]> jfr.im git - irc/quakenet/newserv.git/blob - trusts/trusts_policy.c
projects / irc / quakenet / newserv.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix incorrect variable name.
[irc/quakenet/newserv.git] / trusts / trusts_policy.c
1 #include <stdio.h>
2 #include <stdlib.h>
3 #include <stdarg.h>
4 #include <unistd.h>
5 #include <sys/types.h>
6 #include <sys/socket.h>
7 #include <netinet/in.h>
8
9 #ifndef __USE_MISC
10 #define __USE_MISC /* inet_aton */
11 #endif
12
13 #include <arpa/inet.h>
14 #include <sys/un.h>
15 #include <sys/poll.h>
16 #include <errno.h>
17 #include <fcntl.h>
18
19 #include "../lib/version.h"
20 #include "../lib/hmac.h"
21 #include "../core/events.h"
22 #include "../core/schedule.h"
23 #include "../core/nsmalloc.h"
24 #include "../core/hooks.h"
25 #include "../core/config.h"
26 #include "../control/control.h"
27 #include "../lib/irc_string.h"
28 #include "../irc/irc.h"
29 #include "../glines/glines.h"
30 #include "trusts.h"
31
32 MODULE_VERSION("");
33
34 static int countext, enforcepolicy_irc, enforcepolicy_auth;
35
36 #define TRUSTBUFSIZE 8192
37 #define TRUSTPASSLEN 128
38 #define NONCELEN 16
39
40 typedef struct trustsocket {
41 int fd;
42 int authed;
43 char authuser[SERVERLEN+1];
44 char buf[TRUSTBUFSIZE];
45 unsigned char nonce[NONCELEN];
46 int size;
47 time_t connected;
48 time_t timeout;
49 int accepted;
50 int rejected;
51
52 struct trustsocket *next;
53 } trustsocket;
54
55 static trustsocket *tslist;
56 static int listenerfd = -1;
57 static FILE *urandom;
58
59 typedef struct trustaccount {
60 int used;
61 char server[SERVERLEN+1];
62 char password[TRUSTPASSLEN+1];
63 } trustaccount;
64
65 trustaccount trustaccounts[MAXSERVERS];
66
67 static int checkconnectionth(const char *username, struct irc_in_addr *ip, trusthost *th, int hooknum, int usercountadjustment, char *message, size_t messagelen) {
68 trustgroup *tg;
69
70 if(messagelen>0)
71 message[0] = '\0';
72
73 if(!th || !trustsdbloaded)
74 return POLICY_SUCCESS;
75
76 tg = th->group;
77
78 /*
79 * the purpose of this logic is to avoid spam like this:
80 * WARNING: tgX exceeded limit: 11 connected vs 10 max
81 * (goes back down to 10)
82 * WARNING: tgX exceeded limit: 11 connected vs 10 max
83 */
84
85 if(hooknum == HOOK_TRUSTS_NEWNICK) {
86 patricia_node_t *node;
87 int nodecount = 0;
88
89 node = refnode(iptree, ip, th->nodebits);
90 nodecount = node->usercount;
91 derefnode(iptree, node);
92
93 if(th->maxpernode && nodecount + usercountadjustment > th->maxpernode) {
94 controlwall(NO_OPER, NL_CLONING, "Hard connection limit exceeded on subnet: %s (group: %s): %d connected, %d max.", CIDRtostr(*ip, th->nodebits), tg->name->content, nodecount + usercountadjustment, th->maxpernode);
95 snprintf(message, messagelen, "Too many connections from your host (%s) - see https://www.quakenet.org/help/trusts/connection-limit for details.", IPtostr(*ip));
96 return POLICY_FAILURE_NODECOUNT;
97 }
98
99 if(tg->trustedfor && tg->count + usercountadjustment > tg->trustedfor) {
100 if(tg->count > (long)tg->exts[countext]) {
101 tg->exts[countext] = (void *)(long)tg->count;
102
103 controlwall(NO_OPER, NL_CLONING, "Hard connection limit exceeded (group %s): %d connected, %d max.", tg->name->content, tg->count + usercountadjustment, tg->trustedfor);
104 snprintf(message, messagelen, "Too many connections from your trust (%s) - see https://www.quakenet.org/help/trusts/connection-limit for details.", IPtostr(*ip));
