]> jfr.im git - irc/quakenet/snircd.git/blob - ircd/s_conf.c
projects / irc / quakenet / snircd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
merge 07 in
[irc/quakenet/snircd.git] / ircd / s_conf.c
1 /*
2 * IRC - Internet Relay Chat, ircd/s_conf.c
3 * Copyright (C) 1990 Jarkko Oikarinen and
4 * University of Oulu, Computing Center
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 1, or (at your option)
9 * any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
19 */
20 /** @file
21 * @brief ircd configuration file driver
22 * @version $Id: s_conf.c,v 1.81.2.3 2006/02/16 03:49:54 entrope Exp $
23 */
24 #include "config.h"
25
26 #include "s_conf.h"
27 #include "IPcheck.h"
28 #include "class.h"
29 #include "client.h"
30 #include "crule.h"
31 #include "ircd_features.h"
32 #include "fileio.h"
33 #include "gline.h"
34 #include "hash.h"
35 #include "ircd.h"
36 #include "ircd_alloc.h"
37 #include "ircd_chattr.h"
38 #include "ircd_log.h"
39 #include "ircd_reply.h"
40 #include "ircd_snprintf.h"
41 #include "ircd_string.h"
42 #include "list.h"
43 #include "listener.h"
44 #include "match.h"
45 #include "motd.h"
46 #include "numeric.h"
47 #include "numnicks.h"
48 #include "opercmds.h"
49 #include "parse.h"
50 #include "res.h"
51 #include "s_auth.h"
52 #include "s_bsd.h"
53 #include "s_debug.h"
54 #include "s_misc.h"
55 #include "send.h"
56 #include "struct.h"
57 #include "sys.h"
58
59 /* #include <assert.h> -- Now using assert in ircd_log.h */
60 #include <errno.h>
61 #include <fcntl.h>
62 #include <netdb.h>
63 #include <stdio.h>
64 #include <stdlib.h>
65 #include <string.h>
66 #include <sys/stat.h>
67 #include <unistd.h>
68
69 /** Global list of all ConfItem structures. */
70 struct ConfItem *GlobalConfList;
71 /** Count of items in #GlobalConfList. */
72 int GlobalConfCount;
73 /** Global list of service mappings. */
74 struct s_map *GlobalServiceMapList;
75 /** Global list of channel quarantines. */
76 struct qline *GlobalQuarantineList;
77 /** Global list of spoofhosts. */
78 struct sline *GlobalSList = 0;
79
80 /** Current line number in scanner input. */
81 int lineno;
82
83 /** Configuration information for #me. */
84 struct LocalConf localConf;
85 /** Global list of connection rules. */
86 struct CRuleConf* cruleConfList;
87 /** Global list of K-lines. */
88 struct DenyConf* denyConfList;
89
90 /** Tell a user that they are banned, dumping the message from a file.
91 * @param sptr Client being rejected
92 * @param filename Send this file's contents to \a sptr
93 */
94 static void killcomment(struct Client* sptr, const char* filename)
95 {
96 FBFILE* file = 0;
97 char line[80];
98 struct stat sb;
99 struct tm* tm;
100
101 if (NULL == (file = fbopen(filename, "r"))) {
102 send_reply(sptr, ERR_NOMOTD);
103 send_reply(sptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP,
104 ":Connection from your host is refused on this server.");
105 return;
106 }
107 fbstat(&sb, file);
108 tm = localtime((time_t*) &sb.st_mtime); /* NetBSD needs cast */
109 while (fbgets(line, sizeof(line) - 1, file)) {
110 char* end = line + strlen(line);
111 while (end > line) {
112 --end;
113 if ('\n' == *end || '\r' == *end)
114 *end = '\0';
115 else
116 break;
117 }
118 send_reply(sptr, RPL_MOTD, line);
119 }
120 send_reply(sptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP,
121 ":Connection from your host is refused on this server.");
122 fbclose(file);
123 }
124
125 /** Allocate a new struct ConfItem and link it to #GlobalConfList.
126 * @return Newly allocated structure.
127 */
128 struct ConfItem* make_conf(int type)
129 {
130 struct ConfItem* aconf;
131
132 aconf = (struct ConfItem*) MyMalloc(sizeof(struct ConfItem));
133 assert(0 != aconf);
134 ++GlobalConfCount;
135 memset(aconf, 0, sizeof(struct ConfItem));
136 aconf->status = type;
137 aconf->next = GlobalConfList;
138 GlobalConfList = aconf;
139 return aconf;
140 }
141
142 /** Free a struct ConfItem and any resources it owns.
143 * @param aconf Item to free.
144 */
145 void free_conf(struct ConfItem *aconf)
146 {
147 Debug((DEBUG_DEBUG, "free_conf: %s %s %d",
148 aconf->host ? aconf->host : "*",
149 aconf->name ? aconf->name : "*",
150 aconf->address.port));
151 if (aconf->dns_pending)
152 delete_resolver_queries(aconf);
153 MyFree(aconf->username);
154 MyFree(aconf->host);
155 MyFree(aconf->origin_name);
156 if (aconf->passwd)
157 memset(aconf->passwd, 0, strlen(aconf->passwd));
158 MyFree(aconf->passwd);
159 MyFree(aconf->name);
160 MyFree(aconf->hub_limit);
161 MyFree(aconf);
162 --GlobalConfCount;
163 }
164
165 /** Disassociate configuration from the client.
166 * @param cptr Client to operate on.
167 * @param aconf ConfItem to detach.
