X-Git-Url: https://jfr.im/git/irc/rqf/shadowircd.git/blobdiff_plain/d99380b61b3fa166d2105bc017508392dbb38939..c6d5c019d03d73523498f5c15c3ff56fc9be6172:/src/s_user.c diff --git a/src/s_user.c b/src/s_user.c index 2501ac4..d8be934 100644 --- a/src/s_user.c +++ b/src/s_user.c @@ -31,7 +31,7 @@ #include "client.h" #include "common.h" #include "hash.h" -#include "irc_string.h" +#include "match.h" #include "ircd.h" #include "listener.h" #include "msg.h" @@ -53,12 +53,11 @@ #include "snomask.h" #include "blacklist.h" #include "substitution.h" +#include "chmode.h" static void report_and_set_user_flags(struct Client *, struct ConfItem *); void user_welcome(struct Client *source_p); -extern char *crypt(); - char umodebuf[128]; static int orphaned_umodes = 0; @@ -315,6 +314,14 @@ register_local_user(struct Client *client_p, struct Client *source_p, const char return (CLIENT_EXITED); } + if(IsConfSSLNeeded(aconf) && !IsSSL(source_p)) + { + ServerStats.is_ref++; + sendto_one_notice(source_p, ":*** Notice -- You need to use SSL/TLS to use this server"); + exit_client(client_p, source_p, &me, "Use SSL/TLS"); + return (CLIENT_EXITED); + } + if(!IsGotId(source_p)) { const char *p; @@ -363,7 +370,7 @@ register_local_user(struct Client *client_p, struct Client *source_p, const char if(EmptyString(source_p->localClient->passwd)) encr = ""; else if(IsConfEncrypted(aconf)) - encr = crypt(source_p->localClient->passwd, aconf->passwd); + encr = rb_crypt(source_p->localClient->passwd, aconf->passwd); else encr = source_p->localClient->passwd; @@ -413,7 +420,7 @@ register_local_user(struct Client *client_p, struct Client *source_p, const char (xconf = find_xline(source_p->info, 1)) != NULL) { ServerStats.is_ref++; - add_reject(source_p, xconf->name, NULL); + add_reject(source_p, xconf->host, NULL); exit_client(client_p, source_p, &me, "Bad user info"); return CLIENT_EXITED; } @@ -528,7 +535,6 @@ register_local_user(struct Client *client_p, struct Client *source_p, const char Count.invisi++; s_assert(!IsClient(source_p)); - del_unknown_ip(source_p); rb_dlinkMoveNode(&source_p->localClient->tnode, &unknown_list, &lclient_list); SetClient(source_p); @@ -555,7 +561,9 @@ register_local_user(struct Client *client_p, struct Client *source_p, const char /* they get a reduced limit */ if(find_tgchange(source_p->sockhost)) - USED_TARGETS(source_p) = 6; + source_p->localClient->targets_free = TGCHANGE_INITIAL_LOW; + else + source_p->localClient->targets_free = TGCHANGE_INITIAL; monitor_signon(source_p); user_welcome(source_p); @@ -582,6 +590,7 @@ introduce_client(struct Client *client_p, struct Client *source_p, struct User * char *p; hook_data_umode_changed hdata; hook_data_client hdata2; + char sockhost[HOSTLEN]; if(MyClient(source_p)) send_umode(source_p, source_p, 0, 0, ubuf); @@ -594,70 +603,53 @@ introduce_client(struct Client *client_p, struct Client *source_p, struct User * ubuf[1] = '\0'; } - /* if it has an ID, introduce it with its id to TS6 servers, - * otherwise introduce it normally to all. - */ - if(has_id(source_p)) + s_assert(has_id(source_p)); + + if(source_p->sockhost[0] == ':') { - char sockhost[HOSTLEN]; - if(source_p->sockhost[0] == ':') - { - sockhost[0] = '0'; - sockhost[1] = '\0'; - rb_strlcat(sockhost, source_p->sockhost, sizeof(sockhost)); - } else - strcpy(sockhost, source_p->sockhost); + sockhost[0] = '0'; + sockhost[1] = '\0'; + rb_strlcat(sockhost, source_p->sockhost, sizeof(sockhost)); + } else + strcpy(sockhost, source_p->sockhost); - if (use_euid) - sendto_server(client_p, NULL, CAP_EUID | CAP_TS6, NOCAPS, - ":%s EUID %s %d %ld %s %s %s %s %s %s %s :%s", - source_p->servptr->id, nick, - source_p->hopcount + 1, - (long) source_p->tsinfo, ubuf, - source_p->username, source_p->host, - IsIPSpoof(source_p) ? "0" : sockhost, - source_p->id, - IsDynSpoof(source_p) ? source_p->orighost : "*", - EmptyString(source_p->user->suser) ? "*" : source_p->user->suser, - source_p->info); - - sendto_server(client_p, NULL, CAP_TS6, use_euid ? CAP_EUID : NOCAPS, - ":%s UID %s %d %ld %s %s %s %s %s :%s", - source_p->servptr->id, nick, - source_p->hopcount + 1, - (long) source_p->tsinfo, ubuf, - source_p->username, source_p->host, - IsIPSpoof(source_p) ? "0" : sockhost, - source_p->id, source_p->info); - - sendto_server(client_p, NULL, NOCAPS, CAP_TS6, - "NICK %s %d %ld %s %s %s %s :%s", - nick, source_p->hopcount + 1, - (long) source_p->tsinfo, - ubuf, source_p->username, source_p->host, - source_p->servptr->name, source_p->info); - } - else - sendto_server(client_p, NULL, NOCAPS, NOCAPS, - "NICK %s %d %ld %s %s %s %s :%s", - nick, source_p->hopcount + 1, - (long) source_p->tsinfo, - ubuf, source_p->username, source_p->host, - source_p->servptr->name, source_p->info); + if (use_euid) + sendto_server(client_p, NULL, CAP_EUID | CAP_TS6, NOCAPS, + ":%s EUID %s %d %ld %s %s %s %s %s %s %s :%s", + source_p->servptr->id, nick, + source_p->hopcount + 1, + (long) source_p->tsinfo, ubuf, + source_p->username, source_p->host, + IsIPSpoof(source_p) ? "0" : sockhost, + source_p->id, + IsDynSpoof(source_p) ? source_p->orighost : "*", + EmptyString(source_p->user->suser) ? "*" : source_p->user->suser, + source_p->info); + + sendto_server(client_p, NULL, CAP_TS6, use_euid ? CAP_EUID : NOCAPS, + ":%s UID %s %d %ld %s %s %s %s %s :%s", + source_p->servptr->id, nick, + source_p->hopcount + 1, + (long) source_p->tsinfo, ubuf, + source_p->username, source_p->host, + IsIPSpoof(source_p) ? "0" : sockhost, + source_p->id, source_p->info); + + if(!EmptyString(source_p->certfp)) + sendto_server(client_p, NULL, CAP_TS6, NOCAPS, + ":%s ENCAP * CERTFP :%s", + use_id(source_p), source_p->certfp); if (IsDynSpoof(source_p)) { sendto_server(client_p, NULL, CAP_TS6, use_euid ? CAP_EUID : NOCAPS, ":%s ENCAP * REALHOST %s", use_id(source_p), source_p->orighost); - sendto_server(client_p, NULL, NOCAPS, CAP_TS6, ":%s ENCAP * REALHOST %s", - source_p->name, source_p->orighost); } + if (!EmptyString(source_p->user->suser)) { sendto_server(client_p, NULL, CAP_TS6, use_euid ? CAP_EUID : NOCAPS, ":%s ENCAP * LOGIN %s", use_id(source_p), source_p->user->suser); - sendto_server(client_p, NULL, NOCAPS, CAP_TS6, ":%s ENCAP * LOGIN %s", - source_p->name, source_p->user->suser); } if(MyConnect(source_p) && source_p->localClient->passwd) @@ -672,11 +664,21 @@ introduce_client(struct Client *client_p, struct Client *source_p, struct User * else identifyservice_p = NULL; if (identifyservice_p != NULL) - sendto_one(identifyservice_p, ":%s PRIVMSG %s :%s %s", - get_id(source_p, identifyservice_p), - ConfigFileEntry.identifyservice, - ConfigFileEntry.identifycommand, - source_p->localClient->passwd); + { + if (!EmptyString(source_p->localClient->auth_user)) + sendto_one(identifyservice_p, ":%s