#include "ircd_defs.h"
#include "s_conf.h"
#include "s_newconf.h"
+#include "newconf.h"
#include "s_serv.h"
#include "s_stats.h"
#include "channel.h"
#include "reject.h"
#include "cache.h"
#include "blacklist.h"
+#include "privilege.h"
#include "sslproc.h"
+#include "bandbi.h"
+#include "operhash.h"
+#include "chmode.h"
+#include "hook.h"
+#include "s_assert.h"
struct config_server_hide ConfigServerHide;
static rb_bh *confitem_heap = NULL;
+rb_dlink_list prop_bans;
+
rb_dlink_list temp_klines[LAST_TEMP_TYPE];
rb_dlink_list temp_dlines[LAST_TEMP_TYPE];
rb_dlink_list service_list;
/* internally defined functions */
static void set_default_conf(void);
static void validate_conf(void);
-static void read_conf(FILE *);
+static void read_conf(void);
static void clear_out_old_conf(void);
+static void expire_prop_bans(void *list);
static void expire_temp_kd(void *list);
static void reorganise_temp_kd(void *list);
extern char yytext[];
static int verify_access(struct Client *client_p, const char *username);
+static struct ConfItem *find_address_conf_by_client(struct Client *client_p, const char *username);
static int attach_iline(struct Client *, struct ConfItem *);
void
{
confitem_heap = rb_bh_create(sizeof(struct ConfItem), CONFITEM_HEAP_SIZE, "confitem_heap");
+ rb_event_addish("expire_prop_bans", expire_prop_bans, &prop_bans, 60);
+
rb_event_addish("expire_temp_klines", expire_temp_kd, &temp_klines[TEMP_MIN], 60);
rb_event_addish("expire_temp_dlines", expire_temp_kd, &temp_dlines[TEMP_MIN], 60);
rb_free(aconf->passwd);
rb_free(aconf->spasswd);
- rb_free(aconf->name);
rb_free(aconf->className);
rb_free(aconf->user);
rb_free(aconf->host);
+ if(IsConfBan(aconf))
+ operhash_delete(aconf->info.oper);
+ else
+ rb_free(aconf->info.name);
+
rb_bh_free(confitem_heap, aconf);
}
if((i = verify_access(source_p, username)))
{
- ilog(L_FUSER, "Access denied: %s[%s]",
+ ilog(L_FUSER, "Access denied: %s[%s]",
source_p->name, source_p->sockhost);
}
-
+
switch (i)
{
case SOCKET_ERROR:
ilog(L_FUSER, "Too many local connections from %s!%s%s@%s",
source_p->name, IsGotId(source_p) ? "" : "~",
- source_p->username, source_p->sockhost);
+ source_p->username, source_p->sockhost);
ServerStats.is_ref++;
exit_client(client_p, source_p, &me, "Too many host connections (local)");
source_p->username, source_p->host,
show_ip(NULL, source_p) && !IsIPSpoof(source_p) ? source_p->sockhost : "255.255.255.255");
- ilog(L_FUSER, "Too many connections from %s!%s%s@%s.",
+ ilog(L_FUSER, "Too many connections from %s!%s%s@%s.",
source_p->name, IsGotId(source_p) ? "" : "~",
source_p->username, source_p->sockhost);
else
#endif
port = ntohs(((struct sockaddr_in *)&source_p->localClient->listener->addr)->sin_port);
-
+
ServerStats.is_ref++;
/* jdc - lists server name & port connections are on */
/* a purely cosmetical change */
verify_access(struct Client *client_p, const char *username)
{
struct ConfItem *aconf;
- char non_ident[USERLEN + 1];
-
- if(IsGotId(client_p))
- {
- aconf = find_address_conf(client_p->host, client_p->sockhost,
- client_p->username, client_p->username,
- (struct sockaddr *) &client_p->localClient->ip,
- client_p->localClient->ip.ss_family,
- client_p->localClient->auth_user);
- }
- else
- {
- rb_strlcpy(non_ident, "~", sizeof(non_ident));
- rb_strlcat(non_ident, username, sizeof(non_ident));
- aconf = find_address_conf(client_p->host, client_p->sockhost,
- non_ident, client_p->username,
- (struct sockaddr *) &client_p->localClient->ip,
- client_p->localClient->ip.ss_family,
- client_p->localClient->auth_user);
- }
+ aconf = find_address_conf_by_client(client_p, username);
if(aconf == NULL)
return NOT_AUTHORISED;
if(aconf->flags & CONF_FLAGS_REDIR)
{
sendto_one_numeric(client_p, RPL_REDIR, form_str(RPL_REDIR),
- aconf->name ? aconf->name : "", aconf->port);
+ aconf->info.name ? aconf->info.name : "", aconf->port);
return (NOT_AUTHORISED);
