#include "stdinc.h"
#include "ircd_defs.h"
#include "s_conf.h"
+#include "s_user.h"
#include "s_newconf.h"
#include "newconf.h"
#include "s_serv.h"
#include "channel.h"
#include "class.h"
#include "client.h"
-#include "common.h"
#include "hash.h"
#include "match.h"
#include "ircd.h"
#include "send.h"
#include "reject.h"
#include "cache.h"
-#include "blacklist.h"
#include "privilege.h"
#include "sslproc.h"
+#include "wsproc.h"
#include "bandbi.h"
#include "operhash.h"
#include "chmode.h"
#include "hook.h"
#include "s_assert.h"
-#include "authd.h"
+#include "authproc.h"
+#include "supported.h"
struct config_server_hide ConfigServerHide;
extern int yyparse(void); /* defined in y.tab.c */
-extern char linebuf[];
-
-#ifndef INADDR_NONE
-#define INADDR_NONE ((unsigned int) 0xffffffff)
-#endif
+extern char yy_linebuf[16384]; /* defined in ircd_lexer.l */
static rb_bh *confitem_heap = NULL;
case NOT_AUTHORISED:
{
int port = -1;
-#ifdef RB_IPV6
- if(GET_SS_FAMILY(&source_p->localClient->ip) == AF_INET6)
- port = ntohs(((struct sockaddr_in6 *)&source_p->localClient->listener->addr)->sin6_port);
- else
-#endif
- port = ntohs(((struct sockaddr_in *)&source_p->localClient->listener->addr)->sin_port);
+ port = ntohs(GET_SS_PORT(&source_p->localClient->listener->addr[0]));
ServerStats.is_ref++;
/* jdc - lists server name & port connections are on */
static char ipaddr[HOSTIPLEN];
rb_inet_ntop_sock(&source_p->localClient->ip, ipaddr, sizeof(ipaddr));
#endif
- sendto_realops_snomask(SNO_UNAUTH, L_ALL,
+ sendto_realops_snomask(SNO_UNAUTH, L_NETWIDE,
"Unauthorised client connection from "
"%s!%s%s@%s [%s] on [%s/%u].",
source_p->name, IsGotId(source_p) ? "" : "~",
source_p->name, IsGotId(source_p) ? "" : "~",
source_p->username, source_p->sockhost,
source_p->localClient->listener->name, port);
- add_reject(client_p, NULL, NULL);
- exit_client(client_p, source_p, &me,
- "You are not authorised to use this server");
+ add_reject(client_p, NULL, NULL, NULL, "You are not authorised to use this server.");
+ exit_client(client_p, source_p, &me, "You are not authorised to use this server.");
break;
}
case BANNED_CLIENT:
if(IsConfSpoofNotice(aconf))
{
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
+ sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
"%s spoofing: %s as %s",
client_p->name,
show_ip(NULL, client_p) ? client_p->host : aconf->info.name,
form_str(ERR_YOUREBANNEDCREEP),
me.name, client_p->name,
get_user_ban_reason(aconf));
- add_reject(client_p, aconf->user, aconf->host);
+ add_reject(client_p, aconf->user, aconf->host, aconf, NULL);
return (BANNED_CLIENT);
}
return (attach_conf(client_p, aconf));
}
+/*
+ * deref_conf
+ *
+ * inputs - ConfItem that is referenced by something other than a client
+ * side effects - Decrement and free ConfItem if appropriate
+ */
+void
+deref_conf(struct ConfItem *aconf)
+{
+ aconf->clients--;
+ if(!aconf->clients && IsIllegal(aconf))
+ free_conf(aconf);
+}
+
/*
* detach_conf
*
if(IsIllegal(aconf))
return (NOT_AUTHORISED);
- if(ClassPtr(aconf))
- {
- if(!add_ip_limit(client_p, aconf))
- return (TOO_MANY_LOCAL);
- }
+ if(s_assert(ClassPtr(aconf)))
+ return (NOT_AUTHORISED);
+
+ if(!add_ip_limit(client_p, aconf))
+ return (TOO_MANY_LOCAL);
if((aconf->status & CONF_CLIENT) &&
ConfCurrUsers(aconf) >= ConfMaxUsers(aconf) && ConfMaxUsers(aconf) > 0)
* as a result of an operator issuing this command, else assume it has been
* called as a result of the server receiving a HUP signal.
