#include "msg.h"
#include "reject.h"
#include "sslproc.h"
+#include "capability.h"
+#include "s_assert.h"
#ifndef INADDR_NONE
#define INADDR_NONE ((unsigned int) 0xffffffff)
* because all servers that we talk to already do TS, and the kludged
* extra argument to "PASS" takes care of checking that. -orabidoo
*/
-struct Capability captab[] = {
-/* name cap */
- { "QS", CAP_QS },
- { "EX", CAP_EX },
- { "CHW", CAP_CHW},
- { "IE", CAP_IE},
- { "KLN", CAP_KLN},
- { "KNOCK", CAP_KNOCK},
- { "ZIP", CAP_ZIP},
- { "TB", CAP_TB},
- { "UNKLN", CAP_UNKLN},
- { "CLUSTER", CAP_CLUSTER},
- { "ENCAP", CAP_ENCAP },
- { "SERVICES", CAP_SERVICE },
- { "RSFNC", CAP_RSFNC },
- { "SAVE", CAP_SAVE },
- { "EUID", CAP_EUID },
- { "EOPMOD", CAP_EOPMOD },
- { "BAN", CAP_BAN },
- { "MLOCK", CAP_MLOCK },
- {0, 0}
-};
+struct CapabilityIndex *serv_capindex = NULL;
+
+unsigned int CAP_CAP;
+unsigned int CAP_QS;
+unsigned int CAP_EX;
+unsigned int CAP_CHW;
+unsigned int CAP_IE;
+unsigned int CAP_KLN;
+unsigned int CAP_ZIP;
+unsigned int CAP_KNOCK;
+unsigned int CAP_TB;
+unsigned int CAP_UNKLN;
+unsigned int CAP_CLUSTER;
+unsigned int CAP_ENCAP;
+unsigned int CAP_TS6;
+unsigned int CAP_SERVICE;
+unsigned int CAP_RSFNC;
+unsigned int CAP_SAVE;
+unsigned int CAP_EUID;
+unsigned int CAP_EOPMOD;
+unsigned int CAP_BAN;
+unsigned int CAP_MLOCK;
+
+/*
+ * initialize our builtin capability table. --nenolod
+ */
+void
+init_builtin_capabs(void)
+{
+ serv_capindex = capability_index_create("server capabilities");
+
+ /* These two are not set via CAPAB/GCAP keywords. */
+ CAP_CAP = capability_put_anonymous(serv_capindex);
+ CAP_TS6 = capability_put_anonymous(serv_capindex);
+
+ CAP_QS = capability_put(serv_capindex, "QS");
+ CAP_EX = capability_put(serv_capindex, "EX");
+ CAP_CHW = capability_put(serv_capindex, "CHW");
+ CAP_IE = capability_put(serv_capindex, "IE");
+ CAP_KLN = capability_put(serv_capindex, "KLN");
+ CAP_KNOCK = capability_put(serv_capindex, "KNOCK");
+ CAP_ZIP = capability_put(serv_capindex, "ZIP");
+ CAP_TB = capability_put(serv_capindex, "TB");
+ CAP_UNKLN = capability_put(serv_capindex, "UNKLN");
+ CAP_CLUSTER = capability_put(serv_capindex, "CLUSTER");
+ CAP_ENCAP = capability_put(serv_capindex, "ENCAP");
+ CAP_SERVICE = capability_put(serv_capindex, "SERVICES");
+ CAP_RSFNC = capability_put(serv_capindex, "RSFNC");
+ CAP_SAVE = capability_put(serv_capindex, "SAVE");
+ CAP_EUID = capability_put(serv_capindex, "EUID");
+ CAP_EOPMOD = capability_put(serv_capindex, "EOPMOD");
+ CAP_BAN = capability_put(serv_capindex, "BAN");
+ CAP_MLOCK = capability_put(serv_capindex, "MLOCK");
+
+ capability_require(serv_capindex, "QS");
+ capability_require(serv_capindex, "EX");
+ capability_require(serv_capindex, "IE");
+ capability_require(serv_capindex, "ENCAP");
+}
static CNCB serv_connect_callback;
static CNCB serv_connect_ssl_callback;
if(parc <= server || EmptyString(parv[server]) ||
match(parv[server], me.name) || (strcmp(parv[server], me.id) == 0))
return (HUNTED_ISME);
-
+
new = LOCAL_COPY(parv[server]);
/*
*/
if(!target_p && wilds)
{
- RB_DLINK_FOREACH(ptr, global_client_list.head)
+ RB_DLINK_FOREACH(ptr, global_serv_list.head)
{
if(match(new, ((struct Client *) (ptr->data))->name))
{
struct server_conf *tmp_p;
rb_dlink_node *ptr;
int error = -1;
+ const char *encr;
s_assert(NULL != client_p);
