| | 1 | /* |
| | 2 | * authd.c: An interface to authd. |
| | 3 | * (based somewhat on ircd-ratbox dns.c) |
| | 4 | * |
| | 5 | * Copyright (C) 2005 Aaron Sethman <androsyn@ratbox.org> |
| | 6 | * Copyright (C) 2005-2012 ircd-ratbox development team |
| | 7 | * Copyright (C) 2016 William Pitcock <nenolod@dereferenced.org> |
| | 8 | * |
| | 9 | * This program is free software; you can redistribute it and/or modify |
| | 10 | * it under the terms of the GNU General Public License as published by |
| | 11 | * the Free Software Foundation; either version 2 of the License, or |
| | 12 | * (at your option) any later version. |
| | 13 | * |
| | 14 | * This program is distributed in the hope that it will be useful, |
| | 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| | 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| | 17 | * GNU General Public License for more details. |
| | 18 | * |
| | 19 | * You should have received a copy of the GNU General Public License |
| | 20 | * along with this program; if not, write to the Free Software |
| | 21 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 |
| | 22 | * USA |
| | 23 | */ |
| | 24 | |
| | 25 | #include "stdinc.h" |
| | 26 | #include "rb_lib.h" |
| | 27 | #include "client.h" |
| | 28 | #include "ircd_defs.h" |
| | 29 | #include "parse.h" |
| | 30 | #include "authproc.h" |
| | 31 | #include "match.h" |
| | 32 | #include "logger.h" |
| | 33 | #include "s_conf.h" |
| | 34 | #include "s_stats.h" |
| | 35 | #include "client.h" |
| | 36 | #include "packet.h" |
| | 37 | #include "hash.h" |
| | 38 | #include "send.h" |
| | 39 | #include "numeric.h" |
| | 40 | #include "msg.h" |
| | 41 | #include "dns.h" |
| | 42 | |
| | 43 | typedef void (*authd_cb_t)(int, char **); |
| | 44 | |
| | 45 | struct authd_cb |
| | 46 | { |
| | 47 | authd_cb_t fn; |
| | 48 | int min_parc; |
| | 49 | }; |
| | 50 | |
| | 51 | static int start_authd(void); |
| | 52 | static void parse_authd_reply(rb_helper * helper); |
| | 53 | static void restart_authd_cb(rb_helper * helper); |
| | 54 | static EVH timeout_dead_authd_clients; |
| | 55 | |
| | 56 | static void cmd_accept_client(int parc, char **parv); |
| | 57 | static void cmd_reject_client(int parc, char **parv); |
| | 58 | static void cmd_dns_result(int parc, char **parv); |
| | 59 | static void cmd_notice_client(int parc, char **parv); |
| | 60 | static void cmd_oper_warn(int parc, char **parv); |
| | 61 | static void cmd_stats_results(int parc, char **parv); |
| | 62 | |
| | 63 | rb_helper *authd_helper; |
| | 64 | static char *authd_path; |
| | 65 | |
| | 66 | uint32_t cid; |
| | 67 | static rb_dictionary *cid_clients; |
| | 68 | static struct ev_entry *timeout_ev; |
| | 69 | |
| | 70 | rb_dictionary *bl_stats; |
| | 71 | |
| | 72 | static struct authd_cb authd_cmd_tab[256] = |
| | 73 | { |
| | 74 | ['A'] = { cmd_accept_client, 4 }, |
| | 75 | ['E'] = { cmd_dns_result, 5 }, |
| | 76 | ['N'] = { cmd_notice_client, 3 }, |
| | 77 | ['R'] = { cmd_reject_client, 7 }, |
| | 78 | ['W'] = { cmd_oper_warn, 3 }, |
| | 79 | ['X'] = { cmd_stats_results, 3 }, |
