]> jfr.im git - irc/quakenet/newserv.git/blob - trojanscan/trojanscan.c
projects / irc / quakenet / newserv.git / blob
? search:


597643db621d5457295eed337e27df74738d6282
[irc/quakenet/newserv.git] / trojanscan / trojanscan.c
1 /*
2 * Trojanscan version 2
3 *
4 * Trojanscan copyright (C) Chris Porter 2002-2007
5 * Newserv bits copyright (C) David Mansell 2002-2003
6 *
7 * TODO: CHECK::
8 * - Poke splidge about +r'ing bots, potential problems:
9 * - users might whine about T clone stealing account
10 * - would have to steal one already in use, so if trojans start using /msg q whois they'll see
11 * (though they have to be authed for this, they could use a clone of their own however)
12 */
13
14 #include "trojanscan.h"
15 #include "../lib/strlfunc.h"
16 #include "../lib/version.h"
17 #include "../core/nsmalloc.h"
18
19 #define tmalloc(x) nsmalloc(POOL_TROJANSCAN, x)
20 #define tfree(x) nsfree(POOL_TROJANSCAN, x)
21
22 MODULE_VERSION(TROJANSCAN_VERSION);
23
24 void trojanscan_phrasematch(channel *chp, nick *sender, trojanscan_phrases *phrase, char messagetype, char *matchbuf);
25 char *trojanscan_sanitise(char *input);
26 void trojanscan_refresh_settings(void);
27 static void trojanscan_part_watch(int hook, void *arg);
28 static void trojanscan_connect_nick(void *);
29
30 #define TROJANSCAN_SETTING_SIZE 256
31 #define TROJANSCAN_MAX_SETTINGS 50
32
33 static struct {
34 char setting[TROJANSCAN_SETTING_SIZE];
35 char value[TROJANSCAN_SETTING_SIZE];
36 } trojanscan_settings[TROJANSCAN_MAX_SETTINGS];
37
38 static int settingcount = 0;
39 static char *versionreply;
40 static int hooksregistered = 0;
41 static void *trojanscan_connect_nick_schedule;
42
43 void _init() {
44 trojanscan_cmds = newcommandtree();
45
46 addcommandtotree(trojanscan_cmds, "showcommands", TROJANSCAN_ACL_UNAUTHED, 0, &trojanscan_showcommands);
47 addcommandtotree(trojanscan_cmds, "help", TROJANSCAN_ACL_UNAUTHED, 1, &trojanscan_help);
48 addcommandtotree(trojanscan_cmds, "hello", TROJANSCAN_ACL_UNAUTHED | TROJANSCAN_ACL_OPER, 1, &trojanscan_hello);
49
50 addcommandtotree(trojanscan_cmds, "join", TROJANSCAN_ACL_STAFF, 1, &trojanscan_userjoin);
51 addcommandtotree(trojanscan_cmds, "chanlist", TROJANSCAN_ACL_STAFF, 0, &trojanscan_chanlist);
52 addcommandtotree(trojanscan_cmds, "whois", TROJANSCAN_ACL_STAFF, 1, &trojanscan_whois);
53
54 addcommandtotree(trojanscan_cmds, "changelev", TROJANSCAN_ACL_STAFF | TROJANSCAN_ACL_OPER, 2, &trojanscan_changelev);
55 addcommandtotree(trojanscan_cmds, "deluser", TROJANSCAN_ACL_TEAMLEADER | TROJANSCAN_ACL_OPER, 2, &trojanscan_deluser);
56 addcommandtotree(trojanscan_cmds, "mew", TROJANSCAN_ACL_STAFF, 2, &trojanscan_mew);
57 addcommandtotree(trojanscan_cmds, "status", TROJANSCAN_ACL_STAFF | TROJANSCAN_ACL_OPER, 0, &trojanscan_status);
58 addcommandtotree(trojanscan_cmds, "listusers", TROJANSCAN_ACL_TEAMLEADER, 0, &trojanscan_listusers);
59
60 addcommandtotree(trojanscan_cmds, "rehash", TROJANSCAN_ACL_WEBSITE, 0, &trojanscan_rehash);
61
62 addcommandtotree(trojanscan_cmds, "cat", TROJANSCAN_ACL_OPER, 1, &trojanscan_cat);
63
64 addcommandtotree(trojanscan_cmds, "reschedule", TROJANSCAN_ACL_DEVELOPER | TROJANSCAN_ACL_OPER, 0, &trojanscan_reschedule);
65
66 srand((int)time(NULL));
67
68 trojanscan_connect_schedule = scheduleoneshot(time(NULL) + 1, &trojanscan_connect, NULL);
69 }
70
71 void _fini(void) {
72 int i;
73 struct trojanscan_realchannels *rp = trojanscan_realchanlist, *oldrp;
74 struct trojanscan_rejoinlist *rj = trojanscan_schedulerejoins, *oldrj;
75
76 if (trojanscan_nick)
77 deregisterlocaluser(trojanscan_nick, NULL);
78
79 if (trojanscan_connect_schedule)
80 deleteschedule(trojanscan_connect_schedule, &trojanscan_connect, NULL);
81
82 if (trojanscan_connect_nick_schedule)
83 deleteschedule(trojanscan_connect_nick_schedule, &trojanscan_connect_nick, NULL);
84
85 if(trojanscan_schedule)
86 deleteschedule(trojanscan_schedule, &trojanscan_dojoin, NULL);
87
88 if(trojanscan_poolschedule)
89 deleteschedule(trojanscan_poolschedule, &trojanscan_repool, NULL);
90
91 if(trojanscan_cloneschedule)
92 deleteschedule(trojanscan_poolschedule, &trojanscan_registerclones, NULL);
93
94 if(hooksregistered)
95 deregisterhook(HOOK_CHANNEL_PART, trojanscan_part_watch);
96
97 while(rp) {
98 deleteschedule(rp->schedule, &trojanscan_dopart, (void *)rp);
99 oldrp = rp;
100 rp = rp->next;
101 tfree(oldrp);
102 }
103
104 while(rj) {
105 deleteschedule(rj->schedule, &trojanscan_rejoin_channel, (void *)rj);
106 freesstring(rj->channel);
107 oldrj = rj;
108 rj = rj->next;
109 tfree(oldrj);
110 }
111
112 if(trojanscan_initialschedule)
113 deleteschedule(trojanscan_initialschedule, &trojanscan_fill_channels, NULL);
114
115 deleteschedule(trojanscan_rehashschedule, &trojanscan_rehash_schedule, NULL);
116
117 for (i=0;i<TROJANSCAN_CLONE_TOTAL;i++)
118 if(trojanscan_swarm[i].clone) {
119 deregisterlocaluser(trojanscan_swarm[i].clone, NULL);
120 derefnode(iptree, trojanscan_swarm[i].fakeipnode);
121 trojanscan_swarm[i].clone = NULL;
122 }
123 trojanscan_free_database();
124 trojanscan_free_channels();
125
126 for (i=0;i<trojanscan_hostpoolsize;i++)
127 freesstring(trojanscan_hostpool[i]);
128
129 for (i=0;i<trojanscan_tailpoolsize;i++)
130 freesstring(trojanscan_tailpool[i]);
131 trojanscan_database_close();
132
133 deletecommandfromtree(trojanscan_cmds, "showcommands", &trojanscan_showcommands);
134 deletecommandfromtree(trojanscan_cmds, "help", &trojanscan_help);
135 deletecommandfromtree(trojanscan_cmds, "hello", &trojanscan_hello);
136 deletecommandfromtree(trojanscan_cmds, "join", &trojanscan_userjoin);
137 deletecommandfromtree(trojanscan_cmds, "chanlist", &trojanscan_chanlist);
138 deletecommandfromtree(trojanscan_cmds, "whois", &trojanscan_whois);
139 deletecommandfromtree(trojanscan_cmds, "changelev", &trojanscan_changelev);
140 deletecommandfromtree(trojanscan_cmds, "deluser", &trojanscan_deluser);
141 deletecommandfromtree(trojanscan_cmds, "mew", &trojanscan_mew);
142 deletecommandfromtree(trojanscan_cmds, "status", &trojanscan_status);
143 deletecommandfromtree(trojanscan_cmds, "listusers", &trojanscan_listusers);
144 deletecommandfromtree(trojanscan_cmds, "rehash", &trojanscan_rehash);
145 deletecommandfromtree(trojanscan_cmds, "cat", &trojanscan_cat);
146 deletecommandfromtree(trojanscan_cmds, "reschedule", &trojanscan_reschedule);
147
148 destroycommandtree(trojanscan_cmds);
149 nscheckfreeall(POOL_TROJANSCAN);
150 }
151
152 static void trojanscan_connect_nick(void *arg) {
153 sstring *mnick, *myident, *myhost, *myrealname, *myauthname;
154 channel *cp;
155
156 mnick = getcopyconfigitem("trojanscan", "nick", "T", NICKLEN);
157 myident = getcopyconfigitem("trojanscan", "ident", "trojanscan", NICKLEN);
158 myhost = getcopyconfigitem("trojanscan", "hostname", "trojanscan.quakenet.org", HOSTLEN);
159 myrealname = getcopyconfigitem("trojanscan", "realname", "Trojanscan v" TROJANSCAN_VERSION, REALLEN);
160 myauthname = getcopyconfigitem("trojanscan", "authname", "T", ACCOUNTLEN);
161
162 trojanscan_nick = registerlocaluser(mnick->content, myident->content, myhost->content, myrealname->content, myauthname->content, UMODE_SERVICE | UMODE_DEAF |
163 UMODE_OPER | UMODE_INV |
164 UMODE_ACCOUNT,
165 &trojanscan_handlemessages);
166 freesstring(mnick);
167 freesstring(myident);
168 freesstring(myhost);
169 freesstring(myrealname);
170 freesstring(myauthname);
171
172 cp = findchannel(TROJANSCAN_OPERCHANNEL);
173 if (!cp) {
174 localcreatechannel(trojanscan_nick, TROJANSCAN_OPERCHANNEL);
175 } else {
176 if(!localjoinchannel(trojanscan_nick, cp))
177 localgetops(trojanscan_nick, cp);
178 }
179
180 cp = findchannel(TROJANSCAN_CHANNEL);
181 if (!cp) {
182 localcreatechannel(trojanscan_nick, TROJANSCAN_CHANNEL);
183 } else {
184 if(!localjoinchannel(trojanscan_nick, cp))
185 localgetops(trojanscan_nick, cp);
186 }
187
188 #ifdef TROJANSCAN_PEONCHANNEL
189 cp = findchannel(TROJANSCAN_PEONCHANNEL);
190 if (!cp) {
191 localcreatechannel(trojanscan_nick, TROJANSCAN_PEONCHANNEL);
192 } else {
193 if(!localjoinchannel(trojanscan_nick, cp))
194 localgetops(trojanscan_nick, cp);
195 }
196 #endif
197 }
198
199 void trojanscan_connect(void *arg) {
200 sstring *dbhost, *dbuser, *dbpass, *db, *dbport, *temp;
201 int length, i;
202 char buf[10];
203
204 trojanscan_connect_schedule = NULL;
205
206 for(i=0;i<TROJANSCAN_CLONE_TOTAL;i++)
207 trojanscan_swarm[i].index = i; /* sure this could be done with pointer arithmetic... */
208
209 trojanscan_hostpoolsize = 0;
210 trojanscan_tailpoolsize = 0;
211 trojanscan_hostmode = 0;
212 trojanscan_poolschedule = NULL;
213 trojanscan_cloneschedule = NULL;
214 trojanscan_realchanlist = NULL;
215 trojanscan_database.glines = 0;
216 trojanscan_database.detections = 0;
217
218 dbhost = getcopyconfigitem("trojanscan", "dbhost", "localhost", HOSTLEN);
219 dbuser = getcopyconfigitem("trojanscan", "dbuser", "", NICKLEN);
220 dbpass = getcopyconfigitem("trojanscan", "dbpass", "", REALLEN);
221 db = getcopyconfigitem("trojanscan", "db", "", NICKLEN);
222
223 dbport = getcopyconfigitem("trojanscan", "dbport", "3306", ACCOUNTLEN);
224
225 length = snprintf(buf, sizeof(buf) - 1, "%d", TROJANSCAN_DEFAULT_MAXCHANS);
226 temp = getcopyconfigitem("trojanscan", "maxchans", buf, length);
227
228 trojanscan_maxchans = atoi(temp->content);
229 freesstring(temp);
230
231 length = snprintf(buf, sizeof(buf) - 1, "%d", TROJANSCAN_DEFAULT_CYCLETIME);
232 temp = getcopyconfigitem("trojanscan", "cycletime", buf, length);
233
234 trojanscan_cycletime = atoi(temp->content);
235 freesstring(temp);
236
237 length = snprintf(buf, sizeof(buf) - 1, "%d", TROJANSCAN_DEFAULT_PARTTIME);
238 temp = getcopyconfigitem("trojanscan", "parttime", buf, length);
239 trojanscan_part_time = atoi(temp->content);
240 freesstring(temp);
241
242 length = snprintf(buf, sizeof(buf) - 1, "%d", TROJANSCAN_DEFAULT_MAXUSERS);
243 temp = getcopyconfigitem("trojanscan", "maxusers", buf, length);
244 trojanscan_maxusers = atoi(temp->content);
245 freesstring(temp);
246
247 length = snprintf(buf, sizeof(buf) - 1, "%d", TROJANSCAN_MINIMUM_HOSTS_BEFORE_POOL);
248 temp = getcopyconfigitem("trojanscan", "minpoolhosts", buf, length);
249 trojanscan_min_hosts = atoi(temp->content);
250 freesstring(temp);
251
252 if ((trojanscan_cycletime / trojanscan_maxchans) < 1) {
253 Error("trojanscan", ERR_FATAL, "Cycletime / maxchans < 1, increase cycletime or decrease maxchans else cycling breaks.");
254 return; /* PPA: module failed to load */
255 }
256
257 length = snprintf(buf, sizeof(buf) - 1, "%d", TROJANSCAN_DEFAULT_MINIMUM_CHANNEL_SIZE);
258 temp = getcopyconfigitem("trojanscan", "minchansize", buf, length);
259 trojanscan_minchansize = atoi(temp->content);
