Remote d:lines implementation (based on ircd-seven's r230 by spb, Stephen Bennett...

[irc/rqf/shadowircd.git] / src / newconf.c

diff --git a/src/newconf.c b/src/newconf.c
index e36882f2fd83b52f44120f3cad44becc4be9c442..5e72684601584b8cf4571f9a0e9ec478f0c928ad 100644 (file)
--- a/src/newconf.c
+++ b/src/newconf.c
@@ -11,9 +11,8 @@
 
 #include "newconf.h"
 #include "ircd_defs.h"
-#include "sprintf_irc.h"
 #include "common.h"
-#include "s_log.h"
+#include "logger.h"
 #include "s_conf.h"
 #include "s_user.h"
 #include "s_newconf.h"
@@ -28,6 +27,7 @@
 #include "ircd.h"
 #include "snomask.h"
 #include "blacklist.h"
+#include "sslproc.h"
 
 #define CF_TYPE(x) ((x) & CF_MTYPE)
 
@@ -229,7 +229,7 @@ conf_set_serverinfo_network_name(void *data)
 static void
 conf_set_serverinfo_vhost(void *data)
 {
-       if(inetpton(AF_INET, (char *) data, &ServerInfo.ip.sin_addr) <= 0)
+       if(rb_inet_pton(AF_INET, (char *) data, &ServerInfo.ip.sin_addr) <= 0)
        {
                conf_report_error("Invalid netmask for server IPv4 vhost (%s)", (char *) data);
                return;
@@ -241,8 +241,8 @@ conf_set_serverinfo_vhost(void *data)
 static void
 conf_set_serverinfo_vhost6(void *data)
 {
-#ifdef IPV6
-       if(inetpton(AF_INET6, (char *) data, &ServerInfo.ip6.sin6_addr) <= 0)
+#ifdef RB_IPV6
+       if(rb_inet_pton(AF_INET6, (char *) data, &ServerInfo.ip6.sin6_addr) <= 0)
        {
                conf_report_error("Invalid netmask for server IPv6 vhost (%s)", (char *) data);
                return;
@@ -311,7 +311,6 @@ static struct mode_table oper_table[] = {
        {"remote",              OPER_REMOTE             },
        {"kline",               OPER_KLINE              },
        {"unkline",             OPER_UNKLINE            },
-       {"gline",               OPER_GLINE              },
        {"nick_changes",        OPER_NICKS              },
        {"rehash",              OPER_REHASH             },
        {"die",                 OPER_DIE                },
@@ -333,7 +332,6 @@ static struct mode_table auth_table[] = {
        {"exceed_limit",        CONF_FLAGS_NOLIMIT      },
        {"dnsbl_exempt",        CONF_FLAGS_EXEMPTDNSBL  },
        {"kline_exempt",        CONF_FLAGS_EXEMPTKLINE  },
-       {"gline_exempt",        CONF_FLAGS_EXEMPTGLINE  },
        {"flood_exempt",        CONF_FLAGS_EXEMPTFLOOD  },
        {"spambot_exempt",      CONF_FLAGS_EXEMPTSPAMBOT },
        {"shide_exempt",        CONF_FLAGS_EXEMPTSHIDE  },
@@ -351,6 +349,7 @@ static struct mode_table connect_table[] = {
        { "compressed", SERVER_COMPRESSED       },
        { "encrypted",  SERVER_ENCRYPTED        },
        { "topicburst", SERVER_TB               },
+       { "ssl",        SERVER_SSL              },
        { NULL,         0                       },
 };
 
@@ -374,6 +373,10 @@ static struct mode_table shared_table[] =
        { "kline",      SHARED_PKLINE|SHARED_TKLINE     },
        { "xline",      SHARED_PXLINE|SHARED_TXLINE     },
        { "resv",       SHARED_PRESV|SHARED_TRESV       },
+       { "dline",  SHARED_PDLINE|SHARED_TDLINE },
+       { "tdline", SHARED_TDLINE       },
+       { "pdline", SHARED_PDLINE   },
+       { "undline",    SHARED_UNDLINE  },
        { "tkline",     SHARED_TKLINE   },
        { "unkline",    SHARED_UNKLINE  },
        { "txline",     SHARED_TXLINE   },
@@ -670,7 +673,7 @@ conf_set_class_ping_time(void *data)
 static void
 conf_set_class_cidr_bitlen(void *data)
 {
-#ifdef IPV6
+#ifdef RB_IPV6
        unsigned int maxsize = 128;
 #else
        unsigned int maxsize = 32;
@@ -744,8 +747,10 @@ conf_end_listen(struct TopConf *tc)
        return 0;
 }
 
+
+
 static void
-conf_set_listen_port(void *data)
+conf_set_listen_port_both(void *data, int ssl)
 {
        conf_parm_t *args = data;
        for (; args; args = args->next)
@@ -758,28 +763,40 @@ conf_set_listen_port(void *data)
                }
                 if(listener_address == NULL)
                 {
-                       add_listener(args->v.number, listener_address, AF_INET);
-#ifdef IPV6
-                       add_listener(args->v.number, listener_address, AF_INET6);
+                       add_listener(args->v.number, listener_address, AF_INET, ssl);
+#ifdef RB_IPV6
+                       add_listener(args->v.number, listener_address, AF_INET6, ssl);
 #endif
                 }
                else
                 {
                        int family;
-#ifdef IPV6
+#ifdef RB_IPV6
                        if(strchr(listener_address, ':') != NULL)
                                family = AF_INET6;
                        else 
 #endif
                                family = AF_INET;
                
