]>
Commit | Line | Data |
---|---|---|
189935b1 | 1 | /* |
2 | * IRC - Internet Relay Chat, ircd/s_conf.c | |
3 | * Copyright (C) 1990 Jarkko Oikarinen and | |
4 | * University of Oulu, Computing Center | |
5 | * | |
6 | * This program is free software; you can redistribute it and/or modify | |
7 | * it under the terms of the GNU General Public License as published by | |
8 | * the Free Software Foundation; either version 1, or (at your option) | |
9 | * any later version. | |
10 | * | |
11 | * This program is distributed in the hope that it will be useful, | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
14 | * GNU General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU General Public License | |
17 | * along with this program; if not, write to the Free Software | |
18 | * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. | |
19 | */ | |
20 | /** @file | |
21 | * @brief ircd configuration file driver | |
9f8856e9 | 22 | * @version $Id: s_conf.c,v 1.81.2.3 2006/02/16 03:49:54 entrope Exp $ |
189935b1 | 23 | */ |
24 | #include "config.h" | |
25 | ||
26 | #include "s_conf.h" | |
27 | #include "IPcheck.h" | |
28 | #include "class.h" | |
29 | #include "client.h" | |
30 | #include "crule.h" | |
31 | #include "ircd_features.h" | |
32 | #include "fileio.h" | |
33 | #include "gline.h" | |
34 | #include "hash.h" | |
35 | #include "ircd.h" | |
36 | #include "ircd_alloc.h" | |
189935b1 | 37 | #include "ircd_chattr.h" |
38 | #include "ircd_log.h" | |
39 | #include "ircd_reply.h" | |
40 | #include "ircd_snprintf.h" | |
41 | #include "ircd_string.h" | |
42 | #include "list.h" | |
43 | #include "listener.h" | |
44 | #include "match.h" | |
45 | #include "motd.h" | |
46 | #include "numeric.h" | |
47 | #include "numnicks.h" | |
48 | #include "opercmds.h" | |
49 | #include "parse.h" | |
50 | #include "res.h" | |
9f8856e9 | 51 | #include "s_auth.h" |
189935b1 | 52 | #include "s_bsd.h" |
53 | #include "s_debug.h" | |
54 | #include "s_misc.h" | |
55 | #include "send.h" | |
56 | #include "struct.h" | |
57 | #include "sys.h" | |
58 | ||
59 | /* #include <assert.h> -- Now using assert in ircd_log.h */ | |
60 | #include <errno.h> | |
61 | #include <fcntl.h> | |
62 | #include <netdb.h> | |
63 | #include <stdio.h> | |
64 | #include <stdlib.h> | |
65 | #include <string.h> | |
66 | #include <sys/stat.h> | |
67 | #include <unistd.h> | |
68 | ||
69 | /** Global list of all ConfItem structures. */ | |
70 | struct ConfItem *GlobalConfList; | |
71 | /** Count of items in #GlobalConfList. */ | |
72 | int GlobalConfCount; | |
73 | /** Global list of service mappings. */ | |
74 | struct s_map *GlobalServiceMapList; | |
75 | /** Global list of channel quarantines. */ | |
76 | struct qline *GlobalQuarantineList; | |
d8e74551 | 77 | /** Global list of spoofhosts. */ |
78 | struct sline *GlobalSList = 0; | |
189935b1 | 79 | |
80 | /** Current line number in scanner input. */ | |
81 | int lineno; | |
82 | ||
83 | /** Configuration information for #me. */ | |
84 | struct LocalConf localConf; | |
85 | /** Global list of connection rules. */ | |
86 | struct CRuleConf* cruleConfList; | |
87 | /** Global list of K-lines. */ | |
88 | struct DenyConf* denyConfList; | |
89 | ||
90 | /** Tell a user that they are banned, dumping the message from a file. | |
91 | * @param sptr Client being rejected | |
92 | * @param filename Send this file's contents to \a sptr | |
93 | */ | |
94 | static void killcomment(struct Client* sptr, const char* filename) | |
95 | { | |
96 | FBFILE* file = 0; | |
97 | char line[80]; | |
98 | struct stat sb; | |
99 | struct tm* tm; | |
100 | ||
101 | if (NULL == (file = fbopen(filename, "r"))) { | |
102 | send_reply(sptr, ERR_NOMOTD); | |
103 | send_reply(sptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, | |
104 | ":Connection from your host is refused on this server."); | |
105 | return; | |
106 | } | |
107 | fbstat(&sb, file); | |
108 | tm = localtime((time_t*) &sb.st_mtime); /* NetBSD needs cast */ | |
109 | while (fbgets(line, sizeof(line) - 1, file)) { | |
110 | char* end = line + strlen(line); | |
111 | while (end > line) { | |
112 | --end; | |
113 | if ('\n' == *end || '\r' == *end) | |
114 | *end = '\0'; | |
115 | else | |
116 | break; | |
117 | } | |
118 | send_reply(sptr, RPL_MOTD, line); | |
119 | } | |
120 | send_reply(sptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, | |
121 | ":Connection from your host is refused on this server."); | |
122 | fbclose(file); | |
123 | } | |
124 | ||
125 | /** Allocate a new struct ConfItem and link it to #GlobalConfList. | |
126 | * @return Newly allocated structure. | |
127 | */ | |
128 | struct ConfItem* make_conf(int type) | |
129 | { | |
130 | struct ConfItem* aconf; | |
131 | ||
132 | aconf = (struct ConfItem*) MyMalloc(sizeof(struct ConfItem)); | |
133 | assert(0 != aconf); | |
134 | ++GlobalConfCount; | |
135 | memset(aconf, 0, sizeof(struct ConfItem)); | |
136 | aconf->status = type; | |
137 | aconf->next = GlobalConfList; | |
138 | GlobalConfList = aconf; | |
139 | return aconf; | |
140 | } | |
141 | ||
142 | /** Free a struct ConfItem and any resources it owns. | |
143 | * @param aconf Item to free. | |
144 | */ | |
145 | void free_conf(struct ConfItem *aconf) | |
146 | { | |
147 | Debug((DEBUG_DEBUG, "free_conf: %s %s %d", | |
148 | aconf->host ? aconf->host : "*", | |
149 | aconf->name ? aconf->name : "*", | |
150 | aconf->address.port)); | |
151 | if (aconf->dns_pending) | |
152 | delete_resolver_queries(aconf); | |
153 | MyFree(aconf->username); | |
154 | MyFree(aconf->host); | |
155 | MyFree(aconf->origin_name); | |
156 | if (aconf->passwd) | |
157 | memset(aconf->passwd, 0, strlen(aconf->passwd)); | |
158 | MyFree(aconf->passwd); | |
