]> jfr.im git - solanum.git/blob - ircd/s_serv.c
projects / solanum.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
strcpy: mass-migrate to strlcpy where appropriate
[solanum.git] / ircd / s_serv.c
1 /*
2 * ircd-ratbox: A slightly useful ircd.
3 * s_serv.c: Server related functions.
4 *
5 * Copyright (C) 1990 Jarkko Oikarinen and University of Oulu, Co Center
6 * Copyright (C) 1996-2002 Hybrid Development Team
7 * Copyright (C) 2002-2005 ircd-ratbox development team
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
22 * USA
23 */
24
25 #include "stdinc.h"
26
27 #ifdef HAVE_LIBCRYPTO
28 #include <openssl/rsa.h>
29 #endif
30
31 #include "s_serv.h"
32 #include "class.h"
33 #include "client.h"
34 #include "hash.h"
35 #include "match.h"
36 #include "ircd.h"
37 #include "ircd_defs.h"
38 #include "numeric.h"
39 #include "packet.h"
40 #include "s_conf.h"
41 #include "s_newconf.h"
42 #include "logger.h"
43 #include "s_stats.h"
44 #include "s_user.h"
45 #include "scache.h"
46 #include "send.h"
47 #include "client.h"
48 #include "channel.h" /* chcap_usage_counts stuff... */
49 #include "hook.h"
50 #include "msg.h"
51 #include "reject.h"
52 #include "sslproc.h"
53 #include "capability.h"
54 #include "s_assert.h"
55
56 int MaxConnectionCount = 1;
57 int MaxClientCount = 1;
58 int refresh_user_links = 0;
59
60 static char buf[BUFSIZE];
61
62 /*
63 * list of recognized server capabilities. "TS" is not on the list
64 * because all servers that we talk to already do TS, and the kludged
65 * extra argument to "PASS" takes care of checking that. -orabidoo
66 */
67 struct CapabilityIndex *serv_capindex = NULL;
68 struct CapabilityIndex *cli_capindex = NULL;
69
70 unsigned int CAP_CAP;
71 unsigned int CAP_QS;
72 unsigned int CAP_EX;
73 unsigned int CAP_CHW;
74 unsigned int CAP_IE;
75 unsigned int CAP_KLN;
76 unsigned int CAP_ZIP;
77 unsigned int CAP_KNOCK;
78 unsigned int CAP_TB;
79 unsigned int CAP_UNKLN;
80 unsigned int CAP_CLUSTER;
81 unsigned int CAP_ENCAP;
82 unsigned int CAP_TS6;
83 unsigned int CAP_SERVICE;
84 unsigned int CAP_RSFNC;
85 unsigned int CAP_SAVE;
86 unsigned int CAP_EUID;
87 unsigned int CAP_EOPMOD;
88 unsigned int CAP_BAN;
89 unsigned int CAP_MLOCK;
90
91 unsigned int CLICAP_MULTI_PREFIX;
92 unsigned int CLICAP_ACCOUNT_NOTIFY;
93 unsigned int CLICAP_EXTENDED_JOIN;
94 unsigned int CLICAP_AWAY_NOTIFY;
95 unsigned int CLICAP_USERHOST_IN_NAMES;
96 unsigned int CLICAP_CAP_NOTIFY;
97 unsigned int CLICAP_CHGHOST;
98 unsigned int CLICAP_ECHO_MESSAGE;
99
100 /*
101 * initialize our builtin capability table. --nenolod
102 */
103 void
104 init_builtin_capabs(void)
105 {
106 serv_capindex = capability_index_create("server capabilities");
107
108 /* These two are not set via CAPAB/GCAP keywords. */
109 CAP_CAP = capability_put_anonymous(serv_capindex);
110 CAP_TS6 = capability_put_anonymous(serv_capindex);
111
112 CAP_QS = capability_put(serv_capindex, "QS", NULL);
113 CAP_EX = capability_put(serv_capindex, "EX", NULL);
114 CAP_CHW = capability_put(serv_capindex, "CHW", NULL);
115 CAP_IE = capability_put(serv_capindex, "IE", NULL);
116 CAP_KLN = capability_put(serv_capindex, "KLN", NULL);
117 CAP_KNOCK = capability_put(serv_capindex, "KNOCK", NULL);
118 CAP_ZIP = capability_put(serv_capindex, "ZIP", NULL);
119 CAP_TB = capability_put(serv_capindex, "TB", NULL);
120 CAP_UNKLN = capability_put(serv_capindex, "UNKLN", NULL);
121 CAP_CLUSTER = capability_put(serv_capindex, "CLUSTER", NULL);
122 CAP_ENCAP = capability_put(serv_capindex, "ENCAP", NULL);
123 CAP_SERVICE = capability_put(serv_capindex, "SERVICES", NULL);
124 CAP_RSFNC = capability_put(serv_capindex, "RSFNC", NULL);
125 CAP_SAVE = capability_put(serv_capindex, "SAVE", NULL);
126 CAP_EUID = capability_put(serv_capindex, "EUID", NULL);
127 CAP_EOPMOD = capability_put(serv_capindex, "EOPMOD", NULL);
128 CAP_BAN = capability_put(serv_capindex, "BAN", NULL);
129 CAP_MLOCK = capability_put(serv_capindex, "MLOCK", NULL);
130
131 capability_require(serv_capindex, "QS");
132 capability_require(serv_capindex, "EX");
133 capability_require(serv_capindex, "IE");
134 capability_require(serv_capindex, "ENCAP");
135
136 cli_capindex = capability_index_create("client capabilities");
137
138 CLICAP_MULTI_PREFIX = capability_put(cli_capindex, "multi-prefix", NULL);
139 CLICAP_ACCOUNT_NOTIFY = capability_put(cli_capindex, "account-notify", NULL);
140 CLICAP_EXTENDED_JOIN = capability_put(cli_capindex, "extended-join", NULL);
141 CLICAP_AWAY_NOTIFY = capability_put(cli_capindex, "away-notify", NULL);
142 CLICAP_USERHOST_IN_NAMES = capability_put(cli_capindex, "userhost-in-names", NULL);
143 CLICAP_CAP_NOTIFY = capability_put(cli_capindex, "cap-notify", NULL);
144 CLICAP_CHGHOST = capability_put(cli_capindex, "chghost", NULL);
145 CLICAP_ECHO_MESSAGE = capability_put(cli_capindex, "echo-message", NULL);
146 }
147
148 static CNCB serv_connect_callback;
149 static CNCB serv_connect_ssl_callback;
150 static SSL_OPEN_CB serv_connect_ssl_open_callback;
151
152 /*
153 * hunt_server - Do the basic thing in delivering the message (command)
154 * across the relays to the specific server (server) for
155 * actions.
