]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * ircd-ratbox: A slightly useful ircd. | |
3 | * s_conf.c: Configuration file functions. | |
4 | * | |
5 | * Copyright (C) 1990 Jarkko Oikarinen and University of Oulu, Co Center | |
6 | * Copyright (C) 1996-2002 Hybrid Development Team | |
7 | * Copyright (C) 2002-2005 ircd-ratbox development team | |
8 | * | |
9 | * This program is free software; you can redistribute it and/or modify | |
10 | * it under the terms of the GNU General Public License as published by | |
11 | * the Free Software Foundation; either version 2 of the License, or | |
12 | * (at your option) any later version. | |
13 | * | |
14 | * This program is distributed in the hope that it will be useful, | |
15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
17 | * GNU General Public License for more details. | |
18 | * | |
19 | * You should have received a copy of the GNU General Public License | |
20 | * along with this program; if not, write to the Free Software | |
21 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 | |
22 | * USA | |
23 | * | |
24 | * $Id: s_conf.c 3550 2007-08-09 06:47:26Z nenolod $ | |
25 | */ | |
26 | ||
27 | #include "stdinc.h" | |
28 | #include "ircd_defs.h" | |
29 | #include "s_conf.h" | |
30 | #include "s_newconf.h" | |
31 | #include "newconf.h" | |
32 | #include "s_serv.h" | |
33 | #include "s_stats.h" | |
34 | #include "channel.h" | |
35 | #include "class.h" | |
36 | #include "client.h" | |
37 | #include "common.h" | |
38 | #include "hash.h" | |
39 | #include "match.h" | |
40 | #include "ircd.h" | |
41 | #include "listener.h" | |
42 | #include "hostmask.h" | |
43 | #include "modules.h" | |
44 | #include "numeric.h" | |
45 | #include "logger.h" | |
46 | #include "send.h" | |
47 | #include "reject.h" | |
48 | #include "cache.h" | |
49 | #include "blacklist.h" | |
50 | #include "privilege.h" | |
51 | #include "sslproc.h" | |
52 | #include "bandbi.h" | |
53 | #include "operhash.h" | |
54 | #include "chmode.h" | |
55 | #include "hook.h" | |
56 | #include "s_assert.h" | |
57 | ||
58 | struct config_server_hide ConfigServerHide; | |
59 | ||
60 | extern int yyparse(void); /* defined in y.tab.c */ | |
61 | extern char linebuf[]; | |
62 | ||
63 | #ifndef INADDR_NONE | |
64 | #define INADDR_NONE ((unsigned int) 0xffffffff) | |
65 | #endif | |
66 | ||
67 | static rb_bh *confitem_heap = NULL; | |
68 | ||
69 | rb_dlink_list prop_bans; | |
70 | ||
71 | rb_dlink_list temp_klines[LAST_TEMP_TYPE]; | |
72 | rb_dlink_list temp_dlines[LAST_TEMP_TYPE]; | |
73 | rb_dlink_list service_list; | |
74 | ||
75 | /* internally defined functions */ | |
76 | static void set_default_conf(void); | |
77 | static void validate_conf(void); | |
78 | static void read_conf(FILE *); | |
79 | static void clear_out_old_conf(void); | |
80 | ||
81 | static void expire_prop_bans(void *list); | |
82 | static void expire_temp_kd(void *list); | |
83 | static void reorganise_temp_kd(void *list); | |
84 | ||
85 | FILE *conf_fbfile_in; | |
86 | extern char yytext[]; | |
87 | ||
88 | static int verify_access(struct Client *client_p, const char *username); | |
89 | static int attach_iline(struct Client *, struct ConfItem *); | |
90 | ||
91 | void | |
92 | init_s_conf(void) | |
93 | { | |
94 | confitem_heap = rb_bh_create(sizeof(struct ConfItem), CONFITEM_HEAP_SIZE, "confitem_heap"); | |
95 | ||
96 | rb_event_addish("expire_prop_bans", expire_prop_bans, &prop_bans, 60); | |
97 | ||
98 | rb_event_addish("expire_temp_klines", expire_temp_kd, &temp_klines[TEMP_MIN], 60); | |
99 | rb_event_addish("expire_temp_dlines", expire_temp_kd, &temp_dlines[TEMP_MIN], 60); | |
100 | ||
101 | rb_event_addish("expire_temp_klines_hour", reorganise_temp_kd, | |
102 | &temp_klines[TEMP_HOUR], 3600); | |
103 | rb_event_addish("expire_temp_dlines_hour", reorganise_temp_kd, | |
104 | &temp_dlines[TEMP_HOUR], 3600); | |
105 | rb_event_addish("expire_temp_klines_day", reorganise_temp_kd, | |
106 | &temp_klines[TEMP_DAY], 86400); | |
107 | rb_event_addish("expire_temp_dlines_day", reorganise_temp_kd, | |
108 | &temp_dlines[TEMP_DAY], 86400); | |
109 | rb_event_addish("expire_temp_klines_week", reorganise_temp_kd, | |
110 | &temp_klines[TEMP_WEEK], 604800); | |
111 | rb_event_addish("expire_temp_dlines_week", reorganise_temp_kd, | |
112 | &temp_dlines[TEMP_WEEK], 604800); | |
113 | } | |
114 | ||
115 | /* | |
116 | * make_conf | |
117 | * | |
118 | * inputs - none | |
119 | * output - pointer to new conf entry | |
120 | * side effects - none | |
121 | */ | |
122 | struct ConfItem * | |
123 | make_conf() | |
124 | { | |
125 | struct ConfItem *aconf; | |
126 | ||
127 | aconf = rb_bh_alloc(confitem_heap); | |
128 | aconf->status = CONF_ILLEGAL; | |
129 | return (aconf); | |
130 | } | |
131 | ||
132 | /* | |
133 | * free_conf | |
134 | * | |
135 | * inputs - pointer to conf to free | |
136 | * output - none | |
137 | * side effects - crucial password fields are zeroed, conf is freed | |
138 | */ | |
139 | void | |
140 | free_conf(struct ConfItem *aconf) | |
141 | { | |
142 | s_assert(aconf != NULL); | |
143 | if(aconf == NULL) | |
144 | return; | |
145 | ||
146 | /* security.. */ | |
147 | if(aconf->passwd) | |
148 | memset(aconf->passwd, 0, strlen(aconf->passwd)); | |
149 | if(aconf->spasswd) | |
150 | memset(aconf->spasswd, 0, strlen(aconf->spasswd)); | |
151 | ||
152 | rb_free(aconf->passwd); | |
153 | rb_free(aconf->spasswd); | |
154 | rb_free(aconf->className); | |
155 | rb_free(aconf->user); | |
156 | rb_free(aconf->host); | |
157 | ||
158 | if(IsConfBan(aconf)) | |
159 | operhash_delete(aconf->info.oper); | |
160 | else | |
161 | rb_free(aconf->info.name); | |
162 | ||
163 | rb_bh_free(confitem_heap, aconf); | |
164 | } | |
165 | ||
166 | /* | |
167 | * check_client | |
168 | * | |
169 | * inputs - pointer to client | |
170 | * output - 0 = Success | |
171 | * NOT_AUTHORISED (-1) = Access denied (no I line match) | |
172 | * SOCKET_ERROR (-2) = Bad socket. | |
173 | * I_LINE_FULL (-3) = I-line is full | |
174 | * TOO_MANY (-4) = Too many connections from hostname | |
175 | * BANNED_CLIENT (-5) = K-lined | |
176 | * side effects - Ordinary client access check. | |
177 | * Look for conf lines which have the same | |
178 | * status as the flags passed. | |
179 | */ | |
180 | int | |
181 | check_client(struct Client *client_p, struct Client *source_p, const char *username) | |
182 | { | |
183 | int i; | |
184 | ||
185 | if((i = verify_access(source_p, username))) | |
186 | { | |
187 | ilog(L_FUSER, "Access denied: %s[%s]", | |
188 | source_p->name, source_p->sockhost); | |
189 | } | |
190 | ||
191 | switch (i) | |
192 | { | |
193 | case SOCKET_ERROR: | |
194 | exit_client(client_p, source_p, &me, "Socket Error"); | |
195 | break; | |
196 | ||
197 | case TOO_MANY_LOCAL: | |
198 | /* Note that these notices are sent to opers on other | |
199 | * servers also, so even if local opers are allowed to | |
200 | * see the IP, we still cannot send it. | |
201 | */ | |
202 | sendto_realops_snomask(SNO_FULL, L_NETWIDE, | |
203 | "Too many local connections for %s!%s%s@%s", | |
204 | source_p->name, IsGotId(source_p) ? "" : "~", | |
