]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * ircd-ratbox: A slightly useful ircd. | |
3 | * s_serv.c: Server related functions. | |
4 | * | |
5 | * Copyright (C) 1990 Jarkko Oikarinen and University of Oulu, Co Center | |
6 | * Copyright (C) 1996-2002 Hybrid Development Team | |
7 | * Copyright (C) 2002-2005 ircd-ratbox development team | |
8 | * | |
9 | * This program is free software; you can redistribute it and/or modify | |
10 | * it under the terms of the GNU General Public License as published by | |
11 | * the Free Software Foundation; either version 2 of the License, or | |
12 | * (at your option) any later version. | |
13 | * | |
14 | * This program is distributed in the hope that it will be useful, | |
15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
17 | * GNU General Public License for more details. | |
18 | * | |
19 | * You should have received a copy of the GNU General Public License | |
20 | * along with this program; if not, write to the Free Software | |
21 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 | |
22 | * USA | |
23 | */ | |
24 | ||
25 | #include "stdinc.h" | |
26 | ||
27 | #ifdef HAVE_LIBCRYPTO | |
28 | #include <openssl/rsa.h> | |
29 | #endif | |
30 | ||
31 | #include "s_serv.h" | |
32 | #include "class.h" | |
33 | #include "client.h" | |
34 | #include "hash.h" | |
35 | #include "match.h" | |
36 | #include "ircd.h" | |
37 | #include "ircd_defs.h" | |
38 | #include "numeric.h" | |
39 | #include "packet.h" | |
40 | #include "s_conf.h" | |
41 | #include "s_newconf.h" | |
42 | #include "logger.h" | |
43 | #include "s_stats.h" | |
44 | #include "s_user.h" | |
45 | #include "scache.h" | |
46 | #include "send.h" | |
47 | #include "client.h" | |
48 | #include "channel.h" /* chcap_usage_counts stuff... */ | |
49 | #include "hook.h" | |
50 | #include "msg.h" | |
51 | #include "reject.h" | |
52 | #include "sslproc.h" | |
53 | #include "capability.h" | |
54 | #include "s_assert.h" | |
55 | ||
56 | int MaxConnectionCount = 1; | |
57 | int MaxClientCount = 1; | |
58 | int refresh_user_links = 0; | |
59 | ||
60 | static char buf[BUFSIZE]; | |
61 | ||
62 | /* | |
63 | * list of recognized server capabilities. "TS" is not on the list | |
64 | * because all servers that we talk to already do TS, and the kludged | |
65 | * extra argument to "PASS" takes care of checking that. -orabidoo | |
66 | */ | |
67 | struct CapabilityIndex *serv_capindex = NULL; | |
68 | struct CapabilityIndex *cli_capindex = NULL; | |
69 | ||
70 | unsigned int CAP_CAP; | |
71 | unsigned int CAP_QS; | |
72 | unsigned int CAP_EX; | |
73 | unsigned int CAP_CHW; | |
74 | unsigned int CAP_IE; | |
75 | unsigned int CAP_KLN; | |
76 | unsigned int CAP_KNOCK; | |
77 | unsigned int CAP_TB; | |
78 | unsigned int CAP_UNKLN; | |
79 | unsigned int CAP_CLUSTER; | |
80 | unsigned int CAP_ENCAP; | |
81 | unsigned int CAP_TS6; | |
82 | unsigned int CAP_SERVICE; | |
83 | unsigned int CAP_RSFNC; | |
84 | unsigned int CAP_SAVE; | |
85 | unsigned int CAP_EUID; | |
86 | unsigned int CAP_EOPMOD; | |
87 | unsigned int CAP_BAN; | |
88 | unsigned int CAP_MLOCK; | |
89 | unsigned int CAP_EBMASK; | |
90 | ||
91 | unsigned int CLICAP_MULTI_PREFIX; | |
92 | unsigned int CLICAP_ACCOUNT_NOTIFY; | |
93 | unsigned int CLICAP_EXTENDED_JOIN; | |
94 | unsigned int CLICAP_AWAY_NOTIFY; | |
95 | unsigned int CLICAP_USERHOST_IN_NAMES; | |
96 | unsigned int CLICAP_CAP_NOTIFY; | |
97 | unsigned int CLICAP_CHGHOST; | |
98 | unsigned int CLICAP_ECHO_MESSAGE; | |
99 | ||
100 | /* | |
101 | * initialize our builtin capability table. --nenolod | |
102 | */ | |
103 | void | |
104 | init_builtin_capabs(void) | |
105 | { | |
106 | static struct ClientCapability high_priority = {.flags = CLICAP_FLAGS_PRIORITY}; | |
107 | serv_capindex = capability_index_create("server capabilities"); | |
108 | ||
109 | /* These two are not set via CAPAB/GCAP keywords. */ | |
110 | CAP_CAP = capability_put_anonymous(serv_capindex); | |
111 | CAP_TS6 = capability_put_anonymous(serv_capindex); | |
112 | ||
113 | CAP_QS = capability_put(serv_capindex, "QS", NULL); | |
114 | CAP_EX = capability_put(serv_capindex, "EX", NULL); | |
115 | CAP_CHW = capability_put(serv_capindex, "CHW", NULL); | |
116 | CAP_IE = capability_put(serv_capindex, "IE", NULL); | |
117 | CAP_KLN = capability_put(serv_capindex, "KLN", NULL); | |
118 | CAP_KNOCK = capability_put(serv_capindex, "KNOCK", NULL); | |
119 | CAP_TB = capability_put(serv_capindex, "TB", NULL); | |
120 | CAP_UNKLN = capability_put(serv_capindex, "UNKLN", NULL); | |
121 | CAP_CLUSTER = capability_put(serv_capindex, "CLUSTER", NULL); | |
122 | CAP_ENCAP = capability_put(serv_capindex, "ENCAP", NULL); | |
123 | CAP_SERVICE = capability_put(serv_capindex, "SERVICES", NULL); | |
124 | CAP_RSFNC = capability_put(serv_capindex, "RSFNC", NULL); | |
125 | CAP_SAVE = capability_put(serv_capindex, "SAVE", NULL); | |
126 | CAP_EUID = capability_put(serv_capindex, "EUID", NULL); | |
127 | CAP_EOPMOD = capability_put(serv_capindex, "EOPMOD", NULL); | |
128 | CAP_BAN = capability_put(serv_capindex, "BAN", NULL); | |
129 | CAP_MLOCK = capability_put(serv_capindex, "MLOCK", NULL); | |
130 | CAP_EBMASK = capability_put(serv_capindex, "EBMASK", NULL); | |
131 | ||
132 | capability_require(serv_capindex, "QS"); | |
133 | capability_require(serv_capindex, "EX"); | |
134 | capability_require(serv_capindex, "IE"); | |
135 | capability_require(serv_capindex, "ENCAP"); | |
136 | ||
137 | cli_capindex = capability_index_create("client capabilities"); | |
138 | ||
139 | CLICAP_MULTI_PREFIX = capability_put(cli_capindex, "multi-prefix", &high_priority); | |
140 | CLICAP_ACCOUNT_NOTIFY = capability_put(cli_capindex, "account-notify", &high_priority); | |
141 | CLICAP_EXTENDED_JOIN = capability_put(cli_capindex, "extended-join", &high_priority); | |
142 | CLICAP_AWAY_NOTIFY = capability_put(cli_capindex, "away-notify", &high_priority); | |
143 | CLICAP_USERHOST_IN_NAMES = capability_put(cli_capindex, "userhost-in-names", &high_priority); | |
144 | CLICAP_CAP_NOTIFY = capability_put(cli_capindex, "cap-notify", NULL); | |
145 | CLICAP_CHGHOST = capability_put(cli_capindex, "chghost", &high_priority); | |
