]> jfr.im git - solanum.git/blame - ircd/s_conf.c
projects / solanum.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
doc/reference.conf: add an example TLSv1.3 ciphersuite name
[solanum.git] / ircd / s_conf.c
CommitLineData
212380e3
AC		 1/*
2 * ircd-ratbox: A slightly useful ircd.
3 * s_conf.c: Configuration file functions.
4 *
5 * Copyright (C) 1990 Jarkko Oikarinen and University of Oulu, Co Center
6 * Copyright (C) 1996-2002 Hybrid Development Team
7 * Copyright (C) 2002-2005 ircd-ratbox development team
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
22 * USA
212380e3
AC		 23 */
24
25#include "stdinc.h"
26#include "ircd_defs.h"
212380e3 27#include "s_conf.h"
c4e6888e 28#include "s_user.h"
212380e3 29#include "s_newconf.h"
8b801ad1 30#include "newconf.h"
212380e3
AC		 31#include "s_serv.h"
32#include "s_stats.h"
33#include "channel.h"
34#include "class.h"
35#include "client.h"
212380e3 36#include "hash.h"
4562c604 37#include "match.h"
212380e3
AC		 38#include "ircd.h"
39#include "listener.h"
40#include "hostmask.h"
41#include "modules.h"
42#include "numeric.h"
4016731b 43#include "logger.h"
212380e3 44#include "send.h"
212380e3
AC		 45#include "reject.h"
46#include "cache.h"
422bb0b5 47#include "privilege.h"
c6d72037 48#include "sslproc.h"
c53ca1e0 49#include "wsproc.h"
80c9ac51 50#include "bandbi.h"
27f616dd 51#include "operhash.h"
c55b2782 52#include "chmode.h"
7d603754 53#include "hook.h"
77d3d2db 54#include "s_assert.h"
64fae260 55#include "authproc.h"
01978a2c 56#include "supported.h"
212380e3
AC		 57
58struct config_server_hide ConfigServerHide;
59
6ab8c0d3 60extern int yyparse(void); /* defined in y.tab.c */
401cb2bb 61extern char yy_linebuf[16384]; /* defined in ircd_lexer.l */
212380e3 62
398b6a73 63static rb_bh *confitem_heap = NULL;
212380e3 64
9197bc35
JT		 65rb_dlink_list prop_bans;
66
330fc5c1
AC		 67rb_dlink_list temp_klines[LAST_TEMP_TYPE];
68rb_dlink_list temp_dlines[LAST_TEMP_TYPE];
69rb_dlink_list service_list;
212380e3
AC		 70
71/* internally defined functions */
72static void set_default_conf(void);
73static void validate_conf(void);
29c92cf9 74static void read_conf(void);
212380e3
AC		 75static void clear_out_old_conf(void);
76
9197bc35 77static void expire_prop_bans(void *list);
212380e3
AC		 78static void expire_temp_kd(void *list);
79static void reorganise_temp_kd(void *list);
80
81FILE *conf_fbfile_in;
82extern char yytext[];
83
84static int verify_access(struct Client *client_p, const char *username);
b4a7304c 85static struct ConfItem *find_address_conf_by_client(struct Client *client_p, const char *username);
212380e3
AC		 86static int attach_iline(struct Client *, struct ConfItem *);
87
88void
89init_s_conf(void)
90{
b2c190a6 91 confitem_heap = rb_bh_create(sizeof(struct ConfItem), CONFITEM_HEAP_SIZE, "confitem_heap");
212380e3 92
9197bc35
JT		 93 rb_event_addish("expire_prop_bans", expire_prop_bans, &prop_bans, 60);
94
12aea5fe
VY		 95 rb_event_addish("expire_temp_klines", expire_temp_kd, &temp_klines[TEMP_MIN], 60);
96 rb_event_addish("expire_temp_dlines", expire_temp_kd, &temp_dlines[TEMP_MIN], 60);
212380e3 97
12aea5fe 98 rb_event_addish("expire_temp_klines_hour", reorganise_temp_kd,
212380e3 99 &temp_klines[TEMP_HOUR], 3600);
12aea5fe 100 rb_event_addish("expire_temp_dlines_hour", reorganise_temp_kd,
212380e3 101 &temp_dlines[TEMP_HOUR], 3600);
12aea5fe 102 rb_event_addish("expire_temp_klines_day", reorganise_temp_kd,
212380e3 103 &temp_klines[TEMP_DAY], 86400);
12aea5fe 104 rb_event_addish("expire_temp_dlines_day", reorganise_temp_kd,
212380e3 105 &temp_dlines[TEMP_DAY], 86400);
12aea5fe 106 rb_event_addish("expire_temp_klines_week", reorganise_temp_kd,
212380e3 107 &temp_klines[TEMP_WEEK], 604800);
12aea5fe 108 rb_event_addish("expire_temp_dlines_week", reorganise_temp_kd,
212380e3
AC		 109 &temp_dlines[TEMP_WEEK], 604800);
110}
111
112/*
113 * make_conf
114 *
115 * inputs - none
116 * output - pointer to new conf entry
117 * side effects - none
118 */
119struct ConfItem *
120make_conf()
121{
122 struct ConfItem *aconf;
123
398b6a73 124 aconf = rb_bh_alloc(confitem_heap);
212380e3
AC		 125 aconf->status = CONF_ILLEGAL;
126 return (aconf);
127}
128
129/*
130 * free_conf
131 *
132 * inputs - pointer to conf to free
133 * output - none
134 * side effects - crucial password fields are zeroed, conf is freed
135 */
136void
137free_conf(struct ConfItem *aconf)
138{
139 s_assert(aconf != NULL);
140 if(aconf == NULL)
141 return;
142
143 /* security.. */
144 if(aconf->passwd)
145 memset(aconf->passwd, 0, strlen(aconf->passwd));
146 if(aconf->spasswd)
147 memset(aconf->spasswd, 0, strlen(aconf->spasswd));
148
637c4932
VY		 149 rb_free(aconf->passwd);
150 rb_free(aconf->spasswd);
637c4932
VY		 151 rb_free(aconf->className);
152 rb_free(aconf->user);
153 rb_free(aconf->host);
212380e3 154
27f616dd
JT		 155 if(IsConfBan(aconf))
156 operhash_delete(aconf->info.oper);
157 else
158 rb_free(aconf->info.name);
159
398b6a73 160 rb_bh_free(confitem_heap, aconf);
212380e3
AC		 161}
162
163/*
164 * check_client
165 *
166 * inputs - pointer to client
167 * output - 0 = Success
168 * NOT_AUTHORISED (-1) = Access denied (no I line match)
85368a13 169 * I_SOCKET_ERROR (-2) = Bad socket.
212380e3
AC		 170 * I_LINE_FULL (-3) = I-line is full
171 * TOO_MANY (-4) = Too many connections from hostname
172 * BANNED_CLIENT (-5) = K-lined
173 * side effects - Ordinary client access check.
174 * Look for conf lines which have the same
175 * status as the flags passed.
176 */
177int
178check_client(struct Client *client_p, struct Client *source_p, const char *username)
179{
180 int i;
181
212380e3
AC		 182 if((i = verify_access(source_p, username)))
183 {
55abcbb2 184 ilog(L_FUSER, "Access denied: %s[%s]",
212380e3
AC		 185 source_p->name, source_p->sockhost);
186 }
55abcbb2 187
212380e3
AC		 188 switch (i)
189 {
85368a13 190 case I_SOCKET_ERROR:
212380e3
AC		 191 exit_client(client_p, source_p, &me, "Socket Error");
192 break;
193
194 case TOO_MANY_LOCAL:
606384ae
JT		 195 /* Note that these notices are sent to opers on other
196 * servers also, so even if local opers are allowed to
197 * see the IP, we still cannot send it.