260 freesstring(temp);
261
262 trojanscan_connect_nick(NULL);
263
264 if (trojanscan_database_connect(dbhost->content, dbuser->content, dbpass->content, db->content, atoi(dbport->content)) < 0) {
265 Error("trojanscan", ERR_FATAL, "Cannot connect to database host!");
266 return; /* PPA: module failed to load */
267 }
268
269 trojanscan_database_query("CREATE TABLE phrases (id INT(10) PRIMARY KEY AUTO_INCREMENT, wormid INT(10) NOT NULL, phrase TEXT NOT NULL, priority INT(10) DEFAULT 0 NOT NULL, dateadded int(10), disabled BOOL DEFAULT 0 NOT NULL)");
270 trojanscan_database_query("CREATE TABLE worms (id INT(10) PRIMARY KEY AUTO_INCREMENT, wormname TEXT NOT NULL, glinetype INT DEFAULT 0, data text, hitmsgs BOOL DEFAULT 1, hitchans BOOL DEFAULT 0, epidemic BOOL DEFAULT 0, privinfo text)");
271 trojanscan_database_query("CREATE TABLE logs (id INT(10) PRIMARY KEY AUTO_INCREMENT, userid INT(10) NOT NULL, act TEXT NOT NULL, description TEXT NOT NULL, ts TIMESTAMP)");
272 trojanscan_database_query("CREATE TABLE channels (id INT(10) PRIMARY KEY AUTO_INCREMENT, channel VARCHAR(%d) NOT NULL, exempt BOOL DEFAULT 0)", CHANNELLEN);
273 trojanscan_database_query("CREATE TABLE users (id INT(10) PRIMARY KEY AUTO_INCREMENT, authname VARCHAR(%d) NOT NULL, authlevel TINYINT(4) NOT NULL)", ACCOUNTLEN);
274 trojanscan_database_query("CREATE TABLE hits (id INT(10) PRIMARY KEY AUTO_INCREMENT, nickname VARCHAR(%d) NOT NULL, ident VARCHAR(%d) NOT NULL, host VARCHAR(%d) NOT NULL, phrase INT(10) NOT NULL, ts TIMESTAMP, messagetype VARCHAR(1) NOT NULL DEFAULT 'm', glined BOOL DEFAULT 1)", NICKLEN, USERLEN, HOSTLEN);
275 trojanscan_database_query("CREATE TABLE settings (id INT(10) PRIMARY KEY AUTO_INCREMENT, setting VARCHAR(255) NOT NULL UNIQUE, value VARCHAR(255) NOT NULL)");
276 trojanscan_database_query("CREATE TABLE wwwlogs (id INT(10) PRIMARY KEY AUTO_INCREMENT, authid INT(10) NOT NULL, ip VARCHAR(15), action TEXT, ts TIMESTAMP)");
277 trojanscan_database_query("CREATE TABLE unknownlog (id INT(10) PRIMARY KEY AUTO_INCREMENT, data TEXT, user VARCHAR(%d) NOT NULL, ts TIMESTAMP)", NICKLEN+USERLEN+HOSTLEN+3);
278
279 trojanscan_database_query("DELETE FROM settings WHERE setting = 'rehash' OR setting = 'changed'");
280 trojanscan_database_query("INSERT INTO settings (setting, value) VALUES ('rehash','0')");
281 trojanscan_database_query("INSERT INTO settings (setting, value) VALUES ('changed','0')");
282
283 /* assumption: constants aren't supplied by someone evil */
284 trojanscan_database_query("INSERT INTO settings (setting, value) VALUES ('versionreply','" TROJANSCAN_DEFAULT_VERSION_REPLY "')");
285
286 trojanscan_refresh_settings();
287 trojanscan_read_database(1);
288
289 freesstring(dbhost);
290 freesstring(dbuser);
291 freesstring(dbpass);
292 freesstring(db);
293 freesstring(dbport);
294 trojanscan_registerclones(NULL);
295
296 trojanscan_rehashschedule = scheduleoneshot(time(NULL) + 60, &trojanscan_rehash_schedule, NULL);
297
298 registerhook(HOOK_CHANNEL_PART, trojanscan_part_watch);
299 hooksregistered = 1;
300 }
301
302 char *trojanscan_get_setting(char *setting) {
303 int i;
304
305 for(i=0;i<settingcount;i++)
306 if(!strcmp(trojanscan_settings[i].setting, setting))
307 return trojanscan_settings[i].value;
308
309 return NULL;
310 }
311
312 void trojanscan_refresh_settings(void) {
313 trojanscan_database_res *res;
314 trojanscan_database_row sqlrow;
315 int i = 0;
316
317 if(trojanscan_database_query("SELECT setting, value FROM settings"))
318 return;
319
320 if(!(res = trojanscan_database_store_result(&trojanscan_sql)))
321 return;
322
323 if (trojanscan_database_num_rows(res) <= 0)
324 return;
325
326 while((sqlrow = trojanscan_database_fetch_row(res))) {
327 strlcpy(trojanscan_settings[i].setting, sqlrow[0], TROJANSCAN_SETTING_SIZE);
328 strlcpy(trojanscan_settings[i].value, sqlrow[1], TROJANSCAN_SETTING_SIZE);
329
330 trojanscan_sanitise(trojanscan_settings[i].value);
331
332 if(++i == TROJANSCAN_MAX_SETTINGS)
333 break;
334 }
335
336 settingcount = i;
337
338 trojanscan_database_free_result(res);
339
340 /* optimisation hack */
341 versionreply = trojanscan_get_setting("versionreply");
342 }
343
344 void trojanscan_rehash_schedule(void *arg) {
345 char *v;
346 trojanscan_rehashschedule = scheduleoneshot(time(NULL) + 60, &trojanscan_rehash_schedule, NULL);
347
348 trojanscan_refresh_settings();
349
350 v = trojanscan_get_setting("rehash");
351 if(v && v[0] == '1') {
352 trojanscan_mainchanmsg("n: rehash initiated by website. . .");
353 trojanscan_read_database(0);
354 }
355 }
356
357 void trojanscan_free_database(void) {
358 int i;
359 for(i=0;i<trojanscan_database.total_channels;i++)
360 freesstring(trojanscan_database.channels[i].name);
361 tfree(trojanscan_database.channels);
362 for(i=0;i<trojanscan_database.total_phrases;i++) {
363 if (trojanscan_database.phrases[i].phrase)
364 pcre_free(trojanscan_database.phrases[i].phrase);
365 if (trojanscan_database.phrases[i].hint)
366 pcre_free(trojanscan_database.phrases[i].hint);
367 }
368 tfree(trojanscan_database.phrases);
369 for(i=0;i<trojanscan_database.total_worms;i++)
370 freesstring(trojanscan_database.worms[i].name);
371 tfree(trojanscan_database.worms);
372 trojanscan_database.total_channels = 0;
373 trojanscan_database.total_phrases = 0;
374 trojanscan_database.total_worms = 0;
375 trojanscan_database.channels = NULL;
376 trojanscan_database.phrases = NULL;
377 trojanscan_database.worms = NULL;
378 }
379
380 char *trojanscan_sanitise(char *input) {
381 char *p;
382
383 for(p=input;*p;p++)
384 if(*p == '\r' || *p == '\n')
385 *p = '!';
386
387 return input;
388 }
389
390 sstring *trojanscan_getsstring(char *string, int length) {
391 int i;
392
393 for(i=0;i<length;i++) {
394 if ((string[i] == '\r') || (string[i] == '\n')) {
395 Error("trojanscan", ERR_WARNING, "Error reading %s at position %d, set to ERROR!", string, i+1);
396 return getsstring("ERROR", sizeof("ERROR"));
397 }
398 }
399
400 return getsstring(string, length);
401 }
402
403 int trojanscan_strip_codes(char *buf, size_t max, char *original) {
404 int i, j, length = TROJANSCAN_MMIN(strlen(original), max-1);
405 char *p2 = original, *p3, flag = 0;
406 p3 = buf;
407 for(i=0;i<length+1;i++) {
408 switch (*p2) {
409 case '\002':
410 case '\017':
411 case '\026':
412 case '\037':
413 break;
414 case '\003':
415 for(j=0;j<6;j++) {
416 if ((i + 1) > length)
417 break;
418 if ((j == 4) && flag)
419 break;
420 p2++;
421 i++;
422 if ((j == 0) && (!((*p2 >= '0') && (*p2 <= '9'))))
423 break;
424 if (j == 1) {
425
426 if (*p2 == ',') {
427 if ((i + 1) > length)
428 break;
429 if (!((*(p2 + 1) >= '0') && (*(p2 + 1) <= '9')))
430 break;
431 flag = 1;
432 } else if ((*p2 >= '0') && (*p2 <= '9')) {
433 flag = 0;
434 } else {
435 break;
436 }
437 }
438 if (j == 2) {
439 if (flag) {
440 if (!((*p2 >= '0') && (*p2 <= '9')))
441 break;
442 } else {
443 if (*p2 != ',') {
444 break;
445 } else {
446 if ((i + 1) > length)
447 break;
448 if (!((*(p2 + 1) >= '0') && (*(p2 + 1) <= '9')))
449 break;
450 }
451 }
452 }
453 if ((j == 3) && (!((*p2 >= '0') && (*p2 <= '9'))))
454 break;
455 if ((j == 4) && (!((*p2 >= '0') && (*p2 <= '9'))))
456 break;
457 }
458 p2--;
459 i--;
460 break;
461
462 default:
463 *p3 = *p2;
464 p3++;
465 break;
466 }
467 p2++;
468 }
469 return p3 - buf;
470 }
471
472 struct trojanscan_worms *trojanscan_find_worm_by_id(int id) {
473 int i;
474 for(i=0;i<trojanscan_database.total_worms;i++)
475 if ((trojanscan_database.worms[i].id == id))
476 return &trojanscan_database.worms[i];
477 return NULL;
478 }
479
480 void trojanscan_read_database(int first_time) {
481 const char *error;
482 int erroroffset, i, tempresult;
483
484 trojanscan_database_res *res;
485 trojanscan_database_row sqlrow;
486
487 if (!first_time) {
488 trojanscan_free_database();
489 } else {
490 trojanscan_database.total_channels = 0;
491 trojanscan_database.total_phrases = 0;
492 trojanscan_database.total_worms = 0;
493 }
494
495 if (!(trojanscan_database_query("SELECT channel, exempt FROM channels"))) {
496 if ((res = trojanscan_database_store_result(&trojanscan_sql))) {
497 trojanscan_database.total_channels = trojanscan_database_num_rows(res);
498 if (trojanscan_database.total_channels > 0) {
499 if ((trojanscan_database.channels = (trojanscan_channels *)tmalloc(sizeof(trojanscan_channels) * trojanscan_database.total_channels))) {
500 if ((trojanscan_database.total_channels>0) && trojanscan_database.channels) {
501 i = 0;
502 while((sqlrow = trojanscan_database_fetch_row(res))) {
503 trojanscan_database.channels[i].name = trojanscan_getsstring(trojanscan_sanitise(sqlrow[0]), strlen(sqlrow[0]));
504 trojanscan_database.channels[i].exempt = (sqlrow[1][0] == '1');
505 i++;
506 }
507 }
508 }
509 }
510 trojanscan_database_free_result(res);
511 }
512 }
513
514 if (!(trojanscan_database_query("SELECT id, wormname, glinetype, length(data), hitmsgs, hitchans, epidemic FROM worms"))) {
515 if ((res = trojanscan_database_store_result(&trojanscan_sql))) {
516 trojanscan_database.total_worms = trojanscan_database_num_rows(res);
517 if (trojanscan_database.total_worms > 0) {
518 if ((trojanscan_database.worms = (trojanscan_worms *)tmalloc(sizeof(trojanscan_worms) * trojanscan_database.total_worms))) {
519 i = 0;
520 while((sqlrow = trojanscan_database_fetch_row(res))) {
521 trojanscan_database.worms[i].id = atoi(sqlrow[0]);
522 trojanscan_database.worms[i].name = trojanscan_getsstring(trojanscan_sanitise(sqlrow[1]), strlen(sqlrow[1]));
523 tempresult = atoi(sqlrow[2]);
524 trojanscan_database.worms[i].glineuser = (tempresult == 0);
525 trojanscan_database.worms[i].glinehost = (tempresult == 1);
526 trojanscan_database.worms[i].monitor = (tempresult == 2);
527 if(sqlrow[3]) {
528 trojanscan_database.worms[i].datalen = ((atoi(sqlrow[3]) == 0) ? 0 : 1);
529 } else {
530 trojanscan_database.worms[i].datalen = 0;
531 }
532
533 trojanscan_database.worms[i].hitpriv = (atoi(sqlrow[4]) == 1);
534 trojanscan_database.worms[i].hitchans = (atoi(sqlrow[5]) == 1);
535 trojanscan_database.worms[i].epidemic = (atoi(sqlrow[6]) == 1);
536
537 i++;
538 }
539 }
540 }
541 trojanscan_database_free_result(res);
542 }
543 }
544
545 if (!(trojanscan_database_query("SELECT id, phrase, wormid FROM phrases WHERE disabled = 0 ORDER BY priority DESC"))) {
546 if ((res = trojanscan_database_store_result(&trojanscan_sql))) {
547 trojanscan_database.total_phrases = trojanscan_database_num_rows(res);
548 if (trojanscan_database.total_phrases > 0) {
549 if ((trojanscan_database.phrases = (trojanscan_phrases *)tmalloc(sizeof(trojanscan_phrases) * trojanscan_database.total_phrases))) {
550 i = 0;
551 while((sqlrow = trojanscan_database_fetch_row(res))) {