168 */
169 static void detach_conf(struct Client* cptr, struct ConfItem* aconf)
170 {
171 struct SLink** lp;
172 struct SLink* tmp;
173
174 assert(0 != aconf);
175 assert(0 != cptr);
176 assert(0 < aconf->clients);
177
178 lp = &(cli_confs(cptr));
179
180 while (*lp) {
181 if ((*lp)->value.aconf == aconf) {
182 if (aconf->conn_class && (aconf->status & CONF_CLIENT_MASK) && ConfLinks(aconf) > 0)
183 --ConfLinks(aconf);
184
185 assert(0 < aconf->clients);
186 if (0 == --aconf->clients && IsIllegal(aconf))
187 free_conf(aconf);
188 tmp = *lp;
189 *lp = tmp->next;
190 free_link(tmp);
191 return;
192 }
193 lp = &((*lp)->next);
194 }
195 }
196
197 /** Parse a user\@host mask into username and host or IP parts.
198 * If \a host contains no username part, set \a aconf->username to
199 * NULL. If the host part of \a host looks like an IP mask, set \a
200 * aconf->addrbits and \a aconf->address to match. Otherwise, set
201 * \a aconf->host, and set \a aconf->addrbits to -1.
202 * @param[in,out] aconf Configuration item to set.
203 * @param[in] host user\@host mask to parse.
204 */
205 void conf_parse_userhost(struct ConfItem *aconf, char *host)
206 {
207 char *host_part;
208 unsigned char addrbits;
209
210 MyFree(aconf->username);
211 MyFree(aconf->host);
212 host_part = strchr(host, '@');
213 if (host_part) {
214 *host_part = '\0';
215 DupString(aconf->username, host);
216 host_part++;
217 } else {
218 aconf->username = NULL;
219 host_part = host;
220 }
221 DupString(aconf->host, host_part);
222 if (ipmask_parse(aconf->host, &aconf->address.addr, &addrbits))
223 aconf->addrbits = addrbits;
224 else
225 aconf->addrbits = -1;
226 MyFree(host);
227 }
228
229 /** Copies a completed DNS query into its ConfItem.
230 * @param vptr Pointer to struct ConfItem for the block.
231 * @param hp DNS reply, or NULL if the lookup failed.
232 */
233 static void conf_dns_callback(void* vptr, const struct irc_in_addr *addr, const char *h_name)
234 {
235 struct ConfItem* aconf = (struct ConfItem*) vptr;
236 assert(aconf);
237 aconf->dns_pending = 0;
238 if (addr)
239 memcpy(&aconf->address.addr, addr, sizeof(aconf->address.addr));
240 }
241
242 /** Start a nameserver lookup of the conf host. If the conf entry is
243 * currently doing a lookup, do nothing.
244 * @param aconf ConfItem for which to start a request.
245 */
246 static void conf_dns_lookup(struct ConfItem* aconf)
247 {
248 if (!aconf->dns_pending) {
249 char buf[HOSTLEN + 1];
250
251 host_from_uh(buf, aconf->host, HOSTLEN);
252 gethost_byname(buf, conf_dns_callback, aconf);
253 aconf->dns_pending = 1;
254 }
255 }
256
257
258 /** Start lookups of all addresses in the conf line. The origin must
259 * be a numeric IP address. If the remote host field is not an IP
260 * address, start a DNS lookup for it.
261 * @param aconf Connection to do lookups for.
262 */
263 void
264 lookup_confhost(struct ConfItem *aconf)
265 {
266 if (EmptyString(aconf->host) || EmptyString(aconf->name)) {
267 Debug((DEBUG_ERROR, "Host/server name error: (%s) (%s)",
268 aconf->host, aconf->name));
269 return;
270 }
271 if (aconf->origin_name
272 && !ircd_aton(&aconf->origin.addr, aconf->origin_name)) {
273 Debug((DEBUG_ERROR, "Origin name error: (%s) (%s)",
274 aconf->origin_name, aconf->name));
275 }
276 /*
277 * Do name lookup now on hostnames given and store the
278 * ip numbers in conf structure.
279 */
280 if (IsIP6Char(*aconf->host)) {
281 if (!ircd_aton(&aconf->address.addr, aconf->host)) {
282 Debug((DEBUG_ERROR, "Host/server name error: (%s) (%s)",
283 aconf->host, aconf->name));
284 }
285 }
286 else
287 conf_dns_lookup(aconf);
288 }
289
290 /** Find a server by name or hostname.
291 * @param name Server name to find.
292 * @return Pointer to the corresponding ConfItem, or NULL if none exists.
293 */
294 struct ConfItem* conf_find_server(const char* name)
295 {
296 struct ConfItem* conf;
297 assert(0 != name);
298
299 for (conf = GlobalConfList; conf; conf = conf->next) {
300 if (CONF_SERVER == conf->status) {
301 /*
302 * Check first servernames, then try hostnames.
303 * XXX - match returns 0 if there _is_ a match... guess they
304 * haven't decided what true is yet
305 */
306 if (0 == match(name, conf->name))
307 return conf;
308 }
309 }
310 return 0;
311 }
312
313 /** Evaluate connection rules.
314 * @param name Name of server to check
315 * @param mask Filter for CRule types (only consider if type & \a mask != 0).
316 * @return Name of rule that forbids the connection; NULL if no prohibitions.
317 */
318 const char* conf_eval_crule(const char* name, int mask)
319 {
320 struct CRuleConf* p = cruleConfList;
321 assert(0 != name);
322
323 for ( ; p; p = p->next) {
324 if (0 != (p->type & mask) && 0 == match(p->hostmask, name)) {
325 if (crule_eval(p->node))
326 return p->rule;
327 }
328 }
329 return 0;
330 }
331
332 /** Remove all conf entries from the client except those which match
333 * the status field mask.