156 *
157 * Note: The command is a format string and *MUST* be
158 * of prefixed style (e.g. ":%s COMMAND %s ...").
159 * Command can have only max 8 parameters.
160 *
161 * server parv[server] is the parameter identifying the
162 * target server.
163 *
164 * *WARNING*
165 * parv[server] is replaced with the pointer to the
166 * real servername from the matched client (I'm lazy
167 * now --msa).
168 *
169 * returns: (see #defines)
170 */
171 int
172 hunt_server(struct Client *client_p, struct Client *source_p,
173 const char *command, int server, int parc, const char *parv[])
174 {
175 struct Client *target_p;
176 int wilds;
177 rb_dlink_node *ptr;
178 const char *old;
179 char *new;
180
181 /*
182 * Assume it's me, if no server
183 */
184 if(parc <= server || EmptyString(parv[server]) ||
185 match(parv[server], me.name) || (strcmp(parv[server], me.id) == 0))
186 return (HUNTED_ISME);
187
188 new = LOCAL_COPY(parv[server]);
189
190 /*
191 * These are to pickup matches that would cause the following
192 * message to go in the wrong direction while doing quick fast
193 * non-matching lookups.
194 */
195 if(MyClient(source_p))
196 target_p = find_named_client(new);
197 else
198 target_p = find_client(new);
199
200 if(target_p)
201 if(target_p->from == source_p->from && !MyConnect(target_p))
202 target_p = NULL;
203
204 collapse(new);
205 wilds = (strchr(new, '?') || strchr(new, '*'));
206
207 /*
208 * Again, if there are no wild cards involved in the server
209 * name, use the hash lookup
210 */
211 if(!target_p && wilds)
212 {
213 RB_DLINK_FOREACH(ptr, global_serv_list.head)
214 {
215 if(match(new, ((struct Client *) (ptr->data))->name))
216 {
217 target_p = ptr->data;
218 break;
219 }
220 }
221 }
222
223 if(target_p && !IsRegistered(target_p))
224 target_p = NULL;
225
226 if(target_p)
227 {
228 if(IsMe(target_p) || MyClient(target_p))
229 return HUNTED_ISME;
230
231 old = parv[server];
232 parv[server] = get_id(target_p, target_p);
233
234 sendto_one(target_p, command, get_id(source_p, target_p),
235 parv[1], parv[2], parv[3], parv[4], parv[5], parv[6], parv[7], parv[8]);
236 parv[server] = old;
237 return (HUNTED_PASS);
238 }
239
240 if(MyClient(source_p) || !IsDigit(parv[server][0]))
241 sendto_one_numeric(source_p, ERR_NOSUCHSERVER,
242 form_str(ERR_NOSUCHSERVER), parv[server]);
243 return (HUNTED_NOSUCH);
244 }
245
246 /*
247 * try_connections - scan through configuration and try new connections.
248 * Returns the calendar time when the next call to this
249 * function should be made latest. (No harm done if this
250 * is called earlier or later...)
251 */
252 void
253 try_connections(void *unused)
254 {
255 struct Client *client_p;
256 struct server_conf *server_p = NULL;
257 struct server_conf *tmp_p;
258 struct Class *cltmp;
259 rb_dlink_node *ptr;
260 bool connecting = false;
261 int confrq = 0;
262 time_t next = 0;
263
264 RB_DLINK_FOREACH(ptr, server_conf_list.head)
265 {
266 tmp_p = ptr->data;
267
268 if(ServerConfIllegal(tmp_p) || !ServerConfAutoconn(tmp_p))
269 continue;
270
271 /* don't allow ssl connections if ssl isn't setup */
272 if(ServerConfSSL(tmp_p) && (!ircd_ssl_ok || !get_ssld_count()))
273 continue;
274
275 cltmp = tmp_p->class;
276
277 /*
278 * Skip this entry if the use of it is still on hold until
279 * future. Otherwise handle this entry (and set it on hold
280 * until next time). Will reset only hold times, if already
281 * made one successfull connection... [this algorithm is
282 * a bit fuzzy... -- msa >;) ]
283 */
284 if(tmp_p->hold > rb_current_time())
285 {
286 if(next > tmp_p->hold || next == 0)
287 next = tmp_p->hold;
288 continue;
289 }
290
291 confrq = get_con_freq(cltmp);
292 tmp_p->hold = rb_current_time() + confrq;
293
294 /*
295 * Found a CONNECT config with port specified, scan clients
296 * and see if this server is already connected?
297 */
298 client_p = find_server(NULL, tmp_p->name);
299
300 if(!client_p && (CurrUsers(cltmp) < MaxUsers(cltmp)) && !connecting)
301 {
302 server_p = tmp_p;
303
304 /* We connect only one at time... */
305 connecting = true;
306 }
307
308 if((next > tmp_p->hold) || (next == 0))
309 next = tmp_p->hold;
310 }
311
312 /* TODO: change this to set active flag to 0 when added to event! --Habeeb */
313 if(GlobalSetOptions.autoconn == 0)
314 return;
315
316 if(!connecting)
317 return;
318
319 /* move this connect entry to end.. */
320 rb_dlinkDelete(&server_p->node, &server_conf_list);
321 rb_dlinkAddTail(server_p, &server_p->node, &server_conf_list);
322
323 /*
324 * We used to only print this if serv_connect() actually
325 * suceeded, but since rb_tcp_connect() can call the callback
326 * immediately if there is an error, we were getting error messages
327 * in the wrong order. SO, we just print out the activated line,
328 * and let serv_connect() / serv_connect_callback() print an
329 * error afterwards if it fails.