205 | source_p->username, | |
206 | show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : source_p->host); | |
207 | ||
208 | ilog(L_FUSER, "Too many local connections from %s!%s%s@%s", | |
209 | source_p->name, IsGotId(source_p) ? "" : "~", | |
210 | source_p->username, source_p->sockhost); | |
211 | ||
212 | ServerStats.is_ref++; | |
213 | exit_client(client_p, source_p, &me, "Too many host connections (local)"); | |
214 | break; | |
215 | ||
216 | case TOO_MANY_GLOBAL: | |
217 | sendto_realops_snomask(SNO_FULL, L_NETWIDE, | |
218 | "Too many global connections for %s!%s%s@%s", | |
219 | source_p->name, IsGotId(source_p) ? "" : "~", | |
220 | source_p->username, | |
221 | show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : source_p->host); | |
222 | ilog(L_FUSER, "Too many global connections from %s!%s%s@%s", | |
223 | source_p->name, IsGotId(source_p) ? "" : "~", | |
224 | source_p->username, source_p->sockhost); | |
225 | ||
226 | ServerStats.is_ref++; | |
227 | exit_client(client_p, source_p, &me, "Too many host connections (global)"); | |
228 | break; | |
229 | ||
230 | case TOO_MANY_IDENT: | |
231 | sendto_realops_snomask(SNO_FULL, L_NETWIDE, | |
232 | "Too many user connections for %s!%s%s@%s", | |
233 | source_p->name, IsGotId(source_p) ? "" : "~", | |
234 | source_p->username, | |
235 | show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : source_p->host); | |
236 | ilog(L_FUSER, "Too many user connections from %s!%s%s@%s", | |
237 | source_p->name, IsGotId(source_p) ? "" : "~", | |
238 | source_p->username, source_p->sockhost); | |
239 | ||
240 | ServerStats.is_ref++; | |
241 | exit_client(client_p, source_p, &me, "Too many user connections (global)"); | |
242 | break; | |
243 | ||
244 | case I_LINE_FULL: | |
245 | sendto_realops_snomask(SNO_FULL, L_NETWIDE, | |
246 | "I-line is full for %s!%s%s@%s (%s).", | |
247 | source_p->name, IsGotId(source_p) ? "" : "~", | |
248 | source_p->username, source_p->host, | |
249 | show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : "255.255.255.255"); | |
250 | ||
251 | ilog(L_FUSER, "Too many connections from %s!%s%s@%s.", | |
252 | source_p->name, IsGotId(source_p) ? "" : "~", | |
253 | source_p->username, source_p->sockhost); | |
254 | ||
255 | ServerStats.is_ref++; | |
256 | exit_client(client_p, source_p, &me, | |
257 | "No more connections allowed in your connection class"); | |
258 | break; | |
259 | ||
260 | case NOT_AUTHORISED: | |
261 | { | |
262 | int port = -1; | |
263 | #ifdef RB_IPV6 | |
264 | if(source_p->localClient->ip.ss_family == AF_INET6) | |
265 | port = ntohs(((struct sockaddr_in6 *)&source_p->localClient->listener->addr)->sin6_port); | |
266 | else | |
267 | #endif | |
268 | port = ntohs(((struct sockaddr_in *)&source_p->localClient->listener->addr)->sin_port); | |
269 | ||
270 | ServerStats.is_ref++; | |
271 | /* jdc - lists server name & port connections are on */ | |
272 | /* a purely cosmetical change */ | |
273 | /* why ipaddr, and not just source_p->sockhost? --fl */ | |
274 | #if 0 | |
275 | static char ipaddr[HOSTIPLEN]; | |
276 | rb_inet_ntop_sock(&source_p->localClient->ip, ipaddr, sizeof(ipaddr)); | |
277 | #endif | |
278 | sendto_realops_snomask(SNO_UNAUTH, L_ALL, | |
279 | "Unauthorised client connection from " | |
280 | "%s!%s%s@%s [%s] on [%s/%u].", | |
281 | source_p->name, IsGotId(source_p) ? "" : "~", | |
282 | source_p->username, source_p->host, | |
283 | source_p->sockhost, | |
284 | source_p->localClient->listener->name, port); | |
285 | ||
286 | ilog(L_FUSER, | |
287 | "Unauthorised client connection from %s!%s%s@%s on [%s/%u].", | |
288 | source_p->name, IsGotId(source_p) ? "" : "~", | |
289 | source_p->username, source_p->sockhost, | |
290 | source_p->localClient->listener->name, port); | |
291 | add_reject(client_p, NULL, NULL); | |
292 | exit_client(client_p, source_p, &me, | |
293 | "You are not authorised to use this server"); | |
294 | break; | |
295 | } | |
296 | case BANNED_CLIENT: | |
297 | exit_client(client_p, client_p, &me, "*** Banned "); | |
298 | ServerStats.is_ref++; | |
299 | break; | |
300 | ||
301 | case 0: | |
302 | default: | |
303 | break; | |
304 | } | |
305 | return (i); | |
306 | } | |
307 | ||
308 | /* | |
309 | * verify_access | |
310 | * | |
311 | * inputs - pointer to client to verify | |
312 | * - pointer to proposed username | |
313 | * output - 0 if success -'ve if not | |
314 | * side effect - find the first (best) I line to attach. | |
315 | */ | |
316 | static int | |
317 | verify_access(struct Client *client_p, const char *username) | |
318 | { | |
319 | struct ConfItem *aconf; | |
320 | char non_ident[USERLEN + 1]; | |
321 | ||
322 | if(IsGotId(client_p)) | |
323 | { | |
324 | aconf = find_address_conf(client_p->host, client_p->sockhost, | |
325 | client_p->username, client_p->username, | |
326 | (struct sockaddr *) &client_p->localClient->ip, | |
327 | client_p->localClient->ip.ss_family, | |
328 | client_p->localClient->auth_user); | |
329 | } | |
330 | else | |
331 | { | |
332 | rb_strlcpy(non_ident, "~", sizeof(non_ident)); | |
333 | rb_strlcat(non_ident, username, sizeof(non_ident)); | |
334 | aconf = find_address_conf(client_p->host, client_p->sockhost, | |
335 | non_ident, client_p->username, | |
336 | (struct sockaddr *) &client_p->localClient->ip, | |
337 | client_p->localClient->ip.ss_family, | |
338 | client_p->localClient->auth_user); | |
339 | } | |
340 | ||
341 | if(aconf == NULL) | |
342 | return NOT_AUTHORISED; | |
343 | ||
344 | if(aconf->status & CONF_CLIENT) | |
345 | { | |
346 | if(aconf->flags & CONF_FLAGS_REDIR) | |
347 | { | |
348 | sendto_one_numeric(client_p, RPL_REDIR, form_str(RPL_REDIR), | |
349 | aconf->info.name ? aconf->info.name : "", aconf->port); | |
350 | return (NOT_AUTHORISED); | |
351 | } | |
352 | ||
353 | /* Thanks for spoof idea amm */ | |
354 | if(IsConfDoSpoofIp(aconf)) | |
355 | { | |
356 | char *p; | |
357 | ||
358 | /* show_ip() depends on this --fl */ | |
359 | SetIPSpoof(client_p); | |
360 | ||
361 | if(IsConfSpoofNotice(aconf)) | |
362 | { | |
363 | sendto_realops_snomask(SNO_GENERAL, L_ALL, | |
364 | "%s spoofing: %s as %s", | |
365 | client_p->name, | |
366 | show_ip(NULL, client_p) ? client_p->host : aconf->info.name, | |
367 | aconf->info.name); | |
368 | } | |
369 | ||
370 | /* user@host spoof */ | |
371 | if((p = strchr(aconf->info.name, '@')) != NULL) | |
372 | { | |
373 | char *host = p+1; | |
374 | *p = '\0'; | |
375 | ||
376 | rb_strlcpy(client_p->username, aconf->info.name, | |
377 | sizeof(client_p->username)); | |
378 | rb_strlcpy(client_p->host, host, | |
379 | sizeof(client_p->host)); | |
380 | *p = '@'; | |
381 | } | |
382 | else | |
383 | rb_strlcpy(client_p->host, aconf->info.name, sizeof(client_p->host)); | |
384 | } | |
385 | return (attach_iline(client_p, aconf)); | |
386 | } | |
387 | else if(aconf->status & CONF_KILL) | |
388 | { | |
389 | if(ConfigFileEntry.kline_with_reason) | |
390 | sendto_one(client_p, | |
391 | form_str(ERR_YOUREBANNEDCREEP), | |
392 | me.name, client_p->name, | |
393 | get_user_ban_reason(aconf)); | |