334 * @param cptr Client to operate on.
335 * @param mask ConfItem types to keep.
336 */
337 void det_confs_butmask(struct Client* cptr, int mask)
338 {
339 struct SLink* link;
340 struct SLink* next;
341 assert(0 != cptr);
342
343 for (link = cli_confs(cptr); link; link = next) {
344 next = link->next;
345 if ((link->value.aconf->status & mask) == 0)
346 detach_conf(cptr, link->value.aconf);
347 }
348 }
349
350 /** Find the first (best) Client block to attach.
351 * @param cptr Client for whom to check rules.
352 * @return Authorization check result.
353 */
354 enum AuthorizationCheckResult attach_iline(struct Client* cptr)
355 {
356 struct ConfItem* aconf;
357
358 assert(0 != cptr);
359
360 for (aconf = GlobalConfList; aconf; aconf = aconf->next) {
361 if (aconf->status != CONF_CLIENT)
362 continue;
363 /* If you change any of this logic, please make corresponding
364 * changes in conf_debug_iline() below.
365 */
366 if (aconf->address.port && aconf->address.port != cli_listener(cptr)->addr.port)
367 continue;
368 if (aconf->username && match(aconf->username, cli_username(cptr)))
369 continue;
370 if (aconf->host && match(aconf->host, cli_sockhost(cptr)))
371 continue;
372 if ((aconf->addrbits >= 0)
373 && !ipmask_check(&cli_ip(cptr), &aconf->address.addr, aconf->addrbits))
374 continue;
375 if (IPcheck_nr(cptr) > aconf->maximum)
376 return ACR_TOO_MANY_FROM_IP;
377 if (aconf->username)
378 SetFlag(cptr, FLAG_DOID);
379 return attach_conf(cptr, aconf);
380 }
381 return ACR_NO_AUTHORIZATION;
382 }
383
384 /** Interpret \a client as a client specifier and show which Client
385 * block(s) match that client.
386 *
387 * The client specifier may contain an IP address, hostname, listener
388 * port, or a combination of those separated by commas. IP addresses
389 * and hostnamese may be preceded by "username@"; the last given
390 * username will be used for the match.
391 *
392 * @param[in] client Client specifier.
393 * @return Matching Client block structure.
394 */
395 struct ConfItem *conf_debug_iline(const char *client)
396 {
397 struct irc_in_addr address;
398 struct ConfItem *aconf;
399 struct DenyConf *deny;
400 char *sep;
401 unsigned short listener;
402 char username[USERLEN+1], hostname[HOSTLEN+1], realname[REALLEN+1];
403
404 /* Initialize variables. */
405 listener = 0;
406 memset(&address, 0, sizeof(address));
407 memset(&username, 0, sizeof(username));
408 memset(&hostname, 0, sizeof(hostname));
409 memset(&realname, 0, sizeof(realname));
410
411 /* Parse client specifier. */
412 while (*client) {
413 struct irc_in_addr tmpaddr;
414 long tmp;
415
416 /* Try to parse as listener port number first. */
417 tmp = strtol(client, &sep, 10);
418 if (tmp && (*sep == '\0' || *sep == ',')) {
419 listener = tmp;
420 client = sep + (*sep != '\0');
421 continue;
422 }
423
424 /* Maybe username@ before an IP address or hostname? */
425 tmp = strcspn(client, ",@");
426 if (client[tmp] == '@') {
427 if (tmp > USERLEN)
428 tmp = USERLEN;
429 ircd_strncpy(username, client, tmp);
430 /* and fall through */
431 client += tmp + 1;
432 }
433
434 /* Looks like an IP address? */
435 tmp = ircd_aton(&tmpaddr, client);
436 if (tmp && (client[tmp] == '\0' || client[tmp] == ',')) {
437 memcpy(&address, &tmpaddr, sizeof(address));
438 client += tmp + (client[tmp] != '\0');
439 continue;
440 }
441
442 /* Realname? */
443 if (client[0] == '$' && client[1] == 'R') {
444 client += 2;
445 for (tmp = 0; *client != '\0' && *client != ',' && tmp < REALLEN; ++client, ++tmp) {
446 if (*client == '\\')
447 realname[tmp] = *++client;
448 else
449 realname[tmp] = *client;
450 }
451 continue;
452 }
453
454 /* Else must be a hostname. */
455 tmp = strcspn(client, ",");
456 if (tmp > HOSTLEN)
457 tmp = HOSTLEN;
458 ircd_strncpy(hostname, client, tmp);
459 client += tmp + (client[tmp] != '\0');
460 }
461
462 /* Walk configuration to find matching Client block. */
463 for (aconf = GlobalConfList; aconf; aconf = aconf->next) {
464 if (aconf->status != CONF_CLIENT)
465 continue;
466 if (aconf->address.port && aconf->address.port != listener) {
467 fprintf(stdout, "Listener port mismatch: %u != %u\n", aconf->address.port, listener);
468 continue;
469 }
470 if (aconf->username && match(aconf->username, username)) {
471 fprintf(stdout, "Username mismatch: %s != %s\n", aconf->username, username);
472 continue;
473 }
474 if (aconf->host && match(aconf->host, hostname)) {
475 fprintf(stdout, "Hostname mismatch: %s != %s\n", aconf->host, hostname);
476 continue;
477 }
478 if ((aconf->addrbits >= 0)
479 && !ipmask_check(&address, &aconf->address.addr, aconf->addrbits)) {
480 fprintf(stdout, "IP address mismatch: %s != %s\n", aconf->name, ircd_ntoa(&address));
481 continue;
482 }
483 fprintf(stdout, "Match! username=%s host=%s ip=%s class=%s maxlinks=%u password=%s\n",
484 (aconf->username ? aconf->username : "(null)"),
485 (aconf->host ? aconf->host : "(null)"),
486 (aconf->name ? aconf->name : "(null)"),
487 ConfClass(aconf), aconf->maximum,
488 (aconf->passwd ? aconf->passwd : "(null)"));
489 break;
490 }
491
492 /* If no authorization, say so and exit. */
493 if (!aconf)
494 {
495 fprintf(stdout, "No authorization found.\n");
496 return NULL;
497 }
498
499 /* Look for a Kill block with the user's name on it. */
500 for (deny = denyConfList; deny; deny = deny->next) {
501 if (deny->usermask && match(deny->usermask, username))
502 continue;
503 if (deny->realmask && match(deny->realmask, realname))
504 continue;
505 if (deny->bits > 0) {
506 if (!ipmask_check(&address, &deny->address, deny->bits))
507 continue;
508 } else if (deny->hostmask && match(deny->hostmask, hostname))
509 continue;
510
511 /* Looks like a match; report it. */
512 fprintf(stdout, "Denied! usermask=%s realmask=\"%s\" hostmask=%s (bits=%u)\n",
513 deny->usermask ? deny->usermask : "(null)",
514 deny->realmask ? deny->realmask : "(null)",
515 deny->hostmask ? deny->hostmask : "(null)",
516 deny->bits);
517 }
518
519 return aconf;
520 }
521
522 /** Check whether a particular ConfItem is already attached to a
523 * Client.
