]> jfr.im git - solanum.git/blob - src/s_conf.c
projects / solanum.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Generate the "Temporary K-line %d min" part from aconf->hold - aconf->created.
[solanum.git] / src / s_conf.c
1 /*
2 * ircd-ratbox: A slightly useful ircd.
3 * s_conf.c: Configuration file functions.
4 *
5 * Copyright (C) 1990 Jarkko Oikarinen and University of Oulu, Co Center
6 * Copyright (C) 1996-2002 Hybrid Development Team
7 * Copyright (C) 2002-2005 ircd-ratbox development team
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
22 * USA
23 *
24 * $Id: s_conf.c 3550 2007-08-09 06:47:26Z nenolod $
25 */
26
27 #include "stdinc.h"
28 #include "ircd_defs.h"
29 #include "s_conf.h"
30 #include "s_newconf.h"
31 #include "newconf.h"
32 #include "s_serv.h"
33 #include "s_stats.h"
34 #include "channel.h"
35 #include "class.h"
36 #include "client.h"
37 #include "common.h"
38 #include "hash.h"
39 #include "match.h"
40 #include "ircd.h"
41 #include "listener.h"
42 #include "hostmask.h"
43 #include "modules.h"
44 #include "numeric.h"
45 #include "logger.h"
46 #include "send.h"
47 #include "reject.h"
48 #include "cache.h"
49 #include "blacklist.h"
50 #include "privilege.h"
51 #include "sslproc.h"
52 #include "bandbi.h"
53
54 struct config_server_hide ConfigServerHide;
55
56 extern int yyparse(void); /* defined in y.tab.c */
57 extern char linebuf[];
58
59 #ifndef INADDR_NONE
60 #define INADDR_NONE ((unsigned int) 0xffffffff)
61 #endif
62
63 static rb_bh *confitem_heap = NULL;
64
65 rb_dlink_list temp_klines[LAST_TEMP_TYPE];
66 rb_dlink_list temp_dlines[LAST_TEMP_TYPE];
67 rb_dlink_list service_list;
68
69 /* internally defined functions */
70 static void set_default_conf(void);
71 static void validate_conf(void);
72 static void read_conf(FILE *);
73 static void clear_out_old_conf(void);
74
75 static void expire_temp_kd(void *list);
76 static void reorganise_temp_kd(void *list);
77
78 FILE *conf_fbfile_in;
79 extern char yytext[];
80
81 static int verify_access(struct Client *client_p, const char *username);
82 static int attach_iline(struct Client *, struct ConfItem *);
83
84 void
85 init_s_conf(void)
86 {
87 confitem_heap = rb_bh_create(sizeof(struct ConfItem), CONFITEM_HEAP_SIZE, "confitem_heap");
88
89 rb_event_addish("expire_temp_klines", expire_temp_kd, &temp_klines[TEMP_MIN], 60);
90 rb_event_addish("expire_temp_dlines", expire_temp_kd, &temp_dlines[TEMP_MIN], 60);
91
92 rb_event_addish("expire_temp_klines_hour", reorganise_temp_kd,
93 &temp_klines[TEMP_HOUR], 3600);
94 rb_event_addish("expire_temp_dlines_hour", reorganise_temp_kd,
95 &temp_dlines[TEMP_HOUR], 3600);
96 rb_event_addish("expire_temp_klines_day", reorganise_temp_kd,
97 &temp_klines[TEMP_DAY], 86400);
98 rb_event_addish("expire_temp_dlines_day", reorganise_temp_kd,
99 &temp_dlines[TEMP_DAY], 86400);
100 rb_event_addish("expire_temp_klines_week", reorganise_temp_kd,
101 &temp_klines[TEMP_WEEK], 604800);
102 rb_event_addish("expire_temp_dlines_week", reorganise_temp_kd,
103 &temp_dlines[TEMP_WEEK], 604800);
104 }
105
106 /*
107 * make_conf
108 *
109 * inputs - none
110 * output - pointer to new conf entry
111 * side effects - none
112 */
113 struct ConfItem *
114 make_conf()
115 {
116 struct ConfItem *aconf;
117
118 aconf = rb_bh_alloc(confitem_heap);
119 aconf->status = CONF_ILLEGAL;
120 return (aconf);
121 }
122
123 /*
124 * free_conf
125 *
126 * inputs - pointer to conf to free
127 * output - none
128 * side effects - crucial password fields are zeroed, conf is freed
129 */
130 void
131 free_conf(struct ConfItem *aconf)
132 {
133 s_assert(aconf != NULL);
134 if(aconf == NULL)
135 return;
136
137 /* security.. */
138 if(aconf->passwd)
139 memset(aconf->passwd, 0, strlen(aconf->passwd));
140 if(aconf->spasswd)
141 memset(aconf->spasswd, 0, strlen(aconf->spasswd));
142
143 rb_free(aconf->passwd);
144 rb_free(aconf->spasswd);
145 rb_free(aconf->name);
146 rb_free(aconf->className);
147 rb_free(aconf->user);
148 rb_free(aconf->host);
149
150 rb_bh_free(confitem_heap, aconf);
151 }
152
153 /*
154 * check_client
155 *
156 * inputs - pointer to client
157 * output - 0 = Success
158 * NOT_AUTHORISED (-1) = Access denied (no I line match)
159 * SOCKET_ERROR (-2) = Bad socket.
160 * I_LINE_FULL (-3) = I-line is full
161 * TOO_MANY (-4) = Too many connections from hostname
162 * BANNED_CLIENT (-5) = K-lined
163 * side effects - Ordinary client access check.
164 * Look for conf lines which have the same
165 * status as the flags passed.
166 */
167 int
168 check_client(struct Client *client_p, struct Client *source_p, const char *username)
169 {
170 int i;
171
172 if((i = verify_access(source_p, username)))
173 {
174 ilog(L_FUSER, "Access denied: %s[%s]",
175 source_p->name, source_p->sockhost);
176 }
177
178 switch (i)
179 {
180 case SOCKET_ERROR:
181 exit_client(client_p, source_p, &me, "Socket Error");
182 break;
183
184 case TOO_MANY_LOCAL:
185 /* Note that these notices are sent to opers on other
186 * servers also, so even if local opers are allowed to
187 * see the IP, we still cannot send it.
