#include "snomask.h"
#include "blacklist.h"
#include "sslproc.h"
+#include "privilege.h"
+#include "chmode.h"
#define CF_TYPE(x) ((x) & CF_MTYPE)
+static int yy_defer_accept = 1;
+
struct TopConf *conf_cur_block;
-static char *conf_cur_block_name;
+static char *conf_cur_block_name = NULL;
static rb_dlink_list conf_items;
static char *yy_blacklist_host = NULL;
static char *yy_blacklist_reason = NULL;
+static int yy_blacklist_ipv4 = 1;
+static int yy_blacklist_ipv6 = 0;
+static rb_dlink_list yy_blacklist_filters;
+
+static char *yy_privset_extends = NULL;
static const char *
conf_strtype(int type)
{
- switch (type & CF_MTYPE)
+ switch (CF_TYPE(type))
{
case CF_INT:
return "integer value";
}
int
-add_top_conf(const char *name, int (*sfunc) (struct TopConf *),
+add_top_conf(const char *name, int (*sfunc) (struct TopConf *),
int (*efunc) (struct TopConf *), struct ConfEntry *items)
{
struct TopConf *tc;
#endif
}
+static void
+conf_set_serverinfo_nicklen(void *data)
+{
+ ConfigFileEntry.nicklen = (*(unsigned int *) data) + 1;
+
+ if (ConfigFileEntry.nicklen > NICKLEN)
+ {
+ conf_report_error("Warning -- ignoring serverinfo::nicklen -- provided nicklen (%u) is greater than allowed nicklen (%u)",
+ ConfigFileEntry.nicklen - 1, NICKLEN - 1);
+ ConfigFileEntry.nicklen = NICKLEN;
+ }
+ else if (ConfigFileEntry.nicklen < 9 + 1)
+ {
+ conf_report_error("Warning -- serverinfo::nicklen is too low (%u) -- forcing 9",
+ ConfigFileEntry.nicklen - 1);
+ ConfigFileEntry.nicklen = 9 + 1;
+ }
+}
+
static void
conf_set_modules_module(void *data)
{
#ifndef STATIC_MODULES
char *m_bn;
- m_bn = irc_basename((char *) data);
+ m_bn = rb_basename((char *) data);
- if(findmodule_byname(m_bn) != -1)
- return;
-
- load_one_module((char *) data, 0);
+ if(findmodule_byname(m_bn) == -1)
+ load_one_module((char *) data, 0);
rb_free(m_bn);
#else
static struct mode_table oper_table[] = {
{"encrypted", OPER_ENCRYPTED },
- {"local_kill", OPER_LOCKILL },
- {"global_kill", OPER_GLOBKILL|OPER_LOCKILL },
- {"remote", OPER_REMOTE },
- {"kline", OPER_KLINE },
- {"unkline", OPER_UNKLINE },
- {"nick_changes", OPER_NICKS },
- {"rehash", OPER_REHASH },
- {"die", OPER_DIE },
- {"admin", OPER_ADMIN },
- {"hidden_admin", OPER_HADMIN },
- {"xline", OPER_XLINE },
- {"resv", OPER_RESV },
- {"operwall", OPER_OPERWALL },
- {"oper_spy", OPER_SPY },
- {"hidden_oper", OPER_INVIS },
- {"remoteban", OPER_REMOTEBAN },
- {"mass_notice", OPER_MASSNOTICE },
+ {"need_ssl", OPER_NEEDSSL },
{NULL, 0}
};
{"no_tilde", CONF_FLAGS_NO_TILDE },
{"need_ident", CONF_FLAGS_NEED_IDENTD },
{"have_ident", CONF_FLAGS_NEED_IDENTD },
+ {"need_ssl", CONF_FLAGS_NEED_SSL },
{"need_sasl", CONF_FLAGS_NEED_SASL },
{NULL, 0}
};
int dir = 1;
int mode;
- if((args->type & CF_MTYPE) != CF_STRING)
+ if(CF_TYPE(args->type) != CF_STRING)
{
conf_report_error("Warning -- %s is not a string; ignoring.", whatis);
continue;
}
}
+static void
+conf_set_privset_extends(void *data)
+{
+ yy_privset_extends = rb_strdup((char *) data);
+}
+
+static void
+conf_set_privset_privs(void *data)
+{
+ char *privs = NULL;
+ conf_parm_t *args = data;
+
+ for (; args; args = args->next)
+ {
+ if (privs == NULL)
+ privs = rb_strdup(args->v.string);
+ else
+ {
+ char *privs_old = privs;
+
+ privs = rb_malloc(strlen(privs_old) + 1 + strlen(args->v.string) + 1);
+ strcpy(privs, privs_old);
+ strcat(privs, " ");
+ strcat(privs, args->v.string);
+
+ rb_free(privs_old);
+ }
+ }
+
+ if (privs)
+ {
+ if (yy_privset_extends)
+ {
+ struct PrivilegeSet *set = privilegeset_get(yy_privset_extends);
+
+ if (!set)
+ {
+ conf_report_error("Warning -- unknown parent privilege set %s for %s; assuming defaults", yy_privset_extends, conf_cur_block_name);
+
+ set = privilegeset_get("default");
+ }
+
+ privilegeset_extend(set, conf_cur_block_name != NULL ? conf_cur_block_name : "<unknown>", privs, 0);
+
+ rb_free(yy_privset_extends);
+ yy_privset_extends = NULL;