159 | MyFree(aconf->name); | |
160 | MyFree(aconf->hub_limit); | |
161 | MyFree(aconf); | |
162 | --GlobalConfCount; | |
163 | } | |
164 | ||
165 | /** Disassociate configuration from the client. | |
166 | * @param cptr Client to operate on. | |
167 | * @param aconf ConfItem to detach. | |
168 | */ | |
169 | static void detach_conf(struct Client* cptr, struct ConfItem* aconf) | |
170 | { | |
171 | struct SLink** lp; | |
172 | struct SLink* tmp; | |
173 | ||
174 | assert(0 != aconf); | |
175 | assert(0 != cptr); | |
176 | assert(0 < aconf->clients); | |
177 | ||
178 | lp = &(cli_confs(cptr)); | |
179 | ||
180 | while (*lp) { | |
181 | if ((*lp)->value.aconf == aconf) { | |
182 | if (aconf->conn_class && (aconf->status & CONF_CLIENT_MASK) && ConfLinks(aconf) > 0) | |
183 | --ConfLinks(aconf); | |
184 | ||
185 | assert(0 < aconf->clients); | |
186 | if (0 == --aconf->clients && IsIllegal(aconf)) | |
187 | free_conf(aconf); | |
188 | tmp = *lp; | |
189 | *lp = tmp->next; | |
190 | free_link(tmp); | |
191 | return; | |
192 | } | |
193 | lp = &((*lp)->next); | |
194 | } | |
195 | } | |
196 | ||
197 | /** Parse a user\@host mask into username and host or IP parts. | |
198 | * If \a host contains no username part, set \a aconf->username to | |
199 | * NULL. If the host part of \a host looks like an IP mask, set \a | |
200 | * aconf->addrbits and \a aconf->address to match. Otherwise, set | |
201 | * \a aconf->host, and set \a aconf->addrbits to -1. | |
202 | * @param[in,out] aconf Configuration item to set. | |
203 | * @param[in] host user\@host mask to parse. | |
204 | */ | |
205 | void conf_parse_userhost(struct ConfItem *aconf, char *host) | |
206 | { | |
207 | char *host_part; | |
208 | unsigned char addrbits; | |
209 | ||
210 | MyFree(aconf->username); | |
211 | MyFree(aconf->host); | |
212 | host_part = strchr(host, '@'); | |
213 | if (host_part) { | |
214 | *host_part = '\0'; | |
215 | DupString(aconf->username, host); | |
216 | host_part++; | |
217 | } else { | |
218 | aconf->username = NULL; | |
219 | host_part = host; | |
220 | } | |
221 | DupString(aconf->host, host_part); | |
222 | if (ipmask_parse(aconf->host, &aconf->address.addr, &addrbits)) | |
223 | aconf->addrbits = addrbits; | |
224 | else | |
225 | aconf->addrbits = -1; | |
226 | MyFree(host); | |
227 | } | |
228 | ||
229 | /** Copies a completed DNS query into its ConfItem. | |
230 | * @param vptr Pointer to struct ConfItem for the block. | |
231 | * @param hp DNS reply, or NULL if the lookup failed. | |
232 | */ | |
233 | static void conf_dns_callback(void* vptr, const struct irc_in_addr *addr, const char *h_name) | |
234 | { | |
235 | struct ConfItem* aconf = (struct ConfItem*) vptr; | |
236 | assert(aconf); | |
237 | aconf->dns_pending = 0; | |
238 | if (addr) | |
239 | memcpy(&aconf->address.addr, addr, sizeof(aconf->address.addr)); | |
240 | } | |
241 | ||
242 | /** Start a nameserver lookup of the conf host. If the conf entry is | |
243 | * currently doing a lookup, do nothing. | |
244 | * @param aconf ConfItem for which to start a request. | |
245 | */ | |
246 | static void conf_dns_lookup(struct ConfItem* aconf) | |
247 | { | |
248 | if (!aconf->dns_pending) { | |
249 | char buf[HOSTLEN + 1]; | |
250 | ||
251 | host_from_uh(buf, aconf->host, HOSTLEN); | |
252 | gethost_byname(buf, conf_dns_callback, aconf); | |
253 | aconf->dns_pending = 1; | |
254 | } | |
255 | } | |
256 | ||
257 | ||
258 | /** Start lookups of all addresses in the conf line. The origin must | |
259 | * be a numeric IP address. If the remote host field is not an IP | |
260 | * address, start a DNS lookup for it. | |
261 | * @param aconf Connection to do lookups for. | |
262 | */ | |
263 | void | |
264 | lookup_confhost(struct ConfItem *aconf) | |
265 | { | |
266 | if (EmptyString(aconf->host) || EmptyString(aconf->name)) { | |
267 | Debug((DEBUG_ERROR, "Host/server name error: (%s) (%s)", | |
268 | aconf->host, aconf->name)); | |
269 | return; | |
270 | } | |
271 | if (aconf->origin_name | |
272 | && !ircd_aton(&aconf->origin.addr, aconf->origin_name)) { | |
273 | Debug((DEBUG_ERROR, "Origin name error: (%s) (%s)", | |
274 | aconf->origin_name, aconf->name)); | |
275 | } | |
276 | /* | |
277 | * Do name lookup now on hostnames given and store the | |
278 | * ip numbers in conf structure. | |
279 | */ | |
280 | if (IsIP6Char(*aconf->host)) { | |
281 | if (!ircd_aton(&aconf->address.addr, aconf->host)) { | |
282 | Debug((DEBUG_ERROR, "Host/server name error: (%s) (%s)", | |
283 | aconf->host, aconf->name)); | |
284 | } | |
285 | } | |
286 | else | |
287 | conf_dns_lookup(aconf); | |
288 | } | |
289 | ||
290 | /** Find a server by name or hostname. | |
291 | * @param name Server name to find. | |
292 | * @return Pointer to the corresponding ConfItem, or NULL if none exists. | |
293 | */ | |
294 | struct ConfItem* conf_find_server(const char* name) | |
295 | { | |
296 | struct ConfItem* conf; | |
297 | assert(0 != name); | |
298 | ||
299 | for (conf = GlobalConfList; conf; conf = conf->next) { | |
300 | if (CONF_SERVER == conf->status) { | |
301 | /* | |
302 | * Check first servernames, then try hostnames. | |
303 | * XXX - match returns 0 if there _is_ a match... guess they | |
304 | * haven't decided what true is yet | |
305 | */ | |
306 | if (0 == match(name, conf->name)) | |
307 | return conf; | |
308 | } | |
309 | } | |
310 | return 0; | |
311 | } | |
312 | ||
313 | /** Evaluate connection rules. | |
314 | * @param name Name of server to check | |
315 | * @param mask Filter for CRule types (only consider if type & \a mask != 0). | |
316 | * @return Name of rule that forbids the connection; NULL if no prohibitions. | |
317 | */ | |