146 | CLICAP_ECHO_MESSAGE = capability_put(cli_capindex, "echo-message", NULL); | |
147 | } | |
148 | ||
149 | static CNCB serv_connect_callback; | |
150 | static CNCB serv_connect_ssl_callback; | |
151 | static SSL_OPEN_CB serv_connect_ssl_open_callback; | |
152 | ||
153 | /* | |
154 | * hunt_server - Do the basic thing in delivering the message (command) | |
155 | * across the relays to the specific server (server) for | |
156 | * actions. | |
157 | * | |
158 | * Note: The command is a format string and *MUST* be | |
159 | * of prefixed style (e.g. ":%s COMMAND %s ..."). | |
160 | * Command can have only max 8 parameters. | |
161 | * | |
162 | * server parv[server] is the parameter identifying the | |
163 | * target server. | |
164 | * | |
165 | * *WARNING* | |
166 | * parv[server] is replaced with the pointer to the | |
167 | * real servername from the matched client (I'm lazy | |
168 | * now --msa). | |
169 | * | |
170 | * returns: (see #defines) | |
171 | */ | |
172 | int | |
173 | hunt_server(struct Client *client_p, struct Client *source_p, | |
174 | const char *command, int server, int parc, const char *parv[]) | |
175 | { | |
176 | struct Client *target_p; | |
177 | int wilds; | |
178 | rb_dlink_node *ptr; | |
179 | const char *old; | |
180 | char *new; | |
181 | ||
182 | /* | |
183 | * Assume it's me, if no server | |
184 | */ | |
185 | if(parc <= server || EmptyString(parv[server]) || | |
186 | match(parv[server], me.name) || (strcmp(parv[server], me.id) == 0)) | |
187 | return (HUNTED_ISME); | |
188 | ||
189 | new = LOCAL_COPY(parv[server]); | |
190 | ||
191 | /* | |
192 | * These are to pickup matches that would cause the following | |
193 | * message to go in the wrong direction while doing quick fast | |
194 | * non-matching lookups. | |
195 | */ | |
196 | if(MyClient(source_p)) | |
197 | target_p = find_named_client(new); | |
198 | else | |
199 | target_p = find_client(new); | |
200 | ||
201 | if(target_p) | |
202 | if(target_p->from == source_p->from && !MyConnect(target_p)) | |
203 | target_p = NULL; | |
204 | ||
205 | collapse(new); | |
206 | wilds = (strchr(new, '?') || strchr(new, '*')); | |
207 | ||
208 | /* | |
209 | * Again, if there are no wild cards involved in the server | |
210 | * name, use the hash lookup | |
211 | */ | |
212 | if(!target_p && wilds) | |
213 | { | |
214 | RB_DLINK_FOREACH(ptr, global_serv_list.head) | |
215 | { | |
216 | if(match(new, ((struct Client *) (ptr->data))->name)) | |
217 | { | |
218 | target_p = ptr->data; | |
219 | break; | |
220 | } | |
221 | } | |
222 | } | |
223 | ||
224 | if(target_p && !IsRegistered(target_p)) | |
225 | target_p = NULL; | |
226 | ||
227 | if(target_p) | |
228 | { | |
229 | if(IsMe(target_p) || MyClient(target_p)) | |
230 | return HUNTED_ISME; | |
231 | ||
232 | old = parv[server]; | |
233 | parv[server] = get_id(target_p, target_p); | |
234 | ||
235 | sendto_one(target_p, command, get_id(source_p, target_p), | |
236 | parv[1], parv[2], parv[3], parv[4], parv[5], parv[6], parv[7], parv[8]); | |
237 | parv[server] = old; | |
238 | return (HUNTED_PASS); | |
239 | } | |
240 | ||
241 | if(MyClient(source_p) || !IsDigit(parv[server][0])) | |
242 | sendto_one_numeric(source_p, ERR_NOSUCHSERVER, | |
243 | form_str(ERR_NOSUCHSERVER), parv[server]); | |
244 | return (HUNTED_NOSUCH); | |
245 | } | |
246 | ||
247 | /* | |
248 | * try_connections - scan through configuration and try new connections. | |
249 | * Returns the calendar time when the next call to this | |
250 | * function should be made latest. (No harm done if this | |
251 | * is called earlier or later...) | |
252 | */ | |
253 | void | |
254 | try_connections(void *unused) | |
255 | { | |
256 | struct Client *client_p; | |
257 | struct server_conf *server_p = NULL; | |
258 | struct server_conf *tmp_p; | |
259 | struct Class *cltmp; | |
260 | rb_dlink_node *ptr; | |
261 | bool connecting = false; | |
262 | int confrq = 0; | |
263 | time_t next = 0; | |
264 | ||
265 | RB_DLINK_FOREACH(ptr, server_conf_list.head) | |
266 | { | |
267 | tmp_p = ptr->data; | |
268 | ||
269 | if(ServerConfIllegal(tmp_p) || !ServerConfAutoconn(tmp_p)) | |
270 | continue; | |
271 | ||
272 | /* don't allow ssl connections if ssl isn't setup */ | |
273 | if(ServerConfSSL(tmp_p) && (!ircd_ssl_ok || !get_ssld_count())) | |
274 | continue; | |
275 | ||
276 | cltmp = tmp_p->class; | |
277 | ||
278 | /* | |
279 | * Skip this entry if the use of it is still on hold until | |
280 | * future. Otherwise handle this entry (and set it on hold | |
281 | * until next time). Will reset only hold times, if already | |
282 | * made one successfull connection... [this algorithm is | |
283 | * a bit fuzzy... -- msa >;) ] | |
284 | */ | |
285 | if(tmp_p->hold > rb_current_time()) | |
286 | { | |
287 | if(next > tmp_p->hold || next == 0) | |
288 | next = tmp_p->hold; | |
289 | continue; | |
290 | } | |
291 | ||
292 | confrq = get_con_freq(cltmp); | |
293 | tmp_p->hold = rb_current_time() + confrq; | |
294 | ||
295 | /* | |
296 | * Found a CONNECT config with port specified, scan clients | |
297 | * and see if this server is already connected? | |
298 | */ | |
299 | client_p = find_server(NULL, tmp_p->name); | |
300 | ||
301 | if(!client_p && (CurrUsers(cltmp) < MaxAutoconn(cltmp)) && !connecting) | |
302 | { | |
303 | server_p = tmp_p; | |
304 | ||
305 | /* We connect only one at time... */ | |
306 | connecting = true; | |
307 | } | |
308 | ||
309 | if((next > tmp_p->hold) || (next == 0)) | |
310 | next = tmp_p->hold; | |
311 | } | |
312 | ||
313 | /* TODO: change this to set active flag to 0 when added to event! --Habeeb */ | |
314 | if(GlobalSetOptions.autoconn == 0) | |
315 | return; | |
316 | ||
317 | if(!connecting) | |
318 | return; | |
319 | ||
320 | /* move this connect entry to end.. */ | |
321 | rb_dlinkDelete(&server_p->node, &server_conf_list); | |
322 | rb_dlinkAddTail(server_p, &server_p->node, &server_conf_list); | |
323 | ||
324 | /* | |
325 | * We used to only print this if serv_connect() actually | |
326 | * suceeded, but since rb_tcp_connect() can call the callback | |
327 | * immediately if there is an error, we were getting error messages | |
328 | * in the wrong order. SO, we just print out the activated line, | |