188 */
189 sendto_realops_snomask(SNO_FULL, L_NETWIDE,
190 "Too many local connections for %s!%s%s@%s",
191 source_p->name, IsGotId(source_p) ? "" : "~",
192 source_p->username,
193 show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : source_p->host);
194
195 ilog(L_FUSER, "Too many local connections from %s!%s%s@%s",
196 source_p->name, IsGotId(source_p) ? "" : "~",
197 source_p->username, source_p->sockhost);
198
199 ServerStats.is_ref++;
200 exit_client(client_p, source_p, &me, "Too many host connections (local)");
201 break;
202
203 case TOO_MANY_GLOBAL:
204 sendto_realops_snomask(SNO_FULL, L_NETWIDE,
205 "Too many global connections for %s!%s%s@%s",
206 source_p->name, IsGotId(source_p) ? "" : "~",
207 source_p->username,
208 show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : source_p->host);
209 ilog(L_FUSER, "Too many global connections from %s!%s%s@%s",
210 source_p->name, IsGotId(source_p) ? "" : "~",
211 source_p->username, source_p->sockhost);
212
213 ServerStats.is_ref++;
214 exit_client(client_p, source_p, &me, "Too many host connections (global)");
215 break;
216
217 case TOO_MANY_IDENT:
218 sendto_realops_snomask(SNO_FULL, L_NETWIDE,
219 "Too many user connections for %s!%s%s@%s",
220 source_p->name, IsGotId(source_p) ? "" : "~",
221 source_p->username,
222 show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : source_p->host);
223 ilog(L_FUSER, "Too many user connections from %s!%s%s@%s",
224 source_p->name, IsGotId(source_p) ? "" : "~",
225 source_p->username, source_p->sockhost);
226
227 ServerStats.is_ref++;
228 exit_client(client_p, source_p, &me, "Too many user connections (global)");
229 break;
230
231 case I_LINE_FULL:
232 sendto_realops_snomask(SNO_FULL, L_NETWIDE,
233 "I-line is full for %s!%s%s@%s (%s).",
234 source_p->name, IsGotId(source_p) ? "" : "~",
235 source_p->username, source_p->host,
236 show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : "255.255.255.255");
237
238 ilog(L_FUSER, "Too many connections from %s!%s%s@%s.",
239 source_p->name, IsGotId(source_p) ? "" : "~",
240 source_p->username, source_p->sockhost);
241
242 ServerStats.is_ref++;
243 exit_client(client_p, source_p, &me,
244 "No more connections allowed in your connection class");
245 break;
246
247 case NOT_AUTHORISED:
248 {
249 int port = -1;
250 #ifdef RB_IPV6
251 if(source_p->localClient->ip.ss_family == AF_INET6)
252 port = ntohs(((struct sockaddr_in6 *)&source_p->localClient->listener->addr)->sin6_port);
253 else
254 #endif
255 port = ntohs(((struct sockaddr_in *)&source_p->localClient->listener->addr)->sin_port);
256
257 ServerStats.is_ref++;
258 /* jdc - lists server name & port connections are on */
259 /* a purely cosmetical change */
260 /* why ipaddr, and not just source_p->sockhost? --fl */
261 #if 0
262 static char ipaddr[HOSTIPLEN];
263 rb_inet_ntop_sock(&source_p->localClient->ip, ipaddr, sizeof(ipaddr));
264 #endif
265 sendto_realops_snomask(SNO_UNAUTH, L_ALL,
266 "Unauthorised client connection from "
267 "%s!%s%s@%s [%s] on [%s/%u].",
268 source_p->name, IsGotId(source_p) ? "" : "~",
269 source_p->username, source_p->host,
270 source_p->sockhost,
271 source_p->localClient->listener->name, port);
272
273 ilog(L_FUSER,
274 "Unauthorised client connection from %s!%s%s@%s on [%s/%u].",
275 source_p->name, IsGotId(source_p) ? "" : "~",
276 source_p->username, source_p->sockhost,
277 source_p->localClient->listener->name, port);
278 add_reject(client_p, NULL, NULL);
279 exit_client(client_p, source_p, &me,
280 "You are not authorised to use this server");
281 break;
282 }
283 case BANNED_CLIENT:
284 exit_client(client_p, client_p, &me, "*** Banned ");
285 ServerStats.is_ref++;
286 break;
287
288 case 0:
289 default:
290 break;
291 }
292 return (i);
293 }
294
295 /*
296 * verify_access
297 *
298 * inputs - pointer to client to verify
299 * - pointer to proposed username
300 * output - 0 if success -'ve if not
301 * side effect - find the first (best) I line to attach.
