARNING: tgX exceeded limit: 11 connected vs 10 max
78 * (goes back down to 10)
79 * WARNING: tgX exceeded limit: 11 connected vs 10 max
80 */
81
82 if(hooknum == HOOK_TRUSTS_NEWNICK) {
83 patricia_node_t *head, *node;
84 int nodecount = 0;
85
86 head = refnode(iptree, ip, th->nodebits);
87 PATRICIA_WALK(head, node)
88 {
89 nodecount += node->usercount;
90 }
91 PATRICIA_WALK_END;
92 derefnode(iptree, head);
93
94 if(th->maxpernode && nodecount + usercountadjustment > th->maxpernode) {
95 controlwall(NO_OPER, NL_TRUSTS, "Hard connection limit exceeded on subnet: %s (group: %s): %d connected, %d max.", trusts_cidr2str(ip, th->nodebits), tg->name->content, nodecount, th->maxpernode);
96 snprintf(message, messagelen, "Too many connections from your host (%s) - see http://www.quakenet.org/help/trusts/connection-limit for details.", IPtostr(*ip));
97 return POLICY_FAILURE_NODECOUNT;
98 }
99
100 if(tg->trustedfor && tg->count + usercountadjustment > tg->trustedfor) {
101 if(tg->count > (long)tg->exts[countext]) {
102 tg->exts[countext] = (void *)(long)tg->count;
103
104 controlwall(NO_OPER, NL_TRUSTS, "Hard connection limit exceeded (group %s): %d connected, %d max.", tg->name->content, tg->count, tg->trustedfor);
105 snprintf(message, messagelen, "Too many connections from your trust (%s) - see http://www.quakenet.org/help/trusts/connection-limit for details.", IPtostr(*ip));
106 return POLICY_FAILURE_GROUPCOUNT;
107 }
108
109 snprintf(message, messagelen, "Trust has %d out of %d allowed connections.", tg->count + usercountadjustment, tg->trustedfor);
110 }
111
112 if((tg->flags & TRUST_ENFORCE_IDENT) && (username[0] == '~')) {
113 controlwall(NO_OPER, NL_TRUSTS, "Ident required: %s@%s (group: %s).", username, IPtostr(*ip), tg->name->content);
114 snprintf(message, messagelen, "IDENTD required from your host (%s) - see http://www.quakenet.org/help/trusts/connection-limit for details.", IPtostr(*ip));
115 return POLICY_FAILURE_IDENTD;
116 }
117
118 if(tg->maxperident > 0) {
119 int identcount = 0;
120 trusthost *th2;
121 nick *tnp;
122
123 for(th2=tg->hosts;th2;th2=th2->next) {
124 for(tnp=th2->users;tnp;tnp=nextbytrust(tnp)) {
125 if(!ircd_strcmp(tnp->ident, username))
126 identcount++;
127 }
128 }
129
130 if(identcount + usercountadjustment > tg->maxperident) {
131 controlwall(NO_OPER, NL_TRUSTS, "Hard ident limit exceeded: %s@%s (group: %s): %d connected, %d max.", username, IPtostr(*ip), tg->name->content, identcount, tg->maxperident);
132 snprintf(message, messagelen, "Too many connections from your username (%s@%s) - see http://www.quakenet.org/help/trusts/connection-limit for details.", username, IPtostr(*ip));
133 return POLICY_FAILURE_IDENTCOUNT;
134 }
135 }
136 } else {
137 if(tg->count < tg->maxusage)
138 tg->exts[countext] = (void *)(long)tg->count;
139 }
140
141 return POLICY_SUCCESS;
142 }
143
144 static int checkconnection(const char *username, struct irc_in_addr *ip, int hooknum, int cloneadjustment, char *message, size_t messagelen) {
145 struct irc_in_addr ip_canonicalized;
146 ip_canonicalize_tunnel(&ip_canonicalized, ip);
147
148 return checkconnectionth(username, &ip_canonicalized, th_getbyhost(ip), hooknum, cloneadjustment, message, messagelen);
