X-Git-Url: https://jfr.im/git/irc/rqf/shadowircd.git/blobdiff_plain/6e9b4415cce8808ad39f90612f0218274f3cb1c1..4f2b6c0b38c14c1e93e599e3dc26e7e3554a934b:/src/s_conf.c

diff --git a/src/s_conf.c b/src/s_conf.c
index cb27d7b..11f6f2a 100644
--- a/src/s_conf.c
+++ b/src/s_conf.c
@@ -35,24 +35,22 @@
 #include "client.h"
 #include "common.h"
 #include "hash.h"
-#include "irc_string.h"
-#include "sprintf_irc.h"
+#include "match.h"
 #include "ircd.h"
 #include "listener.h"
 #include "hostmask.h"
 #include "modules.h"
 #include "numeric.h"
-#include "s_log.h"
+#include "logger.h"
 #include "send.h"
-#include "s_gline.h"
-#include "patricia.h"
 #include "reject.h"
 #include "cache.h"
 #include "blacklist.h"
+#include "sslproc.h"
 
 struct config_server_hide ConfigServerHide;
 
-extern int yyparse();		/* defined in y.tab.c */
+extern int yyparse(void);		/* defined in y.tab.c */
 extern char linebuf[];
 
 #ifndef INADDR_NONE
@@ -83,22 +81,22 @@ static int attach_iline(struct Client *, struct ConfItem *);
 void
 init_s_conf(void)
 {
-	confitem_heap = rb_bh_create(sizeof(struct ConfItem), CONFITEM_HEAP_SIZE);
+	confitem_heap = rb_bh_create(sizeof(struct ConfItem), CONFITEM_HEAP_SIZE, "confitem_heap");
 
-	eventAddIsh("expire_temp_klines", expire_temp_kd, &temp_klines[TEMP_MIN], 60);
-	eventAddIsh("expire_temp_dlines", expire_temp_kd, &temp_dlines[TEMP_MIN], 60);
+	rb_event_addish("expire_temp_klines", expire_temp_kd, &temp_klines[TEMP_MIN], 60);
+	rb_event_addish("expire_temp_dlines", expire_temp_kd, &temp_dlines[TEMP_MIN], 60);
 
-	eventAddIsh("expire_temp_klines_hour", reorganise_temp_kd,
+	rb_event_addish("expire_temp_klines_hour", reorganise_temp_kd,
 			&temp_klines[TEMP_HOUR], 3600);
-	eventAddIsh("expire_temp_dlines_hour", reorganise_temp_kd,
+	rb_event_addish("expire_temp_dlines_hour", reorganise_temp_kd,
 			&temp_dlines[TEMP_HOUR], 3600);
-	eventAddIsh("expire_temp_klines_day", reorganise_temp_kd,
+	rb_event_addish("expire_temp_klines_day", reorganise_temp_kd,
 			&temp_klines[TEMP_DAY], 86400);
-	eventAddIsh("expire_temp_dlines_day", reorganise_temp_kd,
+	rb_event_addish("expire_temp_dlines_day", reorganise_temp_kd,
 			&temp_dlines[TEMP_DAY], 86400);
-	eventAddIsh("expire_temp_klines_week", reorganise_temp_kd,
+	rb_event_addish("expire_temp_klines_week", reorganise_temp_kd,
 			&temp_klines[TEMP_WEEK], 604800);
-	eventAddIsh("expire_temp_dlines_week", reorganise_temp_kd,
+	rb_event_addish("expire_temp_dlines_week", reorganise_temp_kd,
 			&temp_dlines[TEMP_WEEK], 604800);
 }
 
@@ -195,7 +193,7 @@ check_client(struct Client *client_p, struct Client *source_p, const char *usern
 			source_p->name, IsGotId(source_p) ? "" : "~",
 			source_p->username, source_p->sockhost);	
 
-		ServerStats->is_ref++;
+		ServerStats.is_ref++;
 		exit_client(client_p, source_p, &me, "Too many host connections (local)");
 		break;
 
@@ -209,7 +207,7 @@ check_client(struct Client *client_p, struct Client *source_p, const char *usern
 			source_p->name, IsGotId(source_p) ? "" : "~",
 			source_p->username, source_p->sockhost);
 