105 }
106
107 snprintf(message, messagelen, "Too many connections from your trust (%s) - see https://www.quakenet.org/help/trusts/connection-limit for details.", IPtostr(*ip));
108 return POLICY_FAILURE_GROUPCOUNT;
109 }
110
111 if((tg->flags & TRUST_ENFORCE_IDENT) && (username[0] == '~')) {
112 controlwall(NO_OPER, NL_CLONING, "Ident required: %s@%s (group: %s).", username, IPtostr(*ip), tg->name->content);
113 snprintf(message, messagelen, "IDENTD required from your host (%s) - see https://www.quakenet.org/help/trusts/connection-limit for details.", IPtostr(*ip));
114 return POLICY_FAILURE_IDENTD;
115 }
116
117 if(tg->maxperident > 0) {
118 int identcount = 0;
119 trusthost *th2;
120 nick *tnp;
121
122 for(th2=tg->hosts;th2;th2=th2->next) {
123 for(tnp=th2->users;tnp;tnp=nextbytrust(tnp)) {
124 if(!ircd_strcmp(tnp->ident, username))
125 identcount++;
126 }
127 }
128
129 if(identcount + usercountadjustment > tg->maxperident) {
130 controlwall(NO_OPER, NL_CLONING, "Hard ident limit exceeded: %s@%s (group: %s): %d connected, %d max.", username, IPtostr(*ip), tg->name->content, identcount + usercountadjustment, tg->maxperident);
131 snprintf(message, messagelen, "Too many connections from your username (%s@%s) - see https://www.quakenet.org/help/trusts/connection-limit for details.", username, IPtostr(*ip));
132 return POLICY_FAILURE_IDENTCOUNT;
133 }
134 }
135 } else {
136 if(tg->count < tg->maxusage)
137 tg->exts[countext] = (void *)(long)tg->count;
138 }
139
140 if(tg->trustedfor > 0)
141 snprintf(message, messagelen, "Trust has %d out of %d allowed connections.", tg->count + usercountadjustment, tg->trustedfor);
142
143 return POLICY_SUCCESS;
144 }
145
146 static int checkconnection(const char *username, struct irc_in_addr *ip, int hooknum, int cloneadjustment, char *message, size_t messagelen) {
147 struct irc_in_addr ip_canonicalized;
148 ip_canonicalize_tunnel(&ip_canonicalized, ip);
149
150 return checkconnectionth(username, &ip_canonicalized, th_getbyhost(&ip_canonicalized), hooknum, cloneadjustment, message, messagelen);
151 }
152
153 static int trustdowrite(trustsocket *sock, char *format, ...) {
154 char buf[1024];
155 va_list va;
156 int r;
157
158 va_start(va, format);
159 r = vsnprintf(buf, sizeof(buf), format, va);
160 va_end(va);
161
162 if(r >= sizeof(buf))
163 r = sizeof(buf) - 1;
164
165 buf[r] = '\n';
166
167 if(write(sock->fd, buf, r + 1) != r + 1)
168 return 0;
169 return 1;
170 }
171
172 static int policycheck_auth(trustsocket *sock, const char *sequence_id, const char *username, const char *host) {
173 char message[512];
174 int verdict;
175 struct irc_in_addr ip;
176 unsigned char bits;
177
178 if(!ipmask_parse(host, &ip, &bits)) {
179 sock->accepted++;
180 return trustdowrite(sock, "PASS %s", sequence_id);
181 }
182
183 verdict = checkconnection(username, &ip, HOOK_TRUSTS_NEWNICK, 1, message, sizeof(message));
184
185 if(!enforcepolicy_auth)
186 verdict = POLICY_SUCCESS;
187
188 if (verdict == POLICY_SUCCESS) {
189 sock->accepted++;
190
191 if(message[0])
192 return trustdowrite(sock, "PASS %s %s", sequence_id, message);
193 else
194 return trustdowrite(sock, "PASS %s", sequence_id);
195 } else {
196 sock->rejected++;
197
198 controlwall(NO_OPER, NL_CLONING, "Rejected connection from %s@%s using IAuth: %s", username, host, message);