149 }
150
151 static int trustdowrite(trustsocket *sock, char *format, ...) {
152 char buf[1024];
153 va_list va;
154 int r;
155
156 va_start(va, format);
157 r = vsnprintf(buf, sizeof(buf), format, va);
158 va_end(va);
159
160 if(r >= sizeof(buf))
161 r = sizeof(buf) - 1;
162
163 buf[r] = '\n';
164
165 if(write(sock->fd, buf, r + 1) != r + 1)
166 return 0;
167 return 1;
168 }
169
170 static int policycheck_auth(trustsocket *sock, const char *sequence_id, const char *username, const char *host) {
171 char message[512];
172 int verdict;
173 struct irc_in_addr ip;
174 unsigned char bits;
175
176 if(!ipmask_parse(host, &ip, &bits)) {
177 sock->accepted++;
178 return trustdowrite(sock, "PASS %s", sequence_id);
179 }
180
181 verdict = checkconnection(username, &ip, HOOK_TRUSTS_NEWNICK, 1, message, sizeof(message));
182
183 if (verdict == POLICY_SUCCESS) {
184 sock->accepted++;
185
186 if(message[0])
187 return trustdowrite(sock, "PASS %s %s", sequence_id, message);
188 else
189 return trustdowrite(sock, "PASS %s", sequence_id);
190 } else {
191 sock->rejected++;
192
193 controlwall(NO_OPER, NL_TRUSTS, "Rejected connection from %s@%s using IAuth: %s", username, host, message);
194 return trustdowrite(sock, "KILL %s %s", sequence_id, message);
195 }
196 }
197
198 static int trustkillconnection(trustsocket *sock, char *reason) {
199 trustdowrite(sock, "QUIT %s", reason);
200 return 0;
201 }
202
203 static void trustfreeconnection(trustsocket *sock) {
204 trustsocket **pnext = &tslist;
205
206 for(trustsocket *ts=tslist;ts;ts=ts->next) {
207 if(ts == sock) {
208 deregisterhandler(sock->fd, 1);
209 *pnext = sock->next;
210 nsfree(POOL_TRUSTS, sock);
211 break;
212 }
213
214 pnext = &(sock->next);
215 }
216 }
217
218 static int handletrustauth(trustsocket *sock, char *server_name, char *mac) {
219 int i;
220 char *password = NULL;
221 unsigned char digest[16];
222 char noncehexbuf[NONCELEN * 2 + 1];
223 char hexbuf[sizeof(digest) * 2 + 1];
224
225 for(i=0;i<MAXSERVERS;i++) {
226 if(trustaccounts[i].used && strcmp(trustaccounts[i].server, server_name) == 0) {
227 password = trustaccounts[i].password;
228 break;
229 }
230 }
231
232 if (!password)
233 return trustkillconnection(sock, "Invalid servername.");
234
235 hmacmd5 h;
236 hmacmd5_init(&h, (unsigned char *)password, strlen(password));
237 hmacmd5_update(&h, (unsigned char *)hmac_printhex(sock->nonce, noncehexbuf, NONCELEN), NONCELEN * 2);
238 hmacmd5_final(&h, digest);
239 if(hmac_strcmp(mac, hmac_printhex(digest, hexbuf, sizeof(digest))))
240 return trustkillconnection(sock, "Bad MAC.");
241
242 sock->authed = 1;
243 strncpy(sock->authuser, server_name, SERVERLEN);
244 return trustdowrite(sock, "AUTHOK");
245 }
246
247 #define MAXTOKENS 10
248 static int handletrustline(trustsocket *sock, char *line) {
249 char *command, *p, *lastpos;
250 char *tokens[MAXTOKENS];
251 int tokensfound = -1;
252
253 for(command=lastpos=p=line;*p;p++) {
254 if(*p == ' ') {
255 *p = '\0';
256 if(tokensfound == MAXTOKENS)
257 return trustkillconnection(sock, "too many tokens");
258
259 if(tokensfound >= 0) {
260 tokens[tokensfound++] = lastpos;
