X-Git-Url: https://jfr.im/git/irc/rqf/shadowircd.git/blobdiff_plain/c6d5c019d03d73523498f5c15c3ff56fc9be6172..dfea673fca01367f92f12cb6f5844a97872de307:/src/s_conf.c diff --git a/src/s_conf.c b/src/s_conf.c index 74eecc5..2b3b45a 100644 --- a/src/s_conf.c +++ b/src/s_conf.c @@ -30,6 +30,7 @@ #include "s_newconf.h" #include "newconf.h" #include "s_serv.h" +#include "s_user.h" #include "s_stats.h" #include "channel.h" #include "class.h" @@ -50,6 +51,7 @@ #include "privilege.h" #include "sslproc.h" #include "bandbi.h" +#include "operhash.h" struct config_server_hide ConfigServerHide; @@ -62,6 +64,8 @@ extern char linebuf[]; static rb_bh *confitem_heap = NULL; +rb_dlink_list prop_bans; + rb_dlink_list temp_klines[LAST_TEMP_TYPE]; rb_dlink_list temp_dlines[LAST_TEMP_TYPE]; rb_dlink_list service_list; @@ -72,6 +76,7 @@ static void validate_conf(void); static void read_conf(FILE *); static void clear_out_old_conf(void); +static void expire_prop_bans(void *list); static void expire_temp_kd(void *list); static void reorganise_temp_kd(void *list); @@ -86,6 +91,8 @@ init_s_conf(void) { confitem_heap = rb_bh_create(sizeof(struct ConfItem), CONFITEM_HEAP_SIZE, "confitem_heap"); + rb_event_addish("expire_prop_bans", expire_prop_bans, &prop_bans, 60); + rb_event_addish("expire_temp_klines", expire_temp_kd, &temp_klines[TEMP_MIN], 60); rb_event_addish("expire_temp_dlines", expire_temp_kd, &temp_dlines[TEMP_MIN], 60); @@ -142,11 +149,15 @@ free_conf(struct ConfItem *aconf) rb_free(aconf->passwd); rb_free(aconf->spasswd); - rb_free(aconf->name); rb_free(aconf->className); rb_free(aconf->user); rb_free(aconf->host); + if(IsConfBan(aconf)) + operhash_delete(aconf->info.oper); + else + rb_free(aconf->info.name); + rb_bh_free(confitem_heap, aconf); } @@ -333,7 +344,7 @@ verify_access(struct Client *client_p, const char *username) if(aconf->flags & CONF_FLAGS_REDIR) { sendto_one_numeric(client_p, RPL_REDIR, form_str(RPL_REDIR), - aconf->name ? aconf->name : "", aconf->port); + aconf->info.name ? aconf->info.name : "", aconf->port); return (NOT_AUTHORISED); } @@ -350,35 +361,34 @@ verify_access(struct Client *client_p, const char *username) sendto_realops_snomask(SNO_GENERAL, L_ALL, "%s spoofing: %s as %s", client_p->name, - show_ip(NULL, client_p) ? client_p->host : aconf->name, - aconf->name); + show_ip(NULL, client_p) ? client_p->host : aconf->info.name, + aconf->info.name); } /* user@host spoof */ - if((p = strchr(aconf->name, '@')) != NULL) + if((p = strchr(aconf->info.name, '@')) != NULL) { char *host = p+1; *p = '\0'; - rb_strlcpy(client_p->username, aconf->name, + rb_strlcpy(client_p->username, aconf->info.name, sizeof(client_p->username)); rb_strlcpy(client_p->host, host, sizeof(client_p->host)); *p = '@'; } else - rb_strlcpy(client_p->host, aconf->name, sizeof(client_p->host)); + rb_strlcpy(client_p->host, aconf->info.name, sizeof(client_p->host)); } return (attach_iline(client_p, aconf)); } else if(aconf->status & CONF_KILL) { if(ConfigFileEntry.kline_with_reason) - { sendto_one(client_p, form_str(ERR_YOUREBANNEDCREEP), - me.name, client_p->name, aconf->passwd); - } + me.name, client_p->name, + get_user_ban_reason(aconf)); add_reject(client_p, aconf->user, aconf->host); return (BANNED_CLIENT); } @@ -474,14 +484,13 @@ attach_iline(struct Client *client_p, struct ConfItem *aconf) int local_count = 0; int global_count = 0; int ident_count = 0; - int unidented = 0; + int unidented; if(IsConfExemptLimits(aconf)) return (attach_conf(client_p, aconf)); - if(*client_p->username == '~') - unidented = 1; - + unidented = !IsGotId(client_p) && !IsNoTilde(aconf) && + (!IsConfDoSpoofIp(aconf) || !strchr(aconf->info.name, '@')); /* find_hostname() returns the head of the list to search */ RB_DLINK_FOREACH(ptr, find_hostname(client_p->host)) @@ -664,6 +673,8 @@ set_default_conf(void) ServerInfo.description = NULL; ServerInfo.network_name = rb_strdup(NETWORK_NAME_DEFAULT); ServerInfo.network_desc = rb_strdup(NETWORK_DESC_DEFAULT); + ServerInfo.helpchan = rb_strdup(""); + ServerInfo.helpurl = rb_strdup(""); memset(&ServerInfo.ip, 0, sizeof(ServerInfo.ip)); ServerInfo.specific_ipv4_vhost = 0; @@ -680,6 +691,8 @@ set_default_conf(void) ConfigFileEntry.default_operstring = rb_strdup("is an IRC operator"); ConfigFileEntry.default_adminstring = rb_strdup("is a Server Administrator"); + ConfigFileEntry.default_operhost = rb_strdup(""); + ConfigFileEntry.static_quit = rb_strdup(""); ConfigFileEntry.servicestring = rb_strdup("is a Network Service"); ConfigFileEntry.default_umodes = UMODE_INVISIBLE; @@ -693,6 +706,7 @@ set_default_conf(void) ConfigFileEntry.nick_delay = 900; /* 15 minutes */ ConfigFileEntry.target_change = YES; ConfigFileEntry.anti_spam_exit_message_time = 0; + ConfigFileEntry.use_part_messages = YES; ConfigFileEntry.ts_warn_delta = TS_WARN_DELTA_DEFAULT; ConfigFileEntry.ts_max_delta = TS_MAX_DELTA_DEFAULT; ConfigFileEntry.client_exit = YES; @@ -716,6 +730,7 @@ set_default_conf(void) ConfigFileEntry.pace_wait_simple = 1; ConfigFileEntry.short_motd = NO; ConfigFileEntry.no_oper_flood = NO; + ConfigFileEntry.true_no_oper_flood = NO; ConfigFileEntry.fname_userlog = NULL; ConfigFileEntry.fname_fuserlog = NULL; ConfigFileEntry.fname_operlog = NULL; @@ -735,6 +750,8 @@ set_default_conf(void) ConfigFileEntry.collision_fnc = YES; ConfigFileEntry.global_snotices = YES; ConfigFileEntry.operspy_dont_care_user_info = NO; + ConfigFileEntry.use_propagated_bans = YES; + ConfigFileEntry.secret_channels_in_whois = NO; #ifdef HAVE_LIBZ ConfigFileEntry.compression_level = 4; @@ -745,16 +762,23 @@ set_default_conf(void) ConfigFileEntry.oper_only_umodes = UMODE_SERVNOTICE; ConfigFileEntry.oper_snomask = SNO_GENERAL; + ConfigChannel.autochanmodes = rb_strdup("nt"); + ConfigChannel.exemptchanops = rb_strdup(""); + ConfigChannel.use_halfop = YES; + ConfigChannel.use_admin = YES; ConfigChannel.use_except = YES; ConfigChannel.use_invex = YES; ConfigChannel.use_knock = YES; ConfigChannel.use_forward = YES; + ConfigChannel.use_local_channels = YES; ConfigChannel.knock_delay = 300; ConfigChannel.knock_delay_channel = 60; ConfigChannel.max_chans_per_user = 15; ConfigChannel.max_bans = 25; ConfigChannel.max_bans_large = 500; ConfigChannel.only_ascii_channels = NO; + ConfigChannel.cycle_host_change = YES; + ConfigChannel.host_in_topic = YES; ConfigChannel.burst_topicwho = NO; ConfigChannel.kick_on_split_riding = NO; @@ -764,6 +788,14 @@ set_default_conf(void) ConfigChannel.no_create_on_split = YES; ConfigChannel.resv_forcepart = YES; + ConfigChannel.exempt_cmode_c = NO; + ConfigChannel.exempt_cmode_C = NO; + ConfigChannel.exempt_cmode_D = NO; + ConfigChannel.exempt_cmode_T = NO; + ConfigChannel.exempt_cmode_N = NO; + ConfigChannel.exempt_cmode_G = NO; + ConfigChannel.exempt_cmode_K = NO; + ConfigServerHide.flatten_links = 0; ConfigServerHide.links_delay = 300; ConfigServerHide.hidden = 0; @@ -772,6 +804,7 @@ set_default_conf(void) ConfigFileEntry.min_nonwildcard = 4; ConfigFileEntry.min_nonwildcard_simple = 3; ConfigFileEntry.default_floodcount = 8; + ConfigFileEntry.default_ident_timeout = 5; ConfigFileEntry.client_flood = CLIENT_FLOOD_DEFAULT; ConfigFileEntry.tkline_expire_notices = 0; @@ -780,6 +813,7 @@ set_default_conf(void) ConfigFileEntry.reject_duration = 120; ConfigFileEntry.throttle_count = 4; ConfigFileEntry.throttle_duration = 60; + ConfigFileEntry.expire_override_time = 300; ServerInfo.default_max_clients = MAXCONNECTIONS; @@ -858,6 +892,52 @@ validate_conf(void) splitmode = 0; splitchecking = 0; } + + if(!valid_hostname(ConfigFileEntry.default_operhost) && !EmptyString(ConfigFileEntry.default_operhost)) + { + conf_report_error("Warning -- invalid default_operhost specified, ignoring."); + ConfigFileEntry.default_operhost = rb_strdup(""); + } + + /* Parse the exemptchanops option and set the internal variables + * that we will use. */ + char * ech; + + for(ech = ConfigChannel.exemptchanops; *ech; ech++) + { + if(*ech == 'c') + { + ConfigChannel.exempt_cmode_c = 1; + continue; + } + if(*ech == 'C') + { + ConfigChannel.exempt_cmode_C = 1; + continue; + } + if(*ech == 'D') + { + ConfigChannel.exempt_cmode_D = 1; + continue; + } + if(*ech == 'T') + { + ConfigChannel.exempt_cmode_T = 1; + continue; + } + if(*ech == 'N') + { + ConfigChannel.exempt_cmode_N = 1; + continue; + } + if(*ech == 'G') + { + ConfigChannel.exempt_cmode_G = 1; + continue; + } + if(*ech == 'K') + ConfigChannel.exempt_cmode_K = 1; + } } /* add_temp_kline() @@ -929,6 +1009,192 @@ add_temp_dline(struct ConfItem *aconf) add_conf_by_address(aconf->host, CONF_DLINE, aconf->user, NULL, aconf); } +/* valid_wild_card() + * + * input - user buffer, host buffer + * output - 0 if invalid, 1 if valid + * side effects - + */ +int +valid_wild_card(const char *luser, const char *lhost) +{ + const char *p; + char tmpch; + int nonwild = 0; + int bitlen; + + /* user has no wildcards, always accept -- jilles */ + if(!strchr(luser, '?') && !strchr(luser, '*')) + return 1; + + /* check there are enough non wildcard chars */ + p = luser; + while((tmpch = *p++)) + { + if(!IsKWildChar(tmpch)) + { + /* found enough chars, return */ + if(++nonwild >= ConfigFileEntry.min_nonwildcard) + return 1; + } + } + + /* try host, as user didnt contain enough */ + /* special case for cidr masks -- jilles */ + if((p = strrchr(lhost, '/')) != NULL && IsDigit(p[1])) + { + bitlen = atoi(p + 1); + /* much like non-cidr for ipv6, rather arbitrary for ipv4 */ + if(bitlen > 0 + && bitlen >= + (strchr(lhost, ':') ? 