394 | add_reject(client_p, aconf->user, aconf->host); | |
395 | return (BANNED_CLIENT); | |
396 | } | |
397 | ||
398 | return NOT_AUTHORISED; | |
399 | } | |
400 | ||
401 | ||
402 | /* | |
403 | * add_ip_limit | |
404 | * | |
405 | * Returns 1 if successful 0 if not | |
406 | * | |
407 | * This checks if the user has exceed the limits for their class | |
408 | * unless of course they are exempt.. | |
409 | */ | |
410 | ||
411 | static int | |
412 | add_ip_limit(struct Client *client_p, struct ConfItem *aconf) | |
413 | { | |
414 | rb_patricia_node_t *pnode; | |
415 | int bitlen; | |
416 | ||
417 | /* If the limits are 0 don't do anything.. */ | |
418 | if(ConfCidrAmount(aconf) == 0 | |
419 | || (ConfCidrIpv4Bitlen(aconf) == 0 && ConfCidrIpv6Bitlen(aconf) == 0)) | |
420 | return -1; | |
421 | ||
422 | pnode = rb_match_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip); | |
423 | ||
424 | if(GET_SS_FAMILY(&client_p->localClient->ip) == AF_INET) | |
425 | bitlen = ConfCidrIpv4Bitlen(aconf); | |
426 | else | |
427 | bitlen = ConfCidrIpv6Bitlen(aconf); | |
428 | ||
429 | if(pnode == NULL) | |
430 | pnode = make_and_lookup_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip, bitlen); | |
431 | ||
432 | s_assert(pnode != NULL); | |
433 | ||
434 | if(pnode != NULL) | |
435 | { | |
436 | if(((intptr_t)pnode->data) >= ConfCidrAmount(aconf) && !IsConfExemptLimits(aconf)) | |
437 | { | |
438 | /* This should only happen if the limits are set to 0 */ | |
439 | if((intptr_t)pnode->data == 0) | |
440 | { | |
441 | rb_patricia_remove(ConfIpLimits(aconf), pnode); | |
442 | } | |
443 | return (0); | |
444 | } | |
445 | ||
446 | pnode->data = (void *)(((intptr_t)pnode->data) + 1); | |
447 | } | |
448 | return 1; | |
449 | } | |
450 | ||
451 | static void | |
452 | remove_ip_limit(struct Client *client_p, struct ConfItem *aconf) | |
453 | { | |
454 | rb_patricia_node_t *pnode; | |
455 | ||
456 | /* If the limits are 0 don't do anything.. */ | |
457 | if(ConfCidrAmount(aconf) == 0 | |
458 | || (ConfCidrIpv4Bitlen(aconf) == 0 && ConfCidrIpv6Bitlen(aconf) == 0)) | |
459 | return; | |
460 | ||
461 | pnode = rb_match_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip); | |
462 | if(pnode == NULL) | |
463 | return; | |
464 | ||
465 | pnode->data = (void *)(((intptr_t)pnode->data) - 1); | |
466 | if(((intptr_t)pnode->data) == 0) | |
467 | { | |
468 | rb_patricia_remove(ConfIpLimits(aconf), pnode); | |
469 | } | |
470 | ||
471 | } | |
472 | ||
473 | /* | |
474 | * attach_iline | |
475 | * | |
476 | * inputs - client pointer | |
477 | * - conf pointer | |
478 | * output - | |
479 | * side effects - do actual attach | |
480 | */ | |
481 | static int | |
482 | attach_iline(struct Client *client_p, struct ConfItem *aconf) | |
483 | { | |
484 | struct Client *target_p; | |
485 | rb_dlink_node *ptr; | |
486 | int local_count = 0; | |
487 | int global_count = 0; | |
488 | int ident_count = 0; | |
489 | int unidented; | |
490 | ||
491 | if(IsConfExemptLimits(aconf)) | |
492 | return (attach_conf(client_p, aconf)); | |
493 | ||
494 | unidented = !IsGotId(client_p) && !IsNoTilde(aconf) && | |
495 | (!IsConfDoSpoofIp(aconf) || !strchr(aconf->info.name, '@')); | |
496 | ||
497 | /* find_hostname() returns the head of the list to search */ | |
498 | RB_DLINK_FOREACH(ptr, find_hostname(client_p->host)) | |
499 | { | |
500 | target_p = ptr->data; | |
501 | ||
502 | if(irccmp(client_p->host, target_p->orighost) != 0) | |
503 | continue; | |
504 | ||
505 | if(MyConnect(target_p)) | |
506 | local_count++; | |
507 | ||
508 | global_count++; | |
509 | ||
510 | if(unidented) | |
511 | { | |
512 | if(*target_p->username == '~') | |
513 | ident_count++; | |
514 | } | |
515 | else if(irccmp(target_p->username, client_p->username) == 0) | |
516 | ident_count++; | |
517 | ||
518 | if(ConfMaxLocal(aconf) && local_count >= ConfMaxLocal(aconf)) | |
519 | return (TOO_MANY_LOCAL); | |
520 | else if(ConfMaxGlobal(aconf) && global_count >= ConfMaxGlobal(aconf)) | |
521 | return (TOO_MANY_GLOBAL); | |
522 | else if(ConfMaxIdent(aconf) && ident_count >= ConfMaxIdent(aconf)) | |
523 | return (TOO_MANY_IDENT); | |
524 | } | |
525 | ||
526 | ||
527 | return (attach_conf(client_p, aconf)); | |
528 | } | |
529 | ||
530 | /* | |
531 | * detach_conf | |
532 | * | |
533 | * inputs - pointer to client to detach | |
534 | * output - 0 for success, -1 for failure | |
535 | * side effects - Disassociate configuration from the client. | |
536 | * Also removes a class from the list if marked for deleting. | |
537 | */ | |
538 | int | |
539 | detach_conf(struct Client *client_p) | |
540 | { | |
541 | struct ConfItem *aconf; | |
542 | ||
543 | aconf = client_p->localClient->att_conf; | |
544 | ||
545 | if(aconf != NULL) | |
546 | { | |
547 | if(ClassPtr(aconf)) | |
548 | { | |
549 | remove_ip_limit(client_p, aconf); | |
550 | ||
551 | if(ConfCurrUsers(aconf) > 0) | |
552 | --ConfCurrUsers(aconf); | |
553 | ||
554 | if(ConfMaxUsers(aconf) == -1 && ConfCurrUsers(aconf) == 0) | |
555 | { | |
556 | free_class(ClassPtr(aconf)); | |
557 | ClassPtr(aconf) = NULL; | |
558 | } | |
559 | ||
560 | } | |
561 | ||
562 | aconf->clients--; | |
563 | if(!aconf->clients && IsIllegal(aconf)) | |
564 | free_conf(aconf); | |
565 | ||
566 | client_p->localClient->att_conf = NULL; | |
567 | return 0; | |
568 | } | |
569 | ||
570 | return -1; | |
571 | } | |
572 | ||
573 | /* | |
574 | * attach_conf | |
575 | * | |
576 | * inputs - client pointer | |
577 | * - conf pointer | |
578 | * output - | |
579 | * side effects - Associate a specific configuration entry to a *local* | |
580 | * client (this is the one which used in accepting the | |
581 | * connection). Note, that this automatically changes the | |
582 | * attachment if there was an old one... | |
583 | */ | |
584 | int | |
585 | attach_conf(struct Client *client_p, struct ConfItem *aconf) | |
586 | { | |
587 | if(IsIllegal(aconf)) | |
588 | return (NOT_AUTHORISED); | |
589 | ||
590 | if(ClassPtr(aconf)) | |
591 | { | |
592 | if(!add_ip_limit(client_p, aconf)) | |
593 | return (TOO_MANY_LOCAL); | |
594 | } | |
595 | ||
596 | if((aconf->status & CONF_CLIENT) && | |
597 | ConfCurrUsers(aconf) >= ConfMaxUsers(aconf) && ConfMaxUsers(aconf) > 0) | |
598 | { | |
599 | if(!IsConfExemptLimits(aconf)) | |
600 | { | |
601 | return (I_LINE_FULL); | |
602 | } | |
603 | else | |
604 | { | |
605 | sendto_one_notice(client_p, ":*** I: line is full, but you have an >I: line!"); | |
606 | } | |
607 | ||
608 | } | |
609 | ||
610 | if(client_p->localClient->att_conf != NULL) | |
611 | detach_conf(client_p); | |
612 | ||
613 | client_p->localClient->att_conf = aconf; | |
614 | ||
615 | aconf->clients++; | |
616 | ConfCurrUsers(aconf)++; | |
617 | return (0); | |
618 | } | |
619 | ||
620 | /* | |
621 | * rehash | |
622 | * | |
623 | * Actual REHASH service routine. Called with sig == 0 if it has been called | |
624 | * as a result of an operator issuing this command, else assume it has been | |
625 | * called as a result of the server receiving a HUP signal. | |
626 | */ | |
627 | int | |
628 | rehash(int sig) | |
629 | { | |