552 trojanscan_database.phrases[i].id = atoi(sqlrow[0]);
553 trojanscan_database.phrases[i].worm = trojanscan_find_worm_by_id(atoi(sqlrow[2]));
554 if (!(trojanscan_database.phrases[i].phrase = pcre_compile(sqlrow[1], PCRE_CASELESS, &error, &erroroffset, NULL))) {
555 Error("trojanscan", ERR_WARNING, "Error compiling expression %s at offset %d: %s", sqlrow[1], erroroffset, error);
556 } else {
557 trojanscan_database.phrases[i].hint = pcre_study(trojanscan_database.phrases[i].phrase, 0, &error);
558 if (error) {
559 Error("trojanscan", ERR_WARNING, "Error studying expression %s: %s", sqlrow[1], error);
560 pcre_free(trojanscan_database.phrases[i].phrase);
561 trojanscan_database.phrases[i].phrase = NULL;
562 }
563 }
564 i++;
565 }
566 }
567 }
568 trojanscan_database_free_result(res);
569 }
570 }
571
572 trojanscan_database_query("UPDATE settings SET value = '0' where setting = 'rehash'");
573 }
574
575 void trojanscan_log(nick *np, char *event, char *details, ...) {
576 int nickid = 0;
577 char eevent[TROJANSCAN_QUERY_TEMP_BUF_SIZE], edetails[TROJANSCAN_QUERY_TEMP_BUF_SIZE], buf[513];
578 va_list va;
579
580 va_start(va, details);
581 vsnprintf(buf, sizeof(buf) - 1, details, va);
582 va_end(va);
583
584 if (np)
585 if (IsAccount(np))
586 nickid = trojanscan_user_id_by_authname(np->authname);
587
588 trojanscan_database_escape_string(eevent, event, strlen(event));
589 trojanscan_database_escape_string(edetails, buf, strlen(buf));
590 trojanscan_database_query("INSERT INTO logs (userid, act, description) VALUES ('%d', '%s', '%s')", nickid, eevent, edetails);
591 }
592
593 void trojanscan_generateclone(void *arg) {
594 int i, loops = 0, modes = UMODE_XOPER | UMODE_INV;
595 char c_nick[NICKLEN+1], c_ident[USERLEN+1], c_host[HOSTLEN+1], c_real[REALLEN+1];
596 patricia_node_t *fakeip;
597
598 i = (int)((long)arg);
599
600 /* PPA: unlikely to be infinite */
601 do {
602 c_nick[0] = '\0';
603 if (!loops && trojanscan_hostmode) /* only have one go at this */
604 trojanscan_generatenick(c_nick, NICKLEN);
605 if(!c_nick[0])
606 trojanscan_gennick(c_nick, trojanscan_minmaxrand(7, TROJANSCAN_MMIN(13, NICKLEN)));
607 loops++;
608 } while ((getnickbynick(c_nick) != NULL));
609
610 trojanscan_generateident(c_ident, USERLEN);
611 if(!c_ident[0])
612 trojanscan_genident(c_ident, trojanscan_minmaxrand(4, TROJANSCAN_MMIN(8, USERLEN)));
613
614 if(trojanscan_hostmode) {
615 trojanscan_generatehost(c_host, HOSTLEN, &fakeip);
616 if(!c_host[0])
617 trojanscan_genhost(c_host, HOSTLEN, &fakeip);
618 } else {
619 trojanscan_genhost(c_host, HOSTLEN, &fakeip);
620 }
621
622 trojanscan_generaterealname(c_real, REALLEN);
623 if(!c_real[0])
624 trojanscan_genreal(c_real, trojanscan_minmaxrand(15, TROJANSCAN_MMIN(50, REALLEN)));
625
626 trojanscan_swarm[i].clone = registerlocaluser(c_nick, c_ident, c_host, c_real, NULL, modes, &trojanscan_clonehandlemessages);
627 trojanscan_swarm[i].fakeipnode = fakeip;
628
629 if(trojanscan_swarm[i].clone && !trojanscan_swarm_created) {
630 nick *np = trojanscan_selectuser();
631 if(np) /* select a 'random' sign on time for whois generation */
632 trojanscan_swarm[i].clone->timestamp = np->timestamp;
633 }
634 trojanscan_swarm[i].remaining = trojanscan_minmaxrand(5, 100);
635
636 trojanscan_swarm[i].sitting = 0;
637
638 }
639
640 void trojanscan_free_channels(void) {
641 int i;
642 if(trojanscan_chans) {
643 for(i=0;i<trojanscan_activechans;i++)
644 freesstring(trojanscan_chans[i].channel);
645 tfree(trojanscan_chans);
646 trojanscan_chans = NULL;
647 trojanscan_activechans = 0;
648 }
649 }
650
651 void trojanscan_repool(void *arg) {
652 if (trojanscan_generatepool() < TROJANSCAN_MINPOOLSIZE) {
653 trojanscan_hostmode = 0;
654 return;
655 } else {
656 trojanscan_hostmode = 1;
657 trojanscan_poolschedule = scheduleoneshot(time(NULL) + TROJANSCAN_POOL_REGENERATION, &trojanscan_repool, NULL);
658 }
659 }
660
661 void trojanscan_registerclones(void *arg) {
662 unsigned int i;
663
664 if (trojanscan_generatepool() < TROJANSCAN_MINPOOLSIZE) {
665 trojanscan_hostmode = 0;
666 trojanscan_cloneschedule = scheduleoneshot(time(NULL) + 10, &trojanscan_registerclones, NULL);
667 return;
668 } else {
669 trojanscan_hostmode = 1;
670 trojanscan_poolschedule = scheduleoneshot(time(NULL) + TROJANSCAN_POOL_REGENERATION, &trojanscan_repool, NULL);
671 trojanscan_cloneschedule = NULL;
672 }
673
674 for (i=0;i<TROJANSCAN_CLONE_TOTAL;i++)
675 trojanscan_generateclone((void *)((long)i));
676 trojanscan_mainchanmsg("n: swarm (%d clones) created.", TROJANSCAN_CLONE_TOTAL);
677 trojanscan_swarm_created = 1;
678
679 trojanscan_initialschedule = scheduleoneshot(time(NULL) + 60, &trojanscan_fill_channels, NULL);
680 }
681
682 int trojanscan_status(void *sender, int cargc, char **cargv) {
683 nick *np = (nick *)sender;
684 trojanscan_log(np, "status", "");
685 trojanscan_reply(np, "Channels in schedule: %d", trojanscan_activechans);
686 trojanscan_reply(np, "Channels in database: %d", trojanscan_database.total_channels);
687 trojanscan_reply(np, "Phrases: %d", trojanscan_database.total_phrases);
688 trojanscan_reply(np, "Worms: %d", trojanscan_database.total_worms);
689 trojanscan_reply(np, "Detections: %d", trojanscan_database.detections);
690 trojanscan_reply(np, "Glines: %d", trojanscan_database.glines);
691 trojanscan_reply(np, "Host/tail pool size: %d", TROJANSCAN_POOLSIZE);
692 trojanscan_reply(np, "Cycletime: %d", trojanscan_cycletime);
693 trojanscan_reply(np, "Clones: %d", TROJANSCAN_CLONE_TOTAL);
694 return CMD_OK;
695 }
696
697 int trojanscan_chanlist(void *sender, int cargc, char **cargv) {
698 int i;
699 nick *np = (nick *)sender;
700 char buf[CHANNELLEN * 2 + 20];
701 trojanscan_reply(np, "Channel list (%d total):", trojanscan_activechans);
702 buf[0] = '\0';
703
704 for(i=0;i<trojanscan_activechans;i++) {
705 if(trojanscan_chans[i].channel->length + 3 > sizeof(buf) - strlen(buf)) {
706 trojanscan_reply(np, "%s", buf);
707 buf[0] = '\0';
708 }
709
710 /* if splidge sees this I'm going to die */
711 strlcat(buf, trojanscan_chans[i].channel->content, sizeof(buf));
712 strlcat(buf, " ", sizeof(buf));
713 }
714 if(buf[0])
715 trojanscan_reply(np, "%s", buf);
716
717 trojanscan_reply(np, "Done.");
718 return CMD_OK;
719 }
720
721 int trojanscan_whois(void *sender, int cargc, char **cargv) {
722 char *tochange;
723 nick *np = (nick *)sender, *np2;
724 int templevel;
725
726 if (cargc < 1) {
727 trojanscan_reply(np, "Not enough parameters.");
728 return CMD_ERROR;
729 }
730
731 if (cargv[0][0] == '#') {
732 tochange = cargv[0] + 1;
733 } else {
734 int i;
735 np2 = getnickbynick(cargv[0]);
736 if (!np2) {
737 trojanscan_reply(np, "That nickname is not on the network.");
738 return CMD_ERROR;
739 }
740 for(i=0;i<TROJANSCAN_CLONE_TOTAL;i++) {
741 if(trojanscan_swarm[i].clone->nick && !ircd_strcmp(trojanscan_swarm[i].clone->nick, np2->nick)) {
742 trojanscan_reply(np, "Nickname : %s", np2->nick);
743 trojanscan_reply(np, "Swarm : yes", trojanscan_swarm[i].clone->nick);
744 return CMD_OK;
745 }
746 }
747 if (!IsAccount(np2)) {
748 trojanscan_reply(np, "User is not authed.");
749 return CMD_OK;
750 }
751 tochange = np2->authname;
752 }
753
754 templevel = trojanscan_user_level_by_authname(tochange);
755 if (templevel == -1) {
756 trojanscan_reply(np, "User does not exist.");
757 } else {
758 union trojanscan_userlevel flags;
759 flags.number = templevel;
760 trojanscan_reply(np, "Authname : %s", tochange);
761 trojanscan_reply(np, "Flags : +" TROJANSCAN_FLAG_MASK, TrojanscanFlagsInfo(flags));
762 }
763
764 return CMD_OK;
765 }
766
767 void trojanscan_privmsg_chan_or_nick(channel *cp, nick *np, char *message, ...) {
768 char buf[513];
769 va_list va;
770
771 if (!trojanscan_nick)
772 return;
773
774 va_start(va, message);
775 vsnprintf(buf, sizeof(buf) - 1, message, va);
776 va_end(va);
777
778 if (cp) {
779 sendmessagetochannel(trojanscan_nick, cp, buf);
780 } else {
781 sendmessagetouser(trojanscan_nick, np, buf);
782 }
783
784 }
785
786 int trojanscan_mew(void *sender, int cargc, char **cargv) {
787 nick *np = (nick *)sender, *np2 = NULL;
788 channel *cp = NULL;
789
790 if (cargc < 2) {
791 trojanscan_reply(np, "Not enough paramaters.");
792 return CMD_ERROR;
793 }
794
795 if(cargv[0][0] == '#') {
796 if (!(cp = findchannel(cargv[0]))) {
797 trojanscan_reply(np, "Channel not found.");
798 return CMD_ERROR;
799 }
800 trojanscan_log(np, "mew", "%s %s", cp->index->name->content, cargv[1]);
801 } else {
802 if (!(np2 = getnickbynick(cargv[0]))) {
803 trojanscan_reply(np, "Nickname is not present on the network.");
804 return CMD_ERROR;
805 }
806 trojanscan_log(np, "mew", "%s %s", np2->nick, cargv[1]);
807 }
808
809 trojanscan_privmsg_chan_or_nick(cp, np2, "\001ACTION mews hopefully at %s\001", cargv[1]);
810
811 if (cp) {
812 trojanscan_reply(np, "Mewed at %s in %s.", cargv[1], cp->index->name->content);
813 } else {
814 trojanscan_reply(np, "Mewed at %s at %s.", cargv[1], np2->nick);
815 }
816
817 if(!IsOper(np))
818 trojanscan_mainchanmsg("n: mew: %s %s (%s/%s)", cargv[1], cp?cp->index->name->content:np2->nick, np->nick, np->authname);
819
820 return CMD_OK;
821 }
822
823 int trojanscan_cat(void *sender, int cargc, char **cargv) {
824 nick *np = (nick *)sender, *np2 = NULL;
825 channel *cp = NULL;
826 FILE *cat;
827 char buf[513], *p;
828
829 if (cargc < 1) {
830 trojanscan_reply(np, "Not enough paramaters.");
831 return CMD_ERROR;
832 }
833
834 if(cargv[0][0] == '#') {
835 if (!(cp = findchannel(cargv[0]))) {
836 trojanscan_reply(np, "Channel not found.");
837 return CMD_ERROR;
838 }
839 trojanscan_log(np, "cat", cp->index->name->content);
840 } else {
841 if (!(np2 = getnickbynick(cargv[0]))) {
842 trojanscan_reply(np, "Nickname is not present on the network.");
843 return CMD_ERROR;
844 }
845 trojanscan_log(np, "cat", np2->nick);
846 }
847
848 if ((!(cat = fopen(TROJANSCAN_CAT, "r")))) {
849 trojanscan_reply(np, "Unable to open cat!");
850 return CMD_ERROR;
851 }
852
853 while (fgets(buf, sizeof(buf) - 1, cat)) {
854 if ((p = strchr(buf, '\n'))) {
855 *p = '\0';
856 trojanscan_privmsg_chan_or_nick(cp, np2, "%s", buf);
857 } else if (feof(cat)) {
858 trojanscan_privmsg_chan_or_nick(cp, np2, "%s", buf);
859 }
860 }
861
862 fclose(cat);
863
864 if (cp) {
865 trojanscan_reply(np, "Spammed cat in %s.", cp->index->name->content);
866 } else {
867 trojanscan_reply(np, "Spammed cat at %s.", np2->nick);
868 }
869
870 return CMD_OK;
871 }
872
873 int trojanscan_reschedule(void *sender, int cargc, char **cargv) {
874 nick *np = (nick *)sender;
875 trojanscan_log(np, "reschedule", "");
876 trojanscan_fill_channels(NULL);
877
878 trojanscan_reply(np, "Rescheduled.");
879 return CMD_OK;