}
sendto_realops_snomask(SNO_GENERAL, L_ALL,
"%s spoofing: %s as %s",
client_p->name,
- show_ip(NULL, client_p) ? client_p->host : aconf->name,
- aconf->name);
+ show_ip(NULL, client_p) ? client_p->host : aconf->info.name,
+ aconf->info.name);
}
/* user@host spoof */
- if((p = strchr(aconf->name, '@')) != NULL)
+ if((p = strchr(aconf->info.name, '@')) != NULL)
{
char *host = p+1;
*p = '\0';
- rb_strlcpy(client_p->username, aconf->name,
+ rb_strlcpy(client_p->username, aconf->info.name,
sizeof(client_p->username));
rb_strlcpy(client_p->host, host,
sizeof(client_p->host));
*p = '@';
}
else
- rb_strlcpy(client_p->host, aconf->name, sizeof(client_p->host));
+ rb_strlcpy(client_p->host, aconf->info.name, sizeof(client_p->host));
}
return (attach_iline(client_p, aconf));
}
else if(aconf->status & CONF_KILL)
{
if(ConfigFileEntry.kline_with_reason)
- {
sendto_one(client_p,
form_str(ERR_YOUREBANNEDCREEP),
- me.name, client_p->name, aconf->passwd);
- }
+ me.name, client_p->name,
+ get_user_ban_reason(aconf));
add_reject(client_p, aconf->user, aconf->host);
return (BANNED_CLIENT);
}
}
+/*
+ * find_address_conf_by_client
+ */
+static struct ConfItem *
+find_address_conf_by_client(struct Client *client_p, const char *username)
+{
+ struct ConfItem *aconf;
+ char non_ident[USERLEN + 1];
+
+ if(IsGotId(client_p))
+ {
+ aconf = find_address_conf(client_p->host, client_p->sockhost,
+ client_p->username, client_p->username,
+ (struct sockaddr *) &client_p->localClient->ip,
+ client_p->localClient->ip.ss_family,
+ client_p->localClient->auth_user);
+ }
+ else
+ {
+ rb_strlcpy(non_ident, "~", sizeof(non_ident));
+ rb_strlcat(non_ident, username, sizeof(non_ident));
+ aconf = find_address_conf(client_p->host, client_p->sockhost,
+ non_ident, client_p->username,
+ (struct sockaddr *) &client_p->localClient->ip,
+ client_p->localClient->ip.ss_family,
+ client_p->localClient->auth_user);
+ }
+ return aconf;
+}
+
+
/*
* add_ip_limit
- *
+ *
* Returns 1 if successful 0 if not
*
* This checks if the user has exceed the limits for their class
add_ip_limit(struct Client *client_p, struct ConfItem *aconf)
{
rb_patricia_node_t *pnode;
+ int bitlen;
/* If the limits are 0 don't do anything.. */
- if(ConfCidrAmount(aconf) == 0 || ConfCidrBitlen(aconf) == 0)
+ if(ConfCidrAmount(aconf) == 0
+ || (ConfCidrIpv4Bitlen(aconf) == 0 && ConfCidrIpv6Bitlen(aconf) == 0))
return -1;
pnode = rb_match_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip);
+ if(GET_SS_FAMILY(&client_p->localClient->ip) == AF_INET)
+ bitlen = ConfCidrIpv4Bitlen(aconf);
+ else
+ bitlen = ConfCidrIpv6Bitlen(aconf);
+
if(pnode == NULL)
- pnode = make_and_lookup_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip, ConfCidrBitlen(aconf));
+ pnode = make_and_lookup_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip, bitlen);
s_assert(pnode != NULL);
if(pnode != NULL)
{
- if(((long) pnode->data) >= ConfCidrAmount(aconf)
- && !IsConfExemptLimits(aconf))
+ if(((intptr_t)pnode->data) >= ConfCidrAmount(aconf) && !IsConfExemptLimits(aconf))
{
/* This should only happen if the limits are set to 0 */
- if((unsigned long) pnode->data == 0)
+ if((intptr_t)pnode->data == 0)
{
rb_patricia_remove(ConfIpLimits(aconf), pnode);
}
return (0);
}
- pnode->data++;
+ pnode->data = (void *)(((intptr_t)pnode->data) + 1);
}
return 1;
}
rb_patricia_node_t *pnode;
/* If the limits are 0 don't do anything.. */
- if(ConfCidrAmount(aconf) == 0 || ConfCidrBitlen(aconf) == 0)
+ if(ConfCidrAmount(aconf) == 0
+ || (ConfCidrIpv4Bitlen(aconf) == 0 && ConfCidrIpv6Bitlen(aconf) == 0))
return;
pnode = rb_match_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip);
if(pnode == NULL)
return;
- pnode->data--;
- if(((unsigned long) pnode->data) == 0)
+ pnode->data = (void *)(((intptr_t)pnode->data) - 1);
+ if(((intptr_t)pnode->data) == 0)
{
rb_patricia_remove(ConfIpLimits(aconf), pnode);