630 | if(sig != 0) | |
631 | { | |
632 | sendto_realops_snomask(SNO_GENERAL, L_ALL, | |
633 | "Got signal SIGHUP, reloading ircd conf. file"); | |
634 | } | |
635 | ||
636 | restart_resolver(); | |
637 | /* don't close listeners until we know we can go ahead with the rehash */ | |
638 | read_conf_files(NO); | |
639 | ||
640 | if(ServerInfo.description != NULL) | |
641 | rb_strlcpy(me.info, ServerInfo.description, sizeof(me.info)); | |
642 | else | |
643 | rb_strlcpy(me.info, "unknown", sizeof(me.info)); | |
644 | ||
645 | open_logfiles(); | |
646 | return (0); | |
647 | } | |
648 | ||
649 | void | |
650 | rehash_bans(int sig) | |
651 | { | |
652 | bandb_rehash_bans(); | |
653 | } | |
654 | ||
655 | /* | |
656 | * set_default_conf() | |
657 | * | |
658 | * inputs - NONE | |
659 | * output - NONE | |
660 | * side effects - Set default values here. | |
661 | * This is called **PRIOR** to parsing the | |
662 | * configuration file. If you want to do some validation | |
663 | * of values later, put them in validate_conf(). | |
664 | */ | |
665 | ||
666 | #define YES 1 | |
667 | #define NO 0 | |
668 | #define UNSET -1 | |
669 | ||
670 | static void | |
671 | set_default_conf(void) | |
672 | { | |
673 | /* ServerInfo.name is not rehashable */ | |
674 | /* ServerInfo.name = ServerInfo.name; */ | |
675 | ServerInfo.description = NULL; | |
676 | ServerInfo.network_name = NULL; | |
677 | ServerInfo.network_desc = NULL; | |
678 | ||
679 | memset(&ServerInfo.ip, 0, sizeof(ServerInfo.ip)); | |
680 | ServerInfo.specific_ipv4_vhost = 0; | |
681 | #ifdef RB_IPV6 | |
682 | memset(&ServerInfo.ip6, 0, sizeof(ServerInfo.ip6)); | |
683 | ServerInfo.specific_ipv6_vhost = 0; | |
684 | #endif | |
685 | ||
686 | /* Don't reset hub, as that will break lazylinks */ | |
687 | /* ServerInfo.hub = NO; */ | |
688 | AdminInfo.name = NULL; | |
689 | AdminInfo.email = NULL; | |
690 | AdminInfo.description = NULL; | |
691 | ||
692 | ConfigFileEntry.default_operstring = NULL; | |
693 | ConfigFileEntry.default_adminstring = NULL; | |
694 | ConfigFileEntry.servicestring = NULL; | |
695 | ||
696 | ConfigFileEntry.default_umodes = UMODE_INVISIBLE; | |
697 | ConfigFileEntry.failed_oper_notice = YES; | |
698 | ConfigFileEntry.anti_nick_flood = NO; | |
699 | ConfigFileEntry.disable_fake_channels = NO; | |
700 | ConfigFileEntry.max_nick_time = 20; | |
701 | ConfigFileEntry.max_nick_changes = 5; | |
702 | ConfigFileEntry.max_accept = 20; | |
703 | ConfigFileEntry.max_monitor = 60; | |
704 | ConfigFileEntry.nick_delay = 900; /* 15 minutes */ | |
705 | ConfigFileEntry.target_change = YES; | |
706 | ConfigFileEntry.anti_spam_exit_message_time = 0; | |
707 | ConfigFileEntry.ts_warn_delta = TS_WARN_DELTA_DEFAULT; | |
708 | ConfigFileEntry.ts_max_delta = TS_MAX_DELTA_DEFAULT; | |
709 | ConfigFileEntry.client_exit = YES; | |
710 | ConfigFileEntry.dline_with_reason = YES; | |
711 | ConfigFileEntry.kline_with_reason = YES; | |
712 | ConfigFileEntry.kline_delay = 0; | |
713 | ConfigFileEntry.warn_no_nline = YES; | |
714 | ConfigFileEntry.non_redundant_klines = YES; | |
715 | ConfigFileEntry.stats_e_disabled = NO; | |
716 | ConfigFileEntry.stats_o_oper_only = NO; | |
717 | ConfigFileEntry.stats_k_oper_only = 1; /* masked */ | |
718 | ConfigFileEntry.stats_i_oper_only = 1; /* masked */ | |
719 | ConfigFileEntry.stats_P_oper_only = NO; | |
720 | ConfigFileEntry.stats_c_oper_only = NO; | |
721 | ConfigFileEntry.stats_y_oper_only = NO; | |
722 | ConfigFileEntry.stats_h_oper_only = NO; | |
723 | ConfigFileEntry.map_oper_only = YES; | |
724 | ConfigFileEntry.operspy_admin_only = NO; | |
725 | ConfigFileEntry.pace_wait = 10; | |
726 | ConfigFileEntry.caller_id_wait = 60; | |
727 | ConfigFileEntry.pace_wait_simple = 1; | |
728 | ConfigFileEntry.short_motd = NO; | |
729 | ConfigFileEntry.no_oper_flood = NO; | |
730 | ConfigFileEntry.fname_userlog = NULL; | |
731 | ConfigFileEntry.fname_fuserlog = NULL; | |
732 | ConfigFileEntry.fname_operlog = NULL; | |
733 | ConfigFileEntry.fname_foperlog = NULL; | |
734 | ConfigFileEntry.fname_serverlog = NULL; | |
735 | ConfigFileEntry.fname_killlog = NULL; | |
736 | ConfigFileEntry.fname_klinelog = NULL; | |
737 | ConfigFileEntry.fname_operspylog = NULL; | |
738 | ConfigFileEntry.fname_ioerrorlog = NULL; | |
739 | ConfigFileEntry.use_egd = NO; | |
740 | ConfigFileEntry.hide_spoof_ips = YES; | |
741 | ConfigFileEntry.hide_error_messages = 1; | |
742 | ConfigFileEntry.dots_in_ident = 0; | |
743 | ConfigFileEntry.max_targets = MAX_TARGETS_DEFAULT; | |
744 | ConfigFileEntry.egdpool_path = NULL; | |
745 | ConfigFileEntry.use_whois_actually = YES; | |
746 | ConfigFileEntry.burst_away = NO; | |
747 | ConfigFileEntry.collision_fnc = YES; | |
748 | ConfigFileEntry.resv_fnc = YES; | |
749 | ConfigFileEntry.global_snotices = YES; | |
750 | ConfigFileEntry.operspy_dont_care_user_info = NO; | |
751 | ConfigFileEntry.use_propagated_bans = YES; | |
752 | ConfigFileEntry.max_ratelimit_tokens = 30; | |
753 | ConfigFileEntry.away_interval = 30; | |
754 | ||
755 | #ifdef HAVE_LIBZ | |
756 | ConfigFileEntry.compression_level = 4; | |
757 | #endif | |
758 | ||
759 | ConfigFileEntry.oper_umodes = UMODE_LOCOPS | UMODE_SERVNOTICE | | |
760 | UMODE_OPERWALL | UMODE_WALLOP; | |
761 | ConfigFileEntry.oper_only_umodes = UMODE_SERVNOTICE; | |
762 | ConfigFileEntry.oper_snomask = SNO_GENERAL; | |
763 | ||
764 | ConfigChannel.use_except = YES; | |
765 | ConfigChannel.use_invex = YES; | |
766 | ConfigChannel.use_forward = YES; | |
767 | ConfigChannel.use_knock = YES; | |
768 | ConfigChannel.knock_delay = 300; | |
769 | ConfigChannel.knock_delay_channel = 60; | |
770 | ConfigChannel.max_chans_per_user = 15; | |
771 | ConfigChannel.max_bans = 25; | |
772 | ConfigChannel.max_bans_large = 500; | |
773 | ConfigChannel.only_ascii_channels = NO; | |
774 | ConfigChannel.burst_topicwho = NO; | |
775 | ConfigChannel.kick_on_split_riding = NO; | |
776 | ||
777 | ConfigChannel.default_split_user_count = 15000; | |
778 | ConfigChannel.default_split_server_count = 10; | |
779 | ConfigChannel.no_join_on_split = NO; | |
780 | ConfigChannel.no_create_on_split = YES; | |
781 | ConfigChannel.resv_forcepart = YES; | |
782 | ConfigChannel.channel_target_change = YES; | |
783 | ConfigChannel.disable_local_channels = NO; | |
784 | ||
785 | ConfigServerHide.flatten_links = 0; | |
786 | ConfigServerHide.links_delay = 300; | |
787 | ConfigServerHide.hidden = 0; | |
788 | ConfigServerHide.disable_hidden = 0; | |
789 | ||
790 | ConfigFileEntry.min_nonwildcard = 4; | |
791 | ConfigFileEntry.min_nonwildcard_simple = 3; | |
792 | ConfigFileEntry.default_floodcount = 8; | |
793 | ConfigFileEntry.default_ident_timeout = IDENT_TIMEOUT_DEFAULT; | |
794 | ConfigFileEntry.tkline_expire_notices = 0; | |
795 | ||
796 | ConfigFileEntry.reject_after_count = 5; | |
797 | ConfigFileEntry.reject_ban_time = 300; | |
798 | ConfigFileEntry.reject_duration = 120; | |
799 | ConfigFileEntry.throttle_count = 4; | |
800 | ConfigFileEntry.throttle_duration = 60; | |
801 | ||
802 | ConfigFileEntry.client_flood_max_lines = CLIENT_FLOOD_DEFAULT; | |
803 | ConfigFileEntry.client_flood_burst_rate = 5; | |
