]> jfr.im git - solanum.git/blob - ircd/authproc.c
projects / solanum.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
make more snotes L_NETWIDE
[solanum.git] / ircd / authproc.c
1 /*
2 * authd.c: An interface to authd.
3 * (based somewhat on ircd-ratbox dns.c)
4 *
5 * Copyright (C) 2005 Aaron Sethman <androsyn@ratbox.org>
6 * Copyright (C) 2005-2012 ircd-ratbox development team
7 * Copyright (C) 2016 William Pitcock <nenolod@dereferenced.org>
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
22 * USA
23 */
24
25 #include "stdinc.h"
26 #include "rb_lib.h"
27 #include "client.h"
28 #include "ircd_defs.h"
29 #include "parse.h"
30 #include "authproc.h"
31 #include "match.h"
32 #include "logger.h"
33 #include "s_conf.h"
34 #include "s_stats.h"
35 #include "client.h"
36 #include "packet.h"
37 #include "hash.h"
38 #include "send.h"
39 #include "numeric.h"
40 #include "msg.h"
41 #include "dns.h"
42
43 typedef void (*authd_cb_t)(int, char **);
44
45 struct authd_cb
46 {
47 authd_cb_t fn;
48 int min_parc;
49 };
50
51 static int start_authd(void);
52 static void parse_authd_reply(rb_helper * helper);
53 static void restart_authd_cb(rb_helper * helper);
54 static EVH timeout_dead_authd_clients;
55
56 static void cmd_accept_client(int parc, char **parv);
57 static void cmd_reject_client(int parc, char **parv);
58 static void cmd_dns_result(int parc, char **parv);
59 static void cmd_notice_client(int parc, char **parv);
60 static void cmd_oper_warn(int parc, char **parv);
61 static void cmd_stats_results(int parc, char **parv);
62
63 rb_helper *authd_helper;
64 static char *authd_path;
65
66 uint32_t cid;
67 static rb_dictionary *cid_clients;
68 static struct ev_entry *timeout_ev;
69
70 rb_dictionary *dnsbl_stats;
71
72 rb_dlink_list opm_list;
73 struct OPMListener opm_listeners[LISTEN_LAST];
74
75 static struct authd_cb authd_cmd_tab[256] =
76 {
77 ['A'] = { cmd_accept_client, 4 },
78 ['E'] = { cmd_dns_result, 5 },
79 ['N'] = { cmd_notice_client, 3 },
80 ['R'] = { cmd_reject_client, 7 },
81 ['W'] = { cmd_oper_warn, 3 },
82 ['X'] = { cmd_stats_results, 3 },
83 ['Y'] = { cmd_stats_results, 3 },
84 ['Z'] = { cmd_stats_results, 3 },
85 };
86
87 static int
88 start_authd(void)
89 {
90 char fullpath[PATH_MAX + 1];
91 #ifdef _WIN32
92 const char *suffix = ".exe";
93 #else
94 const char *suffix = "";
95 #endif
96 if(authd_path == NULL)
97 {
98 snprintf(fullpath, sizeof(fullpath), "%s%cauthd%s", ircd_paths[IRCD_PATH_LIBEXEC], RB_PATH_SEPARATOR, suffix);
99
100 if(access(fullpath, X_OK) == -1)
101 {
102 snprintf(fullpath, sizeof(fullpath), "%s%cbin%cauthd%s",
103 ConfigFileEntry.dpath, RB_PATH_SEPARATOR, RB_PATH_SEPARATOR, suffix);
104 if(access(fullpath, X_OK) == -1)
105 {
106 ierror("Unable to execute authd in %s or %s/bin",
107 ircd_paths[IRCD_PATH_LIBEXEC], ConfigFileEntry.dpath);
108 sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
109 "Unable to execute authd in %s or %s/bin",
110 ircd_paths[IRCD_PATH_LIBEXEC], ConfigFileEntry.dpath);
111 return 1;
112 }
113
114 }
115
116 authd_path = rb_strdup(fullpath);
117 }
118
119 if(cid_clients == NULL)
120 cid_clients = rb_dictionary_create("authd cid to uid mapping", rb_uint32cmp);
121
122 if(timeout_ev == NULL)
123 timeout_ev = rb_event_addish("timeout_dead_authd_clients", timeout_dead_authd_clients, NULL, 1);
124
