#include "client.h"
#include "class.h"
-#include "common.h"
#include "hash.h"
#include "match.h"
#include "ircd.h"
#include "numeric.h"
#include "packet.h"
-#include "s_auth.h"
+#include "authproc.h"
#include "s_conf.h"
#include "s_newconf.h"
#include "logger.h"
#include "hook.h"
#include "msg.h"
#include "monitor.h"
-#include "blacklist.h"
#include "reject.h"
#include "scache.h"
#include "rb_dictionary.h"
#include "sslproc.h"
+#include "wsproc.h"
#include "s_assert.h"
#define DEBUG_EXITED_CLIENTS
static rb_bh *user_heap = NULL;
static rb_bh *away_heap = NULL;
static char current_uid[IDLEN];
-static int32_t current_connid = 0;
+static uint32_t current_connid = 0;
rb_dictionary *nd_dict = NULL;
-enum
-{
- D_LINED,
- K_LINED
-};
-
rb_dlink_list dead_list;
#ifdef DEBUG_EXITED_CLIENTS
static rb_dlink_list dead_remote_list;
nd_dict = rb_dictionary_create("nickdelay", irccmp);
}
+/*
+ * connid_get - allocate a connid
+ *
+ * inputs - none
+ * outputs - a connid token which is used to represent a logical circuit
+ * side effects - current_connid is incremented, possibly multiple times.
+ * the association of the connid to it's client is committed.
+ */
+uint32_t
+connid_get(struct Client *client_p)
+{
+ s_assert(MyConnect(client_p));
+ if (!MyConnect(client_p))
+ return 0;
+
+ /* find a connid that is available */
+ while (find_cli_connid_hash(++current_connid) != NULL)
+ {
+ /* handle wraparound, current_connid must NEVER be 0 */
+ if (current_connid == 0)
+ ++current_connid;
+ }
+
+ add_to_cli_connid_hash(client_p, current_connid);
+ rb_dlinkAddAlloc(RB_UINT_TO_POINTER(current_connid), &client_p->localClient->connids);
+
+ return current_connid;
+}
+
+/*
+ * connid_put - free a connid
+ *
+ * inputs - connid to free
+ * outputs - nothing
+ * side effects - connid bookkeeping structures are freed
+ */
+void
+connid_put(uint32_t id)
+{
+ struct Client *client_p;
+
+ s_assert(id != 0);
+ if (id == 0)
+ return;
+
+ client_p = find_cli_connid_hash(id);
+ if (client_p == NULL)
+ return;
+
+ del_from_cli_connid_hash(id);
+ rb_dlinkFindDestroy(RB_UINT_TO_POINTER(id), &client_p->localClient->connids);
+}
+
+/*
+ * client_release_connids - release any connids still attached to a client
+ *
+ * inputs - client to garbage collect
+ * outputs - none
+ * side effects - client's connids are garbage collected
+ */
+void
+client_release_connids(struct Client *client_p)
+{
+ rb_dlink_node *ptr, *ptr2;
+
+ if (client_p->localClient->connids.head)
+ s_assert(MyConnect(client_p));
+
+ if (!MyConnect(client_p))
+ return;
+
+ RB_DLINK_FOREACH_SAFE(ptr, ptr2, client_p->localClient->connids.head)
+ connid_put(RB_POINTER_TO_UINT(ptr->data));
+}
/*
* make_client - create a new Client struct and set it to initial state.