318 | const char* conf_eval_crule(const char* name, int mask) | |
319 | { | |
320 | struct CRuleConf* p = cruleConfList; | |
321 | assert(0 != name); | |
322 | ||
323 | for ( ; p; p = p->next) { | |
324 | if (0 != (p->type & mask) && 0 == match(p->hostmask, name)) { | |
325 | if (crule_eval(p->node)) | |
326 | return p->rule; | |
327 | } | |
328 | } | |
329 | return 0; | |
330 | } | |
331 | ||
332 | /** Remove all conf entries from the client except those which match | |
333 | * the status field mask. | |
334 | * @param cptr Client to operate on. | |
335 | * @param mask ConfItem types to keep. | |
336 | */ | |
337 | void det_confs_butmask(struct Client* cptr, int mask) | |
338 | { | |
339 | struct SLink* link; | |
340 | struct SLink* next; | |
341 | assert(0 != cptr); | |
342 | ||
343 | for (link = cli_confs(cptr); link; link = next) { | |
344 | next = link->next; | |
345 | if ((link->value.aconf->status & mask) == 0) | |
346 | detach_conf(cptr, link->value.aconf); | |
347 | } | |
348 | } | |
349 | ||
350 | /** Find the first (best) Client block to attach. | |
351 | * @param cptr Client for whom to check rules. | |
352 | * @return Authorization check result. | |
353 | */ | |
354 | enum AuthorizationCheckResult attach_iline(struct Client* cptr) | |
355 | { | |
356 | struct ConfItem* aconf; | |
357 | ||
358 | assert(0 != cptr); | |
359 | ||
360 | for (aconf = GlobalConfList; aconf; aconf = aconf->next) { | |
361 | if (aconf->status != CONF_CLIENT) | |
362 | continue; | |
363 | /* If you change any of this logic, please make corresponding | |
364 | * changes in conf_debug_iline() below. | |
365 | */ | |
366 | if (aconf->address.port && aconf->address.port != cli_listener(cptr)->addr.port) | |
367 | continue; | |
368 | if (aconf->username && match(aconf->username, cli_username(cptr))) | |
369 | continue; | |
370 | if (aconf->host && match(aconf->host, cli_sockhost(cptr))) | |
371 | continue; | |
372 | if ((aconf->addrbits >= 0) | |
373 | && !ipmask_check(&cli_ip(cptr), &aconf->address.addr, aconf->addrbits)) | |
374 | continue; | |
375 | if (IPcheck_nr(cptr) > aconf->maximum) | |
376 | return ACR_TOO_MANY_FROM_IP; | |
377 | if (aconf->username) | |
378 | SetFlag(cptr, FLAG_DOID); | |
379 | return attach_conf(cptr, aconf); | |
380 | } | |
381 | return ACR_NO_AUTHORIZATION; | |
382 | } | |
383 | ||
384 | /** Interpret \a client as a client specifier and show which Client | |
385 | * block(s) match that client. | |
386 | * | |
387 | * The client specifier may contain an IP address, hostname, listener | |
388 | * port, or a combination of those separated by commas. IP addresses | |
389 | * and hostnamese may be preceded by "username@"; the last given | |
390 | * username will be used for the match. | |
391 | * | |
392 | * @param[in] client Client specifier. | |
393 | * @return Matching Client block structure. | |
394 | */ | |
395 | struct ConfItem *conf_debug_iline(const char *client) | |
396 | { | |
397 | struct irc_in_addr address; | |
398 | struct ConfItem *aconf; | |
399 | struct DenyConf *deny; | |
400 | char *sep; | |
401 | unsigned short listener; | |
402 | char username[USERLEN+1], hostname[HOSTLEN+1], realname[REALLEN+1]; | |
403 | ||
404 | /* Initialize variables. */ | |
405 | listener = 0; | |
406 | memset(&address, 0, sizeof(address)); | |
407 | memset(&username, 0, sizeof(username)); | |
408 | memset(&hostname, 0, sizeof(hostname)); | |
409 | memset(&realname, 0, sizeof(realname)); | |
410 | ||
411 | /* Parse client specifier. */ | |
412 | while (*client) { | |
413 | struct irc_in_addr tmpaddr; | |
414 | long tmp; | |
415 | ||
416 | /* Try to parse as listener port number first. */ | |
417 | tmp = strtol(client, &sep, 10); | |
418 | if (tmp && (*sep == '\0' || *sep == ',')) { | |
419 | listener = tmp; | |
420 | client = sep + (*sep != '\0'); | |
421 | continue; | |
422 | } | |
423 | ||
424 | /* Maybe username@ before an IP address or hostname? */ | |
425 | tmp = strcspn(client, ",@"); | |
426 | if (client[tmp] == '@') { | |
427 | if (tmp > USERLEN) | |
428 | tmp = USERLEN; | |
429 | ircd_strncpy(username, client, tmp); | |
430 | /* and fall through */ | |
431 | client += tmp + 1; | |
432 | } | |
433 | ||
434 | /* Looks like an IP address? */ | |
435 | tmp = ircd_aton(&tmpaddr, client); | |
436 | if (tmp && (client[tmp] == '\0' || client[tmp] == ',')) { | |
437 | memcpy(&address, &tmpaddr, sizeof(address)); | |
438 | client += tmp + (client[tmp] != '\0'); | |
439 | continue; | |
440 | } | |
441 | ||
442 | /* Realname? */ | |
443 | if (client[0] == '$' && client[1] == 'R') { | |
444 | client += 2; | |
445 | for (tmp = 0; *client != '\0' && *client != ',' && tmp < REALLEN; ++client, ++tmp) { | |
446 | if (*client == '\\') | |
447 | realname[tmp] = *++client; | |
448 | else | |
449 | realname[tmp] = *client; | |
450 | } | |
451 | continue; | |
452 | } | |
453 | ||
454 | /* Else must be a hostname. */ | |
455 | tmp = strcspn(client, ","); | |
456 | if (tmp > HOSTLEN) | |
457 | tmp = HOSTLEN; | |
458 | ircd_strncpy(hostname, client, tmp); | |
459 | client += tmp + (client[tmp] != '\0'); | |
460 | } | |
461 | ||
462 | /* Walk configuration to find matching Client block. */ | |
463 | for (aconf = GlobalConfList; aconf; aconf = aconf->next) { | |
464 | if (aconf->status != CONF_CLIENT) | |
465 | continue; | |
466 | if (aconf->address.port && aconf->address.port != listener) { | |
467 | fprintf(stdout, "Listener port mismatch: %u != %u\n", aconf->address.port, listener); | |
468 | continue; | |
469 | } | |
470 | if (aconf->username && match(aconf->username, username)) { | |
471 | fprintf(stdout, "Username mismatch: %s != %s\n", aconf->username, username); | |
472 | continue; | |
473 | } | |