*/
-int
-rehash(int sig)
+bool
+rehash(bool sig)
{
- if(sig != 0)
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
+ rb_dlink_node *n;
+
+ hook_data_rehash hdata = { sig };
+
+ if(sig)
+ sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
"Got signal SIGHUP, reloading ircd conf. file");
- }
rehash_authd();
+
/* don't close listeners until we know we can go ahead with the rehash */
- read_conf_files(NO);
+ read_conf_files(false);
if(ServerInfo.description != NULL)
rb_strlcpy(me.info, ServerInfo.description, sizeof(me.info));
rb_strlcpy(me.info, "unknown", sizeof(me.info));
open_logfiles();
- return (0);
+
+ RB_DLINK_FOREACH(n, local_oper_list.head)
+ {
+ struct Client *oper = n->data;
+ const char *modeparv[4];
+ modeparv[0] = modeparv[1] = oper->name;
+ modeparv[2] = "+";
+ modeparv[3] = NULL;
+ user_mode(oper, oper, 3, modeparv);
+ }
+
+ call_hook(h_rehash, &hdata);
+ return false;
}
void
-rehash_bans(int sig)
+rehash_bans(void)
{
bandb_rehash_bans();
}
ServerInfo.description = NULL;
ServerInfo.network_name = NULL;
- memset(&ServerInfo.ip, 0, sizeof(ServerInfo.ip));
- ServerInfo.specific_ipv4_vhost = 0;
-#ifdef RB_IPV6
- memset(&ServerInfo.ip6, 0, sizeof(ServerInfo.ip6));
- ServerInfo.specific_ipv6_vhost = 0;
-#endif
+ memset(&ServerInfo.bind4, 0, sizeof(ServerInfo.bind4));
+ SET_SS_FAMILY(&ServerInfo.bind4, AF_UNSPEC);
+ memset(&ServerInfo.bind6, 0, sizeof(ServerInfo.bind6));
+ SET_SS_FAMILY(&ServerInfo.bind6, AF_UNSPEC);
AdminInfo.name = NULL;
AdminInfo.email = NULL;
ConfigFileEntry.client_exit = true;
ConfigFileEntry.dline_with_reason = true;
ConfigFileEntry.kline_with_reason = true;
- ConfigFileEntry.kline_delay = 0;
ConfigFileEntry.warn_no_nline = true;
ConfigFileEntry.non_redundant_klines = true;
ConfigFileEntry.stats_e_disabled = false;
ConfigFileEntry.use_propagated_bans = true;
ConfigFileEntry.max_ratelimit_tokens = 30;
ConfigFileEntry.away_interval = 30;
+ ConfigFileEntry.tls_ciphers_oper_only = false;
#ifdef HAVE_LIBZ
ConfigFileEntry.compression_level = 4;
ConfigChannel.channel_target_change = true;
ConfigChannel.disable_local_channels = false;
ConfigChannel.displayed_usercount = 3;
+ ConfigChannel.opmod_send_statusmsg = false;
ConfigChannel.autochanmodes = MODE_TOPICLIMIT | MODE_NOPRIVMSGS;
ServerInfo.default_max_clients = MAXCONNECTIONS;
ConfigFileEntry.nicklen = NICKLEN;
- ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SHA1;
+ ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_CERT_SHA1;
ConfigFileEntry.hide_opers_in_whois = 0;
+ ConfigFileEntry.hide_opers = 0;
if (!alias_dict)
- alias_dict = rb_dictionary_create("alias", strcasecmp);
+ alias_dict = rb_dictionary_create("alias", rb_strcasecmp);
}
/*
if(ServerInfo.ssld_count < 1)
ServerInfo.ssld_count = 1;
+ /* XXX: configurable? */
+ ServerInfo.wsockd_count = 1;
+
if(!rb_setup_ssl_server(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params, ServerInfo.ssl_cipher_list))
{
ilog(L_MAIN, "WARNING: Unable to setup SSL.");
ircd_ssl_ok = false;
} else {
ircd_ssl_ok = true;
- send_new_ssl_certs(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params, ServerInfo.ssl_cipher_list);
+ ssld_update_config();
}
if(ServerInfo.ssld_count > get_ssld_count())
{
int start = ServerInfo.ssld_count - get_ssld_count();
/* start up additional ssld if needed */