302 */
303 static int
304 verify_access(struct Client *client_p, const char *username)
305 {
306 struct ConfItem *aconf;
307 char non_ident[USERLEN + 1];
308
309 if(IsGotId(client_p))
310 {
311 aconf = find_address_conf(client_p->host, client_p->sockhost,
312 client_p->username, client_p->username,
313 (struct sockaddr *) &client_p->localClient->ip,
314 client_p->localClient->ip.ss_family,
315 client_p->localClient->auth_user);
316 }
317 else
318 {
319 rb_strlcpy(non_ident, "~", sizeof(non_ident));
320 rb_strlcat(non_ident, username, sizeof(non_ident));
321 aconf = find_address_conf(client_p->host, client_p->sockhost,
322 non_ident, client_p->username,
323 (struct sockaddr *) &client_p->localClient->ip,
324 client_p->localClient->ip.ss_family,
325 client_p->localClient->auth_user);
326 }
327
328 if(aconf == NULL)
329 return NOT_AUTHORISED;
330
331 if(aconf->status & CONF_CLIENT)
332 {
333 if(aconf->flags & CONF_FLAGS_REDIR)
334 {
335 sendto_one_numeric(client_p, RPL_REDIR, form_str(RPL_REDIR),
336 aconf->name ? aconf->name : "", aconf->port);
337 return (NOT_AUTHORISED);
338 }
339
340 /* Thanks for spoof idea amm */
341 if(IsConfDoSpoofIp(aconf))
342 {
343 char *p;
344
345 /* show_ip() depends on this --fl */
346 SetIPSpoof(client_p);
347
348 if(IsConfSpoofNotice(aconf))
349 {
350 sendto_realops_snomask(SNO_GENERAL, L_ALL,
351 "%s spoofing: %s as %s",
352 client_p->name,
353 show_ip(NULL, client_p) ? client_p->host : aconf->name,
354 aconf->name);
355 }
356
357 /* user@host spoof */
358 if((p = strchr(aconf->name, '@')) != NULL)
359 {
360 char *host = p+1;
361 *p = '\0';
362
363 rb_strlcpy(client_p->username, aconf->name,
364 sizeof(client_p->username));
365 rb_strlcpy(client_p->host, host,
366 sizeof(client_p->host));
367 *p = '@';
368 }
369 else
370 rb_strlcpy(client_p->host, aconf->name, sizeof(client_p->host));
371 }
372 return (attach_iline(client_p, aconf));
373 }
374 else if(aconf->status & CONF_KILL)
375 {
376 if(ConfigFileEntry.kline_with_reason)
377 sendto_one(client_p,
378 form_str(ERR_YOUREBANNEDCREEP),
379 me.name, client_p->name,
380 get_user_ban_reason(aconf));
381 add_reject(client_p, aconf->user, aconf->host);
382 return (BANNED_CLIENT);
383 }
384
385 return NOT_AUTHORISED;
386 }
387
388
389 /*
390 * add_ip_limit
391 *
392 * Returns 1 if successful 0 if not
393 *
394 * This checks if the user has exceed the limits for their class
395 * unless of course they are exempt..
396 */
397
398 static int
399 add_ip_limit(struct Client *client_p, struct ConfItem *aconf)
400 {
401 rb_patricia_node_t *pnode;
402 int bitlen;
403
404 /* If the limits are 0 don't do anything.. */
405 if(ConfCidrAmount(aconf) == 0
406 || (ConfCidrIpv4Bitlen(aconf) == 0 && ConfCidrIpv6Bitlen(aconf) == 0))
407 return -1;
408
409 pnode = rb_match_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip);
410
411 if(GET_SS_FAMILY(&client_p->localClient->ip) == AF_INET)
412 bitlen = ConfCidrIpv4Bitlen(aconf);
413 else
414 bitlen = ConfCidrIpv6Bitlen(aconf);
415
416 if(pnode == NULL)
417 pnode = make_and_lookup_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip, bitlen);
418
419 s_assert(pnode != NULL);
420
421 if(pnode != NULL)
422 {
423 if(((intptr_t)pnode->data) >= ConfCidrAmount(aconf) && !IsConfExemptLimits(aconf))
424 {
425 /* This should only happen if the limits are set to 0 */
426 if((intptr_t)pnode->data == 0)
427 {
428 rb_patricia_remove(ConfIpLimits(aconf), pnode);
429 }
430 return (0);
431 }
432
433 pnode->data = (void *)(((intptr_t)pnode->data) + 1);
434 }
435 return 1;
436 }
437
438 static void
439 remove_ip_limit(struct Client *client_p, struct ConfItem *aconf)
440 {
441 rb_patricia_node_t *pnode;
442
443 /* If the limits are 0 don't do anything.. */
444 if(ConfCidrAmount(aconf) == 0
445 || (ConfCidrIpv4Bitlen(aconf) == 0 && ConfCidrIpv6Bitlen(aconf) == 0))
446 return;
447
448 pnode = rb_match_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip);
449 if(pnode == NULL)
450 return;
451
452 pnode->data = (void *)(((intptr_t)pnode->data) - 1);
453 if(((intptr_t)pnode->data) == 0)
454 {
455 rb_patricia_remove(ConfIpLimits(aconf), pnode);
456 }
457
458 }
459
460 /*
461 * attach_iline
462 *
463 * inputs - client pointer
464 * - conf pointer
465 * output -
466 * side effects - do actual attach
467 */
468 static int
469 attach_iline(struct Client *client_p, struct ConfItem *aconf)
470 {
471 struct Client *target_p;
472 rb_dlink_node *ptr;
473 int local_count = 0;
474 int global_count = 0;
475 int ident_count = 0;
476 int unidented = 0;
477
478 if(IsConfExemptLimits(aconf))
479 return (attach_conf(client_p, aconf));
480
481 if(*client_p->username == '~')
482 unidented = 1;
483
484
485 /* find_hostname() returns the head of the list to search */
486 RB_DLINK_FOREACH(ptr, find_hostname(client_p->host))
487 {
488 target_p = ptr->data;
489
490 if(irccmp(client_p->host, target_p->orighost) != 0)
491 continue;
492
493 if(MyConnect(target_p))
494 local_count++;
495
496 global_count++;
497
498 if(unidented)
499 {
500 if(*target_p->username == '~')
501 ident_count++;
502 }
503 else if(irccmp(target_p->username, client_p->username) == 0)
504 ident_count++;
505
506 if(ConfMaxLocal(aconf) && local_count >= ConfMaxLocal(aconf))
507 return (TOO_MANY_LOCAL);
508 else if(ConfMaxGlobal(aconf) && global_count >= ConfMaxGlobal(aconf))
509 return (TOO_MANY_GLOBAL);
510 else if(ConfMaxIdent(aconf) && ident_count >= ConfMaxIdent(aconf))
511 return (TOO_MANY_IDENT);
512 }
513
514
515 return (attach_conf(client_p, aconf));
516 }
517
518 /*
519 * detach_conf
520 *
521 * inputs - pointer to client to detach
522 * output - 0 for success, -1 for failure
523 * side effects - Disassociate configuration from the client.
524 * Also removes a class from the list if marked for deleting.