198 */
212380e3
AC		 199 sendto_realops_snomask(SNO_FULL, L_NETWIDE,
200 "Too many local connections for %s!%s%s@%s",
201 source_p->name, IsGotId(source_p) ? "" : "~",
606384ae
JT		 202 source_p->username,
203 show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : source_p->host);
212380e3
AC		 204
205 ilog(L_FUSER, "Too many local connections from %s!%s%s@%s",
206 source_p->name, IsGotId(source_p) ? "" : "~",
55abcbb2 207 source_p->username, source_p->sockhost);
212380e3 208
47adde3d 209 ServerStats.is_ref++;
212380e3
AC		 210 exit_client(client_p, source_p, &me, "Too many host connections (local)");
211 break;
212
213 case TOO_MANY_GLOBAL:
214 sendto_realops_snomask(SNO_FULL, L_NETWIDE,
215 "Too many global connections for %s!%s%s@%s",
216 source_p->name, IsGotId(source_p) ? "" : "~",
606384ae
JT		 217 source_p->username,
218 show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : source_p->host);
212380e3
AC		 219 ilog(L_FUSER, "Too many global connections from %s!%s%s@%s",
220 source_p->name, IsGotId(source_p) ? "" : "~",
221 source_p->username, source_p->sockhost);
222
47adde3d 223 ServerStats.is_ref++;
212380e3
AC		 224 exit_client(client_p, source_p, &me, "Too many host connections (global)");
225 break;
226
227 case TOO_MANY_IDENT:
228 sendto_realops_snomask(SNO_FULL, L_NETWIDE,
229 "Too many user connections for %s!%s%s@%s",
230 source_p->name, IsGotId(source_p) ? "" : "~",
606384ae
JT		 231 source_p->username,
232 show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : source_p->host);
212380e3
AC		 233 ilog(L_FUSER, "Too many user connections from %s!%s%s@%s",
234 source_p->name, IsGotId(source_p) ? "" : "~",
235 source_p->username, source_p->sockhost);
236
47adde3d 237 ServerStats.is_ref++;
212380e3
AC		 238 exit_client(client_p, source_p, &me, "Too many user connections (global)");
239 break;
240
241 case I_LINE_FULL:
242 sendto_realops_snomask(SNO_FULL, L_NETWIDE,
243 "I-line is full for %s!%s%s@%s (%s).",
244 source_p->name, IsGotId(source_p) ? "" : "~",
245 source_p->username, source_p->host,
4b7e6904 246 show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : "255.255.255.255");
212380e3 247
55abcbb2 248 ilog(L_FUSER, "Too many connections from %s!%s%s@%s.",
212380e3
AC		 249 source_p->name, IsGotId(source_p) ? "" : "~",
250 source_p->username, source_p->sockhost);
251
47adde3d 252 ServerStats.is_ref++;
212380e3
AC		 253 exit_client(client_p, source_p, &me,
254 "No more connections allowed in your connection class");
255 break;
256
257 case NOT_AUTHORISED:
258 {
259 int port = -1;
c6ad9b0c 260 port = ntohs(GET_SS_PORT(&source_p->localClient->listener->addr[0]));
55abcbb2 261
47adde3d 262 ServerStats.is_ref++;
212380e3
AC		 263 /* jdc - lists server name & port connections are on */
264 /* a purely cosmetical change */
265 /* why ipaddr, and not just source_p->sockhost? --fl */
266#if 0
267 static char ipaddr[HOSTIPLEN];
caa4d9d2 268 rb_inet_ntop_sock(&source_p->localClient->ip, ipaddr, sizeof(ipaddr));
212380e3 269#endif
a9227555 270 sendto_realops_snomask(SNO_UNAUTH, L_NETWIDE,
212380e3
AC		 271 "Unauthorised client connection from "
272 "%s!%s%s@%s [%s] on [%s/%u].",
273 source_p->name, IsGotId(source_p) ? "" : "~",
274 source_p->username, source_p->host,
275 source_p->sockhost,
276 source_p->localClient->listener->name, port);
277
278 ilog(L_FUSER,
279 "Unauthorised client connection from %s!%s%s@%s on [%s/%u].",
280 source_p->name, IsGotId(source_p) ? "" : "~",
281 source_p->username, source_p->sockhost,
282 source_p->localClient->listener->name, port);
a9536f75
EK		 283 add_reject(client_p, NULL, NULL, NULL, "You are not authorised to use this server.");
284 exit_client(client_p, source_p, &me, "You are not authorised to use this server.");
212380e3
AC		 285 break;
286 }
287 case BANNED_CLIENT:
212380e3 288 exit_client(client_p, client_p, &me, "*** Banned ");
47adde3d 289 ServerStats.is_ref++;
212380e3
AC		 290 break;
291
292 case 0:
293 default:
294 break;
295 }
296 return (i);
297}
298
299/*
300 * verify_access
301 *
302 * inputs - pointer to client to verify
303 * - pointer to proposed username
304 * output - 0 if success -'ve if not
305 * side effect - find the first (best) I line to attach.
306 */
307static int
308verify_access(struct Client *client_p, const char *username)
309{
310 struct ConfItem *aconf;
212380e3 311
b4a7304c 312 aconf = find_address_conf_by_client(client_p, username);
212380e3
AC		 313 if(aconf == NULL)
314 return NOT_AUTHORISED;
315
316 if(aconf->status & CONF_CLIENT)
317 {
318 if(aconf->flags & CONF_FLAGS_REDIR)
319 {
88520303 320 sendto_one_numeric(client_p, RPL_REDIR, form_str(RPL_REDIR),
27f616dd 321 aconf->info.name ? aconf->info.name : "", aconf->port);
212380e3
AC		 322 return (NOT_AUTHORISED);
323 }
324
212380e3
AC		 325 /* Thanks for spoof idea amm */
326 if(IsConfDoSpoofIp(aconf))
327 {
328 char *p;
329
330 /* show_ip() depends on this --fl */
331 SetIPSpoof(client_p);
332
333 if(IsConfSpoofNotice(aconf))
334 {
a9227555 335 sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
212380e3
AC		 336 "%s spoofing: %s as %s",
337 client_p->name,
27f616dd
JT		 338 show_ip(NULL, client_p) ? client_p->host : aconf->info.name,
339 aconf->info.name);
212380e3
AC		 340 }
341
342 /* user@host spoof */
27f616dd 343 if((p = strchr(aconf->info.name, '@')) != NULL)
212380e3
AC		 344 {
345 char *host = p+1;
346 *p = '\0';
347
27f616dd 348 rb_strlcpy(client_p->username, aconf->info.name,
212380e3 349 sizeof(client_p->username));
f427c8b0 350 rb_strlcpy(client_p->host, host,
212380e3
AC		 351 sizeof(client_p->host));
352 *p = '@';
353 }
354 else
27f616dd 355 rb_strlcpy(client_p->host, aconf->info.name, sizeof(client_p->host));
212380e3
AC		 356 }
357 return (attach_iline(client_p, aconf));
358 }
359 else if(aconf->status & CONF_KILL)
360 {
361 if(ConfigFileEntry.kline_with_reason)
212380e3 362 sendto_one(client_p,
92fb5c31 363 form_str(ERR_YOUREBANNEDCREEP),
a12ad044
JT		 364 me.name, client_p->name,
365 get_user_ban_reason(aconf));
a9536f75 366 add_reject(client_p, aconf->user, aconf->host, aconf, NULL);
212380e3
AC		 367 return (BANNED_CLIENT);
368 }
212380e3
AC		 369
370 return NOT_AUTHORISED;
371}
372
373
b4a7304c
JT		 374/*
375 * find_address_conf_by_client
376 */
377static struct ConfItem *
378find_address_conf_by_client(struct Client *client_p, const char *username)
379{
380 struct ConfItem *aconf;
381 char non_ident[USERLEN + 1];
382
383 if(IsGotId(client_p))
384 {
385 aconf = find_address_conf(client_p->host, client_p->sockhost,
386 client_p->username, client_p->username,
387 (struct sockaddr *) &client_p->localClient->ip,
e867208d 388 GET_SS_FAMILY(&client_p->localClient->ip),
b4a7304c
JT		 389 client_p->localClient->auth_user);
390 }
391 else
392 {
393 rb_strlcpy(non_ident, "~", sizeof(non_ident));
394 rb_strlcat(non_ident, username, sizeof(non_ident));
395 aconf = find_address_conf(client_p->host, client_p->sockhost,
396 non_ident, client_p->username,
397 (struct sockaddr *) &client_p->localClient->ip,
e867208d 398 GET_SS_FAMILY(&client_p->localClient->ip),
b4a7304c
JT		 399 client_p->localClient->auth_user);
400 }
401 return aconf;
402}
403
404
212380e3
AC		 405/*
406 * add_ip_limit
55abcbb2 407 *
212380e3
AC		 408 * Returns 1 if successful 0 if not
409 *
410 * This checks if the user has exceed the limits for their class
411 * unless of course they are exempt..