125 authd_helper = rb_helper_start("authd", authd_path, parse_authd_reply, restart_authd_cb);
126
127 if(authd_helper == NULL)
128 {
129 ierror("Unable to start authd helper: %s", strerror(errno));
130 sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "Unable to start authd helper: %s", strerror(errno));
131 return 1;
132 }
133
134 ilog(L_MAIN, "authd helper started");
135 sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "authd helper started");
136 rb_helper_run(authd_helper);
137 return 0;
138 }
139
140 static inline uint32_t
141 str_to_cid(const char *str)
142 {
143 long lcid = strtol(str, NULL, 16);
144
145 if(lcid > UINT32_MAX || lcid <= 0)
146 {
147 iwarn("authd sent us back a bad client ID: %lx", lcid);
148 restart_authd();
149 return 0;
150 }
151
152 return (uint32_t)lcid;
153 }
154
155 static inline struct Client *
156 cid_to_client(uint32_t ncid, bool del)
157 {
158 struct Client *client_p;
159
160 if(del)
161 client_p = rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(ncid));
162 else
163 client_p = rb_dictionary_retrieve(cid_clients, RB_UINT_TO_POINTER(ncid));
164
165 /* If the client's not found, that's okay, it may have already gone away.
166 * --Elizafox */
167
168 return client_p;
169 }
170
171 static inline struct Client *
172 str_cid_to_client(const char *str, bool del)
173 {
174 uint32_t ncid = str_to_cid(str);
175
176 if(ncid == 0)
177 return NULL;
178
179 return cid_to_client(ncid, del);
180 }
181
182 static void
183 cmd_accept_client(int parc, char **parv)
184 {
185 struct Client *client_p;
186
187 /* cid to uid (retrieve and delete) */
188 if((client_p = str_cid_to_client(parv[1], true)) == NULL)
189 return;
190
191 authd_accept_client(client_p, parv[2], parv[3]);
192 }
193
194 static void
195 cmd_dns_result(int parc, char **parv)
196 {
197 dns_results_callback(parv[1], parv[2], parv[3], parv[4]);
198 }
199
200 static void
201 cmd_notice_client(int parc, char **parv)
202 {
203 struct Client *client_p;
204
205 if ((client_p = str_cid_to_client(parv[1], false)) == NULL)
206 return;
207
208 if (IsAnyDead(client_p))
209 return;
210
211 sendto_one_notice(client_p, ":%s", parv[2]);
212 }
213
214 static void
215 cmd_reject_client(int parc, char **parv)
216 {
217 struct Client *client_p;
218
219 /* cid to uid (retrieve and delete) */
220 if((client_p = str_cid_to_client(parv[1], true)) == NULL)
221 return;
222
223 authd_reject_client(client_p, parv[3], parv[4], toupper(*parv[2]), parv[5], parv[6]);
224 }
225
226 static void
227 cmd_oper_warn(int parc, char **parv)
228 {
229 switch(*parv[1])
230 {
231 case 'D': /* Debug */
232 sendto_realops_snomask(SNO_DEBUG, L_ALL, "authd debug: %s", parv[2]);
233 idebug("authd: %s", parv[2]);
234 break;
235 case 'I': /* Info */
236 sendto_realops_snomask(SNO_GENERAL, L_ALL, "authd info: %s", parv[2]);
237 inotice("authd: %s", parv[2]);
238 break;
239 case 'W': /* Warning */
240 sendto_realops_snomask(SNO_GENERAL, L_ALL, "authd WARNING: %s", parv[2]);
241 iwarn("authd: %s", parv[2]);
242 break;
243 case 'C': /* Critical (error) */
244 sendto_realops_snomask(SNO_GENERAL, L_ALL, "authd CRITICAL: %s", parv[2]);
245 ierror("authd: %s", parv[2]);
246 break;
247 default: /* idk */
248 sendto_realops_snomask(SNO_GENERAL, L_ALL, "authd sent us an unknown oper notice type (%s): %s", parv[1], parv[2]);
249 ilog(L_MAIN, "authd unknown oper notice type (%s): %s", parv[1], parv[2]);