if(client_p == NULL)
{
error = -2;
- if(ServerConfEncrypted(tmp_p))
+ if(tmp_p->passwd)
{
- if(!strcmp(tmp_p->passwd, rb_crypt(client_p->localClient->passwd,
- tmp_p->passwd)))
+ if(ServerConfEncrypted(tmp_p))
{
- server_p = tmp_p;
- break;
+ encr = rb_crypt(client_p->localClient->passwd,
+ tmp_p->passwd);
+ if(encr != NULL && !strcmp(tmp_p->passwd, encr))
+ {
+ server_p = tmp_p;
+ break;
+ }
+ else
+ continue;
}
+ else if(strcmp(tmp_p->passwd, client_p->localClient->passwd))
+ continue;
}
- else if(!strcmp(tmp_p->passwd, client_p->localClient->passwd))
+
+ if(tmp_p->certfp)
{
- server_p = tmp_p;
- break;
+ if(!client_p->certfp || strcasecmp(tmp_p->certfp, client_p->certfp) != 0)
+ continue;
}
+
+ server_p = tmp_p;
+ break;
}
}
*
*/
void
-send_capabilities(struct Client *client_p, int cap_can_send)
+send_capabilities(struct Client *client_p, unsigned int cap_can_send)
{
- struct Capability *cap;
- char msgbuf[BUFSIZE];
- char *t;
- int tl;
-
- t = msgbuf;
-
- for (cap = captab; cap->name; ++cap)
- {
- if(cap->cap & cap_can_send)
- {
- tl = rb_sprintf(t, "%s ", cap->name);
- t += tl;
- }
- }
-
- t--;
- *t = '\0';
-
- sendto_one(client_p, "CAPAB :%s", msgbuf);
+ sendto_one(client_p, "CAPAB :%s", capability_index_list(serv_capindex, cap_can_send));
}
static void
* side effects - client is sent a list of +b, +e, or +I modes
*/
static void
-burst_modes_TS6(struct Client *client_p, struct Channel *chptr,
+burst_modes_TS6(struct Client *client_p, struct Channel *chptr,
rb_dlink_list *list, char flag)
{
rb_dlink_node *ptr;
{
banptr = ptr->data;
- tlen = strlen(banptr->banstr) + 1;
+ tlen = strlen(banptr->banstr) + (banptr->forward ? strlen(banptr->forward) + 1 : 0) + 1;
/* uh oh */
if(cur_len + tlen > BUFSIZE - 3)
t = buf + mlen;
}
- rb_sprintf(t, "%s ", banptr->banstr);
+ if (banptr->forward)
+ rb_sprintf(t, "%s$%s ", banptr->banstr, banptr->forward);
+ else
+ rb_sprintf(t, "%s ", banptr->banstr);
t += tlen;
cur_len += tlen;
}
/*
* burst_TS6
- *
+ *
* inputs - client (server) to send nick towards
* - client to send nick for
* output - NONE
static void
burst_TS6(struct Client *client_p)
{
- static char ubuf[12];
+ char ubuf[BUFSIZE];
struct Client *target_p;
struct Channel *chptr;
struct membership *msptr;
if(!IsPerson(target_p))
continue;
- send_umode(NULL, target_p, 0, 0, ubuf);
+ send_umode(NULL, target_p, 0, ubuf);
if(!*ubuf)
{
ubuf[0] = '+';
if(IsCapable(client_p, CAP_EUID))
sendto_one(client_p, ":%s EUID %s %d %ld %s %s %s %s %s %s %s :%s",
target_p->servptr->id, target_p->name,
- target_p->hopcount + 1,
+ target_p->hopcount + 1,
(long) target_p->tsinfo, ubuf,
target_p->username, target_p->host,
IsIPSpoof(target_p) ? "0" : target_p->sockhost,
else
sendto_one(client_p, ":%s UID %s %d %ld %s %s %s %s %s :%s",
target_p->servptr->id, target_p->name,
- target_p->hopcount + 1,
+ target_p->hopcount + 1,
(long) target_p->tsinfo, ubuf,
target_p->username, target_p->host,
IsIPSpoof(target_p) ? "0" : target_p->sockhost,
t = buf + mlen;
}
- rb_sprintf(t, "%s%s ", find_channel_status(msptr, 1),
+ rb_sprintf(t, "%s%s ", find_channel_status(msptr, 1),
use_id(msptr->client_p));
cur_len += tlen;
chptr->topic);
if(IsCapable(client_p, CAP_MLOCK))
- sendto_one(client_p, ":%s MLOCK %ld %s %s",
+ sendto_one(client_p, ":%s MLOCK %ld %s :%s",