804 | ConfigFileEntry.client_flood_burst_max = 5; | |
805 | ConfigFileEntry.client_flood_message_time = 1; | |
806 | ConfigFileEntry.client_flood_message_num = 2; | |
807 | ||
808 | ServerInfo.default_max_clients = MAXCONNECTIONS; | |
809 | ||
810 | ConfigFileEntry.nicklen = NICKLEN; | |
811 | ||
812 | if (!alias_dict) | |
813 | alias_dict = irc_dictionary_create(strcasecmp); | |
814 | } | |
815 | ||
816 | #undef YES | |
817 | #undef NO | |
818 | ||
819 | /* | |
820 | * read_conf() | |
821 | * | |
822 | * | |
823 | * inputs - file descriptor pointing to config file to use | |
824 | * output - None | |
825 | * side effects - Read configuration file. | |
826 | */ | |
827 | static void | |
828 | read_conf(FILE * file) | |
829 | { | |
830 | lineno = 0; | |
831 | ||
832 | set_default_conf(); /* Set default values prior to conf parsing */ | |
833 | yyparse(); /* Load the values from the conf */ | |
834 | validate_conf(); /* Check to make sure some values are still okay. */ | |
835 | /* Some global values are also loaded here. */ | |
836 | check_class(); /* Make sure classes are valid */ | |
837 | privilegeset_delete_all_illegal(); | |
838 | construct_cflags_strings(); | |
839 | } | |
840 | ||
841 | static void | |
842 | validate_conf(void) | |
843 | { | |
844 | if(ConfigFileEntry.default_ident_timeout < 1) | |
845 | ConfigFileEntry.default_ident_timeout = IDENT_TIMEOUT_DEFAULT; | |
846 | ||
847 | if(ConfigFileEntry.ts_warn_delta < TS_WARN_DELTA_MIN) | |
848 | ConfigFileEntry.ts_warn_delta = TS_WARN_DELTA_DEFAULT; | |
849 | ||
850 | if(ConfigFileEntry.ts_max_delta < TS_MAX_DELTA_MIN) | |
851 | ConfigFileEntry.ts_max_delta = TS_MAX_DELTA_DEFAULT; | |
852 | ||
853 | if(ServerInfo.network_name == NULL) | |
854 | ServerInfo.network_name = rb_strdup(NETWORK_NAME_DEFAULT); | |
855 | ||
856 | if(ServerInfo.network_desc == NULL) | |
857 | ServerInfo.network_desc = rb_strdup(NETWORK_DESC_DEFAULT); | |
858 | ||
859 | if(ServerInfo.ssld_count < 1) | |
860 | ServerInfo.ssld_count = 1; | |
861 | ||
862 | if(!rb_setup_ssl_server(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params)) | |
863 | { | |
864 | ilog(L_MAIN, "WARNING: Unable to setup SSL."); | |
865 | ssl_ok = 0; | |
866 | } else { | |
867 | ssl_ok = 1; | |
868 | send_new_ssl_certs(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params); | |
869 | } | |
870 | ||
871 | if(ServerInfo.ssld_count > get_ssld_count()) | |
872 | { | |
873 | int start = ServerInfo.ssld_count - get_ssld_count(); | |
874 | /* start up additional ssld if needed */ | |
875 | start_ssldaemon(start, ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params); | |
876 | ||
877 | } | |
878 | ||
879 | /* General conf */ | |
880 | if (ConfigFileEntry.default_operstring == NULL) | |
881 | ConfigFileEntry.default_operstring = rb_strdup("is an IRC operator"); | |
882 | ||
883 | if (ConfigFileEntry.default_adminstring == NULL) | |
884 | ConfigFileEntry.default_adminstring = rb_strdup("is a Server Administrator"); | |
885 | ||
886 | if (ConfigFileEntry.servicestring == NULL) | |
887 | ConfigFileEntry.servicestring = rb_strdup("is a Network Service"); | |
888 | ||
889 | /* RFC 1459 says 1 message per 2 seconds on average and bursts of | |
890 | * 5 messages are acceptable, so allow at least that. | |
891 | */ | |
892 | if(ConfigFileEntry.client_flood_burst_rate < 5) | |
893 | ConfigFileEntry.client_flood_burst_rate = 5; | |
894 | if(ConfigFileEntry.client_flood_burst_max < 5) | |
895 | ConfigFileEntry.client_flood_burst_max = 5; | |
896 | if(ConfigFileEntry.client_flood_message_time > | |
897 | ConfigFileEntry.client_flood_message_num * 2) | |
898 | ConfigFileEntry.client_flood_message_time = | |
899 | ConfigFileEntry.client_flood_message_num * 2; | |
900 | ||
901 | if((ConfigFileEntry.client_flood_max_lines < CLIENT_FLOOD_MIN) || | |
902 | (ConfigFileEntry.client_flood_max_lines > CLIENT_FLOOD_MAX)) | |
903 | ConfigFileEntry.client_flood_max_lines = CLIENT_FLOOD_MAX; | |
904 | ||
905 | if(!split_users || !split_servers || | |
906 | (!ConfigChannel.no_create_on_split && !ConfigChannel.no_join_on_split)) | |
907 | { | |
908 | rb_event_delete(check_splitmode_ev); | |
909 | check_splitmode_ev = NULL; | |
910 | splitmode = 0; | |
911 | splitchecking = 0; | |
912 | } | |
913 | } | |
914 | ||
915 | /* add_temp_kline() | |
916 | * | |
917 | * inputs - pointer to struct ConfItem | |
918 | * output - none | |
919 | * Side effects - links in given struct ConfItem into | |
920 | * temporary kline link list | |
921 | */ | |
922 | void | |
923 | add_temp_kline(struct ConfItem *aconf) | |
924 | { | |
925 | if(aconf->hold >= rb_current_time() + (10080 * 60)) | |
926 | { | |
927 | rb_dlinkAddAlloc(aconf, &temp_klines[TEMP_WEEK]); | |
928 | aconf->port = TEMP_WEEK; | |
929 | } | |
930 | else if(aconf->hold >= rb_current_time() + (1440 * 60)) | |
931 | { | |
932 | rb_dlinkAddAlloc(aconf, &temp_klines[TEMP_DAY]); | |
933 | aconf->port = TEMP_DAY; | |
934 | } | |
935 | else if(aconf->hold >= rb_current_time() + (60 * 60)) | |
936 | { | |
937 | rb_dlinkAddAlloc(aconf, &temp_klines[TEMP_HOUR]); | |
938 | aconf->port = TEMP_HOUR; | |
939 | } | |
940 | else | |
941 | { | |
942 | rb_dlinkAddAlloc(aconf, &temp_klines[TEMP_MIN]); | |
943 | aconf->port = TEMP_MIN; | |
944 | } | |
945 | ||
946 | aconf->flags |= CONF_FLAGS_TEMPORARY; | |
947 | add_conf_by_address(aconf->host, CONF_KILL, aconf->user, NULL, aconf); | |
948 | } | |
949 | ||
950 | /* add_temp_dline() | |
951 | * | |
952 | * input - pointer to struct ConfItem | |
953 | * output - none | |
954 | * side effects - added to tdline link list and address hash | |
955 | */ | |
956 | void | |
957 | add_temp_dline(struct ConfItem *aconf) | |
958 | { | |
959 | if(aconf->hold >= rb_current_time() + (10080 * 60)) | |
960 | { | |
961 | rb_dlinkAddAlloc(aconf, &temp_dlines[TEMP_WEEK]); | |
962 | aconf->port = TEMP_WEEK; | |
963 | } | |
964 | else if(aconf->hold >= rb_current_time() + (1440 * 60)) | |
965 | { | |
966 | rb_dlinkAddAlloc(aconf, &temp_dlines[TEMP_DAY]); | |
967 | aconf->port = TEMP_DAY; | |
968 | } | |
969 | else if(aconf->hold >= rb_current_time() + (60 * 60)) | |
970 | { | |
971 | rb_dlinkAddAlloc(aconf, &temp_dlines[TEMP_HOUR]); | |
972 | aconf->port = TEMP_HOUR; | |
973 | } | |
974 | else | |
975 | { | |
976 | rb_dlinkAddAlloc(aconf, &temp_dlines[TEMP_MIN]); | |
977 | aconf->port = TEMP_MIN; | |
978 | } | |
979 | ||
980 | aconf->flags |= CONF_FLAGS_TEMPORARY; | |
981 | add_conf_by_address(aconf->host, CONF_DLINE, aconf->user, NULL, aconf); | |
982 | } | |
983 | ||
984 | /* valid_wild_card() | |
985 | * | |
986 | * input - user buffer, host buffer | |
987 | * output - 0 if invalid, 1 if valid | |
988 | * side effects - | |
989 | */ | |
990 | int | |
991 | valid_wild_card(const char *luser, const char *lhost) | |
992 | { | |
993 | const char *p; | |
994 | char tmpch; | |
995 | int nonwild = 0; | |
996 | int bitlen; | |
997 | ||
998 | /* user has no wildcards, always accept -- jilles */ | |
999 | if(!strchr(luser, '?') && !strchr(luser, '*')) | |
1000 | return 1; | |
1001 | ||
1002 | /* check there are enough non wildcard chars */ | |
