]> jfr.im git - irc/quakenet/newserv.git/blob - trusts/trusts_policy.c
projects / irc / quakenet / newserv.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Make list of trust server accounts rehashable.
[irc/quakenet/newserv.git] / trusts / trusts_policy.c
1 #include <stdio.h>
2 #include <stdlib.h>
3 #include <stdarg.h>
4 #include <unistd.h>
5 #include <sys/types.h>
6 #include <sys/socket.h>
7 #include <netinet/in.h>
8
9 #ifndef __USE_MISC
10 #define __USE_MISC /* inet_aton */
11 #endif
12
13 #include <arpa/inet.h>
14 #include <sys/un.h>
15 #include <sys/poll.h>
16 #include <errno.h>
17 #include <fcntl.h>
18
19 #include "../lib/hmac.h"
20 #include "../core/events.h"
21 #include "../core/schedule.h"
22 #include "../core/nsmalloc.h"
23 #include "../core/hooks.h"
24 #include "../core/config.h"
25 #include "../control/control.h"
26 #include "../lib/irc_string.h"
27 #include "../irc/irc.h"
28 #include "../glines/glines.h"
29 #include "trusts.h"
30
31 static int countext, enforcepolicy;
32
33 #define TRUSTBUFSIZE 8192
34 #define TRUSTPASSLEN 128
35 #define NONCELEN 16
36
37 typedef struct trustsocket {
38 int fd;
39 int authed;
40 char authuser[SERVERLEN+1];
41 char buf[TRUSTBUFSIZE];
42 unsigned char nonce[NONCELEN];
43 int size;
44 time_t connected;
45 time_t timeout;
46 int accepted;
47 int rejected;
48
49 struct trustsocket *next;
50 } trustsocket;
51
52 static trustsocket *tslist;
53 static int listenerfd = -1;
54 static FILE *urandom;
55
56 typedef struct trustaccount {
57 int used;
58 char server[SERVERLEN+1];
59 char password[TRUSTPASSLEN+1];
60 } trustaccount;
61
62 trustaccount trustaccounts[MAXSERVERS];
63
64 static int checkconnectionth(const char *username, struct irc_in_addr *ip, trusthost *th, int hooknum, int usercountadjustment, char *message, size_t messagelen) {
65 trustgroup *tg;
66
67 if(messagelen>0)
68 message[0] = '\0';
69
70 if(!th || !trustsdbloaded)
71 return POLICY_SUCCESS;
72
73 tg = th->group;
74
75 /*
76 * the purpose of this logic is to avoid spam like this:
77 * WARNING: tgX exceeded limit: 11 connected vs 10 max
78 * (goes back down to 10)
79 * WARNING: tgX exceeded limit: 11 connected vs 10 max
80 */
81
82 if(hooknum == HOOK_TRUSTS_NEWNICK) {
83 patricia_node_t *head, *node;
84 int nodecount = 0;
85
86 head = refnode(iptree, ip, th->nodebits);
87 PATRICIA_WALK(head, node)
88 {
89 nodecount += node->usercount;
90 }
91 PATRICIA_WALK_END;
92 derefnode(iptree, head);
93
94 if(th->maxpernode && nodecount + usercountadjustment > th->maxpernode) {
95 controlwall(NO_OPER, NL_TRUSTS, "Hard connection limit exceeded on subnet: %s (group: %s): %d connected, %d max.", trusts_cidr2str(ip, th->nodebits), tg->name->content, nodecount, th->maxpernode);
96 snprintf(message, messagelen, "Too many connections from your host (%s) - see http://www.quakenet.org/help/trusts/connection-limit for details.", IPtostr(*ip));
97 return POLICY_FAILURE_NODECOUNT;
98 }
99
100 if(tg->trustedfor && tg->count + usercountadjustment > tg->trustedfor) {
101 if(tg->count > (long)tg->exts[countext]) {
102 tg->exts[countext] = (void *)(long)tg->count;