261 } else {
262 tokensfound++;
263 }
264 lastpos = p + 1;
265 }
266 }
267 if(lastpos != p) {
268 if(tokensfound == MAXTOKENS)
269 return trustkillconnection(sock, "too many tokens");
270 tokens[tokensfound++] = lastpos;
271 }
272
273 if(!sock->authed && !strcmp("AUTH", command)) {
274 if(tokensfound != 2)
275 return trustkillconnection(sock, "incorrect arg count for command.");
276
277 return handletrustauth(sock, tokens[0], tokens[1]);
278 } else if(sock->authed && !strcmp("CHECK", command)) {
279 if(tokensfound != 3)
280 return trustkillconnection(sock, "incorrect arg count for command.");
281
282 policycheck_auth(sock, tokens[0], tokens[1], tokens[2]);
283 return 1;
284 } else {
285 Error("trusts_policy", ERR_WARNING, "Bad command: %s", command);
286 return 0;
287 }
288 }
289
290 static trustsocket *findtrustsocketbyfd(int fd) {
291 for(trustsocket *ts=tslist;ts;ts=ts->next)
292 if(ts->fd==fd)
293 return ts;
294
295 return NULL;
296 }
297
298 static int handletrustclient(trustsocket *sock) {
299 int r, remaining = TRUSTBUFSIZE - sock->size, i;
300 char *lastpos, *c;
301
302 if(!remaining) {
303 trustkillconnection(sock, "Buffer overflow.");
304 return 0;
305 }
306
307 r = read(sock->fd, sock->buf + sock->size, remaining);
308 if(r <= 0)
309 return 0;
310
311 sock->size+=r;
312 lastpos = sock->buf;
313
314 for(c=sock->buf,i=0;i<sock->size;i++,c++) {
315 if(*c != '\n')
316 continue;
317 *c = '\0';
318 if(!handletrustline(sock, lastpos))
319 return 0;
320
321 lastpos = c + 1; /* is this ok? */
322 }
323 sock->size-=lastpos - sock->buf;
324 memmove(sock->buf, lastpos, sock->size);
325
326 return 1;
327 }
328
329 static void processtrustclient(int fd, short events) {
330 trustsocket *sock = findtrustsocketbyfd(fd);
331
332 if(!sock)
333 return;
334
335 if(events & POLLIN)
336 if(!handletrustclient(sock))
337 trustfreeconnection(sock);
338 }
339
340 static void trustdotimeout(void *arg) {
341 time_t t = time(NULL);
342 trustsocket **pnext, *next, *sock;
343
344 pnext = &tslist;
345
346 for(sock=tslist;sock;) {
347 next = sock->next;
348
349 if(!sock->authed && t >= sock->timeout) {
350 trustkillconnection(sock, "Auth timeout.");
351 deregisterhandler(sock->fd, 1);
352 *pnext = sock->next;
353 nsfree(POOL_TRUSTS, sock);
354 } else {
355 pnext = &(sock->next);
356 }
357
358 sock=next;
359 }
360 }
361
362 static void processtrustlistener(int fd, short events) {
363 if(events & POLLIN) {
364 trustsocket *sock;
365 char buf[NONCELEN * 2 + 1];
366
367 int newfd = accept(fd, NULL, NULL), flags;
368 if(newfd == -1)
369 return;
370
371 flags = fcntl(newfd, F_GETFL, 0);
372 if(flags < 0) {
373 Error("trusts_policy", ERR_WARNING, "Unable to set socket non-blocking.");
374 close(newfd);
375 return;
376 }
377
378 if(fcntl(fd, F_SETFL, flags|O_NONBLOCK) < 0) {
379 Error("trusts_policy", ERR_WARNING, "Unable to set socket non-blocking.");
380 close(newfd);
381 return;
382 }
383
384 registerhandler(newfd, POLLIN|POLLERR|POLLHUP, processtrustclient);
385
386 sock = nsmalloc(POOL_TRUSTS, sizeof(trustsocket));
387 if(!sock) {
388 deregisterhandler(newfd, 1);
389 return;
390 }
391
392 sock->fd = newfd;
393 sock->next = tslist;