1003 | p = luser; | |
1004 | while((tmpch = *p++)) | |
1005 | { | |
1006 | if(!IsKWildChar(tmpch)) | |
1007 | { | |
1008 | /* found enough chars, return */ | |
1009 | if(++nonwild >= ConfigFileEntry.min_nonwildcard) | |
1010 | return 1; | |
1011 | } | |
1012 | } | |
1013 | ||
1014 | /* try host, as user didnt contain enough */ | |
1015 | /* special case for cidr masks -- jilles */ | |
1016 | if((p = strrchr(lhost, '/')) != NULL && IsDigit(p[1])) | |
1017 | { | |
1018 | bitlen = atoi(p + 1); | |
1019 | /* much like non-cidr for ipv6, rather arbitrary for ipv4 */ | |
1020 | if(bitlen > 0 | |
1021 | && bitlen >= | |
1022 | (strchr(lhost, ':') ? 4 * (ConfigFileEntry.min_nonwildcard - nonwild) : 6 - | |
1023 | 2 * nonwild)) | |
1024 | return 1; | |
1025 | } | |
1026 | else | |
1027 | { | |
1028 | p = lhost; | |
1029 | while((tmpch = *p++)) | |
1030 | { | |
1031 | if(!IsKWildChar(tmpch)) | |
1032 | if(++nonwild >= ConfigFileEntry.min_nonwildcard) | |
1033 | return 1; | |
1034 | } | |
1035 | } | |
1036 | ||
1037 | return 0; | |
1038 | } | |
1039 | ||
1040 | rb_dlink_node * | |
1041 | find_prop_ban(unsigned int status, const char *user, const char *host) | |
1042 | { | |
1043 | rb_dlink_node *ptr; | |
1044 | struct ConfItem *aconf; | |
1045 | ||
1046 | RB_DLINK_FOREACH(ptr, prop_bans.head) | |
1047 | { | |
1048 | aconf = ptr->data; | |
1049 | ||
1050 | if((aconf->status & ~CONF_ILLEGAL) == status && | |
1051 | (!user || !aconf->user || | |
1052 | !irccmp(aconf->user, user)) && | |
1053 | !irccmp(aconf->host, host)) | |
1054 | return ptr; | |
1055 | } | |
1056 | return NULL; | |
1057 | } | |
1058 | ||
1059 | void | |
1060 | deactivate_conf(struct ConfItem *aconf, rb_dlink_node *ptr) | |
1061 | { | |
1062 | int i; | |
1063 | ||
1064 | s_assert(ptr->data == aconf); | |
1065 | ||
1066 | switch (aconf->status) | |
1067 | { | |
1068 | case CONF_KILL: | |
1069 | if (aconf->lifetime == 0 && | |
1070 | aconf->flags & CONF_FLAGS_TEMPORARY) | |
1071 | for (i = 0; i < LAST_TEMP_TYPE; i++) | |
1072 | rb_dlinkFindDestroy(aconf, &temp_klines[i]); | |
1073 | /* Make sure delete_one_address_conf() does not | |
1074 | * free the aconf. | |
1075 | */ | |
1076 | aconf->clients++; | |
1077 | delete_one_address_conf(aconf->host, aconf); | |
1078 | aconf->clients--; | |
1079 | break; | |
1080 | case CONF_DLINE: | |
1081 | if (aconf->lifetime == 0 && | |
1082 | aconf->flags & CONF_FLAGS_TEMPORARY) | |
1083 | for (i = 0; i < LAST_TEMP_TYPE; i++) | |
1084 | rb_dlinkFindDestroy(aconf, &temp_dlines[i]); | |
1085 | aconf->clients++; | |
1086 | delete_one_address_conf(aconf->host, aconf); | |
1087 | aconf->clients--; | |
1088 | break; | |
1089 | case CONF_XLINE: | |
1090 | rb_dlinkFindDestroy(aconf, &xline_conf_list); | |
1091 | break; | |
1092 | case CONF_RESV_NICK: | |
1093 | rb_dlinkFindDestroy(aconf, &resv_conf_list); | |
1094 | break; | |
1095 | case CONF_RESV_CHANNEL: | |
1096 | del_from_resv_hash(aconf->host, aconf); | |
1097 | break; | |
1098 | } | |
1099 | if (aconf->lifetime != 0 && rb_current_time() < aconf->lifetime) | |
1100 | aconf->status |= CONF_ILLEGAL; | |
1101 | else | |
1102 | { | |
1103 | if (aconf->lifetime != 0) | |
1104 | rb_dlinkDestroy(ptr, &prop_bans); | |
1105 | free_conf(aconf); | |
1106 | } | |
1107 | } | |
1108 | ||
1109 | /* Given a new ban ConfItem, look for any matching ban, update the lifetime | |
1110 | * from it and delete it. | |
1111 | */ | |
1112 | void | |
1113 | replace_old_ban(struct ConfItem *aconf) | |
1114 | { | |
1115 | rb_dlink_node *ptr; | |
1116 | struct ConfItem *oldconf; | |
1117 | ||
1118 | ptr = find_prop_ban(aconf->status, aconf->user, aconf->host); | |
1119 | if(ptr != NULL) | |
1120 | { | |
1121 | oldconf = ptr->data; | |
1122 | /* Remember at least as long as the old one. */ | |
1123 | if(oldconf->lifetime > aconf->lifetime) | |
1124 | aconf->lifetime = oldconf->lifetime; | |
1125 | /* Force creation time to increase. */ | |
1126 | if(oldconf->created >= aconf->created) | |
1127 | aconf->created = oldconf->created + 1; | |
1128 | /* Leave at least one second of validity. */ | |
1129 | if(aconf->hold <= aconf->created) | |
1130 | aconf->hold = aconf->created + 1; | |
1131 | if(aconf->lifetime < aconf->hold) | |
1132 | aconf->lifetime = aconf->hold; | |
1133 | /* Tell deactivate_conf() to destroy it. */ | |
1134 | oldconf->lifetime = rb_current_time(); | |
1135 | deactivate_conf(oldconf, ptr); | |
1136 | } | |
1137 | } | |
1138 | ||
1139 | static void | |
1140 | expire_prop_bans(void *list) | |
1141 | { | |
1142 | rb_dlink_node *ptr; | |
1143 | rb_dlink_node *next_ptr; | |
1144 | struct ConfItem *aconf; | |
1145 | ||
1146 | RB_DLINK_FOREACH_SAFE(ptr, next_ptr, ((rb_dlink_list *) list)->head) | |
1147 | { | |
1148 | aconf = ptr->data; | |
1149 | ||
1150 | if(aconf->lifetime <= rb_current_time() || | |
1151 | (aconf->hold <= rb_current_time() && | |
1152 | !(aconf->status & CONF_ILLEGAL))) | |
1153 | { | |
1154 | /* Alert opers that a TKline expired - Hwy */ | |
1155 | /* XXX show what type of ban it is */ | |
1156 | if(ConfigFileEntry.tkline_expire_notices && | |
1157 | !(aconf->status & CONF_ILLEGAL)) | |
1158 | sendto_realops_snomask(SNO_GENERAL, L_ALL, | |
1159 | "Propagated ban for [%s%s%s] expired", | |
1160 | aconf->user ? aconf->user : "", | |
1161 | aconf->user ? "@" : "", | |
1162 | aconf->host ? aconf->host : "*"); | |
1163 | ||
1164 | /* will destroy or mark illegal */ | |
1165 | deactivate_conf(aconf, ptr); | |
1166 | } | |
1167 | } | |
1168 | } | |
1169 | ||
1170 | /* expire_tkline() | |
1171 | * | |
1172 | * inputs - list pointer | |
1173 | * - type | |
1174 | * output - NONE | |
1175 | * side effects - expire tklines and moves them between lists | |
1176 | */ | |
1177 | static void | |
1178 | expire_temp_kd(void *list) | |
1179 | { | |
1180 | rb_dlink_node *ptr; | |
1181 | rb_dlink_node *next_ptr; | |
1182 | struct ConfItem *aconf; | |
1183 | ||
1184 | RB_DLINK_FOREACH_SAFE(ptr, next_ptr, ((rb_dlink_list *) list)->head) | |
1185 | { | |
1186 | aconf = ptr->data; | |
1187 | ||
1188 | if(aconf->hold <= rb_current_time()) | |
1189 | { | |
1190 | /* Alert opers that a TKline expired - Hwy */ | |
1191 | if(ConfigFileEntry.tkline_expire_notices) | |
1192 | sendto_realops_snomask(SNO_GENERAL, L_ALL, | |
1193 | "Temporary K-line for [%s@%s] expired", | |
1194 | (aconf->user) ? aconf-> | |
1195 | user : "*", (aconf->host) ? aconf->host : "*"); | |
1196 | ||
1197 | delete_one_address_conf(aconf->host, aconf); | |
1198 | rb_dlinkDestroy(ptr, list); | |
1199 | } | |
1200 | } | |
1201 | } | |
1202 | ||
1203 | static void | |
1204 | reorganise_temp_kd(void *list) | |
1205 | { | |
1206 | struct ConfItem *aconf; | |
1207 | rb_dlink_node *ptr, *next_ptr; | |
1208 | ||
1209 | RB_DLINK_FOREACH_SAFE(ptr, next_ptr, ((rb_dlink_list *) list)->head) | |
1210 | { | |
1211 | aconf = ptr->data; | |
1212 | ||
1213 | if(aconf->hold < (rb_current_time() + (60 * 60))) | |
1214 | { | |
1215 | rb_dlinkMoveNode(ptr, list, (aconf->status == CONF_KILL) ? | |
1216 | &temp_klines[TEMP_MIN] : &temp_dlines[TEMP_MIN]); | |
1217 | aconf->port = TEMP_MIN; | |