103
104 controlwall(NO_OPER, NL_TRUSTS, "Hard connection limit exceeded (group %s): %d connected, %d max.", tg->name->content, tg->count, tg->trustedfor);
105 snprintf(message, messagelen, "Too many connections from your trust (%s) - see http://www.quakenet.org/help/trusts/connection-limit for details.", IPtostr(*ip));
106 return POLICY_FAILURE_GROUPCOUNT;
107 }
108
109 snprintf(message, messagelen, "Trust has %d out of %d allowed connections.", tg->count + usercountadjustment, tg->trustedfor);
110 }
111
112 if((tg->flags & TRUST_ENFORCE_IDENT) && (username[0] == '~')) {
113 controlwall(NO_OPER, NL_TRUSTS, "Ident required: %s@%s (group: %s).", username, IPtostr(*ip), tg->name->content);
114 snprintf(message, messagelen, "IDENTD required from your host (%s) - see http://www.quakenet.org/help/trusts/connection-limit for details.", IPtostr(*ip));
115 return POLICY_FAILURE_IDENTD;
116 }
117
118 if(tg->maxperident > 0) {
119 int identcount = 0;
120 trusthost *th2;
121 nick *tnp;
122
123 for(th2=tg->hosts;th2;th2=th2->next) {
124 for(tnp=th2->users;tnp;tnp=nextbytrust(tnp)) {
125 if(!ircd_strcmp(tnp->ident, username))
126 identcount++;
127 }
128 }
129
130 if(identcount + usercountadjustment > tg->maxperident) {
131 controlwall(NO_OPER, NL_TRUSTS, "Hard ident limit exceeded: %s@%s (group: %s): %d connected, %d max.", username, IPtostr(*ip), tg->name->content, identcount, tg->maxperident);
132 snprintf(message, messagelen, "Too many connections from your username (%s@%s) - see http://www.quakenet.org/help/trusts/connection-limit for details.", username, IPtostr(*ip));
133 return POLICY_FAILURE_IDENTCOUNT;
134 }
135 }
136 } else {
137 if(tg->count < tg->maxusage)
138 tg->exts[countext] = (void *)(long)tg->count;
139 }
140
141 return POLICY_SUCCESS;
142 }
143
144 static int checkconnection(const char *username, struct irc_in_addr *ip, int hooknum, int cloneadjustment, char *message, size_t messagelen) {
145 struct irc_in_addr ip_canonicalized;
146 ip_canonicalize_tunnel(&ip_canonicalized, ip);
147
148 return checkconnectionth(username, &ip_canonicalized, th_getbyhost(ip), hooknum, cloneadjustment, message, messagelen);
149 }
150
151 static int trustdowrite(trustsocket *sock, char *format, ...) {
152 char buf[1024];
153 va_list va;
154 int r;
155
156 va_start(va, format);
157 r = vsnprintf(buf, sizeof(buf), format, va);
158 va_end(va);
159
160 if(r >= sizeof(buf))
161 r = sizeof(buf) - 1;
162
163 buf[r] = '\n';
164
165 if(write(sock->fd, buf, r + 1) != r + 1)
166 return 0;
167 return 1;
168 }
169
170 static int policycheck_auth(trustsocket *sock, const char *sequence_id, const char *username, const char *host) {
171 char message[512];
172 int verdict;
173 struct irc_in_addr ip;
174 unsigned char bits;
175
176 if(!ipmask_parse(host, &ip, &bits)) {
177 sock->accepted++;
178 return trustdowrite(sock, "PASS %s", sequence_id);
179 }
180
181 verdict = checkconnection(username, &ip, HOOK_TRUSTS_NEWNICK, 1, message, sizeof(message));
182
183 if (verdict == POLICY_SUCCESS) {
184 sock->accepted++;
185
186 if(message[0])
187 return trustdowrite(sock, "PASS %s %s", sequence_id, message);