474 | if (aconf->host && match(aconf->host, hostname)) { | |
475 | fprintf(stdout, "Hostname mismatch: %s != %s\n", aconf->host, hostname); | |
476 | continue; | |
477 | } | |
478 | if ((aconf->addrbits >= 0) | |
479 | && !ipmask_check(&address, &aconf->address.addr, aconf->addrbits)) { | |
480 | fprintf(stdout, "IP address mismatch: %s != %s\n", aconf->name, ircd_ntoa(&address)); | |
481 | continue; | |
482 | } | |
483 | fprintf(stdout, "Match! username=%s host=%s ip=%s class=%s maxlinks=%u password=%s\n", | |
484 | (aconf->username ? aconf->username : "(null)"), | |
485 | (aconf->host ? aconf->host : "(null)"), | |
486 | (aconf->name ? aconf->name : "(null)"), | |
052b069e | 487 | ConfClass(aconf), aconf->maximum, |
488 | (aconf->passwd ? aconf->passwd : "(null)")); | |
189935b1 | 489 | break; |
490 | } | |
491 | ||
492 | /* If no authorization, say so and exit. */ | |
493 | if (!aconf) | |
494 | { | |
495 | fprintf(stdout, "No authorization found.\n"); | |
496 | return NULL; | |
497 | } | |
498 | ||
499 | /* Look for a Kill block with the user's name on it. */ | |
500 | for (deny = denyConfList; deny; deny = deny->next) { | |
501 | if (deny->usermask && match(deny->usermask, username)) | |
502 | continue; | |
503 | if (deny->realmask && match(deny->realmask, realname)) | |
504 | continue; | |
505 | if (deny->bits > 0) { | |
506 | if (!ipmask_check(&address, &deny->address, deny->bits)) | |
507 | continue; | |
508 | } else if (deny->hostmask && match(deny->hostmask, hostname)) | |
509 | continue; | |
510 | ||
511 | /* Looks like a match; report it. */ | |
512 | fprintf(stdout, "Denied! usermask=%s realmask=\"%s\" hostmask=%s (bits=%u)\n", | |
513 | deny->usermask ? deny->usermask : "(null)", | |
514 | deny->realmask ? deny->realmask : "(null)", | |
515 | deny->hostmask ? deny->hostmask : "(null)", | |
516 | deny->bits); | |
517 | } | |
518 | ||
519 | return aconf; | |
520 | } | |
521 | ||
522 | /** Check whether a particular ConfItem is already attached to a | |
523 | * Client. | |
524 | * @param aconf ConfItem to search for | |
525 | * @param cptr Client to check | |
526 | * @return Non-zero if \a aconf is attached to \a cptr, zero if not. | |
527 | */ | |
528 | static int is_attached(struct ConfItem *aconf, struct Client *cptr) | |
529 | { | |
530 | struct SLink *lp; | |
531 | ||
532 | for (lp = cli_confs(cptr); lp; lp = lp->next) { | |
533 | if (lp->value.aconf == aconf) | |
534 | return 1; | |
535 | } | |
536 | return 0; | |
537 | } | |
538 | ||
539 | /** Associate a specific configuration entry to a *local* client (this | |
540 | * is the one which used in accepting the connection). Note, that this | |
541 | * automatically changes the attachment if there was an old one... | |
542 | * @param cptr Client to attach \a aconf to | |
543 | * @param aconf ConfItem to attach | |
544 | * @return Authorization check result. | |
545 | */ | |
546 | enum AuthorizationCheckResult attach_conf(struct Client *cptr, struct ConfItem *aconf) | |
547 | { | |
548 | struct SLink *lp; | |
549 | ||
550 | if (is_attached(aconf, cptr)) | |
551 | return ACR_ALREADY_AUTHORIZED; | |
552 | if (IsIllegal(aconf)) | |
553 | return ACR_NO_AUTHORIZATION; | |
554 | if ((aconf->status & (CONF_OPERATOR | CONF_CLIENT)) && | |
555 | ConfLinks(aconf) >= ConfMaxLinks(aconf) && ConfMaxLinks(aconf) > 0) | |
556 | return ACR_TOO_MANY_IN_CLASS; /* Use this for printing error message */ | |
557 | lp = make_link(); | |
558 | lp->next = cli_confs(cptr); | |
559 | lp->value.aconf = aconf; | |
560 | cli_confs(cptr) = lp; | |
561 | ++aconf->clients; | |
562 | if (aconf->status & CONF_CLIENT_MASK) | |
563 | ConfLinks(aconf)++; | |
564 | return ACR_OK; | |
565 | } | |
566 | ||
567 | /** Return our LocalConf configuration structure. | |
568 | * @return A pointer to #localConf. | |
569 | */ | |
570 | const struct LocalConf* conf_get_local(void) | |
571 | { | |
572 | return &localConf; | |
573 | } | |
574 | ||
575 | /** Attach ConfItems to a client if the name passed matches that for | |
576 | * the ConfItems or is an exact match for them. | |
577 | * @param cptr Client getting the ConfItem attachments. | |
578 | * @param name Filter to match ConfItem::name. | |
579 | * @param statmask Filter to limit ConfItem::status. | |
580 | * @return First ConfItem attached to \a cptr. | |
581 | */ | |
582 | struct ConfItem* attach_confs_byname(struct Client* cptr, const char* name, | |
583 | int statmask) | |
584 | { | |
585 | struct ConfItem* tmp; | |
586 | struct ConfItem* first = NULL; | |
587 | ||
588 | assert(0 != name); | |
589 | ||
590 | if (HOSTLEN < strlen(name)) | |
591 | return 0; | |
592 | ||
593 | for (tmp = GlobalConfList; tmp; tmp = tmp->next) { | |
594 | if (0 != (tmp->status & statmask) && !IsIllegal(tmp)) { | |
595 | assert(0 != tmp->name); | |
596 | if (0 == match(tmp->name, name) || 0 == ircd_strcmp(tmp->name, name)) { | |
597 | if (ACR_OK == attach_conf(cptr, tmp) && !first) | |
598 | first = tmp; | |
599 | } | |
600 | } | |
601 | } | |
602 | return first; | |
603 | } | |
604 | ||
605 | /** Attach ConfItems to a client if the host passed matches that for | |
606 | * the ConfItems or is an exact match for them. | |
607 | * @param cptr Client getting the ConfItem attachments. | |
608 | * @param host Filter to match ConfItem::host. | |
609 | * @param statmask Filter to limit ConfItem::status. | |
610 | * @return First ConfItem attached to \a cptr. | |
611 | */ | |
612 | struct ConfItem* attach_confs_byhost(struct Client* cptr, const char* host, | |
613 | int statmask) | |
614 | { | |
615 | struct ConfItem* tmp; | |
616 | struct ConfItem* first = 0; | |
617 | ||
618 | assert(0 != host); | |
619 | if (HOSTLEN < strlen(host)) | |
620 | return 0; | |