| | 80 | ['Y'] = { cmd_stats_results, 3 }, |
| | 81 | ['Z'] = { cmd_stats_results, 3 }, |
| | 82 | }; |
| | 83 | |
| | 84 | static int |
| | 85 | start_authd(void) |
| | 86 | { |
| | 87 | char fullpath[PATH_MAX + 1]; |
| | 88 | #ifdef _WIN32 |
| | 89 | const char *suffix = ".exe"; |
| | 90 | #else |
| | 91 | const char *suffix = ""; |
| | 92 | #endif |
| | 93 | if(authd_path == NULL) |
| | 94 | { |
| | 95 | snprintf(fullpath, sizeof(fullpath), "%s%cauthd%s", ircd_paths[IRCD_PATH_LIBEXEC], RB_PATH_SEPARATOR, suffix); |
| | 96 | |
| | 97 | if(access(fullpath, X_OK) == -1) |
| | 98 | { |
| | 99 | snprintf(fullpath, sizeof(fullpath), "%s%cbin%cauthd%s", |
| | 100 | ConfigFileEntry.dpath, RB_PATH_SEPARATOR, RB_PATH_SEPARATOR, suffix); |
| | 101 | if(access(fullpath, X_OK) == -1) |
| | 102 | { |
| | 103 | ierror("Unable to execute authd in %s or %s/bin", |
| | 104 | ircd_paths[IRCD_PATH_LIBEXEC], ConfigFileEntry.dpath); |
| | 105 | sendto_realops_snomask(SNO_GENERAL, L_ALL, |
| | 106 | "Unable to execute authd in %s or %s/bin", |
| | 107 | ircd_paths[IRCD_PATH_LIBEXEC], ConfigFileEntry.dpath); |
| | 108 | return 1; |
| | 109 | } |
| | 110 | |
| | 111 | } |
| | 112 | |
| | 113 | authd_path = rb_strdup(fullpath); |
| | 114 | } |
| | 115 | |
| | 116 | if(cid_clients == NULL) |
| | 117 | cid_clients = rb_dictionary_create("authd cid to uid mapping", rb_uint32cmp); |
| | 118 | |
| | 119 | if(bl_stats == NULL) |
| | 120 | bl_stats = rb_dictionary_create("blacklist statistics", strcasecmp); |
| | 121 | |
| | 122 | if(timeout_ev == NULL) |
| | 123 | timeout_ev = rb_event_addish("timeout_dead_authd_clients", timeout_dead_authd_clients, NULL, 1); |
| | 124 | |
| | 125 | authd_helper = rb_helper_start("authd", authd_path, parse_authd_reply, restart_authd_cb); |
| | 126 | |
| | 127 | if(authd_helper == NULL) |
| | 128 | { |
| | 129 | ierror("Unable to start authd helper: %s", strerror(errno)); |
| | 130 | sendto_realops_snomask(SNO_GENERAL, L_ALL, "Unable to start authd helper: %s", strerror(errno)); |
| | 131 | return 1; |
| | 132 | } |
| | 133 | ilog(L_MAIN, "authd helper started"); |
| | 134 | sendto_realops_snomask(SNO_GENERAL, L_ALL, "authd helper started"); |
| | 135 | rb_helper_run(authd_helper); |
| | 136 | return 0; |
| | 137 | } |
| | 138 | |
| | 139 | static inline uint32_t |
| | 140 | str_to_cid(const char *str) |
| | 141 | { |
| | 142 | long lcid = strtol(str, NULL, 16); |
| | 143 | |
| | 144 | if(lcid > UINT32_MAX || lcid <= 0) |
| | 145 | { |
| | 146 | iwarn("authd sent us back a bad client ID: %lx", lcid); |
| | 147 | restart_authd(); |
| | 148 | return 0; |
| | 149 | } |
| | 150 | |
| | 151 | return (uint32_t)lcid; |
| | 152 | } |
| | 153 | |
| | 154 | static inline struct Client * |
| | 155 | cid_to_client(uint32_t cid, bool delete) |
| | 156 | { |
| | 157 | struct Client *client_p; |
| | 158 | |
| | 159 | if(delete) |
| | 160 | client_p = rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(cid)); |
| | 161 | else |
| | 162 | client_p = rb_dictionary_retrieve(cid_clients, RB_UINT_TO_POINTER(cid)); |
| | 163 | |