525 */
526 int
527 detach_conf(struct Client *client_p)
528 {
529 struct ConfItem *aconf;
530
531 aconf = client_p->localClient->att_conf;
532
533 if(aconf != NULL)
534 {
535 if(ClassPtr(aconf))
536 {
537 remove_ip_limit(client_p, aconf);
538
539 if(ConfCurrUsers(aconf) > 0)
540 --ConfCurrUsers(aconf);
541
542 if(ConfMaxUsers(aconf) == -1 && ConfCurrUsers(aconf) == 0)
543 {
544 free_class(ClassPtr(aconf));
545 ClassPtr(aconf) = NULL;
546 }
547
548 }
549
550 aconf->clients--;
551 if(!aconf->clients && IsIllegal(aconf))
552 free_conf(aconf);
553
554 client_p->localClient->att_conf = NULL;
555 return 0;
556 }
557
558 return -1;
559 }
560
561 /*
562 * attach_conf
563 *
564 * inputs - client pointer
565 * - conf pointer
566 * output -
567 * side effects - Associate a specific configuration entry to a *local*
568 * client (this is the one which used in accepting the
569 * connection). Note, that this automatically changes the
570 * attachment if there was an old one...
571 */
572 int
573 attach_conf(struct Client *client_p, struct ConfItem *aconf)
574 {
575 if(IsIllegal(aconf))
576 return (NOT_AUTHORISED);
577
578 if(ClassPtr(aconf))
579 {
580 if(!add_ip_limit(client_p, aconf))
581 return (TOO_MANY_LOCAL);
582 }
583
584 if((aconf->status & CONF_CLIENT) &&
585 ConfCurrUsers(aconf) >= ConfMaxUsers(aconf) && ConfMaxUsers(aconf) > 0)
586 {
587 if(!IsConfExemptLimits(aconf))
588 {
589 return (I_LINE_FULL);
590 }
591 else
592 {
593 sendto_one_notice(client_p, ":*** I: line is full, but you have an >I: line!");
594 }
595
596 }
597
598 if(client_p->localClient->att_conf != NULL)
599 detach_conf(client_p);
600
601 client_p->localClient->att_conf = aconf;
602
603 aconf->clients++;
604 ConfCurrUsers(aconf)++;
605 return (0);
606 }
607
608 /*
609 * rehash
610 *
611 * Actual REHASH service routine. Called with sig == 0 if it has been called
612 * as a result of an operator issuing this command, else assume it has been
613 * called as a result of the server receiving a HUP signal.
614 */
615 int
616 rehash(int sig)
617 {
618 if(sig != 0)
619 {
620 sendto_realops_snomask(SNO_GENERAL, L_ALL,
621 "Got signal SIGHUP, reloading ircd conf. file");
622 }
623
624 restart_resolver();
625 /* don't close listeners until we know we can go ahead with the rehash */
626 read_conf_files(NO);
627
628 if(ServerInfo.description != NULL)
629 rb_strlcpy(me.info, ServerInfo.description, sizeof(me.info));
630 else
631 rb_strlcpy(me.info, "unknown", sizeof(me.info));
632
633 open_logfiles();
634 return (0);
635 }
636
637 void
638 rehash_bans(int sig)
639 {
640 bandb_rehash_bans();
641 }
642
643 /*
644 * set_default_conf()
645 *
646 * inputs - NONE
647 * output - NONE
648 * side effects - Set default values here.
649 * This is called **PRIOR** to parsing the
650 * configuration file. If you want to do some validation
651 * of values later, put them in validate_conf().
652 */
653
654 #define YES 1
655 #define NO 0
656 #define UNSET -1
657
658 static void
659 set_default_conf(void)
660 {
661 /* ServerInfo.name is not rehashable */
662 /* ServerInfo.name = ServerInfo.name; */
663 ServerInfo.description = NULL;
664 ServerInfo.network_name = rb_strdup(NETWORK_NAME_DEFAULT);
665 ServerInfo.network_desc = rb_strdup(NETWORK_DESC_DEFAULT);
666
667 memset(&ServerInfo.ip, 0, sizeof(ServerInfo.ip));
668 ServerInfo.specific_ipv4_vhost = 0;
669 #ifdef RB_IPV6
670 memset(&ServerInfo.ip6, 0, sizeof(ServerInfo.ip6));
671 ServerInfo.specific_ipv6_vhost = 0;
672 #endif
673
674 /* Don't reset hub, as that will break lazylinks */
675 /* ServerInfo.hub = NO; */
676 AdminInfo.name = NULL;
677 AdminInfo.email = NULL;
678 AdminInfo.description = NULL;
679
680 ConfigFileEntry.default_operstring = rb_strdup("is an IRC operator");
681 ConfigFileEntry.default_adminstring = rb_strdup("is a Server Administrator");
682 ConfigFileEntry.servicestring = rb_strdup("is a Network Service");
683
684 ConfigFileEntry.default_umodes = UMODE_INVISIBLE;
685 ConfigFileEntry.failed_oper_notice = YES;
686 ConfigFileEntry.anti_nick_flood = NO;
687 ConfigFileEntry.disable_fake_channels = NO;