}
int local_count = 0;
int global_count = 0;
int ident_count = 0;
- int unidented = 0;
+ int unidented;
if(IsConfExemptLimits(aconf))
return (attach_conf(client_p, aconf));
- if(*client_p->username == '~')
- unidented = 1;
-
+ unidented = !IsGotId(client_p) && !IsNoTilde(aconf) &&
+ (!IsConfDoSpoofIp(aconf) || !strchr(aconf->info.name, '@'));
/* find_hostname() returns the head of the list to search */
RB_DLINK_FOREACH(ptr, find_hostname(client_p->host))
/*
* attach_conf
- *
+ *
* inputs - client pointer
* - conf pointer
* output -
return (0);
}
-static struct banconf_entry
-{
- const char **filename;
- void (*func) (FILE *);
- int perm;
-} banconfs[] = {
- { &ConfigFileEntry.klinefile, parse_k_file, 0 },
- { &ConfigFileEntry.klinefile, parse_k_file, 1 },
- { &ConfigFileEntry.dlinefile, parse_d_file, 0 },
- { &ConfigFileEntry.dlinefile, parse_d_file, 1 },
- { &ConfigFileEntry.xlinefile, parse_x_file, 0 },
- { &ConfigFileEntry.xlinefile, parse_x_file, 1 },
- { &ConfigFileEntry.resvfile, parse_resv_file,0 },
- { &ConfigFileEntry.resvfile, parse_resv_file,1 },
- { NULL, NULL, 0 }
-};
-
void
rehash_bans(int sig)
{
- FILE *file;
- char buf[MAXPATHLEN];
- int i;
-
- if(sig != 0)
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "Got signal SIGUSR2, reloading ban confs");
-
- clear_out_address_conf_bans();
- clear_s_newconf_bans();
-
- for(i = 0; banconfs[i].filename; i++)
- {
- if(banconfs[i].perm)
- snprintf(buf, sizeof(buf), "%s.perm", *banconfs[i].filename);
- else
- snprintf(buf, sizeof(buf), "%s", *banconfs[i].filename);
-
- if((file = fopen(buf, "r")) == NULL)
- {
- if(banconfs[i].perm)
- continue;
-
- ilog(L_MAIN, "Failed reading ban file %s",
- *banconfs[i].filename);
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "Can't open %s file bans could be missing!",
- *banconfs[i].filename);
- }
- else
- {
- (banconfs[i].func)(file);
- fclose(file);
- }
- }
-
- check_banned_lines();
+ bandb_rehash_bans();
}
/*
/* ServerInfo.name is not rehashable */
/* ServerInfo.name = ServerInfo.name; */
ServerInfo.description = NULL;
- ServerInfo.network_name = rb_strdup(NETWORK_NAME_DEFAULT);
- ServerInfo.network_desc = rb_strdup(NETWORK_DESC_DEFAULT);
+ ServerInfo.network_name = NULL;
memset(&ServerInfo.ip, 0, sizeof(ServerInfo.ip));
ServerInfo.specific_ipv4_vhost = 0;
AdminInfo.email = NULL;
AdminInfo.description = NULL;
- ConfigFileEntry.default_operstring = rb_strdup("is an IRC operator");
- ConfigFileEntry.default_adminstring = rb_strdup("is a Server Administrator");
- ConfigFileEntry.servicestring = rb_strdup("is a Network Service");
+ ConfigFileEntry.default_operstring = NULL;
+ ConfigFileEntry.default_adminstring = NULL;
+ ConfigFileEntry.servicestring = NULL;
+ ConfigFileEntry.sasl_service = NULL;
- ConfigFileEntry.default_umodes = UMODE_INVISIBLE;
+ ConfigFileEntry.default_umodes = UMODE_INVISIBLE;
ConfigFileEntry.failed_oper_notice = YES;
ConfigFileEntry.anti_nick_flood = NO;
ConfigFileEntry.disable_fake_channels = NO;
ConfigFileEntry.fname_operlog = NULL;
ConfigFileEntry.fname_foperlog = NULL;
ConfigFileEntry.fname_serverlog = NULL;
+ ConfigFileEntry.fname_killlog = NULL;
ConfigFileEntry.fname_klinelog = NULL;
ConfigFileEntry.fname_operspylog = NULL;
ConfigFileEntry.fname_ioerrorlog = NULL;
- ConfigFileEntry.use_egd = NO;
ConfigFileEntry.hide_spoof_ips = YES;
ConfigFileEntry.hide_error_messages = 1;
ConfigFileEntry.dots_in_ident = 0;
ConfigFileEntry.max_targets = MAX_TARGETS_DEFAULT;
- ConfigFileEntry.egdpool_path = NULL;
ConfigFileEntry.use_whois_actually = YES;
ConfigFileEntry.burst_away = NO;
ConfigFileEntry.collision_fnc = YES;
+ ConfigFileEntry.resv_fnc = YES;
ConfigFileEntry.global_snotices = YES;
ConfigFileEntry.operspy_dont_care_user_info = NO;
+ ConfigFileEntry.use_propagated_bans = YES;
+ ConfigFileEntry.max_ratelimit_tokens = 30;
+ ConfigFileEntry.away_interval = 30;
#ifdef HAVE_LIBZ
