#include "trojanscan.h"
#include "../lib/strlfunc.h"
#include "../lib/version.h"
+#include "../core/nsmalloc.h"
+
+#define tmalloc(x) nsmalloc(POOL_TROJANSCAN, x)
+#define tfree(x) nsfree(POOL_TROJANSCAN, x)
MODULE_VERSION(TROJANSCAN_VERSION);
char *trojanscan_sanitise(char *input);
void trojanscan_refresh_settings(void);
static void trojanscan_part_watch(int hook, void *arg);
+static void trojanscan_connect_nick(void *);
#define TROJANSCAN_SETTING_SIZE 256
#define TROJANSCAN_MAX_SETTINGS 50
static int settingcount = 0;
static char *versionreply;
static int hooksregistered = 0;
+static void *trojanscan_connect_nick_schedule;
void _init() {
trojanscan_cmds = newcommandtree();
if (trojanscan_connect_schedule)
deleteschedule(trojanscan_connect_schedule, &trojanscan_connect, NULL);
+ if (trojanscan_connect_nick_schedule)
+ deleteschedule(trojanscan_connect_nick_schedule, &trojanscan_connect_nick, NULL);
+
if(trojanscan_schedule)
deleteschedule(trojanscan_schedule, &trojanscan_dojoin, NULL);
deleteschedule(rp->schedule, &trojanscan_dopart, (void *)rp);
oldrp = rp;
rp = rp->next;
- free(oldrp);
+ tfree(oldrp);
}
while(rj) {
freesstring(rj->channel);
oldrj = rj;
rj = rj->next;
- free(oldrj);
+ tfree(oldrj);
}
if(trojanscan_initialschedule)
for (i=0;i<trojanscan_tailpoolsize;i++)
freesstring(trojanscan_tailpool[i]);
trojanscan_database_close();
+
+ deletecommandfromtree(trojanscan_cmds, "showcommands", &trojanscan_showcommands);
+ deletecommandfromtree(trojanscan_cmds, "help", &trojanscan_help);
+ deletecommandfromtree(trojanscan_cmds, "hello", &trojanscan_hello);
+ deletecommandfromtree(trojanscan_cmds, "join", &trojanscan_userjoin);
+ deletecommandfromtree(trojanscan_cmds, "chanlist", &trojanscan_chanlist);
+ deletecommandfromtree(trojanscan_cmds, "whois", &trojanscan_whois);
+ deletecommandfromtree(trojanscan_cmds, "changelev", &trojanscan_changelev);
+ deletecommandfromtree(trojanscan_cmds, "deluser", &trojanscan_deluser);
+ deletecommandfromtree(trojanscan_cmds, "mew", &trojanscan_mew);
+ deletecommandfromtree(trojanscan_cmds, "status", &trojanscan_status);
+ deletecommandfromtree(trojanscan_cmds, "listusers", &trojanscan_listusers);
+ deletecommandfromtree(trojanscan_cmds, "rehash", &trojanscan_rehash);
+ deletecommandfromtree(trojanscan_cmds, "cat", &trojanscan_cat);
+ deletecommandfromtree(trojanscan_cmds, "reschedule", &trojanscan_reschedule);
+
+ destroycommandtree(trojanscan_cmds);
+ nscheckfreeall(POOL_TROJANSCAN);
+}
+
+static void trojanscan_connect_nick(void *arg) {
+ sstring *mnick, *myident, *myhost, *myrealname, *myauthname;
+ channel *cp;
+
+ mnick = getcopyconfigitem("trojanscan", "nick", "T", NICKLEN);
+ myident = getcopyconfigitem("trojanscan", "ident", "trojanscan", NICKLEN);
+ myhost = getcopyconfigitem("trojanscan", "hostname", "trojanscan.quakenet.org", HOSTLEN);
+ myrealname = getcopyconfigitem("trojanscan", "realname", "Trojanscan v" TROJANSCAN_VERSION, REALLEN);
+ myauthname = getcopyconfigitem("trojanscan", "authname", "T", ACCOUNTLEN);
+