412 */
413
414static int
415add_ip_limit(struct Client *client_p, struct ConfItem *aconf)
416{
b2c190a6 417 rb_patricia_node_t *pnode;
e33e589c 418 int bitlen;
212380e3
AC		 419
420 /* If the limits are 0 don't do anything.. */
e33e589c
JT		 421 if(ConfCidrAmount(aconf) == 0
422 || (ConfCidrIpv4Bitlen(aconf) == 0 && ConfCidrIpv6Bitlen(aconf) == 0))
212380e3
AC		 423 return -1;
424
b2c190a6 425 pnode = rb_match_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip);
212380e3 426
e33e589c
JT		 427 if(GET_SS_FAMILY(&client_p->localClient->ip) == AF_INET)
428 bitlen = ConfCidrIpv4Bitlen(aconf);
429 else
430 bitlen = ConfCidrIpv6Bitlen(aconf);
431
212380e3 432 if(pnode == NULL)
e33e589c 433 pnode = make_and_lookup_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip, bitlen);
212380e3
AC		 434
435 s_assert(pnode != NULL);
436
437 if(pnode != NULL)
438 {
e33e589c 439 if(((intptr_t)pnode->data) >= ConfCidrAmount(aconf) && !IsConfExemptLimits(aconf))
212380e3
AC		 440 {
441 /* This should only happen if the limits are set to 0 */
e33e589c 442 if((intptr_t)pnode->data == 0)
212380e3 443 {
b2c190a6 444 rb_patricia_remove(ConfIpLimits(aconf), pnode);
212380e3
AC		 445 }
446 return (0);
447 }
448
e33e589c 449 pnode->data = (void *)(((intptr_t)pnode->data) + 1);
212380e3
AC		 450 }
451 return 1;
452}
453
454static void
455remove_ip_limit(struct Client *client_p, struct ConfItem *aconf)
456{
b2c190a6 457 rb_patricia_node_t *pnode;
212380e3
AC		 458
459 /* If the limits are 0 don't do anything.. */
e33e589c
JT		 460 if(ConfCidrAmount(aconf) == 0
461 || (ConfCidrIpv4Bitlen(aconf) == 0 && ConfCidrIpv6Bitlen(aconf) == 0))
212380e3
AC		 462 return;
463
b2c190a6 464 pnode = rb_match_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip);
212380e3
AC		 465 if(pnode == NULL)
466 return;
467
e33e589c
JT		 468 pnode->data = (void *)(((intptr_t)pnode->data) - 1);
469 if(((intptr_t)pnode->data) == 0)
212380e3 470 {
b2c190a6 471 rb_patricia_remove(ConfIpLimits(aconf), pnode);
212380e3
AC		 472 }
473
474}
475
476/*
477 * attach_iline
478 *
479 * inputs - client pointer
480 * - conf pointer
481 * output -
482 * side effects - do actual attach
483 */
484static int
485attach_iline(struct Client *client_p, struct ConfItem *aconf)
486{
487 struct Client *target_p;
330fc5c1 488 rb_dlink_node *ptr;
212380e3
AC		 489 int local_count = 0;
490 int global_count = 0;
491 int ident_count = 0;
15f92147 492 int unidented;
212380e3
AC		 493
494 if(IsConfExemptLimits(aconf))
495 return (attach_conf(client_p, aconf));
496
15f92147
JT		 497 unidented = !IsGotId(client_p) && !IsNoTilde(aconf) &&
498 (!IsConfDoSpoofIp(aconf) || !strchr(aconf->info.name, '@'));
212380e3
AC		 499
500 /* find_hostname() returns the head of the list to search */
5cefa1d6 501 RB_DLINK_FOREACH(ptr, find_hostname(client_p->host))
212380e3
AC		 502 {
503 target_p = ptr->data;
504
505 if(irccmp(client_p->host, target_p->orighost) != 0)
506 continue;
507
508 if(MyConnect(target_p))
509 local_count++;
510
511 global_count++;
512
513 if(unidented)
514 {
515 if(*target_p->username == '~')
516 ident_count++;
517 }
518 else if(irccmp(target_p->username, client_p->username) == 0)
519 ident_count++;
520
521 if(ConfMaxLocal(aconf) && local_count >= ConfMaxLocal(aconf))
522 return (TOO_MANY_LOCAL);
523 else if(ConfMaxGlobal(aconf) && global_count >= ConfMaxGlobal(aconf))
524 return (TOO_MANY_GLOBAL);
525 else if(ConfMaxIdent(aconf) && ident_count >= ConfMaxIdent(aconf))
526 return (TOO_MANY_IDENT);
527 }
528
529
530 return (attach_conf(client_p, aconf));
531}
532
a9536f75
EK		 533/*
534 * deref_conf
535 *
536 * inputs - ConfItem that is referenced by something other than a client
537 * side effects - Decrement and free ConfItem if appropriate
538 */
539void
540deref_conf(struct ConfItem *aconf)
541{
542 aconf->clients--;
543 if(!aconf->clients && IsIllegal(aconf))
544 free_conf(aconf);
545}
546
212380e3
AC		 547/*
548 * detach_conf
549 *
550 * inputs - pointer to client to detach
551 * output - 0 for success, -1 for failure
552 * side effects - Disassociate configuration from the client.
553 * Also removes a class from the list if marked for deleting.
554 */
555int
556detach_conf(struct Client *client_p)
557{
558 struct ConfItem *aconf;
559
560 aconf = client_p->localClient->att_conf;
561
562 if(aconf != NULL)
563 {
564 if(ClassPtr(aconf))
565 {
566 remove_ip_limit(client_p, aconf);
567
568 if(ConfCurrUsers(aconf) > 0)
569 --ConfCurrUsers(aconf);
570
571 if(ConfMaxUsers(aconf) == -1 && ConfCurrUsers(aconf) == 0)
572 {
573 free_class(ClassPtr(aconf));
574 ClassPtr(aconf) = NULL;
575 }
576
577 }
578
579 aconf->clients--;
580 if(!aconf->clients && IsIllegal(aconf))
581 free_conf(aconf);
582
583 client_p->localClient->att_conf = NULL;
584 return 0;
585 }
586
587 return -1;
588}
589
590/*
591 * attach_conf
55abcbb2 592 *
212380e3
AC		 593 * inputs - client pointer
594 * - conf pointer
595 * output -
596 * side effects - Associate a specific configuration entry to a *local*
597 * client (this is the one which used in accepting the
598 * connection). Note, that this automatically changes the
599 * attachment if there was an old one...
600 */
601int
602attach_conf(struct Client *client_p, struct ConfItem *aconf)
603{
604 if(IsIllegal(aconf))
605 return (NOT_AUTHORISED);
606
86432f8f
SA		 607 if(s_assert(ClassPtr(aconf)))
608 return (NOT_AUTHORISED);
609
610 if(!add_ip_limit(client_p, aconf))
611 return (TOO_MANY_LOCAL);
212380e3
AC		 612
613 if((aconf->status & CONF_CLIENT) &&
614 ConfCurrUsers(aconf) >= ConfMaxUsers(aconf) && ConfMaxUsers(aconf) > 0)
615 {
616 if(!IsConfExemptLimits(aconf))
617 {
618 return (I_LINE_FULL);
619 }
620 else
621 {
5366977b 622 sendto_one_notice(client_p, ":*** I: line is full, but you have an >I: line!");
212380e3
AC		 623 }
624
625 }
626
627 if(client_p->localClient->att_conf != NULL)
628 detach_conf(client_p);
629
630 client_p->localClient->att_conf = aconf;
631
632 aconf->clients++;
633 ConfCurrUsers(aconf)++;
634 return (0);
635}
636
637/*
638 * rehash
639 *
640 * Actual REHASH service routine. Called with sig == 0 if it has been called
641 * as a result of an operator issuing this command, else assume it has been
642 * called as a result of the server receiving a HUP signal.
643 */
ab31d2b0
EM		 644bool
645rehash(bool sig)
212380e3 646{
c4e6888e
EK		 647 rb_dlink_node *n;
648
2575a78b
EM		 649 hook_data_rehash hdata = { sig };
650
ab31d2b0 651 if(sig)
a9227555 652 sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
212380e3 653 "Got signal SIGHUP, reloading ircd conf. file");
212380e3 654
f60055d3 655 rehash_authd();
2575a78b 656
212380e3 657 /* don't close listeners until we know we can go ahead with the rehash */
ab31d2b0 658 read_conf_files(false);
212380e3
AC		 659
660 if(ServerInfo.description != NULL)
f427c8b0 661 rb_strlcpy(me.info, ServerInfo.description, sizeof(me.info));
212380e3 662 else
f427c8b0 663 rb_strlcpy(me.info, "unknown", sizeof(me.info));
212380e3
AC		 664
665 open_logfiles();
2575a78b 666
c4e6888e
EK		 667 RB_DLINK_FOREACH(n, local_oper_list.head)
668 {
669 struct Client *oper = n->data;
670 const char *modeparv[4];
671 modeparv[0] = modeparv[1] = oper->name;
672 modeparv[2] = "+";
673 modeparv[3] = NULL;
674 user_mode(oper, oper, 3, modeparv);
675 }
676
2575a78b 677 call_hook(h_rehash, &hdata);
ab31d2b0 678 return false;
212380e3
AC		 679}
680
212380e3 681void
ab31d2b0 682rehash_bans(void)
212380e3 683{
80c9ac51 684 bandb_rehash_bans();
212380e3
AC		 685}
686
687/*
688 * set_default_conf()
689 *
690 * inputs - NONE
691 * output - NONE
692 * side effects - Set default values here.
693 * This is called **PRIOR** to parsing the
694 * configuration file. If you want to do some validation
695 * of values later, put them in validate_conf().