-		ServerStats->is_ref++;
+		ServerStats.is_ref++;
 		exit_client(client_p, source_p, &me, "Too many host connections (global)");
 		break;
 
@@ -223,7 +221,7 @@ check_client(struct Client *client_p, struct Client *source_p, const char *usern
 			source_p->name, IsGotId(source_p) ? "" : "~",
 			source_p->username, source_p->sockhost);
 
-		ServerStats->is_ref++;
+		ServerStats.is_ref++;
 		exit_client(client_p, source_p, &me, "Too many user connections (global)");
 		break;
 
@@ -238,7 +236,7 @@ check_client(struct Client *client_p, struct Client *source_p, const char *usern
 			source_p->name, IsGotId(source_p) ? "" : "~",
 			source_p->username, source_p->sockhost);
 
-		ServerStats->is_ref++;
+		ServerStats.is_ref++;
 		exit_client(client_p, source_p, &me,
 			    "No more connections allowed in your connection class");
 		break;
@@ -246,20 +244,20 @@ check_client(struct Client *client_p, struct Client *source_p, const char *usern
 	case NOT_AUTHORISED:
 		{
 			int port = -1;
-#ifdef IPV6
+#ifdef RB_IPV6
 			if(source_p->localClient->ip.ss_family == AF_INET6)
 				port = ntohs(((struct sockaddr_in6 *)&source_p->localClient->listener->addr)->sin6_port);
 			else
 #endif
 				port = ntohs(((struct sockaddr_in *)&source_p->localClient->listener->addr)->sin_port);
 			
-			ServerStats->is_ref++;
+			ServerStats.is_ref++;
 			/* jdc - lists server name & port connections are on */
 			/*       a purely cosmetical change */
 			/* why ipaddr, and not just source_p->sockhost? --fl */
 #if 0
 			static char ipaddr[HOSTIPLEN];
-			inetntop_sock(&source_p->localClient->ip, ipaddr, sizeof(ipaddr));
+			rb_inet_ntop_sock(&source_p->localClient->ip, ipaddr, sizeof(ipaddr));
 #endif
 			sendto_realops_snomask(SNO_UNAUTH, L_ALL,
 					"Unauthorised client connection from "
@@ -281,7 +279,7 @@ check_client(struct Client *client_p, struct Client *source_p, const char *usern
 		}
 	case BANNED_CLIENT:
 		exit_client(client_p, client_p, &me, "*** Banned ");
-		ServerStats->is_ref++;
+		ServerStats.is_ref++;
 		break;
 
 	case 0:
@@ -310,16 +308,18 @@ verify_access(struct Client *client_p, const char *username)
 		aconf = find_address_conf(client_p->host, client_p->sockhost, 
 					client_p->username, client_p->username,
 					(struct sockaddr *) &client_p->localClient->ip,
-					client_p->localClient->ip.ss_family);
+					client_p->localClient->ip.ss_family,
+					client_p->localClient->auth_user);
 	}
 	else
 	{
-		strlcpy(non_ident, "~", sizeof(non_ident));
-		strlcat(non_ident, username, sizeof(non_ident));
+		rb_strlcpy(non_ident, "~", sizeof(non_ident));
+		rb_strlcat(non_ident, username, sizeof(non_ident));
 		aconf = find_address_conf(client_p->host, client_p->sockhost,
 					non_ident, client_p->username,
 					(struct sockaddr *) &client_p->localClient->ip,
-					client_p->localClient->ip.ss_family);
+					client_p->localClient->ip.ss_family,
+					client_p->localClient->auth_user);
 	}
 
 	if(aconf == NULL)
@@ -357,14 +357,14 @@ verify_access(struct Client *client_p, const char *username)
 				char *host = p+1;
 				*p = '\0';
 