250 break;
251 }
252 }
253
254 static void
255 cmd_stats_results(int parc, char **parv)
256 {
257 /* Select by type */
258 switch(*parv[2])
259 {
260 case 'D':
261 /* parv[0] conveys status */
262 if(parc < 4)
263 {
264 iwarn("authd sent a result with wrong number of arguments: got %d", parc);
265 restart_authd();
266 return;
267 }
268 dns_stats_results_callback(parv[1], parv[0], parc - 3, (const char **)&parv[3]);
269 break;
270 default:
271 break;
272 }
273 }
274
275 static void
276 parse_authd_reply(rb_helper * helper)
277 {
278 ssize_t len;
279 int parc;
280 char buf[READBUF_SIZE];
281 char *parv[MAXPARA];
282
283 while((len = rb_helper_read(helper, buf, sizeof(buf))) > 0)
284 {
285 struct authd_cb *cmd;
286
287 parc = rb_string_to_array(buf, parv, sizeof(parv));
288 cmd = &authd_cmd_tab[(unsigned char)*parv[0]];
289 if(cmd->fn != NULL)
290 {
291 if(cmd->min_parc > parc)
292 {
293 iwarn("authd sent a result with wrong number of arguments: expected %d, got %d",
294 cmd->min_parc, parc);
295 restart_authd();
296 continue;
297 }
298
299 cmd->fn(parc, parv);
300 }
301 else
302 {
303 iwarn("authd sent us a bad command type: %c", *parv[0]);
304 restart_authd();
305 continue;
306 }
307 }
308 }
309
310 void
311 init_authd(void)
312 {
313 if(start_authd())
314 {
315 ierror("Unable to start authd helper: %s", strerror(errno));
316 exit(0);
317 }
318 }
319
320 void
321 configure_authd(void)
322 {
323 /* Timeouts */
324 set_authd_timeout("ident_timeout", GlobalSetOptions.ident_timeout);
325 set_authd_timeout("rdns_timeout", ConfigFileEntry.connect_timeout);
326 set_authd_timeout("rbl_timeout", ConfigFileEntry.connect_timeout);
327
328 ident_check_enable(!ConfigFileEntry.disable_auth);
329
330 /* Configure OPM */
331 if(rb_dlink_list_length(&opm_list) > 0 &&
332 (opm_listeners[LISTEN_IPV4].ipaddr[0] != '\0' ||
333 opm_listeners[LISTEN_IPV6].ipaddr[0] != '\0'))
334 {
335 rb_dlink_node *ptr;
336
337 if(opm_listeners[LISTEN_IPV4].ipaddr[0] != '\0')
338 rb_helper_write(authd_helper, "O opm_listener %s %hu",
339 opm_listeners[LISTEN_IPV4].ipaddr, opm_listeners[LISTEN_IPV4].port);
340
341 if(opm_listeners[LISTEN_IPV6].ipaddr[0] != '\0')
342 rb_helper_write(authd_helper, "O opm_listener %s %hu",
343 opm_listeners[LISTEN_IPV6].ipaddr, opm_listeners[LISTEN_IPV6].port);
344
345 RB_DLINK_FOREACH(ptr, opm_list.head)
346 {
347 struct OPMScanner *scanner = ptr->data;
348 rb_helper_write(authd_helper, "O opm_scanner %s %hu",
349 scanner->type, scanner->port);
350 }
351
352 opm_check_enable(true);
353 }
354 else
355 opm_check_enable(false);
356 }
357
358 static void
359 authd_free_client(struct Client *client_p)
360 {
361 if(client_p == NULL || client_p->preClient == NULL)
362 return;
363
364 if(client_p->preClient->auth.cid == 0)
365 return;
366
367 if(authd_helper != NULL)
368 rb_helper_write(authd_helper, "E %x", client_p->preClient->auth.cid);
369
370 client_p->preClient->auth.accepted = true;
371 client_p->preClient->auth.cid = 0;
372 }
373
374 static void
375 authd_free_client_cb(rb_dictionary_element *delem, void *unused)
376 {
377 struct Client *client_p = delem->data;
378 authd_free_client(client_p);
379 }
380
381 void
382 authd_abort_client(struct Client *client_p)
383 {
384 rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(client_p->preClient->auth.cid));
385 authd_free_client(client_p);