621 | ||
622 | for (tmp = GlobalConfList; tmp; tmp = tmp->next) { | |
623 | if (0 != (tmp->status & statmask) && !IsIllegal(tmp)) { | |
624 | assert(0 != tmp->host); | |
625 | if (0 == match(tmp->host, host) || 0 == ircd_strcmp(tmp->host, host)) { | |
626 | if (ACR_OK == attach_conf(cptr, tmp) && !first) | |
627 | first = tmp; | |
628 | } | |
629 | } | |
630 | } | |
631 | return first; | |
632 | } | |
633 | ||
634 | /** Find a ConfItem that has the same name and user+host fields as | |
635 | * specified. Requires an exact match for \a name. | |
636 | * @param name Name to match | |
637 | * @param cptr Client to match against | |
638 | * @param statmask Filter for ConfItem::status | |
639 | * @return First found matching ConfItem. | |
640 | */ | |
641 | struct ConfItem* find_conf_exact(const char* name, struct Client *cptr, int statmask) | |
642 | { | |
643 | struct ConfItem *tmp; | |
644 | ||
645 | for (tmp = GlobalConfList; tmp; tmp = tmp->next) { | |
646 | if (!(tmp->status & statmask) || !tmp->name || !tmp->host || | |
647 | 0 != ircd_strcmp(tmp->name, name)) | |
648 | continue; | |
649 | if (tmp->username | |
650 | && (EmptyString(cli_username(cptr)) | |
651 | || match(tmp->username, cli_username(cptr)))) | |
652 | continue; | |
653 | if (tmp->addrbits < 0) | |
654 | { | |
655 | if (match(tmp->host, cli_sockhost(cptr))) | |
656 | continue; | |
657 | } | |
658 | else if (!ipmask_check(&cli_ip(cptr), &tmp->address.addr, tmp->addrbits)) | |
659 | continue; | |
660 | if ((tmp->status & CONF_OPERATOR) | |
661 | && (tmp->clients >= MaxLinks(tmp->conn_class))) | |
662 | continue; | |
663 | return tmp; | |
664 | } | |
665 | return 0; | |
666 | } | |
667 | ||
668 | /** Find a ConfItem from a list that has a name that matches \a name. | |
669 | * @param lp List to search in. | |
670 | * @param name Filter for ConfItem::name field; matches either exactly | |
671 | * or as a glob. | |
672 | * @param statmask Filter for ConfItem::status. | |
673 | * @return First matching ConfItem from \a lp. | |
674 | */ | |
675 | struct ConfItem* find_conf_byname(struct SLink* lp, const char* name, | |
676 | int statmask) | |
677 | { | |
678 | struct ConfItem* tmp; | |
679 | assert(0 != name); | |
680 | ||
681 | if (HOSTLEN < strlen(name)) | |
682 | return 0; | |
683 | ||
684 | for (; lp; lp = lp->next) { | |
685 | tmp = lp->value.aconf; | |
686 | if (0 != (tmp->status & statmask)) { | |
687 | assert(0 != tmp->name); | |
688 | if (0 == ircd_strcmp(tmp->name, name) || 0 == match(tmp->name, name)) | |
689 | return tmp; | |
690 | } | |
691 | } | |
692 | return 0; | |
693 | } | |
694 | ||
695 | /** Find a ConfItem from a list that has a host that matches \a host. | |
696 | * @param lp List to search in. | |
697 | * @param host Filter for ConfItem::host field; matches as a glob. | |
698 | * @param statmask Filter for ConfItem::status. | |
699 | * @return First matching ConfItem from \a lp. | |
700 | */ | |
701 | struct ConfItem* find_conf_byhost(struct SLink* lp, const char* host, | |
702 | int statmask) | |
703 | { | |
704 | struct ConfItem* tmp = NULL; | |
705 | assert(0 != host); | |
706 | ||
707 | if (HOSTLEN < strlen(host)) | |
708 | return 0; | |
709 | ||
710 | for (; lp; lp = lp->next) { | |
711 | tmp = lp->value.aconf; | |
712 | if (0 != (tmp->status & statmask)) { | |
713 | assert(0 != tmp->host); | |
714 | if (0 == match(tmp->host, host)) | |
715 | return tmp; | |
716 | } | |
717 | } | |
718 | return 0; | |
719 | } | |
720 | ||
721 | /** Find a ConfItem from a list that has an address equal to \a ip. | |
722 | * @param lp List to search in. | |
723 | * @param ip Filter for ConfItem::address field; matches exactly. | |
724 | * @param statmask Filter for ConfItem::status. | |
725 | * @return First matching ConfItem from \a lp. | |
726 | */ | |
727 | struct ConfItem* find_conf_byip(struct SLink* lp, const struct irc_in_addr* ip, | |
728 | int statmask) | |
729 | { | |
730 | struct ConfItem* tmp; | |
731 | ||
732 | for (; lp; lp = lp->next) { | |
733 | tmp = lp->value.aconf; | |
734 | if (0 != (tmp->status & statmask) | |
735 | && !irc_in_addr_cmp(&tmp->address.addr, ip)) | |
736 | return tmp; | |
737 | } | |
738 | return 0; | |
739 | } | |
740 | ||
741 | /** Free all CRules from #cruleConfList. */ | |
742 | void conf_erase_crule_list(void) | |
743 | { | |
744 | struct CRuleConf* next; | |
745 | struct CRuleConf* p = cruleConfList; | |
746 | ||
747 | for ( ; p; p = next) { | |
748 | next = p->next; | |
749 | crule_free(&p->node); | |
750 | MyFree(p->hostmask); | |
751 | MyFree(p->rule); | |
752 | MyFree(p); | |
753 | } | |
754 | cruleConfList = 0; | |
755 | } | |
756 | ||
757 | /** Return #cruleConfList. | |
758 | * @return #cruleConfList | |
759 | */ | |
760 | const struct CRuleConf* conf_get_crule_list(void) | |
761 | { | |
762 | return cruleConfList; | |
763 | } | |
764 | ||
765 | /** Free all deny rules from #denyConfList. */ | |
766 | void conf_erase_deny_list(void) | |
767 | { | |
768 | struct DenyConf* next; | |
769 | struct DenyConf* p = denyConfList; | |
770 | for ( ; p; p = next) { | |
771 | next = p->next; | |
772 | MyFree(p->hostmask); | |
773 | MyFree(p->usermask); | |
774 | MyFree(p->message); | |
775 | MyFree(p->realmask); | |
776 | MyFree(p); | |
777 | } | |
778 | denyConfList = 0; | |
779 | } | |
780 | ||
781 | /** Return #denyConfList. | |
782 | * @return #denyConfList | |
783 | */ | |
784 | const struct DenyConf* conf_get_deny_list(void) | |
785 | { | |
786 | return denyConfList; | |
787 | } | |
788 | ||
789 | /** Find any existing quarantine for the named channel. | |
790 | * @param chname Channel name to search for. | |
791 | * @return Reason for channel's quarantine, or NULL if none exists. | |