329 | * and let serv_connect() / serv_connect_callback() print an | |
330 | * error afterwards if it fails. | |
331 | * -- adrian | |
332 | */ | |
333 | sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, | |
334 | "Connection to %s activated", | |
335 | server_p->name); | |
336 | ||
337 | serv_connect(server_p, 0); | |
338 | } | |
339 | ||
340 | int | |
341 | check_server(const char *name, struct Client *client_p) | |
342 | { | |
343 | struct server_conf *server_p = NULL; | |
344 | struct server_conf *tmp_p; | |
345 | rb_dlink_node *ptr; | |
346 | int error = -1; | |
347 | const char *encr; | |
348 | bool name_matched = false; | |
349 | bool host_matched = false; | |
350 | bool certfp_failed = false; | |
351 | ||
352 | s_assert(NULL != client_p); | |
353 | if(client_p == NULL) | |
354 | return error; | |
355 | ||
356 | if(!(client_p->localClient->passwd)) | |
357 | return -2; | |
358 | ||
359 | if(strlen(name) > HOSTLEN) | |
360 | return -4; | |
361 | ||
362 | RB_DLINK_FOREACH(ptr, server_conf_list.head) | |
363 | { | |
364 | struct rb_sockaddr_storage client_addr; | |
365 | ||
366 | tmp_p = ptr->data; | |
367 | ||
368 | if(ServerConfIllegal(tmp_p)) | |
369 | continue; | |
370 | ||
371 | if(!match(tmp_p->name, name)) | |
372 | continue; | |
373 | ||
374 | name_matched = true; | |
375 | ||
376 | if(rb_inet_pton_sock(client_p->sockhost, &client_addr) <= 0) | |
377 | SET_SS_FAMILY(&client_addr, AF_UNSPEC); | |
378 | ||
379 | if((tmp_p->connect_host && match(tmp_p->connect_host, client_p->host)) | |
380 | || (GET_SS_FAMILY(&client_addr) == GET_SS_FAMILY(&tmp_p->connect4) | |
381 | && comp_with_mask_sock((struct sockaddr *)&client_addr, | |
382 | (struct sockaddr *)&tmp_p->connect4, 32)) | |
383 | || (GET_SS_FAMILY(&client_addr) == GET_SS_FAMILY(&tmp_p->connect6) | |
384 | && comp_with_mask_sock((struct sockaddr *)&client_addr, | |
385 | (struct sockaddr *)&tmp_p->connect6, 128)) | |
386 | ) | |
387 | { | |
388 | host_matched = true; | |
389 | ||
390 | if(tmp_p->passwd) | |
391 | { | |
392 | if(ServerConfEncrypted(tmp_p)) | |
393 | { | |
394 | encr = rb_crypt(client_p->localClient->passwd, | |
395 | tmp_p->passwd); | |
396 | if(encr != NULL && !strcmp(tmp_p->passwd, encr)) | |
397 | { | |
398 | server_p = tmp_p; | |
399 | break; | |
400 | } | |
401 | else | |
402 | continue; | |
403 | } | |
404 | else if(strcmp(tmp_p->passwd, client_p->localClient->passwd)) | |
405 | continue; | |
406 | } | |
407 | ||
408 | if(tmp_p->certfp) | |
409 | { | |
410 | if(!client_p->certfp || rb_strcasecmp(tmp_p->certfp, client_p->certfp) != 0) { | |
411 | certfp_failed = true; | |
412 | continue; | |
413 | } | |
414 | } | |
415 | ||
416 | server_p = tmp_p; | |
417 | break; | |
418 | } | |
419 | } | |
420 | ||
421 | if(server_p == NULL) | |
422 | { | |
423 | /* return the most specific error */ | |
424 | if(certfp_failed) | |
425 | error = -6; | |
426 | else if(host_matched) | |
427 | error = -2; | |
428 | else if(name_matched) | |
429 | error = -3; | |
430 | ||
431 | return error; | |
432 | } | |
433 | ||
434 | if(ServerConfSSL(server_p) && client_p->localClient->ssl_ctl == NULL) | |
435 | { | |
436 | return -5; | |
437 | } | |
438 | ||
439 | if (client_p->localClient->att_sconf && client_p->localClient->att_sconf->class == server_p->class) { | |
440 | /* this is an outgoing connection that is already attached to the correct class */ | |
441 | } else if (CurrUsers(server_p->class) >= MaxUsers(server_p->class)) { | |
442 | return -7; | |
443 | } | |
444 | attach_server_conf(client_p, server_p); | |
445 | ||
446 | /* clear TB if they support but we dont want it */ | |
447 | if(!ServerConfTb(server_p)) | |
448 | ClearCap(client_p, CAP_TB); | |
449 | ||
450 | return 0; | |
451 | } | |
452 | ||
453 | /* | |
454 | * send_capabilities | |
455 | * | |
456 | * inputs - Client pointer to send to | |
457 | * - int flag of capabilities that this server has | |
458 | * output - NONE | |
459 | * side effects - send the CAPAB line to a server -orabidoo | |
460 | */ | |
461 | void | |
462 | send_capabilities(struct Client *client_p, unsigned int cap_can_send) | |
463 | { | |
464 | sendto_one(client_p, "CAPAB :%s", capability_index_list(serv_capindex, cap_can_send)); | |
465 | } | |
466 | ||
467 | static void | |
468 | burst_ban(struct Client *client_p) | |
469 | { | |
470 | struct ConfItem *aconf; | |
471 | const char *type; | |
472 | rb_dictionary_iter state; | |
473 | ||
474 | RB_DICTIONARY_FOREACH(aconf, &state, prop_bans_dict) | |
475 | { | |
476 | /* Skip expired stuff. */ | |
477 | if(aconf->lifetime < rb_current_time()) | |
478 | continue; | |
479 | switch(aconf->status & ~CONF_ILLEGAL) | |
480 | { | |
481 | case CONF_KILL: type = "K"; break; | |
482 | case CONF_DLINE: type = "D"; break; | |
483 | case CONF_XLINE: type = "X"; break; | |
484 | case CONF_RESV_NICK: type = "R"; break; | |
485 | case CONF_RESV_CHANNEL: type = "R"; break; | |
486 | default: | |
487 | continue; | |
488 | } | |
489 | sendto_one(client_p, ":%s BAN %s %s %s %lu %d %d %s :%s%s%s", | |
490 | me.id, | |
491 | type, | |
492 | aconf->user ? aconf->user : "*", aconf->host, | |
493 | (unsigned long)aconf->created, | |
494 | (int)(aconf->hold - aconf->created), | |
495 | (int)(aconf->lifetime - aconf->created), | |
496 | aconf->info.oper, | |
497 | aconf->passwd, | |
498 | aconf->spasswd ? "|" : "", | |
499 | aconf->spasswd ? aconf->spasswd : ""); | |
500 | } | |
501 | } | |
502 | ||
503 | /* burst_modes_TS6() | |
504 | * | |
505 | * input - client to burst to, channel name, list to burst, mode flag | |
506 | * output - | |
507 | * side effects - client is sent a list of +b, +e, or +I modes | |
508 | */ | |
509 | static void | |
510 | burst_modes_TS6(struct Client *client_p, struct Channel *chptr, | |
511 | rb_dlink_list *list, char flag) | |
512 | { | |
513 | rb_dlink_node *ptr; | |
514 | struct Ban *banptr; | |
515 | ||
516 | send_multiline_init(client_p, " ", ":%s %s %ld %s %c :", | |
517 | me.id, | |
518 | IsCapable(client_p, CAP_EBMASK) ? "EBMASK" : "BMASK", | |
519 | (long)chptr->channelts, | |
520 | chptr->chname, | |
521 | flag); | |
522 | ||
523 | RB_DLINK_FOREACH_PREV(ptr, list->tail) | |
524 | { | |
525 | banptr = ptr->data; | |