+ }
+ else
+ privilegeset_set_new(conf_cur_block_name != NULL ? conf_cur_block_name : "<unknown>", privs, 0);
+
+ rb_free(privs);
+ }
+}
+
static int
conf_begin_oper(struct TopConf *tc)
{
}
yy_oper = make_oper_conf();
- yy_oper->flags |= OPER_ENCRYPTED|OPER_RESV|OPER_OPERWALL|OPER_REMOTEBAN|OPER_MASSNOTICE;
+ yy_oper->flags |= OPER_ENCRYPTED;
return 0;
}
return 0;
}
+
+ if (!yy_oper->privset)
+ yy_oper->privset = privilegeset_get("default");
+
/* now, yy_oper_list contains a stack of oper_conf's with just user
* and host in, yy_oper contains the rest of the information which
* we need to copy into each element in yy_oper_list
yy_tmpoper->flags = yy_oper->flags;
yy_tmpoper->umodes = yy_oper->umodes;
yy_tmpoper->snomask = yy_oper->snomask;
+ yy_tmpoper->privset = yy_oper->privset;
#ifdef HAVE_LIBCRYPTO
if(yy_oper->rsa_pubkey_file)
yy_tmpoper->name);
return 0;
}
-
+
yy_tmpoper->rsa_pubkey =
(RSA *) PEM_read_bio_RSA_PUBKEY(file, NULL, 0, NULL);
return 0;
}
}
+
+ if(!EmptyString(yy_oper->certfp))
+ yy_tmpoper->certfp = rb_strdup(yy_oper->certfp);
#endif
/* all is ok, put it on oper_conf_list */
set_modes_from_table(&yy_oper->flags, "flag", oper_table, args);
}
+static void
+conf_set_oper_fingerprint(void *data)
+{
+ if (yy_oper->certfp)
+ rb_free(yy_oper->certfp);
+ yy_oper->certfp = rb_strdup((char *) data);
+}
+
+static void
+conf_set_oper_privset(void *data)
+{
+ yy_oper->privset = privilegeset_get((char *) data);
+}
+
static void
conf_set_oper_user(void *data)
{
}
static void
-conf_set_class_cidr_bitlen(void *data)
+conf_set_class_cidr_ipv4_bitlen(void *data)
{
+ unsigned int maxsize = 32;
+ if(*(unsigned int *) data > maxsize)
+ conf_report_error
+ ("class::cidr_ipv4_bitlen argument exceeds maxsize (%d > %d) - ignoring.",
+ *(unsigned int *) data, maxsize);
+ else
+ yy_class->cidr_ipv4_bitlen = *(unsigned int *) data;
+
+}
+
#ifdef RB_IPV6
+static void
+conf_set_class_cidr_ipv6_bitlen(void *data)
+{
unsigned int maxsize = 128;
-#else
- unsigned int maxsize = 32;
-#endif
if(*(unsigned int *) data > maxsize)
conf_report_error
- ("class::cidr_bitlen argument exceeds maxsize (%d > %d) - ignoring.",
+ ("class::cidr_ipv6_bitlen argument exceeds maxsize (%d > %d) - ignoring.",
*(unsigned int *) data, maxsize);
else
- yy_class->cidr_bitlen = *(unsigned int *) data;
+ yy_class->cidr_ipv6_bitlen = *(unsigned int *) data;
}
+#endif
+
static void
conf_set_class_number_per_cidr(void *data)
{
return 0;
}
-
+static void
+conf_set_listen_defer_accept(void *data)
+{
+ yy_defer_accept = *(unsigned int *) data;
+}
static void
conf_set_listen_port_both(void *data, int ssl)
conf_parm_t *args = data;
for (; args; args = args->next)
{
- if((args->type & CF_MTYPE) != CF_INT)
+ if(CF_TYPE(args->type) != CF_INT)
{
conf_report_error
("listener::port argument is not an integer " "-- ignoring.");
}
if(listener_address == NULL)
{
- add_listener(args->v.number, listener_address, AF_INET, ssl);
+ add_listener(args->v.number, listener_address, AF_INET, ssl, ssl || yy_defer_accept);
#ifdef RB_IPV6
- add_listener(args->v.number, listener_address, AF_INET6, ssl);
+ add_listener(args->v.number, listener_address, AF_INET6, ssl, ssl || yy_defer_accept);
#endif
}
else
#ifdef RB_IPV6
if(strchr(listener_address, ':') != NULL)
family = AF_INET6;
- else
+ else
#endif
family = AF_INET;
-
- add_listener(args->v.number, listener_address, family, ssl);
-
+
+ add_listener(args->v.number, listener_address, family, ssl, ssl || yy_defer_accept);
+
}
}
static int
conf_end_auth(struct TopConf *tc)
{
- struct ConfItem *yy_tmp;
+ struct ConfItem *yy_tmp, *found_conf;
rb_dlink_node *ptr;
rb_dlink_node *next_ptr;
- if(EmptyString(yy_aconf->name))
- yy_aconf->name = rb_strdup("NOMATCH");
+ if(EmptyString(yy_aconf->info.name))
+ yy_aconf->info.name = rb_strdup("NOMATCH");
/* didnt even get one ->host? */
if(EmptyString(yy_aconf->host))
collapse(yy_aconf->user);