188 else
189 return trustdowrite(sock, "PASS %s", sequence_id);
190 } else {
191 sock->rejected++;
192
193 controlwall(NO_OPER, NL_TRUSTS, "Rejected connection from %s@%s using IAuth: %s", username, host, message);
194 return trustdowrite(sock, "KILL %s %s", sequence_id, message);
195 }
196 }
197
198 static int trustkillconnection(trustsocket *sock, char *reason) {
199 trustdowrite(sock, "QUIT %s", reason);
200 return 0;
201 }
202
203 static void trustfreeconnection(trustsocket *sock) {
204 trustsocket **pnext = &tslist;
205
206 for(trustsocket *ts=tslist;ts;ts=ts->next) {
207 if(ts == sock) {
208 deregisterhandler(sock->fd, 1);
209 *pnext = sock->next;
210 nsfree(POOL_TRUSTS, sock);
211 break;
212 }
213
214 pnext = &(sock->next);
215 }
216 }
217
218 static int handletrustauth(trustsocket *sock, char *server_name, char *mac) {
219 int i;
220 char *password = NULL;
221 unsigned char digest[16];
222 char noncehexbuf[NONCELEN * 2 + 1];
223 char hexbuf[sizeof(digest) * 2 + 1];
224
225 for(i=0;i<MAXSERVERS;i++) {
226 if(trustaccounts[i].used && strcmp(trustaccounts[i].server, server_name) == 0) {
227 password = trustaccounts[i].password;
228 break;
229 }
230 }
231
232 if (!password) {
233 controlwall(NO_OPER, NL_TRUSTS, "Invalid servername for policy socket: '%s'", server_name);
234 return trustkillconnection(sock, "Invalid servername.");
235 }
236
237 hmacmd5 h;
238 hmacmd5_init(&h, (unsigned char *)password, strlen(password));
239 hmacmd5_update(&h, (unsigned char *)hmac_printhex(sock->nonce, noncehexbuf, NONCELEN), NONCELEN * 2);
240 hmacmd5_final(&h, digest);
241 if(hmac_strcmp(mac, hmac_printhex(digest, hexbuf, sizeof(digest)))) {
242 controlwall(NO_OPER, NL_TRUSTS, "Invalid password for policy socket with servername '%s'.", server_name);
243 return trustkillconnection(sock, "Bad MAC.");
244 }
245
246 sock->authed = 1;
247 strncpy(sock->authuser, server_name, SERVERLEN);
248
249 controlwall(NO_OPER, NL_TRUSTS, "Successful authentication for policy socket with servername '%s'.", server_name);
250 return trustdowrite(sock, "AUTHOK");
251 }
252
253 #define MAXTOKENS 10
254 static int handletrustline(trustsocket *sock, char *line) {
255 char *command, *p, *lastpos;
256 char *tokens[MAXTOKENS];
257 int tokensfound = -1;
258
259 for(command=lastpos=p=line;*p;p++) {
260 if(*p == ' ') {
261 *p = '\0';
262 if(tokensfound == MAXTOKENS)
263 return trustkillconnection(sock, "too many tokens");
264
265 if(tokensfound >= 0) {
266 tokens[tokensfound++] = lastpos;
267 } else {
268 tokensfound++;
269 }
270 lastpos = p + 1;
271 }
272 }
273 if(lastpos != p) {
274 if(tokensfound == MAXTOKENS)
275 return trustkillconnection(sock, "too many tokens");
276 tokens[tokensfound++] = lastpos;
277 }
278
279 if(!sock->authed && !strcmp("AUTH", command)) {
280 if(tokensfound != 2)
281 return trustkillconnection(sock, "incorrect arg count for command.");
282
283 return handletrustauth(sock, tokens[0], tokens[1]);
284 } else if(sock->authed && !strcmp("CHECK", command)) {
285 if(tokensfound != 3)
286 return trustkillconnection(sock, "incorrect arg count for command.");