526 | ||
527 | if (banptr->forward) | |
528 | sprintf(buf, "%s$%s", banptr->banstr, banptr->forward); | |
529 | else | |
530 | strcpy(buf, banptr->banstr); | |
531 | ||
532 | if IsCapable(client_p, CAP_EBMASK) | |
533 | send_multiline_item(client_p, "%s %ld %s", | |
534 | buf, | |
535 | (long)banptr->when, | |
536 | banptr->who); | |
537 | else | |
538 | send_multiline_item(client_p, "%s", buf); | |
539 | ||
540 | } | |
541 | ||
542 | send_multiline_fini(client_p, NULL); | |
543 | } | |
544 | ||
545 | /* | |
546 | * burst_TS6 | |
547 | * | |
548 | * inputs - client (server) to send nick towards | |
549 | * - client to send nick for | |
550 | * output - NONE | |
551 | * side effects - NICK message is sent towards given client_p | |
552 | */ | |
553 | static void | |
554 | burst_TS6(struct Client *client_p) | |
555 | { | |
556 | char ubuf[BUFSIZE]; | |
557 | struct Client *target_p; | |
558 | struct Channel *chptr; | |
559 | struct membership *msptr; | |
560 | hook_data_client hclientinfo; | |
561 | hook_data_channel hchaninfo; | |
562 | rb_dlink_node *ptr; | |
563 | rb_dlink_node *uptr; | |
564 | char *t; | |
565 | int tlen, mlen; | |
566 | int cur_len = 0; | |
567 | ||
568 | hclientinfo.client = hchaninfo.client = client_p; | |
569 | ||
570 | RB_DLINK_FOREACH(ptr, global_client_list.head) | |
571 | { | |
572 | target_p = ptr->data; | |
573 | ||
574 | if(!IsPerson(target_p)) | |
575 | continue; | |
576 | ||
577 | if(MyClient(target_p->from) && target_p->localClient->att_sconf != NULL && ServerConfNoExport(target_p->localClient->att_sconf)) | |
578 | continue; | |
579 | ||
580 | send_umode(NULL, target_p, 0, ubuf); | |
581 | if(!*ubuf) | |
582 | { | |
583 | ubuf[0] = '+'; | |
584 | ubuf[1] = '\0'; | |
585 | } | |
586 | ||
587 | if(IsCapable(client_p, CAP_EUID)) | |
588 | sendto_one(client_p, ":%s EUID %s %d %ld %s %s %s %s %s %s %s :%s", | |
589 | target_p->servptr->id, target_p->name, | |
590 | target_p->hopcount + 1, | |
591 | (long) target_p->tsinfo, ubuf, | |
592 | target_p->username, target_p->host, | |
593 | IsIPSpoof(target_p) ? "0" : target_p->sockhost, | |
594 | target_p->id, | |
595 | IsDynSpoof(target_p) ? target_p->orighost : "*", | |
596 | EmptyString(target_p->user->suser) ? "*" : target_p->user->suser, | |
597 | target_p->info); | |
598 | else | |
599 | sendto_one(client_p, ":%s UID %s %d %ld %s %s %s %s %s :%s", | |
600 | target_p->servptr->id, target_p->name, | |
601 | target_p->hopcount + 1, | |
602 | (long) target_p->tsinfo, ubuf, | |
603 | target_p->username, target_p->host, | |
604 | IsIPSpoof(target_p) ? "0" : target_p->sockhost, | |
605 | target_p->id, target_p->info); | |
606 | ||
607 | if(!EmptyString(target_p->certfp)) | |
608 | sendto_one(client_p, ":%s ENCAP * CERTFP :%s", | |
609 | use_id(target_p), target_p->certfp); | |
610 | ||
611 | if(!IsCapable(client_p, CAP_EUID)) | |
612 | { | |
613 | if(IsDynSpoof(target_p)) | |
614 | sendto_one(client_p, ":%s ENCAP * REALHOST %s", | |
615 | use_id(target_p), target_p->orighost); | |
616 | if(!EmptyString(target_p->user->suser)) | |
617 | sendto_one(client_p, ":%s ENCAP * LOGIN %s", | |
618 | use_id(target_p), target_p->user->suser); | |
619 | } | |
620 | ||
621 | if(ConfigFileEntry.burst_away && !EmptyString(target_p->user->away)) | |
622 | sendto_one(client_p, ":%s AWAY :%s", | |
623 | use_id(target_p), | |
624 | target_p->user->away); | |
625 | ||
626 | if (IsOper(target_p) && target_p->user && target_p->user->opername) | |
627 | { | |
628 | if (target_p->user->privset) | |
629 | sendto_one(client_p, ":%s OPER %s %s", | |
630 | use_id(target_p), | |
631 | target_p->user->opername, | |
632 | target_p->user->privset->name); | |
633 | else | |
634 | sendto_one(client_p, ":%s OPER %s", | |
635 | use_id(target_p), | |
636 | target_p->user->opername); | |
637 | } | |
638 | ||
639 | hclientinfo.target = target_p; | |
640 | call_hook(h_burst_client, &hclientinfo); | |
641 | } | |
642 | ||
643 | RB_DLINK_FOREACH(ptr, global_channel_list.head) | |
644 | { | |
645 | chptr = ptr->data; | |
646 | ||
647 | if(*chptr->chname != '#') | |
648 | continue; | |
649 | ||
650 | cur_len = mlen = sprintf(buf, ":%s SJOIN %ld %s %s :", me.id, | |
651 | (long) chptr->channelts, chptr->chname, | |
652 | channel_modes(chptr, client_p)); | |
653 | ||
654 | t = buf + mlen; | |
655 | ||
656 | RB_DLINK_FOREACH(uptr, chptr->members.head) | |
657 | { | |
658 | msptr = uptr->data; | |
659 | ||
660 | tlen = strlen(use_id(msptr->client_p)) + 1; | |
661 | if(is_chanop(msptr)) | |
662 | tlen++; | |
663 | if(is_voiced(msptr)) | |
664 | tlen++; | |
665 | ||
666 | if(cur_len + tlen >= BUFSIZE - 3) | |
667 | { | |
668 | *(t-1) = '\0'; | |
669 | sendto_one(client_p, "%s", buf); | |
670 | cur_len = mlen; | |
671 | t = buf + mlen; | |
672 | } | |
673 | ||
674 | sprintf(t, "%s%s ", find_channel_status(msptr, 1), | |
675 | use_id(msptr->client_p)); | |
676 | ||
677 | cur_len += tlen; | |
678 | t += tlen; | |
679 | } | |
680 | ||
681 | if (rb_dlink_list_length(&chptr->members) > 0) | |
682 | { | |
683 | /* remove trailing space */ | |
684 | *(t-1) = '\0'; | |
685 | } | |
686 | sendto_one(client_p, "%s", buf); | |
687 | ||
688 | if(rb_dlink_list_length(&chptr->banlist) > 0) | |
689 | burst_modes_TS6(client_p, chptr, &chptr->banlist, 'b'); | |
690 | ||
691 | if(IsCapable(client_p, CAP_EX) && | |
692 | rb_dlink_list_length(&chptr->exceptlist) > 0) | |
693 | burst_modes_TS6(client_p, chptr, &chptr->exceptlist, 'e'); | |
694 | ||
695 | if(IsCapable(client_p, CAP_IE) && | |
696 | rb_dlink_list_length(&chptr->invexlist) > 0) | |
697 | burst_modes_TS6(client_p, chptr, &chptr->invexlist, 'I'); | |
698 | ||
699 | if(rb_dlink_list_length(&chptr->quietlist) > 0) | |
700 | burst_modes_TS6(client_p, chptr, &chptr->quietlist, 'q'); | |
701 | ||
702 | if(IsCapable(client_p, CAP_TB) && chptr->topic != NULL) | |
703 | sendto_one(client_p, ":%s TB %s %ld %s%s:%s", | |
704 | me.id, chptr->chname, (long) chptr->topic_time, | |
705 | ConfigChannel.burst_topicwho ? chptr->topic_info : "", | |
706 | ConfigChannel.burst_topicwho ? " " : "", | |
707 | chptr->topic); | |
708 | ||
709 | if(IsCapable(client_p, CAP_MLOCK)) | |
710 | sendto_one(client_p, ":%s MLOCK %ld %s :%s", | |