collapse(yy_aconf->host);
conf_add_class_to_conf(yy_aconf);
- add_conf_by_address(yy_aconf->host, CONF_CLIENT, yy_aconf->user, yy_aconf->spasswd, yy_aconf);
+ if ((found_conf = find_exact_conf_by_address("*", CONF_CLIENT, "*")) && found_conf->spasswd == NULL)
+ conf_report_error("Ignoring redundant auth block (after *@*)");
+ else if ((found_conf = find_exact_conf_by_address(yy_aconf->host, CONF_CLIENT, yy_aconf->user)) &&
+ (!found_conf->spasswd || (yy_aconf->spasswd &&
+ 0 == irccmp(found_conf->spasswd, yy_aconf->spasswd))))
+ conf_report_error("Ignoring duplicate auth block for %s@%s",
+ yy_aconf->user, yy_aconf->host);
+ else
+ add_conf_by_address(yy_aconf->host, CONF_CLIENT, yy_aconf->user, yy_aconf->spasswd, yy_aconf);
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_aconf_list.head)
{
if(yy_aconf->spasswd)
yy_tmp->spasswd = rb_strdup(yy_aconf->spasswd);
-
+
/* this will always exist.. */
- yy_tmp->name = rb_strdup(yy_aconf->name);
+ yy_tmp->info.name = rb_strdup(yy_aconf->info.name);
if(yy_aconf->className)
yy_tmp->className = rb_strdup(yy_aconf->className);
conf_add_class_to_conf(yy_tmp);
- add_conf_by_address(yy_tmp->host, CONF_CLIENT, yy_tmp->user, yy_tmp->spasswd, yy_tmp);
+ if ((found_conf = find_exact_conf_by_address("*", CONF_CLIENT, "*")) && found_conf->spasswd == NULL)
+ conf_report_error("Ignoring redundant auth block (after *@*)");
+ else if ((found_conf = find_exact_conf_by_address(yy_tmp->host, CONF_CLIENT, yy_tmp->user)) &&
+ (!found_conf->spasswd || (yy_tmp->spasswd &&
+ 0 == irccmp(found_conf->spasswd, yy_tmp->spasswd))))
+ conf_report_error("Ignoring duplicate auth block for %s@%s",
+ yy_tmp->user, yy_tmp->host);
+ else
+ add_conf_by_address(yy_tmp->host, CONF_CLIENT, yy_tmp->user, yy_tmp->spasswd, yy_tmp);
rb_dlinkDestroy(ptr, &yy_aconf_list);
}
return;
}
- rb_free(yy_aconf->name);
- yy_aconf->name = rb_strdup(data);
+ rb_free(yy_aconf->info.name);
+ yy_aconf->info.name = rb_strdup(data);
yy_aconf->flags |= CONF_FLAGS_SPOOF_IP;
}
conf_set_auth_redir_serv(void *data)
{
yy_aconf->flags |= CONF_FLAGS_REDIR;
- rb_free(yy_aconf->name);
- yy_aconf->name = rb_strdup(data);
+ rb_free(yy_aconf->info.name);
+ yy_aconf->info.name = rb_strdup(data);
}
static void
if(args->next != NULL)
{
- if((args->type & CF_MTYPE) != CF_QSTRING)
+ if(CF_TYPE(args->type) != CF_QSTRING)
{
conf_report_error("Ignoring shared::oper -- server is not a qstring");
return;
else
yy_shared->server = rb_strdup("*");
- if((args->type & CF_MTYPE) != CF_QSTRING)
+ if(CF_TYPE(args->type) != CF_QSTRING)
{
conf_report_error("Ignoring shared::oper -- oper is not a qstring");
return;
return 0;
}
- if(EmptyString(yy_server->passwd) || EmptyString(yy_server->spasswd))
+ if((EmptyString(yy_server->passwd) || EmptyString(yy_server->spasswd)) && EmptyString(yy_server->certfp))
{
- conf_report_error("Ignoring connect block for %s -- missing password.",
+ conf_report_error("Ignoring connect block for %s -- no fingerprint or password credentials provided.",
yy_server->name);
return 0;
}
yy_server->flags &= ~SERVER_COMPRESSED;
}
#endif
- if(ServerConfCompressed(yy_server) && ServerConfSSL(yy_server))
- {
- conf_report_error("Ignoring compressed for connect block %s -- "
- "ssl and compressed are mutually exclusive (OpenSSL does its own compression)",
- yy_server->name);
- yy_server->flags &= ~SERVER_COMPRESSED;
- }
add_server_conf(yy_server);
rb_dlinkAdd(yy_server, &yy_server->node, &server_conf_list);
yy_server->passwd = rb_strdup(data);
}
+static void
+conf_set_connect_fingerprint(void *data)
+{
+ if (yy_server->certfp)
+ rb_free(yy_server->certfp);
+ yy_server->certfp = rb_strdup((char *) data);
+
+ /* force SSL to be enabled if fingerprint is enabled. */
+ yy_server->flags |= SERVER_SSL;
+}
+
static void
conf_set_connect_port(void *data)
{
/* don't allow +o */
case 'o':
case 'S':
+ case 'Z':
case ' ':
break;
}
break;
}
- }
+ }
}
static void