330 * -- adrian
331 */
332 sendto_realops_snomask(SNO_GENERAL, L_ALL,
333 "Connection to %s activated",
334 server_p->name);
335
336 serv_connect(server_p, 0);
337 }
338
339 int
340 check_server(const char *name, struct Client *client_p)
341 {
342 struct server_conf *server_p = NULL;
343 struct server_conf *tmp_p;
344 rb_dlink_node *ptr;
345 int error = -1;
346 const char *encr;
347 bool name_matched = false;
348 bool host_matched = false;
349 bool certfp_failed = false;
350
351 s_assert(NULL != client_p);
352 if(client_p == NULL)
353 return error;
354
355 if(!(client_p->localClient->passwd))
356 return -2;
357
358 if(strlen(name) > HOSTLEN)
359 return -4;
360
361 RB_DLINK_FOREACH(ptr, server_conf_list.head)
362 {
363 struct rb_sockaddr_storage client_addr;
364
365 tmp_p = ptr->data;
366
367 if(ServerConfIllegal(tmp_p))
368 continue;
369
370 if(!match(tmp_p->name, name))
371 continue;
372
373 name_matched = true;
374
375 if(rb_inet_pton_sock(client_p->sockhost, (struct sockaddr *)&client_addr) <= 0)
376 SET_SS_FAMILY(&client_addr, AF_UNSPEC);
377
378 if((tmp_p->connect_host && match(tmp_p->connect_host, client_p->host))
379 || (GET_SS_FAMILY(&client_addr) == GET_SS_FAMILY(&tmp_p->connect4)
380 && comp_with_mask_sock((struct sockaddr *)&client_addr,
381 (struct sockaddr *)&tmp_p->connect4, 32))
382 #ifdef RB_IPV6
383 || (GET_SS_FAMILY(&client_addr) == GET_SS_FAMILY(&tmp_p->connect6)
384 && comp_with_mask_sock((struct sockaddr *)&client_addr,
385 (struct sockaddr *)&tmp_p->connect6, 128))
386 #endif
387 )
388 {
389 host_matched = true;
390
391 if(tmp_p->passwd)
392 {
393 if(ServerConfEncrypted(tmp_p))
394 {
395 encr = rb_crypt(client_p->localClient->passwd,
396 tmp_p->passwd);
397 if(encr != NULL && !strcmp(tmp_p->passwd, encr))
398 {
399 server_p = tmp_p;
400 break;
401 }
402 else
403 continue;
404 }
405 else if(strcmp(tmp_p->passwd, client_p->localClient->passwd))
406 continue;
407 }
408
409 if(tmp_p->certfp)
410 {
411 if(!client_p->certfp || rb_strcasecmp(tmp_p->certfp, client_p->certfp) != 0) {
412 certfp_failed = true;
413 continue;
414 }
415 }
416
417 server_p = tmp_p;
418 break;
419 }
420 }
421
422 if(server_p == NULL)
423 {
424 /* return the most specific error */
425 if(certfp_failed)
426 error = -6;
427 else if(host_matched)
428 error = -2;
429 else if(name_matched)
430 error = -3;
431
432 return error;
433 }
434
435 if(ServerConfSSL(server_p) && client_p->localClient->ssl_ctl == NULL)
436 {
437 return -5;
438 }
439
440 attach_server_conf(client_p, server_p);
441
442 /* clear ZIP/TB if they support but we dont want them */
443 #ifdef HAVE_LIBZ
444 if(!ServerConfCompressed(server_p))
445 #endif
446 ClearCap(client_p, CAP_ZIP);
447
448 if(!ServerConfTb(server_p))
449 ClearCap(client_p, CAP_TB);
450
451 return 0;
452 }
453
454 /*
455 * send_capabilities
456 *
457 * inputs - Client pointer to send to
458 * - int flag of capabilities that this server has
459 * output - NONE
460 * side effects - send the CAPAB line to a server -orabidoo
461 */
462 void
463 send_capabilities(struct Client *client_p, unsigned int cap_can_send)
464 {
465 sendto_one(client_p, "CAPAB :%s", capability_index_list(serv_capindex, cap_can_send));
466 }
467
468 static void
469 burst_ban(struct Client *client_p)
470 {
471 rb_dlink_node *ptr;
472 struct ConfItem *aconf;
473 const char *type, *oper;
474 /* +5 for !,@,{,} and null */
475 char operbuf[NICKLEN + USERLEN + HOSTLEN + HOSTLEN + 5];
476 char *p;
477 size_t melen;
478
479 melen = strlen(me.name);
480 RB_DLINK_FOREACH(ptr, prop_bans.head)
481 {
482 aconf = ptr->data;
483
484 /* Skip expired stuff. */
485 if(aconf->lifetime < rb_current_time())
486 continue;
487 switch(aconf->status & ~CONF_ILLEGAL)
488 {
489 case CONF_KILL: type = "K"; break;
490 case CONF_DLINE: type = "D"; break;
491 case CONF_XLINE: type = "X"; break;
492 case CONF_RESV_NICK: type = "R"; break;
493 case CONF_RESV_CHANNEL: type = "R"; break;
494 default:
495 continue;
496 }
497 oper = aconf->info.oper;
498 if(aconf->flags & CONF_FLAGS_MYOPER)
499 {
500 /* Our operator{} names may not be meaningful
501 * to other servers, so rewrite to our server
502 * name.