688 ConfigFileEntry.max_nick_time = 20;
689 ConfigFileEntry.max_nick_changes = 5;
690 ConfigFileEntry.max_accept = 20;
691 ConfigFileEntry.max_monitor = 60;
692 ConfigFileEntry.nick_delay = 900; /* 15 minutes */
693 ConfigFileEntry.target_change = YES;
694 ConfigFileEntry.anti_spam_exit_message_time = 0;
695 ConfigFileEntry.ts_warn_delta = TS_WARN_DELTA_DEFAULT;
696 ConfigFileEntry.ts_max_delta = TS_MAX_DELTA_DEFAULT;
697 ConfigFileEntry.client_exit = YES;
698 ConfigFileEntry.dline_with_reason = YES;
699 ConfigFileEntry.kline_with_reason = YES;
700 ConfigFileEntry.kline_delay = 0;
701 ConfigFileEntry.warn_no_nline = YES;
702 ConfigFileEntry.non_redundant_klines = YES;
703 ConfigFileEntry.stats_e_disabled = NO;
704 ConfigFileEntry.stats_o_oper_only = NO;
705 ConfigFileEntry.stats_k_oper_only = 1; /* masked */
706 ConfigFileEntry.stats_i_oper_only = 1; /* masked */
707 ConfigFileEntry.stats_P_oper_only = NO;
708 ConfigFileEntry.stats_c_oper_only = NO;
709 ConfigFileEntry.stats_y_oper_only = NO;
710 ConfigFileEntry.stats_h_oper_only = NO;
711 ConfigFileEntry.map_oper_only = YES;
712 ConfigFileEntry.operspy_admin_only = NO;
713 ConfigFileEntry.pace_wait = 10;
714 ConfigFileEntry.caller_id_wait = 60;
715 ConfigFileEntry.pace_wait_simple = 1;
716 ConfigFileEntry.short_motd = NO;
717 ConfigFileEntry.no_oper_flood = NO;
718 ConfigFileEntry.fname_userlog = NULL;
719 ConfigFileEntry.fname_fuserlog = NULL;
720 ConfigFileEntry.fname_operlog = NULL;
721 ConfigFileEntry.fname_foperlog = NULL;
722 ConfigFileEntry.fname_serverlog = NULL;
723 ConfigFileEntry.fname_klinelog = NULL;
724 ConfigFileEntry.fname_operspylog = NULL;
725 ConfigFileEntry.fname_ioerrorlog = NULL;
726 ConfigFileEntry.use_egd = NO;
727 ConfigFileEntry.hide_spoof_ips = YES;
728 ConfigFileEntry.hide_error_messages = 1;
729 ConfigFileEntry.dots_in_ident = 0;
730 ConfigFileEntry.max_targets = MAX_TARGETS_DEFAULT;
731 ConfigFileEntry.egdpool_path = NULL;
732 ConfigFileEntry.use_whois_actually = YES;
733 ConfigFileEntry.burst_away = NO;
734 ConfigFileEntry.collision_fnc = YES;
735 ConfigFileEntry.global_snotices = YES;
736 ConfigFileEntry.operspy_dont_care_user_info = NO;
737
738 #ifdef HAVE_LIBZ
739 ConfigFileEntry.compression_level = 4;
740 #endif
741
742 ConfigFileEntry.oper_umodes = UMODE_LOCOPS | UMODE_SERVNOTICE |
743 UMODE_OPERWALL | UMODE_WALLOP;
744 ConfigFileEntry.oper_only_umodes = UMODE_SERVNOTICE;
745 ConfigFileEntry.oper_snomask = SNO_GENERAL;
746
747 ConfigChannel.use_except = YES;
748 ConfigChannel.use_invex = YES;
749 ConfigChannel.use_knock = YES;
750 ConfigChannel.use_forward = YES;
751 ConfigChannel.knock_delay = 300;
752 ConfigChannel.knock_delay_channel = 60;
753 ConfigChannel.max_chans_per_user = 15;
754 ConfigChannel.max_bans = 25;
755 ConfigChannel.max_bans_large = 500;
756 ConfigChannel.only_ascii_channels = NO;
757 ConfigChannel.burst_topicwho = NO;
758 ConfigChannel.kick_on_split_riding = NO;
759
760 ConfigChannel.default_split_user_count = 15000;
761 ConfigChannel.default_split_server_count = 10;
762 ConfigChannel.no_join_on_split = NO;
763 ConfigChannel.no_create_on_split = YES;
764 ConfigChannel.resv_forcepart = YES;
765
766 ConfigServerHide.flatten_links = 0;
767 ConfigServerHide.links_delay = 300;
768 ConfigServerHide.hidden = 0;
769 ConfigServerHide.disable_hidden = 0;
770
771 ConfigFileEntry.min_nonwildcard = 4;
772 ConfigFileEntry.min_nonwildcard_simple = 3;
773 ConfigFileEntry.default_floodcount = 8;
774 ConfigFileEntry.client_flood = CLIENT_FLOOD_DEFAULT;
775 ConfigFileEntry.tkline_expire_notices = 0;
776
777 ConfigFileEntry.reject_after_count = 5;
778 ConfigFileEntry.reject_ban_time = 300;
779 ConfigFileEntry.reject_duration = 120;
780 ConfigFileEntry.throttle_count = 4;
781 ConfigFileEntry.throttle_duration = 60;
782
783 ServerInfo.default_max_clients = MAXCONNECTIONS;
784
785 if (!alias_dict)
786 alias_dict = irc_dictionary_create(strcasecmp);
787 }
788
789 #undef YES
790 #undef NO
791
792 /*
793 * read_conf()
794 *
795 *
796 * inputs - file descriptor pointing to config file to use
797 * output - None
798 * side effects - Read configuration file.