+ trojanscan_nick = registerlocaluser(mnick->content, myident->content, myhost->content, myrealname->content, myauthname->content, UMODE_SERVICE | UMODE_DEAF |
+ UMODE_OPER | UMODE_INV |
+ UMODE_ACCOUNT,
+ &trojanscan_handlemessages);
+ freesstring(mnick);
+ freesstring(myident);
+ freesstring(myhost);
+ freesstring(myrealname);
+ freesstring(myauthname);
+
+ cp = findchannel(TROJANSCAN_OPERCHANNEL);
+ if (!cp) {
+ localcreatechannel(trojanscan_nick, TROJANSCAN_OPERCHANNEL);
+ } else {
+ if(!localjoinchannel(trojanscan_nick, cp))
+ localgetops(trojanscan_nick, cp);
+ }
+
+ cp = findchannel(TROJANSCAN_CHANNEL);
+ if (!cp) {
+ localcreatechannel(trojanscan_nick, TROJANSCAN_CHANNEL);
+ } else {
+ if(!localjoinchannel(trojanscan_nick, cp))
+ localgetops(trojanscan_nick, cp);
+ }
+
+#ifdef TROJANSCAN_PEONCHANNEL
+ cp = findchannel(TROJANSCAN_PEONCHANNEL);
+ if (!cp) {
+ localcreatechannel(trojanscan_nick, TROJANSCAN_PEONCHANNEL);
+ } else {
+ if(!localjoinchannel(trojanscan_nick, cp))
+ localgetops(trojanscan_nick, cp);
+ }
+#endif
}
void trojanscan_connect(void *arg) {
- sstring *mnick, *myident, *myhost, *myrealname, *myauthname;
sstring *dbhost, *dbuser, *dbpass, *db, *dbport, *temp;
- channel *cp;
int length, i;
char buf[10];
trojanscan_database.glines = 0;
trojanscan_database.detections = 0;
- mnick = getcopyconfigitem("trojanscan", "nick", "T", NICKLEN);
- myident = getcopyconfigitem("trojanscan", "ident", "trojanscan", NICKLEN);
- myhost = getcopyconfigitem("trojanscan", "hostname", "trojanscan.slug.netsplit.net", HOSTLEN);
- myrealname = getcopyconfigitem("trojanscan", "realname", "Trojanscan v" TROJANSCAN_VERSION, REALLEN);
- myauthname = getcopyconfigitem("trojanscan", "authname", "T", ACCOUNTLEN);
-
dbhost = getcopyconfigitem("trojanscan", "dbhost", "localhost", HOSTLEN);
dbuser = getcopyconfigitem("trojanscan", "dbuser", "", NICKLEN);
dbpass = getcopyconfigitem("trojanscan", "dbpass", "", REALLEN);
trojanscan_minchansize = atoi(temp->content);
freesstring(temp);
- trojanscan_nick = registerlocaluser(mnick->content, myident->content, myhost->content, myrealname->content, myauthname->content, UMODE_SERVICE | UMODE_DEAF |
- UMODE_OPER | UMODE_INV |
- UMODE_ACCOUNT,
- &trojanscan_handlemessages);
+ trojanscan_connect_nick(NULL);
if (trojanscan_database_connect(dbhost->content, dbuser->content, dbpass->content, db->content, atoi(dbport->content)) < 0) {
Error("trojanscan", ERR_FATAL, "Cannot connect to database host!");
trojanscan_refresh_settings();
trojanscan_read_database(1);
- cp = findchannel(TROJANSCAN_OPERCHANNEL);
- if (!cp) {
- localcreatechannel(trojanscan_nick, TROJANSCAN_OPERCHANNEL);
- } else {
- if(!localjoinchannel(trojanscan_nick, cp))
- localgetops(trojanscan_nick, cp);
- }
-
- cp = findchannel(TROJANSCAN_CHANNEL);
- if (!cp) {
- localcreatechannel(trojanscan_nick, TROJANSCAN_CHANNEL);
- } else {
- if(!localjoinchannel(trojanscan_nick, cp))
- localgetops(trojanscan_nick, cp);
- }
-
-#ifdef TROJANSCAN_PEONCHANNEL
- cp = findchannel(TROJANSCAN_PEONCHANNEL);