503 */
504 rb_strlcpy(operbuf, aconf->info.oper, sizeof buf);
505 p = strrchr(operbuf, '{');
506 if (p != NULL &&
507 operbuf + sizeof operbuf - p > (ptrdiff_t)(melen + 2))
508 {
509 memcpy(p + 1, me.name, melen);
510 p[melen + 1] = '}';
511 p[melen + 2] = '\0';
512 oper = operbuf;
513 }
514 }
515 sendto_one(client_p, ":%s BAN %s %s %s %lu %d %d %s :%s%s%s",
516 me.id,
517 type,
518 aconf->user ? aconf->user : "*", aconf->host,
519 (unsigned long)aconf->created,
520 (int)(aconf->hold - aconf->created),
521 (int)(aconf->lifetime - aconf->created),
522 oper,
523 aconf->passwd,
524 aconf->spasswd ? "|" : "",
525 aconf->spasswd ? aconf->spasswd : "");
526 }
527 }
528
529 /* burst_modes_TS6()
530 *
531 * input - client to burst to, channel name, list to burst, mode flag
532 * output -
533 * side effects - client is sent a list of +b, +e, or +I modes
534 */
535 static void
536 burst_modes_TS6(struct Client *client_p, struct Channel *chptr,
537 rb_dlink_list *list, char flag)
538 {
539 rb_dlink_node *ptr;
540 struct Ban *banptr;
541 char *t;
542 int tlen;
543 int mlen;
544 int cur_len;
545
546 cur_len = mlen = sprintf(buf, ":%s BMASK %ld %s %c :",
547 me.id, (long) chptr->channelts, chptr->chname, flag);
548 t = buf + mlen;
549
550 RB_DLINK_FOREACH(ptr, list->head)
551 {
552 banptr = ptr->data;
553
554 tlen = strlen(banptr->banstr) + (banptr->forward ? strlen(banptr->forward) + 1 : 0) + 1;
555
556 /* uh oh */
557 if(cur_len + tlen > BUFSIZE - 3)
558 {
559 /* the one we're trying to send doesnt fit at all! */
560 if(cur_len == mlen)
561 {
562 s_assert(0);
563 continue;
564 }
565
566 /* chop off trailing space and send.. */
567 *(t-1) = '\0';
568 sendto_one(client_p, "%s", buf);
569 cur_len = mlen;
570 t = buf + mlen;
571 }
572
573 if (banptr->forward)
574 sprintf(t, "%s$%s ", banptr->banstr, banptr->forward);
575 else
576 sprintf(t, "%s ", banptr->banstr);
577 t += tlen;
578 cur_len += tlen;
579 }
580
581 /* cant ever exit the loop above without having modified buf,
582 * chop off trailing space and send.
583 */
584 *(t-1) = '\0';
585 sendto_one(client_p, "%s", buf);
586 }
587
588 /*
589 * burst_TS6
590 *
591 * inputs - client (server) to send nick towards
592 * - client to send nick for
593 * output - NONE
594 * side effects - NICK message is sent towards given client_p
595 */
596 static void
597 burst_TS6(struct Client *client_p)
598 {
599 char ubuf[BUFSIZE];
600 struct Client *target_p;
601 struct Channel *chptr;
602 struct membership *msptr;
603 hook_data_client hclientinfo;
604 hook_data_channel hchaninfo;
605 rb_dlink_node *ptr;
606 rb_dlink_node *uptr;
607 char *t;
608 int tlen, mlen;
609 int cur_len = 0;
610
611 hclientinfo.client = hchaninfo.client = client_p;
612
613 RB_DLINK_FOREACH(ptr, global_client_list.head)
614 {
615 target_p = ptr->data;
616
617 if(!IsPerson(target_p))
618 continue;
619
620 send_umode(NULL, target_p, 0, ubuf);
621 if(!*ubuf)
622 {
623 ubuf[0] = '+';
624 ubuf[1] = '\0';
625 }
626
627 if(IsCapable(client_p, CAP_EUID))
628 sendto_one(client_p, ":%s EUID %s %d %ld %s %s %s %s %s %s %s :%s",
629 target_p->servptr->id, target_p->name,
630 target_p->hopcount + 1,
631 (long) target_p->tsinfo, ubuf,
632 target_p->username, target_p->host,
633 IsIPSpoof(target_p) ? "0" : target_p->sockhost,
634 target_p->id,
635 IsDynSpoof(target_p) ? target_p->orighost : "*",
636 EmptyString(target_p->user->suser) ? "*" : target_p->user->suser,
637 target_p->info);
638 else
639 sendto_one(client_p, ":%s UID %s %d %ld %s %s %s %s %s :%s",
640 target_p->servptr->id, target_p->name,
641 target_p->hopcount + 1,
642 (long) target_p->tsinfo, ubuf,
643 target_p->username, target_p->host,
644 IsIPSpoof(target_p) ? "0" : target_p->sockhost,
645 target_p->id, target_p->info);
646
647 if(!EmptyString(target_p->certfp))
648 sendto_one(client_p, ":%s ENCAP * CERTFP :%s",
649 use_id(target_p), target_p->certfp);
650
651 if(!IsCapable(client_p, CAP_EUID))
652 {
653 if(IsDynSpoof(target_p))
654 sendto_one(client_p, ":%s ENCAP * REALHOST %s",
655 use_id(target_p), target_p->orighost);
656 if(!EmptyString(target_p->user->suser))
657 sendto_one(client_p, ":%s ENCAP * LOGIN %s",
658 use_id(target_p), target_p->user->suser);
659 }
660
661 if(ConfigFileEntry.burst_away && !EmptyString(target_p->user->away))
662 sendto_one(client_p, ":%s AWAY :%s",
663 use_id(target_p),
664 target_p->user->away);
665
666 hclientinfo.target = target_p;
667 call_hook(h_burst_client, &hclientinfo);
668 }
669
670 RB_DLINK_FOREACH(ptr, global_channel_list.head)
671 {
672 chptr = ptr->data;
673
674 if(*chptr->chname != '#')
675 continue;
676
677 cur_len = mlen = sprintf(buf, ":%s SJOIN %ld %s %s :", me.id,
678 (long) chptr->channelts, chptr->chname,
679 channel_modes(chptr, client_p));
680
681 t = buf + mlen;
682
683 RB_DLINK_FOREACH(uptr, chptr->members.head)
684 {
685 msptr = uptr->data;
686
687 tlen = strlen(use_id(msptr->client_p)) + 1;
688 if(is_chanop(msptr))
689 tlen++;
690 if(is_voiced(msptr))
691 tlen++;
692
693 if(cur_len + tlen >= BUFSIZE - 3)
694 {
695 *(t-1) = '\0';
696 sendto_one(client_p, "%s", buf);
697 cur_len = mlen;
698 t = buf + mlen;
699 }
700
701 sprintf(t, "%s%s ", find_channel_status(msptr, 1),
702 use_id(msptr->client_p));
703
704 cur_len += tlen;
705 t += tlen;
706 }
707
708 if (rb_dlink_list_length(&chptr->members) > 0)
709 {
710 /* remove trailing space */
711 *(t-1) = '\0';
712 }
713 sendto_one(client_p, "%s", buf);
714
715 if(rb_dlink_list_length(&chptr->banlist) > 0)
716 burst_modes_TS6(client_p, chptr, &chptr->banlist, 'b');
717
718 if(IsCapable(client_p, CAP_EX) &&
719 rb_dlink_list_length(&chptr->exceptlist) > 0)
720 burst_modes_TS6(client_p, chptr, &chptr->exceptlist, 'e');
721
722 if(IsCapable(client_p, CAP_IE) &&
723 rb_dlink_list_length(&chptr->invexlist) > 0)
