Add support for linking using SSL certificate fingerprints as the link credential...

[irc/rqf/shadowircd.git] / include / s_newconf.h

diff --git a/include/s_newconf.h b/include/s_newconf.h
index bd3282c69145308f8464a96f7a825c03f3b0da3c..dde364dd53203ffead03c30f0d272980b4c254bc 100644 (file)
--- a/include/s_newconf.h
+++ b/include/s_newconf.h
@@ -29,13 +29,13 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
- * $Id: s_newconf.h 1747 2006-07-25 21:22:45Z jilles $
  */
 
 #ifndef INCLUDED_s_newconf_h
 #define INCLUDED_s_newconf_h
 
 #include "setup.h"
+#include "privilege.h"
 
 #ifdef HAVE_LIBCRYPTO
 #include <openssl/rsa.h>
@@ -53,15 +53,12 @@ extern rb_dlink_list resv_conf_list;
 extern rb_dlink_list nd_list;
 extern rb_dlink_list tgchange_list;
 
-struct _rb_patricia_tree_t *tgchange_tree;
+extern struct _rb_patricia_tree_t *tgchange_tree;
 
 extern void init_s_newconf(void);
 extern void clear_s_newconf(void);
 extern void clear_s_newconf_bans(void);
 
-#define FREE_TARGET(x) ((x)->localClient->targinfo[0])
-#define USED_TARGETS(x) ((x)->localClient->targinfo[1])
-
 typedef struct
 {
        char *ip;
@@ -95,10 +92,15 @@ struct remote_conf
 #define SHARED_PRESV   0x0100
 #define SHARED_UNRESV  0x0200
 #define SHARED_REHASH  0x0400
+#define SHARED_TDLINE  0x0800
+#define SHARED_PDLINE  0x1000
+#define SHARED_UNDLINE 0x2000
+#define SHARED_DIE      0x4000
+#define SHARED_MODULE  0x8000
 
 #define SHARED_ALL     (SHARED_TKLINE | SHARED_PKLINE | SHARED_UNKLINE |\
                        SHARED_PXLINE | SHARED_TXLINE | SHARED_UNXLINE |\
-                       SHARED_TRESV | SHARED_PRESV | SHARED_UNRESV)
+                       SHARED_TRESV | SHARED_PRESV | SHARED_UNRESV | SHARED_REHASH)
 #define CLUSTER_ALL    (SHARED_ALL | SHARED_LOCOPS)
 
 /* flags used in hub/leaf */
@@ -111,12 +113,19 @@ struct oper_conf
        char *username;
        char *host;
        char *passwd;
+       char *certfp;
 
        int flags;
        int umodes;
 
        unsigned int snomask;
 
+       char *vhost;
+       char *swhois;
+       char *operstring;
+
+       struct PrivilegeSet *privset;
+
 #ifdef HAVE_LIBCRYPTO
        char *rsa_pubkey_file;
        RSA *rsa_pubkey;
@@ -134,53 +143,34 @@ extern void cluster_generic(struct Client *, const char *, int cltype,
                        int cap, const char *format, ...);
 
 #define OPER_ENCRYPTED 0x00001
-#define OPER_KLINE     0x00002
-#define OPER_UNKLINE   0x00004
-#define OPER_LOCKILL   0x00008
-#define OPER_GLOBKILL  0x00010
-#define OPER_REMOTE    0x00020
-#define OPER_GLINE     0x00040
-#define OPER_XLINE     0x00080
-#define OPER_RESV      0x00100
-#define OPER_NICKS     0x00200
-#define OPER_REHASH    0x00400
-#define OPER_DIE       0x00800
-#define OPER_ADMIN     0x01000
-#define OPER_HADMIN    0x02000
-#define OPER_OPERWALL  0x04000
-#define OPER_INVIS     0x08000
-#define OPER_SPY       0x10000
-#define OPER_REMOTEBAN 0x20000
-#define OPER_MASSNOTICE 0x40000
+#define OPER_NEEDSSL    0x80000
 /* 0x400000 and above are in client.h */
 
-#define OPER_FLAGS     (OPER_KLINE|OPER_UNKLINE|OPER_LOCKILL|OPER_GLOBKILL|\
-                        OPER_REMOTE|OPER_GLINE|OPER_XLINE|OPER_RESV|\
-                        OPER_NICKS|OPER_REHASH|OPER_DIE|OPER_ADMIN|\
-                        OPER_HADMIN|OPER_OPERWALL|OPER_INVIS|OPER_SPY|\
-                        OPER_REMOTEBAN|OPER_MASSNOTICE)
+#define OPER_FLAGS     0 /* no oper privs in Client.flags2/oper_conf.flags currently */
 