1218 | } | |
1219 | else if(aconf->port > TEMP_HOUR) | |
1220 | { | |
1221 | if(aconf->hold < (rb_current_time() + (1440 * 60))) | |
1222 | { | |
1223 | rb_dlinkMoveNode(ptr, list, (aconf->status == CONF_KILL) ? | |
1224 | &temp_klines[TEMP_HOUR] : &temp_dlines[TEMP_HOUR]); | |
1225 | aconf->port = TEMP_HOUR; | |
1226 | } | |
1227 | else if(aconf->port > TEMP_DAY && | |
1228 | (aconf->hold < (rb_current_time() + (10080 * 60)))) | |
1229 | { | |
1230 | rb_dlinkMoveNode(ptr, list, (aconf->status == CONF_KILL) ? | |
1231 | &temp_klines[TEMP_DAY] : &temp_dlines[TEMP_DAY]); | |
1232 | aconf->port = TEMP_DAY; | |
1233 | } | |
1234 | } | |
1235 | } | |
1236 | } | |
1237 | ||
1238 | ||
1239 | /* const char* get_oper_name(struct Client *client_p) | |
1240 | * Input: A client to find the active oper{} name for. | |
1241 | * Output: The nick!user@host{oper} of the oper. | |
1242 | * "oper" is server name for remote opers | |
1243 | * Side effects: None. | |
1244 | */ | |
1245 | char * | |
1246 | get_oper_name(struct Client *client_p) | |
1247 | { | |
1248 | /* +5 for !,@,{,} and null */ | |
1249 | static char buffer[NICKLEN + USERLEN + HOSTLEN + HOSTLEN + 5]; | |
1250 | ||
1251 | if(MyOper(client_p)) | |
1252 | { | |
1253 | rb_snprintf(buffer, sizeof(buffer), "%s!%s@%s{%s}", | |
1254 | client_p->name, client_p->username, | |
1255 | client_p->host, client_p->localClient->opername); | |
1256 | return buffer; | |
1257 | } | |
1258 | ||
1259 | rb_snprintf(buffer, sizeof(buffer), "%s!%s@%s{%s}", | |
1260 | client_p->name, client_p->username, | |
1261 | client_p->host, client_p->servptr->name); | |
1262 | return buffer; | |
1263 | } | |
1264 | ||
1265 | /* | |
1266 | * get_printable_conf | |
1267 | * | |
1268 | * inputs - struct ConfItem | |
1269 | * | |
1270 | * output - name | |
1271 | * - host | |
1272 | * - pass | |
1273 | * - user | |
1274 | * - port | |
1275 | * | |
1276 | * side effects - | |
1277 | * Examine the struct struct ConfItem, setting the values | |
1278 | * of name, host, pass, user to values either | |
1279 | * in aconf, or "<NULL>" port is set to aconf->port in all cases. | |
1280 | */ | |
1281 | void | |
1282 | get_printable_conf(struct ConfItem *aconf, char **name, char **host, | |
1283 | char **pass, char **user, int *port, char **classname) | |
1284 | { | |
1285 | static char null[] = "<NULL>"; | |
1286 | static char zero[] = "default"; | |
1287 | ||
1288 | *name = EmptyString(aconf->info.name) ? null : aconf->info.name; | |
1289 | *host = EmptyString(aconf->host) ? null : aconf->host; | |
1290 | *pass = EmptyString(aconf->passwd) ? null : aconf->passwd; | |
1291 | *user = EmptyString(aconf->user) ? null : aconf->user; | |
1292 | *classname = EmptyString(aconf->className) ? zero : aconf->className; | |
1293 | *port = (int) aconf->port; | |
1294 | } | |
1295 | ||
1296 | char * | |
1297 | get_user_ban_reason(struct ConfItem *aconf) | |
1298 | { | |
1299 | static char reasonbuf[BUFSIZE]; | |
1300 | ||
1301 | if (aconf->flags & CONF_FLAGS_TEMPORARY && | |
1302 | (aconf->status == CONF_KILL || aconf->status == CONF_DLINE)) | |
1303 | rb_snprintf(reasonbuf, sizeof reasonbuf, | |
1304 | "Temporary %c-line %d min. - ", | |
1305 | aconf->status == CONF_DLINE ? 'D' : 'K', | |
1306 | (int)((aconf->hold - aconf->created) / 60)); | |
1307 | else | |
1308 | reasonbuf[0] = '\0'; | |
1309 | if (aconf->passwd) | |
1310 | rb_strlcat(reasonbuf, aconf->passwd, sizeof reasonbuf); | |
1311 | else | |
1312 | rb_strlcat(reasonbuf, "No Reason", sizeof reasonbuf); | |
1313 | if (aconf->created) | |
1314 | { | |
1315 | rb_strlcat(reasonbuf, " (", sizeof reasonbuf); | |
1316 | rb_strlcat(reasonbuf, smalldate(aconf->created), | |
1317 | sizeof reasonbuf); | |
1318 | rb_strlcat(reasonbuf, ")", sizeof reasonbuf); | |
1319 | } | |
1320 | return reasonbuf; | |
1321 | } | |
1322 | ||
1323 | void | |
1324 | get_printable_kline(struct Client *source_p, struct ConfItem *aconf, | |
1325 | char **host, char **reason, | |
1326 | char **user, char **oper_reason) | |
1327 | { | |
1328 | static char null[] = "<NULL>"; | |
1329 | static char operreasonbuf[BUFSIZE]; | |
1330 | ||
1331 | *host = EmptyString(aconf->host) ? null : aconf->host; | |
1332 | *user = EmptyString(aconf->user) ? null : aconf->user; | |
1333 | *reason = get_user_ban_reason(aconf); | |
1334 | ||
1335 | if(!IsOper(source_p)) | |
1336 | *oper_reason = NULL; | |
1337 | else | |
1338 | { | |
1339 | rb_snprintf(operreasonbuf, sizeof operreasonbuf, "%s%s(%s)", | |
1340 | EmptyString(aconf->spasswd) ? "" : aconf->spasswd, | |
1341 | EmptyString(aconf->spasswd) ? "" : " ", | |
1342 | aconf->info.oper); | |
1343 | *oper_reason = operreasonbuf; | |
1344 | } | |
1345 | } | |
1346 | ||
1347 | /* | |
1348 | * read_conf_files | |
1349 | * | |
1350 | * inputs - cold start YES or NO | |
1351 | * output - none | |
1352 | * side effects - read all conf files needed, ircd.conf kline.conf etc. | |
1353 | */ | |
1354 | void | |
1355 | read_conf_files(int cold) | |
1356 | { | |
1357 | const char *filename; | |
1358 | ||
1359 | conf_fbfile_in = NULL; | |
1360 | ||
1361 | filename = ConfigFileEntry.configfile; | |
1362 | ||
1363 | /* We need to know the initial filename for the yyerror() to report | |
1364 | FIXME: The full path is in conffilenamebuf first time since we | |
1365 | dont know anything else | |
1366 | ||
1367 | - Gozem 2002-07-21 | |
1368 | ||
1369 | ||
1370 | */ | |
1371 | rb_strlcpy(conffilebuf, filename, sizeof(conffilebuf)); | |
1372 | ||
1373 | if((conf_fbfile_in = fopen(filename, "r")) == NULL) | |
1374 | { | |
1375 | if(cold) | |
1376 | { | |
1377 | inotice("Failed in reading configuration file %s, aborting", filename); | |
1378 | ilog(L_MAIN, "Failed in reading configuration file %s", filename); | |
1379 | ||
1380 | int e; | |
1381 | e = errno; | |
1382 | ||
1383 | inotice("FATAL: %s %s", strerror(e), filename); | |
1384 | ilog(L_MAIN, "FATAL: %s %s", strerror(e), filename); | |
1385 | ||
1386 | exit(-1); | |
1387 | } | |
1388 | else | |
1389 | { | |
1390 | sendto_realops_snomask(SNO_GENERAL, L_ALL, | |
1391 | "Can't open file '%s' - aborting rehash!", filename); | |
1392 | return; | |
1393 | } | |
1394 | } | |
1395 | ||
1396 | if(!cold) | |
1397 | { | |
1398 | clear_out_old_conf(); | |
1399 | } | |
1400 | ||
1401 | call_hook(h_conf_read_start, NULL); | |
1402 | read_conf(conf_fbfile_in); | |
1403 | call_hook(h_conf_read_end, NULL); | |
1404 | ||
1405 | fclose(conf_fbfile_in); | |
1406 | } | |
1407 | ||
1408 | /* | |
1409 | * free an alias{} entry. | |
1410 | */ | |
1411 | static void | |
1412 | free_alias_cb(struct DictionaryElement *ptr, void *unused) | |
1413 | { | |
1414 | struct alias_entry *aptr = ptr->data; | |
1415 | ||
1416 | rb_free(aptr->name); | |
1417 | rb_free(aptr->target); | |
1418 | rb_free(aptr); | |
1419 | } | |
1420 | ||
1421 | /* | |
1422 | * clear_out_old_conf | |
1423 | * | |
1424 | * inputs - none | |
1425 | * output - none | |
1426 | * side effects - Clear out the old configuration | |
1427 | */ | |
1428 | static void | |
1429 | clear_out_old_conf(void) | |
1430 | { | |
1431 | struct Class *cltmp; | |