724 burst_modes_TS6(client_p, chptr, &chptr->invexlist, 'I');
725
726 if(rb_dlink_list_length(&chptr->quietlist) > 0)
727 burst_modes_TS6(client_p, chptr, &chptr->quietlist, 'q');
728
729 if(IsCapable(client_p, CAP_TB) && chptr->topic != NULL)
730 sendto_one(client_p, ":%s TB %s %ld %s%s:%s",
731 me.id, chptr->chname, (long) chptr->topic_time,
732 ConfigChannel.burst_topicwho ? chptr->topic_info : "",
733 ConfigChannel.burst_topicwho ? " " : "",
734 chptr->topic);
735
736 if(IsCapable(client_p, CAP_MLOCK))
737 sendto_one(client_p, ":%s MLOCK %ld %s :%s",
738 me.id, (long) chptr->channelts, chptr->chname,
739 EmptyString(chptr->mode_lock) ? "" : chptr->mode_lock);
740
741 hchaninfo.chptr = chptr;
742 call_hook(h_burst_channel, &hchaninfo);
743 }
744
745 hclientinfo.target = NULL;
746 call_hook(h_burst_finished, &hclientinfo);
747 }
748
749 /*
750 * show_capabilities - show current server capabilities
751 *
752 * inputs - pointer to an struct Client
753 * output - pointer to static string
754 * side effects - build up string representing capabilities of server listed
755 */
756 const char *
757 show_capabilities(struct Client *target_p)
758 {
759 static char msgbuf[BUFSIZE];
760
761 *msgbuf = '\0';
762
763 if(has_id(target_p))
764 rb_strlcpy(msgbuf, " TS6", sizeof(msgbuf));
765
766 if(IsSSL(target_p))
767 rb_strlcat(msgbuf, " SSL", sizeof(msgbuf));
768
769 if(!IsServer(target_p) || !target_p->serv->caps) /* short circuit if no caps */
770 return msgbuf + 1;
771
772 rb_strlcat(msgbuf, " ", sizeof(msgbuf));
773 rb_strlcat(msgbuf, capability_index_list(serv_capindex, target_p->serv->caps), sizeof(msgbuf));
774
775 return msgbuf + 1;
776 }
777
778 /*
779 * server_estab
780 *
781 * inputs - pointer to a struct Client
782 * output -
783 * side effects -
784 */
785 int
786 server_estab(struct Client *client_p)
787 {
788 struct Client *target_p;
789 struct server_conf *server_p;
790 hook_data_client hdata;
791 char *host;
792 rb_dlink_node *ptr;
793 char note[HOSTLEN + 15];
794
795 s_assert(NULL != client_p);
796 if(client_p == NULL)
797 return -1;
798
799 host = client_p->name;
800
801 if((server_p = client_p->localClient->att_sconf) == NULL)
802 {
803 /* This shouldn't happen, better tell the ops... -A1kmm */
804 sendto_realops_snomask(SNO_GENERAL, is_remote_connect(client_p) ? L_NETWIDE : L_ALL,
805 "Warning: Lost connect{} block for server %s!", host);
806 return exit_client(client_p, client_p, client_p, "Lost connect{} block!");
807 }
808
809 /* We shouldn't have to check this, it should already done before
810 * server_estab is called. -A1kmm
811 */
812 if(client_p->localClient->passwd)
813 {
814 memset(client_p->localClient->passwd, 0, strlen(client_p->localClient->passwd));
815 rb_free(client_p->localClient->passwd);
816 client_p->localClient->passwd = NULL;
817 }
818
819 /* Its got identd , since its a server */
820 SetGotId(client_p);
821
822 if(IsUnknown(client_p))
823 {
824 /* the server may be linking based on certificate fingerprint now. --nenolod */
825 sendto_one(client_p, "PASS %s TS %d :%s",
826 EmptyString(server_p->spasswd) ? "*" : server_p->spasswd, TS_CURRENT, me.id);
827
828 /* pass info to new server */
829 send_capabilities(client_p, default_server_capabs
830 | (ServerConfCompressed(server_p) ? CAP_ZIP_SUPPORTED : 0)
831 | (ServerConfTb(server_p) ? CAP_TB : 0));
832
833 sendto_one(client_p, "SERVER %s 1 :%s%s",
834 me.name,
835 ConfigServerHide.hidden ? "(H) " : "",
836 (me.info[0]) ? (me.info) : "IRCers United");
837 }
838
839 if(!rb_set_buffers(client_p->localClient->F, READBUF_SIZE))
840 ilog_error("rb_set_buffers failed for server");
841
842 /* Enable compression now */
843 if(IsCapable(client_p, CAP_ZIP))
844 {
845 start_zlib_session(client_p);
846 }
847 sendto_one(client_p, "SVINFO %d %d 0 :%ld", TS_CURRENT, TS_MIN, (long int)rb_current_time());
848
849 client_p->servptr = &me;
850
851 if(IsAnyDead(client_p))
852 return CLIENT_EXITED;
853
854 SetServer(client_p);
855
856 rb_dlinkAdd(client_p, &client_p->lnode, &me.serv->servers);
857 rb_dlinkMoveNode(&client_p->localClient->tnode, &unknown_list, &serv_list);
858 rb_dlinkAddTailAlloc(client_p, &global_serv_list);
859
860 if(has_id(client_p))
861 add_to_id_hash(client_p->id, client_p);
862
863 add_to_client_hash(client_p->name, client_p);
864 /* doesnt duplicate client_p->serv if allocated this struct already */
865 make_server(client_p);
866
867 client_p->serv->caps = client_p->localClient->caps;
868
869 if(client_p->localClient->fullcaps)
870 {
871 client_p->serv->fullcaps = rb_strdup(client_p->localClient->fullcaps);
872 rb_free(client_p->localClient->fullcaps);
873 client_p->localClient->fullcaps = NULL;
874 }
875
876 client_p->serv->nameinfo = scache_connect(client_p->name, client_p->info, IsHidden(client_p));
877 client_p->localClient->firsttime = rb_current_time();
878 /* fixing eob timings.. -gnp */
879
880 if((rb_dlink_list_length(&lclient_list) + rb_dlink_list_length(&serv_list)) >
881 (unsigned long)MaxConnectionCount)
882 MaxConnectionCount = rb_dlink_list_length(&lclient_list) +
883 rb_dlink_list_length(&serv_list);
884
885 /* Show the real host/IP to admins */
886 sendto_realops_snomask(SNO_GENERAL, L_ALL,
887 "Link with %s established: (%s) link",
888 client_p->name,
889 show_capabilities(client_p));
890
891 ilog(L_SERVER, "Link with %s established: (%s) link",
892 log_client_name(client_p, SHOW_IP), show_capabilities(client_p));
893
894 hdata.client = &me;
895 hdata.target = client_p;
896 call_hook(h_server_introduced, &hdata);
897
898 snprintf(note, sizeof(note), "Server: %s", client_p->name);
899 rb_note(client_p->localClient->F, note);
900
901 /*
902 ** Old sendto_serv_but_one() call removed because we now
903 ** need to send different names to different servers
904 ** (domain name matching) Send new server to other servers.