199 return trustdowrite(sock, "KILL %s %s", sequence_id, message);
200 }
201 }
202
203 static int trustkillconnection(trustsocket *sock, char *reason) {
204 trustdowrite(sock, "QUIT %s", reason);
205 return 0;
206 }
207
208 static void trustfreeconnection(trustsocket *sock, int unlink) {
209 trustsocket **pnext, *ts;
210
211 if(!unlink) {
212 controlwall(NO_OPER, NL_TRUSTS, "Lost connection on policy socket for '%s'.", sock->authed?sock->authuser:"<unauthenticated connection>");
213
214 deregisterhandler(sock->fd, 1);
215 nsfree(POOL_TRUSTS, sock);
216 return;
217 }
218
219 pnext = &tslist;
220
221 for(ts=*pnext;*pnext;pnext=&((*pnext)->next)) {
222 if(ts == sock) {
223 *pnext = sock->next;
224 trustfreeconnection(sock, 0);
225 break;
226 }
227 }
228 }
229
230 static int handletrustauth(trustsocket *sock, char *server_name, char *mac) {
231 int i;
232 char *password = NULL;
233 unsigned char digest[16];
234 char noncehexbuf[NONCELEN * 2 + 1];
235 char hexbuf[sizeof(digest) * 2 + 1];
236
237 for(i=0;i<MAXSERVERS;i++) {
238 if(trustaccounts[i].used && strcmp(trustaccounts[i].server, server_name) == 0) {
239 password = trustaccounts[i].password;
240 break;
241 }
242 }
243
244 if (!password) {
245 controlwall(NO_OPER, NL_TRUSTS, "Invalid servername for policy socket: '%s'", server_name);
246 return trustkillconnection(sock, "Invalid servername.");
247 }
248
249 hmacmd5 h;
250 hmacmd5_init(&h, (unsigned char *)password, strlen(password));
251 hmacmd5_update(&h, (unsigned char *)hmac_printhex(sock->nonce, noncehexbuf, NONCELEN), NONCELEN * 2);
252 hmacmd5_final(&h, digest);
253 if(hmac_strcmp(mac, hmac_printhex(digest, hexbuf, sizeof(digest)))) {
254 controlwall(NO_OPER, NL_TRUSTS, "Invalid password for policy socket with servername '%s'.", server_name);
255 return trustkillconnection(sock, "Bad MAC.");
256 }
257
258 sock->authed = 1;
259 strncpy(sock->authuser, server_name, SERVERLEN);
260
261 controlwall(NO_OPER, NL_TRUSTS, "Successful authentication for policy socket with servername '%s'.", server_name);
262 return trustdowrite(sock, "AUTHOK");
263 }
264
265 #define MAXTOKENS 10
266 static int handletrustline(trustsocket *sock, char *line) {
267 char *command, *p, *lastpos;
268 char *tokens[MAXTOKENS];
269 int tokensfound = -1;
270
271 for(command=lastpos=p=line;*p;p++) {
272 if(*p == ' ') {
273 *p = '\0';
274 if(tokensfound == MAXTOKENS)
275 return trustkillconnection(sock, "too many tokens");
276
277 if(tokensfound >= 0) {
278 tokens[tokensfound++] = lastpos;
279 } else {
280 tokensfound++;
281 }
282 lastpos = p + 1;
283 }
284 }
285 if(lastpos != p) {
286 if(tokensfound == MAXTOKENS)
287 return trustkillconnection(sock, "too many tokens");
288 tokens[tokensfound++] = lastpos;
289 }
290
291 if(!sock->authed && !strcmp("AUTH", command)) {
292 if(tokensfound != 2)
293 return trustkillconnection(sock, "incorrect arg count for command.");
294
295 return handletrustauth(sock, tokens[0], tokens[1]);
296 } else if(sock->authed && !strcmp("CHECK", command)) {
297 if(tokensfound != 3)
298 return trustkillconnection(sock, "incorrect arg count for command.");
299
300 policycheck_auth(sock, tokens[0], tokens[1], tokens[2]);
301 return 1;
302 } else if(!strcmp("VERSION", command)) {
303 /* Ignore this command for now. */
304 return 1;
305 } else {
306 Error("trusts_policy", ERR_WARNING, "Bad command: %s", command);
307 return 0;
308 }
309 }
310