696 */
697
212380e3
AC		 698static void
699set_default_conf(void)
700{
701 /* ServerInfo.name is not rehashable */
702 /* ServerInfo.name = ServerInfo.name; */
703 ServerInfo.description = NULL;
010c4fbd 704 ServerInfo.network_name = NULL;
212380e3 705
d4214e94
SA		 706 memset(&ServerInfo.bind4, 0, sizeof(ServerInfo.bind4));
707 SET_SS_FAMILY(&ServerInfo.bind4, AF_UNSPEC);
d4214e94
SA		 708 memset(&ServerInfo.bind6, 0, sizeof(ServerInfo.bind6));
709 SET_SS_FAMILY(&ServerInfo.bind6, AF_UNSPEC);
212380e3 710
212380e3
AC		 711 AdminInfo.name = NULL;
712 AdminInfo.email = NULL;
713 AdminInfo.description = NULL;
714
010c4fbd
KB		 715 ConfigFileEntry.default_operstring = NULL;
716 ConfigFileEntry.default_adminstring = NULL;
717 ConfigFileEntry.servicestring = NULL;
7d33cce8 718 ConfigFileEntry.sasl_service = NULL;
212380e3 719
55abcbb2 720 ConfigFileEntry.default_umodes = UMODE_INVISIBLE;
d2e0b78f
AC		 721 ConfigFileEntry.failed_oper_notice = true;
722 ConfigFileEntry.anti_nick_flood = false;
723 ConfigFileEntry.disable_fake_channels = false;
212380e3
AC		 724 ConfigFileEntry.max_nick_time = 20;
725 ConfigFileEntry.max_nick_changes = 5;
726 ConfigFileEntry.max_accept = 20;
727 ConfigFileEntry.max_monitor = 60;
728 ConfigFileEntry.nick_delay = 900; /* 15 minutes */
d2e0b78f 729 ConfigFileEntry.target_change = true;
212380e3
AC		 730 ConfigFileEntry.anti_spam_exit_message_time = 0;
731 ConfigFileEntry.ts_warn_delta = TS_WARN_DELTA_DEFAULT;
732 ConfigFileEntry.ts_max_delta = TS_MAX_DELTA_DEFAULT;
d2e0b78f
AC		 733 ConfigFileEntry.client_exit = true;
734 ConfigFileEntry.dline_with_reason = true;
735 ConfigFileEntry.kline_with_reason = true;
d2e0b78f
AC		 736 ConfigFileEntry.warn_no_nline = true;
737 ConfigFileEntry.non_redundant_klines = true;
738 ConfigFileEntry.stats_e_disabled = false;
739 ConfigFileEntry.stats_o_oper_only = false;
212380e3 740 ConfigFileEntry.stats_k_oper_only = 1; /* masked */
63ab1dd6 741 ConfigFileEntry.stats_l_oper_only = 1; /* self */
212380e3 742 ConfigFileEntry.stats_i_oper_only = 1; /* masked */
d2e0b78f
AC		 743 ConfigFileEntry.stats_P_oper_only = false;
744 ConfigFileEntry.stats_c_oper_only = false;
745 ConfigFileEntry.stats_y_oper_only = false;
d2e0b78f
AC		 746 ConfigFileEntry.map_oper_only = true;
747 ConfigFileEntry.operspy_admin_only = false;
212380e3
AC		 748 ConfigFileEntry.pace_wait = 10;
749 ConfigFileEntry.caller_id_wait = 60;
750 ConfigFileEntry.pace_wait_simple = 1;
d2e0b78f
AC		 751 ConfigFileEntry.short_motd = false;
752 ConfigFileEntry.no_oper_flood = false;
212380e3
AC		 753 ConfigFileEntry.fname_userlog = NULL;
754 ConfigFileEntry.fname_fuserlog = NULL;
755 ConfigFileEntry.fname_operlog = NULL;
756 ConfigFileEntry.fname_foperlog = NULL;
757 ConfigFileEntry.fname_serverlog = NULL;
00533129 758 ConfigFileEntry.fname_killlog = NULL;
212380e3
AC		 759 ConfigFileEntry.fname_klinelog = NULL;
760 ConfigFileEntry.fname_operspylog = NULL;
761 ConfigFileEntry.fname_ioerrorlog = NULL;
d2e0b78f 762 ConfigFileEntry.hide_spoof_ips = true;
212380e3 763 ConfigFileEntry.hide_error_messages = 1;
212380e3
AC		 764 ConfigFileEntry.dots_in_ident = 0;
765 ConfigFileEntry.max_targets = MAX_TARGETS_DEFAULT;
d2e0b78f
AC		 766 ConfigFileEntry.use_whois_actually = true;
767 ConfigFileEntry.burst_away = false;
768 ConfigFileEntry.collision_fnc = true;
769 ConfigFileEntry.resv_fnc = true;
770 ConfigFileEntry.global_snotices = true;
771 ConfigFileEntry.operspy_dont_care_user_info = false;
772 ConfigFileEntry.use_propagated_bans = true;
e88a1f1b 773 ConfigFileEntry.max_ratelimit_tokens = 30;
d42e6915 774 ConfigFileEntry.away_interval = 30;
fff4f763 775 ConfigFileEntry.tls_ciphers_oper_only = false;
40ecb85a 776 ConfigFileEntry.oper_secure_only = false;
212380e3
AC		 777
778#ifdef HAVE_LIBZ
779 ConfigFileEntry.compression_level = 4;
780#endif
781
782 ConfigFileEntry.oper_umodes = UMODE_LOCOPS | UMODE_SERVNOTICE |
783 UMODE_OPERWALL | UMODE_WALLOP;
784 ConfigFileEntry.oper_only_umodes = UMODE_SERVNOTICE;
785 ConfigFileEntry.oper_snomask = SNO_GENERAL;
786
d2e0b78f
AC		 787 ConfigChannel.use_except = true;
788 ConfigChannel.use_invex = true;
789 ConfigChannel.use_forward = true;
790 ConfigChannel.use_knock = true;
212380e3
AC		 791 ConfigChannel.knock_delay = 300;
792 ConfigChannel.knock_delay_channel = 60;
793 ConfigChannel.max_chans_per_user = 15;
a4721f5e 794 ConfigChannel.max_chans_per_user_large = 60;
212380e3
AC		 795 ConfigChannel.max_bans = 25;
796 ConfigChannel.max_bans_large = 500;
d2e0b78f
AC		 797 ConfigChannel.only_ascii_channels = false;
798 ConfigChannel.burst_topicwho = false;
799 ConfigChannel.kick_on_split_riding = false;
212380e3
AC		 800
801 ConfigChannel.default_split_user_count = 15000;
802 ConfigChannel.default_split_server_count = 10;
d2e0b78f
AC		 803 ConfigChannel.no_join_on_split = false;
804 ConfigChannel.no_create_on_split = true;
805 ConfigChannel.resv_forcepart = true;
806 ConfigChannel.channel_target_change = true;
807 ConfigChannel.disable_local_channels = false;
d513218a 808 ConfigChannel.displayed_usercount = 3;
04e5ed6c 809 ConfigChannel.opmod_send_statusmsg = false;
212380e3 810
63eb8567
AC		 811 ConfigChannel.autochanmodes = MODE_TOPICLIMIT | MODE_NOPRIVMSGS;
812
212380e3
AC		 813 ConfigServerHide.flatten_links = 0;
814 ConfigServerHide.links_delay = 300;
815 ConfigServerHide.hidden = 0;
816 ConfigServerHide.disable_hidden = 0;
817
818 ConfigFileEntry.min_nonwildcard = 4;
819 ConfigFileEntry.min_nonwildcard_simple = 3;
820 ConfigFileEntry.default_floodcount = 8;
7f3382fe 821 ConfigFileEntry.default_ident_timeout = IDENT_TIMEOUT_DEFAULT;
212380e3
AC		 822 ConfigFileEntry.tkline_expire_notices = 0;
823
824 ConfigFileEntry.reject_after_count = 5;
55abcbb2 825 ConfigFileEntry.reject_ban_time = 300;
212380e3 826 ConfigFileEntry.reject_duration = 120;
43946961
JT		 827 ConfigFileEntry.throttle_count = 4;
828 ConfigFileEntry.throttle_duration = 60;
c2d96fcb 829
e6e54763
SB		 830 ConfigFileEntry.client_flood_max_lines = CLIENT_FLOOD_DEFAULT;
831 ConfigFileEntry.client_flood_burst_rate = 5;
832 ConfigFileEntry.client_flood_burst_max = 5;
833 ConfigFileEntry.client_flood_message_time = 1;
834 ConfigFileEntry.client_flood_message_num = 2;
835
101db4c4 836 ServerInfo.default_max_clients = MAXCONNECTIONS;
456e5b3d 837
b583faf9 838 ConfigFileEntry.nicklen = NICKLEN;
cf430c1a 839 ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_CERT_SHA1;
71c95533 840 ConfigFileEntry.hide_opers_in_whois = 0;
1123eefc 841 ConfigFileEntry.hide_opers = 0;
b583faf9 842
456e5b3d 843 if (!alias_dict)
f956cb0f 844 alias_dict = rb_dictionary_create("alias", rb_strcasecmp);
212380e3
AC		 845}
846
212380e3 847/*
55abcbb2 848 * read_conf()
212380e3
AC		 849 *
850 *
29c92cf9 851 * inputs - None
212380e3
AC		 852 * output - None
853 * side effects - Read configuration file.