- if (!cp) {
- localcreatechannel(trojanscan_nick, TROJANSCAN_PEONCHANNEL);
- } else {
- if(!localjoinchannel(trojanscan_nick, cp))
- localgetops(trojanscan_nick, cp);
- }
-#endif
-
- freesstring(mnick);
- freesstring(myident);
- freesstring(myhost);
- freesstring(myrealname);
- freesstring(myauthname);
freesstring(dbhost);
freesstring(dbuser);
freesstring(dbpass);
int i;
for(i=0;i<trojanscan_database.total_channels;i++)
freesstring(trojanscan_database.channels[i].name);
- free(trojanscan_database.channels);
+ tfree(trojanscan_database.channels);
for(i=0;i<trojanscan_database.total_phrases;i++) {
if (trojanscan_database.phrases[i].phrase)
pcre_free(trojanscan_database.phrases[i].phrase);
if (trojanscan_database.phrases[i].hint)
pcre_free(trojanscan_database.phrases[i].hint);
}
- free(trojanscan_database.phrases);
+ tfree(trojanscan_database.phrases);
for(i=0;i<trojanscan_database.total_worms;i++)
freesstring(trojanscan_database.worms[i].name);
- free(trojanscan_database.worms);
+ tfree(trojanscan_database.worms);
trojanscan_database.total_channels = 0;
trojanscan_database.total_phrases = 0;
trojanscan_database.total_worms = 0;
-
+ trojanscan_database.channels = NULL;
+ trojanscan_database.phrases = NULL;
+ trojanscan_database.worms = NULL;
}
char *trojanscan_sanitise(char *input) {
if ((res = trojanscan_database_store_result(&trojanscan_sql))) {
trojanscan_database.total_channels = trojanscan_database_num_rows(res);
if (trojanscan_database.total_channels > 0) {
- if ((trojanscan_database.channels = (trojanscan_channels *)malloc(sizeof(trojanscan_channels) * trojanscan_database.total_channels))) {
+ if ((trojanscan_database.channels = (trojanscan_channels *)tmalloc(sizeof(trojanscan_channels) * trojanscan_database.total_channels))) {
if ((trojanscan_database.total_channels>0) && trojanscan_database.channels) {
i = 0;
while((sqlrow = trojanscan_database_fetch_row(res))) {
if ((res = trojanscan_database_store_result(&trojanscan_sql))) {
trojanscan_database.total_worms = trojanscan_database_num_rows(res);
if (trojanscan_database.total_worms > 0) {
- if ((trojanscan_database.worms = (trojanscan_worms *)malloc(sizeof(trojanscan_worms) * trojanscan_database.total_worms))) {
+ if ((trojanscan_database.worms = (trojanscan_worms *)tmalloc(sizeof(trojanscan_worms) * trojanscan_database.total_worms))) {
i = 0;
while((sqlrow = trojanscan_database_fetch_row(res))) {
trojanscan_database.worms[i].id = atoi(sqlrow[0]);
if ((res = trojanscan_database_store_result(&trojanscan_sql))) {
trojanscan_database.total_phrases = trojanscan_database_num_rows(res);
if (trojanscan_database.total_phrases > 0) {
- if ((trojanscan_database.phrases = (trojanscan_phrases *)malloc(sizeof(trojanscan_phrases) * trojanscan_database.total_phrases))) {
+ if ((trojanscan_database.phrases = (trojanscan_phrases *)tmalloc(sizeof(trojanscan_phrases) * trojanscan_database.total_phrases))) {
i = 0;
while((sqlrow = trojanscan_database_fetch_row(res))) {
trojanscan_database.phrases[i].id = atoi(sqlrow[0]);