711 | me.id, (long) chptr->channelts, chptr->chname, | |
712 | EmptyString(chptr->mode_lock) ? "" : chptr->mode_lock); | |
713 | ||
714 | hchaninfo.chptr = chptr; | |
715 | call_hook(h_burst_channel, &hchaninfo); | |
716 | } | |
717 | ||
718 | hclientinfo.target = NULL; | |
719 | call_hook(h_burst_finished, &hclientinfo); | |
720 | } | |
721 | ||
722 | /* | |
723 | * show_capabilities - show current server capabilities | |
724 | * | |
725 | * inputs - pointer to an struct Client | |
726 | * output - pointer to static string | |
727 | * side effects - build up string representing capabilities of server listed | |
728 | */ | |
729 | const char * | |
730 | show_capabilities(struct Client *target_p) | |
731 | { | |
732 | static char msgbuf[BUFSIZE]; | |
733 | ||
734 | *msgbuf = '\0'; | |
735 | ||
736 | if(has_id(target_p)) | |
737 | rb_strlcpy(msgbuf, " TS6", sizeof(msgbuf)); | |
738 | ||
739 | if(IsSSL(target_p)) | |
740 | rb_strlcat(msgbuf, " SSL", sizeof(msgbuf)); | |
741 | ||
742 | if(!IsServer(target_p) || !target_p->serv->caps) /* short circuit if no caps */ | |
743 | return msgbuf + 1; | |
744 | ||
745 | rb_strlcat(msgbuf, " ", sizeof(msgbuf)); | |
746 | rb_strlcat(msgbuf, capability_index_list(serv_capindex, target_p->serv->caps), sizeof(msgbuf)); | |
747 | ||
748 | return msgbuf + 1; | |
749 | } | |
750 | ||
751 | /* | |
752 | * server_estab | |
753 | * | |
754 | * inputs - pointer to a struct Client | |
755 | * output - | |
756 | * side effects - | |
757 | */ | |
758 | int | |
759 | server_estab(struct Client *client_p) | |
760 | { | |
761 | struct Client *target_p; | |
762 | struct server_conf *server_p; | |
763 | hook_data_client hdata; | |
764 | char *host; | |
765 | rb_dlink_node *ptr; | |
766 | char note[HOSTLEN + 15]; | |
767 | ||
768 | s_assert(NULL != client_p); | |
769 | if(client_p == NULL) | |
770 | return -1; | |
771 | ||
772 | host = client_p->name; | |
773 | ||
774 | if((server_p = client_p->localClient->att_sconf) == NULL) | |
775 | { | |
776 | /* This shouldn't happen, better tell the ops... -A1kmm */ | |
777 | sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, | |
778 | "Warning: Lost connect{} block for server %s!", host); | |
779 | return exit_client(client_p, client_p, client_p, "Lost connect{} block!"); | |
780 | } | |
781 | ||
782 | /* We shouldn't have to check this, it should already done before | |
783 | * server_estab is called. -A1kmm | |
784 | */ | |
785 | if(client_p->localClient->passwd) | |
786 | { | |
787 | memset(client_p->localClient->passwd, 0, strlen(client_p->localClient->passwd)); | |
788 | rb_free(client_p->localClient->passwd); | |
789 | client_p->localClient->passwd = NULL; | |
790 | } | |
791 | ||
792 | /* Its got identd , since its a server */ | |
793 | SetGotId(client_p); | |
794 | ||
795 | if(IsUnknown(client_p)) | |
796 | { | |
797 | /* the server may be linking based on certificate fingerprint now. --nenolod */ | |
798 | sendto_one(client_p, "PASS %s TS %d :%s", | |
799 | EmptyString(server_p->spasswd) ? "*" : server_p->spasswd, TS_CURRENT, me.id); | |
800 | ||
801 | /* pass info to new server */ | |
802 | send_capabilities(client_p, default_server_capabs | CAP_MASK | |
803 | | (ServerConfTb(server_p) ? CAP_TB : 0)); | |
804 | ||
805 | sendto_one(client_p, "SERVER %s 1 :%s%s", | |
806 | me.name, | |
807 | ConfigServerHide.hidden ? "(H) " : "", | |
808 | (me.info[0]) ? (me.info) : "IRCers United"); | |
809 | } | |
810 | ||
811 | if(!rb_set_buffers(client_p->localClient->F, READBUF_SIZE)) | |
812 | ilog_error("rb_set_buffers failed for server"); | |
813 | ||
814 | client_p->servptr = &me; | |
815 | ||
816 | if(IsAnyDead(client_p)) | |
817 | return CLIENT_EXITED; | |
818 | ||
819 | sendto_one(client_p, "SVINFO %d %d 0 :%ld", TS_CURRENT, TS_MIN, (long int)rb_current_time()); | |
820 | ||
821 | rb_dlinkAdd(client_p, &client_p->lnode, &me.serv->servers); | |
822 | rb_dlinkMoveNode(&client_p->localClient->tnode, &unknown_list, &serv_list); | |
823 | rb_dlinkAddTailAlloc(client_p, &global_serv_list); | |
824 | ||
825 | if(has_id(client_p)) | |
826 | add_to_id_hash(client_p->id, client_p); | |
827 | ||
828 | add_to_client_hash(client_p->name, client_p); | |
829 | /* doesnt duplicate client_p->serv if allocated this struct already */ | |
830 | make_server(client_p); | |
831 | SetServer(client_p); | |
832 | ||
833 | client_p->serv->caps = client_p->localClient->caps; | |
834 | ||
835 | if(client_p->localClient->fullcaps) | |
836 | { | |
837 | client_p->serv->fullcaps = rb_strdup(client_p->localClient->fullcaps); | |
838 | rb_free(client_p->localClient->fullcaps); | |
839 | client_p->localClient->fullcaps = NULL; | |
840 | } | |
841 | ||
842 | client_p->serv->nameinfo = scache_connect(client_p->name, client_p->info, IsHidden(client_p)); | |
843 | client_p->localClient->firsttime = rb_current_time(); | |
844 | /* fixing eob timings.. -gnp */ | |
845 | ||
846 | if((rb_dlink_list_length(&lclient_list) + rb_dlink_list_length(&serv_list)) > | |
847 | (unsigned long)MaxConnectionCount) | |
848 | MaxConnectionCount = rb_dlink_list_length(&lclient_list) + | |
849 | rb_dlink_list_length(&serv_list); | |
850 | ||
851 | /* Show the real host/IP to admins */ | |
852 | sendto_realops_snomask(SNO_GENERAL, L_ALL, | |
853 | "Link with %s established: (%s) link", | |
854 | client_p->name, | |
855 | show_capabilities(client_p)); | |
856 | ||
857 | ilog(L_SERVER, "Link with %s established: (%s) link", | |
858 | log_client_name(client_p, SHOW_IP), show_capabilities(client_p)); | |
859 | ||
860 | hdata.client = &me; | |
861 | hdata.target = client_p; | |
862 | call_hook(h_server_introduced, &hdata); | |
863 | ||
864 | snprintf(note, sizeof(note), "Server: %s", client_p->name); | |
865 | rb_note(client_p->localClient->F, note); | |
866 | ||
867 | /* | |
868 | ** Old sendto_serv_but_one() call removed because we now | |
869 | ** need to send different names to different servers | |
870 | ** (domain name matching) Send new server to other servers. | |
871 | */ | |
872 | RB_DLINK_FOREACH(ptr, serv_list.head) | |
873 | { | |
874 | target_p = ptr->data; | |
875 | ||
876 | if(target_p == client_p) | |
877 | continue; | |
878 | ||