-				strlcpy(client_p->username, aconf->name,
+				rb_strlcpy(client_p->username, aconf->name,
 					sizeof(client_p->username));
-				strlcpy(client_p->host, host,
+				rb_strlcpy(client_p->host, host,
 					sizeof(client_p->host));
 				*p = '@';
 			}
 			else
-				strlcpy(client_p->host, aconf->name, sizeof(client_p->host));
+				rb_strlcpy(client_p->host, aconf->name, sizeof(client_p->host));
 		}
 		return (attach_iline(client_p, aconf));
 	}
@@ -379,18 +379,6 @@ verify_access(struct Client *client_p, const char *username)
 		add_reject(client_p, aconf->user, aconf->host);
 		return (BANNED_CLIENT);
 	}
-	else if(aconf->status & CONF_GLINE)
-	{
-		sendto_one_notice(client_p, ":*** G-lined");
-
-		if(ConfigFileEntry.kline_with_reason)
-			sendto_one(client_p,
-					form_str(ERR_YOUREBANNEDCREEP),
-					me.name, client_p->name, aconf->passwd);
-
-		add_reject(client_p, aconf->user, aconf->host);
-		return (BANNED_CLIENT);
-	}
 
 	return NOT_AUTHORISED;
 }
@@ -408,13 +396,13 @@ verify_access(struct Client *client_p, const char *username)
 static int
 add_ip_limit(struct Client *client_p, struct ConfItem *aconf)
 {
-	patricia_node_t *pnode;
+	rb_patricia_node_t *pnode;
 
 	/* If the limits are 0 don't do anything.. */
 	if(ConfCidrAmount(aconf) == 0 || ConfCidrBitlen(aconf) == 0)
 		return -1;
 
-	pnode = match_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip);
+	pnode = rb_match_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip);
 
 	if(pnode == NULL)
 		pnode = make_and_lookup_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip, ConfCidrBitlen(aconf));
@@ -429,7 +417,7 @@ add_ip_limit(struct Client *client_p, struct ConfItem *aconf)
 			/* This should only happen if the limits are set to 0 */
 			if((unsigned long) pnode->data == 0)
 			{
-				patricia_remove(ConfIpLimits(aconf), pnode);
+				rb_patricia_remove(ConfIpLimits(aconf), pnode);
 			}
 			return (0);
 		}
@@ -442,20 +430,20 @@ add_ip_limit(struct Client *client_p, struct ConfItem *aconf)
 static void
 remove_ip_limit(struct Client *client_p, struct ConfItem *aconf)
 {
-	patricia_node_t *pnode;
+	rb_patricia_node_t *pnode;
 
 	/* If the limits are 0 don't do anything.. */
 	if(ConfCidrAmount(aconf) == 0 || ConfCidrBitlen(aconf) == 0)
 		return;
 
-	pnode = match_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip);
+	pnode = rb_match_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip);
 	if(pnode == NULL)
 		return;
 
 	pnode->data--;
 	if(((unsigned long) pnode->data) == 0)
 	{
-		patricia_remove(ConfIpLimits(aconf), pnode);
+		rb_patricia_remove(ConfIpLimits(aconf), pnode);
 	}
 
 }
@@ -629,9 +617,9 @@ rehash(int sig)
 	read_conf_files(NO);
 
 	if(ServerInfo.description != NULL)
-		strlcpy(me.info, ServerInfo.description, sizeof(me.info));
+		rb_strlcpy(me.info, ServerInfo.description, sizeof(me.info));
 	else
-		strlcpy(me.info, "unknown", sizeof(me.info));
+		rb_strlcpy(me.info, "unknown", sizeof(me.info));
 
 	open_logfiles();
 	return (0);
@@ -722,7 +710,7 @@ set_default_conf(void)
 
 	memset(&ServerInfo.ip, 0, sizeof(ServerInfo.ip));
 	ServerInfo.specific_ipv4_vhost = 0;
-#ifdef IPV6
+#ifdef RB_IPV6
 	memset(&ServerInfo.ip6, 0, sizeof(ServerInfo.ip6));
 	ServerInfo.specific_ipv6_vhost = 0;
 #endif
@@ -776,20 +764,14 @@ set_default_conf(void)
 	ConfigFileEntry.fname_operlog = NULL;
 	ConfigFileEntry.fname_foperlog = NULL;
 	ConfigFileEntry.fname_serverlog = NULL;
-	ConfigFileEntry.fname_glinelog = NULL;
 	ConfigFileEntry.fname_klinelog = NULL;
 	ConfigFileEntry.fname_operspylog = NULL;
 	ConfigFileEntry.fname_ioerrorlog = NULL;
-	ConfigFileEntry.glines = NO;
 	ConfigFileEntry.use_egd = NO;
-	ConfigFileEntry.gline_time = 12 * 3600;
-	ConfigFileEntry.gline_min_cidr = 16;
-	ConfigFileEntry.gline_min_cidr6 = 48;
 	ConfigFileEntry.hide_spoof_ips = YES;
 	ConfigFileEntry.hide_error_messages = 1;
 	ConfigFileEntry.dots_in_ident = 0;
 	ConfigFileEntry.max_targets = MAX_TARGETS_DEFAULT;
-	ConfigFileEntry.servlink_path = rb_strdup(SLPATH);
 	ConfigFileEntry.egdpool_path = NULL;
 	ConfigFileEntry.use_whois_actually = YES;
 	ConfigFileEntry.burst_away = NO;
@@ -837,9 +819,10 @@ set_default_conf(void)
         ConfigFileEntry.reject_after_count = 5;
 	ConfigFileEntry.reject_ban_time = 300;  
 	ConfigFileEntry.reject_duration = 120;
-	ConfigFileEntry.max_unknown_ip = 2;
+	ConfigFileEntry.throttle_count = 4;
+	ConfigFileEntry.throttle_duration = 60;
 