854 */
855static void
29c92cf9 856read_conf(void)
212380e3
AC		 857{
858 lineno = 0;
859
860 set_default_conf(); /* Set default values prior to conf parsing */
861 yyparse(); /* Load the values from the conf */
862 validate_conf(); /* Check to make sure some values are still okay. */
863 /* Some global values are also loaded here. */
864 check_class(); /* Make sure classes are valid */
422bb0b5 865 privilegeset_delete_all_illegal();
c55b2782 866 construct_cflags_strings();
212380e3
AC		 867}
868
869static void
870validate_conf(void)
871{
7f3382fe
KB		 872 if(ConfigFileEntry.default_ident_timeout < 1)
873 ConfigFileEntry.default_ident_timeout = IDENT_TIMEOUT_DEFAULT;
874
212380e3
AC		 875 if(ConfigFileEntry.ts_warn_delta < TS_WARN_DELTA_MIN)
876 ConfigFileEntry.ts_warn_delta = TS_WARN_DELTA_DEFAULT;
877
878 if(ConfigFileEntry.ts_max_delta < TS_MAX_DELTA_MIN)
879 ConfigFileEntry.ts_max_delta = TS_MAX_DELTA_DEFAULT;
880
212380e3 881 if(ServerInfo.network_name == NULL)
47a03750 882 ServerInfo.network_name = rb_strdup(NETWORK_NAME_DEFAULT);
212380e3 883
8bd5767b 884 if(ServerInfo.ssld_count < 1)
c6d72037
VY		 885 ServerInfo.ssld_count = 1;
886
c53ca1e0
AC		 887 /* XXX: configurable? */
888 ServerInfo.wsockd_count = 1;
889
c1725bda 890 if(!rb_setup_ssl_server(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params, ServerInfo.ssl_cipher_list))
8bd5767b
JT		 891 {
892 ilog(L_MAIN, "WARNING: Unable to setup SSL.");
bfc44622 893 ircd_ssl_ok = false;
8bd5767b 894 } else {
bfc44622 895 ircd_ssl_ok = true;
f7b0c4b3 896 ssld_update_config();
8bd5767b
JT		 897 }
898
899 if(ServerInfo.ssld_count > get_ssld_count())
900 {
901 int start = ServerInfo.ssld_count - get_ssld_count();
902 /* start up additional ssld if needed */
f7b0c4b3 903 start_ssldaemon(start);
c6d72037
VY		 904 }
905
c53ca1e0
AC		 906 if(ServerInfo.wsockd_count > get_wsockd_count())
907 {
34b88b65 908 int start = ServerInfo.wsockd_count - get_wsockd_count();
c53ca1e0
AC		 909 start_wsockd(start);
910 }
911
010c4fbd
KB		 912 /* General conf */
913 if (ConfigFileEntry.default_operstring == NULL)
914 ConfigFileEntry.default_operstring = rb_strdup("is an IRC operator");
915
916 if (ConfigFileEntry.default_adminstring == NULL)
917 ConfigFileEntry.default_adminstring = rb_strdup("is a Server Administrator");
918
919 if (ConfigFileEntry.servicestring == NULL)
920 ConfigFileEntry.servicestring = rb_strdup("is a Network Service");
921
7d33cce8
MT		 922 if (ConfigFileEntry.sasl_service == NULL)
923 ConfigFileEntry.sasl_service = rb_strdup("SaslServ");
924
894325fe
JT		 925 /* RFC 1459 says 1 message per 2 seconds on average and bursts of
926 * 5 messages are acceptable, so allow at least that.
41ca4cac 927 */
894325fe
JT		 928 if(ConfigFileEntry.client_flood_burst_rate < 5)
929 ConfigFileEntry.client_flood_burst_rate = 5;
930 if(ConfigFileEntry.client_flood_burst_max < 5)
931 ConfigFileEntry.client_flood_burst_max = 5;
41ca4cac
JT		 932 if(ConfigFileEntry.client_flood_message_time >
933 ConfigFileEntry.client_flood_message_num * 2)
934 ConfigFileEntry.client_flood_message_time =
935 ConfigFileEntry.client_flood_message_num * 2;
936
e6e54763
SB		 937 if((ConfigFileEntry.client_flood_max_lines < CLIENT_FLOOD_MIN) ||
938 (ConfigFileEntry.client_flood_max_lines > CLIENT_FLOOD_MAX))
939 ConfigFileEntry.client_flood_max_lines = CLIENT_FLOOD_MAX;
212380e3 940
212380e3
AC		 941 if(!split_users || !split_servers ||
942 (!ConfigChannel.no_create_on_split && !ConfigChannel.no_join_on_split))
943 {
b2c190a6
JT		 944 rb_event_delete(check_splitmode_ev);
945 check_splitmode_ev = NULL;
212380e3
AC		 946 splitmode = 0;
947 splitchecking = 0;
948 }
01978a2c
AC		 949
950 CharAttrs['&'] |= CHANPFX_C;
951 if (ConfigChannel.disable_local_channels)
952 CharAttrs['&'] &= ~CHANPFX_C;
953
954 chantypes_update();
212380e3
AC		 955}
956
212380e3
AC		 957/* add_temp_kline()
958 *
959 * inputs - pointer to struct ConfItem
960 * output - none
55abcbb2 961 * Side effects - links in given struct ConfItem into
212380e3
AC		 962 * temporary kline link list
963 */
964void
965add_temp_kline(struct ConfItem *aconf)
966{
e3354945 967 if(aconf->hold >= rb_current_time() + (10080 * 60))
212380e3 968 {
330fc5c1 969 rb_dlinkAddAlloc(aconf, &temp_klines[TEMP_WEEK]);
212380e3
AC		 970 aconf->port = TEMP_WEEK;
971 }
e3354945 972 else if(aconf->hold >= rb_current_time() + (1440 * 60))
212380e3 973 {
330fc5c1 974 rb_dlinkAddAlloc(aconf, &temp_klines[TEMP_DAY]);
212380e3
AC		 975 aconf->port = TEMP_DAY;
976 }
e3354945 977 else if(aconf->hold >= rb_current_time() + (60 * 60))
212380e3 978 {
330fc5c1 979 rb_dlinkAddAlloc(aconf, &temp_klines[TEMP_HOUR]);
212380e3
AC		 980 aconf->port = TEMP_HOUR;
981 }
982 else
983 {
330fc5c1 984 rb_dlinkAddAlloc(aconf, &temp_klines[TEMP_MIN]);
212380e3
AC		 985 aconf->port = TEMP_MIN;
986 }
987
988 aconf->flags |= CONF_FLAGS_TEMPORARY;
40c1fd47 989 add_conf_by_address(aconf->host, CONF_KILL, aconf->user, NULL, aconf);
212380e3
AC		 990}
991
992/* add_temp_dline()
993 *
994 * input - pointer to struct ConfItem
995 * output - none
996 * side effects - added to tdline link list and address hash
997 */
998void
999add_temp_dline(struct ConfItem *aconf)
1000{
e3354945 1001 if(aconf->hold >= rb_current_time() + (10080 * 60))
212380e3 1002 {
330fc5c1 1003 rb_dlinkAddAlloc(aconf, &temp_dlines[TEMP_WEEK]);
212380e3
AC		 1004 aconf->port = TEMP_WEEK;
1005 }
e3354945 1006 else if(aconf->hold >= rb_current_time() + (1440 * 60))
212380e3 1007 {
330fc5c1 1008 rb_dlinkAddAlloc(aconf, &temp_dlines[TEMP_DAY]);
212380e3
AC		 1009 aconf->port = TEMP_DAY;
1010 }
e3354945 1011 else if(aconf->hold >= rb_current_time() + (60 * 60))
212380e3 1012 {
330fc5c1 1013 rb_dlinkAddAlloc(aconf, &temp_dlines[TEMP_HOUR]);
212380e3
AC		 1014 aconf->port = TEMP_HOUR;
1015 }
1016 else
1017 {
330fc5c1 1018 rb_dlinkAddAlloc(aconf, &temp_dlines[TEMP_MIN]);
212380e3
AC		 1019 aconf->port = TEMP_MIN;
1020 }
1021
1022 aconf->flags |= CONF_FLAGS_TEMPORARY;
40c1fd47 1023 add_conf_by_address(aconf->host, CONF_DLINE, aconf->user, NULL, aconf);
212380e3
AC		 1024}
1025
5c2b9eaf 1026/* valid_wild_card()
55abcbb2 1027 *
5c2b9eaf
JT		 1028 * input - user buffer, host buffer
1029 * output - 0 if invalid, 1 if valid
1030 * side effects -
1031 */
1032int
1033valid_wild_card(const char *luser, const char *lhost)
1034{
1035 const char *p;
1036 char tmpch;
1037 int nonwild = 0;
1038 int bitlen;
1039
1040 /* user has no wildcards, always accept -- jilles */
1041 if(!strchr(luser, '?') && !strchr(luser, '*'))
1042 return 1;
1043
1044 /* check there are enough non wildcard chars */
1045 p = luser;
1046 while((tmpch = *p++))
1047 {
1048 if(!IsKWildChar(tmpch))
1049 {
1050 /* found enough chars, return */
1051 if(++nonwild >= ConfigFileEntry.min_nonwildcard)
1052 return 1;
1053 }
1054 }
1055
1056 /* try host, as user didnt contain enough */
1057 /* special case for cidr masks -- jilles */
1058 if((p = strrchr(lhost, '/')) != NULL && IsDigit(p[1]))
1059 {
1060 bitlen = atoi(p + 1);
1061 /* much like non-cidr for ipv6, rather arbitrary for ipv4 */
1062 if(bitlen > 0
1063 && bitlen >=
1064 (strchr(lhost, ':') ? 4 * (ConfigFileEntry.min_nonwildcard - nonwild) : 6 -
1065 2 * nonwild))
1066 return 1;
1067 }
1068 else
1069 {
1070 p = lhost;
1071 while((tmpch = *p++))
1072 {
1073 if(!IsKWildChar(tmpch))
1074 if(++nonwild >= ConfigFileEntry.min_nonwildcard)
1075 return 1;
1076 }
1077 }
1078
1079 return 0;
1080}
1081
431a1a27
JT		 1082rb_dlink_node *
1083find_prop_ban(unsigned int status, const char *user, const char *host)
1084{
1085 rb_dlink_node *ptr;
1086 struct ConfItem *aconf;
1087
1088 RB_DLINK_FOREACH(ptr, prop_bans.head)
1089 {
1090 aconf = ptr->data;
1091
1092 if((aconf->status & ~CONF_ILLEGAL) == status &&
1093 (!user || !aconf->user ||
1094 !irccmp(aconf->user, user)) &&
1095 !irccmp(aconf->host, host))
1096 return ptr;
1097 }
1098 return NULL;
1099}
1100
9197bc35 1101void
483987a4 1102deactivate_conf(struct ConfItem *aconf, rb_dlink_node *ptr, time_t now)
9197bc35
JT		 1103{
1104 int i;
1105
1106 s_assert(ptr->data == aconf);
1107
1108 switch (aconf->status)
1109 {
1110 case CONF_KILL:
1111 if (aconf->lifetime == 0 &&
1112 aconf->flags & CONF_FLAGS_TEMPORARY)
1113 for (i = 0; i < LAST_TEMP_TYPE; i++)
1114 rb_dlinkFindDestroy(aconf, &temp_klines[i]);
1115 /* Make sure delete_one_address_conf() does not
1116 * free the aconf.