879 | if(target_p->localClient->att_sconf != NULL && ServerConfNoExport(target_p->localClient->att_sconf)) | |
880 | continue; | |
881 | ||
882 | if(has_id(target_p) && has_id(client_p)) | |
883 | { | |
884 | sendto_one(target_p, ":%s SID %s 2 %s :%s%s", | |
885 | me.id, client_p->name, client_p->id, | |
886 | IsHidden(client_p) ? "(H) " : "", client_p->info); | |
887 | ||
888 | if(!EmptyString(client_p->serv->fullcaps)) | |
889 | sendto_one(target_p, ":%s ENCAP * GCAP :%s", | |
890 | client_p->id, client_p->serv->fullcaps); | |
891 | } | |
892 | else | |
893 | { | |
894 | sendto_one(target_p, ":%s SERVER %s 2 :%s%s", | |
895 | me.name, client_p->name, | |
896 | IsHidden(client_p) ? "(H) " : "", client_p->info); | |
897 | ||
898 | if(!EmptyString(client_p->serv->fullcaps)) | |
899 | sendto_one(target_p, ":%s ENCAP * GCAP :%s", | |
900 | client_p->name, client_p->serv->fullcaps); | |
901 | } | |
902 | } | |
903 | ||
904 | /* | |
905 | ** Pass on my client information to the new server | |
906 | ** | |
907 | ** First, pass only servers (idea is that if the link gets | |
908 | ** cancelled beacause the server was already there, | |
909 | ** there are no NICK's to be cancelled...). Of course, | |
910 | ** if cancellation occurs, all this info is sent anyway, | |
911 | ** and I guess the link dies when a read is attempted...? --msa | |
912 | ** | |
913 | ** Note: Link cancellation to occur at this point means | |
914 | ** that at least two servers from my fragment are building | |
915 | ** up connection this other fragment at the same time, it's | |
916 | ** a race condition, not the normal way of operation... | |
917 | ** | |
918 | ** ALSO NOTE: using the get_client_name for server names-- | |
919 | ** see previous *WARNING*!!! (Also, original inpath | |
920 | ** is destroyed...) | |
921 | */ | |
922 | RB_DLINK_FOREACH(ptr, global_serv_list.head) | |
923 | { | |
924 | target_p = ptr->data; | |
925 | ||
926 | /* target_p->from == target_p for target_p == client_p */ | |
927 | if(IsMe(target_p) || target_p->from == client_p) | |
928 | continue; | |
929 | ||
930 | /* don't distribute downstream leaves of servers that are no-export */ | |
931 | if(MyClient(target_p->from) && target_p->from->localClient->att_sconf != NULL && ServerConfNoExport(target_p->from->localClient->att_sconf)) | |
932 | continue; | |
933 | ||
934 | /* presumption, if target has an id, so does its uplink */ | |
935 | if(has_id(client_p) && has_id(target_p)) | |
936 | sendto_one(client_p, ":%s SID %s %d %s :%s%s", | |
937 | target_p->servptr->id, target_p->name, | |
938 | target_p->hopcount + 1, target_p->id, | |
939 | IsHidden(target_p) ? "(H) " : "", target_p->info); | |
940 | else | |
941 | sendto_one(client_p, ":%s SERVER %s %d :%s%s", | |
942 | target_p->servptr->name, | |
943 | target_p->name, target_p->hopcount + 1, | |
944 | IsHidden(target_p) ? "(H) " : "", target_p->info); | |
945 | ||
946 | if(!EmptyString(target_p->serv->fullcaps)) | |
947 | sendto_one(client_p, ":%s ENCAP * GCAP :%s", | |
948 | get_id(target_p, client_p), | |
949 | target_p->serv->fullcaps); | |
950 | } | |
951 | ||
952 | if(IsCapable(client_p, CAP_BAN)) | |
953 | burst_ban(client_p); | |
954 | ||
955 | burst_TS6(client_p); | |
956 | ||
957 | /* Always send a PING after connect burst is done */ | |
958 | sendto_one(client_p, "PING :%s", get_id(&me, client_p)); | |
959 | ||
960 | free_pre_client(client_p); | |
961 | ||
962 | send_pop_queue(client_p); | |
963 | ||
964 | return 0; | |
965 | } | |
966 | ||
967 | /* | |
968 | * New server connection code | |
969 | * Based upon the stuff floating about in s_bsd.c | |
970 | * -- adrian | |
971 | */ | |
972 | ||
973 | /* | |
974 | * serv_connect() - initiate a server connection | |
975 | * | |
976 | * inputs - pointer to conf | |
977 | * - pointer to client doing the connet | |
978 | * output - | |
979 | * side effects - | |
980 | * | |
981 | * This code initiates a connection to a server. It first checks to make | |
982 | * sure the given server exists. If this is the case, it creates a socket, | |
983 | * creates a client, saves the socket information in the client, and | |
984 | * initiates a connection to the server through rb_connect_tcp(). The | |
985 | * completion of this goes through serv_completed_connection(). | |
986 | * | |
987 | * We return 1 if the connection is attempted, since we don't know whether | |
988 | * it suceeded or not, and 0 if it fails in here somewhere. | |
989 | */ | |
990 | int | |
991 | serv_connect(struct server_conf *server_p, struct Client *by) | |
992 | { | |
993 | struct Client *client_p; | |
994 | struct sockaddr_storage sa_connect[2]; | |
995 | struct sockaddr_storage sa_bind[ARRAY_SIZE(sa_connect)]; | |
996 | char note[HOSTLEN + 10]; | |
997 | rb_fde_t *F; | |
998 | ||
999 | s_assert(server_p != NULL); | |
1000 | if(server_p == NULL) | |
1001 | return 0; | |
1002 | ||
1003 | for (int i = 0; i < ARRAY_SIZE(sa_connect); i++) { | |
1004 | SET_SS_FAMILY(&sa_connect[i], AF_UNSPEC); | |
1005 | SET_SS_FAMILY(&sa_bind[i], AF_UNSPEC); | |
1006 | } | |
1007 | ||
1008 | if(server_p->aftype == AF_UNSPEC | |
1009 | && GET_SS_FAMILY(&server_p->connect4) == AF_INET | |
1010 | && GET_SS_FAMILY(&server_p->connect6) == AF_INET6) | |
1011 | { | |
1012 | if(rand() % 2 == 0) | |
1013 | { | |
1014 | sa_connect[0] = server_p->connect4; | |
1015 | sa_connect[1] = server_p->connect6; | |
1016 | sa_bind[0] = server_p->bind4; | |
1017 | sa_bind[1] = server_p->bind6; | |
1018 | } | |
1019 | else | |
1020 | { | |
1021 | sa_connect[0] = server_p->connect6; | |
1022 | sa_connect[1] = server_p->connect4; | |
1023 | sa_bind[0] = server_p->bind6; | |
1024 | sa_bind[1] = server_p->bind4; | |
1025 | } | |
1026 | } | |
1027 | else if(server_p->aftype == AF_INET || GET_SS_FAMILY(&server_p->connect4) == AF_INET) | |
1028 | { | |
1029 | sa_connect[0] = server_p->connect4; | |
1030 | sa_connect[1] = server_p->connect6; | |
1031 | sa_bind[0] = server_p->bind4; | |
1032 | sa_bind[1] = server_p->bind6; | |
1033 | } | |
1034 | else if(server_p->aftype == AF_INET6 || GET_SS_FAMILY(&server_p->connect6) == AF_INET6) | |
1035 | { | |
1036 | sa_connect[0] = server_p->connect6; | |
1037 | sa_connect[1] = server_p->connect4; | |
1038 | sa_bind[0] = server_p->bind6; | |