ConfigFileEntry.compression_level = 4;
ConfigChannel.use_except = YES;
ConfigChannel.use_invex = YES;
- ConfigChannel.use_knock = YES;
ConfigChannel.use_forward = YES;
+ ConfigChannel.use_knock = YES;
ConfigChannel.knock_delay = 300;
ConfigChannel.knock_delay_channel = 60;
ConfigChannel.max_chans_per_user = 15;
ConfigChannel.max_bans = 25;
ConfigChannel.max_bans_large = 500;
+ ConfigChannel.only_ascii_channels = NO;
ConfigChannel.burst_topicwho = NO;
ConfigChannel.kick_on_split_riding = NO;
ConfigChannel.default_split_server_count = 10;
ConfigChannel.no_join_on_split = NO;
ConfigChannel.no_create_on_split = YES;
+ ConfigChannel.resv_forcepart = YES;
+ ConfigChannel.channel_target_change = YES;
+ ConfigChannel.disable_local_channels = NO;
+
+ ConfigChannel.autochanmodes = MODE_TOPICLIMIT | MODE_NOPRIVMSGS;
ConfigServerHide.flatten_links = 0;
ConfigServerHide.links_delay = 300;
ConfigFileEntry.min_nonwildcard = 4;
ConfigFileEntry.min_nonwildcard_simple = 3;
ConfigFileEntry.default_floodcount = 8;
- ConfigFileEntry.client_flood = CLIENT_FLOOD_DEFAULT;
+ ConfigFileEntry.default_ident_timeout = IDENT_TIMEOUT_DEFAULT;
ConfigFileEntry.tkline_expire_notices = 0;
ConfigFileEntry.reject_after_count = 5;
- ConfigFileEntry.reject_ban_time = 300;
+ ConfigFileEntry.reject_ban_time = 300;
ConfigFileEntry.reject_duration = 120;
ConfigFileEntry.throttle_count = 4;
ConfigFileEntry.throttle_duration = 60;
+ ConfigFileEntry.client_flood_max_lines = CLIENT_FLOOD_DEFAULT;
+ ConfigFileEntry.client_flood_burst_rate = 5;
+ ConfigFileEntry.client_flood_burst_max = 5;
+ ConfigFileEntry.client_flood_message_time = 1;
+ ConfigFileEntry.client_flood_message_num = 2;
+
ServerInfo.default_max_clients = MAXCONNECTIONS;
+
+ ConfigFileEntry.nicklen = NICKLEN;
+ ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SHA1;
+
+ if (!alias_dict)
+ alias_dict = irc_dictionary_create(strcasecmp);
}
#undef YES
#undef NO
/*
- * read_conf()
+ * read_conf()
*
*
- * inputs - file descriptor pointing to config file to use
+ * inputs - None
* output - None
* side effects - Read configuration file.
*/
static void
-read_conf(FILE * file)
+read_conf(void)
{
lineno = 0;
validate_conf(); /* Check to make sure some values are still okay. */
/* Some global values are also loaded here. */
check_class(); /* Make sure classes are valid */
+ privilegeset_delete_all_illegal();
+ construct_cflags_strings();
}
static void
validate_conf(void)
{
+ if(ConfigFileEntry.default_ident_timeout < 1)
+ ConfigFileEntry.default_ident_timeout = IDENT_TIMEOUT_DEFAULT;
+
if(ConfigFileEntry.ts_warn_delta < TS_WARN_DELTA_MIN)
ConfigFileEntry.ts_warn_delta = TS_WARN_DELTA_DEFAULT;
if(ServerInfo.network_name == NULL)
ServerInfo.network_name = rb_strdup(NETWORK_NAME_DEFAULT);
- if(ServerInfo.network_desc == NULL)
- ServerInfo.network_desc = rb_strdup(NETWORK_DESC_DEFAULT);
-
if(ServerInfo.ssld_count < 1)
ServerInfo.ssld_count = 1;
int start = ServerInfo.ssld_count - get_ssld_count();
/* start up additional ssld if needed */
start_ssldaemon(start, ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params);
-
+
}
- if((ConfigFileEntry.client_flood < CLIENT_FLOOD_MIN) ||
- (ConfigFileEntry.client_flood > CLIENT_FLOOD_MAX))
- ConfigFileEntry.client_flood = CLIENT_FLOOD_MAX;
+ /* General conf */
+ if (ConfigFileEntry.default_operstring == NULL)
+ ConfigFileEntry.default_operstring = rb_strdup("is an IRC operator");
+
+ if (ConfigFileEntry.default_adminstring == NULL)
+ ConfigFileEntry.default_adminstring = rb_strdup("is a Server Administrator");
+
+ if (ConfigFileEntry.servicestring == NULL)
+ ConfigFileEntry.servicestring = rb_strdup("is a Network Service");
+
+ if (ConfigFileEntry.sasl_service == NULL)
+ ConfigFileEntry.sasl_service = rb_strdup("SaslServ");
+
+ /* RFC 1459 says 1 message per 2 seconds on average and bursts of
+ * 5 messages are acceptable, so allow at least that.