-                       add_listener(args->v.number, listener_address, family);
+                       add_listener(args->v.number, listener_address, family, ssl);
                 
                 }
 
        }
 }
 
+static void
+conf_set_listen_port(void *data)
+{
+       conf_set_listen_port_both(data, 0);
+}
+
+static void
+conf_set_listen_sslport(void *data)
+{
+       conf_set_listen_port_both(data, 1);
+}
+
 static void
 conf_set_listen_address(void *data)
 {
@@ -1150,6 +1167,13 @@ conf_end_connect(struct TopConf *tc)
                yy_server->flags &= ~SERVER_COMPRESSED;
        }
 #endif
+       if(ServerConfCompressed(yy_server) && ServerConfSSL(yy_server))
+       {
+               conf_report_error("Ignoring compressed for connect block %s -- "
+                                      "ssl and compressed are mutually exclusive (OpenSSL does its own compression)", 
+                                      yy_server->name);
+               yy_server->flags &= ~SERVER_COMPRESSED;
+       }
 
        add_server_conf(yy_server);
        rb_dlinkAdd(yy_server, &yy_server->node, &server_conf_list);
@@ -1170,7 +1194,7 @@ conf_set_connect_host(void *data)
 static void
 conf_set_connect_vhost(void *data)
 {
-       if(inetpton_sock(data, (struct sockaddr *)&yy_server->my_ipnum) <= 0)
+       if(rb_inet_pton_sock(data, (struct sockaddr *)&yy_server->my_ipnum) <= 0)
        {
                conf_report_error("Invalid netmask for server vhost (%s)",
                                  (char *) data);
@@ -1221,7 +1245,7 @@ conf_set_connect_aftype(void *data)
 
        if(strcasecmp(aft, "ipv4") == 0)
                yy_server->aftype = AF_INET;
-#ifdef IPV6
+#ifdef RB_IPV6
        else if(strcasecmp(aft, "ipv6") == 0)
                yy_server->aftype = AF_INET6;
 #endif
@@ -1893,7 +1917,13 @@ static struct ConfEntry conf_serverinfo_table[] =
        { "vhost",              CF_QSTRING, conf_set_serverinfo_vhost,  0, NULL },
        { "vhost6",             CF_QSTRING, conf_set_serverinfo_vhost6, 0, NULL },
 
-       { "max_clients",        CF_INT,     NULL, 0, &ServerInfo.max_clients    },
+       { "ssl_private_key",    CF_QSTRING, NULL, 0, &ServerInfo.ssl_private_key },
+       { "ssl_ca_cert",        CF_QSTRING, NULL, 0, &ServerInfo.ssl_ca_cert },
+       { "ssl_cert",           CF_QSTRING, NULL, 0, &ServerInfo.ssl_cert },   
+       { "ssl_dh_params",      CF_QSTRING, NULL, 0, &ServerInfo.ssl_dh_params },
+       { "ssld_count",         CF_INT,     NULL, 0, &ServerInfo.ssld_count },
+
+       { "default_max_clients",CF_INT,     NULL, 0, &ServerInfo.default_max_clients },
 
        { "\0", 0, NULL, 0, NULL }
 };
@@ -1914,7 +1944,6 @@ static struct ConfEntry conf_log_table[] =
        { "fname_foperlog",     CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_foperlog   },
        { "fname_serverlog",    CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_serverlog  },
        { "fname_killlog",      CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_killlog    },
-       { "fname_glinelog",     CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_glinelog   },
        { "fname_klinelog",     CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_klinelog   },
        { "fname_operspylog",   CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_operspylog },
        { "fname_ioerrorlog",   CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_ioerrorlog },
@@ -2012,10 +2041,6 @@ static struct ConfEntry conf_general_table[] =
        { "disable_auth",       CF_YESNO, NULL, 0, &ConfigFileEntry.disable_auth        },
        { "dots_in_ident",      CF_INT,   NULL, 0, &ConfigFileEntry.dots_in_ident       },
        { "failed_oper_notice", CF_YESNO, NULL, 0, &ConfigFileEntry.failed_oper_notice  },
-       { "glines",             CF_YESNO, NULL, 0, &ConfigFileEntry.glines              },
-       { "gline_min_cidr",     CF_INT,   NULL, 0, &ConfigFileEntry.gline_min_cidr      },
-       { "gline_min_cidr6",    CF_INT,   NULL, 0, &ConfigFileEntry.gline_min_cidr6     },
-       { "gline_time",         CF_TIME,  NULL, 0, &ConfigFileEntry.gline_time          },
        { "global_snotices",    CF_YESNO, NULL, 0, &ConfigFileEntry.global_snotices     },
        { "hide_spoof_ips",     CF_YESNO, NULL, 0, &ConfigFileEntry.hide_spoof_ips      },
        { "dline_with_reason",  CF_YESNO, NULL, 0, &ConfigFileEntry.dline_with_reason   },
@@ -2099,6 +2124,7 @@ newconf_init()
 
        add_top_conf("listen", conf_begin_listen, conf_end_listen, NULL);
        add_conf_item("listen", "port", CF_INT | CF_FLIST, conf_set_listen_port);
+       add_conf_item("listen", "sslport", CF_INT | CF_FLIST, conf_set_listen_sslport);
        add_conf_item("listen", "ip", CF_QSTRING, conf_set_listen_address);
        add_conf_item("listen", "host", CF_QSTRING, conf_set_listen_address);