-	ServerInfo.max_clients = rb_get_maxconnections() - MAX_BUFFER;
+	ServerInfo.default_max_clients = MAXCONNECTIONS;
 }
 
 #undef YES
@@ -874,15 +857,32 @@ validate_conf(void)
 	if(ConfigFileEntry.ts_max_delta < TS_MAX_DELTA_MIN)
 		ConfigFileEntry.ts_max_delta = TS_MAX_DELTA_DEFAULT;
 
-	if(ConfigFileEntry.servlink_path == NULL)
-		ConfigFileEntry.servlink_path = rb_strdup(SLPATH);
-
 	if(ServerInfo.network_name == NULL)
 		ServerInfo.network_name = rb_strdup(NETWORK_NAME_DEFAULT);
 
 	if(ServerInfo.network_desc == NULL)
 		ServerInfo.network_desc = rb_strdup(NETWORK_DESC_DEFAULT);
 
+	if(ServerInfo.ssld_count < 1)
+		ServerInfo.ssld_count = 1;
+
+	if(!rb_setup_ssl_server(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params))
+	{
+		ilog(L_MAIN, "WARNING: Unable to setup SSL.");
+		ssl_ok = 0;
+	} else {
+		ssl_ok = 1;
+		send_new_ssl_certs(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params);
+	}
+
+	if(ServerInfo.ssld_count > get_ssld_count())
+	{
+		int start = ServerInfo.ssld_count - get_ssld_count();
+		/* start up additional ssld if needed */
+		start_ssldaemon(start, ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params);
+				
+	}
+
 	if((ConfigFileEntry.client_flood < CLIENT_FLOOD_MIN) ||
 	   (ConfigFileEntry.client_flood > CLIENT_FLOOD_MAX))
 		ConfigFileEntry.client_flood = CLIENT_FLOOD_MAX;
@@ -890,41 +890,13 @@ validate_conf(void)
 	if(!split_users || !split_servers ||
 	   (!ConfigChannel.no_create_on_split && !ConfigChannel.no_join_on_split))
 	{
-		eventDelete(check_splitmode, NULL);
+		rb_event_delete(check_splitmode_ev);
+		check_splitmode_ev = NULL;
 		splitmode = 0;
 		splitchecking = 0;
 	}
 }
 
-/*
- * lookup_confhost - start DNS lookups of all hostnames in the conf
- * line and convert an IP addresses in a.b.c.d number for to IP#s.
- *
- */
-
-/*
- * conf_connect_allowed
- *
- * inputs	- pointer to inaddr
- *		- int type ipv4 or ipv6
- * output	- ban info or NULL
- * side effects	- none
- */
-struct ConfItem *
-conf_connect_allowed(struct sockaddr *addr, int aftype)
-{
-	struct ConfItem *aconf = find_dline(addr, aftype);
-
-	/* DLINE exempt also gets you out of static limits/pacing... */
-	if(aconf && (aconf->status & CONF_EXEMPTDLINE))
-		return NULL;
-
-	if(aconf != NULL)
-		return aconf;
-
-	return NULL;
-}
-
 /* add_temp_kline()
  *
  * inputs        - pointer to struct ConfItem
@@ -957,7 +929,7 @@ add_temp_kline(struct ConfItem *aconf)
 	}
 
 	aconf->flags |= CONF_FLAGS_TEMPORARY;
-	add_conf_by_address(aconf->host, CONF_KILL, aconf->user, aconf);
+	add_conf_by_address(aconf->host, CONF_KILL, aconf->user, NULL, aconf);
 }
 