+ */
+ if(ConfigFileEntry.client_flood_burst_rate < 5)
+ ConfigFileEntry.client_flood_burst_rate = 5;
+ if(ConfigFileEntry.client_flood_burst_max < 5)
+ ConfigFileEntry.client_flood_burst_max = 5;
+ if(ConfigFileEntry.client_flood_message_time >
+ ConfigFileEntry.client_flood_message_num * 2)
+ ConfigFileEntry.client_flood_message_time =
+ ConfigFileEntry.client_flood_message_num * 2;
+
+ if((ConfigFileEntry.client_flood_max_lines < CLIENT_FLOOD_MIN) ||
+ (ConfigFileEntry.client_flood_max_lines > CLIENT_FLOOD_MAX))
+ ConfigFileEntry.client_flood_max_lines = CLIENT_FLOOD_MAX;
if(!split_users || !split_servers ||
(!ConfigChannel.no_create_on_split && !ConfigChannel.no_join_on_split))
*
* inputs - pointer to struct ConfItem
* output - none
- * Side effects - links in given struct ConfItem into
+ * Side effects - links in given struct ConfItem into
* temporary kline link list
*/
void
add_conf_by_address(aconf->host, CONF_DLINE, aconf->user, NULL, aconf);
}
+/* valid_wild_card()
+ *
+ * input - user buffer, host buffer
+ * output - 0 if invalid, 1 if valid
+ * side effects -
+ */
+int
+valid_wild_card(const char *luser, const char *lhost)
+{
+ const char *p;
+ char tmpch;
+ int nonwild = 0;
+ int bitlen;
+
+ /* user has no wildcards, always accept -- jilles */
+ if(!strchr(luser, '?') && !strchr(luser, '*'))
+ return 1;
+
+ /* check there are enough non wildcard chars */
+ p = luser;
+ while((tmpch = *p++))
+ {
+ if(!IsKWildChar(tmpch))
+ {
+ /* found enough chars, return */
+ if(++nonwild >= ConfigFileEntry.min_nonwildcard)
+ return 1;
+ }
+ }
+
+ /* try host, as user didnt contain enough */
+ /* special case for cidr masks -- jilles */
+ if((p = strrchr(lhost, '/')) != NULL && IsDigit(p[1]))
+ {
+ bitlen = atoi(p + 1);
+ /* much like non-cidr for ipv6, rather arbitrary for ipv4 */
+ if(bitlen > 0
+ && bitlen >=
+ (strchr(lhost, ':') ? 4 * (ConfigFileEntry.min_nonwildcard - nonwild) : 6 -
+ 2 * nonwild))
+ return 1;
+ }
+ else
+ {
+ p = lhost;
+ while((tmpch = *p++))
+ {
+ if(!IsKWildChar(tmpch))
+ if(++nonwild >= ConfigFileEntry.min_nonwildcard)
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
+rb_dlink_node *
+find_prop_ban(unsigned int status, const char *user, const char *host)
+{
+ rb_dlink_node *ptr;
+ struct ConfItem *aconf;
+
+ RB_DLINK_FOREACH(ptr, prop_bans.head)
+ {
+ aconf = ptr->data;
+
+ if((aconf->status & ~CONF_ILLEGAL) == status &&
+ (!user || !aconf->user ||
+ !irccmp(aconf->user, user)) &&
+ !irccmp(aconf->host, host))
+ return ptr;
+ }
+ return NULL;
+}
+
+void
+deactivate_conf(struct ConfItem *aconf, rb_dlink_node *ptr, time_t now)
+{
+ int i;
+
+ s_assert(ptr->data == aconf);
+
+ switch (aconf->status)
+ {
+ case CONF_KILL:
+ if (aconf->lifetime == 0 &&
+ aconf->flags & CONF_FLAGS_TEMPORARY)
+ for (i = 0; i < LAST_TEMP_TYPE; i++)
+ rb_dlinkFindDestroy(aconf, &temp_klines[i]);
+ /* Make sure delete_one_address_conf() does not
+ * free the aconf.
+ */
+ aconf->clients++;
+ delete_one_address_conf(aconf->host, aconf);
+ aconf->clients--;
+ break;
+ case CONF_DLINE:
+ if (aconf->lifetime == 0 &&
+ aconf->flags & CONF_FLAGS_TEMPORARY)
+ for (i = 0; i < LAST_TEMP_TYPE; i++)
+ rb_dlinkFindDestroy(aconf, &temp_dlines[i]);
+ aconf->clients++;
+ delete_one_address_conf(aconf->host, aconf);
+ aconf->clients--;
+ break;
+ case CONF_XLINE:
+ rb_dlinkFindDestroy(aconf, &xline_conf_list);
+ break;
+ case CONF_RESV_NICK:
+ rb_dlinkFindDestroy(aconf, &resv_conf_list);
+ break;
+ case CONF_RESV_CHANNEL:
+ del_from_resv_hash(aconf->host, aconf);
+ break;
+ }
+ if (aconf->lifetime != 0 && now < aconf->lifetime)
+ aconf->status |= CONF_ILLEGAL;
+ else
+ {
+ if (aconf->lifetime != 0)
+ rb_dlinkDestroy(ptr, &prop_bans);
+ free_conf(aconf);
+ }
+}
+
+/* Given a new ban ConfItem, look for any matching ban, update the lifetime
+ * from it and delete it.