set_modes_from_table(&ConfigFileEntry.oper_umodes, "umode", umode_table, data);
}
+static void
+conf_set_general_certfp_method(void *data)
+{
+ char *method = data;
+
+ if (!strcasecmp(method, "sha1"))
+ ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SHA1;
+ else if (!strcasecmp(method, "sha256"))
+ ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SHA256;
+ else if (!strcasecmp(method, "sha512"))
+ ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SHA512;
+ else
+ {
+ ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SHA1;
+ conf_report_error("Ignoring general::certfp_method -- bogus certfp method %s", method);
+ }
+}
+
static void
conf_set_general_oper_only_umodes(void *data)
{
ConfigServerHide.links_delay = val;
}
-static int
-conf_begin_service(struct TopConf *tc)
-{
- struct Client *target_p;
- rb_dlink_node *ptr;
-
- RB_DLINK_FOREACH(ptr, global_serv_list.head)
- {
- target_p = ptr->data;
-
- target_p->flags &= ~FLAGS_SERVICE;
- }
-
- return 0;
-}
-
static void
conf_set_service_name(void *data)
{
- struct Client *target_p;
const char *s;
char *tmp;
int dots = 0;
tmp = rb_strdup(data);
rb_dlinkAddAlloc(tmp, &service_list);
-
- if((target_p = find_server(NULL, tmp)))
- target_p->flags |= FLAGS_SERVICE;
}
static int
return -1;
}
- if (!alias_dict)
- alias_dict = irc_dictionary_create(strcasecmp);
-
irc_dictionary_add(alias_dict, yy_alias->name, yy_alias);
return 0;
yy_alias->target = rb_strdup(data);
}
+static void
+conf_set_channel_autochanmodes(void *data)
+{
+ char *pm;
+ int what = MODE_ADD;
+
+ ConfigChannel.autochanmodes = 0;
+ for (pm = (char *) data; *pm; pm++)
+ {
+ switch (*pm)
+ {
+ case '+':
+ what = MODE_ADD;
+ break;
+ case '-':
+ what = MODE_DEL;
+ break;
+
+ default:
+ if (chmode_table[(unsigned char) *pm].set_func == chm_simple)
+ {
+ if (what == MODE_ADD)
+ ConfigChannel.autochanmodes |= chmode_table[(unsigned char) *pm].mode_type;
+ else
+ ConfigChannel.autochanmodes &= ~chmode_table[(unsigned char) *pm].mode_type;
+ }
+ else
+ {
+ conf_report_error("channel::autochanmodes -- Invalid channel mode %c", pm);
+ continue;
+ }
+ break;
+ }
+ }
+}
+
+/* XXX for below */
+static void conf_set_blacklist_reason(void *data);
+
static void
conf_set_blacklist_host(void *data)
{
+ if (yy_blacklist_host)
+ {
+ conf_report_error("blacklist::host %s overlaps existing host %s",
+ (char *)data, yy_blacklist_host);
+
+ /* Cleanup */
+ conf_set_blacklist_reason(NULL);
+ return;
+ }
+
+ yy_blacklist_ipv4 = 1;
+ yy_blacklist_ipv6 = 0;
yy_blacklist_host = rb_strdup(data);
}
+static void
+conf_set_blacklist_type(void *data)
+{
+ conf_parm_t *args = data;
+
+ /* Don't assume we have either if we got here */
+ yy_blacklist_ipv4 = 0;
+ yy_blacklist_ipv6 = 0;
+
+ for (; args; args = args->next)
+ {
+ if (!strcasecmp(args->v.string, "ipv4"))
+ yy_blacklist_ipv4 = 1;
+ else if (!strcasecmp(args->v.string, "ipv6"))
+ yy_blacklist_ipv6 = 1;
+ else
+ conf_report_error("blacklist::type has unknown address family %s",
+ args->v.string);
+ }
+
+ /* If we have neither, just default to IPv4 */
+ if (!yy_blacklist_ipv4 && !yy_blacklist_ipv6)
+ {
+ conf_report_error("blacklist::type has neither IPv4 nor IPv6 (defaulting to IPv4)");
+ yy_blacklist_ipv4 = 1;
+ }
+}
+
+static void
+conf_set_blacklist_matches(void *data)
+{
+ conf_parm_t *args = data;
+
+ for (; args; args = args->next)
+ {
+ struct BlacklistFilter *filter;
+ char *str = args->v.string;
+ char *p;
+ int type = BLACKLIST_FILTER_LAST;
+
+ if (CF_TYPE(args->type) != CF_QSTRING)
+ {
+ conf_report_error("blacklist::matches -- must be quoted string");
+ continue;
+ }
+
+ if (str == NULL)
+ {
+ conf_report_error("blacklist::matches -- invalid entry");
+ continue;
+ }
+
+ if (strlen(str) > HOSTIPLEN)
+ {
+ conf_report_error("blacklist::matches has an entry too long: %s",
+ str);
+ continue;
+ }
+
+ for (p = str; *p != '\0'; p++)
+ {
+ /* Check for validity */
+ if (*p == '.')