| | 164 | /* If the client's not found, that's okay, it may have already gone away. |
| | 165 | * --Elizafox */ |
| | 166 | |
| | 167 | return client_p; |
| | 168 | } |
| | 169 | |
| | 170 | static inline struct Client * |
| | 171 | str_cid_to_client(const char *str, bool delete) |
| | 172 | { |
| | 173 | uint32_t cid = str_to_cid(str); |
| | 174 | |
| | 175 | if(cid == 0) |
| | 176 | return NULL; |
| | 177 | |
| | 178 | return cid_to_client(cid, delete); |
| | 179 | } |
| | 180 | |
| | 181 | static void |
| | 182 | cmd_accept_client(int parc, char **parv) |
| | 183 | { |
| | 184 | struct Client *client_p; |
| | 185 | |
| | 186 | /* cid to uid (retrieve and delete) */ |
| | 187 | if((client_p = str_cid_to_client(parv[1], true)) == NULL) |
| | 188 | return; |
| | 189 | |
| | 190 | authd_accept_client(client_p, parv[2], parv[3]); |
| | 191 | } |
| | 192 | |
| | 193 | static void |
| | 194 | cmd_dns_result(int parc, char **parv) |
| | 195 | { |
| | 196 | dns_results_callback(parv[1], parv[2], parv[3], parv[4]); |
| | 197 | } |
| | 198 | |
| | 199 | static void |
| | 200 | cmd_notice_client(int parc, char **parv) |
| | 201 | { |
| | 202 | struct Client *client_p; |
| | 203 | |
| | 204 | if((client_p = str_cid_to_client(parv[1], false)) == NULL) |
| | 205 | return; |
| | 206 | |
| | 207 | sendto_one_notice(client_p, ":%s", parv[2]); |
| | 208 | } |
| | 209 | |
| | 210 | static void |
| | 211 | cmd_reject_client(int parc, char **parv) |
| | 212 | { |
| | 213 | struct Client *client_p; |
| | 214 | |
| | 215 | /* cid to uid (retrieve and delete) */ |
| | 216 | if((client_p = str_cid_to_client(parv[1], true)) == NULL) |
| | 217 | return; |
| | 218 | |
| | 219 | authd_reject_client(client_p, parv[3], parv[4], toupper(*parv[2]), parv[5], parv[6]); |
| | 220 | } |
| | 221 | |
| | 222 | static void |
| | 223 | cmd_oper_warn(int parc, char **parv) |
| | 224 | { |
| | 225 | switch(*parv[2]) |
| | 226 | { |
| | 227 | case 'D': /* Debug */ |
| | 228 | sendto_realops_snomask(SNO_DEBUG, L_ALL, "authd debug: %s", parv[3]); |
| | 229 | idebug("authd: %s", parv[3]); |
| | 230 | break; |
| | 231 | case 'I': /* Info */ |
| | 232 | sendto_realops_snomask(SNO_GENERAL, L_ALL, "authd info: %s", parv[3]); |
| | 233 | inotice("authd: %s", parv[3]); |
| | 234 | break; |
| | 235 | case 'W': /* Warning */ |
| | 236 | sendto_realops_snomask(SNO_GENERAL, L_ALL, "authd WARNING: %s", parv[3]); |
| | 237 | iwarn("authd: %s", parv[3]); |
| | 238 | break; |
| | 239 | case 'C': /* Critical (error) */ |
| | 240 | sendto_realops_snomask(SNO_GENERAL, L_ALL, "authd CRITICAL: %s", parv[3]); |
| | 241 | ierror("authd: %s", parv[3]); |
| | 242 | break; |
| | 243 | default: /* idk */ |
| | 244 | sendto_realops_snomask(SNO_GENERAL, L_ALL, "authd sent us an unknown oper notice type (%s): %s", parv[2], parv[3]); |
| | 245 | ilog(L_MAIN, "authd unknown oper notice type (%s): %s", parv[2], parv[3]); |
| | 246 | break; |
| | 247 | } |
| | 248 | } |
| | 249 | |
| | 250 | static void |
| | 251 | cmd_stats_results(int parc, char **parv) |
| | 252 | { |
| | 253 | /* Select by type */ |