1117 */
1118 aconf->clients++;
1119 delete_one_address_conf(aconf->host, aconf);
1120 aconf->clients--;
1121 break;
1122 case CONF_DLINE:
1123 if (aconf->lifetime == 0 &&
1124 aconf->flags & CONF_FLAGS_TEMPORARY)
1125 for (i = 0; i < LAST_TEMP_TYPE; i++)
1126 rb_dlinkFindDestroy(aconf, &temp_dlines[i]);
1127 aconf->clients++;
1128 delete_one_address_conf(aconf->host, aconf);
1129 aconf->clients--;
1130 break;
1131 case CONF_XLINE:
1132 rb_dlinkFindDestroy(aconf, &xline_conf_list);
1133 break;
1134 case CONF_RESV_NICK:
1135 rb_dlinkFindDestroy(aconf, &resv_conf_list);
1136 break;
1137 case CONF_RESV_CHANNEL:
1138 del_from_resv_hash(aconf->host, aconf);
1139 break;
1140 }
0a7faba6 1141 if (aconf->lifetime != 0 && now < aconf->lifetime)
548e31d3 1142 {
9197bc35 1143 aconf->status |= CONF_ILLEGAL;
548e31d3 1144 }
9197bc35
JT		 1145 else
1146 {
1147 if (aconf->lifetime != 0)
1148 rb_dlinkDestroy(ptr, &prop_bans);
0a7faba6
EK		 1149 if (aconf->clients == 0)
1150 free_conf(aconf);
1151 else
1152 aconf->status |= CONF_ILLEGAL;
9197bc35
JT		 1153 }
1154}
1155
3cbbfb25
JT		 1156/* Given a new ban ConfItem, look for any matching ban, update the lifetime
1157 * from it and delete it.
1158 */
1159void
1160replace_old_ban(struct ConfItem *aconf)
1161{
1162 rb_dlink_node *ptr;
1163 struct ConfItem *oldconf;
1164
1165 ptr = find_prop_ban(aconf->status, aconf->user, aconf->host);
1166 if(ptr != NULL)
1167 {
1168 oldconf = ptr->data;
1169 /* Remember at least as long as the old one. */
1170 if(oldconf->lifetime > aconf->lifetime)
1171 aconf->lifetime = oldconf->lifetime;
1172 /* Force creation time to increase. */
1173 if(oldconf->created >= aconf->created)
1174 aconf->created = oldconf->created + 1;
1175 /* Leave at least one second of validity. */
1176 if(aconf->hold <= aconf->created)
1177 aconf->hold = aconf->created + 1;
1178 if(aconf->lifetime < aconf->hold)
1179 aconf->lifetime = aconf->hold;
1180 /* Tell deactivate_conf() to destroy it. */
1181 oldconf->lifetime = rb_current_time();
483987a4 1182 deactivate_conf(oldconf, ptr, oldconf->lifetime);
3cbbfb25
JT		 1183 }
1184}
1185
9197bc35
JT		 1186static void
1187expire_prop_bans(void *list)
1188{
1189 rb_dlink_node *ptr;
1190 rb_dlink_node *next_ptr;
1191 struct ConfItem *aconf;
483987a4 1192 time_t now;
9197bc35 1193
483987a4 1194 now = rb_current_time();
9197bc35
JT		 1195 RB_DLINK_FOREACH_SAFE(ptr, next_ptr, ((rb_dlink_list *) list)->head)
1196 {
1197 aconf = ptr->data;
1198
483987a4
JT		 1199 if(aconf->lifetime <= now ||
1200 (aconf->hold <= now &&
9197bc35
JT		 1201 !(aconf->status & CONF_ILLEGAL)))
1202 {
1203 /* Alert opers that a TKline expired - Hwy */
1204 /* XXX show what type of ban it is */
1205 if(ConfigFileEntry.tkline_expire_notices &&
1206 !(aconf->status & CONF_ILLEGAL))
1207 sendto_realops_snomask(SNO_GENERAL, L_ALL,
1208 "Propagated ban for [%s%s%s] expired",
1209 aconf->user ? aconf->user : "",
1210 aconf->user ? "@" : "",
1211 aconf->host ? aconf->host : "*");
1212
1213 /* will destroy or mark illegal */
483987a4 1214 deactivate_conf(aconf, ptr, now);
9197bc35
JT		 1215 }
1216 }
1217}
1218
212380e3
AC		 1219/* expire_tkline()
1220 *
1221 * inputs - list pointer
1222 * - type
1223 * output - NONE
1224 * side effects - expire tklines and moves them between lists
1225 */
1226static void
1227expire_temp_kd(void *list)
1228{
330fc5c1 1229 rb_dlink_node *ptr;
637c4932 1230 rb_dlink_node *next_ptr;
212380e3
AC		 1231 struct ConfItem *aconf;
1232
637c4932 1233 RB_DLINK_FOREACH_SAFE(ptr, next_ptr, ((rb_dlink_list *) list)->head)
212380e3
AC		 1234 {
1235 aconf = ptr->data;
1236
e3354945 1237 if(aconf->hold <= rb_current_time())
212380e3
AC		 1238 {
1239 /* Alert opers that a TKline expired - Hwy */
1240 if(ConfigFileEntry.tkline_expire_notices)
1241 sendto_realops_snomask(SNO_GENERAL, L_ALL,
1242 "Temporary K-line for [%s@%s] expired",
1243 (aconf->user) ? aconf->
1244 user : "*", (aconf->host) ? aconf->host : "*");
1245
1246 delete_one_address_conf(aconf->host, aconf);
330fc5c1 1247 rb_dlinkDestroy(ptr, list);
212380e3
AC		 1248 }
1249 }
1250}
1251
1252static void
1253reorganise_temp_kd(void *list)
1254{
1255 struct ConfItem *aconf;
637c4932 1256 rb_dlink_node *ptr, *next_ptr;
212380e3 1257
637c4932 1258 RB_DLINK_FOREACH_SAFE(ptr, next_ptr, ((rb_dlink_list *) list)->head)
212380e3
AC		 1259 {
1260 aconf = ptr->data;
1261
e3354945 1262 if(aconf->hold < (rb_current_time() + (60 * 60)))
212380e3 1263 {
55abcbb2 1264 rb_dlinkMoveNode(ptr, list, (aconf->status == CONF_KILL) ?
212380e3
AC		 1265 &temp_klines[TEMP_MIN] : &temp_dlines[TEMP_MIN]);
1266 aconf->port = TEMP_MIN;
1267 }
1268 else if(aconf->port > TEMP_HOUR)
1269 {
e3354945 1270 if(aconf->hold < (rb_current_time() + (1440 * 60)))
212380e3 1271 {
55abcbb2 1272 rb_dlinkMoveNode(ptr, list, (aconf->status == CONF_KILL) ?