524 * @param aconf ConfItem to search for
525 * @param cptr Client to check
526 * @return Non-zero if \a aconf is attached to \a cptr, zero if not.
527 */
528 static int is_attached(struct ConfItem *aconf, struct Client *cptr)
529 {
530 struct SLink *lp;
531
532 for (lp = cli_confs(cptr); lp; lp = lp->next) {
533 if (lp->value.aconf == aconf)
534 return 1;
535 }
536 return 0;
537 }
538
539 /** Associate a specific configuration entry to a *local* client (this
540 * is the one which used in accepting the connection). Note, that this
541 * automatically changes the attachment if there was an old one...
542 * @param cptr Client to attach \a aconf to
543 * @param aconf ConfItem to attach
544 * @return Authorization check result.
545 */
546 enum AuthorizationCheckResult attach_conf(struct Client *cptr, struct ConfItem *aconf)
547 {
548 struct SLink *lp;
549
550 if (is_attached(aconf, cptr))
551 return ACR_ALREADY_AUTHORIZED;
552 if (IsIllegal(aconf))
553 return ACR_NO_AUTHORIZATION;
554 if ((aconf->status & (CONF_OPERATOR | CONF_CLIENT)) &&
555 ConfLinks(aconf) >= ConfMaxLinks(aconf) && ConfMaxLinks(aconf) > 0)
556 return ACR_TOO_MANY_IN_CLASS; /* Use this for printing error message */
557 lp = make_link();
558 lp->next = cli_confs(cptr);
559 lp->value.aconf = aconf;
560 cli_confs(cptr) = lp;
561 ++aconf->clients;
562 if (aconf->status & CONF_CLIENT_MASK)
563 ConfLinks(aconf)++;
564 return ACR_OK;
565 }
566
567 /** Return our LocalConf configuration structure.
568 * @return A pointer to #localConf.
569 */
570 const struct LocalConf* conf_get_local(void)
571 {
572 return &localConf;
573 }
574
575 /** Attach ConfItems to a client if the name passed matches that for
576 * the ConfItems or is an exact match for them.
577 * @param cptr Client getting the ConfItem attachments.
578 * @param name Filter to match ConfItem::name.
579 * @param statmask Filter to limit ConfItem::status.
580 * @return First ConfItem attached to \a cptr.
581 */
582 struct ConfItem* attach_confs_byname(struct Client* cptr, const char* name,
583 int statmask)
584 {
585 struct ConfItem* tmp;
586 struct ConfItem* first = NULL;
587
588 assert(0 != name);
589
590 if (HOSTLEN < strlen(name))
591 return 0;
592
593 for (tmp = GlobalConfList; tmp; tmp = tmp->next) {
594 if (0 != (tmp->status & statmask) && !IsIllegal(tmp)) {
595 assert(0 != tmp->name);
596 if (0 == match(tmp->name, name) || 0 == ircd_strcmp(tmp->name, name)) {
597 if (ACR_OK == attach_conf(cptr, tmp) && !first)
598 first = tmp;
599 }
600 }
601 }
602 return first;
603 }
604
605 /** Attach ConfItems to a client if the host passed matches that for
606 * the ConfItems or is an exact match for them.
607 * @param cptr Client getting the ConfItem attachments.
608 * @param host Filter to match ConfItem::host.
609 * @param statmask Filter to limit ConfItem::status.
610 * @return First ConfItem attached to \a cptr.
611 */
612 struct ConfItem* attach_confs_byhost(struct Client* cptr, const char* host,
613 int statmask)
614 {
615 struct ConfItem* tmp;
616 struct ConfItem* first = 0;
617
618 assert(0 != host);
619 if (HOSTLEN < strlen(host))
620 return 0;
621
622 for (tmp = GlobalConfList; tmp; tmp = tmp->next) {
623 if (0 != (tmp->status & statmask) && !IsIllegal(tmp)) {
624 assert(0 != tmp->host);
625 if (0 == match(tmp->host, host) || 0 == ircd_strcmp(tmp->host, host)) {
626 if (ACR_OK == attach_conf(cptr, tmp) && !first)
627 first = tmp;
628 }
629 }
630 }
631 return first;
632 }
633
634 /** Find a ConfItem that has the same name and user+host fields as
635 * specified. Requires an exact match for \a name.