792 | */ | |
793 | const char* | |
794 | find_quarantine(const char *chname) | |
795 | { | |
796 | struct qline *qline; | |
797 | ||
798 | for (qline = GlobalQuarantineList; qline; qline = qline->next) | |
799 | if (!ircd_strcmp(qline->chname, chname)) | |
800 | return qline->reason; | |
801 | return NULL; | |
802 | } | |
803 | ||
804 | /** Free all qline structs from #GlobalQuarantineList. */ | |
805 | void clear_quarantines(void) | |
806 | { | |
807 | struct qline *qline; | |
808 | while ((qline = GlobalQuarantineList)) | |
809 | { | |
810 | GlobalQuarantineList = qline->next; | |
811 | MyFree(qline->reason); | |
812 | MyFree(qline->chname); | |
813 | MyFree(qline); | |
814 | } | |
815 | } | |
816 | ||
817 | /** When non-zero, indicates that a configuration error has been seen in this pass. */ | |
818 | static int conf_error; | |
819 | /** When non-zero, indicates that the configuration file was loaded at least once. */ | |
820 | static int conf_already_read; | |
821 | extern FILE *yyin; | |
822 | extern void yyparse(void); | |
823 | extern void init_lexer(void); | |
824 | ||
825 | /** Read configuration file. | |
826 | * @return Zero on failure, non-zero on success. */ | |
827 | int read_configuration_file(void) | |
828 | { | |
829 | conf_error = 0; | |
830 | feature_unmark(); /* unmark all features for resetting later */ | |
831 | /* Now just open an fd. The buffering isn't really needed... */ | |
832 | init_lexer(); | |
833 | yyparse(); | |
834 | fclose(yyin); | |
835 | yyin = NULL; | |
836 | feature_mark(); /* reset unmarked features */ | |
837 | conf_already_read = 1; | |
838 | return 1; | |
839 | } | |
840 | ||
841 | /** Report an error message about the configuration file. | |
842 | * @param msg The error to report. | |
843 | */ | |
844 | void | |
845 | yyerror(const char *msg) | |
846 | { | |
847 | sendto_opmask_butone(0, SNO_ALL, "Config file parse error line %d: %s", | |
848 | lineno, msg); | |
849 | log_write(LS_CONFIG, L_ERROR, 0, "Config file parse error line %d: %s", | |
850 | lineno, msg); | |
851 | if (!conf_already_read) | |
852 | fprintf(stderr, "Config file parse error line %d: %s\n", lineno, msg); | |
853 | conf_error = 1; | |
854 | } | |
855 | ||
856 | /** Attach CONF_UWORLD items to a server and everything attached to it. */ | |
857 | static void | |
858 | attach_conf_uworld(struct Client *cptr) | |
859 | { | |
860 | struct DLink *lp; | |
861 | ||
862 | attach_confs_byhost(cptr, cli_name(cptr), CONF_UWORLD); | |
863 | for (lp = cli_serv(cptr)->down; lp; lp = lp->next) | |
864 | attach_conf_uworld(lp->value.cptr); | |
865 | } | |
866 | ||
867 | /** Free all memory associated with service mapping \a smap. | |
868 | * @param smap[in] The mapping to free. | |
869 | */ | |
870 | void free_mapping(struct s_map *smap) | |
871 | { | |
872 | struct nick_host *nh, *next; | |
873 | for (nh = smap->services; nh; nh = next) | |
874 | { | |
875 | next = nh->next; | |
876 | MyFree(nh); | |
877 | } | |
878 | MyFree(smap->name); | |
879 | MyFree(smap->command); | |
880 | MyFree(smap->prepend); | |
881 | MyFree(smap); | |
882 | } | |
883 | ||
884 | /** Unregister and free all current service mappings. */ | |
885 | static void close_mappings(void) | |
886 | { | |
887 | struct s_map *map, *next; | |
888 | ||
889 | for (map = GlobalServiceMapList; map; map = next) { | |
890 | next = map->next; | |
891 | unregister_mapping(map); | |
892 | free_mapping(map); | |
893 | } | |
894 | GlobalServiceMapList = NULL; | |
895 | } | |
896 | ||
897 | /** Reload the configuration file. | |
898 | * @param cptr Client that requested rehash (if a signal, &me). | |
899 | * @param sig Type of rehash (0 = oper-requested, 1 = signal, 2 = | |
900 | * oper-requested but do not restart resolver) | |
901 | * @return CPTR_KILLED if any client was K/G-lined because of the | |
902 | * rehash; otherwise 0. | |
903 | */ | |
904 | int rehash(struct Client *cptr, int sig) | |
905 | { | |
906 | struct ConfItem** tmp = &GlobalConfList; | |
907 | struct ConfItem* tmp2; | |
908 | struct Client* acptr; | |
909 | int i; | |
910 | int ret = 0; | |
911 | int found_g = 0; | |
912 | ||
913 | if (1 == sig) | |
914 | sendto_opmask_butone(0, SNO_OLDSNO, | |
915 | "Got signal SIGHUP, reloading ircd conf. file"); | |
916 | ||
917 | while ((tmp2 = *tmp)) { | |
918 | if (tmp2->clients) { | |
919 | /* | |
920 | * Configuration entry is still in use by some | |
921 | * local clients, cannot delete it--mark it so | |
922 | * that it will be deleted when the last client | |
923 | * exits... | |
924 | */ | |
925 | if (CONF_CLIENT == (tmp2->status & CONF_CLIENT)) | |
926 | tmp = &tmp2->next; | |
927 | else { | |
928 | *tmp = tmp2->next; | |
929 | tmp2->next = 0; | |
930 | } | |
931 | tmp2->status |= CONF_ILLEGAL; | |
932 | } | |
933 | else { | |
934 | *tmp = tmp2->next; | |
935 | free_conf(tmp2); | |
936 | } | |
937 | } | |
938 | conf_erase_crule_list(); | |
939 | conf_erase_deny_list(); | |
940 | motd_clear(); | |
941 | ||
942 | /* | |
943 | * delete the juped nicks list | |
944 | */ | |
945 | clearNickJupes(); | |
946 | ||
947 | clear_quarantines(); | |
d8e74551 | 948 | clear_slines(); |
189935b1 | 949 | |
950 | if (sig != 2) | |
951 | restart_resolver(); | |
952 | ||
953 | class_mark_delete(); | |
954 | mark_listeners_closing(); | |
9f8856e9 | 955 | auth_mark_closing(); |
189935b1 | 956 | close_mappings(); |
957 | ||
958 | read_configuration_file(); | |
959 | ||
960 | log_reopen(); /* reopen log files */ | |
961 | ||
9f8856e9 | 962 | auth_close_unused(); |
189935b1 | 963 | close_listeners(); |
964 | class_delete_marked(); /* unless it fails */ | |
965 | ||
966 | /* | |
967 | * Flush out deleted I and P lines although still in use. | |