311 static trustsocket *findtrustsocketbyfd(int fd) {
312 for(trustsocket *ts=tslist;ts;ts=ts->next)
313 if(ts->fd==fd)
314 return ts;
315
316 return NULL;
317 }
318
319 static int handletrustclient(trustsocket *sock) {
320 int r, remaining = TRUSTBUFSIZE - sock->size, i;
321 char *lastpos, *c;
322
323 if(!remaining) {
324 trustkillconnection(sock, "Buffer overflow.");
325 return 0;
326 }
327
328 r = read(sock->fd, sock->buf + sock->size, remaining);
329 if(r <= 0)
330 return 0;
331
332 sock->size+=r;
333 lastpos = sock->buf;
334
335 for(c=sock->buf,i=0;i<sock->size;i++,c++) {
336 if(*c != '\n')
337 continue;
338 *c = '\0';
339 if(!handletrustline(sock, lastpos))
340 return 0;
341
342 lastpos = c + 1; /* is this ok? */
343 }
344 sock->size-=lastpos - sock->buf;
345 memmove(sock->buf, lastpos, sock->size);
346
347 return 1;
348 }
349
350 static void processtrustclient(int fd, short events) {
351 trustsocket *sock = findtrustsocketbyfd(fd);
352
353 if(!sock)
354 return;
355
356 if(events & POLLIN)
357 if(!handletrustclient(sock))
358 trustfreeconnection(sock, 1);
359 }
360
361 static void trustdotimeout(void *arg) {
362 time_t t = time(NULL);
363 trustsocket **pnext, *sock;
364
365 pnext = &tslist;
366
367 for(sock=*pnext;*pnext;pnext=&((*pnext)->next)) {
368 if(!sock->authed && t >= sock->timeout) {
369 trustkillconnection(sock, "Auth timeout.");
370 *pnext = sock->next;
371 trustfreeconnection(sock, 0);
372 }
373 }
374 }
375
376 static void processtrustlistener(int fd, short events) {
377 if(events & POLLIN) {
378 trustsocket *sock;
379 char buf[NONCELEN * 2 + 1];
380
381 int newfd = accept(fd, NULL, NULL), flags;
382 if(newfd == -1)
383 return;
384
385 flags = fcntl(newfd, F_GETFL, 0);
386 if(flags < 0) {
387 Error("trusts_policy", ERR_WARNING, "Unable to set socket non-blocking.");
388 close(newfd);
389 return;
390 }
391
392 if(fcntl(fd, F_SETFL, flags|O_NONBLOCK) < 0) {
393 Error("trusts_policy", ERR_WARNING, "Unable to set socket non-blocking.");
394 close(newfd);
395 return;
396 }
397
398 registerhandler(newfd, POLLIN|POLLERR|POLLHUP, processtrustclient);
399
400 sock = nsmalloc(POOL_TRUSTS, sizeof(trustsocket));
401 if(!sock) {
402 deregisterhandler(newfd, 1);
403 return;
404 }
405
406 sock->fd = newfd;
407 sock->next = tslist;
408 tslist = sock;
409
410 if(fread((char *)sock->nonce, 1, NONCELEN, urandom) != NONCELEN) {
411 Error("trusts_policy", ERR_WARNING, "Error getting random bytes.");
412 deregisterhandler(newfd, 1);
413 tslist = sock->next;
414 nsfree(POOL_TRUSTS, sock);
415 } else {
416 sock->authed = 0;
417 sock->size = 0;
418 sock->connected = time(NULL);
419 sock->timeout = time(NULL) + 30;
420 sock->accepted = 0;
421 sock->rejected = 0;
422 if(!trustdowrite(sock, "AUTH %s", hmac_printhex(sock->nonce, buf, NONCELEN))) {
423 Error("trusts_policy", ERR_WARNING, "Error writing auth to fd %d.", newfd);
424 deregisterhandler(newfd, 1);
425 tslist = sock->next;
426 nsfree(POOL_TRUSTS, sock);
427 return;
428 }
429 }
430 }
431 }
432
433 static int createlistenersock(int port) {
434 struct sockaddr_in s;
435 int fd;
436 int optval;
437
438 memset(&s, 0, sizeof(struct sockaddr_in));
439 s.sin_family = AF_INET;
440 s.sin_addr.s_addr = INADDR_ANY;
441 s.sin_port = htons(port);
442
443 fd = socket(PF_INET, SOCK_STREAM, 0);
444 if(fd < 0) {
445 Error("trusts_policy", ERR_WARNING, "Unable to get socket for trustfd.");