636 * @param name Name to match
637 * @param cptr Client to match against
638 * @param statmask Filter for ConfItem::status
639 * @return First found matching ConfItem.
640 */
641 struct ConfItem* find_conf_exact(const char* name, struct Client *cptr, int statmask)
642 {
643 struct ConfItem *tmp;
644
645 for (tmp = GlobalConfList; tmp; tmp = tmp->next) {
646 if (!(tmp->status & statmask) || !tmp->name || !tmp->host ||
647 0 != ircd_strcmp(tmp->name, name))
648 continue;
649 if (tmp->username
650 && (EmptyString(cli_username(cptr))
651 || match(tmp->username, cli_username(cptr))))
652 continue;
653 if (tmp->addrbits < 0)
654 {
655 if (match(tmp->host, cli_sockhost(cptr)))
656 continue;
657 }
658 else if (!ipmask_check(&cli_ip(cptr), &tmp->address.addr, tmp->addrbits))
659 continue;
660 if ((tmp->status & CONF_OPERATOR)
661 && (tmp->clients >= MaxLinks(tmp->conn_class)))
662 continue;
663 return tmp;
664 }
665 return 0;
666 }
667
668 /** Find a ConfItem from a list that has a name that matches \a name.
669 * @param lp List to search in.
670 * @param name Filter for ConfItem::name field; matches either exactly
671 * or as a glob.
672 * @param statmask Filter for ConfItem::status.
673 * @return First matching ConfItem from \a lp.
674 */
675 struct ConfItem* find_conf_byname(struct SLink* lp, const char* name,
676 int statmask)
677 {
678 struct ConfItem* tmp;
679 assert(0 != name);
680
681 if (HOSTLEN < strlen(name))
682 return 0;
683
684 for (; lp; lp = lp->next) {
685 tmp = lp->value.aconf;
686 if (0 != (tmp->status & statmask)) {
687 assert(0 != tmp->name);
688 if (0 == ircd_strcmp(tmp->name, name) || 0 == match(tmp->name, name))
689 return tmp;
690 }
691 }
692 return 0;
693 }
694
695 /** Find a ConfItem from a list that has a host that matches \a host.
696 * @param lp List to search in.
697 * @param host Filter for ConfItem::host field; matches as a glob.
698 * @param statmask Filter for ConfItem::status.
699 * @return First matching ConfItem from \a lp.
700 */
701 struct ConfItem* find_conf_byhost(struct SLink* lp, const char* host,
702 int statmask)
703 {
704 struct ConfItem* tmp = NULL;
705 assert(0 != host);
706
707 if (HOSTLEN < strlen(host))
708 return 0;
709
710 for (; lp; lp = lp->next) {
711 tmp = lp->value.aconf;
712 if (0 != (tmp->status & statmask)) {
713 assert(0 != tmp->host);
714 if (0 == match(tmp->host, host))
715 return tmp;
716 }
717 }
718 return 0;
719 }
720
721 /** Find a ConfItem from a list that has an address equal to \a ip.
722 * @param lp List to search in.
723 * @param ip Filter for ConfItem::address field; matches exactly.
724 * @param statmask Filter for ConfItem::status.
725 * @return First matching ConfItem from \a lp.
726 */
727 struct ConfItem* find_conf_byip(struct SLink* lp, const struct irc_in_addr* ip,
728 int statmask)
729 {
730 struct ConfItem* tmp;
731
732 for (; lp; lp = lp->next) {
733 tmp = lp->value.aconf;
734 if (0 != (tmp->status & statmask)
735 && !irc_in_addr_cmp(&tmp->address.addr, ip))
736 return tmp;
737 }
738 return 0;
739 }
740
741 /** Free all CRules from #cruleConfList. */
742 void conf_erase_crule_list(void)
743 {
744 struct CRuleConf* next;
745 struct CRuleConf* p = cruleConfList;
746
747 for ( ; p; p = next) {
748 next = p->next;
749 crule_free(&p->node);
750 MyFree(p->hostmask);
751 MyFree(p->rule);
752 MyFree(p);
753 }
754 cruleConfList = 0;
755 }
756
757 /** Return #cruleConfList.
758 * @return #cruleConfList
759 */
760 const struct CRuleConf* conf_get_crule_list(void)
761 {
762 return cruleConfList;
763 }
764
765 /** Free all deny rules from #denyConfList. */
766 void conf_erase_deny_list(void)
767 {
768 struct DenyConf* next;
769 struct DenyConf* p = denyConfList;
770 for ( ; p; p = next) {
771 next = p->next;
772 MyFree(p->hostmask);
773 MyFree(p->usermask);
774 MyFree(p->message);
775 MyFree(p->realmask);
776 MyFree(p);
777 }
778 denyConfList = 0;
779 }
780
781 /** Return #denyConfList.
782 * @return #denyConfList
783 */
784 const struct DenyConf* conf_get_deny_list(void)
785 {
786 return denyConfList;
787 }
788
789 /** Find any existing quarantine for the named channel.
790 * @param chname Channel name to search for.
791 * @return Reason for channel's quarantine, or NULL if none exists.