client_p->localClient->F = NULL;
- if(current_connid+1 == 0)
- current_connid++;
-
- client_p->localClient->connid = ++current_connid;
-
- if(current_connid+1 == 0)
- current_connid++;
-
- client_p->localClient->zconnid = ++current_connid;
- add_to_cli_connid_hash(client_p);
-
client_p->preClient = rb_bh_alloc(pclient_heap);
/* as good a place as any... */
}
SetUnknown(client_p);
- strcpy(client_p->username, "unknown");
+ rb_strlcpy(client_p->username, "unknown", sizeof(client_p->username));
return client_p;
}
void
free_pre_client(struct Client *client_p)
{
- struct Blacklist *blptr;
-
s_assert(NULL != client_p);
if(client_p->preClient == NULL)
return;
- blptr = client_p->preClient->dnsbl_listed;
- if (blptr != NULL)
- unref_blacklist(blptr);
- s_assert(rb_dlink_list_length(&client_p->preClient->dnsbl_queries) == 0);
+ s_assert(client_p->preClient->auth.cid == 0);
+
+ rb_free(client_p->preClient->auth.data);
+ rb_free(client_p->preClient->auth.reason);
rb_bh_free(pclient_heap, client_p->preClient);
client_p->preClient = NULL;
client_p->localClient->listener = 0;
}
- del_from_cli_connid_hash(client_p);
+ client_release_connids(client_p);
if(client_p->localClient->F != NULL)
{
rb_close(client_p->localClient->F);
rb_free(client_p->localClient->auth_user);
rb_free(client_p->localClient->challenge);
rb_free(client_p->localClient->fullcaps);
- rb_free(client_p->localClient->opername);
rb_free(client_p->localClient->mangledhost);
- if (client_p->localClient->privset)
- privilegeset_unref(client_p->localClient->privset);
- if(IsSSL(client_p))
- ssld_decrement_clicount(client_p->localClient->ssl_ctl);
+ if (IsSSL(client_p))
+ ssld_decrement_clicount(client_p->localClient->ssl_ctl);
+
+ rb_free(client_p->localClient->cipher_string);
+
+ if (IsCapable(client_p, CAP_ZIP))
+ ssld_decrement_clicount(client_p->localClient->z_ctl);
+
+ rb_free(client_p->localClient->zipstats);
- if(IsCapable(client_p, CAP_ZIP))
- ssld_decrement_clicount(client_p->localClient->z_ctl);
+ if (client_p->localClient->ws_ctl != NULL)
+ wsockd_decrement_clicount(client_p->localClient->ws_ctl);
rb_bh_free(lclient_heap, client_p->localClient);
client_p->localClient = NULL;
}
-void
+static void
free_client(struct Client *client_p)
{
s_assert(NULL != client_p);
if(IsDead(client_p) || IsClosing(client_p))
continue;
- /* still has DNSbls to validate against */
- if(client_p->preClient != NULL &&
- rb_dlink_list_length(&client_p->preClient->dnsbl_queries) > 0)
+ /* Still querying with authd */
+ if(client_p->preClient != NULL && client_p->preClient->auth.cid != 0)
continue;
/*
}
}
-static void
+void
notify_banned_client(struct Client *client_p, struct ConfItem *aconf, int ban)
{
static const char conn_closed[] = "Connection closed";
check_xlines();
}
-/* check_klines_event()
- *
- * inputs -
- * outputs -
- * side effects - check_klines() is called, kline_queued unset
- */
-void
-check_klines_event(void *unused)
-{
- kline_queued = false;
- check_klines();
-}
-
/* check_klines
*
* inputs -
}
}
+
+/* check_one_kline()
+ *
+ * This process needs to be kept in sync with find_kline() aka find_conf_by_address().
+ *
+ * inputs - pointer to kline to check
+ * outputs -
+ * side effects - all clients will be checked against given kline
+ */
+void
+check_one_kline(struct ConfItem *kline)
+{
+ struct Client *client_p;
+ rb_dlink_node *ptr;
+ rb_dlink_node *next_ptr;
+ int masktype;
+ int bits;
+ struct rb_sockaddr_storage sockaddr;
+ struct sockaddr_in ip4;
+
+ masktype = parse_netmask(kline->host, (struct sockaddr_storage *)&sockaddr, &bits);
+
+ RB_DLINK_FOREACH_SAFE(ptr, next_ptr, lclient_list.head)
+ {
+ int matched = 0;
+
+ client_p = ptr->data;
+
+ if(IsMe(client_p) || !IsPerson(client_p))
+ continue;
+
+ if(!match(kline->user, client_p->username))
+ continue;
+
+ /* match one kline */
+ switch (masktype) {
+ case HM_IPV4:
+ if (client_p->localClient->ip.ss_family == AF_INET6 &&
+ rb_ipv4_from_ipv6((struct sockaddr_in6 *)&client_p->localClient->ip, &ip4)
+ && comp_with_mask_sock((struct sockaddr *)&ip4, (struct sockaddr *)&sockaddr, bits))
+ matched = 1;
+ /* fallthrough */
+ case HM_IPV6:
+ if (client_p->localClient->ip.ss_family == sockaddr.ss_family &&
+ comp_with_mask_sock((struct sockaddr *)&client_p->localClient->ip,
+ (struct sockaddr *)&sockaddr, bits))
+ matched = 1;
+ break;
+ case HM_HOST:
+ if (match(kline->host, client_p->orighost))
+ matched = 1;
+ if (match(kline->host, client_p->sockhost))
+ matched = 1;
+ break;
+ }
+
+ if (!matched)