 #define IsOperConfEncrypted(x) ((x)->flags & OPER_ENCRYPTED)
-
-#define IsOperGlobalKill(x)     ((x)->flags2 & OPER_GLOBKILL)
-#define IsOperLocalKill(x)      ((x)->flags2 & OPER_LOCKILL)
-#define IsOperRemote(x)         ((x)->flags2 & OPER_REMOTE)
-#define IsOperUnkline(x)        ((x)->flags2 & OPER_UNKLINE)
-#define IsOperGline(x)          ((x)->flags2 & OPER_GLINE)
-#define IsOperN(x)              ((x)->flags2 & OPER_NICKS)
-#define IsOperK(x)              ((x)->flags2 & OPER_KLINE)
-#define IsOperXline(x)          ((x)->flags2 & OPER_XLINE)
-#define IsOperResv(x)           ((x)->flags2 & OPER_RESV)
-#define IsOperDie(x)            ((x)->flags2 & OPER_DIE)
-#define IsOperRehash(x)         ((x)->flags2 & OPER_REHASH)
-#define IsOperHiddenAdmin(x)    ((x)->flags2 & OPER_HADMIN)
-#define IsOperAdmin(x)          (((x)->flags2 & OPER_ADMIN) || \
-                                       ((x)->flags2 & OPER_HADMIN))
-#define IsOperOperwall(x)       ((x)->flags2 & OPER_OPERWALL)
-#define IsOperSpy(x)            ((x)->flags2 & OPER_SPY)
-#define IsOperInvis(x)          ((x)->flags2 & OPER_INVIS)
-#define IsOperRemoteBan(x)     ((x)->flags2 & OPER_REMOTEBAN)
-#define IsOperMassNotice(x)    ((x)->flags2 & OPER_MASSNOTICE)
+#define IsOperConfNeedSSL(x)   ((x)->flags & OPER_NEEDSSL)
+
+#define HasPrivilege(x, y)     ((x)->localClient != NULL && (x)->localClient->privset != NULL && privilegeset_in_set((x)->localClient->privset, (y)))
+
+#define IsOperGlobalKill(x)     (HasPrivilege((x), "oper:global_kill"))
+#define IsOperLocalKill(x)      (HasPrivilege((x), "oper:local_kill"))
+#define IsOperRemote(x)         (HasPrivilege((x), "oper:routing"))
+#define IsOperUnkline(x)        (HasPrivilege((x), "oper:unkline"))
+#define IsOperN(x)              (HasPrivilege((x), "snomask:nick_changes"))
+#define IsOperK(x)              (HasPrivilege((x), "oper:kline"))
+#define IsOperXline(x)          (HasPrivilege((x), "oper:xline"))
+#define IsOperResv(x)           (HasPrivilege((x), "oper:resv"))
+#define IsOperDie(x)            (HasPrivilege((x), "oper:die"))
+#define IsOperRehash(x)         (HasPrivilege((x), "oper:rehash"))
+#define IsOperHiddenAdmin(x)    (HasPrivilege((x), "oper:hidden_admin"))
+#define IsOperAdmin(x)          (HasPrivilege((x), "oper:admin") || HasPrivilege((x), "oper:hidden_admin"))
+#define IsOperOperwall(x)       (HasPrivilege((x), "oper:operwall"))
+#define IsOperSpy(x)            (HasPrivilege((x), "oper:spy"))
+#define IsOperOverride(x)       (HasPrivilege((x), "oper:override"))
+#define IsOperInvis(x)          (HasPrivilege((x), "oper:hidden"))
+#define IsOperRemoteBan(x)     (HasPrivilege((x), "oper:remoteban"))
+#define IsOperMassNotice(x)    (HasPrivilege((x), "oper:mass_notice"))
 
 extern struct oper_conf *make_oper_conf(void);
 extern void free_oper_conf(struct oper_conf *);
@@ -197,13 +187,14 @@ struct server_conf
        char *host;
        char *passwd;
        char *spasswd;
+       char *certfp;
        int port;
        int flags;
        int servers;
        time_t hold;
 
        int aftype;
-       struct irc_sockaddr_storage my_ipnum;
+       struct rb_sockaddr_storage my_ipnum;
 
        char *class_name;
        struct Class *class;
@@ -216,6 +207,7 @@ struct server_conf
 #define SERVER_COMPRESSED      0x0008
 #define SERVER_TB              0x0010
 #define SERVER_AUTOCONN                0x0020
+#define SERVER_SSL             0x0040
 
 #define ServerConfIllegal(x)   ((x)->flags & SERVER_ILLEGAL)
 #define ServerConfVhosted(x)   ((x)->flags & SERVER_VHOSTED)
@@ -223,6 +215,7 @@ struct server_conf
 #define ServerConfCompressed(x)        ((x)->flags & SERVER_COMPRESSED)
 #define ServerConfTb(x)                ((x)->flags & SERVER_TB)
 #define ServerConfAutoconn(x)  ((x)->flags & SERVER_AUTOCONN)
+#define ServerConfSSL(x)       ((x)->flags & SERVER_SSL)
 
 extern struct server_conf *make_server_conf(void);
 extern void free_server_conf(struct server_conf *);
@@ -233,8 +226,9 @@ extern struct server_conf *find_server_conf(const char *name);
 
 extern void attach_server_conf(struct Client *, struct server_conf *);
 extern void detach_server_conf(struct Client *);
-extern void set_server_conf_autoconn(struct Client *source_p, char *name, 
+extern void set_server_conf_autoconn(struct Client *source_p, const char *name, 
                                        int newval);
+extern void disable_server_conf_autoconn(const char *name);
 
 
 extern struct ConfItem *find_xline(const char *, int);