287
288 policycheck_auth(sock, tokens[0], tokens[1], tokens[2]);
289 return 1;
290 } else {
291 Error("trusts_policy", ERR_WARNING, "Bad command: %s", command);
292 return 0;
293 }
294 }
295
296 static trustsocket *findtrustsocketbyfd(int fd) {
297 for(trustsocket *ts=tslist;ts;ts=ts->next)
298 if(ts->fd==fd)
299 return ts;
300
301 return NULL;
302 }
303
304 static int handletrustclient(trustsocket *sock) {
305 int r, remaining = TRUSTBUFSIZE - sock->size, i;
306 char *lastpos, *c;
307
308 if(!remaining) {
309 trustkillconnection(sock, "Buffer overflow.");
310 return 0;
311 }
312
313 r = read(sock->fd, sock->buf + sock->size, remaining);
314 if(r <= 0)
315 return 0;
316
317 sock->size+=r;
318 lastpos = sock->buf;
319
320 for(c=sock->buf,i=0;i<sock->size;i++,c++) {
321 if(*c != '\n')
322 continue;
323 *c = '\0';
324 if(!handletrustline(sock, lastpos))
325 return 0;
326
327 lastpos = c + 1; /* is this ok? */
328 }
329 sock->size-=lastpos - sock->buf;
330 memmove(sock->buf, lastpos, sock->size);
331
332 return 1;
333 }
334
335 static void processtrustclient(int fd, short events) {
336 trustsocket *sock = findtrustsocketbyfd(fd);
337
338 if(!sock)
339 return;
340
341 if(events & POLLIN)
342 if(!handletrustclient(sock))
343 trustfreeconnection(sock);
344 }
345
346 static void trustdotimeout(void *arg) {
347 time_t t = time(NULL);
348 trustsocket **pnext, *next, *sock;
349
350 pnext = &tslist;
351
352 for(sock=tslist;sock;) {
353 next = sock->next;
354
355 if(!sock->authed && t >= sock->timeout) {
356 trustkillconnection(sock, "Auth timeout.");
357 deregisterhandler(sock->fd, 1);
358 *pnext = sock->next;
359 nsfree(POOL_TRUSTS, sock);
360 } else {
361 pnext = &(sock->next);
362 }
363
364 sock=next;
365 }
366 }
367
368 static void processtrustlistener(int fd, short events) {
369 if(events & POLLIN) {
370 trustsocket *sock;
371 char buf[NONCELEN * 2 + 1];
372
373 int newfd = accept(fd, NULL, NULL), flags;
374 if(newfd == -1)
375 return;
376
377 flags = fcntl(newfd, F_GETFL, 0);
378 if(flags < 0) {
379 Error("trusts_policy", ERR_WARNING, "Unable to set socket non-blocking.");
380 close(newfd);
381 return;
382 }
383
384 if(fcntl(fd, F_SETFL, flags|O_NONBLOCK) < 0) {
385 Error("trusts_policy", ERR_WARNING, "Unable to set socket non-blocking.");
386 close(newfd);
387 return;
388 }
389
390 registerhandler(newfd, POLLIN|POLLERR|POLLHUP, processtrustclient);
391
392 sock = nsmalloc(POOL_TRUSTS, sizeof(trustsocket));
393 if(!sock) {
394 deregisterhandler(newfd, 1);
395 return;
396 }
397
398 sock->fd = newfd;
399 sock->next = tslist;
400 tslist = sock;
401
402 if(fread((char *)sock->nonce, 1, NONCELEN, urandom) != NONCELEN) {
403 Error("trusts_policy", ERR_WARNING, "Error getting random bytes.");
404 deregisterhandler(newfd, 1);
405 tslist = sock->next;
406 nsfree(POOL_TRUSTS, sock);
407 } else {
408 sock->authed = 0;
409 sock->size = 0;
410 sock->connected = time(NULL);
411 sock->timeout = time(NULL) + 30;
412 sock->accepted = 0;
413 sock->rejected = 0;
414 if(!trustdowrite(sock, "AUTH %s", hmac_printhex(sock->nonce, buf, NONCELEN))) {