212380e3
AC		 1273 &temp_klines[TEMP_HOUR] : &temp_dlines[TEMP_HOUR]);
1274 aconf->port = TEMP_HOUR;
1275 }
55abcbb2 1276 else if(aconf->port > TEMP_DAY &&
e3354945 1277 (aconf->hold < (rb_current_time() + (10080 * 60))))
212380e3 1278 {
55abcbb2 1279 rb_dlinkMoveNode(ptr, list, (aconf->status == CONF_KILL) ?
212380e3
AC		 1280 &temp_klines[TEMP_DAY] : &temp_dlines[TEMP_DAY]);
1281 aconf->port = TEMP_DAY;
1282 }
1283 }
1284 }
1285}
1286
1287
1288/* const char* get_oper_name(struct Client *client_p)
1289 * Input: A client to find the active oper{} name for.
1290 * Output: The nick!user@host{oper} of the oper.
e5e814b3 1291 * "oper" is server name for unknown opers
212380e3
AC		 1292 * Side effects: None.
1293 */
e5e814b3 1294const char *
212380e3
AC		 1295get_oper_name(struct Client *client_p)
1296{
1297 /* +5 for !,@,{,} and null */
e5e814b3 1298 static char buffer[NAMELEN + USERLEN + HOSTLEN + MAX(HOSTLEN, OPERNICKLEN) + 5];
212380e3 1299
e5e814b3
EK		 1300 const char *opername = EmptyString(client_p->user->opername)
1301 ? client_p->servptr->name
1302 : client_p->user->opername;
212380e3 1303
e5e814b3
EK		 1304 snprintf(buffer, sizeof buffer, "%s!%s@%s{%s}",
1305 client_p->name, client_p->username,
1306 client_p->host, opername);
212380e3
AC		 1307 return buffer;
1308}
1309
1310/*
1311 * get_printable_conf
1312 *
1313 * inputs - struct ConfItem
1314 *
55abcbb2 1315 * output - name
212380e3
AC		 1316 * - host
1317 * - pass
1318 * - user
1319 * - port
1320 *
1321 * side effects -
1322 * Examine the struct struct ConfItem, setting the values
1323 * of name, host, pass, user to values either
1324 * in aconf, or "<NULL>" port is set to aconf->port in all cases.
1325 */
1326void
1327get_printable_conf(struct ConfItem *aconf, char **name, char **host,
29c92cf9 1328 const char **pass, char **user, int *port, char **classname)
212380e3
AC		 1329{
1330 static char null[] = "<NULL>";
1331 static char zero[] = "default";
1332
27f616dd 1333 *name = EmptyString(aconf->info.name) ? null : aconf->info.name;
212380e3
AC		 1334 *host = EmptyString(aconf->host) ? null : aconf->host;
1335 *pass = EmptyString(aconf->passwd) ? null : aconf->passwd;
1336 *user = EmptyString(aconf->user) ? null : aconf->user;
1337 *classname = EmptyString(aconf->className) ? zero : aconf->className;
1338 *port = (int) aconf->port;
1339}
1340
a12ad044
JT		 1341char *
1342get_user_ban_reason(struct ConfItem *aconf)
1343{
1344 static char reasonbuf[BUFSIZE];
1345
9914c013
EK		 1346 if (!ConfigFileEntry.hide_tkdline_duration &&
1347 aconf->flags & CONF_FLAGS_TEMPORARY &&
a12ad044 1348 (aconf->status == CONF_KILL || aconf->status == CONF_DLINE))
5203cba5 1349 snprintf(reasonbuf, sizeof reasonbuf,
a12ad044
JT		 1350 "Temporary %c-line %d min. - ",
1351 aconf->status == CONF_DLINE ? 'D' : 'K',
803ce385 1352 (int)((aconf->hold - aconf->created) / 60));
a12ad044
JT		 1353 else
1354 reasonbuf[0] = '\0';
1355 if (aconf->passwd)
1356 rb_strlcat(reasonbuf, aconf->passwd, sizeof reasonbuf);
1357 else
1358 rb_strlcat(reasonbuf, "No Reason", sizeof reasonbuf);
1359 if (aconf->created)
1360 {
1361 rb_strlcat(reasonbuf, " (", sizeof reasonbuf);
1362 rb_strlcat(reasonbuf, smalldate(aconf->created),
1363 sizeof reasonbuf);
1364 rb_strlcat(reasonbuf, ")", sizeof reasonbuf);
1365 }
1366 return reasonbuf;
1367}
1368
54ac8b60 1369void
55abcbb2 1370get_printable_kline(struct Client *source_p, struct ConfItem *aconf,
54ac8b60
VY		 1371 char **host, char **reason,
1372 char **user, char **oper_reason)
1373{
1374 static char null[] = "<NULL>";
778dd56b 1375 static char operreasonbuf[BUFSIZE];
54ac8b60
VY		 1376
1377 *host = EmptyString(aconf->host) ? null : aconf->host;
54ac8b60 1378 *user = EmptyString(aconf->user) ? null : aconf->user;
a12ad044 1379 *reason = get_user_ban_reason(aconf);
b52c2949 1380
d4f7eb4c 1381 if(!IsOperGeneral(source_p))
54ac8b60
VY		 1382 *oper_reason = NULL;
1383 else
778dd56b 1384 {
5203cba5 1385 snprintf(operreasonbuf, sizeof operreasonbuf, "%s%s(%s)",
778dd56b
JT		 1386 EmptyString(aconf->spasswd) ? "" : aconf->spasswd,
1387 EmptyString(aconf->spasswd) ? "" : " ",
1388 aconf->info.oper);
1389 *oper_reason = operreasonbuf;
1390 }
212380e3
AC		 1391}
1392
1393/*
1394 * read_conf_files
1395 *
ea111ea5 1396 * inputs - cold start
212380e3
AC		 1397 * output - none
1398 * side effects - read all conf files needed, ircd.conf kline.conf etc.
1399 */
1400void
ea111ea5 1401read_conf_files(bool cold)
212380e3
AC		 1402{
1403 const char *filename;
1404
1405 conf_fbfile_in = NULL;
1406
22342cd1 1407 filename = ConfigFileEntry.configfile;
212380e3
AC		 1408
1409 /* We need to know the initial filename for the yyerror() to report
1410 FIXME: The full path is in conffilenamebuf first time since we
1411 dont know anything else
1412
55abcbb2 1413 - Gozem 2002-07-21
a576a0fe
CD		 1414
1415
212380e3 1416 */
f427c8b0 1417 rb_strlcpy(conffilebuf, filename, sizeof(conffilebuf));
212380e3
AC		 1418
1419 if((conf_fbfile_in = fopen(filename, "r")) == NULL)
1420 {
1421 if(cold)
1422 {
f951460a 1423 inotice("Failed in reading configuration file %s, aborting", filename);
a576a0fe
CD		 1424 ilog(L_MAIN, "Failed in reading configuration file %s", filename);
1425
1426 int e;
1427 e = errno;
1428
2c0450fb
CD		 1429 inotice("FATAL: %s %s", strerror(e), filename);
1430 ilog(L_MAIN, "FATAL: %s %s", strerror(e), filename);
a576a0fe 1431
212380e3
AC		 1432 exit(-1);
1433 }
1434 else
1435 {
a9227555 1436 sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
212380e3
AC		 1437 "Can't open file '%s' - aborting rehash!", filename);
1438 return;
1439 }
1440 }
1441
1442 if(!cold)
1443 {
1444 clear_out_old_conf();
1445 }
1446
7d603754 1447 call_hook(h_conf_read_start, NULL);
29c92cf9 1448 read_conf();
7d603754
KB		 1449 call_hook(h_conf_read_end, NULL);
1450
212380e3
AC		 1451 fclose(conf_fbfile_in);
1452}
1453
8ac75529
AC		 1454/*
1455 * free an alias{} entry.