+ */
+void
+replace_old_ban(struct ConfItem *aconf)
+{
+ rb_dlink_node *ptr;
+ struct ConfItem *oldconf;
+
+ ptr = find_prop_ban(aconf->status, aconf->user, aconf->host);
+ if(ptr != NULL)
+ {
+ oldconf = ptr->data;
+ /* Remember at least as long as the old one. */
+ if(oldconf->lifetime > aconf->lifetime)
+ aconf->lifetime = oldconf->lifetime;
+ /* Force creation time to increase. */
+ if(oldconf->created >= aconf->created)
+ aconf->created = oldconf->created + 1;
+ /* Leave at least one second of validity. */
+ if(aconf->hold <= aconf->created)
+ aconf->hold = aconf->created + 1;
+ if(aconf->lifetime < aconf->hold)
+ aconf->lifetime = aconf->hold;
+ /* Tell deactivate_conf() to destroy it. */
+ oldconf->lifetime = rb_current_time();
+ deactivate_conf(oldconf, ptr, oldconf->lifetime);
+ }
+}
+
+static void
+expire_prop_bans(void *list)
+{
+ rb_dlink_node *ptr;
+ rb_dlink_node *next_ptr;
+ struct ConfItem *aconf;
+ time_t now;
+
+ now = rb_current_time();
+ RB_DLINK_FOREACH_SAFE(ptr, next_ptr, ((rb_dlink_list *) list)->head)
+ {
+ aconf = ptr->data;
+
+ if(aconf->lifetime <= now ||
+ (aconf->hold <= now &&
+ !(aconf->status & CONF_ILLEGAL)))
+ {
+ /* Alert opers that a TKline expired - Hwy */
+ /* XXX show what type of ban it is */
+ if(ConfigFileEntry.tkline_expire_notices &&
+ !(aconf->status & CONF_ILLEGAL))
+ sendto_realops_snomask(SNO_GENERAL, L_ALL,
+ "Propagated ban for [%s%s%s] expired",
+ aconf->user ? aconf->user : "",
+ aconf->user ? "@" : "",
+ aconf->host ? aconf->host : "*");
+
+ /* will destroy or mark illegal */
+ deactivate_conf(aconf, ptr, now);
+ }
+ }
+}
+
/* expire_tkline()
*
* inputs - list pointer
if(aconf->hold < (rb_current_time() + (60 * 60)))
{
- rb_dlinkMoveNode(ptr, list, (aconf->status == CONF_KILL) ?
+ rb_dlinkMoveNode(ptr, list, (aconf->status == CONF_KILL) ?
&temp_klines[TEMP_MIN] : &temp_dlines[TEMP_MIN]);
aconf->port = TEMP_MIN;
}
{
if(aconf->hold < (rb_current_time() + (1440 * 60)))
{
- rb_dlinkMoveNode(ptr, list, (aconf->status == CONF_KILL) ?
+ rb_dlinkMoveNode(ptr, list, (aconf->status == CONF_KILL) ?
&temp_klines[TEMP_HOUR] : &temp_dlines[TEMP_HOUR]);
aconf->port = TEMP_HOUR;
}
- else if(aconf->port > TEMP_DAY &&
+ else if(aconf->port > TEMP_DAY &&
(aconf->hold < (rb_current_time() + (10080 * 60))))
{
- rb_dlinkMoveNode(ptr, list, (aconf->status == CONF_KILL) ?
+ rb_dlinkMoveNode(ptr, list, (aconf->status == CONF_KILL) ?
&temp_klines[TEMP_DAY] : &temp_dlines[TEMP_DAY]);
aconf->port = TEMP_DAY;
}
}
rb_snprintf(buffer, sizeof(buffer), "%s!%s@%s{%s}",
- client_p->name, client_p->username,
+ client_p->name, client_p->username,
client_p->host, client_p->servptr->name);
return buffer;
}
*
* inputs - struct ConfItem
*
- * output - name
+ * output - name
* - host
* - pass
* - user
*/
void
get_printable_conf(struct ConfItem *aconf, char **name, char **host,
- char **pass, char **user, int *port, char **classname)
+ const char **pass, char **user, int *port, char **classname)
{
static char null[] = "<NULL>";
static char zero[] = "default";
- *name = EmptyString(aconf->name) ? null : aconf->name;
+ *name = EmptyString(aconf->info.name) ? null : aconf->info.name;
*host = EmptyString(aconf->host) ? null : aconf->host;
*pass = EmptyString(aconf->passwd) ? null : aconf->passwd;
*user = EmptyString(aconf->user) ? null : aconf->user;
*port = (int) aconf->port;
}
+char *
+get_user_ban_reason(struct ConfItem *aconf)
+{
+ static char reasonbuf[BUFSIZE];
+
+ if (aconf->flags & CONF_FLAGS_TEMPORARY &&
+ (aconf->status == CONF_KILL || aconf->status == CONF_DLINE))
+ rb_snprintf(reasonbuf, sizeof reasonbuf,
+ "Temporary %c-line %d min. - ",
+ aconf->status == CONF_DLINE ? 'D' : 'K',
+ (int)((aconf->hold - aconf->created) / 60));
+ else
+ reasonbuf[0] = '\0';
+ if (aconf->passwd)
+ rb_strlcat(reasonbuf, aconf->passwd, sizeof reasonbuf);
+ else
+ rb_strlcat(reasonbuf, "No Reason", sizeof reasonbuf);
+ if (aconf->created)
+ {
+ rb_strlcat(reasonbuf, " (", sizeof reasonbuf);