905 */
906 RB_DLINK_FOREACH(ptr, serv_list.head)
907 {
908 target_p = ptr->data;
909
910 if(target_p == client_p)
911 continue;
912
913 if(has_id(target_p) && has_id(client_p))
914 {
915 sendto_one(target_p, ":%s SID %s 2 %s :%s%s",
916 me.id, client_p->name, client_p->id,
917 IsHidden(client_p) ? "(H) " : "", client_p->info);
918
919 if(!EmptyString(client_p->serv->fullcaps))
920 sendto_one(target_p, ":%s ENCAP * GCAP :%s",
921 client_p->id, client_p->serv->fullcaps);
922 }
923 else
924 {
925 sendto_one(target_p, ":%s SERVER %s 2 :%s%s",
926 me.name, client_p->name,
927 IsHidden(client_p) ? "(H) " : "", client_p->info);
928
929 if(!EmptyString(client_p->serv->fullcaps))
930 sendto_one(target_p, ":%s ENCAP * GCAP :%s",
931 client_p->name, client_p->serv->fullcaps);
932 }
933 }
934
935 /*
936 ** Pass on my client information to the new server
937 **
938 ** First, pass only servers (idea is that if the link gets
939 ** cancelled beacause the server was already there,
940 ** there are no NICK's to be cancelled...). Of course,
941 ** if cancellation occurs, all this info is sent anyway,
942 ** and I guess the link dies when a read is attempted...? --msa
943 **
944 ** Note: Link cancellation to occur at this point means
945 ** that at least two servers from my fragment are building
946 ** up connection this other fragment at the same time, it's
947 ** a race condition, not the normal way of operation...
948 **
949 ** ALSO NOTE: using the get_client_name for server names--
950 ** see previous *WARNING*!!! (Also, original inpath
951 ** is destroyed...)
952 */
953 RB_DLINK_FOREACH(ptr, global_serv_list.head)
954 {
955 target_p = ptr->data;
956
957 /* target_p->from == target_p for target_p == client_p */
958 if(IsMe(target_p) || target_p->from == client_p)
959 continue;
960
961 /* presumption, if target has an id, so does its uplink */
962 if(has_id(client_p) && has_id(target_p))
963 sendto_one(client_p, ":%s SID %s %d %s :%s%s",
964 target_p->servptr->id, target_p->name,
965 target_p->hopcount + 1, target_p->id,
966 IsHidden(target_p) ? "(H) " : "", target_p->info);
967 else
968 sendto_one(client_p, ":%s SERVER %s %d :%s%s",
969 target_p->servptr->name,
970 target_p->name, target_p->hopcount + 1,
971 IsHidden(target_p) ? "(H) " : "", target_p->info);
972
973 if(!EmptyString(target_p->serv->fullcaps))
974 sendto_one(client_p, ":%s ENCAP * GCAP :%s",
975 get_id(target_p, client_p),
976 target_p->serv->fullcaps);
977 }
978
979 if(IsCapable(client_p, CAP_BAN))
980 burst_ban(client_p);
981
982 burst_TS6(client_p);
983
984 /* Always send a PING after connect burst is done */
985 sendto_one(client_p, "PING :%s", get_id(&me, client_p));
986
987 free_pre_client(client_p);
988
989 send_pop_queue(client_p);
990
991 return 0;
992 }
993
994 /*
995 * New server connection code
996 * Based upon the stuff floating about in s_bsd.c
997 * -- adrian
998 */
999
1000 /*
1001 * serv_connect() - initiate a server connection
1002 *
1003 * inputs - pointer to conf
1004 * - pointer to client doing the connet
1005 * output -
1006 * side effects -
1007 *
1008 * This code initiates a connection to a server. It first checks to make
1009 * sure the given server exists. If this is the case, it creates a socket,
1010 * creates a client, saves the socket information in the client, and
1011 * initiates a connection to the server through rb_connect_tcp(). The
1012 * completion of this goes through serv_completed_connection().
1013 *
1014 * We return 1 if the connection is attempted, since we don't know whether
1015 * it suceeded or not, and 0 if it fails in here somewhere.