880 }
881
882 int trojanscan_listusers(void *sender, int cargc, char **cargv) {
883 nick *np = (nick *)sender;
884
885 trojanscan_log(np, "listusers", "");
886
887 trojanscan_reply(np, "User list:");
888
889 if (!(trojanscan_database_query("SELECT authname, authlevel FROM users ORDER BY authlevel DESC, authname"))) {
890 trojanscan_database_res *res;
891 if ((res = trojanscan_database_store_result(&trojanscan_sql))) {
892 if (trojanscan_database_num_rows(res)) {
893 trojanscan_database_row sqlrow;
894 union trojanscan_userlevel flags;
895 while((sqlrow = trojanscan_database_fetch_row(res))) {
896 flags.number = atoi(sqlrow[1]);
897 trojanscan_reply(np, "%s +" TROJANSCAN_FLAG_MASK, sqlrow[0], TrojanscanIsDeveloper(flags) ? "d" : "", TrojanscanIsTeamLeader(flags) ? "t" : "", TrojanscanIsStaff(flags) ? "s" : "", TrojanscanIsWebsite(flags) ? "w" : "", TrojanscanIsCat(flags) ? "c" : "");
898 }
899 }
900 trojanscan_database_free_result(res);
901 }
902 }
903
904 trojanscan_reply(np, "Done.");
905 return CMD_OK;
906 }
907
908 int trojanscan_help(void *sender, int cargc, char **cargv) {
909 nick *np = (nick *)sender;
910
911 if (cargc == 0) {
912 trojanscan_reply(np, "Not enough parameters.");
913 return CMD_ERROR;
914 }
915
916 if (!strcasecmp("help", cargv[0])) {
917 trojanscan_reply(np, "Syntax: help <command name>");
918 trojanscan_reply(np, "Gives help on commands.");
919 } else if (!strcasecmp("status", cargv[0])) {
920 trojanscan_reply(np, "Syntax: status");
921 trojanscan_reply(np, "Gives statistical information about the bot.");
922 } else if (!strcasecmp("join", cargv[0])) {
923 trojanscan_reply(np, "Syntax: join <#channel>");
924 trojanscan_reply(np, "Orders a clone to join supplied channel.");
925 } else if (!strcasecmp("showcommands", cargv[0])) {
926 trojanscan_reply(np, "Syntax: showcommands");
927 trojanscan_reply(np, "Pretty obvious.");
928 } else if (!strcasecmp("hello", cargv[0])) {
929 trojanscan_reply(np, "Syntax: hello ?nickname?");
930 trojanscan_reply(np, "Creates a new user.");
931 } else if (!strcasecmp("rehash", cargv[0])) {
932 trojanscan_reply(np, "Syntax: rehash");
933 trojanscan_reply(np, "Reloads bot database.");
934 } else if (!strcasecmp("changelev", cargv[0])) {
935 trojanscan_reply(np, "Syntax: changelev <nickname or #authname> <flags>");
936 trojanscan_reply(np, "Changes access flags of selected user to supplied input.");
937 trojanscan_reply(np, "+d -> developer");
938 trojanscan_reply(np, "+t -> team leader");
939 trojanscan_reply(np, "+s -> staff");
940 trojanscan_reply(np, "+w -> web management");
941 trojanscan_reply(np, "+c -> cat access");
942 } else if (!strcasecmp("deluser", cargv[0])) {
943 trojanscan_reply(np, "Syntax: deluser <nickname or #authname>");
944 trojanscan_reply(np, "Deletes selected user from my database.");
945 } else if (!strcasecmp("mew", cargv[0])) {
946 trojanscan_reply(np, "Syntax: mew <#channel or nickname> <nickname>");
947 trojanscan_reply(np, "Gracefully mews at target in selected channel or query.");
948 } else if (!strcasecmp("cat", cargv[0])) {
949 trojanscan_reply(np, "Syntax: cat <#channel or nickname>");
950 trojanscan_reply(np, "Shows the almightly cat.");
951 } else if (!strcasecmp("reschedule", cargv[0])) {
952 trojanscan_reply(np, "Syntax: reschedule");
953 trojanscan_reply(np, "Recalculates bots schedule.");
954 } else if (!strcasecmp("chanlist", cargv[0])) {
955 trojanscan_reply(np, "Syntax: chanlist");
956 trojanscan_reply(np, "Displays bots current channel list.");
957 } else if (!strcasecmp("whois", cargv[0])) {
958 trojanscan_reply(np, "Syntax: whois <nickname or #authname>");
959 trojanscan_reply(np, "Displays information on given user.");
960 } else if (!strcasecmp("whois", cargv[0])) {
961 trojanscan_reply(np, "Syntax: listusers <flags>");
962 trojanscan_reply(np, "Displays users with listusersing flags.");
963 } else {
964 trojanscan_reply(np, "Command not found.");
965 return CMD_ERROR;
966 }
967
968 return CMD_OK;
969 }
970
971 int trojanscan_hello(void *sender, int cargc, char **cargv) {
972 nick *np = (nick *)sender, *toadd;
973 char eaccount[TROJANSCAN_QUERY_TEMP_BUF_SIZE];
974 int level = 0;
975
976 if (cargc > 0) {
977 toadd = getnickbynick(cargv[0]);
978 if (!toadd) {
979 trojanscan_reply(np, "That nickname is not on the network.");
980 return CMD_ERROR;
981 }
982 if (!IsAccount(toadd)) {
983 trojanscan_reply(np, "That user is not authed with the network.");
984 return CMD_ERROR;
985 }
986 } else {
987 if (!IsAccount(np)) {
988 trojanscan_reply(np, "You are not authed with the network, auth before creating your user.");
989 return CMD_ERROR;
990 }
991 toadd = np;
992 }
993
994 if (trojanscan_user_level_by_authname(toadd->authname)!=-1) {
995 trojanscan_reply(np, "Authname (%s) is already on file.", toadd->authname);
996 return CMD_ERROR;
997 }
998
999 trojanscan_log(np, "hello", toadd->authname);
1000
1001 if (!(trojanscan_database_query("SELECT id FROM users LIMIT 1"))) {
1002 trojanscan_database_res *res;
1003 if ((res = trojanscan_database_store_result(&trojanscan_sql))) {
1004 if (trojanscan_database_num_rows(res) == 0)
1005 level = TROJANSCAN_ACL_DEVELOPER | TROJANSCAN_ACL_STAFF | TROJANSCAN_ACL_WEBSITE | TROJANSCAN_ACL_CAT;
1006 trojanscan_database_free_result(res);
1007 }
1008 }
1009
1010 trojanscan_database_escape_string(eaccount, toadd->authname, strlen(toadd->authname));
1011 trojanscan_database_query("INSERT INTO users (authname, authlevel) VALUES ('%s', %d)", eaccount, level);
1012 trojanscan_reply(np, "Account added to database, account %s%s.", toadd->authname, level>0?" (first user so developer access)":"");
1013
1014 return CMD_OK;
1015 }
1016
1017 int trojanscan_user_level_by_authname(char *authname) {
1018 int result = -1, sl = strlen(authname);
1019 char eaccount[TROJANSCAN_QUERY_TEMP_BUF_SIZE];
1020
1021 trojanscan_database_escape_string(eaccount, authname, sl);
1022 if (!(trojanscan_database_query("SELECT authlevel, authname FROM users WHERE authname = '%s'", eaccount))) {
1023 trojanscan_database_res *res;
1024 if ((res = trojanscan_database_store_result(&trojanscan_sql))) {
1025 if (trojanscan_database_num_rows(res) > 0) {
1026 trojanscan_database_row sqlrow = trojanscan_database_fetch_row(res);
1027 result = atoi(sqlrow[0]);
1028 strlcpy(authname, sqlrow[1], sl + 1);
1029 }
1030 trojanscan_database_free_result(res);
1031 }
1032 }
1033 return result;
1034 }
1035
1036 int trojanscan_user_id_by_authname(char *authname) {
1037 int result = 0;
1038 char eaccount[TROJANSCAN_QUERY_TEMP_BUF_SIZE];
1039
1040 trojanscan_database_escape_string(eaccount, authname, strlen(authname));
1041 if (!(trojanscan_database_query("SELECT id FROM users WHERE authname = '%s'", eaccount))) {
1042 trojanscan_database_res *res;
1043 if ((res = trojanscan_database_store_result(&trojanscan_sql))) {
1044 if (trojanscan_database_num_rows(res) > 0) {
1045 trojanscan_database_row sqlrow = trojanscan_database_fetch_row(res);
1046 result = atoi(sqlrow[0]);
1047 }
1048 trojanscan_database_free_result(res);
1049 }
1050 }
1051 return result;
1052 }
1053
1054 struct trojanscan_clones *trojanscan_selectclone(char type) {
1055 struct trojanscan_clones *rc;
1056 int randomclone, hits = 0, minlimit, maxlimit;
1057
1058 if(type == TROJANSCAN_WATCH_CLONES) {
1059 minlimit = TROJANSCAN_CLONE_MAX;
1060 maxlimit = minlimit + TROJANSCAN_WATCHCLONE_MAX - 1;
1061 } else {
1062 minlimit = 0;
1063 maxlimit = TROJANSCAN_CLONE_MAX - 1;
1064 }
1065
1066 do {
1067 randomclone = trojanscan_minmaxrand(minlimit, maxlimit);
1068 if (hits++ > 200)
1069 return NULL;
1070 rc = &trojanscan_swarm[randomclone];
1071 if ((type == TROJANSCAN_NORMAL_CLONES) && (rc->sitting == 0) && (rc->remaining == 0))
1072 break;
1073
1074 } while (rc->remaining == 0);
1075
1076 if(type == TROJANSCAN_NORMAL_CLONES) {
1077 if ((rc->sitting == 0) && (rc->remaining == 0)) {
1078 if ((!rc->remaining) && (!rc->sitting)) {
1079 if (rc->clone) {
1080 deregisterlocaluser(rc->clone, NULL);
1081 derefnode(iptree, rc->fakeipnode);
1082 rc->clone = NULL;
1083 }
1084 trojanscan_generateclone((void *)((long)rc->index));
1085 }
1086 }
1087 }
1088
1089 return rc;
1090
1091 }
1092
1093 /* hack hack hack */
1094 int trojanscan_nickbanned(trojanscan_clones *np, channel *cp) {
1095 int ret;
1096 patricia_node_t *realipnode = np->clone->ipnode;
1097
1098 np->clone->ipnode = np->fakeipnode;
1099
1100 ret = nickbanned(np->clone, cp);
1101
1102 np->clone->ipnode = realipnode;
1103
1104 return ret;
1105 }
1106
1107 struct trojanscan_realchannels *trojanscan_allocaterc(char *chan) {
1108 struct trojanscan_realchannels *rc;
1109 struct trojanscan_clones *clonep;
1110 channel *cp;
1111 int attempts_left = 10;
1112
1113 if (!chan) {
1114 trojanscan_errorcode = 1; /* sorry splidge ;( */
1115 return NULL;
1116 }
1117
1118 if(chan[0] != '#') {
1119 trojanscan_errorcode = 2;
1120 return NULL;
1121 }
1122
1123 if (strlen(chan) > 1) {
1124 if(strrchr(chan, ',')) {
1125 trojanscan_errorcode = 3;
1126 return NULL;
1127 }
1128
1129 if(strrchr(chan, ' ')) {
1130 trojanscan_errorcode = 4;
1131 return NULL;
1132 }
1133 }
1134
1135 cp = findchannel(chan);
1136 if (!cp) {
1137 trojanscan_errorcode = 5;
1138 return NULL;
1139 }
1140
1141 do {
1142 clonep = trojanscan_selectclone(TROJANSCAN_NORMAL_CLONES);
1143 if (!clonep) {
1144 trojanscan_errorcode = 6;
1145 return NULL;
1146 }
1147 if(!trojanscan_nickbanned(clonep, cp))
1148 break;
1149 } while (--attempts_left > 0);
1150
1151 if (!attempts_left) {
1152 trojanscan_errorcode = 7;
1153 return NULL;
1154 }
1155
1156 rc = (struct trojanscan_realchannels *)tmalloc(sizeof(struct trojanscan_realchannels));
1157
1158 rc->next = NULL;
1159 rc->clone = clonep;
1160 rc->chan = cp;
1161 rc->donotpart = 0;
1162 rc->kickedout = 0;
1163 return rc;
1164 }
1165
1166 void trojanscan_join(struct trojanscan_realchannels *rc) {
1167 struct trojanscan_realchannels *rp = trojanscan_realchanlist;
1168
1169 if (rc->clone && rc->clone->clone) {
1170 if (!localjoinchannel(rc->clone->clone, rc->chan)) {
1171 rc->clone->remaining--;
1172 rc->clone->sitting++;
1173 if (trojanscan_minmaxrand(1, TROJANSCAN_NICKCHANGE_ODDS)%TROJANSCAN_NICKCHANGE_ODDS == 0)
1174 trojanscan_donickchange((void *)rc->clone);
1175
1176 rc->schedule = scheduleoneshot(time(NULL)+trojanscan_part_time, &trojanscan_dopart, (void *)rc);
1177
1178 if (rp) {
1179 for(;rp->next;rp=rp->next);
1180 rp->next = rc;
1181 } else {
1182 trojanscan_realchanlist = rc;
1183 }
1184 }
1185 }
1186
1187 }
1188
1189 int trojanscan_userjoin(void *sender, int cargc, char **cargv) {
1190 nick *np = (nick *)sender;
1191 struct trojanscan_realchannels *rc;
1192
1193 if (cargc < 1) {
1194 trojanscan_reply(np, "Not enough paramaters");