799 */
800 static void
801 read_conf(FILE * file)
802 {
803 lineno = 0;
804
805 set_default_conf(); /* Set default values prior to conf parsing */
806 yyparse(); /* Load the values from the conf */
807 validate_conf(); /* Check to make sure some values are still okay. */
808 /* Some global values are also loaded here. */
809 check_class(); /* Make sure classes are valid */
810 privilegeset_delete_all_illegal();
811 }
812
813 static void
814 validate_conf(void)
815 {
816 if(ConfigFileEntry.ts_warn_delta < TS_WARN_DELTA_MIN)
817 ConfigFileEntry.ts_warn_delta = TS_WARN_DELTA_DEFAULT;
818
819 if(ConfigFileEntry.ts_max_delta < TS_MAX_DELTA_MIN)
820 ConfigFileEntry.ts_max_delta = TS_MAX_DELTA_DEFAULT;
821
822 if(ServerInfo.network_name == NULL)
823 ServerInfo.network_name = rb_strdup(NETWORK_NAME_DEFAULT);
824
825 if(ServerInfo.network_desc == NULL)
826 ServerInfo.network_desc = rb_strdup(NETWORK_DESC_DEFAULT);
827
828 if(ServerInfo.ssld_count < 1)
829 ServerInfo.ssld_count = 1;
830
831 if(!rb_setup_ssl_server(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params))
832 {
833 ilog(L_MAIN, "WARNING: Unable to setup SSL.");
834 ssl_ok = 0;
835 } else {
836 ssl_ok = 1;
837 send_new_ssl_certs(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params);
838 }
839
840 if(ServerInfo.ssld_count > get_ssld_count())
841 {
842 int start = ServerInfo.ssld_count - get_ssld_count();
843 /* start up additional ssld if needed */
844 start_ssldaemon(start, ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params);
845
846 }
847
848 if((ConfigFileEntry.client_flood < CLIENT_FLOOD_MIN) ||
849 (ConfigFileEntry.client_flood > CLIENT_FLOOD_MAX))
850 ConfigFileEntry.client_flood = CLIENT_FLOOD_MAX;
851
852 if(!split_users || !split_servers ||
853 (!ConfigChannel.no_create_on_split && !ConfigChannel.no_join_on_split))
854 {
855 rb_event_delete(check_splitmode_ev);
856 check_splitmode_ev = NULL;
857 splitmode = 0;
858 splitchecking = 0;
859 }
860 }
861
862 /* add_temp_kline()
863 *
864 * inputs - pointer to struct ConfItem
865 * output - none
866 * Side effects - links in given struct ConfItem into
867 * temporary kline link list
868 */
869 void
870 add_temp_kline(struct ConfItem *aconf)
871 {
872 if(aconf->hold >= rb_current_time() + (10080 * 60))
873 {
874 rb_dlinkAddAlloc(aconf, &temp_klines[TEMP_WEEK]);
875 aconf->port = TEMP_WEEK;
876 }
877 else if(aconf->hold >= rb_current_time() + (1440 * 60))
878 {
879 rb_dlinkAddAlloc(aconf, &temp_klines[TEMP_DAY]);
880 aconf->port = TEMP_DAY;
881 }
882 else if(aconf->hold >= rb_current_time() + (60 * 60))
883 {
884 rb_dlinkAddAlloc(aconf, &temp_klines[TEMP_HOUR]);
885 aconf->port = TEMP_HOUR;
886 }
887 else
888 {
889 rb_dlinkAddAlloc(aconf, &temp_klines[TEMP_MIN]);
890 aconf->port = TEMP_MIN;
891 }
892
893 aconf->flags |= CONF_FLAGS_TEMPORARY;
894 add_conf_by_address(aconf->host, CONF_KILL, aconf->user, NULL, aconf);
895 }
896
897 /* add_temp_dline()
898 *
899 * input - pointer to struct ConfItem
900 * output - none
901 * side effects - added to tdline link list and address hash
902 */
903 void
904 add_temp_dline(struct ConfItem *aconf)
905 {
906 if(aconf->hold >= rb_current_time() + (10080 * 60))
907 {
908 rb_dlinkAddAlloc(aconf, &temp_dlines[TEMP_WEEK]);
909 aconf->port = TEMP_WEEK;
910 }
911 else if(aconf->hold >= rb_current_time() + (1440 * 60))
912 {
913 rb_dlinkAddAlloc(aconf, &temp_dlines[TEMP_DAY]);
914 aconf->port = TEMP_DAY;
915 }
916 else if(aconf->hold >= rb_current_time() + (60 * 60))
917 {
918 rb_dlinkAddAlloc(aconf, &temp_dlines[TEMP_HOUR]);
919 aconf->port = TEMP_HOUR;
920 }
921 else
922 {
923 rb_dlinkAddAlloc(aconf, &temp_dlines[TEMP_MIN]);
924 aconf->port = TEMP_MIN;
925 }
926
927 aconf->flags |= CONF_FLAGS_TEMPORARY;
928 add_conf_by_address(aconf->host, CONF_DLINE, aconf->user, NULL, aconf);
929 }
930
931 /* expire_tkline()
932 *
933 * inputs - list pointer
934 * - type
935 * output - NONE
936 * side effects - expire tklines and moves them between lists
937 */
938 static void
939 expire_temp_kd(void *list)
940 {
941 rb_dlink_node *ptr;
942 rb_dlink_node *next_ptr;
943 struct ConfItem *aconf;
944
945 RB_DLINK_FOREACH_SAFE(ptr, next_ptr, ((rb_dlink_list *) list)->head)
946 {
947 aconf = ptr->data;
948
949 if(aconf->hold <= rb_current_time())
950 {
951 /* Alert opers that a TKline expired - Hwy */
952 if(ConfigFileEntry.tkline_expire_notices)
953 sendto_realops_snomask(SNO_GENERAL, L_ALL,
954 "Temporary K-line for [%s@%s] expired",
955 (aconf->user) ? aconf->
956 user : "*", (aconf->host) ? aconf->host : "*");
957
958 delete_one_address_conf(aconf->host, aconf);
959 rb_dlinkDestroy(ptr, list);
960 }
961 }
962 }
963
964 static void
965 reorganise_temp_kd(void *list)
966 {
967 struct ConfItem *aconf;
968 rb_dlink_node *ptr, *next_ptr;
969
970 RB_DLINK_FOREACH_SAFE(ptr, next_ptr, ((rb_dlink_list *) list)->head)
971 {
972 aconf = ptr->data;
973
974 if(aconf->hold < (rb_current_time() + (60 * 60)))
975 {
976 rb_dlinkMoveNode(ptr, list, (aconf->status == CONF_KILL) ?
977 &temp_klines[TEMP_MIN] : &temp_dlines[TEMP_MIN]);
978 aconf->port = TEMP_MIN;
979 }
980 else if(aconf->port > TEMP_HOUR)
981 {
982 if(aconf->hold < (rb_current_time() + (1440 * 60)))
983 {
984 rb_dlinkMoveNode(ptr, list, (aconf->status == CONF_KILL) ?
985 &temp_klines[TEMP_HOUR] : &temp_dlines[TEMP_HOUR]);
986 aconf->port = TEMP_HOUR;
987 }
988 else if(aconf->port > TEMP_DAY &&
989 (aconf->hold < (rb_current_time() + (10080 * 60))))
990 {
991 rb_dlinkMoveNode(ptr, list, (aconf->status == CONF_KILL) ?
992 &temp_klines[TEMP_DAY] : &temp_dlines[TEMP_DAY]);
993 aconf->port = TEMP_DAY;
994 }
995 }
996 }
997 }
998
999
1000 /* const char* get_oper_name(struct Client *client_p)
1001 * Input: A client to find the active oper{} name for.
