X-Git-Url: https://jfr.im/git/irc/rqf/shadowircd.git/blobdiff_plain/212380e3f42f585dc1ea927402252eb943f91f7b..b37edd511a0db4a1705753a9072274ae310b864e:/src/s_conf.c diff --git a/src/s_conf.c b/src/s_conf.c index 6ca336a..1d6abd0 100644 --- a/src/s_conf.c +++ b/src/s_conf.c @@ -21,7 +21,7 @@ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA * - * $Id: s_conf.c 3131 2007-01-21 15:36:31Z jilles $ + * $Id: s_conf.c 3550 2007-08-09 06:47:26Z nenolod $ */ #include "stdinc.h" @@ -173,8 +173,6 @@ check_client(struct Client *client_p, struct Client *source_p, const char *usern { int i; - ClearAccess(source_p); - if((i = verify_access(source_p, username))) { ilog(L_FUSER, "Access denied: %s[%s]", @@ -188,10 +186,15 @@ check_client(struct Client *client_p, struct Client *source_p, const char *usern break; case TOO_MANY_LOCAL: + /* Note that these notices are sent to opers on other + * servers also, so even if local opers are allowed to + * see the IP, we still cannot send it. + */ sendto_realops_snomask(SNO_FULL, L_NETWIDE, "Too many local connections for %s!%s%s@%s", source_p->name, IsGotId(source_p) ? "" : "~", - source_p->username, source_p->sockhost); + source_p->username, + show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : source_p->host); ilog(L_FUSER, "Too many local connections from %s!%s%s@%s", source_p->name, IsGotId(source_p) ? "" : "~", @@ -205,7 +208,8 @@ check_client(struct Client *client_p, struct Client *source_p, const char *usern sendto_realops_snomask(SNO_FULL, L_NETWIDE, "Too many global connections for %s!%s%s@%s", source_p->name, IsGotId(source_p) ? "" : "~", - source_p->username, source_p->sockhost); + source_p->username, + show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : source_p->host); ilog(L_FUSER, "Too many global connections from %s!%s%s@%s", source_p->name, IsGotId(source_p) ? "" : "~", source_p->username, source_p->sockhost); @@ -218,7 +222,8 @@ check_client(struct Client *client_p, struct Client *source_p, const char *usern sendto_realops_snomask(SNO_FULL, L_NETWIDE, "Too many user connections for %s!%s%s@%s", source_p->name, IsGotId(source_p) ? "" : "~", - source_p->username, source_p->sockhost); + source_p->username, + show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : source_p->host); ilog(L_FUSER, "Too many user connections from %s!%s%s@%s", source_p->name, IsGotId(source_p) ? "" : "~", source_p->username, source_p->sockhost); @@ -232,7 +237,7 @@ check_client(struct Client *client_p, struct Client *source_p, const char *usern "I-line is full for %s!%s%s@%s (%s).", source_p->name, IsGotId(source_p) ? "" : "~", source_p->username, source_p->host, - source_p->sockhost); + show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : "255.255.255.255"); ilog(L_FUSER, "Too many connections from %s!%s%s@%s.", source_p->name, IsGotId(source_p) ? "" : "~", @@ -274,13 +279,12 @@ check_client(struct Client *client_p, struct Client *source_p, const char *usern source_p->name, IsGotId(source_p) ? "" : "~", source_p->username, source_p->sockhost, source_p->localClient->listener->name, port); - add_reject(client_p); + add_reject(client_p, NULL, NULL); exit_client(client_p, source_p, &me, "You are not authorised to use this server"); break; } case BANNED_CLIENT: - add_reject(client_p); exit_client(client_p, client_p, &me, "*** Banned "); ServerStats->is_ref++; break; @@ -330,16 +334,11 @@ verify_access(struct Client *client_p, const char *username) { if(aconf->flags & CONF_FLAGS_REDIR) { - sendto_one(client_p, form_str(RPL_REDIR), - me.name, client_p->name, + sendto_one_numeric(client_p, RPL_REDIR, form_str(RPL_REDIR), aconf->name ? aconf->name : "", aconf->port); return (NOT_AUTHORISED); } - - if(IsConfDoIdentd(aconf)) - SetNeedId(client_p); - /* Thanks for spoof idea amm */ if(IsConfDoSpoofIp(aconf)) { @@ -379,20 +378,22 @@ verify_access(struct Client *client_p, const char *username) if(ConfigFileEntry.kline_with_reason) { sendto_one(client_p, - ":%s NOTICE %s :*** Banned %s", + form_str(ERR_YOUREBANNEDCREEP), me.name, client_p->name, aconf->passwd); } + add_reject(client_p, aconf->user, aconf->host); return (BANNED_CLIENT); } else if(aconf->status & CONF_GLINE) { - sendto_one(client_p, ":%s NOTICE %s :*** G-lined", me.name, client_p->name); + sendto_one_notice(client_p, ":*** G-lined"); if(ConfigFileEntry.kline_with_reason) sendto_one(client_p, - ":%s NOTICE %s :*** Banned %s", + form_str(ERR_YOUREBANNEDCREEP), me.name, client_p->name, aconf->passwd); + add_reject(client_p, aconf->user, aconf->host); return (BANNED_CLIENT); } @@ -597,9 +598,7 @@ attach_conf(struct Client *client_p, struct ConfItem *aconf) } else { - sendto_one(client_p, ":%s NOTICE %s :*** I: line is full, but you have an >I: line!", - me.name, client_p->name); - SetExemptLimits(client_p); + sendto_one_notice(client_p, ":*** I: line is full, but you have an >I: line!"); } } @@ -732,7 +731,6 @@ set_default_conf(void) memset(&ServerInfo.ip6, 0, sizeof(ServerInfo.ip6)); ServerInfo.specific_ipv6_vhost = 0; #endif - ServerInfo.use_ts6 = YES; /* Don't reset hub, as that will break lazylinks */ /* ServerInfo.hub = NO; */ @@ -794,7 +792,6 @@ set_default_conf(void) ConfigFileEntry.gline_min_cidr6 = 48; ConfigFileEntry.hide_spoof_ips = YES; ConfigFileEntry.hide_error_messages = 1; - ConfigFileEntry.idletime = 0; ConfigFileEntry.dots_in_ident = 0; ConfigFileEntry.max_targets = MAX_TARGETS_DEFAULT; DupString(ConfigFileEntry.servlink_path, SLPATH); @@ -824,7 +821,6 @@ set_default_conf(void) ConfigChannel.max_bans = 25; ConfigChannel.max_bans_large = 500; ConfigChannel.burst_topicwho = NO; - ConfigChannel.invite_ops_only = YES; ConfigChannel.kick_on_split_riding = NO; ConfigChannel.default_split_user_count = 15000; @@ -846,7 +842,9 @@ set_default_conf(void) ConfigFileEntry.reject_after_count = 5; ConfigFileEntry.reject_ban_time = 300; ConfigFileEntry.reject_duration = 120; - + ConfigFileEntry.max_unknown_ip = 2; + + ServerInfo.max_clients = comm_get_maxconnections() - MAX_BUFFER; } #undef YES @@ -894,8 +892,6 @@ validate_conf(void) (ConfigFileEntry.client_flood > CLIENT_FLOOD_MAX)) ConfigFileEntry.client_flood = CLIENT_FLOOD_MAX; - GlobalSetOptions.idletime = (ConfigFileEntry.idletime * 60); - if(!split_users || !split_servers || (!ConfigChannel.no_create_on_split && !ConfigChannel.no_join_on_split)) { @@ -1194,6 +1190,19 @@ read_conf_files(int cold) fclose(conf_fbfile_in); } +/* + * free an alias{} entry. + */ +static void +free_alias_cb(struct DictionaryElement *ptr, void *unused) +{ + struct alias_entry *aptr = ptr->data; + + MyFree(aptr->name); + MyFree(aptr->target); + MyFree(aptr); +} + /* * clear_out_old_conf * @@ -1207,7 +1216,6 @@ clear_out_old_conf(void) struct Class *cltmp; dlink_node *ptr; dlink_node *next_ptr; - int i; /* * don't delete the class table, rather mark all entries @@ -1264,19 +1272,8 @@ clear_out_old_conf(void) } /* remove any aliases... -- nenolod */ - for (i = 0; i < MAX_MSG_HASH; i++) - { - DLINK_FOREACH_SAFE(ptr, next_ptr, alias_hash_table[i].head) - { - struct alias_entry *aptr = ptr->data; - - MyFree(aptr->name); - MyFree(aptr->target); - MyFree(aptr); - - dlinkDestroy(ptr, &alias_hash_table[i]); - } - } + irc_dictionary_destroy(alias_dict, free_alias_cb, NULL); + alias_dict = NULL; destroy_blacklists(); @@ -1355,9 +1352,7 @@ write_confitem(KlineType type, struct Client *source_p, char *user, reason, oper_reason); } - sendto_one(source_p, - ":%s NOTICE %s :Added D-Line [%s] to %s", me.name, - source_p->name, host, filename); + sendto_one_notice(source_p, ":Added D-Line [%s] to %s", host, filename); } else if(type == RESV_TYPE)