PRIVMSG %s :%s %s %s", + get_id(source_p, identifyservice_p), + ConfigFileEntry.identifyservice, + ConfigFileEntry.identifycommand, + source_p->localClient->auth_user, + source_p->localClient->passwd); + else + sendto_one(identifyservice_p, ":%s PRIVMSG %s :%s %s", + get_id(source_p, identifyservice_p), + ConfigFileEntry.identifyservice, + ConfigFileEntry.identifycommand, + source_p->localClient->passwd); + } } memset(source_p->localClient->passwd, 0, strlen(source_p->localClient->passwd)); rb_free(source_p->localClient->passwd); @@ -717,7 +719,7 @@ introduce_client(struct Client *client_p, struct Client *source_p, struct User * int valid_hostname(const char *hostname) { - const char *p = hostname; + const char *p = hostname, *last_slash = 0; int found_sep = 0; s_assert(NULL != p); @@ -725,7 +727,7 @@ valid_hostname(const char *hostname) if(hostname == NULL) return NO; - if('.' == *p || ':' == *p) + if('.' == *p || ':' == *p || '/' == *p) return NO; while (*p) @@ -734,13 +736,21 @@ valid_hostname(const char *hostname) return NO; if(*p == '.' || *p == ':') found_sep++; + else if(*p == '/') + { + found_sep++; + last_slash = p; + } p++; } if(found_sep == 0) - return(NO); + return NO; + + if(last_slash && IsDigit(last_slash[1])) + return NO; - return (YES); + return YES; } /* @@ -807,63 +817,86 @@ report_and_set_user_flags(struct Client *source_p, struct ConfItem *aconf) /* If this user is being spoofed, tell them so */ if(IsConfDoSpoofIp(aconf)) { - sendto_one_notice(source_p, ":*** Spoofing your IP. congrats."); + sendto_one_notice(source_p, ":*** Spoofing your IP"); } /* If this user is in the exception class, Set it "E lined" */ if(IsConfExemptKline(aconf)) { SetExemptKline(source_p); - sendto_one_notice(source_p, ":*** You are exempt from K/X lines. congrats."); + sendto_one_notice(source_p, ":*** You are exempt from K/X lines"); } if(IsConfExemptDNSBL(aconf)) /* kline exempt implies this, don't send both */ if(!IsConfExemptKline(aconf)) - sendto_one_notice(source_p, ":*** You are exempt from DNS blacklists."); + sendto_one_notice(source_p, ":*** You are exempt from DNS blacklists"); /* If this user is exempt from user limits set it F lined" */ if(IsConfExemptLimits(aconf)) { - sendto_one_notice(source_p, ":*** You are exempt from user limits. congrats."); + sendto_one_notice(source_p, ":*** You are exempt from user limits"); } if(IsConfExemptFlood(aconf)) { SetExemptFlood(source_p); - sendto_one_notice(source_p, ":*** You are exempt from flood limits."); + sendto_one_notice(source_p, ":*** You are exempt from flood limits"); } if(IsConfExemptSpambot(aconf)) { SetExemptSpambot(source_p); - sendto_one_notice(source_p, ":*** You are exempt from spambot checks."); + sendto_one_notice(source_p, ":*** You are exempt from spambot checks"); } if(IsConfExemptJupe(aconf)) { SetExemptJupe(source_p); - sendto_one_notice(source_p, ":*** You are exempt from juped channel warnings."); + sendto_one_notice(source_p, ":*** You are exempt from juped channel warnings"); } if(IsConfExemptResv(aconf)) { SetExemptResv(source_p); - sendto_one_notice(source_p, ":*** You are exempt from resvs."); + sendto_one_notice(source_p, ":*** You are exempt from resvs"); } if(IsConfExemptShide(aconf)) { SetExemptShide(source_p); - sendto_one_notice(source_p, ":*** You are exempt from serverhiding."); + sendto_one_notice(source_p, ":*** You