1195 return CMD_ERROR;
1196 }
1197
1198 if (!trojanscan_swarm_created) {
1199 trojanscan_reply(np, "My swarm is currently empty.");
1200 return CMD_OK;
1201 }
1202
1203 if((rc = trojanscan_allocaterc(cargv[0]))) {
1204 trojanscan_log(np, "join", cargv[0]);
1205 trojanscan_join(rc);
1206 trojanscan_reply(np, "Clone has joined channel.");
1207 if(!IsOper(np))
1208 trojanscan_mainchanmsg("n: join: %s (%s/%s)", cargv[0], np->nick, np->authname);
1209 } else {
1210 if (trojanscan_errorcode == 5) {
1211 trojanscan_reply(np, "Not joining empty channel, check you entered the correct channel name.");
1212 } else {
1213 trojanscan_reply(np, "Clone could not join channel (error code %d)!", trojanscan_errorcode);
1214 }
1215 }
1216 return CMD_OK;
1217 }
1218
1219 int trojanscan_rehash(void *sender, int cargc, char **cargv) {
1220 nick *np = (void *)sender;
1221 trojanscan_refresh_settings();
1222 trojanscan_read_database(0);
1223 trojanscan_log(np, "rehash", "");
1224 trojanscan_reply(np, "Done.");
1225 return CMD_OK;
1226 }
1227
1228 int trojanscan_changelev(void *sender, int cargc, char **cargv) {
1229 nick *np = (nick *)sender, *np2;
1230 int templevel;
1231 char eaccount[TROJANSCAN_QUERY_TEMP_BUF_SIZE], *tochange, *p, mode = 1, error = 0, clast = 0, specialcase;
1232 union trojanscan_userlevel flags1, flags2;
1233
1234 if (cargc < 2) {
1235 trojanscan_reply(np, "Not enough parameters.");
1236 return CMD_ERROR;
1237 }
1238
1239 templevel = trojanscan_user_level_by_authname(np->authname);
1240
1241 if (templevel == -1) {
1242 trojanscan_reply(np, "You do not have an account.");
1243 return CMD_ERROR;
1244 }
1245
1246 flags1.number = templevel;
1247
1248 if (cargv[0][0] == '#') {
1249 tochange = cargv[0] + 1;
1250 } else {
1251 np2 = getnickbynick(cargv[0]);
1252 if (!np2) {
1253 trojanscan_reply(np, "That nickname is not on the network.");
1254 return CMD_ERROR;
1255 }
1256 if (!IsAccount(np2)) {
1257 trojanscan_reply(np, "That user is not authed with the network.");
1258 return CMD_ERROR;
1259 }
1260 tochange = np2->authname;
1261 }
1262
1263 templevel = trojanscan_user_level_by_authname(tochange);
1264
1265 if (templevel == -1) {
1266 trojanscan_reply(np, "User does not exist.");
1267 return CMD_ERROR;
1268 }
1269
1270 flags2.number = templevel;
1271
1272 if (!ircd_strcmp(np->authname, tochange)) {
1273 specialcase = 1;
1274 } else {
1275 specialcase = 0;
1276 }
1277
1278 for (p=cargv[1];*p;p++) {
1279 switch (*p) {
1280 case '+':
1281 case '-':
1282 mode = (*p == '+');
1283 break;
1284 case 'd':
1285 if (!TrojanscanIsDeveloper(flags1))
1286 clast = 1;
1287 flags2.values.developer = mode;
1288 break;
1289 case 't':
1290 if (!TrojanscanIsDeveloper(flags1))
1291 clast = 1;
1292 flags2.values.teamleader = mode;
1293 break;
1294 case 's':
1295 if (!TrojanscanIsLeastTeamLeader(flags1))
1296 clast = 1;
1297 flags2.values.staff = mode;
1298 break;
1299 case 'w':
1300 if (!TrojanscanIsDeveloper(flags1))
1301 clast = 1;
1302 flags2.values.website = mode;
1303 break;
1304 case 'c':
1305 if (!TrojanscanIsDeveloper(flags1))
1306 clast = 1;
1307 flags2.values.cat = mode;
1308 break;
1309 default:
1310 error = 1;
1311 goto last;
1312 break;
1313 }
1314 if (clast == 1) {
1315 if (specialcase && !mode) { /* allow user to remove their own flags */
1316 clast = 0;
1317 } else {
1318 goto last;
1319 }
1320 }
1321 }
1322
1323 last:
1324 if (*p) {
1325 if (error) {
1326 trojanscan_reply(np, "Unknown mode: %c%c.", mode?'+':'-', *p);
1327 } else {
1328 trojanscan_reply(np, "You have insufficient privilidges to add/remove one or more flags specified.");
1329 }
1330 return CMD_ERROR;
1331 }
1332
1333 trojanscan_log(np, "changelev", "%s %s", tochange, cargv[1]);
1334 trojanscan_database_escape_string(eaccount, tochange, strlen(tochange));
1335 trojanscan_database_query("UPDATE users SET authlevel = %d WHERE authname = '%s'", flags2.number, eaccount);
1336
1337 trojanscan_reply(np, "Flags changed.");
1338
1339 return CMD_OK;
1340 }
1341
1342 int trojanscan_deluser(void *sender, int cargc, char **cargv) {
1343 nick *np = (nick *)sender, *to;
1344 int templevel;
1345 char eaccount[TROJANSCAN_QUERY_TEMP_BUF_SIZE], *account;
1346 union trojanscan_userlevel flags1, flags2;
1347
1348 if (cargc < 1) {
1349 trojanscan_reply(np, "Not enough parameters.");
1350 return CMD_ERROR;
1351 }
1352
1353 if (cargv[0][0] == '#') {
1354 account = cargv[0] + 1;
1355 } else {
1356 to = getnickbynick(cargv[0]);
1357 if (!to) {
1358 trojanscan_reply(np, "That nickname is not on the network.");
1359 return CMD_ERROR;
1360 }
1361 if (!IsAccount(to)) {
1362 trojanscan_reply(np, "That user is not authed with the network.");
1363 return CMD_ERROR;
1364 }
1365 account = to->authname;
1366 }
1367
1368 flags1.number = trojanscan_user_level_by_authname(np->authname);
1369 templevel = trojanscan_user_level_by_authname(account);
1370
1371 if (templevel == -1) {
1372 trojanscan_reply(np, "Auth %s does not exist.", account);
1373 return CMD_ERROR;
1374 }
1375
1376 flags2.number = templevel;
1377
1378 if (!TrojanscanIsDeveloper(flags1) && TrojanscanIsLeastTeamLeader(flags2)) {
1379 trojanscan_reply(np, "Your cannot delete %s as his/her flags equal or surpass your own.", account);
1380 return CMD_ERROR;
1381 }
1382
1383 trojanscan_log(np, "deluser", account);
1384 trojanscan_database_escape_string(eaccount, account, strlen(account));
1385 trojanscan_database_query("DELETE FROM users WHERE authname = '%s'", eaccount);
1386 trojanscan_reply(np, "User deleted.");
1387
1388 return CMD_OK;
1389 }
1390
1391 int trojanscan_add_ll(struct trojanscan_prechannels **head, struct trojanscan_prechannels *newitem) {
1392 struct trojanscan_prechannels *position, *lastitem = NULL, *location = NULL;
1393 if (!*head) {
1394 *head = newitem;
1395 newitem->next = NULL;
1396 if (newitem->exempt) {
1397 return 0;
1398 } else {
1399 return 1;
1400 }
1401 }
1402 /* if its exempt, we don't give a monkeys where it is... */
1403 if (newitem->exempt) {
1404 newitem->next = *head;
1405 *head = newitem;
1406 return 0;
1407 }
1408
1409 for(position=*head;position;lastitem=position,position=position->next) {
1410 if (!ircd_strcmp(position->name->content, newitem->name->content)) {
1411 tfree(newitem);
1412 return 0;
1413 }
1414 if (!location && (position->size < newitem->size)) {
1415 if (!lastitem) {
1416 location = *head;
1417 } else {
1418 location = lastitem;
1419 }
1420 }
1421 }
1422 if (!location) {
1423 newitem->next = NULL;
1424 lastitem->next = newitem;
1425 } else {
1426 newitem->next = location->next;
1427 location->next = newitem;
1428 }
1429 if(newitem->exempt) {
1430 return 0;
1431 } else {
1432 return 1;
1433 }
1434 }
1435
1436 void trojanscan_watch_clone_update(struct trojanscan_prechannels *hp, int count) {
1437 int i, j, marked;
1438 struct trojanscan_prechannels *lp;
1439 struct trojanscan_templist *markedlist = NULL;
1440
1441 if(count > 0) {
1442 markedlist = (struct trojanscan_templist *)tmalloc(count * sizeof(struct trojanscan_templist));
1443 if (!markedlist)
1444 return;
1445 memset(markedlist, 0, sizeof(struct trojanscan_templist) * count);
1446 }
1447
1448 for(i=0;i<trojanscan_activechans;i++) {
1449 marked = 0;
1450 if(markedlist) {
1451 for(lp=hp,j=0;j<count&&lp;j++,lp=lp->next) {
1452 if(!markedlist[j].active && !lp->exempt && !ircd_strcmp(lp->name->content, trojanscan_chans[i].channel->content)) { /* we're already on the channel */
1453 if(trojanscan_chans[i].watch_clone) {
1454 markedlist[j].active = 1;
1455 markedlist[j].watch_clone = trojanscan_chans[i].watch_clone;
1456 lp->watch_clone = trojanscan_chans[i].watch_clone;
1457 }
1458 marked = 1;
1459 break;
1460 }
1461 }
1462 }
1463 if(!marked && trojanscan_chans[i].watch_clone) {
1464 channel *cp = findchannel(trojanscan_chans[i].channel->content);
1465 if(cp)
1466 localpartchannel(trojanscan_chans[i].watch_clone->clone, cp, NULL);
1467 }
1468 }
1469
1470 if(!markedlist)
1471 return;
1472
1473 for(j=0,lp=hp;j<count&&lp;j++,lp=lp->next) {
1474 if((!markedlist[j].active || !markedlist[j].watch_clone) && !lp->exempt) {
1475 channel *cp = findchannel(lp->name->content);
1476 if(cp) {
1477 int attempts = 10;
1478 do {
1479 lp->watch_clone = trojanscan_selectclone(TROJANSCAN_WATCH_CLONES);
1480 if(!lp->watch_clone)
1481 break;
1482 if(!trojanscan_nickbanned(lp->watch_clone, cp)) {
1483 if(localjoinchannel(lp->watch_clone->clone, cp))
1484 lp->watch_clone = NULL;
1485 break;
1486 }
1487 } while(--attempts > 0);
1488 if(!attempts)
1489 lp->watch_clone = NULL;
1490
1491 }
1492 }
1493 }
1494
1495 tfree(markedlist);
1496 }
1497
1498 void trojanscan_fill_channels(void *arg) {
1499 struct trojanscan_prechannels *head = NULL, *lp, *last = NULL;
1500 int i, count, tempctime = 0;
1501
1502 chanindex *chn;
1503
1504 for (count=i=0;i<trojanscan_database.total_channels;i++) {
1505 lp = (trojanscan_prechannels *)tmalloc(sizeof(trojanscan_prechannels));
1506 lp->name = trojanscan_database.channels[i].name;
1507 lp->size = 65535;
1508 lp->exempt = trojanscan_database.channels[i].exempt;
1509 lp->watch_clone = NULL;
1510 if (trojanscan_add_ll(&head, lp))
1511 count++;
1512 }
1513
1514 for (i=0;i<CHANNELHASHSIZE;i++) {
1515 for(chn=chantable[i];chn;chn=chn->next) {
1516 if (chn->channel && !IsKey(chn->channel) && !IsInviteOnly(chn->channel) && !IsRegOnly(chn->channel) && (chn->channel->users->totalusers >= trojanscan_minchansize)) {
1517 lp = (trojanscan_prechannels *)tmalloc(sizeof(trojanscan_prechannels));
1518 lp->name = chn->name;
1519 lp->size = chn->channel->users->totalusers;
1520 lp->exempt = 0;
1521 lp->watch_clone = NULL;
1522 if (trojanscan_add_ll(&head, lp))
1523 count++;
1524 }
1525 }
1526 }
1527
1528 count = TROJANSCAN_MMIN(count, trojanscan_maxchans);
1529
1530 trojanscan_watch_clone_update(head, count);
1531
1532 trojanscan_free_channels();
1533 trojanscan_chans = (struct trojanscan_inchannel *)tmalloc(count * sizeof(struct trojanscan_inchannel));
1534 memset(trojanscan_chans, 0, count * sizeof(struct trojanscan_inchannel));
1535 trojanscan_activechans = count;
1536 i = 0;
1537
1538 for(lp=head;lp;last=lp,lp=lp->next) {
1539 if (!(lp->exempt) && (i < count)) {
1540 trojanscan_chans[i].channel = getsstring(lp->name->content, lp->name->length);
1541 trojanscan_chans[i++].watch_clone = lp->watch_clone;
1542 }
1543 if (last)
1544 tfree(last);
1545 }
1546
1547 if (last)
1548 tfree(last);
1549
1550 if (trojanscan_activechans > 0) {
1551 tempctime = trojanscan_cycletime / trojanscan_activechans;
1552 } else {
1553 tempctime = 60;
1554 trojanscan_mainchanmsg("d: just escaped a divide by zero error (no activechans!), rescheduling in 60 seconds");
1555 }
1556
1557 if(trojanscan_schedule)