me.id, (long) chptr->channelts, chptr->chname,
- channel_mlock(client_p, chptr));
+ EmptyString(chptr->mode_lock) ? "" : chptr->mode_lock);
hchaninfo.chptr = chptr;
call_hook(h_burst_channel, &hchaninfo);
show_capabilities(struct Client *target_p)
{
static char msgbuf[BUFSIZE];
- struct Capability *cap;
+
+ *msgbuf = '\0';
if(has_id(target_p))
rb_strlcpy(msgbuf, " TS6", sizeof(msgbuf));
if(!IsServer(target_p) || !target_p->serv->caps) /* short circuit if no caps */
return msgbuf + 1;
- for (cap = captab; cap->cap; ++cap)
- {
- if(cap->cap & target_p->serv->caps)
- rb_snprintf_append(msgbuf, sizeof(msgbuf), " %s", cap->name);
- }
+ rb_strlcat(msgbuf, " ", sizeof(msgbuf));
+ rb_strlcat(msgbuf, capability_index_list(serv_capindex, target_p->serv->caps), sizeof(msgbuf));
return msgbuf + 1;
}
if(IsUnknown(client_p))
{
- /*
- * jdc -- 1. Use EmptyString(), not [0] index reference.
- * 2. Check ->spasswd, not ->passwd.
- */
- if(!EmptyString(server_p->spasswd))
- {
- sendto_one(client_p, "PASS %s TS %d :%s",
- server_p->spasswd, TS_CURRENT, me.id);
- }
+ /* the server may be linking based on certificate fingerprint now. --nenolod */
+ sendto_one(client_p, "PASS %s TS %d :%s",
+ EmptyString(server_p->spasswd) ? "*" : server_p->spasswd, TS_CURRENT, me.id);
/* pass info to new server */
send_capabilities(client_p, default_server_capabs
SetServer(client_p);
- /* Update the capability combination usage counts */
- set_chcap_usage_counts(client_p);
-
rb_dlinkAdd(client_p, &client_p->lnode, &me.serv->servers);
rb_dlinkMoveNode(&client_p->localClient->tnode, &unknown_list, &serv_list);
rb_dlinkAddTailAlloc(client_p, &global_serv_list);
if((rb_dlink_list_length(&lclient_list) + rb_dlink_list_length(&serv_list)) >
(unsigned long)MaxConnectionCount)
- MaxConnectionCount = rb_dlink_list_length(&lclient_list) +
+ MaxConnectionCount = rb_dlink_list_length(&lclient_list) +
rb_dlink_list_length(&serv_list);
/* Show the real host/IP to admins */
me.id, client_p->name, client_p->id,
IsHidden(client_p) ? "(H) " : "", client_p->info);
- if(IsCapable(target_p, CAP_ENCAP) &&
- !EmptyString(client_p->serv->fullcaps))
+ if(!EmptyString(client_p->serv->fullcaps))
sendto_one(target_p, ":%s ENCAP * GCAP :%s",
client_p->id, client_p->serv->fullcaps);
}
me.name, client_p->name,
IsHidden(client_p) ? "(H) " : "", client_p->info);
- if(IsCapable(target_p, CAP_ENCAP) &&
- !EmptyString(client_p->serv->fullcaps))
+ if(!EmptyString(client_p->serv->fullcaps))
sendto_one(target_p, ":%s ENCAP * GCAP :%s",
client_p->name, client_p->serv->fullcaps);
}
** there are no NICK's to be cancelled...). Of course,
** if cancellation occurs, all this info is sent anyway,
** and I guess the link dies when a read is attempted...? --msa
- **
+ **
** Note: Link cancellation to occur at this point means
** that at least two servers from my fragment are building
** up connection this other fragment at the same time, it's
target_p->name, target_p->hopcount + 1,
IsHidden(target_p) ? "(H) " : "", target_p->info);
- if(IsCapable(client_p, CAP_ENCAP) &&
- !EmptyString(target_p->serv->fullcaps))
+ if(!EmptyString(target_p->serv->fullcaps))
sendto_one(client_p, ":%s ENCAP * GCAP :%s",
get_id(target_p, client_p),
target_p->serv->fullcaps);
if(ServerConfVhosted(server_p))
{
- memcpy(&myipnum, &server_p->my_ipnum, sizeof(myipnum));