are exempt from serverhiding"); } } +static void +show_other_user_mode(struct Client *source_p, struct Client *target_p) +{ + int i; + char buf[BUFSIZE]; + char *m; + + m = buf; + *m++ = '+'; + + for (i = 0; i < 128; i++) /* >= 127 is extended ascii */ + if (target_p->umodes & user_modes[i]) + *m++ = (char) i; + *m = '\0'; + + if (MyConnect(target_p) && target_p->snomask != 0) + sendto_one_notice(source_p, ":Modes for %s are %s %s", + target_p->name, buf, + construct_snobuf(target_p->snomask)); + else + sendto_one_notice(source_p, ":Modes for %s are %s", + target_p->name, buf); +} + /* * user_mode - set get current users mode * * m_umode() added 15/10/91 By Darren Reed. - * parv[0] - sender * parv[1] - username to change mode for * parv[2] - modes to change */ @@ -909,9 +942,12 @@ user_mode(struct Client *client_p, struct Client *source_p, int parc, const char return 0; } - if(source_p != target_p || target_p->from != source_p->from) + if(source_p != target_p) { - sendto_one(source_p, form_str(ERR_USERSDONTMATCH), me.name, source_p->name); + if (MyOper(source_p) && parc < 3) + show_other_user_mode(source_p, target_p); + else + sendto_one(source_p, form_str(ERR_USERSDONTMATCH), me.name, source_p->name); return 0; } @@ -988,6 +1024,8 @@ user_mode(struct Client *client_p, struct Client *source_p, int parc, const char source_p->localClient->opername = NULL; rb_dlinkFindDestroy(source_p, &local_oper_list); + privilegeset_unref(source_p->localClient->privset); + source_p->localClient->privset = NULL; } rb_dlinkFindDestroy(source_p, &oper_list); @@ -1208,7 +1246,7 @@ user_welcome(struct Client *source_p) sendto_one_numeric(source_p, RPL_YOURHOST, form_str(RPL_YOURHOST), get_listener_name(source_p->localClient->listener), ircd_version); sendto_one_numeric(source_p, RPL_CREATED, form_str(RPL_CREATED), creation); - sendto_one_numeric(source_p, RPL_MYINFO, form_str(RPL_MYINFO), me.name, ircd_version, umodebuf); + sendto_one_numeric(source_p, RPL_MYINFO, form_str(RPL_MYINFO), me.name, ircd_version, umodebuf, cflagsmyinfo); show_isupport(source_p); @@ -1273,6 +1311,7 @@ oper_up(struct Client *source_p, struct oper_conf *oper_p) source_p->flags2 |= oper_p->flags; source_p->localClient->opername = rb_strdup(oper_p->name); + source_p->localClient->privset = privilegeset_ref(oper_p->privset); rb_dlinkAddAlloc(source_p, &local_oper_list); rb_dlinkAddAlloc(source_p, &oper_list); @@ -1289,7 +1328,7 @@ oper_up(struct Client *source_p, struct oper_conf *oper_p) call_hook(h_umode_changed, &hdata); sendto_realops_snomask(SNO_GENERAL, L_ALL, - "%s (%s@%s) is now an operator", source_p->name, + "%s (%s!%s@%s) is now an operator", oper_p->name, source_p->name, source_p->username, source_p->host); if(!(old & UMODE_INVISIBLE) && IsInvisible(source_p)) ++Count.invisi; @@ -1299,7 +1338,8 @@ oper_up(struct Client *source_p, struct oper_conf *oper_p) sendto_one_numeric(source_p, RPL_SNOMASK, form_str(RPL_SNOMASK), construct_snobuf(source_p->snomask)); sendto_one(source_p, form_str(RPL_YOUREOPER), me.name, source_p->name); - sendto_one_notice(source_p, ":*** Oper privs are %s", get_oper_privs(oper_p->flags)); + sendto_one_notice(source_p, ":*** Oper privilege set is %s", oper_p->privset->name); + sendto_one_notice(source_p, ":*** Oper privs are %s", oper_p->privset->privs); send_oper_motd(source_p); return (1);