+ type = BLACKLIST_FILTER_ALL;
+ else if (!isalnum((unsigned char)*p))
+ {
+ conf_report_error("blacklist::matches has invalid IP match entry %s",
+ str);
+ type = 0;
+ break;
+ }
+ }
+
+ if (type == BLACKLIST_FILTER_ALL)
+ {
+ /* Basic IP sanity check */
+ struct rb_sockaddr_storage tmp;
+ if (rb_inet_pton(AF_INET, str, &tmp) <= 0)
+ {
+ conf_report_error("blacklist::matches has invalid IP match entry %s",
+ str);
+ continue;
+ }
+ }
+ else if (type == BLACKLIST_FILTER_LAST)
+ {
+ /* Verify it's the correct length */
+ if (strlen(str) > 3)
+ {
+ conf_report_error("blacklist::matches has invalid octet match entry %s",
+ str);
+ continue;
+ }
+ }
+ else
+ {
+ continue; /* Invalid entry */
+ }
+
+ filter = rb_malloc(sizeof(struct BlacklistFilter));
+ filter->type = type;
+ rb_strlcpy(filter->filterstr, str, sizeof(filter->filterstr));
+
+ rb_dlinkAdd(filter, &filter->node, &yy_blacklist_filters);
+ }
+}
+
static void
conf_set_blacklist_reason(void *data)
{
- yy_blacklist_reason = rb_strdup(data);
+ rb_dlink_node *ptr, *nptr;
+
+ if (yy_blacklist_host && data)
+ {
+ yy_blacklist_reason = rb_strdup(data);
+ if (yy_blacklist_ipv6)
+ {
+ /* Make sure things fit (64 = alnum count + dots) */
+ if ((64 + strlen(yy_blacklist_host)) > IRCD_RES_HOSTLEN)
+ {
+ conf_report_error("blacklist::host %s results in IPv6 queries that are too long",
+ yy_blacklist_host);
+ goto cleanup_bl;
+ }
+ }
+ /* Avoid doing redundant check, IPv6 is bigger than IPv4 --Elizabeth */
+ if (yy_blacklist_ipv4 && !yy_blacklist_ipv6)
+ {
+ /* Make sure things fit (16 = number of nums + dots) */
+ if ((16 + strlen(yy_blacklist_host)) > IRCD_RES_HOSTLEN)
+ {
+ conf_report_error("blacklist::host %s results in IPv4 queries that are too long",
+ yy_blacklist_host);
+ goto cleanup_bl;
+ }
+ }
- if (yy_blacklist_host && yy_blacklist_reason)
+ new_blacklist(yy_blacklist_host, yy_blacklist_reason, yy_blacklist_ipv4, yy_blacklist_ipv6,
+ &yy_blacklist_filters);
+ }
+
+cleanup_bl:
+ if (data == NULL)
+ {
+ RB_DLINK_FOREACH_SAFE(ptr, nptr, yy_blacklist_filters.head)
+ {
+ rb_dlinkDelete(ptr, &yy_blacklist_filters);
+ rb_free(ptr);
+ }
+ }
+ else
{
- new_blacklist(yy_blacklist_host, yy_blacklist_reason);
- rb_free(yy_blacklist_host);
- rb_free(yy_blacklist_reason);
- yy_blacklist_host = NULL;
- yy_blacklist_reason = NULL;
+ yy_blacklist_filters = (rb_dlink_list){ NULL, NULL, 0 };
}
+
+ rb_free(yy_blacklist_host);
+ rb_free(yy_blacklist_reason);
+ yy_blacklist_host = NULL;
+ yy_blacklist_reason = NULL;
+ yy_blacklist_ipv4 = 1;
+ yy_blacklist_ipv6 = 0;
}
/* public functions */
int
conf_end_block(struct TopConf *tc)
{
+ int ret = 0;
if(tc->tc_efunc)
- return tc->tc_efunc(tc);
+ ret = tc->tc_efunc(tc);
rb_free(conf_cur_block_name);
- return 0;
+ conf_cur_block_name = NULL;
+ return ret;
}
static void
}
int
-conf_call_set(struct TopConf *tc, char *item, conf_parm_t * value, int type)
+conf_call_set(struct TopConf *tc, char *item, conf_parm_t * value)
{
struct ConfEntry *cf;
conf_parm_t *cp;
/* if it takes one thing, make sure they only passed one thing,
and handle as needed. */
- if(value->type & CF_FLIST && !cf->cf_type & CF_FLIST)
+ if((value->v.list->type & CF_FLIST) && !(cf->cf_type & CF_FLIST))
{
conf_report_error
("Option %s::%s does not take a list of values.", tc->tc_name, item);
if(CF_TYPE(value->v.list->type) != CF_TYPE(cf->cf_type))
{
- /* if it expects a string value, but we got a yesno,
+ /* if it expects a string value, but we got a yesno,
* convert it back
*/
if((CF_TYPE(value->v.list->type) == CF_YESNO) &&
if((tc = find_top_conf(topconf)) == NULL)
return -1;
- if((cf = find_conf_item(tc, name)) != NULL)
+ if(find_conf_item(tc, name) != NULL)
return -1;
cf = rb_malloc(sizeof(struct ConfEntry));
static struct ConfEntry conf_serverinfo_table[] =
{