1558 deleteschedule(trojanscan_schedule, &trojanscan_dojoin, NULL);
1559
1560 trojanscan_channumber = 0;
1561
1562 trojanscan_schedule = schedulerecurring(time(NULL) + tempctime, trojanscan_activechans + 1, tempctime, trojanscan_dojoin, NULL);
1563
1564 }
1565
1566 void trojanscan_dojoin(void *arg) {
1567 struct trojanscan_realchannels *rc;
1568 if (trojanscan_channumber >= trojanscan_activechans) {
1569 trojanscan_schedule = NULL;
1570 trojanscan_fill_channels(NULL);
1571 } else {
1572 if ((rc = trojanscan_allocaterc(trojanscan_chans[trojanscan_channumber++].channel->content)))
1573 trojanscan_join(rc);
1574 }
1575 }
1576
1577
1578 void trojanscan_dopart(void *arg) {
1579 struct trojanscan_realchannels *rc = (struct trojanscan_realchannels *)arg, *rp, *past = NULL;
1580
1581 if (rc->kickedout) { /* there's a join scheduled, wait for it (reschedule) */
1582 rc->schedule = scheduleoneshot(time(NULL)+5, &trojanscan_dopart, (void *)rc);
1583 return;
1584 }
1585
1586 if (rc->clone->clone && (!(rc->donotpart)))
1587 localpartchannel(rc->clone->clone, rc->chan, NULL);
1588
1589 rc->clone->sitting--;
1590
1591 for(rp=trojanscan_realchanlist;rp;rp=rp->next) {
1592 if (rp == rc) {
1593 if (!past) {
1594 trojanscan_realchanlist = rp->next;
1595 } else {
1596 past->next = rp->next;
1597 }
1598 tfree(rp);
1599 break;
1600 }
1601 past = rp;
1602 }
1603
1604 }
1605
1606 void trojanscan_donickchange(void *arg) { /* just incase I choose to make this schedule at some point */
1607 struct trojanscan_clones *clone = (trojanscan_clones *)arg;
1608 if (clone && clone->clone) {
1609 char c_nick[NICKLEN+1];
1610 int loops = 0;
1611 /* PPA: unlikely to be infinite */
1612 do {
1613 if ((loops++ < 10) && trojanscan_hostmode) {
1614 trojanscan_generatenick(c_nick, NICKLEN);
1615 } else {
1616 trojanscan_gennick(c_nick, trojanscan_minmaxrand(7, TROJANSCAN_MMIN(13, NICKLEN)));
1617 }
1618 } while (c_nick[0] && (getnickbynick(c_nick) != NULL));
1619
1620 renamelocaluser(clone->clone, c_nick);
1621 }
1622
1623 }
1624
1625 int trojanscan_keysort(const void *v1, const void *v2) {
1626 return ((*(trojanscan_prechannels **)v2)->size - (*(trojanscan_prechannels **)v1)->size);
1627 }
1628
1629 int trojanscan_showcommands(void *sender, int cargc, char **cargv) {
1630 nick *np = (nick *)sender;
1631 Command *cmdlist[100];
1632 int i, n;
1633 char level = 0;
1634
1635 n = getcommandlist(trojanscan_cmds, cmdlist, 100);
1636
1637 trojanscan_reply(np, "The following commands are registered at present:");
1638
1639 for(i=0;i<n;i++) {
1640 if (cmdlist[i]->level & TROJANSCAN_ACL_STAFF) {
1641 level = 's';
1642 } else if (cmdlist[i]->level & TROJANSCAN_ACL_DEVELOPER) {
1643 level = 'd';
1644 } else if (cmdlist[i]->level & TROJANSCAN_ACL_TEAMLEADER) {
1645 level = 't';
1646 } else if (cmdlist[i]->level & TROJANSCAN_ACL_CAT) {
1647 level = 'c';
1648 } else if (cmdlist[i]->level & TROJANSCAN_ACL_WEBSITE) {
1649 level = 'w';
1650 } else if (cmdlist[i]->level & TROJANSCAN_ACL_UNAUTHED) {
1651 level = 0;
1652 }
1653 if (level) {
1654 trojanscan_reply(np, "%s (+%c)", cmdlist[i]->command->content, level);
1655 } else {
1656 trojanscan_reply(np, "%s", cmdlist[i]->command->content);
1657 }
1658 }
1659 trojanscan_reply(np, "End of list.");
1660 return CMD_OK;
1661 }
1662
1663 void trojanscan_handlemessages(nick *target, int messagetype, void **args) {
1664 Command *cmd;
1665 char *cargv[50];
1666 int cargc, templevel;
1667 nick *sender;
1668 union trojanscan_userlevel level;
1669
1670 switch(messagetype) {
1671 case LU_PRIVMSG:
1672 case LU_SECUREMSG:
1673 /* If it's a message, first arg is nick and second is message */
1674 sender = (nick *)args[0];
1675
1676 if(strncmp(TROJANSCAN_VERSION_DETECT, args[1], sizeof(TROJANSCAN_VERSION_DETECT)-1)==0) {
1677 char p = ((char *)args[1])[sizeof(TROJANSCAN_VERSION_DETECT)-1];
1678 if((p == ' ') || (p == '\0') || (p == 1)) {
1679 trojanscan_reply(sender, "\001VERSION Trojanscan (or Tigger) Newserv module version %s by Chris Porter (slug), Newserv by David Mansell (splidge). Compiled " __DATE__ " " __TIME__ ".\001", TROJANSCAN_VERSION);
1680 return;
1681 }
1682 }
1683
1684 /* Split the line into params */
1685 cargc = splitline((char *)args[1], cargv, 50, 0);
1686 if(cargc == 0 || !cargv[0])
1687 return;
1688
1689 cmd=findcommandintree(trojanscan_cmds, cargv[0], 1);
1690 if (!cmd) {
1691 trojanscan_reply(sender, "Unknown command.");
1692 return;
1693 }
1694
1695 if ((cmd->level & TROJANSCAN_ACL_OPER) && !IsOper(sender)) {
1696 trojanscan_reply(sender, "You need to be opered to use this command.");
1697 return;
1698 }
1699
1700 /* bit grim code... */
1701
1702 if (!(cmd->level & TROJANSCAN_ACL_UNAUTHED)) {
1703 if (!IsAccount(sender)) {
1704 trojanscan_reply(sender, "You must be authed with the network to access this command!");
1705 return;
1706 }
1707 templevel = trojanscan_user_level_by_authname(sender->authname);
1708
1709 if (templevel == -1) {
1710 trojanscan_reply(sender, "You do not have an account.");
1711 return;
1712 }
1713
1714 level.number = templevel;
1715
1716 if ((cmd->level & TROJANSCAN_ACL_DEVELOPER) && !TrojanscanIsDeveloper(level)) {
1717 trojanscan_reply(sender, "Access denied.");
1718 return;
1719 }
1720 if ((cmd->level & TROJANSCAN_ACL_TEAMLEADER) && !TrojanscanIsLeastTeamLeader(level)) {
1721 trojanscan_reply(sender, "Access denied.");
1722 return;
1723 }
1724 if ((cmd->level & TROJANSCAN_ACL_STAFF) && !TrojanscanIsLeastStaff(level)) {
1725 trojanscan_reply(sender, "Access denied.");
1726 return;
1727 }
1728 if ((cmd->level & TROJANSCAN_ACL_CAT) && !TrojanscanIsCat(level)) {
1729 trojanscan_reply(sender, "Access denied.");
1730 return;
1731 }
1732 if ((cmd->level & TROJANSCAN_ACL_WEBSITE) && !TrojanscanIsLeastWebsite(level)) {
1733 trojanscan_reply(sender, "Access denied.");
1734 return;
1735 }
1736 }
1737
1738 /* Check the maxargs */
1739 if (cmd->maxparams<(cargc-1)) {
1740 /* We need to do some rejoining */
1741 rejoinline(cargv[cmd->maxparams], cargc-(cmd->maxparams));
1742 cargc = (cmd->maxparams) + 1;
1743 }
1744
1745 (cmd->handler)((void *)sender, cargc - 1, &(cargv[1]));
1746 break;
1747
1748 case LU_KILLED:
1749 /* someone killed me? Bastards */
1750 trojanscan_connect_nick_schedule = scheduleoneshot(time(NULL) + 1, &trojanscan_connect_nick, NULL);
1751 trojanscan_nick = NULL;
1752 break;
1753
1754 default:
1755 break;
1756 }
1757 }
1758
1759 static char trojanscan_getmtfromhooktype(int input) {
1760 switch(input) {
1761 case HOOK_CHANNEL_PART: return 'P';
1762 default: return '?';
1763 }
1764 }
1765
1766 char trojanscan_getmtfrommessagetype(int input) {
1767 switch(input) {
1768 case LU_PRIVMSG: return 'm';
1769 case LU_PRIVNOTICE: return 'n';
1770 case LU_SECUREMSG: return 's';
1771 case LU_CHANMSG: return 'M';
1772 case LU_CHANNOTICE: return 'N';
1773 default: return '?';
1774 }
1775 }
1776
1777 static void trojanscan_process(nick *sender, channel *cp, char mt, char *pretext) {
1778 char text[513];
1779 unsigned int len;
1780 unsigned int i;
1781 struct trojanscan_worms *worm;
1782 int vector[30], detected = 0;
1783
1784 trojanscan_strip_codes(text, sizeof(text) - 1, pretext);
1785
1786 len = strlen(text);
1787
1788 for(i=0;i<trojanscan_database.total_phrases;i++) {
1789 if (
1790 (
1791 (worm = trojanscan_database.phrases[i].worm)
1792 ) &&
1793 (
1794 (
1795 (
1796 (mt == 'm') || (mt == 's') || (mt == 'n')
1797 ) &&
1798 (
1799 (trojanscan_database.phrases[i].worm->hitpriv)
1800 )
1801 ) ||
1802 (
1803 (
1804 (mt == 'M') || (mt == 'N') || (mt == 'P')
1805 ) &&
1806 (
1807 (trojanscan_database.phrases[i].worm->hitchans)
1808 )
1809 )
1810 ) &&
1811 (trojanscan_database.phrases[i].phrase)
1812 ) {
1813 int pre = pcre_exec(trojanscan_database.phrases[i].phrase, trojanscan_database.phrases[i].hint, text, len, 0, 0, vector, 30);
1814 if(pre >= 0) {
1815 char matchbuf[513];
1816 matchbuf[0] = 0;
1817 matchbuf[512] = 0; /* hmm */
1818
1819 if(pre > 1)
1820 if(pcre_copy_substring(text, vector, pre, 1, matchbuf, sizeof(matchbuf) - 1) <= 0)
1821 matchbuf[0] = 0;
1822
1823 trojanscan_phrasematch(cp, sender, &trojanscan_database.phrases[i], mt, matchbuf);
1824
1825 detected = 1;
1826 break;
1827 }
1828 }
1829 }
1830 if (!detected && (mt != 'N') && (mt != 'M')) {
1831 char etext[TROJANSCAN_QUERY_TEMP_BUF_SIZE], enick[TROJANSCAN_QUERY_TEMP_BUF_SIZE], eident[TROJANSCAN_QUERY_TEMP_BUF_SIZE], ehost[TROJANSCAN_QUERY_TEMP_BUF_SIZE];
1832 trojanscan_database_escape_string(etext, text, len);
1833 trojanscan_database_escape_string(enick, sender->nick, strlen(sender->nick));
1834 trojanscan_database_escape_string(eident, sender->ident, strlen(sender->ident));
1835 trojanscan_database_escape_string(ehost, sender->host->name->content, sender->host->name->length);
1836 trojanscan_database_query("INSERT INTO unknownlog (data, user) VALUES ('%s','%s!%s@%s')", etext, enick, eident, ehost);
1837 }
1838 }
1839
1840 void trojanscan_clonehandlemessages(nick *target, int messagetype, void **args) {
1841 char *pretext = NULL;
1842 nick *sender;
1843 struct trojanscan_realchannels *rp;
1844 struct trojanscan_rejoinlist *rj;
1845 char mt = trojanscan_getmtfrommessagetype(messagetype);
1846 char *channel_name;
1847 channel *cp = NULL;
1848 int i;
1849
1850 switch(messagetype) {
1851 case LU_PRIVMSG:
1852 case LU_SECUREMSG:
1853 case LU_PRIVNOTICE:
1854
1855 pretext = (char *)args[1];
1856
1857 case LU_CHANMSG:
1858 case LU_CHANNOTICE:
1859 sender = (nick *)args[0];
1860
1861 if (strlen(sender->nick) < 2)
1862 break;
1863
1864 if (!pretext) {
1865 pretext = (char *)args[2];
1866 cp = args[1];
1867 }
1868
1869 if(strncmp(TROJANSCAN_VERSION_DETECT, pretext, sizeof(TROJANSCAN_VERSION_DETECT)-1)==0) {
1870 char p = pretext[sizeof(TROJANSCAN_VERSION_DETECT)-1];
1871 if((p == ' ') || (p == '\0') || (p == 1)) {
1872 int staff = 0;
1873 if (IsOper(sender)) {
1874 staff = 1;
1875 } else {
1876 if (IsAccount(sender)) {
1877 int templevel = trojanscan_user_level_by_authname(sender->authname);
1878 if (templevel != -1) {
1879 union trojanscan_userlevel level;
1880 level.number = templevel;
1881 if (TrojanscanIsLeastStaff(level))
1882 staff = 1;
1883 }
1884 }
1885 }
1886 if (staff) {
1887 if(trojanscan_nick) {
1888 sendnoticetouser(target, sender, "\001VERSION T clone, check T for confirmation.\001");
1889 sendnoticetouser(trojanscan_nick, sender, "\001VERSION %s is part of my swarm.\001", target->nick);
1890 } else {
1891 sendnoticetouser(target, sender, "\001VERSION T clone, though since T is currently gone you'll have to version me again in a minute for confirmation.\001");
1892 }
1893 } else {
1894 sendnoticetouser(target, sender, "\001VERSION %s\001", versionreply);
1895 }
1896
1897 return;
1898 }
1899 }
