#define INADDR_NONE ((unsigned int) 0xffffffff)
#endif
-#ifndef HAVE_SOCKETPAIR
-static int inet_socketpair(int d, int type, int protocol, int sv[2]);
-#endif
-
int MaxConnectionCount = 1;
int MaxClientCount = 1;
int refresh_user_links = 0;
{ "RSFNC", CAP_RSFNC },
{ "SAVE", CAP_SAVE },
{ "EUID", CAP_EUID },
+ { "EOPMOD", CAP_EOPMOD },
+ { "BAN", CAP_BAN },
+ { "MLOCK", CAP_MLOCK },
{0, 0}
};
* Again, if there are no wild cards involved in the server
* name, use the hash lookup
*/
- if(!target_p)
+ if(!target_p && wilds)
{
- if(!wilds)
- {
- if(MyClient(source_p) || !IsDigit(parv[server][0]))
- sendto_one_numeric(source_p, ERR_NOSUCHSERVER,
- form_str(ERR_NOSUCHSERVER),
- parv[server]);
- return (HUNTED_NOSUCH);
- }
- else
+ RB_DLINK_FOREACH(ptr, global_serv_list.head)
{
- target_p = NULL;
-
- RB_DLINK_FOREACH(ptr, global_client_list.head)
+ if(match(new, ((struct Client *) (ptr->data))->name))
{
- if(match(new, ((struct Client *) (ptr->data))->name))
- {
- target_p = ptr->data;
- break;
- }
+ target_p = ptr->data;
+ break;
}
}
}
+ if(target_p && !IsRegistered(target_p))
+ target_p = NULL;
+
if(target_p)
{
- if(!IsRegistered(target_p))
- {
- sendto_one_numeric(source_p, ERR_NOSUCHSERVER,
- form_str(ERR_NOSUCHSERVER),
- parv[server]);
- return HUNTED_NOSUCH;
- }
-
if(IsMe(target_p) || MyClient(target_p))
return HUNTED_ISME;
{
error = -2;
- if(ServerConfEncrypted(tmp_p))
+ if(tmp_p->passwd)
{
- if(!strcmp(tmp_p->passwd, rb_crypt(client_p->localClient->passwd,
- tmp_p->passwd)))
+ if(ServerConfEncrypted(tmp_p))
{
- server_p = tmp_p;
- break;
+ if(!strcmp(tmp_p->passwd, rb_crypt(client_p->localClient->passwd,
+ tmp_p->passwd)))
+ {
+ server_p = tmp_p;
+ break;
+ }
+ else
+ continue;
}
+ else if(strcmp(tmp_p->passwd, client_p->localClient->passwd))
+ continue;
}
- else if(!strcmp(tmp_p->passwd, client_p->localClient->passwd))
+
+ if(tmp_p->certfp)
{
- server_p = tmp_p;
- break;
+ if(!client_p->certfp || strcasecmp(tmp_p->certfp, client_p->certfp) != 0)
+ continue;
}
+
+ server_p = tmp_p;
+ break;
}
}
sendto_one(client_p, "CAPAB :%s", msgbuf);
}
+static void
+burst_ban(struct Client *client_p)
+{
+ rb_dlink_node *ptr;
+ struct ConfItem *aconf;
+ const char *type, *oper;
+ /* +5 for !,@,{,} and null */
+ char operbuf[NICKLEN + USERLEN + HOSTLEN + HOSTLEN + 5];
+ char *p;
+ size_t melen;
+
+ melen = strlen(me.name);
+ RB_DLINK_FOREACH(ptr, prop_bans.head)
+ {
+ aconf = ptr->data;
+
+ /* Skip expired stuff. */
+ if(aconf->lifetime < rb_current_time())
+ continue;
+ switch(aconf->status & ~CONF_ILLEGAL)
+ {
+ case CONF_KILL: type = "K"; break;
+ case CONF_DLINE: type = "D"; break;
+ case CONF_XLINE: type = "X"; break;
+ case CONF_RESV_NICK: type = "R"; break;
+ case CONF_RESV_CHANNEL: type = "R"; break;
+ default:
+ continue;
+ }
+ oper = aconf->info.oper;
+ if(aconf->flags & CONF_FLAGS_MYOPER)
+ {
+ /* Our operator{} names may not be meaningful
+ * to other servers, so rewrite to our server
+ * name.