{ "description", CF_QSTRING, NULL, 0, &ServerInfo.description },
- { "network_desc", CF_QSTRING, NULL, 0, &ServerInfo.network_desc },
{ "hub", CF_YESNO, NULL, 0, &ServerInfo.hub },
{ "network_name", CF_QSTRING, conf_set_serverinfo_network_name, 0, NULL },
{ "ssl_private_key", CF_QSTRING, NULL, 0, &ServerInfo.ssl_private_key },
{ "ssl_ca_cert", CF_QSTRING, NULL, 0, &ServerInfo.ssl_ca_cert },
- { "ssl_cert", CF_QSTRING, NULL, 0, &ServerInfo.ssl_cert },
+ { "ssl_cert", CF_QSTRING, NULL, 0, &ServerInfo.ssl_cert },
{ "ssl_dh_params", CF_QSTRING, NULL, 0, &ServerInfo.ssl_dh_params },
{ "ssld_count", CF_INT, NULL, 0, &ServerInfo.ssld_count },
{ "default_max_clients",CF_INT, NULL, 0, &ServerInfo.default_max_clients },
+ { "nicklen", CF_INT, conf_set_serverinfo_nicklen, 0, NULL },
+
{ "\0", 0, NULL, 0, NULL }
};
static struct ConfEntry conf_log_table[] =
{
- { "fname_userlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_userlog },
- { "fname_fuserlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_fuserlog },
- { "fname_operlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_operlog },
- { "fname_foperlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_foperlog },
- { "fname_serverlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_serverlog },
- { "fname_killlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_killlog },
- { "fname_klinelog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_klinelog },
- { "fname_operspylog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_operspylog },
- { "fname_ioerrorlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_ioerrorlog },
+ { "fname_userlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_userlog },
+ { "fname_fuserlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_fuserlog },
+ { "fname_operlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_operlog },
+ { "fname_foperlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_foperlog },
+ { "fname_serverlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_serverlog },
+ { "fname_killlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_killlog },
+ { "fname_klinelog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_klinelog },
+ { "fname_operspylog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_operspylog },
+ { "fname_ioerrorlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_ioerrorlog },
{ "\0", 0, NULL, 0, NULL }
};
{ "rsa_public_key_file", CF_QSTRING, conf_set_oper_rsa_public_key_file, 0, NULL },
{ "flags", CF_STRING | CF_FLIST, conf_set_oper_flags, 0, NULL },
{ "umodes", CF_STRING | CF_FLIST, conf_set_oper_umodes, 0, NULL },
+ { "privset", CF_QSTRING, conf_set_oper_privset, 0, NULL },
{ "snomask", CF_QSTRING, conf_set_oper_snomask, 0, NULL },
{ "user", CF_QSTRING, conf_set_oper_user, 0, NULL },
{ "password", CF_QSTRING, conf_set_oper_password, 0, NULL },
+ { "fingerprint", CF_QSTRING, conf_set_oper_fingerprint, 0, NULL },
{ "\0", 0, NULL, 0, NULL }
};
+static struct ConfEntry conf_privset_table[] =
+{
+ { "extends", CF_QSTRING, conf_set_privset_extends, 0, NULL },
+ { "privs", CF_STRING | CF_FLIST, conf_set_privset_privs, 0, NULL },
+ { "\0", 0, NULL, 0, NULL }
+};
+
static struct ConfEntry conf_class_table[] =
{
{ "ping_time", CF_TIME, conf_set_class_ping_time, 0, NULL },
- { "cidr_bitlen", CF_INT, conf_set_class_cidr_bitlen, 0, NULL },
+ { "cidr_ipv4_bitlen", CF_INT, conf_set_class_cidr_ipv4_bitlen, 0, NULL },
+#ifdef RB_IPV6
+ { "cidr_ipv6_bitlen", CF_INT, conf_set_class_cidr_ipv6_bitlen, 0, NULL },
+#endif
{ "number_per_cidr", CF_INT, conf_set_class_number_per_cidr, 0, NULL },
{ "number_per_ip", CF_INT, conf_set_class_number_per_ip, 0, NULL },
{ "number_per_ip_global", CF_INT,conf_set_class_number_per_ip_global, 0, NULL },
{
{ "send_password", CF_QSTRING, conf_set_connect_send_password, 0, NULL },