if(trojanscan_chans) {
for(i=0;i<trojanscan_activechans;i++)
freesstring(trojanscan_chans[i].channel);
- free(trojanscan_chans);
+ tfree(trojanscan_chans);
trojanscan_chans = NULL;
trojanscan_activechans = 0;
}
trojanscan_mainchanmsg("n: swarm (%d clones) created.", TROJANSCAN_CLONE_TOTAL);
trojanscan_swarm_created = 1;
- trojanscan_initialschedule = scheduleoneshot(time(NULL) + 5, &trojanscan_fill_channels, NULL);
+ trojanscan_initialschedule = scheduleoneshot(time(NULL) + 60, &trojanscan_fill_channels, NULL);
}
int trojanscan_status(void *sender, int cargc, char **cargv) {
return NULL;
}
- rc = (struct trojanscan_realchannels *)malloc(sizeof(struct trojanscan_realchannels));
+ rc = (struct trojanscan_realchannels *)tmalloc(sizeof(struct trojanscan_realchannels));
rc->next = NULL;
rc->clone = clonep;
for(position=*head;position;lastitem=position,position=position->next) {
if (!ircd_strcmp(position->name->content, newitem->name->content)) {
- free(newitem);
+ tfree(newitem);
return 0;
}
if (!location && (position->size < newitem->size)) {
struct trojanscan_templist *markedlist = NULL;
if(count > 0) {
- markedlist = (struct trojanscan_templist *)calloc(count, sizeof(struct trojanscan_templist));
+ markedlist = (struct trojanscan_templist *)tmalloc(count * sizeof(struct trojanscan_templist));
if (!markedlist)
return;
+ memset(markedlist, 0, sizeof(struct trojanscan_templist) * count);
}
for(i=0;i<trojanscan_activechans;i++) {
}
}
- free(markedlist);
+ tfree(markedlist);
}
void trojanscan_fill_channels(void *arg) {
chanindex *chn;
for (count=i=0;i<trojanscan_database.total_channels;i++) {
- lp = (trojanscan_prechannels *)malloc(sizeof(trojanscan_prechannels));
+ lp = (trojanscan_prechannels *)tmalloc(sizeof(trojanscan_prechannels));
lp->name = trojanscan_database.channels[i].name;
lp->size = 65535;
lp->exempt = trojanscan_database.channels[i].exempt;
for (i=0;i<CHANNELHASHSIZE;i++) {
for(chn=chantable[i];chn;chn=chn->next) {
if (chn->channel && !IsKey(chn->channel) && !IsInviteOnly(chn->channel) && !IsRegOnly(chn->channel) && (chn->channel->users->totalusers >= trojanscan_minchansize)) {
- lp = (trojanscan_prechannels *)malloc(sizeof(trojanscan_prechannels));
+ lp = (trojanscan_prechannels *)tmalloc(sizeof(trojanscan_prechannels));
lp->name = chn->name;
lp->size = chn->channel->users->totalusers;
lp->exempt = 0;
trojanscan_watch_clone_update(head, count);
trojanscan_free_channels();
- trojanscan_chans = (struct trojanscan_inchannel *)calloc(count, sizeof(struct trojanscan_inchannel));
+ trojanscan_chans = (struct trojanscan_inchannel *)tmalloc(count * sizeof(struct trojanscan_inchannel));
+ memset(trojanscan_chans, 0, count * sizeof(struct trojanscan_inchannel));
trojanscan_activechans = count;
i = 0;
trojanscan_chans[i++].watch_clone = lp->watch_clone;
}
if (last)
- free(last);
+ tfree(last);
}
if (last)
- free(last);
+ tfree(last);
if (trojanscan_activechans > 0) {
tempctime = trojanscan_cycletime / trojanscan_activechans;
} else {
past->next = rp->next;
}