+ rb_strlcat(reasonbuf, smalldate(aconf->created),
+ sizeof reasonbuf);
+ rb_strlcat(reasonbuf, ")", sizeof reasonbuf);
+ }
+ return reasonbuf;
+}
+
void
-get_printable_kline(struct Client *source_p, struct ConfItem *aconf,
+get_printable_kline(struct Client *source_p, struct ConfItem *aconf,
char **host, char **reason,
char **user, char **oper_reason)
{
static char null[] = "<NULL>";
+ static char operreasonbuf[BUFSIZE];
*host = EmptyString(aconf->host) ? null : aconf->host;
- *reason = EmptyString(aconf->passwd) ? null : aconf->passwd;
*user = EmptyString(aconf->user) ? null : aconf->user;
+ *reason = get_user_ban_reason(aconf);
- if(EmptyString(aconf->spasswd) || !IsOper(source_p))
+ if(!IsOper(source_p))
*oper_reason = NULL;
else
- *oper_reason = aconf->spasswd;
+ {
+ rb_snprintf(operreasonbuf, sizeof operreasonbuf, "%s%s(%s)",
+ EmptyString(aconf->spasswd) ? "" : aconf->spasswd,
+ EmptyString(aconf->spasswd) ? "" : " ",
+ aconf->info.oper);
+ *oper_reason = operreasonbuf;
+ }
}
/*
conf_fbfile_in = NULL;
- filename = get_conf_name(CONF_TYPE);
+ filename = ConfigFileEntry.configfile;
/* We need to know the initial filename for the yyerror() to report
FIXME: The full path is in conffilenamebuf first time since we
dont know anything else
- - Gozem 2002-07-21
+ - Gozem 2002-07-21
+
+
*/
rb_strlcpy(conffilebuf, filename, sizeof(conffilebuf));
{
if(cold)
{
+ inotice("Failed in reading configuration file %s, aborting", filename);
ilog(L_MAIN, "Failed in reading configuration file %s", filename);
+
+ int e;
+ e = errno;
+
+ inotice("FATAL: %s %s", strerror(e), filename);
+ ilog(L_MAIN, "FATAL: %s %s", strerror(e), filename);
+
exit(-1);
}
else
clear_out_old_conf();
}
- read_conf(conf_fbfile_in);
+ call_hook(h_conf_read_start, NULL);
+ read_conf();
+ call_hook(h_conf_read_end, NULL);
+
fclose(conf_fbfile_in);
}
ServerInfo.description = NULL;
rb_free(ServerInfo.network_name);
ServerInfo.network_name = NULL;
- rb_free(ServerInfo.network_desc);
- ServerInfo.network_desc = NULL;
ServerInfo.ssld_count = 1;
*/
/* clean out general */
+ rb_free(ConfigFileEntry.default_operstring);
+ ConfigFileEntry.default_operstring = NULL;
+ rb_free(ConfigFileEntry.default_adminstring);
+ ConfigFileEntry.default_adminstring = NULL;
+ rb_free(ConfigFileEntry.servicestring);
+ ConfigFileEntry.servicestring = NULL;
+ rb_free(ConfigFileEntry.kline_reason);
+ ConfigFileEntry.kline_reason = NULL;
+ rb_free(ConfigFileEntry.sasl_service);
+ ConfigFileEntry.sasl_service = NULL;
+
+ /* clean out log */
+ rb_free(ConfigFileEntry.fname_userlog);
+ ConfigFileEntry.fname_userlog = NULL;
+ rb_free(ConfigFileEntry.fname_fuserlog);
+ ConfigFileEntry.fname_fuserlog = NULL;
+ rb_free(ConfigFileEntry.fname_operlog);
+ ConfigFileEntry.fname_operlog = NULL;
+ rb_free(ConfigFileEntry.fname_foperlog);
+ ConfigFileEntry.fname_foperlog = NULL;
+ rb_free(ConfigFileEntry.fname_serverlog);
+ ConfigFileEntry.fname_serverlog = NULL;
+ rb_free(ConfigFileEntry.fname_killlog);
+ ConfigFileEntry.fname_killlog = NULL;
+ rb_free(ConfigFileEntry.fname_klinelog);
+ ConfigFileEntry.fname_klinelog = NULL;
+ rb_free(ConfigFileEntry.fname_operspylog);
+ ConfigFileEntry.fname_operspylog = NULL;
+ rb_free(ConfigFileEntry.fname_ioerrorlog);
+ ConfigFileEntry.fname_ioerrorlog = NULL;
+
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, service_list.head)
{
rb_free(ptr->data);
}
/* remove any aliases... -- nenolod */
- irc_dictionary_destroy(alias_dict, free_alias_cb, NULL);
- alias_dict = NULL;
-
- destroy_blacklists();
-
- /* OK, that should be everything... */
-}
-
-
-/* write_confitem()
- *
- * inputs - kline, dline or resv type flag
- * - client pointer to report to
- * - user name of target
- * - host name of target
- * - reason for target
- * - time string
- * - type of xline
- * output - NONE
- * side effects - This function takes care of finding the right conf
- * file and adding the line to it, as well as notifying
- * opers and the user.