968 | */ | |
969 | for (tmp = &GlobalConfList; (tmp2 = *tmp);) { | |
970 | if (CONF_ILLEGAL == (tmp2->status & CONF_ILLEGAL)) { | |
971 | *tmp = tmp2->next; | |
972 | tmp2->next = NULL; | |
973 | if (!tmp2->clients) | |
974 | free_conf(tmp2); | |
975 | } | |
976 | else | |
977 | tmp = &tmp2->next; | |
978 | } | |
979 | ||
980 | for (i = 0; i <= HighestFd; i++) { | |
981 | if ((acptr = LocalClientArray[i])) { | |
982 | assert(!IsMe(acptr)); | |
983 | if (IsServer(acptr)) | |
984 | det_confs_butmask(acptr, ~(CONF_UWORLD | CONF_ILLEGAL)); | |
985 | /* Because admin's are getting so uppity about people managing to | |
986 | * get past K/G's etc, we'll "fix" the bug by actually explaining | |
987 | * whats going on. | |
988 | */ | |
d8e74551 | 989 | if ((found_g = find_kill(acptr, 0))) { |
189935b1 | 990 | sendto_opmask_butone(0, found_g == -2 ? SNO_GLINE : SNO_OPERKILL, |
991 | found_g == -2 ? "G-line active for %s%s" : | |
992 | "K-line active for %s%s", | |
993 | IsUnknown(acptr) ? "Unregistered Client ":"", | |
994 | get_client_name(acptr, SHOW_IP)); | |
995 | if (exit_client(cptr, acptr, &me, found_g == -2 ? "G-lined" : | |
996 | "K-lined") == CPTR_KILLED) | |
997 | ret = CPTR_KILLED; | |
998 | } | |
999 | } | |
1000 | } | |
1001 | ||
1002 | attach_conf_uworld(&me); | |
1003 | ||
1004 | return ret; | |
1005 | } | |
1006 | ||
1007 | /** Read configuration file for the very first time. | |
1008 | * @return Non-zero on success, zero on failure. | |
1009 | */ | |
1010 | ||
1011 | int init_conf(void) | |
1012 | { | |
1013 | if (read_configuration_file()) { | |
1014 | /* | |
1015 | * make sure we're sane to start if the config | |
1016 | * file read didn't get everything we need. | |
1017 | * XXX - should any of these abort the server? | |
1018 | * TODO: add warning messages | |
1019 | */ | |
1020 | if (0 == localConf.name || 0 == localConf.numeric) | |
1021 | return 0; | |
1022 | if (conf_error) | |
1023 | return 0; | |
1024 | ||
1025 | if (0 == localConf.location1) | |
1026 | DupString(localConf.location1, ""); | |
1027 | if (0 == localConf.location2) | |
1028 | DupString(localConf.location2, ""); | |
1029 | if (0 == localConf.contact) | |
1030 | DupString(localConf.contact, ""); | |
1031 | ||
1032 | return 1; | |
1033 | } | |
1034 | return 0; | |
1035 | } | |
1036 | ||
1037 | /** Searches for a K/G-line for a client. If one is found, notify the | |
1038 | * user and disconnect them. | |
1039 | * @param cptr Client to search for. | |
d8e74551 | 1040 | * @param glinecheck Whether we check for glines. |
189935b1 | 1041 | * @return 0 if client is accepted; -1 if client was locally denied |
1042 | * (K-line); -2 if client was globally denied (G-line). | |
1043 | */ | |
d8e74551 | 1044 | int find_kill(struct Client *cptr, int glinecheck) |
189935b1 | 1045 | { |
1046 | const char* host; | |
1047 | const char* name; | |
1048 | const char* realname; | |
1049 | struct DenyConf* deny; | |
1050 | struct Gline* agline = NULL; | |
1051 | ||
1052 | assert(0 != cptr); | |
1053 | ||
1054 | if (!cli_user(cptr)) | |
1055 | return 0; | |
1056 | ||
1057 | host = cli_sockhost(cptr); | |
1058 | name = cli_user(cptr)->username; | |
1059 | realname = cli_info(cptr); | |
1060 | ||
1061 | assert(strlen(host) <= HOSTLEN); | |
1062 | assert((name ? strlen(name) : 0) <= HOSTLEN); | |
1063 | assert((realname ? strlen(realname) : 0) <= REALLEN); | |
1064 | ||
1065 | /* 2000-07-14: Rewrote this loop for massive speed increases. | |
1066 | * -- Isomer | |
1067 | */ | |
1068 | for (deny = denyConfList; deny; deny = deny->next) { | |
1069 | if (deny->usermask && match(deny->usermask, name)) | |
1070 | continue; | |
1071 | if (deny->realmask && match(deny->realmask, realname)) | |
1072 | continue; | |
1073 | if (deny->bits > 0) { | |
1074 | if (!ipmask_check(&cli_ip(cptr), &deny->address, deny->bits)) | |
1075 | continue; | |
1076 | } else if (deny->hostmask && match(deny->hostmask, host)) | |
1077 | continue; | |
1078 | ||
1079 | if (EmptyString(deny->message)) | |
1080 | send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, | |
1081 | ":Connection from your host is refused on this server."); | |
1082 | else { | |
1083 | if (deny->flags & DENY_FLAGS_FILE) | |
1084 | killcomment(cptr, deny->message); | |
1085 | else | |
1086 | send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, ":%s.", deny->message); | |
1087 | } | |
1088 | return -1; | |
1089 | } | |
1090 | ||
d8e74551 | 1091 | /* added glinecheck to define if we check for glines too, shouldn't happen |
1092 | * when rehashing as it is causing problems with big servers and lots of glines. | |
1093 | * Think of a 18000 user leaf with 18000 glines present, this will probably | |
1094 | * cause the server to split from the net. | |
1095 | * -skater_x | |
1096 | */ | |
1097 | if (glinecheck && (agline = gline_lookup(cptr, 0)) && GlineIsActive(agline)) { | |
189935b1 | 1098 | /* |
1099 | * find active glines | |
1100 | * added a check against the user's IP address to find_gline() -Kev | |
1101 | */ | |
1102 | send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, ":%s.", GlineReason(agline)); | |
1103 | return -2; | |
1104 | } | |
1105 | ||
1106 | return 0; | |
1107 | } | |
1108 | ||
1109 | /** Attempt to attach Client blocks to \a cptr. If attach_iline() | |
1110 | * fails for the client, emit a debugging message. | |
1111 | * @param cptr Client to check for access. | |
1112 | * @return Access check result. | |
1113 | */ | |
1114 | enum AuthorizationCheckResult conf_check_client(struct Client *cptr) | |
1115 | { | |
1116 | enum AuthorizationCheckResult acr = ACR_OK; | |
1117 | ||
1118 | if ((acr = attach_iline(cptr))) { | |