- free(rp);
+ tfree(rp);
break;
}
past = rp;
case LU_KILLED:
/* someone killed me? Bastards */
- trojanscan_connect_schedule = scheduleoneshot(time(NULL) + 1, &trojanscan_connect, NULL);
+ trojanscan_connect_nick_schedule = scheduleoneshot(time(NULL) + 1, &trojanscan_connect_nick, NULL);
trojanscan_nick = NULL;
break;
/*
trojanscan_mainchanmsg("k: %s on %s by %s", target->nick, ((channel *)args[1])->index->name->content, (((nick *)args[0])->nick)?(((nick *)args[0])->nick):"(server)");
*/
- rj = (struct trojanscan_rejoinlist *)malloc(sizeof(struct trojanscan_rejoinlist));
+ rj = (struct trojanscan_rejoinlist *)tmalloc(sizeof(struct trojanscan_rejoinlist));
if (rj) {
rj->rp = NULL;
for(rp=trojanscan_realchanlist;rp;rp=rp->next)
break;
}
if(!rj->rp) {
- free(rj);
+ tfree(rj);
return;
}
rj->channel = getsstring(((channel *)args[1])->index->name->content, ((channel *)args[1])->index->name->length);
if(!rj->channel) {
trojanscan_mainchanmsg("d: unable to allocate memory for channel: %s upon rejoin", ((channel *)args[1])->index->name->content);
- free(rj);
+ tfree(rj);
return;
}
trojanscan_process(np, cp, trojanscan_getmtfromhooktype(hook), reason);
}
-void trojanscan_phrasematch(channel *chp, nick *sender, trojanscan_phrases *phrase, char messagetype, char *matchbuf) {
- char glinemask[HOSTLEN + USERLEN + NICKLEN + 4], enick[TROJANSCAN_QUERY_TEMP_BUF_SIZE], eident[TROJANSCAN_QUERY_TEMP_BUF_SIZE], ehost[TROJANSCAN_QUERY_TEMP_BUF_SIZE];
- char *userbit;
- unsigned int j, usercount, frequency;
- int glining = 1;
- struct trojanscan_worms *worm = phrase->worm;
-
+static int trojanscan_hostcount(nick *sender, int hostmode, char *mask, int masklen) {
+ int usercount = 0, j;
nick *np = NULL; /* sigh at warnings */
-
- trojanscan_database.detections++;
-
- usercount = 0;
- if (worm->monitor) {
- glining = 0;
- usercount = -1;
- } else if (worm->glinehost) {
- snprintf(glinemask, sizeof(glinemask) - 1, "*@%s", IPtostr(sender->p_ipaddr));
+
+ if(hostmode)
for (j=0;j<NICKHASHSIZE;j++)
for (np=nicktable[j];np;np=np->next)
if (np->ipnode==sender->ipnode)
usercount++;
+
+ if(usercount > TROJANSCAN_MAX_HOST_GLINE) {
+ hostmode = 0;
+ usercount = 0;
}
- if (worm->glineuser || (worm->glinehost && usercount > TROJANSCAN_MAX_HOST_GLINE)) {
- userbit = sender->ident;
-/*
- if(userbit[0] == '~')
- userbit++;
-*/
- snprintf(glinemask, sizeof(glinemask) - 1, "%s@%s", userbit, IPtostr(sender->p_ipaddr));
+
+ if(!hostmode)
for (j=0;j<NICKHASHSIZE;j++)
for (np=nicktable[j];np;np=np->next)
- if ((np->ipnode==sender->ipnode) && (!ircd_strcmp(np->ident,sender->ident)))
+ if (np->ipnode==sender->ipnode && !ircd_strcmp(np->ident, sender->ident))
usercount++;
+
+ if(mask)
+ snprintf(mask, masklen, "%s@%s", hostmode?"*":sender->ident, IPtostr(sender->p_ipaddr));
+
+ return usercount;
+}
+
+void trojanscan_phrasematch(channel *chp, nick *sender, trojanscan_phrases *phrase, char messagetype, char *matchbuf) {
+ char glinemask[HOSTLEN + USERLEN + NICKLEN + 4], enick[TROJANSCAN_QUERY_TEMP_BUF_SIZE], eident[TROJANSCAN_QUERY_TEMP_BUF_SIZE], ehost[TROJANSCAN_QUERY_TEMP_BUF_SIZE];