- */
-void
-write_confitem(KlineType type, struct Client *source_p, char *user,
- char *host, const char *reason, const char *oper_reason,
- const char *current_date, int xtype)
-{
- char buffer[1024];
- FILE *out;
- const char *filename; /* filename to use for kline */
-
- filename = get_conf_name(type);
-
- if(type == KLINE_TYPE)
- {
- if(EmptyString(oper_reason))
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s added K-Line for [%s@%s] [%s]",
- get_oper_name(source_p), user,
- host, reason);
- ilog(L_KLINE, "K %s 0 %s %s %s",
- get_oper_name(source_p), user, host, reason);
- }
- else
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s added K-Line for [%s@%s] [%s|%s]",
- get_oper_name(source_p), user,
- host, reason, oper_reason);
- ilog(L_KLINE, "K %s 0 %s %s %s|%s",
- get_oper_name(source_p), user, host,
- reason, oper_reason);
- }
-
- sendto_one_notice(source_p, ":Added K-Line [%s@%s]",
- user, host);
- }
- else if(type == DLINE_TYPE)
- {
- if(EmptyString(oper_reason))
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s added D-Line for [%s] [%s]",
- get_oper_name(source_p), host, reason);
- ilog(L_KLINE, "D %s 0 %s %s",
- get_oper_name(source_p), host, reason);
- }
- else
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s added D-Line for [%s] [%s|%s]",
- get_oper_name(source_p), host,
- reason, oper_reason);
- ilog(L_KLINE, "D %s 0 %s %s|%s",
- get_oper_name(source_p), host,
- reason, oper_reason);
- }
-
- sendto_one_notice(source_p, ":Added D-Line [%s] to %s", host, filename);
-
- }
- else if(type == RESV_TYPE)
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s added RESV for [%s] [%s]",
- get_oper_name(source_p), host, reason);
- ilog(L_KLINE, "R %s 0 %s %s",
- get_oper_name(source_p), host, reason);
-
- sendto_one_notice(source_p, ":Added RESV for [%s] [%s]",
- host, reason);
- }
-
- if((out = fopen(filename, "a")) == NULL)
+ if (alias_dict != NULL)
{
- sendto_realops_snomask(SNO_GENERAL, L_ALL, "*** Problem opening %s ", filename);
- sendto_one_notice(source_p, ":*** Problem opening file, added temporarily only");
- return;
+ irc_dictionary_destroy(alias_dict, free_alias_cb, NULL);
+ alias_dict = NULL;
}
- if(oper_reason == NULL)
- oper_reason = "";
-
- if(type == KLINE_TYPE)
- {
- rb_snprintf(buffer, sizeof(buffer),
- "\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",%ld\n",
- user, host, reason, oper_reason, current_date,
- get_oper_name(source_p), (long int)rb_current_time());
- }
- else if(type == DLINE_TYPE)
- {
- rb_snprintf(buffer, sizeof(buffer),
- "\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",%ld\n", host,
- reason, oper_reason, current_date, get_oper_name(source_p), (long int)rb_current_time());
- }
- else if(type == RESV_TYPE)
- {
- rb_snprintf(buffer, sizeof(buffer), "\"%s\",\"%s\",\"%s\",%ld\n",
- host, reason, get_oper_name(source_p), (long int)rb_current_time());
- }
+ destroy_blacklists();
- if(fputs(buffer, out) == -1)
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL, "*** Problem writing to %s", filename);
- sendto_one_notice(source_p, ":*** Problem writing to file, added temporarily only");
- fclose(out);
- return;
- }
+ privilegeset_mark_all_illegal();
- if (fclose(out))
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL, "*** Problem writing to %s", filename);
- sendto_one_notice(source_p, ":*** Problem writing to file, added temporarily only");
- return;
- }
+ /* OK, that should be everything... */
}
-/* get_conf_name
- *
- * inputs - type of conf file to return name of file for
- * output - pointer to filename for type of conf
- * side effects - none
- */
-const char *
-get_conf_name(KlineType type)
-{
- if(type == CONF_TYPE)
- {
- return (ConfigFileEntry.configfile);
- }
- else if(type == DLINE_TYPE)
- {
- return (ConfigFileEntry.dlinefile);
- }
- else if(type == RESV_TYPE)
- {
- return (ConfigFileEntry.resvfile);
- }
-
- return ConfigFileEntry.klinefile;
-}
/*
* conf_add_class_to_conf
* inputs - pointer to config item
* output - NONE
- * side effects - Add a class pointer to a conf
+ * side effects - Add a class pointer to a conf
*/
void
{
if(aconf->status == CONF_CLIENT)
{
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "Warning -- Using default class for missing class \"%s\" in auth{} for %s@%s",
+ conf_report_error(
+ "Using default class for missing class \"%s\" in auth{} for %s@%s",
aconf->className, aconf->user, aconf->host);
}
strip_tabs(newlinebuf, linebuf, strlen(linebuf));
+ ierror("\"%s\", line %d: %s at '%s'", conffilebuf, lineno + 1, msg, newlinebuf);
sendto_realops_snomask(SNO_GENERAL, L_ALL, "\"%s\", line %d: %s at '%s'",
conffilebuf, lineno + 1, msg, newlinebuf);
- ilog(L_MAIN, "\"%s\", line %d: %s at '%s'", conffilebuf, lineno + 1, msg, newlinebuf);
}
int
conf_fgets(char *lbuf, int max_size, FILE * fb)
{
- char *buff;
-
- if((buff = fgets(lbuf, max_size, fb)) == NULL)
+ if(fgets(lbuf, max_size, fb) == NULL)
return (0);
return (strlen(lbuf));
projects / solanum.git / blobdiff