1119 | Debug((DEBUG_DNS, "ch_cl: access denied: %s[%s]", | |
1120 | cli_name(cptr), cli_sockhost(cptr))); | |
1121 | return acr; | |
1122 | } | |
1123 | return ACR_OK; | |
1124 | } | |
1125 | ||
1126 | /** Check access for a server given its name (passed in cptr struct). | |
1127 | * Must check for all C/N lines which have a name which matches the | |
1128 | * name given and a host which matches. A host alias which is the | |
1129 | * same as the server name is also acceptable in the host field of a | |
1130 | * C/N line. | |
1131 | * @param cptr Peer server to check. | |
1132 | * @return 0 if accepted, -1 if access denied. | |
1133 | */ | |
1134 | int conf_check_server(struct Client *cptr) | |
1135 | { | |
1136 | struct ConfItem* c_conf = NULL; | |
1137 | struct SLink* lp; | |
1138 | ||
1139 | Debug((DEBUG_DNS, "sv_cl: check access for %s[%s]", | |
1140 | cli_name(cptr), cli_sockhost(cptr))); | |
1141 | ||
1142 | if (IsUnknown(cptr) && !attach_confs_byname(cptr, cli_name(cptr), CONF_SERVER)) { | |
1143 | Debug((DEBUG_DNS, "No C/N lines for %s", cli_sockhost(cptr))); | |
1144 | return -1; | |
1145 | } | |
1146 | lp = cli_confs(cptr); | |
1147 | /* | |
1148 | * We initiated this connection so the client should have a C and N | |
1149 | * line already attached after passing through the connect_server() | |
1150 | * function earlier. | |
1151 | */ | |
1152 | if (IsConnecting(cptr) || IsHandshake(cptr)) { | |
1153 | c_conf = find_conf_byname(lp, cli_name(cptr), CONF_SERVER); | |
1154 | if (!c_conf) { | |
1155 | sendto_opmask_butone(0, SNO_OLDSNO, | |
1156 | "Connect Error: lost Connect block for %s", | |
1157 | cli_name(cptr)); | |
1158 | det_confs_butmask(cptr, 0); | |
1159 | return -1; | |
1160 | } | |
1161 | } | |
1162 | ||
1163 | /* Try finding the Connect block by DNS name and IP next. */ | |
1164 | if (!c_conf && !(c_conf = find_conf_byhost(lp, cli_sockhost(cptr), CONF_SERVER))) | |
1165 | c_conf = find_conf_byip(lp, &cli_ip(cptr), CONF_SERVER); | |
1166 | ||
1167 | /* | |
1168 | * Attach by IP# only if all other checks have failed. | |
1169 | * It is quite possible to get here with the strange things that can | |
1170 | * happen when using DNS in the way the irc server does. -avalon | |
1171 | */ | |
1172 | if (!c_conf) | |
1173 | c_conf = find_conf_byip(lp, &cli_ip(cptr), CONF_SERVER); | |
1174 | /* | |
1175 | * detach all conf lines that got attached by attach_confs() | |
1176 | */ | |
1177 | det_confs_butmask(cptr, 0); | |
1178 | /* | |
1179 | * if no Connect block, then deny access | |
1180 | */ | |
1181 | if (!c_conf) { | |
1182 | Debug((DEBUG_DNS, "sv_cl: access denied: %s[%s@%s]", | |
1183 | cli_name(cptr), cli_username(cptr), cli_sockhost(cptr))); | |
1184 | return -1; | |
1185 | } | |
1186 | /* | |
1187 | * attach the Connect block to the client structure for later use. | |
1188 | */ | |
1189 | attach_conf(cptr, c_conf); | |
1190 | ||
1191 | if (!irc_in_addr_valid(&c_conf->address.addr)) | |
1192 | memcpy(&c_conf->address.addr, &cli_ip(cptr), sizeof(c_conf->address.addr)); | |
1193 | ||
1194 | Debug((DEBUG_DNS, "sv_cl: access ok: %s[%s]", | |
1195 | cli_name(cptr), cli_sockhost(cptr))); | |
1196 | return 0; | |
1197 | } | |
1198 | ||
d8e74551 | 1199 | void clear_slines(void) |
1200 | { | |
1201 | struct sline *sline; | |
1202 | while ((sline = GlobalSList)) { | |
1203 | GlobalSList = sline->next; | |
1204 | MyFree(sline->spoofhost); | |
1205 | if (!EmptyString(sline->passwd)) | |
1206 | MyFree(sline->passwd); | |
1207 | if (!EmptyString(sline->realhost)) | |
1208 | MyFree(sline->realhost); | |
1209 | if (!EmptyString(sline->username)) | |
1210 | MyFree(sline->username); | |
1211 | MyFree(sline); | |
1212 | } | |
1213 | } | |
1214 | ||
1215 | /* | |
1216 | * conf_check_slines() | |
1217 | * | |
1218 | * Check S lines for the specified client, passed in cptr struct. | |
1219 | * If the client's IP is S-lined, process the substitution here. | |
1220 | * | |
1221 | * Precondition | |
1222 | * cptr != NULL | |
1223 | * | |
1224 | * Returns | |
1225 | * 0 = No S-line found | |
1226 | * 1 = S-line found and substitution done. | |
1227 | * | |
1228 | * -mbuna 9/2001 | |
1229 | * -froo 1/2003 | |
1230 | * | |
1231 | */ | |
1232 | ||
1233 | int | |
1234 | conf_check_slines(struct Client *cptr) | |
1235 | { | |
1236 | struct sline *sconf; | |
1237 | char *hostonly; | |
1238 | ||
1239 | for (sconf = GlobalSList; sconf; sconf = sconf->next) { | |
1240 | if (sconf->flags == SLINE_FLAGS_IP) { | |
1241 | if (!ipmask_check(&(cli_ip(cptr)), &(sconf->address), sconf->bits)) | |
1242 | continue; | |
1243 | } else if (sconf->flags == SLINE_FLAGS_HOSTNAME) { | |
1244 | if ((match(sconf->realhost, cli_sockhost(cptr)) != 0) && | |
1245 | (match(sconf->realhost, cli_sock_ip(cptr)) != 0)) /* wildcarded IP address */ | |
1246 | continue; | |
1247 | } else { | |
1248 | continue; | |
1249 | } | |
1250 | ||
1251 | if (match(sconf->username, cli_user(cptr)->username) == 0) { | |
1252 | /* Ignore user part if u@h. */ | |
1253 | if ((hostonly = strchr(sconf->spoofhost, '@'))) | |
1254 | hostonly++; | |
1255 | else | |
1256 | hostonly = sconf->spoofhost; | |
1257 | ||
1258 | if(!*hostonly) | |
1259 | continue; | |
1260 | ||
1261 | ircd_strncpy(cli_user(cptr)->host, hostonly, HOSTLEN); | |
1262 | log_write(LS_USER, L_INFO, LOG_NOSNOTICE, "S-Line (%s@%s) by (%#R)", | |
1263 | cli_user(cptr)->username, hostonly, cptr); | |
1264 | return 1; | |
1265 | } | |
1266 | } | |
1267 | return 0; | |
1268 | } | |
1269 | ||
1270 | void free_spoofhost(struct sline *spoof) { | |
1271 | MyFree(spoof->spoofhost); | |
1272 | MyFree(spoof->passwd); | |
1273 | MyFree(spoof->realhost); | |
1274 | MyFree(spoof->username); | |
1275 | MyFree(spoof); | |
1276 | } |