386 }
387
388 static void
389 restart_authd_cb(rb_helper * helper)
390 {
391 iwarn("authd: restart_authd_cb called, authd died?");
392 sendto_realops_snomask(SNO_GENERAL, L_ALL, "authd: restart_authd_cb called, authd died?");
393
394 if(helper != NULL)
395 {
396 rb_helper_close(helper);
397 authd_helper = NULL;
398 }
399
400 rb_dictionary_destroy(cid_clients, authd_free_client_cb, NULL);
401 cid_clients = NULL;
402
403 start_authd();
404 configure_authd();
405 }
406
407 void
408 restart_authd(void)
409 {
410 ierror("authd restarting...");
411 restart_authd_cb(authd_helper);
412 }
413
414 void
415 rehash_authd(void)
416 {
417 rb_helper_write(authd_helper, "R");
418 }
419
420 void
421 check_authd(void)
422 {
423 if(authd_helper == NULL)
424 restart_authd();
425 }
426
427 static inline uint32_t
428 generate_cid(void)
429 {
430 if(++cid == 0)
431 cid = 1;
432
433 return cid;
434 }
435
436 /* Basically when this is called we begin handing off the client to authd for
437 * processing. authd "owns" the client until processing is finished, or we
438 * timeout from authd. authd will make a decision whether or not to accept the
439 * client, but it's up to other parts of the code (for now) to decide if we're
440 * gonna accept the client and ignore authd's suggestion.
441 *
442 * --Elizafox
443 *
444 * If this is an SSL connection we must defer handing off the client for
445 * reading until it is open and we have the certificate fingerprint, otherwise
446 * it's possible for the client to immediately send data before authd completes
447 * and before the status of the connection is communicated via ssld. This data
448 * could then be processed too early by read_packet().
449 */
450 void
451 authd_initiate_client(struct Client *client_p, bool defer)
452 {
453 char client_ipaddr[HOSTIPLEN+1];
454 char listen_ipaddr[HOSTIPLEN+1];
455 uint16_t client_port, listen_port;
456 uint32_t authd_cid;
457
458 if(client_p->preClient == NULL || client_p->preClient->auth.cid != 0)
459 return;
460
461 authd_cid = client_p->preClient->auth.cid = generate_cid();
462
463 /* Collisions are extremely unlikely, so disregard the possibility */
464 rb_dictionary_add(cid_clients, RB_UINT_TO_POINTER(authd_cid), client_p);
465
466 /* Retrieve listener and client IP's */
467 rb_inet_ntop_sock((struct sockaddr *)&client_p->preClient->lip, listen_ipaddr, sizeof(listen_ipaddr));
468 rb_inet_ntop_sock((struct sockaddr *)&client_p->localClient->ip, client_ipaddr, sizeof(client_ipaddr));
469
470 /* Retrieve listener and client ports */
471 listen_port = ntohs(GET_SS_PORT(&client_p->preClient->lip));
472 client_port = ntohs(GET_SS_PORT(&client_p->localClient->ip));
473
474 if(defer)
475 client_p->preClient->auth.flags |= AUTHC_F_DEFERRED;
476
477 /* Add a bit of a fudge factor... */
478 client_p->preClient->auth.timeout = rb_current_time() + ConfigFileEntry.connect_timeout + 10;
479
480 rb_helper_write(authd_helper, "C %x %s %hu %s %hu %x", authd_cid, listen_ipaddr, listen_port, client_ipaddr, client_port,
481 #ifdef HAVE_LIBSCTP
482 IsSCTP(client_p) ? IPPROTO_SCTP : IPPROTO_TCP);
483 #else
484 IPPROTO_TCP);
485 #endif
486 }
487
488 static inline void
489 authd_read_client(struct Client *client_p)
490 {
491 /*
492 * When a client has auth'ed, we want to start reading what it sends
493 * us. This is what read_packet() does.