1900
1901 trojanscan_process(sender, cp, mt, pretext);
1902 break;
1903 case LU_KILLED:
1904 /* someone killed me? Bastards */
1905
1906 /* PPA: we do NOT rejoin channels at this moment in time, it is possible to do this though */
1907 for (i=0;i<TROJANSCAN_CLONE_TOTAL;i++) {
1908 if (trojanscan_swarm[i].clone == target) {
1909
1910 scheduleoneshot(time(NULL)+1, &trojanscan_generateclone, (void *)((long)i));
1911 if(i >= TROJANSCAN_CLONE_MAX) {
1912 int j;
1913 for(j=0;j<trojanscan_activechans;j++)
1914 if(trojanscan_chans[j].watch_clone == &trojanscan_swarm[i])
1915 trojanscan_chans[j].watch_clone = NULL;
1916 } else {
1917 for(rp=trojanscan_realchanlist;rp;rp=rp->next)
1918 if ((rp->clone == &(trojanscan_swarm[i])))
1919 rp->donotpart = 1;
1920 }
1921 derefnode(iptree, trojanscan_swarm[i].fakeipnode);
1922 trojanscan_swarm[i].clone = NULL;
1923 trojanscan_swarm[i].remaining = 0; /* bah */
1924 break;
1925 }
1926 }
1927 break;
1928
1929 case LU_KICKED:
1930 channel_name = ((channel *)args[1])->index->name->content;
1931 for (i=0;i<trojanscan_activechans;i++) {
1932 if (!trojanscan_chans[i].watch_clone)
1933 continue;
1934 if ((trojanscan_chans[i].watch_clone->clone == target) && (!strcmp(trojanscan_chans[i].channel->content, channel_name)))
1935 break;
1936 }
1937 if(i != trojanscan_activechans) {
1938 int j;
1939 for(j=0;j<TROJANSCAN_CLONE_TOTAL;j++) {
1940 if(&trojanscan_swarm[j] == trojanscan_chans[i].watch_clone) {
1941 trojanscan_chans[i].watch_clone = NULL;
1942 break;
1943 }
1944 }
1945 } else {
1946 /*
1947 trojanscan_mainchanmsg("k: %s on %s by %s", target->nick, ((channel *)args[1])->index->name->content, (((nick *)args[0])->nick)?(((nick *)args[0])->nick):"(server)");
1948 */
1949 rj = (struct trojanscan_rejoinlist *)tmalloc(sizeof(struct trojanscan_rejoinlist));
1950 if (rj) {
1951 rj->rp = NULL;
1952 for(rp=trojanscan_realchanlist;rp;rp=rp->next)
1953 if ((rp->clone->clone == target) && (rp->chan == args[1])) {
1954 rp->kickedout++;
1955 rj->rp = rp;
1956 break;
1957 }
1958 if(!rj->rp) {
1959 tfree(rj);
1960 return;
1961 }
1962
1963 rj->channel = getsstring(((channel *)args[1])->index->name->content, ((channel *)args[1])->index->name->length);
1964 if(!rj->channel) {
1965 trojanscan_mainchanmsg("d: unable to allocate memory for channel: %s upon rejoin", ((channel *)args[1])->index->name->content);
1966 tfree(rj);
1967 return;
1968 }
1969
1970 rj->clone = rp->clone;
1971 rj->next = trojanscan_schedulerejoins;
1972 trojanscan_schedulerejoins = rj;
1973
1974 rj->schedule = scheduleoneshot(time(NULL)+1, &trojanscan_rejoin_channel, (void *)rj);
1975 }
1976 }
1977 break;
1978 default:
1979 break;
1980 }
1981 }
1982
1983 static void trojanscan_part_watch(int hook, void *arg) {
1984 void **arglist = (void **)arg;
1985 channel *cp = (channel *)arglist[0];
1986 nick *np = arglist[1];
1987 char *reason = arglist[2];
1988
1989 if(!cp || !np || !reason || (*reason == '\0'))
1990 return;
1991
1992 trojanscan_process(np, cp, trojanscan_getmtfromhooktype(hook), reason);
1993 }
1994
1995 static int trojanscan_hostcount(nick *sender, int hostmode, char *mask, int masklen) {
1996 int usercount = 0, j;
1997 nick *np = NULL; /* sigh at warnings */
1998
1999 if(hostmode)
2000 for (j=0;j<NICKHASHSIZE;j++)
2001 for (np=nicktable[j];np;np=np->next)
2002 if (np->ipnode==sender->ipnode)
2003 usercount++;
2004
2005 if(usercount > TROJANSCAN_MAX_HOST_GLINE) {
2006 hostmode = 0;
2007 usercount = 0;
2008 }
2009
2010 if(!hostmode)
2011 for (j=0;j<NICKHASHSIZE;j++)
2012 for (np=nicktable[j];np;np=np->next)
2013 if (np->ipnode==sender->ipnode && !ircd_strcmp(np->ident, sender->ident))
2014 usercount++;
2015
2016 if(mask)
2017 snprintf(mask, masklen, "%s@%s", hostmode?"*":sender->ident, IPtostr(sender->p_ipaddr));
2018
2019 return usercount;
2020 }
2021
2022 void trojanscan_phrasematch(channel *chp, nick *sender, trojanscan_phrases *phrase, char messagetype, char *matchbuf) {
2023 char glinemask[HOSTLEN + USERLEN + NICKLEN + 4], enick[TROJANSCAN_QUERY_TEMP_BUF_SIZE], eident[TROJANSCAN_QUERY_TEMP_BUF_SIZE], ehost[TROJANSCAN_QUERY_TEMP_BUF_SIZE];
2024 unsigned int frequency;
2025 int glining = 0, usercount;
2026 struct trojanscan_worms *worm = phrase->worm;
2027
2028 trojanscan_database.detections++;
2029
2030 usercount = 0;
2031 if (worm->monitor) {
2032 usercount = -1;
2033 } else if(worm->glinehost || worm->glineuser) {
2034 glining = 1;
2035
2036 usercount = trojanscan_hostcount(sender, worm->glinehost, glinemask, sizeof(glinemask));
2037 }
2038
2039 if (!usercount) {
2040 trojanscan_mainchanmsg("w: user %s!%s@%s triggered infection monitor, yet no hosts found at stage 2 -- worm: %s", sender->nick, sender->ident, sender->host->name->content, worm->name->content);
2041 return;
2042 }
2043
2044 if (glining && (usercount > trojanscan_maxusers)) {
2045 trojanscan_mainchanmsg("w: not glining %s!%s@%s due to too many users (%d) with mask: *!%s -- worm: %s)", sender->nick, sender->ident, sender->host->name->content, usercount, glinemask, worm->name->content);
2046 return;
2047 }
2048
2049 if (glining && !worm->datalen) {
2050 trojanscan_mainchanmsg("w: not glining %s!%s@%s due to too lack of removal data with mask: *!%s (%d users) -- worm: %s)", sender->nick, sender->ident, sender->host->name->content, glinemask, usercount, worm->name->content);
2051 return;
2052 }
2053
2054 trojanscan_database_escape_string(enick, sender->nick, strlen(sender->nick));
2055 trojanscan_database_escape_string(eident, sender->ident, strlen(sender->ident));
2056 trojanscan_database_escape_string(ehost, sender->host->name->content, sender->host->name->length);
2057
2058 frequency = 1;
2059
2060 if (!(trojanscan_database_query("SELECT COUNT(*) FROM hits WHERE glined = %d AND host = '%s'", glining, ehost))) {
2061 trojanscan_database_res *res;
2062 if ((res = trojanscan_database_store_result(&trojanscan_sql))) {
2063 trojanscan_database_row sqlrow;
2064 if ((trojanscan_database_num_rows(res) > 0) && (sqlrow = trojanscan_database_fetch_row(res)))
2065 frequency = atoi(sqlrow[0]) + 1;
2066 trojanscan_database_free_result(res);
2067 }
2068 }
2069
2070 if (!glining) {
2071 trojanscan_mainchanmsg("m: t: %c u: %s!%s@%s%s%s w: %s p: %d %s%s", messagetype, sender->nick, sender->ident, sender->host->name->content, messagetype=='N'||messagetype=='M'||messagetype=='P'?" #: ":"", messagetype=='N'||messagetype=='M'||messagetype=='P'?chp->index->name->content:"", worm->name->content, phrase->id, matchbuf[0]?" --: ":"", matchbuf[0]?matchbuf:"");
2072 #ifdef TROJANSCAN_PEONCHANNEL
2073 trojanscan_peonchanmsg("m: t: %c u: %s!%s@%s%s%s%s w: %s %s%s", messagetype, sender->nick, sender->ident, (IsHideHost(sender)&&IsAccount(sender))?sender->authname:sender->host->name->content, (IsHideHost(sender)&&IsAccount(sender))?"."HIS_HIDDENHOST:"", messagetype=='N'||messagetype=='M'||messagetype=='P'?" #: ":"", messagetype=='N'||messagetype=='M'||messagetype=='P'?chp->index->name->content:"", worm->name->content, matchbuf[0]?" --: ":"", matchbuf[0]?matchbuf:"");
2074 #endif
2075 } else {
2076 int glinetime = TROJANSCAN_FIRST_OFFENSE * frequency * (worm->epidemic?TROJANSCAN_EPIDEMIC_MULTIPLIER:1);
2077 if(glinetime > 7 * 24)
2078 glinetime = 7 * 24; /* can't set glines over 7 days with normal non U:lined glines */
2079
2080 trojanscan_database_query("INSERT INTO hits (nickname, ident, host, phrase, messagetype, glined) VALUES ('%s', '%s', '%s', %d, '%c', %d)", enick, eident, ehost, phrase->id, messagetype, glining);
2081 trojanscan_database.glines++;
2082
2083 irc_send("%s GL * +%s %d %d :You (%s!%s@%s) are infected with a trojan (%s/%d), see %s%d for details - banned for %d hours\r\n", mynumeric->content, glinemask, glinetime * 3600, time(NULL), sender->nick, sender->ident, sender->host->name->content, worm->name->content, phrase->id, TROJANSCAN_URL_PREFIX, worm->id, glinetime);
2084
2085 trojanscan_mainchanmsg("g: *!%s t: %c u: %s!%s@%s%s%s c: %d w: %s%s p: %d f: %d%s%s", glinemask, messagetype, sender->nick, sender->ident, sender->host->name->content, messagetype=='N'||messagetype=='M'||messagetype=='P'?" #: ":"", messagetype=='N'||messagetype=='M'||messagetype=='P'?chp->index->name->content:"", usercount, worm->name->content, worm->epidemic?"(E)":"", phrase->id, frequency, matchbuf[0]?" --: ":"", matchbuf[0]?matchbuf:"");
2086 }
2087 }
2088
2089 void trojanscan_rejoin_channel(void *arg) {
2090 struct trojanscan_rejoinlist *rj2, *lrj, *rj = (struct trojanscan_rejoinlist *)arg;
2091
2092 channel *cp = findchannel(rj->channel->content);
2093 freesstring(rj->channel);
2094
2095 if (rj->rp) {
2096 rj->rp->kickedout--;
2097 if (!cp) {
2098 rj->rp->donotpart = 1; /* we were the last user on the channel, so we need to be VERY careful freeing it */
2099 } else {
2100 if(!rj->rp->donotpart && !rj->rp->kickedout) { /* check we're allowed to join channels (not killed), and we're the last one to join */
2101 if (trojanscan_nickbanned(rj->clone, cp)) {
2102 rj->rp->donotpart = 1;
2103 } else {
2104 localjoinchannel(rj->clone->clone, cp);
2105 }
2106 }
2107 }
2108 }
2109
2110 rj2 = trojanscan_schedulerejoins;
2111 lrj = NULL;
2112
2113 if (rj2 == rj) {
2114 trojanscan_schedulerejoins = rj->next;
2115 tfree(rj);
2116 } else {
2117 for(rj2=trojanscan_schedulerejoins;rj2;lrj=rj2,rj2=rj2->next) {
2118 if (rj2 == rj) {
2119 lrj->next = rj2->next;
2120 tfree(rj);
2121 break;
2122 }
2123 }
2124 }
2125
2126 }
2127
2128 void trojanscan_reply(nick *target, char *message, ... ) {
2129 char buf[513];
2130 va_list va;
2131
2132 if (!trojanscan_nick)
2133 return;
2134
2135 va_start(va, message);
2136 vsnprintf(buf, sizeof(buf) - 1, message, va);
2137 va_end(va);
2138
2139 sendnoticetouser(trojanscan_nick, target, "%s", buf);
2140 }
2141
2142
2143 void trojanscan_mainchanmsg(char *message, ...) {
2144 char buf[513];
2145 va_list va;
2146 channel *cp;
2147
2148 if (!trojanscan_nick)
2149 return;
2150 if (!(cp = findchannel(TROJANSCAN_CHANNEL)))
2151 return;
2152
2153 va_start(va, message);
2154 vsnprintf(buf, sizeof(buf) - 1, message, va);
2155 va_end(va);
2156
2157 sendmessagetochannel(trojanscan_nick, cp, "%s", buf);
2158 }
2159
2160 #ifdef TROJANSCAN_PEONCHANNEL
2161 void trojanscan_peonchanmsg(char *message, ...) {
2162 char buf[513];
2163 va_list va;
2164 channel *cp;
2165
2166 if (!trojanscan_nick)
2167 return;
2168 if (!(cp = findchannel(TROJANSCAN_PEONCHANNEL)))
2169 return;
2170
2171 va_start(va, message);
2172 vsnprintf(buf, sizeof(buf) - 1, message, va);
2173 va_end(va);
2174
2175 sendmessagetochannel(trojanscan_nick, cp, "%s", buf);
2176 }
2177 #endif
2178
2179 int trojanscan_minmaxrand(float min, float max) {
2180 return (int)((max-min+1)*rand()/(RAND_MAX+min))+min;