1432 | rb_dlink_node *ptr; | |
1433 | rb_dlink_node *next_ptr; | |
1434 | ||
1435 | /* | |
1436 | * don't delete the class table, rather mark all entries | |
1437 | * for deletion. The table is cleaned up by check_class. - avalon | |
1438 | */ | |
1439 | RB_DLINK_FOREACH(ptr, class_list.head) | |
1440 | { | |
1441 | cltmp = ptr->data; | |
1442 | MaxUsers(cltmp) = -1; | |
1443 | } | |
1444 | ||
1445 | clear_out_address_conf(); | |
1446 | clear_s_newconf(); | |
1447 | ||
1448 | /* clean out module paths */ | |
1449 | #ifndef STATIC_MODULES | |
1450 | mod_clear_paths(); | |
1451 | mod_add_path(MODULE_DIR); | |
1452 | mod_add_path(MODULE_DIR "/autoload"); | |
1453 | #endif | |
1454 | ||
1455 | /* clean out ServerInfo */ | |
1456 | rb_free(ServerInfo.description); | |
1457 | ServerInfo.description = NULL; | |
1458 | rb_free(ServerInfo.network_name); | |
1459 | ServerInfo.network_name = NULL; | |
1460 | rb_free(ServerInfo.network_desc); | |
1461 | ServerInfo.network_desc = NULL; | |
1462 | ||
1463 | ServerInfo.ssld_count = 1; | |
1464 | ||
1465 | /* clean out AdminInfo */ | |
1466 | rb_free(AdminInfo.name); | |
1467 | AdminInfo.name = NULL; | |
1468 | rb_free(AdminInfo.email); | |
1469 | AdminInfo.email = NULL; | |
1470 | rb_free(AdminInfo.description); | |
1471 | AdminInfo.description = NULL; | |
1472 | ||
1473 | /* operator{} and class{} blocks are freed above */ | |
1474 | /* clean out listeners */ | |
1475 | close_listeners(); | |
1476 | ||
1477 | /* auth{}, quarantine{}, shared{}, connect{}, kill{}, deny{}, exempt{} | |
1478 | * and gecos{} blocks are freed above too | |
1479 | */ | |
1480 | ||
1481 | /* clean out general */ | |
1482 | rb_free(ConfigFileEntry.default_operstring); | |
1483 | ConfigFileEntry.default_operstring = NULL; | |
1484 | rb_free(ConfigFileEntry.default_adminstring); | |
1485 | ConfigFileEntry.default_adminstring = NULL; | |
1486 | rb_free(ConfigFileEntry.servicestring); | |
1487 | ConfigFileEntry.servicestring = NULL; | |
1488 | rb_free(ConfigFileEntry.kline_reason); | |
1489 | ConfigFileEntry.kline_reason = NULL; | |
1490 | ||
1491 | /* clean out log */ | |
1492 | rb_free(ConfigFileEntry.fname_userlog); | |
1493 | ConfigFileEntry.fname_userlog = NULL; | |
1494 | rb_free(ConfigFileEntry.fname_fuserlog); | |
1495 | ConfigFileEntry.fname_fuserlog = NULL; | |
1496 | rb_free(ConfigFileEntry.fname_operlog); | |
1497 | ConfigFileEntry.fname_operlog = NULL; | |
1498 | rb_free(ConfigFileEntry.fname_foperlog); | |
1499 | ConfigFileEntry.fname_foperlog = NULL; | |
1500 | rb_free(ConfigFileEntry.fname_serverlog); | |
1501 | ConfigFileEntry.fname_serverlog = NULL; | |
1502 | rb_free(ConfigFileEntry.fname_killlog); | |
1503 | ConfigFileEntry.fname_killlog = NULL; | |
1504 | rb_free(ConfigFileEntry.fname_klinelog); | |
1505 | ConfigFileEntry.fname_klinelog = NULL; | |
1506 | rb_free(ConfigFileEntry.fname_operspylog); | |
1507 | ConfigFileEntry.fname_operspylog = NULL; | |
1508 | rb_free(ConfigFileEntry.fname_ioerrorlog); | |
1509 | ConfigFileEntry.fname_ioerrorlog = NULL; | |
1510 | ||
1511 | RB_DLINK_FOREACH_SAFE(ptr, next_ptr, service_list.head) | |
1512 | { | |
1513 | rb_free(ptr->data); | |
1514 | rb_dlinkDestroy(ptr, &service_list); | |
1515 | } | |
1516 | ||
1517 | /* remove any aliases... -- nenolod */ | |
1518 | if (alias_dict != NULL) | |
1519 | { | |
1520 | irc_dictionary_destroy(alias_dict, free_alias_cb, NULL); | |
1521 | alias_dict = NULL; | |
1522 | } | |
1523 | ||
1524 | destroy_blacklists(); | |
1525 | ||
1526 | privilegeset_mark_all_illegal(); | |
1527 | ||
1528 | /* OK, that should be everything... */ | |
1529 | } | |
1530 | ||
1531 | ||
1532 | /* | |
1533 | * conf_add_class_to_conf | |
1534 | * inputs - pointer to config item | |
1535 | * output - NONE | |
1536 | * side effects - Add a class pointer to a conf | |
1537 | */ | |
1538 | ||
1539 | void | |
1540 | conf_add_class_to_conf(struct ConfItem *aconf) | |
1541 | { | |
1542 | if(aconf->className == NULL) | |
1543 | { | |
1544 | aconf->className = rb_strdup("default"); | |
1545 | ClassPtr(aconf) = default_class; | |
1546 | return; | |
1547 | } | |
1548 | ||
1549 | ClassPtr(aconf) = find_class(aconf->className); | |
1550 | ||
1551 | if(ClassPtr(aconf) == default_class) | |
1552 | { | |
1553 | if(aconf->status == CONF_CLIENT) | |
1554 | { | |
1555 | conf_report_error( | |
1556 | "Using default class for missing class \"%s\" in auth{} for %s@%s", | |
1557 | aconf->className, aconf->user, aconf->host); | |
1558 | } | |
1559 | ||
1560 | rb_free(aconf->className); | |
1561 | aconf->className = rb_strdup("default"); | |
1562 | return; | |
1563 | } | |
1564 | ||
1565 | if(ConfMaxUsers(aconf) < 0) | |
1566 | { | |
1567 | ClassPtr(aconf) = default_class; | |
1568 | rb_free(aconf->className); | |
1569 | aconf->className = rb_strdup("default"); | |
1570 | return; | |
1571 | } | |
1572 | } | |
1573 | ||
1574 | /* | |
1575 | * conf_add_d_conf | |
1576 | * inputs - pointer to config item | |
1577 | * output - NONE | |
1578 | * side effects - Add a d/D line | |
1579 | */ | |
1580 | void | |
1581 | conf_add_d_conf(struct ConfItem *aconf) | |
1582 | { | |
1583 | if(aconf->host == NULL) | |
1584 | return; | |
1585 | ||
1586 | aconf->user = NULL; | |
1587 | ||
1588 | /* XXX - Should 'd' ever be in the old conf? For new conf we don't | |
1589 | * need this anyway, so I will disable it for now... -A1kmm | |
1590 | */ | |
1591 | ||
1592 | if(parse_netmask(aconf->host, NULL, NULL) == HM_HOST) | |
1593 | { | |
1594 | ilog(L_MAIN, "Invalid Dline %s ignored", aconf->host); | |
1595 | free_conf(aconf); | |
1596 | } | |
1597 | else | |
1598 | { | |
1599 | add_conf_by_address(aconf->host, CONF_DLINE, NULL, NULL, aconf); | |
1600 | } | |
1601 | } | |
1602 | ||
1603 | static char * | |
1604 | strip_tabs(char *dest, const char *src, size_t len) | |
1605 | { | |
1606 | char *d = dest; | |
1607 | ||
1608 | if(dest == NULL || src == NULL) | |
1609 | return NULL; | |
1610 | ||
1611 | rb_strlcpy(dest, src, len); | |
1612 | ||
1613 | while(*d) | |
1614 | { | |
1615 | if(*d == '\t') | |
1616 | *d = ' '; | |
1617 | d++; | |
1618 | } | |
1619 | return dest; | |
1620 | } | |
1621 | ||
1622 | /* | |
1623 | * yyerror | |
1624 | * | |
1625 | * inputs - message from parser | |
1626 | * output - none | |
1627 | * side effects - message to opers and log file entry is made | |
1628 | */ | |
1629 | void | |
1630 | yyerror(const char *msg) | |
1631 | { | |
1632 | char newlinebuf[BUFSIZE]; | |
1633 | ||
1634 | strip_tabs(newlinebuf, linebuf, strlen(linebuf)); | |
1635 | ||
1636 | ierror("\"%s\", line %d: %s at '%s'", conffilebuf, lineno + 1, msg, newlinebuf); | |
1637 | sendto_realops_snomask(SNO_GENERAL, L_ALL, "\"%s\", line %d: %s at '%s'", | |
1638 | conffilebuf, lineno + 1, msg, newlinebuf); | |
1639 | ||
1640 | } | |
1641 | ||
1642 | int | |
1643 | conf_fgets(char *lbuf, int max_size, FILE * fb) | |
1644 | { | |
1645 | if(fgets(lbuf, max_size, fb) == NULL) | |
1646 | return (0); | |
1647 | ||
1648 | return (strlen(lbuf)); | |
1649 | } | |
1650 | ||
1651 | int | |
1652 | conf_yy_fatal_error(const char *msg) | |
1653 | { | |
1654 | return (0); | |
1655 | } |