| | 254 | switch(*parv[2]) |
| | 255 | { |
| | 256 | case 'D': |
| | 257 | /* parv[0] conveys status */ |
| | 258 | if(parc < 4) |
| | 259 | { |
| | 260 | iwarn("authd sent a result with wrong number of arguments: got %d", parc); |
| | 261 | restart_authd(); |
| | 262 | return; |
| | 263 | } |
| | 264 | dns_stats_results_callback(parv[1], parv[0], parc - 3, (const char **)&parv[3]); |
| | 265 | break; |
| | 266 | default: |
| | 267 | break; |
| | 268 | } |
| | 269 | } |
| | 270 | |
| | 271 | static void |
| | 272 | parse_authd_reply(rb_helper * helper) |
| | 273 | { |
| | 274 | ssize_t len; |
| | 275 | int parc; |
| | 276 | char buf[READBUF_SIZE]; |
| | 277 | char *parv[MAXPARA + 1]; |
| | 278 | |
| | 279 | while((len = rb_helper_read(helper, buf, sizeof(buf))) > 0) |
| | 280 | { |
| | 281 | struct authd_cb *cmd; |
| | 282 | |
| | 283 | parc = rb_string_to_array(buf, parv, MAXPARA+1); |
| | 284 | cmd = &authd_cmd_tab[*parv[0]]; |
| | 285 | if(cmd->fn != NULL) |
| | 286 | { |
| | 287 | if(cmd->min_parc > parc) |
| | 288 | { |
| | 289 | iwarn("authd sent a result with wrong number of arguments: expected %d, got %d", |
| | 290 | cmd->min_parc, parc); |
| | 291 | restart_authd(); |
| | 292 | continue; |
| | 293 | } |
| | 294 | |
| | 295 | cmd->fn(parc, parv); |
| | 296 | } |
| | 297 | else |
| | 298 | { |
| | 299 | iwarn("authd sent us a bad command type: %c", *parv[0]); |
| | 300 | restart_authd(); |
| | 301 | continue; |
| | 302 | } |
| | 303 | } |
| | 304 | } |
| | 305 | |
| | 306 | void |
| | 307 | init_authd(void) |
| | 308 | { |
| | 309 | if(start_authd()) |
| | 310 | { |
| | 311 | ierror("Unable to start authd helper: %s", strerror(errno)); |
| | 312 | exit(0); |
| | 313 | } |
| | 314 | } |
| | 315 | |
| | 316 | void |
| | 317 | configure_authd(void) |
| | 318 | { |
| | 319 | /* These will do for now */ |
| | 320 | set_authd_timeout("ident_timeout", GlobalSetOptions.ident_timeout); |
| | 321 | set_authd_timeout("rdns_timeout", ConfigFileEntry.connect_timeout); |
| | 322 | set_authd_timeout("rbl_timeout", ConfigFileEntry.connect_timeout); |
| | 323 | ident_check_enable(!ConfigFileEntry.disable_auth); |
| | 324 | } |
| | 325 | |
| | 326 | static void |
| | 327 | restart_authd_cb(rb_helper * helper) |
| | 328 | { |
| | 329 | rb_dictionary_iter iter; |
| | 330 | struct Client *client_p; |
| | 331 | |
| | 332 | iwarn("authd: restart_authd_cb called, authd died?"); |
| | 333 | sendto_realops_snomask(SNO_GENERAL, L_ALL, "authd: restart_authd_cb called, authd died?"); |
| | 334 | |
| | 335 | if(helper != NULL) |
| | 336 | { |
| | 337 | rb_helper_close(helper); |
| | 338 | authd_helper = NULL; |
| | 339 | } |
| | 340 | |
| | 341 | RB_DICTIONARY_FOREACH(client_p, &iter, cid_clients) |
| | 342 | { |
| | 343 | /* Abort any existing clients */ |
| | 344 | authd_abort_client(client_p); |
| | 345 | } |
| | 346 | |
| | 347 | start_authd(); |
| | 348 | } |
| | 349 | |
| | 350 | void |
| | 351 | restart_authd(void) |
| | 352 | { |
| | 353 | restart_authd_cb(authd_helper); |
| | 354 | } |
| | 355 | |
| | 356 | void |