 /* add_temp_dline()
@@ -991,7 +963,7 @@ add_temp_dline(struct ConfItem *aconf)
 	}
 
 	aconf->flags |= CONF_FLAGS_TEMPORARY;
-	add_conf_by_address(aconf->host, CONF_DLINE, aconf->user, aconf);
+	add_conf_by_address(aconf->host, CONF_DLINE, aconf->user, NULL, aconf);
 }
 
 /* expire_tkline()
@@ -1159,7 +1131,7 @@ read_conf_files(int cold)
 
 	   - Gozem 2002-07-21 
 	 */
-	strlcpy(conffilebuf, filename, sizeof(conffilebuf));
+	rb_strlcpy(conffilebuf, filename, sizeof(conffilebuf));
 
 	if((conf_fbfile_in = fopen(filename, "r")) == NULL)
 	{
@@ -1240,6 +1212,8 @@ clear_out_old_conf(void)
 	rb_free(ServerInfo.network_desc);
 	ServerInfo.network_desc = NULL;
 
+	ServerInfo.ssld_count = 1;
+
 	/* clean out AdminInfo */
 	rb_free(AdminInfo.name);
 	AdminInfo.name = NULL;
@@ -1257,8 +1231,8 @@ clear_out_old_conf(void)
 	 */
 
 	/* clean out general */
-	rb_free(ConfigFileEntry.servlink_path);
-	ConfigFileEntry.servlink_path = NULL;
+	rb_free(ConfigFileEntry.kline_reason);
+	ConfigFileEntry.kline_reason = NULL;
 
 	RB_DLINK_FOREACH_SAFE(ptr, next_ptr, service_list.head)
 	{
@@ -1377,18 +1351,18 @@ write_confitem(KlineType type, struct Client *source_p, char *user,
 		rb_snprintf(buffer, sizeof(buffer),
 			   "\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",%ld\n",
 			   user, host, reason, oper_reason, current_date,
-			   get_oper_name(source_p), rb_current_time());
+			   get_oper_name(source_p), (long int)rb_current_time());
 	}
 	else if(type == DLINE_TYPE)
 	{
 		rb_snprintf(buffer, sizeof(buffer),
 			   "\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",%ld\n", host,
-			   reason, oper_reason, current_date, get_oper_name(source_p), rb_current_time());
+			   reason, oper_reason, current_date, get_oper_name(source_p), (long int)rb_current_time());
 	}
 	else if(type == RESV_TYPE)
 	{
 		rb_snprintf(buffer, sizeof(buffer), "\"%s\",\"%s\",\"%s\",%ld\n",
-			   host, reason, get_oper_name(source_p), rb_current_time());
+			   host, reason, get_oper_name(source_p), (long int)rb_current_time());
 	}
 
 	if(fputs(buffer, out) == -1)
@@ -1499,10 +1473,28 @@ conf_add_d_conf(struct ConfItem *aconf)
 	}
 	else
 	{
-		add_conf_by_address(aconf->host, CONF_DLINE, NULL, aconf);
+		add_conf_by_address(aconf->host, CONF_DLINE, NULL, NULL, aconf);
 	}
 }
 
+static char *
+strip_tabs(char *dest, const char *src, size_t len)
+{
+	char *d = dest;
+
+	if(dest == NULL || src == NULL)
+		return NULL;
+
+	rb_strlcpy(dest, src, len);
+
+	while(*d)
+	{
+		if(*d == '\t')
+			*d = ' ';
+		d++;
+	}
+	return dest;
+}
 
 /*
  * yyerror
@@ -1516,7 +1508,7 @@ yyerror(const char *msg)
 {
 	char newlinebuf[BUFSIZE];
 
-	strip_tabs(newlinebuf, (const unsigned char *) linebuf, strlen(linebuf));
+	strip_tabs(newlinebuf, linebuf, strlen(linebuf));
 
 	sendto_realops_snomask(SNO_GENERAL, L_ALL, "\"%s\", line %d: %s at '%s'",
 			     conffilebuf, lineno + 1, msg, newlinebuf);