+ */
+ rb_strlcpy(operbuf, aconf->info.oper, sizeof buf);
+ p = strrchr(operbuf, '{');
+ if (p != NULL &&
+ operbuf + sizeof operbuf - p > (ptrdiff_t)(melen + 2))
+ {
+ memcpy(p + 1, me.name, melen);
+ p[melen + 1] = '}';
+ p[melen + 2] = '\0';
+ oper = operbuf;
+ }
+ }
+ sendto_one(client_p, ":%s BAN %s %s %s %lu %d %d %s :%s%s%s",
+ me.id,
+ type,
+ aconf->user ? aconf->user : "*", aconf->host,
+ (unsigned long)aconf->created,
+ (int)(aconf->hold - aconf->created),
+ (int)(aconf->lifetime - aconf->created),
+ oper,
+ aconf->passwd,
+ aconf->spasswd ? "|" : "",
+ aconf->spasswd ? aconf->spasswd : "");
+ }
+}
+
/* burst_modes_TS6()
*
* input - client to burst to, channel name, list to burst, mode flag
ubuf[1] = '\0';
}
- if(has_id(target_p) && IsCapable(client_p, CAP_EUID))
+ if(IsCapable(client_p, CAP_EUID))
sendto_one(client_p, ":%s EUID %s %d %ld %s %s %s %s %s %s %s :%s",
target_p->servptr->id, target_p->name,
target_p->hopcount + 1,
IsDynSpoof(target_p) ? target_p->orighost : "*",
EmptyString(target_p->user->suser) ? "*" : target_p->user->suser,
target_p->info);
- else if(has_id(target_p))
+ else
sendto_one(client_p, ":%s UID %s %d %ld %s %s %s %s %s :%s",
target_p->servptr->id, target_p->name,
target_p->hopcount + 1,
target_p->username, target_p->host,
IsIPSpoof(target_p) ? "0" : target_p->sockhost,
target_p->id, target_p->info);
- else
- sendto_one(client_p, "NICK %s %d %ld %s %s %s %s :%s",
- target_p->name,
- target_p->hopcount + 1,
- (long) target_p->tsinfo,
- ubuf,
- target_p->username, target_p->host,
- target_p->servptr->name, target_p->info);
-
- if(!has_id(target_p) || !IsCapable(client_p, CAP_EUID))
+
+ if(!EmptyString(target_p->certfp))
+ sendto_one(client_p, ":%s ENCAP * CERTFP :%s",
+ use_id(target_p), target_p->certfp);
+
+ if(!IsCapable(client_p, CAP_EUID))
{
if(IsDynSpoof(target_p))
sendto_one(client_p, ":%s ENCAP * REALHOST %s",
ConfigChannel.burst_topicwho ? " " : "",
chptr->topic);
+ if(IsCapable(client_p, CAP_MLOCK))
+ sendto_one(client_p, ":%s MLOCK %ld %s :%s",
+ me.id, (long) chptr->channelts, chptr->chname,
+ EmptyString(chptr->mode_lock) ? "" : chptr->mode_lock);
+
hchaninfo.chptr = chptr;
call_hook(h_burst_channel, &hchaninfo);
}
if(IsUnknown(client_p))
{
- /*
- * jdc -- 1. Use EmptyString(), not [0] index reference.
- * 2. Check ->spasswd, not ->passwd.