1039 | sa_bind[1] = server_p->bind4; | |
1040 | } | |
1041 | ||
1042 | /* log */ | |
1043 | #ifdef HAVE_LIBSCTP | |
1044 | if (ServerConfSCTP(server_p) && GET_SS_FAMILY(&sa_connect[1]) != AF_UNSPEC) { | |
1045 | char buf2[HOSTLEN + 1]; | |
1046 | ||
1047 | buf[0] = 0; | |
1048 | buf2[0] = 0; | |
1049 | rb_inet_ntop_sock((struct sockaddr *)&sa_connect[0], buf, sizeof(buf)); | |
1050 | rb_inet_ntop_sock((struct sockaddr *)&sa_connect[1], buf2, sizeof(buf2)); | |
1051 | ilog(L_SERVER, "Connect to *[%s] @%s&%s", server_p->name, buf, buf2); | |
1052 | } else { | |
1053 | #else | |
1054 | { | |
1055 | #endif | |
1056 | buf[0] = 0; | |
1057 | rb_inet_ntop_sock((struct sockaddr *)&sa_connect[0], buf, sizeof(buf)); | |
1058 | ilog(L_SERVER, "Connect to *[%s] @%s", server_p->name, buf); | |
1059 | } | |
1060 | ||
1061 | /* | |
1062 | * Make sure this server isn't already connected | |
1063 | */ | |
1064 | if((client_p = find_server(NULL, server_p->name))) | |
1065 | { | |
1066 | sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, | |
1067 | "Server %s already present from %s", | |
1068 | server_p->name, client_p->name); | |
1069 | if(by && IsPerson(by) && !MyClient(by)) | |
1070 | sendto_one_notice(by, ":Server %s already present from %s", | |
1071 | server_p->name, client_p->name); | |
1072 | return 0; | |
1073 | } | |
1074 | ||
1075 | if (CurrUsers(server_p->class) >= MaxUsers(server_p->class)) { | |
1076 | sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, | |
1077 | "No more connections allowed in class \"%s\" for server %s", | |
1078 | server_p->class->class_name, server_p->name); | |
1079 | if(by && IsPerson(by) && !MyClient(by)) | |
1080 | sendto_one_notice(by, ":No more connections allowed in class \"%s\" for server %s", | |
1081 | server_p->class->class_name, server_p->name); | |
1082 | return 0; | |
1083 | } | |
1084 | ||
1085 | /* create a socket for the server connection */ | |
1086 | if(GET_SS_FAMILY(&sa_connect[0]) == AF_UNSPEC) { | |
1087 | ilog_error("unspecified socket address family"); | |
1088 | return 0; | |
1089 | #ifdef HAVE_LIBSCTP | |
1090 | } else if (ServerConfSCTP(server_p)) { | |
1091 | if ((F = rb_socket(AF_INET6, SOCK_STREAM, IPPROTO_SCTP, NULL)) == NULL) { | |
1092 | ilog_error("opening a stream socket"); | |
1093 | return 0; | |
1094 | } | |
1095 | #endif | |
1096 | } else if ((F = rb_socket(GET_SS_FAMILY(&sa_connect[0]), SOCK_STREAM, IPPROTO_TCP, NULL)) == NULL) { | |
1097 | ilog_error("opening a stream socket"); | |
1098 | return 0; | |
1099 | } | |
1100 | ||
1101 | /* servernames are always guaranteed under HOSTLEN chars */ | |
1102 | snprintf(note, sizeof(note), "Server: %s", server_p->name); | |
1103 | rb_note(F, note); | |
1104 | ||
1105 | /* Create a local client */ | |
1106 | client_p = make_client(NULL); | |
1107 | ||
1108 | /* Copy in the server, hostname, fd */ | |
1109 | rb_strlcpy(client_p->name, server_p->name, sizeof(client_p->name)); | |
1110 | if(server_p->connect_host) | |
1111 | rb_strlcpy(client_p->host, server_p->connect_host, sizeof(client_p->host)); | |
1112 | else | |
1113 | rb_strlcpy(client_p->host, buf, sizeof(client_p->host)); | |
1114 | rb_strlcpy(client_p->sockhost, buf, sizeof(client_p->sockhost)); | |
1115 | client_p->localClient->F = F; | |
1116 | /* shove the port number into the sockaddr */ | |
1117 | SET_SS_PORT(&sa_connect[0], htons(server_p->port)); | |
1118 | SET_SS_PORT(&sa_connect[1], htons(server_p->port)); | |
1119 | ||
1120 | /* | |
1121 | * Set up the initial server evilness, ripped straight from | |
1122 | * connect_server(), so don't blame me for it being evil. | |
1123 | * -- adrian | |
1124 | */ | |
1125 | ||
1126 | if(!rb_set_buffers(client_p->localClient->F, READBUF_SIZE)) | |
1127 | { | |
1128 | ilog_error("setting the buffer size for a server connection"); | |
1129 | } | |
1130 | ||
1131 | /* | |
1132 | * Attach config entries to client here rather than in | |
1133 | * serv_connect_callback(). This to avoid null pointer references. | |
1134 | */ | |
1135 | attach_server_conf(client_p, server_p); | |
1136 | ||
1137 | /* | |
1138 | * at this point we have a connection in progress and C/N lines | |
1139 | * attached to the client, the socket info should be saved in the | |
1140 | * client and it should either be resolved or have a valid address. | |
1141 | * | |
1142 | * The socket has been connected or connect is in progress. | |
1143 | */ | |
1144 | make_server(client_p); | |
1145 | if(by && IsClient(by)) | |
1146 | rb_strlcpy(client_p->serv->by, by->name, sizeof(client_p->serv->by)); | |
1147 | else | |
1148 | strcpy(client_p->serv->by, "AutoConn."); | |
1149 | ||
1150 | SetConnecting(client_p); | |
1151 | rb_dlinkAddTail(client_p, &client_p->node, &global_client_list); | |
1152 | ||
1153 | for (int i = 0; i < ARRAY_SIZE(sa_connect); i++) { | |
1154 | if (GET_SS_FAMILY(&sa_bind[i]) == AF_UNSPEC) { | |
1155 | if (GET_SS_FAMILY(&sa_connect[i]) == GET_SS_FAMILY(&ServerInfo.bind4)) | |
1156 | sa_bind[i] = ServerInfo.bind4; | |
1157 | if (GET_SS_FAMILY(&sa_connect[i]) == GET_SS_FAMILY(&ServerInfo.bind6)) | |
1158 | sa_bind[i] = ServerInfo.bind6; | |
1159 | } | |
1160 | } | |
1161 | ||
1162 | #ifdef HAVE_LIBSCTP | |
1163 | if (ServerConfSCTP(server_p)) { | |
1164 | rb_connect_sctp(client_p->localClient->F, | |
1165 | sa_connect, ARRAY_SIZE(sa_connect), sa_bind, ARRAY_SIZE(sa_bind), | |
1166 | ServerConfSSL(server_p) ? serv_connect_ssl_callback : serv_connect_callback, | |
1167 | client_p, ConfigFileEntry.connect_timeout); | |
1168 | } else { | |
1169 | #else | |
1170 | { | |
1171 | #endif | |
1172 | rb_connect_tcp(client_p->localClient->F, | |
1173 | (struct sockaddr *)&sa_connect[0], | |
1174 | GET_SS_FAMILY(&sa_bind[0]) == AF_UNSPEC ? NULL : (struct sockaddr *)&sa_bind[0], | |
1175 | ServerConfSSL(server_p) ? serv_connect_ssl_callback : serv_connect_callback, | |
1176 | client_p, ConfigFileEntry.connect_timeout); | |
1177 | } | |
1178 | return 1; | |
1179 | } | |
1180 | ||
1181 | static void | |
1182 | serv_connect_ssl_callback(rb_fde_t *F, int status, void *data) | |
1183 | { | |
1184 | struct Client *client_p = data; | |
1185 | rb_fde_t *xF[2]; | |