| | 357 | rehash_authd(void) |
| | 358 | { |
| | 359 | rb_helper_write(authd_helper, "R"); |
| | 360 | configure_authd(); |
| | 361 | } |
| | 362 | |
| | 363 | void |
| | 364 | check_authd(void) |
| | 365 | { |
| | 366 | if(authd_helper == NULL) |
| | 367 | restart_authd(); |
| | 368 | } |
| | 369 | |
| | 370 | static inline uint32_t |
| | 371 | generate_cid(void) |
| | 372 | { |
| | 373 | if(++cid == 0) |
| | 374 | cid = 1; |
| | 375 | |
| | 376 | return cid; |
| | 377 | } |
| | 378 | |
| | 379 | /* Basically when this is called we begin handing off the client to authd for |
| | 380 | * processing. authd "owns" the client until processing is finished, or we |
| | 381 | * timeout from authd. authd will make a decision whether or not to accept the |
| | 382 | * client, but it's up to other parts of the code (for now) to decide if we're |
| | 383 | * gonna accept the client and ignore authd's suggestion. |
| | 384 | * |
| | 385 | * --Elizafox |
| | 386 | */ |
| | 387 | void |
| | 388 | authd_initiate_client(struct Client *client_p) |
| | 389 | { |
| | 390 | char client_ipaddr[HOSTIPLEN+1]; |
| | 391 | char listen_ipaddr[HOSTIPLEN+1]; |
| | 392 | uint16_t client_port, listen_port; |
| | 393 | uint32_t authd_cid; |
| | 394 | |
| | 395 | if(client_p->preClient == NULL || client_p->preClient->authd_cid != 0) |
| | 396 | return; |
| | 397 | |
| | 398 | authd_cid = client_p->preClient->authd_cid = generate_cid(); |
| | 399 | |
| | 400 | /* Collisions are extremely unlikely, so disregard the possibility */ |
| | 401 | rb_dictionary_add(cid_clients, RB_UINT_TO_POINTER(authd_cid), client_p); |
| | 402 | |
| | 403 | /* Retrieve listener and client IP's */ |
| | 404 | rb_inet_ntop_sock((struct sockaddr *)&client_p->preClient->lip, listen_ipaddr, sizeof(listen_ipaddr)); |
| | 405 | rb_inet_ntop_sock((struct sockaddr *)&client_p->localClient->ip, client_ipaddr, sizeof(client_ipaddr)); |
| | 406 | |
| | 407 | /* Retrieve listener and client ports */ |
| | 408 | listen_port = ntohs(GET_SS_PORT(&client_p->preClient->lip)); |
| | 409 | client_port = ntohs(GET_SS_PORT(&client_p->localClient->ip)); |
| | 410 | |
| | 411 | /* Add a bit of a fudge factor... */ |
| | 412 | client_p->preClient->authd_timeout = rb_current_time() + ConfigFileEntry.connect_timeout + 10; |
| | 413 | |
| | 414 | rb_helper_write(authd_helper, "C %x %s %hu %s %hu", authd_cid, listen_ipaddr, listen_port, client_ipaddr, client_port); |
| | 415 | } |
| | 416 | |
| | 417 | /* When this is called we have a decision on client acceptance. |
| | 418 | * |
| | 419 | * After this point authd no longer "owns" the client. |
| | 420 | */ |
| | 421 | static inline void |
| | 422 | authd_decide_client(struct Client *client_p, const char *ident, const char *host, bool accept, char cause, const char *data, const char *reason) |
| | 423 | { |
| | 424 | if(client_p->preClient == NULL || client_p->preClient->authd_cid == 0) |
| | 425 | return; |
| | 426 | |
| | 427 | if(*ident != '*') |
| | 428 | { |
| | 429 | rb_strlcpy(client_p->username, ident, sizeof(client_p->username)); |