1002 * Output: The nick!user@host{oper} of the oper.
1003 * "oper" is server name for remote opers
1004 * Side effects: None.
1005 */
1006 char *
1007 get_oper_name(struct Client *client_p)
1008 {
1009 /* +5 for !,@,{,} and null */
1010 static char buffer[NICKLEN + USERLEN + HOSTLEN + HOSTLEN + 5];
1011
1012 if(MyOper(client_p))
1013 {
1014 rb_snprintf(buffer, sizeof(buffer), "%s!%s@%s{%s}",
1015 client_p->name, client_p->username,
1016 client_p->host, client_p->localClient->opername);
1017 return buffer;
1018 }
1019
1020 rb_snprintf(buffer, sizeof(buffer), "%s!%s@%s{%s}",
1021 client_p->name, client_p->username,
1022 client_p->host, client_p->servptr->name);
1023 return buffer;
1024 }
1025
1026 /*
1027 * get_printable_conf
1028 *
1029 * inputs - struct ConfItem
1030 *
1031 * output - name
1032 * - host
1033 * - pass
1034 * - user
1035 * - port
1036 *
1037 * side effects -
1038 * Examine the struct struct ConfItem, setting the values
1039 * of name, host, pass, user to values either
1040 * in aconf, or "<NULL>" port is set to aconf->port in all cases.
1041 */
1042 void
1043 get_printable_conf(struct ConfItem *aconf, char **name, char **host,
1044 char **pass, char **user, int *port, char **classname)
1045 {
1046 static char null[] = "<NULL>";
1047 static char zero[] = "default";
1048
1049 *name = EmptyString(aconf->name) ? null : aconf->name;
1050 *host = EmptyString(aconf->host) ? null : aconf->host;
1051 *pass = EmptyString(aconf->passwd) ? null : aconf->passwd;
1052 *user = EmptyString(aconf->user) ? null : aconf->user;
1053 *classname = EmptyString(aconf->className) ? zero : aconf->className;
1054 *port = (int) aconf->port;
1055 }
1056
1057 char *
1058 get_user_ban_reason(struct ConfItem *aconf)
1059 {
1060 static char reasonbuf[BUFSIZE];
1061
1062 if (aconf->flags & CONF_FLAGS_TEMPORARY &&
1063 (aconf->status == CONF_KILL || aconf->status == CONF_DLINE))
1064 rb_snprintf(reasonbuf, sizeof reasonbuf,
1065 "Temporary %c-line %d min. - ",
1066 aconf->status == CONF_DLINE ? 'D' : 'K',
1067 (aconf->hold - aconf->created) / 60);
1068 else
1069 reasonbuf[0] = '\0';
1070 if (aconf->passwd)
1071 rb_strlcat(reasonbuf, aconf->passwd, sizeof reasonbuf);
1072 else
1073 rb_strlcat(reasonbuf, "No Reason", sizeof reasonbuf);
1074 if (aconf->created)
1075 {
1076 rb_strlcat(reasonbuf, " (", sizeof reasonbuf);
1077 rb_strlcat(reasonbuf, smalldate(aconf->created),
1078 sizeof reasonbuf);
1079 rb_strlcat(reasonbuf, ")", sizeof reasonbuf);
1080 }
1081 return reasonbuf;
1082 }
1083
1084 void
1085 get_printable_kline(struct Client *source_p, struct ConfItem *aconf,
1086 char **host, char **reason,
1087 char **user, char **oper_reason)
1088 {
1089 static char null[] = "<NULL>";
1090
1091 *host = EmptyString(aconf->host) ? null : aconf->host;
1092 *user = EmptyString(aconf->user) ? null : aconf->user;
1093 *reason = get_user_ban_reason(aconf);
1094
1095 if(EmptyString(aconf->spasswd) || !IsOper(source_p))
1096 *oper_reason = NULL;
1097 else
1098 *oper_reason = aconf->spasswd;
1099 }
1100
1101 /*
1102 * read_conf_files
1103 *
1104 * inputs - cold start YES or NO
1105 * output - none
1106 * side effects - read all conf files needed, ircd.conf kline.conf etc.
1107 */
1108 void
1109 read_conf_files(int cold)
1110 {
1111 const char *filename;
1112
1113 conf_fbfile_in = NULL;
1114
1115 filename = ConfigFileEntry.configfile;
1116
1117 /* We need to know the initial filename for the yyerror() to report
1118 FIXME: The full path is in conffilenamebuf first time since we
1119 dont know anything else
1120
1121 - Gozem 2002-07-21
1122 */
1123 rb_strlcpy(conffilebuf, filename, sizeof(conffilebuf));
1124
1125 if((conf_fbfile_in = fopen(filename, "r")) == NULL)
1126 {
1127 if(cold)
1128 {
1129 ilog(L_MAIN, "Failed in reading configuration file %s", filename);
1130 exit(-1);
1131 }
1132 else
1133 {
1134 sendto_realops_snomask(SNO_GENERAL, L_ALL,
1135 "Can't open file '%s' - aborting rehash!", filename);
1136 return;
1137 }
1138 }
1139
1140 if(!cold)
1141 {
1142 clear_out_old_conf();
1143 }
1144
1145 read_conf(conf_fbfile_in);
1146 fclose(conf_fbfile_in);
1147 }
1148
1149 /*
1150 * free an alias{} entry.