394 tslist = sock;
395
396 if(fread((char *)sock->nonce, 1, NONCELEN, urandom) != NONCELEN) {
397 Error("trusts_policy", ERR_WARNING, "Error getting random bytes.");
398 deregisterhandler(newfd, 1);
399 tslist = sock->next;
400 nsfree(POOL_TRUSTS, sock);
401 } else {
402 sock->authed = 0;
403 sock->size = 0;
404 sock->connected = time(NULL);
405 sock->timeout = time(NULL) + 30;
406 sock->accepted = 0;
407 sock->rejected = 0;
408 if(!trustdowrite(sock, "AUTH %s", hmac_printhex(sock->nonce, buf, NONCELEN))) {
409 Error("trusts_policy", ERR_WARNING, "Error writing auth to fd %d.", newfd);
410 deregisterhandler(newfd, 1);
411 tslist = sock->next;
412 nsfree(POOL_TRUSTS, sock);
413 return;
414 }
415 }
416 }
417 }
418
419 static int createlistenersock(int port) {
420 struct sockaddr_in s;
421 int fd;
422 int optval;
423
424 memset(&s, 0, sizeof(struct sockaddr_in));
425 s.sin_family = AF_INET;
426 s.sin_addr.s_addr = INADDR_ANY;
427 s.sin_port = htons(port);
428
429 fd = socket(PF_INET, SOCK_STREAM, 0);
430 if(fd < 0) {
431 Error("trusts_policy", ERR_WARNING, "Unable to get socket for trustfd.");
432 return -1;
433 }
434
435 optval = 1;
436 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval));
437
438 if(bind(fd, (struct sockaddr *)&s, sizeof(struct sockaddr_in)) < 0) {
439 Error("trusts_policy", ERR_WARNING, "Unable to bind trustfd.");
440 close(fd);
441 return -1;
442 }
443
444 if(listen(fd, 5) < 0) {
445 Error("trusts_policy", ERR_WARNING, "Unable to listen on trustfd.");
446 close(fd);
447 return -1;
448 }
449
450 registerhandler(fd, POLLIN, processtrustlistener);
451
452 return fd;
453 }
454
455 static void policycheck_irc(int hooknum, void *arg) {
456 void **args = arg;
457 nick *np = args[0];
458 long moving = (long)args[1];
459 char message[512];
460 int verdict;
461
462 if(moving)
463 return;
464
465 verdict = checkconnectionth(np->ident, &np->p_nodeaddr, gettrusthost(np), hooknum, 0, message, sizeof(message));
466
467 if(!enforcepolicy)
468 return;
469
470 switch (verdict) {
471 case POLICY_FAILURE_NODECOUNT:
472 glinebynick(np, POLICY_GLINE_DURATION, message, GLINE_IGNORE_TRUST, "trusts_policy");
473 break;
474 case POLICY_FAILURE_IDENTD:
475 glinebyip("~*", &np->p_ipaddr, 128, POLICY_GLINE_DURATION, message, GLINE_ALWAYS_USER|GLINE_IGNORE_TRUST, "trusts_policy");
476 break;
477 case POLICY_FAILURE_IDENTCOUNT:
478 glinebynick(np, POLICY_GLINE_DURATION, message, GLINE_ALWAYS_USER|GLINE_IGNORE_TRUST, "trusts_policy");
479 break;
480 }
481 }
482
483 static int trusts_cmdtrustpolicy(void *source, int cargc, char **cargv) {
484 nick *sender = source;
485
486 if(cargc < 1) {
487 controlreply(sender, "Trust policy enforcement is currently %s.", enforcepolicy?"enabled":"disabled");
488 return CMD_OK;
489 }
490
491 enforcepolicy = atoi(cargv[0]);
492 controlwall(NO_OPER, NL_TRUSTS, "%s %s trust policy enforcement.", controlid(sender), enforcepolicy?"enabled":"disabled");
493 controlreply(sender, "Trust policy enforcement is now %s.", enforcepolicy?"enabled":"disabled");
494
495 return CMD_OK;
496 }
497
498 static int trusts_cmdtrustsockets(void *source, int cargc, char **cargv) {
499 nick *sender = source;
500 time_t now;