| | 430 | ServerStats.is_asuc++; |
| | 431 | } |
| | 432 | else |
| | 433 | ServerStats.is_abad++; /* s_auth used to do this, stay compatible */ |
| | 434 | |
| | 435 | if(*host != '*') |
| | 436 | rb_strlcpy(client_p->host, host, sizeof(client_p->host)); |
| | 437 | |
| | 438 | rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(client_p->preClient->authd_cid)); |
| | 439 | |
| | 440 | client_p->preClient->authd_accepted = accept; |
| | 441 | client_p->preClient->authd_cause = cause; |
| | 442 | client_p->preClient->authd_data = (data == NULL ? NULL : rb_strdup(data)); |
| | 443 | client_p->preClient->authd_reason = (reason == NULL ? NULL : rb_strdup(reason)); |
| | 444 | client_p->preClient->authd_cid = 0; |
| | 445 | |
| | 446 | /* |
| | 447 | * When a client has auth'ed, we want to start reading what it sends |
| | 448 | * us. This is what read_packet() does. |
| | 449 | * -- adrian |
| | 450 | * |
| | 451 | * Above comment was originally in s_auth.c, but moved here with below code. |
| | 452 | * --Elizafox |
| | 453 | */ |
| | 454 | rb_dlinkAddTail(client_p, &client_p->node, &global_client_list); |
| | 455 | read_packet(client_p->localClient->F, client_p); |
| | 456 | } |
| | 457 | |
| | 458 | /* Convenience function to accept client */ |
| | 459 | void |
| | 460 | authd_accept_client(struct Client *client_p, const char *ident, const char *host) |
| | 461 | { |
| | 462 | authd_decide_client(client_p, ident, host, true, '\0', NULL, NULL); |
| | 463 | } |
| | 464 | |
| | 465 | /* Convenience function to reject client */ |
| | 466 | void |
| | 467 | authd_reject_client(struct Client *client_p, const char *ident, const char *host, char cause, const char *data, const char *reason) |
| | 468 | { |
| | 469 | authd_decide_client(client_p, ident, host, false, cause, data, reason); |
| | 470 | } |
| | 471 | |
| | 472 | void |
| | 473 | authd_abort_client(struct Client *client_p) |
| | 474 | { |
| | 475 | if(client_p == NULL || client_p->preClient == NULL) |
| | 476 | return; |
| | 477 | |
| | 478 | if(client_p->preClient->authd_cid == 0) |
| | 479 | return; |
| | 480 | |
| | 481 | rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(client_p->preClient->authd_cid)); |
| | 482 | |
| | 483 | if(authd_helper != NULL) |
| | 484 | rb_helper_write(authd_helper, "E %x", client_p->preClient->authd_cid); |
| | 485 | |
| | 486 | client_p->preClient->authd_accepted = true; |
| | 487 | client_p->preClient->authd_cid = 0; |
| | 488 | } |
| | 489 | |
| | 490 | static void |
| | 491 | timeout_dead_authd_clients(void *notused __unused) |
| | 492 | { |
| | 493 | rb_dictionary_iter iter; |
| | 494 | struct Client *client_p; |
| | 495 | |
| | 496 | RB_DICTIONARY_FOREACH(client_p, &iter, cid_clients) |
| | 497 | { |
| | 498 | if(client_p->preClient->authd_timeout < rb_current_time()) |
| | 499 | authd_abort_client(client_p); |
| | 500 | } |
| | 501 | } |
| | 502 | |
| | 503 | /* Send a new blacklist to authd */ |
| | 504 | void |
| | 505 | add_blacklist(const char *host, const char *reason, uint8_t iptype, rb_dlink_list *filters) |
| | 506 | { |