+ unsigned int frequency;
+ int glining = 0, usercount;
+ struct trojanscan_worms *worm = phrase->worm;
+
+ trojanscan_database.detections++;
+
+ usercount = 0;
+ if (worm->monitor) {
+ usercount = -1;
+ } else if(worm->glinehost || worm->glineuser) {
+ glining = 1;
+
+ usercount = trojanscan_hostcount(sender, worm->glinehost, glinemask, sizeof(glinemask));
}
if (!usercount) {
trojanscan_database_query("INSERT INTO hits (nickname, ident, host, phrase, messagetype, glined) VALUES ('%s', '%s', '%s', %d, '%c', %d)", enick, eident, ehost, phrase->id, messagetype, glining);
trojanscan_database.glines++;
- irc_send("%s GL * +%s %d :You (%s!%s@%s) are infected with a trojan (%s/%d), see %s%d for details - banned for %d hours\r\n", mynumeric->content, glinemask, glinetime * 3600, sender->nick, sender->ident, sender->host->name->content, worm->name->content, phrase->id, TROJANSCAN_URL_PREFIX, worm->id, glinetime);
+ irc_send("%s GL * +%s %d %d :You (%s!%s@%s) are infected with a trojan (%s/%d), see %s%d for details - banned for %d hours\r\n", mynumeric->content, glinemask, glinetime * 3600, time(NULL), sender->nick, sender->ident, sender->host->name->content, worm->name->content, phrase->id, TROJANSCAN_URL_PREFIX, worm->id, glinetime);
- trojanscan_mainchanmsg("g: *!%s t: %c u: %s!%s@%s%s%s c: %d w: %s%s p: %d f: %d", glinemask, messagetype, sender->nick, sender->ident, sender->host->name->content, messagetype=='N'||messagetype=='M'||messagetype=='P'?" #: ":"", messagetype=='N'||messagetype=='M'||messagetype=='P'?chp->index->name->content:"", usercount, worm->name->content, worm->epidemic?"(E)":"", phrase->id, frequency);
+ trojanscan_mainchanmsg("g: *!%s t: %c u: %s!%s@%s%s%s c: %d w: %s%s p: %d f: %d%s%s", glinemask, messagetype, sender->nick, sender->ident, sender->host->name->content, messagetype=='N'||messagetype=='M'||messagetype=='P'?" #: ":"", messagetype=='N'||messagetype=='M'||messagetype=='P'?chp->index->name->content:"", usercount, worm->name->content, worm->epidemic?"(E)":"", phrase->id, frequency, matchbuf[0]?" --: ":"", matchbuf[0]?matchbuf:"");
}
}
if (rj2 == rj) {
trojanscan_schedulerejoins = rj->next;
- free(rj);
+ tfree(rj);
} else {
for(rj2=trojanscan_schedulerejoins;rj2;lrj=rj2,rj2=rj2->next) {
if (rj2 == rj) {
lrj->next = rj2->next;
- free(rj);
+ tfree(rj);
break;
}
}
} else {
char *cpos;
int pieces = trojanscan_minmaxrand(2, 4), totallen = 0, a = 0, i;
- int *choices = malloc(sizeof(int) * (pieces + 1));
- int *lengths = malloc(sizeof(int) * (pieces + 1));
+ int *choices = tmalloc(sizeof(int) * (pieces + 1));
+ int *lengths = tmalloc(sizeof(int) * (pieces + 1));
choices[pieces] = trojanscan_minmaxrand(0, trojanscan_tailpoolsize-1);
lengths[pieces] = strlen(trojanscan_tailpool[choices[pieces]]->content) + 1;
}
buf[a] = '\0';
- free(choices);
- free(lengths);
+ tfree(choices);
+ tfree(lengths);
memset(&ipaddress, 0, sizeof(ipaddress));
((unsigned short *)(ipaddress.in6_16))[5] = 65535;