1151 */
1152 static void
1153 free_alias_cb(struct DictionaryElement *ptr, void *unused)
1154 {
1155 struct alias_entry *aptr = ptr->data;
1156
1157 rb_free(aptr->name);
1158 rb_free(aptr->target);
1159 rb_free(aptr);
1160 }
1161
1162 /*
1163 * clear_out_old_conf
1164 *
1165 * inputs - none
1166 * output - none
1167 * side effects - Clear out the old configuration
1168 */
1169 static void
1170 clear_out_old_conf(void)
1171 {
1172 struct Class *cltmp;
1173 rb_dlink_node *ptr;
1174 rb_dlink_node *next_ptr;
1175
1176 /*
1177 * don't delete the class table, rather mark all entries
1178 * for deletion. The table is cleaned up by check_class. - avalon
1179 */
1180 RB_DLINK_FOREACH(ptr, class_list.head)
1181 {
1182 cltmp = ptr->data;
1183 MaxUsers(cltmp) = -1;
1184 }
1185
1186 clear_out_address_conf();
1187 clear_s_newconf();
1188
1189 /* clean out module paths */
1190 #ifndef STATIC_MODULES
1191 mod_clear_paths();
1192 mod_add_path(MODULE_DIR);
1193 mod_add_path(MODULE_DIR "/autoload");
1194 #endif
1195
1196 /* clean out ServerInfo */
1197 rb_free(ServerInfo.description);
1198 ServerInfo.description = NULL;
1199 rb_free(ServerInfo.network_name);
1200 ServerInfo.network_name = NULL;
1201 rb_free(ServerInfo.network_desc);
1202 ServerInfo.network_desc = NULL;
1203
1204 ServerInfo.ssld_count = 1;
1205
1206 /* clean out AdminInfo */
1207 rb_free(AdminInfo.name);
1208 AdminInfo.name = NULL;
1209 rb_free(AdminInfo.email);
1210 AdminInfo.email = NULL;
1211 rb_free(AdminInfo.description);
1212 AdminInfo.description = NULL;
1213
1214 /* operator{} and class{} blocks are freed above */
1215 /* clean out listeners */
1216 close_listeners();
1217
1218 /* auth{}, quarantine{}, shared{}, connect{}, kill{}, deny{}, exempt{}
1219 * and gecos{} blocks are freed above too
1220 */
1221
1222 /* clean out general */
1223 rb_free(ConfigFileEntry.kline_reason);
1224 ConfigFileEntry.kline_reason = NULL;
1225
1226 RB_DLINK_FOREACH_SAFE(ptr, next_ptr, service_list.head)
1227 {
1228 rb_free(ptr->data);
1229 rb_dlinkDestroy(ptr, &service_list);
1230 }
1231
1232 /* remove any aliases... -- nenolod */
1233 if (alias_dict != NULL)
1234 {
1235 irc_dictionary_destroy(alias_dict, free_alias_cb, NULL);
1236 alias_dict = NULL;
1237 }
1238
1239 destroy_blacklists();
1240
1241 privilegeset_mark_all_illegal();
1242
1243 /* OK, that should be everything... */
1244 }
1245
1246
1247 /*
1248 * conf_add_class_to_conf
1249 * inputs - pointer to config item
1250 * output - NONE
1251 * side effects - Add a class pointer to a conf
1252 */
1253
1254 void
1255 conf_add_class_to_conf(struct ConfItem *aconf)
1256 {
1257 if(aconf->className == NULL)
1258 {
1259 aconf->className = rb_strdup("default");
1260 ClassPtr(aconf) = default_class;
1261 return;
1262 }
1263
1264 ClassPtr(aconf) = find_class(aconf->className);
1265
1266 if(ClassPtr(aconf) == default_class)
1267 {
1268 if(aconf->status == CONF_CLIENT)
1269 {
1270 conf_report_error(
1271 "Using default class for missing class \"%s\" in auth{} for %s@%s",
1272 aconf->className, aconf->user, aconf->host);
1273 }
1274
1275 rb_free(aconf->className);
1276 aconf->className = rb_strdup("default");
1277 return;
1278 }
1279
1280 if(ConfMaxUsers(aconf) < 0)
1281 {
1282 ClassPtr(aconf) = default_class;
1283 rb_free(aconf->className);
1284 aconf->className = rb_strdup("default");
1285 return;
1286 }
1287 }
1288
1289 /*
1290 * conf_add_d_conf
1291 * inputs - pointer to config item
1292 * output - NONE
1293 * side effects - Add a d/D line
1294 */
1295 void
1296 conf_add_d_conf(struct ConfItem *aconf)
1297 {
1298 if(aconf->host == NULL)
1299 return;
1300
1301 aconf->user = NULL;
1302
1303 /* XXX - Should 'd' ever be in the old conf? For new conf we don't
1304 * need this anyway, so I will disable it for now... -A1kmm
1305 */
1306
1307 if(parse_netmask(aconf->host, NULL, NULL) == HM_HOST)
1308 {
1309 ilog(L_MAIN, "Invalid Dline %s ignored", aconf->host);
1310 free_conf(aconf);
1311 }
1312 else
1313 {
1314 add_conf_by_address(aconf->host, CONF_DLINE, NULL, NULL, aconf);
1315 }
1316 }
1317
1318 static char *
1319 strip_tabs(char *dest, const char *src, size_t len)
1320 {
1321 char *d = dest;
1322
1323 if(dest == NULL || src == NULL)
1324 return NULL;
1325
1326 rb_strlcpy(dest, src, len);
1327
1328 while(*d)
1329 {
1330 if(*d == '\t')
1331 *d = ' ';
1332 d++;
1333 }
1334 return dest;
1335 }
1336
1337 /*
1338 * yyerror
1339 *
1340 * inputs - message from parser
1341 * output - none
1342 * side effects - message to opers and log file entry is made
1343 */
1344 void
1345 yyerror(const char *msg)
1346 {
1347 char newlinebuf[BUFSIZE];
1348
1349 strip_tabs(newlinebuf, linebuf, strlen(linebuf));
1350
1351 ierror("\"%s\", line %d: %s at '%s'", conffilebuf, lineno + 1, msg, newlinebuf);
1352 sendto_realops_snomask(SNO_GENERAL, L_ALL, "\"%s\", line %d: %s at '%s'",
1353 conffilebuf, lineno + 1, msg, newlinebuf);
1354
1355 }
1356
1357 int
1358 conf_fgets(char *lbuf, int max_size, FILE * fb)
1359 {
1360 char *buff;
1361
1362 if((buff = fgets(lbuf, max_size, fb)) == NULL)
1363 return (0);
1364
1365 return (strlen(lbuf));
1366 }
1367
1368 int
1369 conf_yy_fatal_error(const char *msg)
1370 {
1371 return (0);
1372 }
Fork of solanum ircd, history is rebased regularly