- start_ssldaemon(start, ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params, ServerInfo.ssl_cipher_list);
+ start_ssldaemon(start);
+ }
+
+ if(ServerInfo.wsockd_count > get_wsockd_count())
+ {
+ int start = ServerInfo.wsockd_count - get_wsockd_count();
+ start_wsockd(start);
}
/* General conf */
splitmode = 0;
splitchecking = 0;
}
+
+ CharAttrs['&'] |= CHANPFX_C;
+ if (ConfigChannel.disable_local_channels)
+ CharAttrs['&'] &= ~CHANPFX_C;
+
+ chantypes_update();
}
/* add_temp_kline()
break;
}
if (aconf->lifetime != 0 && now < aconf->lifetime)
+ {
aconf->status |= CONF_ILLEGAL;
+ }
else
{
if (aconf->lifetime != 0)
rb_dlinkDestroy(ptr, &prop_bans);
- free_conf(aconf);
+ if (aconf->clients == 0)
+ free_conf(aconf);
+ else
+ aconf->status |= CONF_ILLEGAL;
}
}
get_oper_name(struct Client *client_p)
{
/* +5 for !,@,{,} and null */
- static char buffer[NICKLEN + USERLEN + HOSTLEN + HOSTLEN + 5];
+ static char buffer[NAMELEN + USERLEN + HOSTLEN + HOSTLEN + 5];
if(MyOper(client_p))
{
snprintf(buffer, sizeof(buffer), "%s!%s@%s{%s}",
client_p->name, client_p->username,
- client_p->host, client_p->localClient->opername);
+ client_p->host, client_p->user->opername);
return buffer;
}
{
static char reasonbuf[BUFSIZE];
- if (aconf->flags & CONF_FLAGS_TEMPORARY &&
+ if (!ConfigFileEntry.hide_tkdline_duration &&
+ aconf->flags & CONF_FLAGS_TEMPORARY &&
(aconf->status == CONF_KILL || aconf->status == CONF_DLINE))
snprintf(reasonbuf, sizeof reasonbuf,
"Temporary %c-line %d min. - ",
*user = EmptyString(aconf->user) ? null : aconf->user;
*reason = get_user_ban_reason(aconf);
- if(!IsOper(source_p))
+ if(!IsOperGeneral(source_p))
*oper_reason = NULL;
else
{
}
else
{
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
+ sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
"Can't open file '%s' - aborting rehash!", filename);
return;
}
MaxUsers(cltmp) = -1;
}
- clear_out_address_conf();
+ clear_out_address_conf(AC_CONFIG);
clear_s_newconf();
/* clean out module paths */
rb_free(ConfigFileEntry.sasl_service);
ConfigFileEntry.sasl_service = NULL;
+ if (ConfigFileEntry.hidden_caps != NULL)
+ {
+ for (size_t i = 0; ConfigFileEntry.hidden_caps[i] != NULL; i++)
+ rb_free(ConfigFileEntry.hidden_caps[i]);
+ rb_free(ConfigFileEntry.hidden_caps);
+ }
+ ConfigFileEntry.hidden_caps = NULL;
+
/* clean out log */
rb_free(ConfigFileEntry.fname_userlog);
ConfigFileEntry.fname_userlog = NULL;
alias_dict = NULL;
}
- destroy_blacklists();
+ del_dnsbl_entry_all();
privilegeset_mark_all_illegal();
}
}
-static char *
-strip_tabs(char *dest, const char *src, size_t len)
+static void
+strip_tabs(char *dest, const char *src, size_t size)
{
char *d = dest;
if(dest == NULL || src == NULL)
- return NULL;
+ return;
- rb_strlcpy(dest, src, len);
+ rb_strlcpy(dest, src, size);
while(*d)
{
*d = ' ';
d++;
}
- return dest;
}
/*
{
char newlinebuf[BUFSIZE];
- strip_tabs(newlinebuf, linebuf, strlen(linebuf));
+ strip_tabs(newlinebuf, yy_linebuf, sizeof(newlinebuf));
ierror("\"%s\", line %d: %s at '%s'", conffilebuf, lineno + 1, msg, newlinebuf);
- sendto_realops_snomask(SNO_GENERAL, L_ALL, "\"%s\", line %d: %s at '%s'",
+ sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "\"%s\", line %d: %s at '%s'",
conffilebuf, lineno + 1, msg, newlinebuf);
}
projects / solanum.git / blobdiff