1016 */
1017 int
1018 serv_connect(struct server_conf *server_p, struct Client *by)
1019 {
1020 struct Client *client_p;
1021 struct rb_sockaddr_storage sa_connect;
1022 struct rb_sockaddr_storage sa_bind;
1023 char note[HOSTLEN + 10];
1024 rb_fde_t *F;
1025
1026 s_assert(server_p != NULL);
1027 if(server_p == NULL)
1028 return 0;
1029
1030 #ifdef RB_IPV6
1031 if(server_p->aftype != AF_UNSPEC
1032 && GET_SS_FAMILY(&server_p->connect4) == AF_INET
1033 && GET_SS_FAMILY(&server_p->connect6) == AF_INET6)
1034 {
1035 if(rand() % 2 == 0)
1036 {
1037 sa_connect = server_p->connect4;
1038 sa_bind = server_p->bind4;
1039 }
1040 else
1041 {
1042 sa_connect = server_p->connect6;
1043 sa_bind = server_p->bind6;
1044 }
1045 }
1046 else if(server_p->aftype == AF_INET || GET_SS_FAMILY(&server_p->connect4) == AF_INET)
1047 #endif
1048 {
1049 sa_connect = server_p->connect4;
1050 sa_bind = server_p->bind4;
1051 }
1052 #ifdef RB_IPV6
1053 else if(server_p->aftype == AF_INET6 || GET_SS_FAMILY(&server_p->connect6) == AF_INET6)
1054 {
1055 sa_connect = server_p->connect6;
1056 sa_bind = server_p->bind6;
1057 }
1058 #endif
1059
1060 /* log */
1061 buf[0] = 0;
1062 rb_inet_ntop_sock((struct sockaddr *)&sa_connect, buf, sizeof(buf));
1063 ilog(L_SERVER, "Connect to *[%s] @%s", server_p->name, buf);
1064
1065 /*
1066 * Make sure this server isn't already connected
1067 */
1068 if((client_p = find_server(NULL, server_p->name)))
1069 {
1070 sendto_realops_snomask(SNO_GENERAL, L_ALL,
1071 "Server %s already present from %s",
1072 server_p->name, client_p->name);
1073 if(by && IsPerson(by) && !MyClient(by))
1074 sendto_one_notice(by, ":Server %s already present from %s",
1075 server_p->name, client_p->name);
1076 return 0;
1077 }
1078
1079 /* create a socket for the server connection */
1080 if(GET_SS_FAMILY(&sa_connect) == AF_UNSPEC)
1081 {
1082 ilog_error("unspecified socket address family");
1083 return 0;
1084 }
1085 else if((F = rb_socket(GET_SS_FAMILY(&sa_connect), SOCK_STREAM, 0, NULL)) == NULL)
1086 {
1087 ilog_error("opening a stream socket");
1088 return 0;
1089 }
1090
1091 /* servernames are always guaranteed under HOSTLEN chars */
1092 snprintf(note, sizeof(note), "Server: %s", server_p->name);
1093 rb_note(F, note);
1094
1095 /* Create a local client */
1096 client_p = make_client(NULL);
1097
1098 /* Copy in the server, hostname, fd */
1099 rb_strlcpy(client_p->name, server_p->name, sizeof(client_p->name));
1100 if(server_p->connect_host)
1101 rb_strlcpy(client_p->host, server_p->connect_host, sizeof(client_p->host));
1102 else
1103 rb_strlcpy(client_p->host, buf, sizeof(client_p->host));
1104 rb_strlcpy(client_p->sockhost, buf, sizeof(client_p->sockhost));
1105 client_p->localClient->F = F;
1106 /* shove the port number into the sockaddr */
1107 SET_SS_PORT(&sa_connect, htons(server_p->port));
1108
1109 /*
1110 * Set up the initial server evilness, ripped straight from
1111 * connect_server(), so don't blame me for it being evil.
1112 * -- adrian
1113 */
1114
1115 if(!rb_set_buffers(client_p->localClient->F, READBUF_SIZE))
1116 {
1117 ilog_error("setting the buffer size for a server connection");
1118 }
1119
1120 /*
1121 * Attach config entries to client here rather than in
1122 * serv_connect_callback(). This to avoid null pointer references.
1123 */
1124 attach_server_conf(client_p, server_p);
1125
1126 /*
1127 * at this point we have a connection in progress and C/N lines
1128 * attached to the client, the socket info should be saved in the
1129 * client and it should either be resolved or have a valid address.
1130 *
1131 * The socket has been connected or connect is in progress.
1132 */
1133 make_server(client_p);
1134 if(by && IsClient(by))
1135 rb_strlcpy(client_p->serv->by, by->name, sizeof(client_p->serv->by));
1136 else
1137 strcpy(client_p->serv->by, "AutoConn.");
1138
1139 SetConnecting(client_p);
1140 rb_dlinkAddTail(client_p, &client_p->node, &global_client_list);
1141
1142 if(GET_SS_FAMILY(&sa_bind) == AF_UNSPEC)
1143 {
1144 if(GET_SS_FAMILY(&sa_connect) == GET_SS_FAMILY(&ServerInfo.bind4))
1145 sa_bind = ServerInfo.bind4;
1146 #ifdef RB_IPV6
1147 if(GET_SS_FAMILY(&sa_connect) == GET_SS_FAMILY(&ServerInfo.bind6))
1148 sa_bind = ServerInfo.bind6;
1149 #endif
1150 }
1151
1152 rb_connect_tcp(client_p->localClient->F,
1153 (struct sockaddr *)&sa_connect,
1154 GET_SS_FAMILY(&sa_bind) == AF_UNSPEC ? NULL : (struct sockaddr *)&sa_bind,
1155 ServerConfSSL(server_p) ? serv_connect_ssl_callback : serv_connect_callback,
1156 client_p, ConfigFileEntry.connect_timeout);
1157 return 1;
1158 }
1159
1160 static void
1161 serv_connect_ssl_callback(rb_fde_t *F, int status, void *data)
1162 {
1163 struct Client *client_p = data;
1164 rb_fde_t *xF[2];
1165 rb_connect_sockaddr(F, (struct sockaddr *)&client_p->localClient->ip, sizeof(client_p->localClient->ip));
1166 if(status != RB_OK)
1167 {
1168 /* Print error message, just like non-SSL. */
1169 serv_connect_callback(F, status, data);
1170 return;
1171 }
1172 if(rb_socketpair(AF_UNIX, SOCK_STREAM, 0, &xF[0], &xF[1], "Outgoing ssld connection") == -1)
1173 {
1174 ilog_error("rb_socketpair failed for server");
1175 serv_connect_callback(F, RB_ERROR, data);
1176 return;
1177
1178 }
1179 client_p->localClient->F = xF[0];
1180 client_p->localClient->ssl_callback = serv_connect_ssl_open_callback;
1181
1182 client_p->localClient->ssl_ctl = start_ssld_connect(F, xF[1], connid_get(client_p));
1183 if(!client_p->localClient->ssl_ctl)
1184 {
1185 serv_connect_callback(client_p->localClient->F, RB_ERROR, data);
1186 return;
1187 }
1188 SetSSL(client_p);
1189 }
1190
1191 static int
1192 serv_connect_ssl_open_callback(struct Client *client_p, int status)
1193 {
1194 serv_connect_callback(client_p->localClient->F, status, client_p);
1195 return 1; /* suppress default exit_client handler for status != RB_OK */
1196 }
1197
1198 /*
1199 * serv_connect_callback() - complete a server connection.