| | 507 | rb_dlink_node *ptr; |
| | 508 | struct blacklist_stats *stats = rb_malloc(sizeof(struct blacklist_stats)); |
| | 509 | char filterbuf[BUFSIZE] = "*"; |
| | 510 | size_t s = 0; |
| | 511 | |
| | 512 | /* Build a list of comma-separated values for authd. |
| | 513 | * We don't check for validity - do it elsewhere. |
| | 514 | */ |
| | 515 | RB_DLINK_FOREACH(ptr, filters->head) |
| | 516 | { |
| | 517 | char *filter = ptr->data; |
| | 518 | size_t filterlen = strlen(filter) + 1; |
| | 519 | |
| | 520 | if(s + filterlen > sizeof(filterbuf)) |
| | 521 | break; |
| | 522 | |
| | 523 | snprintf(&filterbuf[s], sizeof(filterbuf) - s, "%s,", filter); |
| | 524 | |
| | 525 | s += filterlen; |
| | 526 | } |
| | 527 | |
| | 528 | if(s) |
| | 529 | filterbuf[s - 1] = '\0'; |
| | 530 | |
| | 531 | stats->iptype = iptype; |
| | 532 | stats->hits = 0; |
| | 533 | rb_dictionary_add(bl_stats, host, stats); |
| | 534 | |
| | 535 | rb_helper_write(authd_helper, "O rbl %s %hhu %s :%s", host, iptype, filterbuf, reason); |
| | 536 | } |
| | 537 | |
| | 538 | /* Delete a blacklist */ |
| | 539 | void |
| | 540 | del_blacklist(const char *host) |
| | 541 | { |
| | 542 | rb_dictionary_delete(bl_stats, host); |
| | 543 | |
| | 544 | rb_helper_write(authd_helper, "O rbl_del %s", host); |
| | 545 | } |
| | 546 | |
| | 547 | /* Delete all the blacklists */ |
| | 548 | void |
| | 549 | del_blacklist_all(void) |
| | 550 | { |
| | 551 | struct blacklist_stats *stats; |
| | 552 | rb_dictionary_iter iter; |
| | 553 | |
| | 554 | RB_DICTIONARY_FOREACH(stats, &iter, bl_stats) |
| | 555 | { |
| | 556 | rb_free(stats); |
| | 557 | rb_dictionary_delete(bl_stats, iter.cur->key); |
| | 558 | } |
| | 559 | |
| | 560 | rb_helper_write(authd_helper, "O rbl_del_all"); |
| | 561 | } |
| | 562 | |
| | 563 | /* Adjust an authd timeout value */ |
| | 564 | bool |
| | 565 | set_authd_timeout(const char *key, int timeout) |
| | 566 | { |
| | 567 | if(timeout <= 0) |
| | 568 | return false; |
| | 569 | |
| | 570 | rb_helper_write(authd_helper, "O %s %d", key, timeout); |
| | 571 | return true; |
| | 572 | } |
| | 573 | |
| | 574 | /* Enable identd checks */ |
| | 575 | void |
| | 576 | ident_check_enable(bool enabled) |
| | 577 | { |
| | 578 | rb_helper_write(authd_helper, "O ident_enabled %d", enabled ? 1 : 0); |
| | 579 | } |
| | 580 | |
| | 581 | /* Create an OPM listener */ |
| | 582 | void |
| | 583 | create_opm_listener(const char *ip, uint16_t port) |
| | 584 | { |
| | 585 | rb_helper_write(authd_helper, "O opm_listener %s %hu", ip, port); |
| | 586 | } |
| | 587 | |
| | 588 | /* Disable all OPM scans */ |
| | 589 | void |
| | 590 | opm_check_enable(bool enabled) |
| | 591 | { |
| | 592 | rb_helper_write(authd_helper, "O opm_enable %d", enabled ? 1 : 0); |
| | 593 | } |
| | 594 | |
| | 595 | /* Create an OPM proxy scanner */ |
| | 596 | void |
| | 597 | create_opm_proxy_scanner(const char *type, uint16_t port) |
| | 598 | { |
| | 599 | rb_helper_write(authd_helper, "O opm_scanner %s %hu", type, port); |
| | 600 | } |
projects / solanum.git / blame_incremental