501 trustsocket *sock;
502
503 time(&now);
504
505 controlreply(sender, "Server Connected for Accepted Rejected");
506
507 for(sock=tslist;sock;sock=sock->next)
508 controlreply(sender, "%-20s %20s %10d %15d", sock->authed?sock->authuser:"<not authenticated>", longtoduration(now - sock->connected, 0), sock->accepted, sock->rejected);
509
510 controlreply(sender, "-- End of list.");
511 return CMD_OK;
512 }
513
514 void _init(void) {
515 sstring *m;
516 array *accts;
517 int trustport;
518
519 countext = registertgext("count");
520 if(countext == -1)
521 return;
522
523 m = getconfigitem("trusts_policy", "enforcepolicy");
524 if(m)
525 enforcepolicy = atoi(m->content);
526
527 m = getconfigitem("trusts_policy", "trustport");
528 if(m)
529 trustport = atoi(m->content);
530 else
531 trustport = DEFAULT_TRUSTPORT;
532
533 if(trustport)
534 listenerfd = createlistenersock(trustport);
535
536 accts = getconfigitems("trusts_policy", "server");
537 if(!accts) {
538 Error("trusts_policy", ERR_INFO, "No servers added.");
539 } else {
540 sstring **servers = (sstring **)(accts->content);
541 int i;
542 for(i=0;i<accts->cursi;i++) {
543 char server[512];
544 char *pos;
545
546 if(i>=MAXSERVERS) {
547 Error("trusts_policy", ERR_INFO, "Too many servers specified.");
548 break;
549 }
550
551 strncpy(server, servers[i]->content, sizeof(server));
552
553 pos = strchr(server, ',');
554
555 if(!pos) {
556 Error("trusts_policy", ERR_INFO, "Server line is missing password: %s", server);
557 continue;
558 }
559
560 *pos = '\0';
561
562 trustaccounts[i].used = 1;
563 strncpy(trustaccounts[i].server, server, SERVERLEN);
564 strncpy(trustaccounts[i].password, pos+1, TRUSTPASSLEN);
565 }
566 }
567
568 registerhook(HOOK_TRUSTS_NEWNICK, policycheck_irc);
569 registerhook(HOOK_TRUSTS_LOSTNICK, policycheck_irc);
570
571 registercontrolhelpcmd("trustpolicy", NO_DEVELOPER, 1, trusts_cmdtrustpolicy, "Usage: trustpolicy ?1|0?\nEnables or disables policy enforcement. Shows current status when no parameter is specified.");
572 registercontrolhelpcmd("trustsockets", NO_DEVELOPER, 0, trusts_cmdtrustsockets, "Usage: trustsockets\nLists all currently active TRUST sockets.");
573
574 schedulerecurring(time(NULL)+1, 0, 5, trustdotimeout, NULL);
575
576 urandom = fopen("/dev/urandom", "rb");
577 if(!urandom)
578 Error("trusts_policy", ERR_ERROR, "Couldn't open /dev/urandom.");
579 }
580
581 void _fini(void) {
582 trustsocket *sock, *next;
583
584 if(countext == -1)
585 return;
586
587 releasetgext(countext);
588
589 deregisterhook(HOOK_TRUSTS_NEWNICK, policycheck_irc);
590 deregisterhook(HOOK_TRUSTS_LOSTNICK, policycheck_irc);
591
592 deregistercontrolcmd("trustpolicy", trusts_cmdtrustpolicy);
593 deregistercontrolcmd("trustsockets", trusts_cmdtrustsockets);
594
595 deleteallschedules(trustdotimeout);
596
597 if (urandom)
598 fclose(urandom);
599
600 if (listenerfd != -1)
601 deregisterhandler(listenerfd, 1);
602
603 for(sock=tslist;sock;) {
604 next = sock->next;
605
606 trustkillconnection(sock, "Unloading module.");
607 trustfreeconnection(sock);
608
609 sock = next;
610 }
611 }
Unnamed repository; edit this file 'description' to name the repository.