446 return -1;
447 }
448
449 optval = 1;
450 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &optval, sizeof(optval));
451
452 if(bind(fd, (struct sockaddr *)&s, sizeof(struct sockaddr_in)) < 0) {
453 Error("trusts_policy", ERR_WARNING, "Unable to bind trustfd.");
454 close(fd);
455 return -1;
456 }
457
458 if(listen(fd, 5) < 0) {
459 Error("trusts_policy", ERR_WARNING, "Unable to listen on trustfd.");
460 close(fd);
461 return -1;
462 }
463
464 registerhandler(fd, POLLIN, processtrustlistener);
465
466 return fd;
467 }
468
469 static void policycheck_irc(int hooknum, void *arg) {
470 void **args = arg;
471 nick *np = args[0];
472 long moving = (long)args[1];
473 char message[512];
474 int verdict;
475
476 if(moving)
477 return;
478
479 verdict = checkconnectionth(np->ident, &np->p_nodeaddr, gettrusthost(np), hooknum, 0, message, sizeof(message));
480
481 if(!enforcepolicy_irc)
482 verdict = POLICY_SUCCESS;
483
484 switch (verdict) {
485 case POLICY_FAILURE_NODECOUNT:
486 glinebynick(np, POLICY_GLINE_DURATION, message, GLINE_IGNORE_TRUST, "trusts_policy");
487 break;
488 case POLICY_FAILURE_IDENTD:
489 glinebyip("~*", &np->p_ipaddr, 128, POLICY_GLINE_DURATION, message, GLINE_ALWAYS_USER|GLINE_IGNORE_TRUST, "trusts_policy");
490 break;
491 case POLICY_FAILURE_IDENTCOUNT:
492 glinebynick(np, POLICY_GLINE_DURATION, message, GLINE_ALWAYS_USER|GLINE_IGNORE_TRUST, "trusts_policy");
493 break;
494 }
495 }
496
497 static int trusts_cmdtrustpolicyirc(void *source, int cargc, char **cargv) {
498 nick *sender = source;
499
500 if(cargc < 1) {
501 controlreply(sender, "Use of glines for trust policy enforcement is currently %s.", enforcepolicy_irc?"enabled":"disabled");
502 return CMD_OK;
503 }
504
505 enforcepolicy_irc = atoi(cargv[0]);
506 controlwall(NO_OPER, NL_TRUSTS, "%s %s use of glines for trust policy enforcement.", controlid(sender), enforcepolicy_irc?"enabled":"disabled");
507 controlreply(sender, "Use of glines for trust policy enforcement is now %s.", enforcepolicy_irc?"enabled":"disabled");
508
509 return CMD_OK;
510 }
511
512 static int trusts_cmdtrustpolicyauth(void *source, int cargc, char **cargv) {
513 nick *sender = source;
514
515 if(cargc < 1) {
516 controlreply(sender, "Trust policy enforcement with IAuth is currently %s.", enforcepolicy_auth?"enabled":"disabled");
517 return CMD_OK;
518 }
519
520 enforcepolicy_auth = atoi(cargv[0]);
521 controlwall(NO_OPER, NL_TRUSTS, "%s %s trust policy enforcement with IAuth.", controlid(sender), enforcepolicy_auth?"enabled":"disabled");
522 controlreply(sender, "Trust policy enforcement with IAuth is now %s.", enforcepolicy_auth?"enabled":"disabled");
523
524 return CMD_OK;
525 }
526
527
528 static int trusts_cmdtrustsockets(void *source, int cargc, char **cargv) {
529 nick *sender = source;
530 time_t now;
531 trustsocket *sock;
532
533 time(&now);
534
535 controlreply(sender, "Server Connected for Accepted Rejected");
536
537 for(sock=tslist;sock;sock=sock->next)
538 controlreply(sender, "%-20s %20s %10d %15d", sock->authed?sock->authuser:"<unauthenticated connection>", longtoduration(now - sock->connected, 0), sock->accepted, sock->rejected);
539
540 controlreply(sender, "-- End of list.");
541 return CMD_OK;
542 }
543
544 void loadtrustaccounts(void) {
545 array *accts;
546
547 memset(trustaccounts, 0, sizeof(trustaccounts));
548
549 accts = getconfigitems("trusts_policy", "server");