+ continue;
+
+ if(IsExemptKline(client_p))
+ {
+ sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
+ "KLINE over-ruled for %s, client is kline_exempt [%s@%s]",
+ get_client_name(client_p, HIDE_IP),
+ kline->user, kline->host);
+ continue;
+ }
+
+ sendto_realops_snomask(SNO_GENERAL, L_ALL,
+ "KLINE active for %s",
+ get_client_name(client_p, HIDE_IP));
+
+ notify_banned_client(client_p, kline, K_LINED);
+ }
+}
+
+
/* check_dlines()
*
* inputs -
{
s_assert(0);
sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "On abort_list: %s stat: %u flags: %u/%u handler: %c",
+ "On abort_list: %s stat: %u flags: %llu handler: %c",
target_p->name, (unsigned int) target_p->status,
- target_p->flags, target_p->flags2, target_p->handler);
+ (unsigned long long)target_p->flags, target_p->handler);
sendto_realops_snomask(SNO_GENERAL, L_ALL,
"Please report this to the charybdis developers!");
found++;
{
s_assert(0);
sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "On dead_list: %s stat: %u flags: %u/%u handler: %c",
+ "On dead_list: %s stat: %u flags: %llu handler: %c",
abt->client->name, (unsigned int) abt->client->status,
- abt->client->flags, abt->client->flags2, abt->client->handler);
+ (unsigned long long)abt->client->flags, abt->client->handler);
sendto_realops_snomask(SNO_GENERAL, L_ALL,
"Please report this to the charybdis developers!");
continue;
*/
static int
-exit_unknown_client(struct Client *client_p, struct Client *source_p, struct Client *from,
- const char *comment)
+exit_unknown_client(struct Client *client_p, /* The local client originating the
+ * exit or NULL, if this exit is
+ * generated by this server for
+ * internal reasons.
+ * This will not get any of the
+ * generated messages. */
+ struct Client *source_p, /* Client exiting */
+ struct Client *from, /* Client firing off this Exit,
+ * never NULL! */
+ const char *comment)
{
- delete_auth_queries(source_p);
- abort_blacklist_queries(source_p);
+ authd_abort_client(source_p);
rb_dlinkDelete(&source_p->localClient->tnode, &unknown_list);
if(!IsIOError(source_p))
del_from_id_hash(source_p->id, source_p);
del_from_hostname_hash(source_p->host, source_p);
- del_from_client_hash(source_p->name, source_p);
+ if (!IsAnyServer(source_p))
+ del_from_client_hash(source_p->name, source_p);
remove_client_from_list(source_p);
SetDead(source_p);
rb_dlinkAddAlloc(source_p, &dead_list);
snprintf(newcomment, sizeof(newcomment), "by %s: %s",
from->name, comment);
- if(source_p->serv != NULL)
- remove_dependents(client_p, source_p, from, IsPerson(from) ? newcomment : comment, comment1);
+ remove_dependents(client_p, source_p, from, IsPerson(from) ? newcomment : comment, comment1);
- if(source_p->servptr && source_p->servptr->serv)
- rb_dlinkDelete(&source_p->lnode, &source_p->servptr->serv->servers);
- else
- s_assert(0);
+ rb_dlinkDelete(&source_p->lnode, &source_p->servptr->serv->servers);
rb_dlinkFindDestroy(source_p, &global_serv_list);
target_p = source_p->from;
del_from_client_hash(source_p->name, source_p);
remove_client_from_list(source_p);
+
scache_split(source_p->serv->nameinfo);
SetDead(source_p);
const char *comment /* Reason for the exit */
)
{
+ int ret = -1;
+
hook_data_client_exit hdata;
if(IsClosing(source_p))
return -1;
{
/* Local clients of various types */
if(IsPerson(source_p))
- return exit_local_client(client_p, source_p, from, comment);
+ ret = exit_local_client(client_p, source_p, from, comment);
else if(IsServer(source_p))
- return exit_local_server(client_p, source_p, from, comment);
+ ret = exit_local_server(client_p, source_p, from, comment);
/* IsUnknown || IsConnecting || IsHandShake */
else if(!IsReject(source_p))
- return exit_unknown_client(client_p, source_p, from, comment);
+ ret = exit_unknown_client(client_p, source_p, from, comment);
}
else
{
/* Remotes */
if(IsPerson(source_p))
- return exit_remote_client(client_p, source_p, from, comment);
+ ret = exit_remote_client(client_p, source_p, from, comment);
else if(IsServer(source_p))
- return exit_remote_server(client_p, source_p, from, comment);
+ ret = exit_remote_server(client_p, source_p, from, comment);
}
- return -1;
+ call_hook(h_after_client_exit, NULL);
+
+ return ret;
}
/*
{
if(user->away)
rb_free((char *) user->away);
+ rb_free(user->opername);
+ if (user->privset)
+ privilegeset_unref(user->privset);
/*
* sanity check
*/
else
ServerStats.is_ni++;
- del_from_cli_connid_hash(client_p);
+ client_release_connids(client_p);
if(client_p->localClient->F != NULL)
{