415 Error("trusts_policy", ERR_WARNING, "Error writing auth to fd %d.", newfd);
416 deregisterhandler(newfd, 1);
417 tslist = sock->next;
418 nsfree(POOL_TRUSTS, sock);
419 return;
420 }
421 }
422 }
423 }
424
425 static int createlistenersock(int port) {
426 struct sockaddr_in s;
427 int fd;
428 int optval;
429
430 memset(&s, 0, sizeof(struct sockaddr_in));
431 s.sin_family = AF_INET;
432 s.sin_addr.s_addr = INADDR_ANY;
433 s.sin_port = htons(port);
434
435 fd = socket(PF_INET, SOCK_STREAM, 0);
436 if(fd < 0) {
437 Error("trusts_policy", ERR_WARNING, "Unable to get socket for trustfd.");
438 return -1;
439 }
440
441 optval = 1;
442 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval));
443
444 if(bind(fd, (struct sockaddr *)&s, sizeof(struct sockaddr_in)) < 0) {
445 Error("trusts_policy", ERR_WARNING, "Unable to bind trustfd.");
446 close(fd);
447 return -1;
448 }
449
450 if(listen(fd, 5) < 0) {
451 Error("trusts_policy", ERR_WARNING, "Unable to listen on trustfd.");
452 close(fd);
453 return -1;
454 }
455
456 registerhandler(fd, POLLIN, processtrustlistener);
457
458 return fd;
459 }
460
461 static void policycheck_irc(int hooknum, void *arg) {
462 void **args = arg;
463 nick *np = args[0];
464 long moving = (long)args[1];
465 char message[512];
466 int verdict;
467
468 if(moving)
469 return;
470
471 verdict = checkconnectionth(np->ident, &np->p_nodeaddr, gettrusthost(np), hooknum, 0, message, sizeof(message));
472
473 if(!enforcepolicy)
474 return;
475
476 switch (verdict) {
477 case POLICY_FAILURE_NODECOUNT:
478 glinebynick(np, POLICY_GLINE_DURATION, message, GLINE_IGNORE_TRUST, "trusts_policy");
479 break;
480 case POLICY_FAILURE_IDENTD:
481 glinebyip("~*", &np->p_ipaddr, 128, POLICY_GLINE_DURATION, message, GLINE_ALWAYS_USER|GLINE_IGNORE_TRUST, "trusts_policy");
482 break;
483 case POLICY_FAILURE_IDENTCOUNT:
484 glinebynick(np, POLICY_GLINE_DURATION, message, GLINE_ALWAYS_USER|GLINE_IGNORE_TRUST, "trusts_policy");
485 break;
486 }
487 }
488
489 static int trusts_cmdtrustpolicy(void *source, int cargc, char **cargv) {
490 nick *sender = source;
491
492 if(cargc < 1) {
493 controlreply(sender, "Trust policy enforcement is currently %s.", enforcepolicy?"enabled":"disabled");
494 return CMD_OK;
495 }
496
497 enforcepolicy = atoi(cargv[0]);
498 controlwall(NO_OPER, NL_TRUSTS, "%s %s trust policy enforcement.", controlid(sender), enforcepolicy?"enabled":"disabled");
499 controlreply(sender, "Trust policy enforcement is now %s.", enforcepolicy?"enabled":"disabled");
500
501 return CMD_OK;
502 }
503
504 static int trusts_cmdtrustsockets(void *source, int cargc, char **cargv) {
505 nick *sender = source;
506 time_t now;
507 trustsocket *sock;
508
509 time(&now);
510
511 controlreply(sender, "Server Connected for Accepted Rejected");
512
513 for(sock=tslist;sock;sock=sock->next)
514 controlreply(sender, "%-20s %20s %10d %15d", sock->authed?sock->authuser:"<not authenticated>", longtoduration(now - sock->connected, 0), sock->accepted, sock->rejected);
515
516 controlreply(sender, "-- End of list.");
517 return CMD_OK;
518 }
519