+ memcpy(&myipnum, &server_p->my_ipnum, sizeof(server_p->my_ipnum));
((struct sockaddr_in *)&myipnum)->sin_port = 0;
myipnum.ss_family = server_p->aftype;
-
+
}
else if(server_p->aftype == AF_INET && ServerInfo.specific_ipv4_vhost)
{
- memcpy(&myipnum, &ServerInfo.ip, sizeof(myipnum));
+ memcpy(&myipnum, &ServerInfo.ip, sizeof(ServerInfo.ip));
((struct sockaddr_in *)&myipnum)->sin_port = 0;
myipnum.ss_family = AF_INET;
SET_SS_LEN(&myipnum, sizeof(struct sockaddr_in));
}
-
+
#ifdef RB_IPV6
else if((server_p->aftype == AF_INET6) && ServerInfo.specific_ipv6_vhost)
{
- memcpy(&myipnum, &ServerInfo.ip6, sizeof(myipnum));
+ memcpy(&myipnum, &ServerInfo.ip6, sizeof(ServerInfo.ip6));
((struct sockaddr_in6 *)&myipnum)->sin6_port = 0;
myipnum.ss_family = AF_INET6;
SET_SS_LEN(&myipnum, sizeof(struct sockaddr_in6));
if(ServerConfSSL(server_p))
{
rb_connect_tcp(client_p->localClient->F, (struct sockaddr *)&client_p->localClient->ip,
- NULL, 0, serv_connect_ssl_callback,
+ NULL, 0, serv_connect_ssl_callback,
client_p, ConfigFileEntry.connect_timeout);
}
else
rb_connect_tcp(client_p->localClient->F, (struct sockaddr *)&client_p->localClient->ip,
- NULL, 0, serv_connect_callback,
+ NULL, 0, serv_connect_callback,
client_p, ConfigFileEntry.connect_timeout);
return 1;
}
/*
* serv_connect() - initiate a server connection
*
- * inputs - pointer to conf
+ * inputs - pointer to conf
* - pointer to client doing the connet
* output -
* side effects -
make_server(client_p);
if(by && IsPerson(by))
{
- strcpy(client_p->serv->by, by->name);
+ rb_strlcpy(client_p->serv->by, by->name,
+ sizeof client_p->serv->by);
if(client_p->serv->user)
free_user(client_p->serv->user, NULL);
client_p->serv->user = by->user;
}
else
{
- strcpy(client_p->serv->by, "AutoConn.");
+ rb_strlcpy(client_p->serv->by, "AutoConn.",
+ sizeof client_p->serv->by);
if(client_p->serv->user)
free_user(client_p->serv->user, NULL);
client_p->serv->user = NULL;
ilog_error("rb_socketpair failed for server");
serv_connect_callback(F, RB_ERROR, data);
return;
-
+
}
del_from_cli_fd_hash(client_p);
client_p->localClient->F = xF[0];
/*
* serv_connect_callback() - complete a server connection.
- *
+ *
* This routine is called after the server connection attempt has
* completed. If unsucessful, an error is sent to ops and the client
* is closed. If sucessful, it goes through the initialisation/check
{
sendto_realops_snomask(SNO_GENERAL, is_remote_connect(client_p) ? L_NETWIDE : L_ALL,
"Error connecting to %s[%s]: %s",
- client_p->name,
+ client_p->name,
"255.255.255.255",
rb_errstr(status));
ilog(L_SERVER, "Error connecting to %s[%s]: %s",
/* Next, send the initial handshake */
SetHandshake(client_p);
- if(!EmptyString(server_p->spasswd))
- {
- sendto_one(client_p, "PASS %s TS %d :%s",
- server_p->spasswd, TS_CURRENT, me.id);
- }
+ /* the server may be linking based on certificate fingerprint now. --nenolod */
+ sendto_one(client_p, "PASS %s TS %d :%s",
+ EmptyString(server_p->spasswd) ? "*" : server_p->spasswd, TS_CURRENT, me.id);
/* pass my info to the new server */
send_capabilities(client_p, default_server_capabs
me.name,
ConfigServerHide.hidden ? "(H) " : "", me.info);
- /*
+ /*
* If we've been marked dead because a send failed, just exit
* here now and save everyone the trouble of us ever existing.
*/
projects / solanum.git / blobdiff