{ "accept_password", CF_QSTRING, conf_set_connect_accept_password, 0, NULL },
+ { "fingerprint", CF_QSTRING, conf_set_connect_fingerprint, 0, NULL },
{ "flags", CF_STRING | CF_FLIST, conf_set_connect_flags, 0, NULL },
{ "host", CF_QSTRING, conf_set_connect_host, 0, NULL },
{ "vhost", CF_QSTRING, conf_set_connect_vhost, 0, NULL },
{ "default_operstring", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.default_operstring },
{ "default_adminstring",CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.default_adminstring },
{ "servicestring", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.servicestring },
- { "egdpool_path", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.egdpool_path },
{ "kline_reason", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.kline_reason },
{ "identify_service", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.identifyservice },
{ "identify_command", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.identifycommand },
- { "servlink_path", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.servlink_path },
+ { "sasl_service", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.sasl_service },
{ "anti_spam_exit_message_time", CF_TIME, NULL, 0, &ConfigFileEntry.anti_spam_exit_message_time },
{ "disable_fake_channels", CF_YESNO, NULL, 0, &ConfigFileEntry.disable_fake_channels },
{ "burst_away", CF_YESNO, NULL, 0, &ConfigFileEntry.burst_away },
{ "caller_id_wait", CF_TIME, NULL, 0, &ConfigFileEntry.caller_id_wait },
{ "client_exit", CF_YESNO, NULL, 0, &ConfigFileEntry.client_exit },
- { "client_flood", CF_INT, NULL, 0, &ConfigFileEntry.client_flood },
{ "collision_fnc", CF_YESNO, NULL, 0, &ConfigFileEntry.collision_fnc },
+ { "resv_fnc", CF_YESNO, NULL, 0, &ConfigFileEntry.resv_fnc },
{ "connect_timeout", CF_TIME, NULL, 0, &ConfigFileEntry.connect_timeout },
{ "default_floodcount", CF_INT, NULL, 0, &ConfigFileEntry.default_floodcount },
+ { "default_ident_timeout", CF_INT, NULL, 0, &ConfigFileEntry.default_ident_timeout },
{ "disable_auth", CF_YESNO, NULL, 0, &ConfigFileEntry.disable_auth },
{ "dots_in_ident", CF_INT, NULL, 0, &ConfigFileEntry.dots_in_ident },
{ "failed_oper_notice", CF_YESNO, NULL, 0, &ConfigFileEntry.failed_oper_notice },
{ "max_nick_time", CF_TIME, NULL, 0, &ConfigFileEntry.max_nick_time },
{ "max_nick_changes", CF_INT, NULL, 0, &ConfigFileEntry.max_nick_changes },
{ "max_targets", CF_INT, NULL, 0, &ConfigFileEntry.max_targets },
- { "max_unknown_ip", CF_INT, NULL, 0, &ConfigFileEntry.max_unknown_ip },
{ "min_nonwildcard", CF_INT, NULL, 0, &ConfigFileEntry.min_nonwildcard },
{ "nick_delay", CF_TIME, NULL, 0, &ConfigFileEntry.nick_delay },
{ "no_oper_flood", CF_YESNO, NULL, 0, &ConfigFileEntry.no_oper_flood },
{ "reject_after_count", CF_INT, NULL, 0, &ConfigFileEntry.reject_after_count },
{ "reject_ban_time", CF_TIME, NULL, 0, &ConfigFileEntry.reject_ban_time },
{ "reject_duration", CF_TIME, NULL, 0, &ConfigFileEntry.reject_duration },
+ { "throttle_count", CF_INT, NULL, 0, &ConfigFileEntry.throttle_count },
+ { "throttle_duration", CF_TIME, NULL, 0, &ConfigFileEntry.throttle_duration },
{ "short_motd", CF_YESNO, NULL, 0, &ConfigFileEntry.short_motd },
{ "stats_c_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_c_oper_only },
{ "stats_e_disabled", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_e_disabled },
{ "stats_y_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_y_oper_only },
{ "target_change", CF_YESNO, NULL, 0, &ConfigFileEntry.target_change },
{ "ts_max_delta", CF_TIME, NULL, 0, &ConfigFileEntry.ts_max_delta },
- { "use_egd", CF_YESNO, NULL, 0, &ConfigFileEntry.use_egd },
{ "ts_warn_delta", CF_TIME, NULL, 0, &ConfigFileEntry.ts_warn_delta },
{ "use_whois_actually", CF_YESNO, NULL, 0, &ConfigFileEntry.use_whois_actually },