550 if(!accts) {
551 Error("trusts_policy", ERR_INFO, "No servers added.");
552 } else {
553 sstring **servers = (sstring **)(accts->content);
554 int i;
555 for(i=0;i<accts->cursi;i++) {
556 char server[512];
557 char *pos;
558
559 if(i>=MAXSERVERS) {
560 Error("trusts_policy", ERR_INFO, "Too many servers specified.");
561 break;
562 }
563
564 strncpy(server, servers[i]->content, sizeof(server));
565
566 pos = strchr(server, ',');
567
568 if(!pos) {
569 Error("trusts_policy", ERR_INFO, "Server line is missing password: %s", server);
570 continue;
571 }
572
573 *pos = '\0';
574
575 trustaccounts[i].used = 1;
576 strncpy(trustaccounts[i].server, server, SERVERLEN);
577 strncpy(trustaccounts[i].password, pos+1, TRUSTPASSLEN);
578 }
579 }
580 }
581
582 static void trustaccounts_rehash(int hooknum, void *arg) {
583 loadtrustaccounts();
584 }
585
586 void _init(void) {
587 sstring *m;
588 int trustport;
589
590 countext = registertgext("count");
591 if(countext == -1)
592 return;
593
594 m = getconfigitem("trusts_policy", "enforcepolicy_irc");
595 if(m)
596 enforcepolicy_irc = atoi(m->content);
597
598 m = getconfigitem("trusts_policy", "enforcepolicy_auth");
599 if(m)
600 enforcepolicy_auth = atoi(m->content);
601
602 m = getconfigitem("trusts_policy", "trustport");
603 if(m)
604 trustport = atoi(m->content);
605 else
606 trustport = DEFAULT_TRUSTPORT;
607
608 if(trustport)
609 listenerfd = createlistenersock(trustport);
610
611 loadtrustaccounts();
612
613 registerhook(HOOK_TRUSTS_NEWNICK, policycheck_irc);
614 registerhook(HOOK_TRUSTS_LOSTNICK, &policycheck_irc);
615 registerhook(HOOK_CORE_REHASH, trustaccounts_rehash);
616
617 registercontrolhelpcmd("trustpolicyirc", NO_DEVELOPER, 1, trusts_cmdtrustpolicyirc, "Usage: trustpolicyirc ?1|0?\nEnables or disables policy enforcement (IRC). Shows current status when no parameter is specified.");
618 registercontrolhelpcmd("trustpolicyauth", NO_DEVELOPER, 1, trusts_cmdtrustpolicyauth, "Usage: trustpolicyauth ?1|0?\nEnables or disables policy enforcement (IAuth). Shows current status when no parameter is specified.");
619 registercontrolhelpcmd("trustsockets", NO_DEVELOPER, 0, trusts_cmdtrustsockets, "Usage: trustsockets\nLists all currently active TRUST sockets.");
620
621 schedulerecurring(time(NULL)+1, 0, 5, trustdotimeout, NULL);
622
623 urandom = fopen("/dev/urandom", "rb");
624 if(!urandom)
625 Error("trusts_policy", ERR_ERROR, "Couldn't open /dev/urandom.");
626 }
627
628 void _fini(void) {
629 trustsocket *sock, *next;
630
631 if(countext == -1)
632 return;
633
634 releasetgext(countext);
635
636 deregisterhook(HOOK_TRUSTS_NEWNICK, policycheck_irc);
637 deregisterhook(HOOK_TRUSTS_LOSTNICK, policycheck_irc);
638 deregisterhook(HOOK_CORE_REHASH, trustaccounts_rehash);
639
640 deregistercontrolcmd("trustpolicyirc", trusts_cmdtrustpolicyirc);
641 deregistercontrolcmd("trustpolicyauth", trusts_cmdtrustpolicyauth);
642 deregistercontrolcmd("trustsockets", trusts_cmdtrustsockets);
643
644 deleteallschedules(trustdotimeout);
645
646 if (urandom)
647 fclose(urandom);
648
649 if (listenerfd != -1)
650 deregisterhandler(listenerfd, 1);
651
652 for(sock=tslist;sock;) {
653 next = sock->next;
654
655 trustkillconnection(sock, "Unloading module.");
656 trustfreeconnection(sock, 0);
657
658 sock = next;
659 }
660 }
Unnamed repository; edit this file 'description' to name the repository.