520 void loadtrustaccounts(void) {
521 array *accts;
522
523 memset(trustaccounts, 0, sizeof(trustaccounts));
524
525 accts = getconfigitems("trusts_policy", "server");
526 if(!accts) {
527 Error("trusts_policy", ERR_INFO, "No servers added.");
528 } else {
529 sstring **servers = (sstring **)(accts->content);
530 int i;
531 for(i=0;i<accts->cursi;i++) {
532 char server[512];
533 char *pos;
534
535 if(i>=MAXSERVERS) {
536 Error("trusts_policy", ERR_INFO, "Too many servers specified.");
537 break;
538 }
539
540 strncpy(server, servers[i]->content, sizeof(server));
541
542 pos = strchr(server, ',');
543
544 if(!pos) {
545 Error("trusts_policy", ERR_INFO, "Server line is missing password: %s", server);
546 continue;
547 }
548
549 *pos = '\0';
550
551 trustaccounts[i].used = 1;
552 strncpy(trustaccounts[i].server, server, SERVERLEN);
553 strncpy(trustaccounts[i].password, pos+1, TRUSTPASSLEN);
554 }
555 }
556 }
557
558 static void trustaccounts_rehash(int hooknum, void *arg) {
559 loadtrustaccounts();
560 }
561
562 void _init(void) {
563 sstring *m;
564 int trustport;
565
566 countext = registertgext("count");
567 if(countext == -1)
568 return;
569
570 m = getconfigitem("trusts_policy", "enforcepolicy");
571 if(m)
572 enforcepolicy = atoi(m->content);
573
574 m = getconfigitem("trusts_policy", "trustport");
575 if(m)
576 trustport = atoi(m->content);
577 else
578 trustport = DEFAULT_TRUSTPORT;
579
580 if(trustport)
581 listenerfd = createlistenersock(trustport);
582
583 loadtrustaccounts();
584
585 registerhook(HOOK_TRUSTS_NEWNICK, policycheck_irc);
586 registerhook(HOOK_TRUSTS_LOSTNICK, &policycheck_irc);
587 registerhook(HOOK_CORE_REHASH, trustaccounts_rehash);
588
589 registercontrolhelpcmd("trustpolicy", NO_DEVELOPER, 1, trusts_cmdtrustpolicy, "Usage: trustpolicy ?1|0?\nEnables or disables policy enforcement. Shows current status when no parameter is specified.");
590 registercontrolhelpcmd("trustsockets", NO_DEVELOPER, 0, trusts_cmdtrustsockets, "Usage: trustsockets\nLists all currently active TRUST sockets.");
591
592 schedulerecurring(time(NULL)+1, 0, 5, trustdotimeout, NULL);
593
594 urandom = fopen("/dev/urandom", "rb");
595 if(!urandom)
596 Error("trusts_policy", ERR_ERROR, "Couldn't open /dev/urandom.");
597 }
598
599 void _fini(void) {
600 trustsocket *sock, *next;
601
602 if(countext == -1)
603 return;
604
605 releasetgext(countext);
606
607 deregisterhook(HOOK_TRUSTS_NEWNICK, policycheck_irc);
608 deregisterhook(HOOK_TRUSTS_LOSTNICK, policycheck_irc);
609 deregisterhook(HOOK_CORE_REHASH, trustaccounts_rehash);
610
611 deregistercontrolcmd("trustpolicy", trusts_cmdtrustpolicy);
612 deregistercontrolcmd("trustsockets", trusts_cmdtrustsockets);
613
614 deleteallschedules(trustdotimeout);
615
616 if (urandom)
617 fclose(urandom);
618
619 if (listenerfd != -1)
620 deregisterhandler(listenerfd, 1);
621
622 for(sock=tslist;sock;) {
623 next = sock->next;
624
625 trustkillconnection(sock, "Unloading module.");
626 trustfreeconnection(sock);
627
628 sock = next;
629 }
630 }
Unnamed repository; edit this file 'description' to name the repository.