494 * -- adrian
495 *
496 * Above comment was originally in s_auth.c, but moved here with below code.
497 * --Elizafox
498 */
499 rb_dlinkAddTail(client_p, &client_p->node, &global_client_list);
500 read_packet(client_p->localClient->F, client_p);
501 }
502
503 /* When this is called we have a decision on client acceptance.
504 *
505 * After this point authd no longer "owns" the client, but if
506 * it's flagged as deferred then we're still waiting for a call
507 * to authd_deferred_client().
508 */
509 static inline void
510 authd_decide_client(struct Client *client_p, const char *ident, const char *host, bool accept, char cause, const char *data, const char *reason)
511 {
512 if(client_p->preClient == NULL || client_p->preClient->auth.cid == 0)
513 return;
514
515 if(*ident != '*')
516 {
517 rb_strlcpy(client_p->username, ident, sizeof(client_p->username));
518 SetGotId(client_p);
519 ServerStats.is_asuc++;
520 }
521 else
522 ServerStats.is_abad++; /* s_auth used to do this, stay compatible */
523
524 if(*host != '*')
525 rb_strlcpy(client_p->host, host, sizeof(client_p->host));
526
527 rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(client_p->preClient->auth.cid));
528
529 client_p->preClient->auth.accepted = accept;
530 client_p->preClient->auth.cause = cause;
531 client_p->preClient->auth.data = (data == NULL ? NULL : rb_strdup(data));
532 client_p->preClient->auth.reason = (reason == NULL ? NULL : rb_strdup(reason));
533 client_p->preClient->auth.cid = 0;
534
535 client_p->preClient->auth.flags |= AUTHC_F_COMPLETE;
536 if((client_p->preClient->auth.flags & AUTHC_F_DEFERRED) == 0)
537 authd_read_client(client_p);
538 }
539
540 void
541 authd_deferred_client(struct Client *client_p)
542 {
543 client_p->preClient->auth.flags &= ~AUTHC_F_DEFERRED;
544 if(client_p->preClient->auth.flags & AUTHC_F_COMPLETE)
545 authd_read_client(client_p);
546 }
547
548 /* Convenience function to accept client */
549 void
550 authd_accept_client(struct Client *client_p, const char *ident, const char *host)
551 {
552 authd_decide_client(client_p, ident, host, true, '\0', NULL, NULL);
553 }
554
555 /* Convenience function to reject client */
556 void
557 authd_reject_client(struct Client *client_p, const char *ident, const char *host, char cause, const char *data, const char *reason)
558 {
559 authd_decide_client(client_p, ident, host, false, cause, data, reason);
560 }
561
562 static void
563 timeout_dead_authd_clients(void *notused __unused)
564 {
565 rb_dictionary_iter iter;
566 struct Client *client_p;
567 rb_dlink_list freelist = { NULL, NULL, 0 };
568 rb_dlink_node *ptr, *nptr;
569
570 RB_DICTIONARY_FOREACH(client_p, &iter, cid_clients)
571 {
572 if(client_p->preClient->auth.timeout < rb_current_time())
573 {
574 authd_free_client(client_p);