792 */
793 const char*
794 find_quarantine(const char *chname)
795 {
796 struct qline *qline;
797
798 for (qline = GlobalQuarantineList; qline; qline = qline->next)
799 if (!ircd_strcmp(qline->chname, chname))
800 return qline->reason;
801 return NULL;
802 }
803
804 /** Free all qline structs from #GlobalQuarantineList. */
805 void clear_quarantines(void)
806 {
807 struct qline *qline;
808 while ((qline = GlobalQuarantineList))
809 {
810 GlobalQuarantineList = qline->next;
811 MyFree(qline->reason);
812 MyFree(qline->chname);
813 MyFree(qline);
814 }
815 }
816
817 /** When non-zero, indicates that a configuration error has been seen in this pass. */
818 static int conf_error;
819 /** When non-zero, indicates that the configuration file was loaded at least once. */
820 static int conf_already_read;
821 extern FILE *yyin;
822 extern void yyparse(void);
823 extern void init_lexer(void);
824
825 /** Read configuration file.
826 * @return Zero on failure, non-zero on success. */
827 int read_configuration_file(void)
828 {
829 conf_error = 0;
830 feature_unmark(); /* unmark all features for resetting later */
831 /* Now just open an fd. The buffering isn't really needed... */
832 init_lexer();
833 yyparse();
834 fclose(yyin);
835 yyin = NULL;
836 feature_mark(); /* reset unmarked features */
837 conf_already_read = 1;
838 return 1;
839 }
840
841 /** Report an error message about the configuration file.
842 * @param msg The error to report.
843 */
844 void
845 yyerror(const char *msg)
846 {
847 sendto_opmask_butone(0, SNO_ALL, "Config file parse error line %d: %s",
848 lineno, msg);
849 log_write(LS_CONFIG, L_ERROR, 0, "Config file parse error line %d: %s",
850 lineno, msg);
851 if (!conf_already_read)
852 fprintf(stderr, "Config file parse error line %d: %s\n", lineno, msg);
853 conf_error = 1;
854 }
855
856 /** Attach CONF_UWORLD items to a server and everything attached to it. */
857 static void
858 attach_conf_uworld(struct Client *cptr)
859 {
860 struct DLink *lp;
861
862 attach_confs_byhost(cptr, cli_name(cptr), CONF_UWORLD);
863 for (lp = cli_serv(cptr)->down; lp; lp = lp->next)
864 attach_conf_uworld(lp->value.cptr);
865 }
866
867 /** Free all memory associated with service mapping \a smap.
868 * @param smap[in] The mapping to free.
869 */
870 void free_mapping(struct s_map *smap)
871 {
872 struct nick_host *nh, *next;
873 for (nh = smap->services; nh; nh = next)
874 {
875 next = nh->next;
876 MyFree(nh);
877 }
878 MyFree(smap->name);
879 MyFree(smap->command);
880 MyFree(smap->prepend);
881 MyFree(smap);
882 }
883
884 /** Unregister and free all current service mappings. */
885 static void close_mappings(void)
886 {
887 struct s_map *map, *next;
888
889 for (map = GlobalServiceMapList; map; map = next) {
890 next = map->next;
891 unregister_mapping(map);
892 free_mapping(map);
893 }
894 GlobalServiceMapList = NULL;
895 }
896
897 /** Reload the configuration file.
898 * @param cptr Client that requested rehash (if a signal, &me).
899 * @param sig Type of rehash (0 = oper-requested, 1 = signal, 2 =
900 * oper-requested but do not restart resolver)
901 * @return CPTR_KILLED if any client was K/G-lined because of the
902 * rehash; otherwise 0.
903 */
904 int rehash(struct Client *cptr, int sig)
905 {
906 struct ConfItem** tmp = &GlobalConfList;
907 struct ConfItem* tmp2;
908 struct Client* acptr;
909 int i;
910 int ret = 0;
911 int found_g = 0;
912
913 if (1 == sig)
914 sendto_opmask_butone(0, SNO_OLDSNO,
915 "Got signal SIGHUP, reloading ircd conf. file");
916
917 while ((tmp2 = *tmp)) {
918 if (tmp2->clients) {
919 /*
920 * Configuration entry is still in use by some
921 * local clients, cannot delete it--mark it so
922 * that it will be deleted when the last client
923 * exits...
924 */
925 if (CONF_CLIENT == (tmp2->status & CONF_CLIENT))
926 tmp = &tmp2->next;
927 else {
928 *tmp = tmp2->next;
929 tmp2->next = 0;
930 }
931 tmp2->status |= CONF_ILLEGAL;
932 }
933 else {
934 *tmp = tmp2->next;
935 free_conf(tmp2);
936 }
937 }
938 conf_erase_crule_list();
939 conf_erase_deny_list();
940 motd_clear();
941
942 /*
943 * delete the juped nicks list
944 */
945 clearNickJupes();
946
947 clear_quarantines();
948 clear_slines();
949
950 if (sig != 2)
951 restart_resolver();
952
953 class_mark_delete();
954 mark_listeners_closing();
955 auth_mark_closing();
956 close_mappings();
957
958 read_configuration_file();
959
960 log_reopen(); /* reopen log files */
961
962 auth_close_unused();
963 close_listeners();
964 class_delete_marked(); /* unless it fails */
965
966 /*
967 * Flush out deleted I and P lines although still in use.
968 */
969 for (tmp = &GlobalConfList; (tmp2 = *tmp);) {
970 if (CONF_ILLEGAL == (tmp2->status & CONF_ILLEGAL)) {
971 *tmp = tmp2->next;
972 tmp2->next = NULL;
973 if (!tmp2->clients)
974 free_conf(tmp2);
975 }
976 else
977 tmp = &tmp2->next;
978 }
979
980 for (i = 0; i <= HighestFd; i++) {
981 if ((acptr = LocalClientArray[i])) {
982 assert(!IsMe(acptr));
983 if (IsServer(acptr))
984 det_confs_butmask(acptr, ~(CONF_UWORLD | CONF_ILLEGAL));
985 /* Because admin's are getting so uppity about people managing to
986 * get past K/G's etc, we'll "fix" the bug by actually explaining
987 * whats going on.