- */
- if(!EmptyString(server_p->spasswd))
- {
- sendto_one(client_p, "PASS %s TS %d :%s",
- server_p->spasswd, TS_CURRENT, me.id);
- }
+ /* the server may be linking based on certificate fingerprint now. --nenolod */
+ sendto_one(client_p, "PASS %s TS %d :%s",
+ EmptyString(server_p->spasswd) ? "*" : server_p->spasswd, TS_CURRENT, me.id);
/* pass info to new server */
send_capabilities(client_p, default_server_capabs
target_p->serv->fullcaps);
}
+ if(IsCapable(client_p, CAP_BAN))
+ burst_ban(client_p);
+
burst_TS6(client_p);
/* Always send a PING after connect burst is done */
free_pre_client(client_p);
- if (!IsCapable(client_p, CAP_ZIP))
- send_pop_queue(client_p);
+ send_pop_queue(client_p);
return 0;
}
serv_connect_callback(F, status, data);
return;
}
- rb_socketpair(AF_UNIX, SOCK_STREAM, 0, &xF[0], &xF[1], "Outgoing ssld connection");
+ if(rb_socketpair(AF_UNIX, SOCK_STREAM, 0, &xF[0], &xF[1], "Outgoing ssld connection") == -1)
+ {
+ ilog_error("rb_socketpair failed for server");
+ serv_connect_callback(F, RB_ERROR, data);
+ return;
+
+ }
del_from_cli_fd_hash(client_p);
client_p->localClient->F = xF[0];
add_to_cli_fd_hash(client_p);
/* Next, send the initial handshake */
SetHandshake(client_p);
- /* kludge, if we're not using TS6, dont ever send
- * ourselves as being TS6 capable.
- */
- if(!EmptyString(server_p->spasswd))
- {
- sendto_one(client_p, "PASS %s TS %d :%s",
- server_p->spasswd, TS_CURRENT, me.id);
- }
+ /* the server may be linking based on certificate fingerprint now. --nenolod */
+ sendto_one(client_p, "PASS %s TS %d :%s",
+ EmptyString(server_p->spasswd) ? "*" : server_p->spasswd, TS_CURRENT, me.id);
/* pass my info to the new server */
send_capabilities(client_p, default_server_capabs
/* If we get here, we're ok, so lets start reading some data */
read_packet(F, client_p);
}
-
-#ifndef HAVE_SOCKETPAIR
-static int
-inet_socketpair(int d, int type, int protocol, int sv[2])
-{
- struct sockaddr_in addr1, addr2, addr3;
- int addr3_len = sizeof(addr3);
- int fd, rc;
- int port_no = 20000;
-
- if(d != AF_INET || type != SOCK_STREAM || protocol)
- {
- errno = EAFNOSUPPORT;
- return -1;
- }
- if(((sv[0] = socket(AF_INET, SOCK_STREAM, 0)) < 0) || ((sv[1] = socket(AF_INET, SOCK_STREAM, 0)) < 0))
- return -1;
-
- addr1.sin_port = htons(port_no);
- addr1.sin_family = AF_INET;
- addr1.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
- while ((rc = bind (sv[0], (struct sockaddr *) &addr1, sizeof (addr1))) < 0 && errno == EADDRINUSE)
- addr1.sin_port = htons(++port_no);
-
- if(rc < 0)
- return -1;
-
- if(listen(sv[0], 1) < 0)
- {
- close(sv[0]);
- close(sv[1]);
- return -1;
- }
-
- addr2.sin_port = htons(port_no);
- addr2.sin_family = AF_INET;
- addr2.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
- if(connect (sv[1], (struct sockaddr *) &addr2, sizeof (addr2)) < 0)
- {
- close(sv[0]);
- close(sv[1]);
- return -1;
- }
-
- if((fd = accept(sv[1], (struct sockaddr *) &addr3, &addr3_len)) < 0)
- {
- close(sv[0]);
- close(sv[1]);
- return -1;
- }
- close(sv[0]);
- sv[0] = fd;
-
- return(0);
-
-}
-#endif