4 * (ConfigFileEntry.min_nonwildcard - nonwild) : 6 - + 2 * nonwild)) + return 1; + } + else + { + p = lhost; + while((tmpch = *p++)) + { + if(!IsKWildChar(tmpch)) + if(++nonwild >= ConfigFileEntry.min_nonwildcard) + return 1; + } + } + + return 0; +} + +rb_dlink_node * +find_prop_ban(unsigned int status, const char *user, const char *host) +{ + rb_dlink_node *ptr; + struct ConfItem *aconf; + + RB_DLINK_FOREACH(ptr, prop_bans.head) + { + aconf = ptr->data; + + if((aconf->status & ~CONF_ILLEGAL) == status && + (!user || !aconf->user || + !irccmp(aconf->user, user)) && + !irccmp(aconf->host, host)) + return ptr; + } + return NULL; +} + +void +deactivate_conf(struct ConfItem *aconf, rb_dlink_node *ptr) +{ + int i; + + s_assert(ptr->data == aconf); + + switch (aconf->status) + { + case CONF_KILL: + if (aconf->lifetime == 0 && + aconf->flags & CONF_FLAGS_TEMPORARY) + for (i = 0; i < LAST_TEMP_TYPE; i++) + rb_dlinkFindDestroy(aconf, &temp_klines[i]); + /* Make sure delete_one_address_conf() does not + * free the aconf. + */ + aconf->clients++; + delete_one_address_conf(aconf->host, aconf); + aconf->clients--; + break; + case CONF_DLINE: + if (aconf->lifetime == 0 && + aconf->flags & CONF_FLAGS_TEMPORARY) + for (i = 0; i < LAST_TEMP_TYPE; i++) + rb_dlinkFindDestroy(aconf, &temp_dlines[i]); + aconf->clients++; + delete_one_address_conf(aconf->host, aconf); + aconf->clients--; + break; + case CONF_XLINE: + rb_dlinkFindDestroy(aconf, &xline_conf_list); + break; + case CONF_RESV_NICK: + rb_dlinkFindDestroy(aconf, &resv_conf_list); + break; + case CONF_RESV_CHANNEL: + del_from_resv_hash(aconf->host, aconf); + break; + } + if (aconf->lifetime != 0 && rb_current_time() < aconf->lifetime) + aconf->status |= CONF_ILLEGAL; + else + { + if (aconf->lifetime != 0) + rb_dlinkDestroy(ptr, &prop_bans); + free_conf(aconf); + } +} + +/* Given a new ban ConfItem, look for any matching ban, update the lifetime + * from it and delete it. + */ +void +replace_old_ban(struct ConfItem *aconf) +{ + rb_dlink_node *ptr; + struct ConfItem *oldconf; + + ptr = find_prop_ban(aconf->status, aconf->user, aconf->host); + if(ptr != NULL) + { + oldconf = ptr->data; + /* Remember at least as long as the old one. */ + if(oldconf->lifetime > aconf->lifetime) + aconf->lifetime = oldconf->lifetime; + /* Force creation time to increase. */ + if(oldconf->created >= aconf->created) + aconf->created = oldconf->created + 1; + /* Leave at least one second of validity. */ + if(aconf->hold <= aconf->created) + aconf->hold = aconf->created + 1; + if(aconf->lifetime < aconf->hold) + aconf->lifetime = aconf->hold; + /* Tell deactivate_conf() to destroy it. */ + oldconf->lifetime = rb_current_time(); + deactivate_conf(oldconf, ptr); + } +} + +static void +expire_prop_bans(void *list) +{ + rb_dlink_node *ptr; + rb_dlink_node *next_ptr; + struct ConfItem *aconf; + + RB_DLINK_FOREACH_SAFE(ptr, next_ptr, ((rb_dlink_list *) list)->head) + { + aconf = ptr->data; + + if(aconf->lifetime <= rb_current_time() || + (aconf->hold <= rb_current_time() && + !