988 */
989 if ((found_g = find_kill(acptr, 0))) {
990 sendto_opmask_butone(0, found_g == -2 ? SNO_GLINE : SNO_OPERKILL,
991 found_g == -2 ? "G-line active for %s%s" :
992 "K-line active for %s%s",
993 IsUnknown(acptr) ? "Unregistered Client ":"",
994 get_client_name(acptr, SHOW_IP));
995 if (exit_client(cptr, acptr, &me, found_g == -2 ? "G-lined" :
996 "K-lined") == CPTR_KILLED)
997 ret = CPTR_KILLED;
998 }
999 }
1000 }
1001
1002 attach_conf_uworld(&me);
1003
1004 return ret;
1005 }
1006
1007 /** Read configuration file for the very first time.
1008 * @return Non-zero on success, zero on failure.
1009 */
1010
1011 int init_conf(void)
1012 {
1013 if (read_configuration_file()) {
1014 /*
1015 * make sure we're sane to start if the config
1016 * file read didn't get everything we need.
1017 * XXX - should any of these abort the server?
1018 * TODO: add warning messages
1019 */
1020 if (0 == localConf.name || 0 == localConf.numeric)
1021 return 0;
1022 if (conf_error)
1023 return 0;
1024
1025 if (0 == localConf.location1)
1026 DupString(localConf.location1, "");
1027 if (0 == localConf.location2)
1028 DupString(localConf.location2, "");
1029 if (0 == localConf.contact)
1030 DupString(localConf.contact, "");
1031
1032 return 1;
1033 }
1034 return 0;
1035 }
1036
1037 /** Searches for a K/G-line for a client. If one is found, notify the
1038 * user and disconnect them.
1039 * @param cptr Client to search for.
1040 * @param glinecheck Whether we check for glines.
1041 * @return 0 if client is accepted; -1 if client was locally denied
1042 * (K-line); -2 if client was globally denied (G-line).
1043 */
1044 int find_kill(struct Client *cptr, int glinecheck)
1045 {
1046 const char* host;
1047 const char* name;
1048 const char* realname;
1049 struct DenyConf* deny;
1050 struct Gline* agline = NULL;
1051
1052 assert(0 != cptr);
1053
1054 if (!cli_user(cptr))
1055 return 0;
1056
1057 host = cli_sockhost(cptr);
1058 name = cli_user(cptr)->username;
1059 realname = cli_info(cptr);
1060
1061 assert(strlen(host) <= HOSTLEN);
1062 assert((name ? strlen(name) : 0) <= HOSTLEN);
1063 assert((realname ? strlen(realname) : 0) <= REALLEN);
1064
1065 /* 2000-07-14: Rewrote this loop for massive speed increases.
1066 * -- Isomer
1067 */
1068 for (deny = denyConfList; deny; deny = deny->next) {
1069 if (deny->usermask && match(deny->usermask, name))
1070 continue;
1071 if (deny->realmask && match(deny->realmask, realname))
1072 continue;
1073 if (deny->bits > 0) {
1074 if (!ipmask_check(&cli_ip(cptr), &deny->address, deny->bits))
1075 continue;
1076 } else if (deny->hostmask && match(deny->hostmask, host))
1077 continue;
1078
1079 if (EmptyString(deny->message))
1080 send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP,
1081 ":Connection from your host is refused on this server.");
1082 else {
1083 if (deny->flags & DENY_FLAGS_FILE)
1084 killcomment(cptr, deny->message);
1085 else
1086 send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, ":%s.", deny->message);
1087 }
1088 return -1;
1089 }
1090
1091 /* added glinecheck to define if we check for glines too, shouldn't happen
1092 * when rehashing as it is causing problems with big servers and lots of glines.
1093 * Think of a 18000 user leaf with 18000 glines present, this will probably
1094 * cause the server to split from the net.
1095 * -skater_x
1096 */
1097 if (glinecheck && (agline = gline_lookup(cptr, 0)) && GlineIsActive(agline)) {
1098 /*
1099 * find active glines
1100 * added a check against the user's IP address to find_gline() -Kev
1101 */
1102 send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, ":%s.", GlineReason(agline));
1103 return -2;
1104 }
1105
1106 return 0;
1107 }
1108
1109 /** Attempt to attach Client blocks to \a cptr. If attach_iline()
1110 * fails for the client, emit a debugging message.
1111 * @param cptr Client to check for access.
1112 * @return Access check result.
1113 */
1114 enum AuthorizationCheckResult conf_check_client(struct Client *cptr)
1115 {
1116 enum AuthorizationCheckResult acr = ACR_OK;
1117
1118 if ((acr = attach_iline(cptr))) {
1119 Debug((DEBUG_DNS, "ch_cl: access denied: %s[%s]",
1120 cli_name(cptr), cli_sockhost(cptr)));
1121 return acr;
1122 }
1123 return ACR_OK;
1124 }
1125
1126 /** Check access for a server given its name (passed in cptr struct).
1127 * Must check for all C/N lines which have a name which matches the
1128 * name given and a host which matches. A host alias which is the
1129 * same as the server name is also acceptable in the host field of a
1130 * C/N line.
1131 * @param cptr Peer server to check.
1132 * @return 0 if accepted, -1 if access denied.
