trusts/trusts_policy.c

   1 #include "../core/hooks.h"
   2 #include "../control/control.h"
   3 #include "../lib/irc_string.h"
   4 #include "trusts.h"
   5
   6 static int countext;
   7
   8 static void policycheck(int hooknum, void *arg) {
   9   void **args = arg;
  10   nick *np = args[0];
  11   long moving = (long)args[1];
  12   trusthost *th = gettrusthost(np);
  13   trustgroup *tg;
  14   patricia_node_t *node;
  15   int nodecount;
  16
  17   if(moving)
  18     return;
  19
  20   if(!th)
  21     return;
  22
  23   tg = th->group;
  24
  25   node = refnode(iptree, &th->ip, th->nodebits);
  26   nodecount = node->usercount;
  27   derefnode(iptree, node);
  28
  29   if(th->maxpernode && nodecount > th->maxpernode) {
  30     controlwall(NO_OPER, NL_TRUSTS, "Hard connection limit exceeded on IP: %s (group: %s) %d connected, %d max.", IPtostr(np->p_ipaddr), tg->name->content, np->ipnode->usercount, th->maxpernode);
  31     return;
  32   }
  33
  34   /*
  35    * the purpose of this logic is to avoid spam like this:
  36    * WARNING: tgX exceeded limit: 11 connected vs 10 max
  37    * (goes back down to 10)
  38    * WARNING: tgX exceeded limit: 11 connected vs 10 max
  39    */
  40
  41   if(hooknum == HOOK_TRUSTS_NEWNICK) {
  42     if(tg->trustedfor && tg->count > tg->trustedfor) {
  43 /*
  44       if(tg->count > (long)tg->exts[countext]) {
  45
  46         tg->exts[countext] = (void *)(long)tg->count;
  47 */
  48         controlwall(NO_OPER, NL_TRUSTS, "Hard connection limit exceeded: '%s', %d connected, %d max.", tg->name->content, tg->count, tg->trustedfor);
  49       }
  50 /*
  51     }
  52 */
  53     if((tg->mode == 1) && (np->ident[0] == '~'))
  54       controlwall(NO_OPER, NL_TRUSTS, "Ident required: '%s' %s!%s@%s.", tg->name->content, np->nick, np->ident, np->host->name->content);
  55
  56     if(tg->maxperident > 0) {
  57       int identcount = 0;
  58       trusthost *th2;
  59       nick *tnp;
  60
  61       for(th2=tg->hosts;th2;th2=th2->next) {
  62         for(tnp=th2->users;tnp;tnp=nextbytrust(tnp)) {
  63           if(!ircd_strcmp(tnp->ident, np->ident))
  64             identcount++;
  65         }
  66       }
  67
  68       if(identcount > tg->maxperident)
  69         controlwall(NO_OPER, NL_TRUSTS, "Hard ident limit exceeded: '%s' %s!%s@%s, %d connected, %d max.", tg->name->content, np->nick, np->ident, np->host->name->content, identcount, tg->maxperident);
  70     }
  71   } else {
  72     if(tg->count < tg->maxusage)
  73       tg->exts[countext] = (void *)(long)tg->count;
  74   }
  75 }
  76
  77 void _init(void) {
  78   countext = registertgext("count");
  79   if(countext == -1)
  80     return;
  81
  82   registerhook(HOOK_TRUSTS_NEWNICK, policycheck);
  83   registerhook(HOOK_TRUSTS_LOSTNICK, policycheck);
  84 }
  85
  86 void _fini(void) {
  87   if(countext == -1)
  88     return;
  89
  90   releasetgext(countext);
  91
  92   deregisterhook(HOOK_TRUSTS_NEWNICK, policycheck);
  93   deregisterhook(HOOK_TRUSTS_LOSTNICK, policycheck);
  94 }