575 rb_dlinkAddAlloc(client_p, &freelist);
576 }
577 }
578
579 /* RB_DICTIONARY_FOREACH is not safe for deletion, so we do this crap */
580 RB_DLINK_FOREACH_SAFE(ptr, nptr, freelist.head)
581 {
582 client_p = ptr->data;
583 rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(client_p->preClient->auth.cid));
584 }
585 }
586
587 /* Send a new DNSBL entry to authd */
588 void
589 add_dnsbl_entry(const char *host, const char *reason, uint8_t iptype, rb_dlink_list *filters)
590 {
591 rb_dlink_node *ptr;
592 struct DNSBLEntryStats *stats = rb_malloc(sizeof(*stats));
593 char filterbuf[BUFSIZE] = "*";
594 size_t s = 0;
595
596 if(dnsbl_stats == NULL)
597 dnsbl_stats = rb_dictionary_create("dnsbl statistics", rb_strcasecmp);
598
599 /* Build a list of comma-separated values for authd.
600 * We don't check for validity - do it elsewhere.
601 */
602 RB_DLINK_FOREACH(ptr, filters->head)
603 {
604 char *filter = ptr->data;
605 size_t filterlen = strlen(filter) + 1;
606
607 if(s + filterlen > sizeof(filterbuf))
608 break;
609
610 snprintf(&filterbuf[s], sizeof(filterbuf) - s, "%s,", filter);
611
612 s += filterlen;
613 }
614
615 if(s)
616 filterbuf[s - 1] = '\0';
617
618 stats->host = rb_strdup(host);
619 stats->iptype = iptype;
620 stats->hits = 0;
621 rb_dictionary_add(dnsbl_stats, stats->host, stats);
622
623 rb_helper_write(authd_helper, "O rbl %s %hhu %s :%s", host, iptype, filterbuf, reason);
624 }
625
626 /* Delete a DNSBL entry. */
627 void
628 del_dnsbl_entry(const char *host)
629 {
630 struct DNSBLEntryStats *stats = rb_dictionary_retrieve(dnsbl_stats, host);
631 if(stats != NULL)
632 {
633 rb_dictionary_delete(dnsbl_stats, host);
634 rb_free(stats->host);
635 rb_free(stats);
636 }
637
638 rb_helper_write(authd_helper, "O rbl_del %s", host);
639 }
640
641 static void
642 dnsbl_delete_elem(rb_dictionary_element *delem, void *unused)
643 {
644 struct DNSBLEntryStats *stats = delem->data;
645
646 rb_free(stats->host);
647 rb_free(stats);
648 }
649
650 /* Delete all the DNSBL entries. */
651 void
652 del_dnsbl_entry_all(void)
653 {
654 if(dnsbl_stats != NULL)
655 rb_dictionary_destroy(dnsbl_stats, dnsbl_delete_elem, NULL);
656 dnsbl_stats = NULL;
657
658 rb_helper_write(authd_helper, "O rbl_del_all");
659 }
660
661 /* Adjust an authd timeout value */
662 bool
663 set_authd_timeout(const char *key, int timeout)
664 {
665 if(timeout <= 0)
666 return false;
667
668 rb_helper_write(authd_helper, "O %s %d", key, timeout);
669 return true;
670 }
671
672 /* Enable identd checks */
673 void
674 ident_check_enable(bool enabled)
675 {
676 rb_helper_write(authd_helper, "O ident_enabled %d", enabled ? 1 : 0);
677 }
678
679 /* Create an OPM listener
680 * XXX - This is a big nasty hack, but it avoids resending duplicate data when
681 * configure_authd() is called.