2181 }
2182
2183 char *trojanscan_iptostr(char *buf, int buflen, unsigned int ip) {
2184 snprintf(buf, buflen, "%d.%d.%d.%d", ip >> 24, (ip >> 16) & 255, (ip >> 8) & 255, ip & 255);
2185 return buf;
2186 }
2187
2188 char trojanscan_genchar(int ty) {
2189 /* hostname and realname characters*/
2190 if (!ty) {
2191 if (!(trojanscan_minmaxrand(0, 40) % 10)) {
2192 return trojanscan_minmaxrand(48, 57);
2193 } else {
2194 return trojanscan_minmaxrand(97, 122);
2195 }
2196 /* ident characters - without numbers*/
2197 } else if (ty == 1) {
2198 return trojanscan_minmaxrand(97, 122);
2199 /* ident characters - with numbers*/
2200 } else if (ty == 2) {
2201 ty = trojanscan_minmaxrand(97, 125);
2202 if (ty > 122) return trojanscan_minmaxrand(48, 57);
2203 return ty;
2204 /* nick characters - with and without numbers*/
2205 } else if (ty == 3 || ty == 4) {
2206 if (!(trojanscan_minmaxrand(0, 59) % 16)) {
2207 char weirdos[6] = { '\\', '|', '[', '{', ']', '}' };
2208 return weirdos[trojanscan_minmaxrand(0, 5)];
2209 }
2210 if (ty == 4) {
2211 ty = trojanscan_minmaxrand(65, 93);
2212 if (ty > 90) return trojanscan_minmaxrand(48, 57);
2213 } else {
2214 ty = trojanscan_minmaxrand(65, 90);
2215 }
2216 if (!(trojanscan_minmaxrand(0, 40) % 8)) return ty;
2217 return ty + 32;
2218 /* moron check */
2219 } else {
2220 return ' ';
2221 }
2222 }
2223
2224 void trojanscan_gennick(char *ptc, char size) {
2225 int i;
2226 for (i=0;i<size;i++) {
2227 if (i == 0) {
2228 ptc[i] = trojanscan_genchar(3);
2229 } else {
2230 ptc[i] = trojanscan_genchar(4);
2231 }
2232 }
2233 ptc[i] = '\0';
2234 }
2235
2236 void trojanscan_genident(char *ptc, char size) {
2237 int i;
2238 for (i=0;i<size;i++) {
2239 if (i == 0) {
2240 ptc[i] = trojanscan_genchar(1);
2241 } else {
2242 ptc[i] = trojanscan_genchar(2);
2243 }
2244 }
2245 ptc[i] = '\0';
2246 }
2247
2248 void trojanscan_genhost(char *ptc, char size, patricia_node_t **fakeipnode) {
2249 int dots = trojanscan_minmaxrand(2, 5), i, dotexist = 0, cur;
2250 struct irc_in_addr ipaddress;
2251
2252 while (!dotexist) {
2253 for (i=0;i<size;i++) {
2254 ptc[i] = trojanscan_genchar(0);
2255 if ((i > 5) && (i < (size-4))) {
2256 if ((ptc[i-1] != '.') && (ptc[i-1] != '-')) {
2257 cur = trojanscan_minmaxrand(1,size / dots);
2258 if (cur < 3) {
2259 if (cur == 1) {
2260 ptc[i] = '.';
2261 dotexist = 1;
2262 } else {
2263 ptc[i] = '-';
2264 }
2265 }
2266 }
2267 }
2268 }
2269 }
2270 ptc[i] = '\0';
2271
2272 memset(&ipaddress, 0, sizeof(ipaddress));
2273 ((unsigned short *)(ipaddress.in6_16))[5] = 65535;
2274 ((unsigned short *)(ipaddress.in6_16))[6] = trojanscan_minmaxrand(0, 65535);
2275 ((unsigned short *)(ipaddress.in6_16))[7] = trojanscan_minmaxrand(0, 65535);
2276
2277 *fakeipnode = refnode(iptree, &ipaddress, PATRICIA_MAXBITS);
2278 }
2279
2280 void trojanscan_genreal(char *ptc, char size) {
2281 int spaces = trojanscan_minmaxrand(2, 4), i;
2282 for (i=0;i<size;i++) {
2283 ptc[i] = trojanscan_genchar(0);
2284 if ((i > 5) && (i < (size-4))) {
2285 if (ptc[i-1] != ' ') {
2286 if (trojanscan_minmaxrand(1,size / spaces) == 1) ptc[i] = ' ';
2287 }
2288 }
2289 }
2290 ptc[i] = '\0';
2291 }
2292
2293 int trojanscan_is_not_octet(char *begin, int length) {
2294 int i;
2295 if(length > 3)
2296 return 0;
2297 for(i=0;i<length;i++) {
2298 if (!((*begin >= '0') && (*begin <= '9')))
2299 return 0;
2300 begin++;
2301 }
2302 return 1;
2303 }
2304
2305 int trojanscan_generatepool(void) {
2306 int i, k = 0, j = 0, loops = 0;
2307 char *p, *pp;
2308 nick *np;
2309
2310 for (i=0;i<NICKHASHSIZE;i++)
2311 for (np=nicktable[i];np;np=np->next)
2312 j++;
2313
2314 if(j < trojanscan_min_hosts)
2315 return 0;
2316
2317 if(TROJANSCAN_HOST_MODE == TROJANSCAN_STEAL_HOST)
2318 return TROJANSCAN_MINPOOLSIZE;
2319
2320 i = 0;
2321 do {
2322 for (j=trojanscan_minmaxrand(0, NICKHASHSIZE-1);j<NICKHASHSIZE;j++) {
2323 if (nicktable[j]) {
2324 for(p=nicktable[j]->host->name->content, pp=p;*p;) {
2325 if (*++p == '.') {
2326 if (!trojanscan_is_not_octet(pp, p-pp)) {
2327 if (i < TROJANSCAN_POOLSIZE) {
2328 if (i < trojanscan_hostpoolsize)
2329 freesstring(trojanscan_hostpool[i]);
2330 trojanscan_hostpool[i] = getsstring(pp, p-pp);
2331 i++;
2332 } else {
2333 if (k >= TROJANSCAN_POOLSIZE)
2334 break;
2335 }
2336 }
2337 pp=++p;
2338 }
2339 }
2340 if (!trojanscan_is_not_octet(pp, p-pp)) {
2341 if (k < TROJANSCAN_POOLSIZE) {
2342 if (k < trojanscan_tailpoolsize)
2343 freesstring(trojanscan_tailpool[k]);
2344 trojanscan_tailpool[k] = getsstring(pp, p-pp);
2345 k++;
2346 } else {
2347 if (i >= TROJANSCAN_POOLSIZE)
2348 break;
2349 }
2350 }
2351 }
2352 }
2353 loops++;
2354 } while ((loops < 5) && ((i < TROJANSCAN_POOLSIZE) || (k < TROJANSCAN_POOLSIZE)));
2355
2356 trojanscan_hostpoolsize = i;
2357 trojanscan_tailpoolsize = k;
2358 return i;
2359 }
2360
2361 nick *trojanscan_selectuser(void) {
2362 int target = trojanscan_minmaxrand(0, 500), loops = 150, j;
2363 nick *np;
2364 do {
2365 for (j=trojanscan_minmaxrand(0, NICKHASHSIZE-1);j<NICKHASHSIZE;j++)
2366 for(np=nicktable[j];np;np=np->next)
2367 if (!--target)
2368 return np;
2369 } while(--loops > 0);
2370 return NULL;
2371 }
2372
2373 host *trojanscan_selecthost(void) {
2374 int target = trojanscan_minmaxrand(0, 500), loops = 150, j;
2375 host *hp;
2376 do {
2377 for (j=trojanscan_minmaxrand(0, HOSTHASHSIZE-1);j<HOSTHASHSIZE;j++)
2378 for(hp=hosttable[j];hp;hp=hp->next)
2379 if (!--target)
2380 return hp;
2381 } while(--loops > 0);
2382
2383 return NULL;
2384 }
2385
2386 void trojanscan_generatehost(char *buf, int maxsize, patricia_node_t **fakeip) {
2387 struct irc_in_addr ipaddress;
2388
2389 if(TROJANSCAN_HOST_MODE == TROJANSCAN_STEAL_HOST) {
2390 host *hp;
2391 int loops = 20;
2392
2393 buf[0] = '\0';
2394
2395 do {
2396 hp = trojanscan_selecthost();
2397 if(hp && (hp->clonecount <= TROJANSCAN_MAX_CLONE_COUNT) && !trojanscan_isip(hp->name->content)) {
2398 strlcpy(buf, hp->name->content, maxsize + 1);
2399 if(hp->nicks) {
2400 *fakeip = hp->nicks->ipnode;
2401 patricia_ref_prefix(hp->nicks->ipnode->prefix);
2402 } else {
2403 memset(&ipaddress, 0, sizeof(ipaddress));
2404 ((unsigned short *)(ipaddress.in6_16))[5] = 65535;
2405 ((unsigned short *)(ipaddress.in6_16))[6] = trojanscan_minmaxrand(0, 65535);
2406 ((unsigned short *)(ipaddress.in6_16))[7] = trojanscan_minmaxrand(0, 65535);
2407
2408 *fakeip = refnode(iptree, &ipaddress, PATRICIA_MAXBITS);
2409 }
2410 break;
2411 }
2412 } while(--loops > 0);
2413 } else {
2414 char *cpos;
2415 int pieces = trojanscan_minmaxrand(2, 4), totallen = 0, a = 0, i;
2416 int *choices = tmalloc(sizeof(int) * (pieces + 1));
2417 int *lengths = tmalloc(sizeof(int) * (pieces + 1));
2418
2419 choices[pieces] = trojanscan_minmaxrand(0, trojanscan_tailpoolsize-1);
2420 lengths[pieces] = strlen(trojanscan_tailpool[choices[pieces]]->content) + 1;
2421 totallen += lengths[pieces];
2422
2423 for (i=0;i<pieces;i++) {
2424 choices[i] = trojanscan_minmaxrand(0, trojanscan_hostpoolsize-1);
2425 lengths[i] = strlen(trojanscan_hostpool[choices[i]]->content) + 1;
2426 if (totallen+lengths[i] > maxsize) {
2427 choices[i] = choices[pieces];
2428 lengths[i] = lengths[pieces];
2429 pieces-=(pieces-i);
2430 break;
2431 }
2432 totallen += lengths[i];
2433 }
2434
2435 for (i=0;i<pieces;i++) {
2436 for (cpos=trojanscan_hostpool[choices[i]]->content; *cpos;)
2437 buf[a++] = *cpos++;
2438 buf[a++] = '.';
2439 }
2440
2441 for (cpos=trojanscan_tailpool[choices[i]]->content; *cpos;) {
2442 buf[a++] = *cpos++;
2443 }
2444
2445 buf[a] = '\0';
2446 tfree(choices);
2447 tfree(lengths);
2448
2449 memset(&ipaddress, 0, sizeof(ipaddress));
2450 ((unsigned short *)(ipaddress.in6_16))[5] = 65535;
2451 ((unsigned short *)(ipaddress.in6_16))[6] = trojanscan_minmaxrand(0, 65535);
2452 ((unsigned short *)(ipaddress.in6_16))[7] = trojanscan_minmaxrand(0, 65535);
2453
2454 *fakeip = refnode(iptree, &ipaddress, PATRICIA_MAXBITS);
2455 }
2456 }
2457
2458 void trojanscan_generatenick(char *buf, int maxsize) {
2459 int bits = trojanscan_minmaxrand(2, 3), loops = 0, wanttocopy, len = 0, i, d = 0, newmaxsize = maxsize - trojanscan_minmaxrand(0, 7);
2460 nick *np;
2461
2462 if(newmaxsize > 2)
2463 maxsize = newmaxsize;
2464
2465 do {
2466 np = trojanscan_selectuser();
2467 if(np) {
2468 wanttocopy = trojanscan_minmaxrand(1, (strlen(np->nick) / 2) + 3);
2469 for(i=0;((i<wanttocopy) && (len<maxsize));i++)
2470 buf[len++] = np->nick[i];
2471 if(++d > bits) {
2472 buf[len] = '\0';
2473 return;
2474 }
2475 }
2476 } while (++loops < 10);
2477 buf[0] = '\0';
2478 }
2479
2480 void trojanscan_generateident(char *buf, int maxsize) {
2481 nick *np = trojanscan_selectuser();
2482 buf[0] = '\0';
2483 if(np)
2484 strlcpy(buf, np->ident, maxsize + 1);
2485 }
2486
2487 void trojanscan_generaterealname(char *buf, int maxsize) {
2488 nick *np = trojanscan_selectuser();
2489 buf[0] = '\0';
2490 if(np)
2491 strlcpy(buf, np->realname->name->content, maxsize + 1);
2492 }
2493
2494 void trojanscan_database_close(void) {
2495 mysql_close(&trojanscan_sql);
2496 }
2497
2498 int trojanscan_database_connect(char *dbhost, char *dbuser, char *dbpass, char *db, unsigned int port) {
2499 mysql_init(&trojanscan_sql);
2500 if (!mysql_real_connect(&trojanscan_sql, dbhost, dbuser, dbpass, db, port, NULL, 0))
2501 return -1;
2502 return 0;
2503 }
2504
2505 void trojanscan_database_escape_string(char *dest, char *source, size_t length) {
2506 mysql_escape_string(dest, source, length);
2507 }
2508
2509 int trojanscan_database_query(char *format, ...) {
2510 char trojanscan_sqlquery[TROJANSCAN_QUERY_BUF_SIZE];
2511 va_list va;
2512
2513 va_start(va, format);
2514 vsnprintf(trojanscan_sqlquery, sizeof(trojanscan_sqlquery) - 1, format, va);
2515 va_end(va);
2516 return mysql_query(&trojanscan_sql, trojanscan_sqlquery);
2517 }
2518
2519 int trojanscan_database_num_rows(trojanscan_database_res *res) {
2520 return mysql_num_rows(res);
2521 }
2522
2523 trojanscan_database_res *trojanscan_database_store_result() {
2524 return mysql_store_result(&trojanscan_sql);
2525 }
2526
2527 trojanscan_database_row trojanscan_database_fetch_row(trojanscan_database_res *res) {
2528 return mysql_fetch_row(res);
2529 }
2530
2531 void trojanscan_database_free_result(trojanscan_database_res *res) {
2532 mysql_free_result(res);
2533 }
2534
2535 int trojanscan_isip(char *host) {
2536 char *p = host, components = 0, length = 0;
2537
2538 for(;*p;p++) {
2539 if(*p == '.') {
2540 if(((!length) || (length = 0)) || (++components > 3))
2541 return 0;
2542 } else {
2543 if ((++length > 3) || !isdigit(*p))
2544 return 0;
2545 }
2546 }
2547 return components == 3;
2548 }
2549
Unnamed repository; edit this file 'description' to name the repository.