1186 | rb_connect_sockaddr(F, (struct sockaddr *)&client_p->localClient->ip, sizeof(client_p->localClient->ip)); | |
1187 | if(status != RB_OK) | |
1188 | { | |
1189 | /* Print error message, just like non-SSL. */ | |
1190 | serv_connect_callback(F, status, data); | |
1191 | return; | |
1192 | } | |
1193 | if(rb_socketpair(AF_UNIX, SOCK_STREAM, 0, &xF[0], &xF[1], "Outgoing ssld connection") == -1) | |
1194 | { | |
1195 | ilog_error("rb_socketpair failed for server"); | |
1196 | serv_connect_callback(F, RB_ERROR, data); | |
1197 | return; | |
1198 | ||
1199 | } | |
1200 | client_p->localClient->F = xF[0]; | |
1201 | client_p->localClient->ssl_callback = serv_connect_ssl_open_callback; | |
1202 | ||
1203 | client_p->localClient->ssl_ctl = start_ssld_connect(F, xF[1], connid_get(client_p)); | |
1204 | if(!client_p->localClient->ssl_ctl) | |
1205 | { | |
1206 | serv_connect_callback(client_p->localClient->F, RB_ERROR, data); | |
1207 | return; | |
1208 | } | |
1209 | SetSSL(client_p); | |
1210 | } | |
1211 | ||
1212 | static int | |
1213 | serv_connect_ssl_open_callback(struct Client *client_p, int status) | |
1214 | { | |
1215 | serv_connect_callback(client_p->localClient->F, status, client_p); | |
1216 | return 1; /* suppress default exit_client handler for status != RB_OK */ | |
1217 | } | |
1218 | ||
1219 | /* | |
1220 | * serv_connect_callback() - complete a server connection. | |
1221 | * | |
1222 | * This routine is called after the server connection attempt has | |
1223 | * completed. If unsucessful, an error is sent to ops and the client | |
1224 | * is closed. If sucessful, it goes through the initialisation/check | |
1225 | * procedures, the capabilities are sent, and the socket is then | |
1226 | * marked for reading. | |
1227 | */ | |
1228 | static void | |
1229 | serv_connect_callback(rb_fde_t *F, int status, void *data) | |
1230 | { | |
1231 | struct Client *client_p = data; | |
1232 | struct server_conf *server_p; | |
1233 | char *errstr; | |
1234 | ||
1235 | /* First, make sure its a real client! */ | |
1236 | s_assert(client_p != NULL); | |
1237 | s_assert(client_p->localClient->F == F); | |
1238 | ||
1239 | if(client_p == NULL) | |
1240 | return; | |
1241 | ||
1242 | /* while we were waiting for the callback, its possible this already | |
1243 | * linked in.. --fl | |
1244 | */ | |
1245 | if(find_server(NULL, client_p->name) != NULL) | |
1246 | { | |
1247 | exit_client(client_p, client_p, &me, "Server Exists"); | |
1248 | return; | |
1249 | } | |
1250 | ||
1251 | if(client_p->localClient->ssl_ctl == NULL) | |
1252 | rb_connect_sockaddr(F, (struct sockaddr *)&client_p->localClient->ip, sizeof(client_p->localClient->ip)); | |
1253 | ||
1254 | /* Check the status */ | |
1255 | if(status != RB_OK) | |
1256 | { | |
1257 | /* COMM_ERR_TIMEOUT wont have an errno associated with it, | |
1258 | * the others will.. --fl | |
1259 | */ | |
1260 | if(status == RB_ERR_TIMEOUT || status == RB_ERROR_SSL) | |
1261 | { | |
1262 | sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, | |
1263 | "Error connecting to %s[%s]: %s", | |
1264 | client_p->name, | |
1265 | "255.255.255.255", | |
1266 | rb_errstr(status)); | |
1267 | ilog(L_SERVER, "Error connecting to %s[%s]: %s", | |
1268 | client_p->name, client_p->sockhost, | |
1269 | rb_errstr(status)); | |
1270 | } | |
1271 | else | |
1272 | { | |
1273 | errstr = strerror(rb_get_sockerr(F)); | |
1274 | sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, | |
1275 | "Error connecting to %s[%s]: %s (%s)", | |
1276 | client_p->name, | |
1277 | "255.255.255.255", | |
1278 | rb_errstr(status), errstr); | |
1279 | ilog(L_SERVER, "Error connecting to %s[%s]: %s (%s)", | |
1280 | client_p->name, client_p->sockhost, | |
1281 | rb_errstr(status), errstr); | |
1282 | } | |
1283 | ||
1284 | exit_client(client_p, client_p, &me, rb_errstr(status)); | |
1285 | return; | |
1286 | } | |
1287 | ||
1288 | /* COMM_OK, so continue the connection procedure */ | |
1289 | /* Get the C/N lines */ | |
1290 | if((server_p = client_p->localClient->att_sconf) == NULL) | |
1291 | { | |
1292 | sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "Lost connect{} block for %s", | |
1293 | client_p->name); | |
1294 | exit_client(client_p, client_p, &me, "Lost connect{} block"); | |
1295 | return; | |
1296 | } | |
1297 | ||
1298 | if(server_p->certfp && (!client_p->certfp || rb_strcasecmp(server_p->certfp, client_p->certfp) != 0)) | |
1299 | { | |
1300 | sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, | |
1301 | "Connection to %s has invalid certificate fingerprint %s", | |
1302 | client_p->name, client_p->certfp); | |
1303 | ilog(L_SERVER, "Access denied, invalid certificate fingerprint %s from %s", | |
1304 | client_p->certfp, log_client_name(client_p, SHOW_IP)); | |
1305 | ||
1306 | exit_client(client_p, client_p, &me, "Invalid fingerprint."); | |
1307 | return; | |
1308 | } | |
1309 | ||
1310 | /* Next, send the initial handshake */ | |
1311 | SetHandshake(client_p); | |
1312 | ||
1313 | /* the server may be linking based on certificate fingerprint now. --nenolod */ | |
1314 | sendto_one(client_p, "PASS %s TS %d :%s", | |
1315 | EmptyString(server_p->spasswd) ? "*" : server_p->spasswd, TS_CURRENT, me.id); | |
1316 | ||
1317 | /* pass my info to the new server */ | |
1318 | send_capabilities(client_p, default_server_capabs | CAP_MASK | |
1319 | | (ServerConfTb(server_p) ? CAP_TB : 0)); | |
1320 | ||
1321 | sendto_one(client_p, "SERVER %s 1 :%s%s", | |
1322 | me.name, | |
1323 | ConfigServerHide.hidden ? "(H) " : "", me.info); | |
1324 | ||
1325 | /* | |
1326 | * If we've been marked dead because a send failed, just exit | |
1327 | * here now and save everyone the trouble of us ever existing. | |
1328 | */ | |
1329 | if(IsAnyDead(client_p)) | |
1330 | { | |
1331 | sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, | |
1332 | "%s went dead during handshake", client_p->name); | |
1333 | exit_client(client_p, client_p, &me, "Went dead during handshake"); | |
1334 | return; | |
1335 | } | |
1336 | ||
1337 | /* don't move to serv_list yet -- we haven't sent a burst! */ | |
1338 | ||
1339 | /* If we get here, we're ok, so lets start reading some data */ | |
1340 | read_packet(F, client_p); | |
1341 | } |