682 */
683 void
684 conf_create_opm_listener(const char *ip, uint16_t port)
685 {
686 char ipbuf[HOSTIPLEN];
687 struct OPMListener *listener;
688
689 rb_strlcpy(ipbuf, ip, sizeof(ipbuf));
690 if(ipbuf[0] == ':')
691 {
692 memmove(ipbuf + 1, ipbuf, sizeof(ipbuf) - 1);
693 ipbuf[0] = '0';
694 }
695
696 /* I am much too lazy to use rb_inet_pton and GET_SS_FAMILY for now --Elizafox */
697 listener = &opm_listeners[(strchr(ipbuf, ':') != NULL ? LISTEN_IPV6 : LISTEN_IPV4)];
698 rb_strlcpy(listener->ipaddr, ipbuf, sizeof(listener->ipaddr));
699 listener->port = port;
700 }
701
702 void
703 create_opm_listener(const char *ip, uint16_t port)
704 {
705 char ipbuf[HOSTIPLEN];
706
707 /* XXX duplicated in conf_create_opm_listener */
708 rb_strlcpy(ipbuf, ip, sizeof(ipbuf));
709 if(ipbuf[0] == ':')
710 {
711 memmove(ipbuf + 1, ipbuf, sizeof(ipbuf) - 1);
712 ipbuf[0] = '0';
713 }
714
715 conf_create_opm_listener(ip, port);
716 rb_helper_write(authd_helper, "O opm_listener %s %hu", ipbuf, port);
717 }
718
719 void
720 delete_opm_listener_all(void)
721 {
722 memset(&opm_listeners, 0, sizeof(opm_listeners));
723 rb_helper_write(authd_helper, "O opm_listener_del_all");
724 }
725
726 /* Disable all OPM scans */
727 void
728 opm_check_enable(bool enabled)
729 {
730 rb_helper_write(authd_helper, "O opm_enabled %d", enabled ? 1 : 0);
731 }
732
733 /* Create an OPM proxy scanner
734 * XXX - This is a big nasty hack, but it avoids resending duplicate data when
735 * configure_authd() is called.
736 */
737 void
738 conf_create_opm_proxy_scanner(const char *type, uint16_t port)
739 {
740 struct OPMScanner *scanner = rb_malloc(sizeof(struct OPMScanner));
741
742 rb_strlcpy(scanner->type, type, sizeof(scanner->type));
743 scanner->port = port;
744 rb_dlinkAdd(scanner, &scanner->node, &opm_list);
745 }
746
747 void
748 create_opm_proxy_scanner(const char *type, uint16_t port)
749 {
750 conf_create_opm_proxy_scanner(type, port);
751 rb_helper_write(authd_helper, "O opm_scanner %s %hu", type, port);
752 }
753
754 void
755 delete_opm_proxy_scanner(const char *type, uint16_t port)
756 {
757 rb_dlink_node *ptr, *nptr;
758
759 RB_DLINK_FOREACH_SAFE(ptr, nptr, opm_list.head)
760 {
761 struct OPMScanner *scanner = ptr->data;
762
763 if(rb_strncasecmp(scanner->type, type, sizeof(scanner->type)) == 0 &&
764 scanner->port == port)
765 {
766 rb_dlinkDelete(ptr, &opm_list);
767 rb_free(scanner);
768 break;
769 }
770 }
771
772 rb_helper_write(authd_helper, "O opm_scanner_del %s %hu", type, port);
773 }
774
775 void
776 delete_opm_proxy_scanner_all(void)
777 {
778 rb_dlink_node *ptr, *nptr;
779
780 RB_DLINK_FOREACH_SAFE(ptr, nptr, opm_list.head)
781 {
782 struct OPMScanner *scanner = ptr->data;
783
784 rb_dlinkDelete(ptr, &opm_list);
785 rb_free(scanner);
786 }
787
788 rb_helper_write(authd_helper, "O opm_scanner_del_all");
789 }
Fork of solanum ircd, history is rebased regularly