1200 *
1201 * This routine is called after the server connection attempt has
1202 * completed. If unsucessful, an error is sent to ops and the client
1203 * is closed. If sucessful, it goes through the initialisation/check
1204 * procedures, the capabilities are sent, and the socket is then
1205 * marked for reading.
1206 */
1207 static void
1208 serv_connect_callback(rb_fde_t *F, int status, void *data)
1209 {
1210 struct Client *client_p = data;
1211 struct server_conf *server_p;
1212 char *errstr;
1213
1214 /* First, make sure its a real client! */
1215 s_assert(client_p != NULL);
1216 s_assert(client_p->localClient->F == F);
1217
1218 if(client_p == NULL)
1219 return;
1220
1221 /* while we were waiting for the callback, its possible this already
1222 * linked in.. --fl
1223 */
1224 if(find_server(NULL, client_p->name) != NULL)
1225 {
1226 exit_client(client_p, client_p, &me, "Server Exists");
1227 return;
1228 }
1229
1230 if(client_p->localClient->ssl_ctl == NULL)
1231 rb_connect_sockaddr(F, (struct sockaddr *)&client_p->localClient->ip, sizeof(client_p->localClient->ip));
1232
1233 /* Check the status */
1234 if(status != RB_OK)
1235 {
1236 /* COMM_ERR_TIMEOUT wont have an errno associated with it,
1237 * the others will.. --fl
1238 */
1239 if(status == RB_ERR_TIMEOUT || status == RB_ERROR_SSL)
1240 {
1241 sendto_realops_snomask(SNO_GENERAL, is_remote_connect(client_p) ? L_NETWIDE : L_ALL,
1242 "Error connecting to %s[%s]: %s",
1243 client_p->name,
1244 "255.255.255.255",
1245 rb_errstr(status));
1246 ilog(L_SERVER, "Error connecting to %s[%s]: %s",
1247 client_p->name, client_p->sockhost,
1248 rb_errstr(status));
1249 }
1250 else
1251 {
1252 errstr = strerror(rb_get_sockerr(F));
1253 sendto_realops_snomask(SNO_GENERAL, is_remote_connect(client_p) ? L_NETWIDE : L_ALL,
1254 "Error connecting to %s[%s]: %s (%s)",
1255 client_p->name,
1256 "255.255.255.255",
1257 rb_errstr(status), errstr);
1258 ilog(L_SERVER, "Error connecting to %s[%s]: %s (%s)",
1259 client_p->name, client_p->sockhost,
1260 rb_errstr(status), errstr);
1261 }
1262
1263 exit_client(client_p, client_p, &me, rb_errstr(status));
1264 return;
1265 }
1266
1267 /* COMM_OK, so continue the connection procedure */
1268 /* Get the C/N lines */
1269 if((server_p = client_p->localClient->att_sconf) == NULL)
1270 {
1271 sendto_realops_snomask(SNO_GENERAL, is_remote_connect(client_p) ? L_NETWIDE : L_ALL, "Lost connect{} block for %s",
1272 client_p->name);
1273 exit_client(client_p, client_p, &me, "Lost connect{} block");
1274 return;
1275 }
1276
1277 if(server_p->certfp && (!client_p->certfp || rb_strcasecmp(server_p->certfp, client_p->certfp) != 0))
1278 {
1279 sendto_realops_snomask(SNO_GENERAL, is_remote_connect(client_p) ? L_NETWIDE : L_ALL,
1280 "Connection to %s has invalid certificate fingerprint %s",
1281 client_p->name, client_p->certfp);
1282 ilog(L_SERVER, "Access denied, invalid certificate fingerprint %s from %s",
1283 client_p->certfp, log_client_name(client_p, SHOW_IP));
1284
1285 exit_client(client_p, client_p, &me, "Invalid fingerprint.");
1286 return;
1287 }
1288
1289 /* Next, send the initial handshake */
1290 SetHandshake(client_p);
1291
1292 /* the server may be linking based on certificate fingerprint now. --nenolod */
1293 sendto_one(client_p, "PASS %s TS %d :%s",
1294 EmptyString(server_p->spasswd) ? "*" : server_p->spasswd, TS_CURRENT, me.id);
1295
1296 /* pass my info to the new server */
1297 send_capabilities(client_p, default_server_capabs
1298 | (ServerConfCompressed(server_p) ? CAP_ZIP_SUPPORTED : 0)
1299 | (ServerConfTb(server_p) ? CAP_TB : 0));
1300
1301 sendto_one(client_p, "SERVER %s 1 :%s%s",
1302 me.name,
1303 ConfigServerHide.hidden ? "(H) " : "", me.info);
1304
1305 /*
1306 * If we've been marked dead because a send failed, just exit
1307 * here now and save everyone the trouble of us ever existing.
1308 */
1309 if(IsAnyDead(client_p))
1310 {
1311 sendto_realops_snomask(SNO_GENERAL, is_remote_connect(client_p) ? L_NETWIDE : L_ALL,
1312 "%s went dead during handshake", client_p->name);
1313 exit_client(client_p, client_p, &me, "Went dead during handshake");
1314 return;
1315 }
1316
1317 /* don't move to serv_list yet -- we haven't sent a burst! */
1318
1319 /* If we get here, we're ok, so lets start reading some data */
1320 read_packet(F, client_p);
1321 }
Fork of solanum ircd, history is rebased regularly