{ "warn_no_nline", CF_YESNO, NULL, 0, &ConfigFileEntry.warn_no_nline },
+ { "use_propagated_bans",CF_YESNO, NULL, 0, &ConfigFileEntry.use_propagated_bans },
+ { "client_flood_max_lines", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_max_lines },
+ { "client_flood_burst_rate", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_burst_rate },
+ { "client_flood_burst_max", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_burst_max },
+ { "client_flood_message_num", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_message_num },
+ { "client_flood_message_time", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_message_time },
+ { "max_ratelimit_tokens", CF_INT, NULL, 0, &ConfigFileEntry.max_ratelimit_tokens },
+ { "away_interval", CF_INT, NULL, 0, &ConfigFileEntry.away_interval },
+ { "certfp_method", CF_STRING, conf_set_general_certfp_method, 0, NULL },
{ "\0", 0, NULL, 0, NULL }
};
{ "max_chans_per_user", CF_INT, NULL, 0, &ConfigChannel.max_chans_per_user },
{ "no_create_on_split", CF_YESNO, NULL, 0, &ConfigChannel.no_create_on_split },
{ "no_join_on_split", CF_YESNO, NULL, 0, &ConfigChannel.no_join_on_split },
+ { "only_ascii_channels", CF_YESNO, NULL, 0, &ConfigChannel.only_ascii_channels },
{ "use_except", CF_YESNO, NULL, 0, &ConfigChannel.use_except },
{ "use_invex", CF_YESNO, NULL, 0, &ConfigChannel.use_invex },
- { "use_knock", CF_YESNO, NULL, 0, &ConfigChannel.use_knock },
{ "use_forward", CF_YESNO, NULL, 0, &ConfigChannel.use_forward },
+ { "use_knock", CF_YESNO, NULL, 0, &ConfigChannel.use_knock },
+ { "resv_forcepart", CF_YESNO, NULL, 0, &ConfigChannel.resv_forcepart },
+ { "channel_target_change", CF_YESNO, NULL, 0, &ConfigChannel.channel_target_change },
+ { "disable_local_channels", CF_YESNO, NULL, 0, &ConfigChannel.disable_local_channels },
+ { "autochanmodes", CF_QSTRING, conf_set_channel_autochanmodes, 0, NULL },
{ "\0", 0, NULL, 0, NULL }
};
add_top_conf("log", NULL, NULL, conf_log_table);
add_top_conf("operator", conf_begin_oper, conf_end_oper, conf_operator_table);
add_top_conf("class", conf_begin_class, conf_end_class, conf_class_table);
+ add_top_conf("privset", NULL, NULL, conf_privset_table);
add_top_conf("listen", conf_begin_listen, conf_end_listen, NULL);
+ add_conf_item("listen", "defer_accept", CF_YESNO, conf_set_listen_defer_accept);
add_conf_item("listen", "port", CF_INT | CF_FLIST, conf_set_listen_port);
add_conf_item("listen", "sslport", CF_INT | CF_FLIST, conf_set_listen_sslport);
add_conf_item("listen", "ip", CF_QSTRING, conf_set_listen_address);
add_top_conf("auth", conf_begin_auth, conf_end_auth, conf_auth_table);
add_top_conf("shared", conf_cleanup_shared, conf_cleanup_shared, NULL);
- add_conf_item("shared", "oper", CF_QSTRING|CF_FLIST, conf_set_shared_oper);
+ add_conf_item("shared", "oper", CF_QSTRING | CF_FLIST, conf_set_shared_oper);
add_conf_item("shared", "flags", CF_STRING | CF_FLIST, conf_set_shared_flags);
add_top_conf("connect", conf_begin_connect, conf_end_connect, conf_connect_table);
add_top_conf("channel", NULL, NULL, conf_channel_table);
add_top_conf("serverhide", NULL, NULL, conf_serverhide_table);
- add_top_conf("service", conf_begin_service, NULL, NULL);
+ add_top_conf("service", NULL, NULL, NULL);
add_conf_item("service", "name", CF_QSTRING, conf_set_service_name);
add_top_conf("alias", conf_begin_alias, conf_end_alias, NULL);
add_top_conf("blacklist", NULL, NULL, NULL);
add_conf_item("blacklist", "host", CF_QSTRING, conf_set_blacklist_host);
+ add_conf_item("blacklist", "type", CF_STRING | CF_FLIST, conf_set_blacklist_type);
+ add_conf_item("blacklist", "matches", CF_QSTRING | CF_FLIST, conf_set_blacklist_matches);
add_conf_item("blacklist", "reject_reason", CF_QSTRING, conf_set_blacklist_reason);
}
projects / solanum.git / blobdiff