1133 */
1134 int conf_check_server(struct Client *cptr)
1135 {
1136 struct ConfItem* c_conf = NULL;
1137 struct SLink* lp;
1138
1139 Debug((DEBUG_DNS, "sv_cl: check access for %s[%s]",
1140 cli_name(cptr), cli_sockhost(cptr)));
1141
1142 if (IsUnknown(cptr) && !attach_confs_byname(cptr, cli_name(cptr), CONF_SERVER)) {
1143 Debug((DEBUG_DNS, "No C/N lines for %s", cli_sockhost(cptr)));
1144 return -1;
1145 }
1146 lp = cli_confs(cptr);
1147 /*
1148 * We initiated this connection so the client should have a C and N
1149 * line already attached after passing through the connect_server()
1150 * function earlier.
1151 */
1152 if (IsConnecting(cptr) || IsHandshake(cptr)) {
1153 c_conf = find_conf_byname(lp, cli_name(cptr), CONF_SERVER);
1154 if (!c_conf) {
1155 sendto_opmask_butone(0, SNO_OLDSNO,
1156 "Connect Error: lost Connect block for %s",
1157 cli_name(cptr));
1158 det_confs_butmask(cptr, 0);
1159 return -1;
1160 }
1161 }
1162
1163 /* Try finding the Connect block by DNS name and IP next. */
1164 if (!c_conf && !(c_conf = find_conf_byhost(lp, cli_sockhost(cptr), CONF_SERVER)))
1165 c_conf = find_conf_byip(lp, &cli_ip(cptr), CONF_SERVER);
1166
1167 /*
1168 * Attach by IP# only if all other checks have failed.
1169 * It is quite possible to get here with the strange things that can
1170 * happen when using DNS in the way the irc server does. -avalon
1171 */
1172 if (!c_conf)
1173 c_conf = find_conf_byip(lp, &cli_ip(cptr), CONF_SERVER);
1174 /*
1175 * detach all conf lines that got attached by attach_confs()
1176 */
1177 det_confs_butmask(cptr, 0);
1178 /*
1179 * if no Connect block, then deny access
1180 */
1181 if (!c_conf) {
1182 Debug((DEBUG_DNS, "sv_cl: access denied: %s[%s@%s]",
1183 cli_name(cptr), cli_username(cptr), cli_sockhost(cptr)));
1184 return -1;
1185 }
1186 /*
1187 * attach the Connect block to the client structure for later use.
1188 */
1189 attach_conf(cptr, c_conf);
1190
1191 if (!irc_in_addr_valid(&c_conf->address.addr))
1192 memcpy(&c_conf->address.addr, &cli_ip(cptr), sizeof(c_conf->address.addr));
1193
1194 Debug((DEBUG_DNS, "sv_cl: access ok: %s[%s]",
1195 cli_name(cptr), cli_sockhost(cptr)));
1196 return 0;
1197 }
1198
1199 void clear_slines(void)
1200 {
1201 struct sline *sline;
1202 while ((sline = GlobalSList)) {
1203 GlobalSList = sline->next;
1204 MyFree(sline->spoofhost);
1205 if (!EmptyString(sline->passwd))
1206 MyFree(sline->passwd);
1207 if (!EmptyString(sline->realhost))
1208 MyFree(sline->realhost);
1209 if (!EmptyString(sline->username))
1210 MyFree(sline->username);
1211 MyFree(sline);
1212 }
1213 }
1214
1215 /*
1216 * conf_check_slines()
1217 *
1218 * Check S lines for the specified client, passed in cptr struct.
1219 * If the client's IP is S-lined, process the substitution here.
1220 *
1221 * Precondition
1222 * cptr != NULL
1223 *
1224 * Returns
1225 * 0 = No S-line found
1226 * 1 = S-line found and substitution done.
1227 *
1228 * -mbuna 9/2001
1229 * -froo 1/2003
1230 *
1231 */
1232
1233 int
1234 conf_check_slines(struct Client *cptr)
1235 {
1236 struct sline *sconf;
1237 char *hostonly;
1238
1239 for (sconf = GlobalSList; sconf; sconf = sconf->next) {
1240 if (sconf->flags == SLINE_FLAGS_IP) {
1241 if (!ipmask_check(&(cli_ip(cptr)), &(sconf->address), sconf->bits))
1242 continue;
1243 } else if (sconf->flags == SLINE_FLAGS_HOSTNAME) {
1244 if ((match(sconf->realhost, cli_sockhost(cptr)) != 0) &&
1245 (match(sconf->realhost, cli_sock_ip(cptr)) != 0)) /* wildcarded IP address */
1246 continue;
1247 } else {
1248 continue;
1249 }
1250
1251 if (match(sconf->username, cli_user(cptr)->username) == 0) {
1252 /* Ignore user part if u@h. */
1253 if ((hostonly = strchr(sconf->spoofhost, '@')))
1254 hostonly++;
1255 else
1256 hostonly = sconf->spoofhost;
1257
1258 if(!*hostonly)
1259 continue;
1260
1261 ircd_strncpy(cli_user(cptr)->host, hostonly, HOSTLEN);
1262 log_write(LS_USER, L_INFO, LOG_NOSNOTICE, "S-Line (%s@%s) by (%#R)",
1263 cli_user(cptr)->username, hostonly, cptr);
1264 return 1;
1265 }
1266 }
1267 return 0;
1268 }
1269
1270 void free_spoofhost(struct sline *spoof) {
1271 MyFree(spoof->spoofhost);
1272 MyFree(spoof->passwd);
1273 MyFree(spoof->realhost);
1274 MyFree(spoof->username);
1275 MyFree(spoof);
1276 }
Unnamed repository; edit this file 'description' to name the repository.