1456 */
1457static void
4177311e 1458free_alias_cb(rb_dictionary_element *ptr, void *unused)
8ac75529
AC		 1459{
1460 struct alias_entry *aptr = ptr->data;
1461
637c4932
VY		 1462 rb_free(aptr->name);
1463 rb_free(aptr->target);
1464 rb_free(aptr);
8ac75529
AC		 1465}
1466
212380e3
AC		 1467/*
1468 * clear_out_old_conf
1469 *
1470 * inputs - none
1471 * output - none
1472 * side effects - Clear out the old configuration
1473 */
1474static void
1475clear_out_old_conf(void)
1476{
1477 struct Class *cltmp;
330fc5c1 1478 rb_dlink_node *ptr;
637c4932 1479 rb_dlink_node *next_ptr;
212380e3
AC		 1480
1481 /*
1482 * don't delete the class table, rather mark all entries
1483 * for deletion. The table is cleaned up by check_class. - avalon
1484 */
5cefa1d6 1485 RB_DLINK_FOREACH(ptr, class_list.head)
212380e3
AC		 1486 {
1487 cltmp = ptr->data;
1488 MaxUsers(cltmp) = -1;
1489 }
1490
625cbb19 1491 clear_out_address_conf(AC_CONFIG);
212380e3
AC		 1492 clear_s_newconf();
1493
1494 /* clean out module paths */
212380e3
AC		 1495 mod_clear_paths();
1496 mod_add_path(MODULE_DIR);
1497 mod_add_path(MODULE_DIR "/autoload");
212380e3
AC		 1498
1499 /* clean out ServerInfo */
637c4932 1500 rb_free(ServerInfo.description);
212380e3 1501 ServerInfo.description = NULL;
637c4932 1502 rb_free(ServerInfo.network_name);
212380e3 1503 ServerInfo.network_name = NULL;
212380e3 1504
c6d72037
VY		 1505 ServerInfo.ssld_count = 1;
1506
212380e3 1507 /* clean out AdminInfo */
637c4932 1508 rb_free(AdminInfo.name);
212380e3 1509 AdminInfo.name = NULL;
637c4932 1510 rb_free(AdminInfo.email);
212380e3 1511 AdminInfo.email = NULL;
637c4932 1512 rb_free(AdminInfo.description);
212380e3
AC		 1513 AdminInfo.description = NULL;
1514
1515 /* operator{} and class{} blocks are freed above */
1516 /* clean out listeners */
1517 close_listeners();
1518
1519 /* auth{}, quarantine{}, shared{}, connect{}, kill{}, deny{}, exempt{}
1520 * and gecos{} blocks are freed above too
1521 */
1522
1523 /* clean out general */
010c4fbd
KB		 1524 rb_free(ConfigFileEntry.default_operstring);
1525 ConfigFileEntry.default_operstring = NULL;
1526 rb_free(ConfigFileEntry.default_adminstring);
1527 ConfigFileEntry.default_adminstring = NULL;
1528 rb_free(ConfigFileEntry.servicestring);
1529 ConfigFileEntry.servicestring = NULL;
d61a1c7e
JT		 1530 rb_free(ConfigFileEntry.kline_reason);
1531 ConfigFileEntry.kline_reason = NULL;
7d33cce8
MT		 1532 rb_free(ConfigFileEntry.sasl_service);
1533 ConfigFileEntry.sasl_service = NULL;
1596fc8f
EK		 1534 rb_free(ConfigFileEntry.drain_reason);
1535 ConfigFileEntry.drain_reason = NULL;
d61a1c7e 1536
6ac21a70
EK		 1537 if (ConfigFileEntry.hidden_caps != NULL)
1538 {
1539 for (size_t i = 0; ConfigFileEntry.hidden_caps[i] != NULL; i++)
1540 rb_free(ConfigFileEntry.hidden_caps[i]);
1541 rb_free(ConfigFileEntry.hidden_caps);
1542 }
1543 ConfigFileEntry.hidden_caps = NULL;
1544
00533129
KB		 1545 /* clean out log */
1546 rb_free(ConfigFileEntry.fname_userlog);
1547 ConfigFileEntry.fname_userlog = NULL;
1548 rb_free(ConfigFileEntry.fname_fuserlog);
1549 ConfigFileEntry.fname_fuserlog = NULL;
1550 rb_free(ConfigFileEntry.fname_operlog);
1551 ConfigFileEntry.fname_operlog = NULL;
1552 rb_free(ConfigFileEntry.fname_foperlog);
1553 ConfigFileEntry.fname_foperlog = NULL;
1554 rb_free(ConfigFileEntry.fname_serverlog);
1555 ConfigFileEntry.fname_serverlog = NULL;
1556 rb_free(ConfigFileEntry.fname_killlog);
1557 ConfigFileEntry.fname_killlog = NULL;
1558 rb_free(ConfigFileEntry.fname_klinelog);
1559 ConfigFileEntry.fname_klinelog = NULL;
1560 rb_free(ConfigFileEntry.fname_operspylog);
1561 ConfigFileEntry.fname_operspylog = NULL;
1562 rb_free(ConfigFileEntry.fname_ioerrorlog);
1563 ConfigFileEntry.fname_ioerrorlog = NULL;
1564
637c4932 1565 RB_DLINK_FOREACH_SAFE(ptr, next_ptr, service_list.head)
212380e3 1566 {
637c4932 1567 rb_free(ptr->data);
330fc5c1 1568 rb_dlinkDestroy(ptr, &service_list);
212380e3
AC		 1569 }
1570
1571 /* remove any aliases... -- nenolod */
dbcd150b
AC		 1572 if (alias_dict != NULL)
1573 {
a4bf26dd 1574 rb_dictionary_destroy(alias_dict, free_alias_cb, NULL);
dbcd150b
AC		 1575 alias_dict = NULL;
1576 }
212380e3 1577
3321eef4 1578 del_dnsbl_entry_all();
212380e3 1579
422bb0b5
JT		 1580 privilegeset_mark_all_illegal();
1581
212380e3
AC		 1582 /* OK, that should be everything... */
1583}
1584
1585
212380e3
AC		 1586/*
1587 * conf_add_class_to_conf
1588 * inputs - pointer to config item
1589 * output - NONE
55abcbb2 1590 * side effects - Add a class pointer to a conf
212380e3
AC		 1591 */
1592
1593void
1594conf_add_class_to_conf(struct ConfItem *aconf)
1595{
1596 if(aconf->className == NULL)
1597 {
47a03750 1598 aconf->className = rb_strdup("default");
212380e3
AC		 1599 ClassPtr(aconf) = default_class;
1600 return;
1601 }
1602
1603 ClassPtr(aconf) = find_class(aconf->className);
1604
1605 if(ClassPtr(aconf) == default_class)
1606 {
1607 if(aconf->status == CONF_CLIENT)
1608 {
8b801ad1
JT		 1609 conf_report_error(
1610 "Using default class for missing class \"%s\" in auth{} for %s@%s",
212380e3
AC		 1611 aconf->className, aconf->user, aconf->host);
1612 }
1613
637c4932 1614 rb_free(aconf->className);
47a03750 1615 aconf->className = rb_strdup("default");
212380e3
AC		 1616 return;
1617 }
1618
1619 if(ConfMaxUsers(aconf) < 0)
1620 {
1621 ClassPtr(aconf) = default_class;
637c4932 1622 rb_free(aconf->className);
47a03750 1623 aconf->className = rb_strdup("default");
212380e3
AC		 1624 return;
1625 }
1626}
1627
1628/*
1629 * conf_add_d_conf
1630 * inputs - pointer to config item
1631 * output - NONE
1632 * side effects - Add a d/D line
1633 */
1634void
1635conf_add_d_conf(struct ConfItem *aconf)
1636{
1637 if(aconf->host == NULL)
1638 return;
1639
1640 aconf->user = NULL;
1641
1642 /* XXX - Should 'd' ever be in the old conf? For new conf we don't
1643 * need this anyway, so I will disable it for now... -A1kmm
1644 */
1645
1646 if(parse_netmask(aconf->host, NULL, NULL) == HM_HOST)
1647 {
1648 ilog(L_MAIN, "Invalid Dline %s ignored", aconf->host);
1649 free_conf(aconf);
1650 }
1651 else
1652 {
40c1fd47 1653 add_conf_by_address(aconf->host, CONF_DLINE, NULL, NULL, aconf);
212380e3
AC		 1654 }
1655}
1656
89bb7d65
SA		 1657static void
1658strip_tabs(char *dest, const char *src, size_t size)
decf0486
VY		 1659{
1660 char *d = dest;
1661
1662 if(dest == NULL || src == NULL)
89bb7d65 1663 return;
decf0486 1664
89bb7d65 1665 rb_strlcpy(dest, src, size);
decf0486
VY		 1666
1667 while(*d)
1668 {
1669 if(*d == '\t')
1670 *d = ' ';
1671 d++;
1672 }
decf0486 1673}
212380e3
AC		 1674
1675/*
1676 * yyerror
1677 *
1678 * inputs - message from parser
1679 * output - none
1680 * side effects - message to opers and log file entry is made
1681 */
1682void
1683yyerror(const char *msg)
1684{
1685 char newlinebuf[BUFSIZE];
1686
89bb7d65 1687 strip_tabs(newlinebuf, yy_linebuf, sizeof(newlinebuf));
212380e3 1688
beccbe31 1689 ierror("\"%s\", line %d: %s at '%s'", conffilebuf, lineno + 1, msg, newlinebuf);
a9227555 1690 sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "\"%s\", line %d: %s at '%s'",
212380e3
AC		 1691 conffilebuf, lineno + 1, msg, newlinebuf);
1692
212380e3
AC		 1693}
1694
1695int
1696conf_fgets(char *lbuf, int max_size, FILE * fb)
1697{
eac04554 1698 if(fgets(lbuf, max_size, fb) == NULL)
212380e3
AC		 1699 return (0);
1700
1701 return (strlen(lbuf));
1702}
1703
1704int
1705conf_yy_fatal_error(const char *msg)
1706{
1707 return (0);
1708}
Fork of solanum ircd, history is rebased regularly