(aconf->status & CONF_ILLEGAL))) + { + /* Alert opers that a TKline expired - Hwy */ + /* XXX show what type of ban it is */ + if(ConfigFileEntry.tkline_expire_notices && + !(aconf->status & CONF_ILLEGAL)) + sendto_realops_snomask(SNO_GENERAL, L_ALL, + "Propagated ban for [%s%s%s] expired", + aconf->user ? aconf->user : "", + aconf->user ? "@" : "", + aconf->host ? aconf->host : "*"); + + /* will destroy or mark illegal */ + deactivate_conf(aconf, ptr); + } + } +} + /* expire_tkline() * * inputs - list pointer @@ -1047,7 +1313,7 @@ get_printable_conf(struct ConfItem *aconf, char **name, char **host, static char null[] = ""; static char zero[] = "default"; - *name = EmptyString(aconf->name) ? null : aconf->name; + *name = EmptyString(aconf->info.name) ? null : aconf->info.name; *host = EmptyString(aconf->host) ? null : aconf->host; *pass = EmptyString(aconf->passwd) ? null : aconf->passwd; *user = EmptyString(aconf->user) ? null : aconf->user; @@ -1055,21 +1321,55 @@ get_printable_conf(struct ConfItem *aconf, char **name, char **host, *port = (int) aconf->port; } +char * +get_user_ban_reason(struct ConfItem *aconf) +{ + static char reasonbuf[BUFSIZE]; + + if (aconf->flags & CONF_FLAGS_TEMPORARY && + (aconf->status == CONF_KILL || aconf->status == CONF_DLINE)) + rb_snprintf(reasonbuf, sizeof reasonbuf, + "Temporary %c-line %d min. - ", + aconf->status == CONF_DLINE ? 'D' : 'K', + (int)((aconf->hold - aconf->created) / 60)); + else + reasonbuf[0] = '\0'; + if (aconf->passwd) + rb_strlcat(reasonbuf, aconf->passwd, sizeof reasonbuf); + else + rb_strlcat(reasonbuf, "No Reason", sizeof reasonbuf); + if (aconf->created) + { + rb_strlcat(reasonbuf, " (", sizeof reasonbuf); + rb_strlcat(reasonbuf, smalldate(aconf->created), + sizeof reasonbuf); + rb_strlcat(reasonbuf, ")", sizeof reasonbuf); + } + return reasonbuf; +} + void get_printable_kline(struct Client *source_p, struct ConfItem *aconf, char **host, char **reason, char **user, char **oper_reason) { static char null[] = ""; + static char operreasonbuf[BUFSIZE]; *host = EmptyString(aconf->host) ? null : aconf->host; - *reason = EmptyString(aconf->passwd) ? null : aconf->passwd; *user = EmptyString(aconf->user) ? null : aconf->user; + *reason = get_user_ban_reason(aconf); - if(EmptyString(aconf->spasswd) || !IsOper(source_p)) + if(!IsOper(source_p)) *oper_reason = NULL; else - *oper_reason = aconf->spasswd; + { + rb_snprintf(operreasonbuf, sizeof operreasonbuf, "%s%s(%s)", + EmptyString(aconf->spasswd) ? "" : aconf->spasswd, + EmptyString(aconf->spasswd) ? "" : " ", + aconf->info.oper); + *oper_reason = operreasonbuf; + } } /* @@ -1174,6 +1474,10 @@ clear_out_old_conf(void) ServerInfo.network_name = NULL; rb_free(ServerInfo.network_desc); ServerInfo.network_desc = NULL; + rb_free(ServerInfo.helpchan); + ServerInfo.helpchan = NULL; + rb_free(ServerInfo.helpurl); + ServerInfo.helpurl = NULL; ServerInfo.ssld_count = 1;