#include "msg.h"
#include "reject.h"
#include "sslproc.h"
+#include "capability.h"
+#include "s_assert.h"
#ifndef INADDR_NONE
#define INADDR_NONE ((unsigned int) 0xffffffff)
* because all servers that we talk to already do TS, and the kludged
* extra argument to "PASS" takes care of checking that. -orabidoo
*/
-struct Capability captab[] = {
-/* name cap */
- { "QS", CAP_QS },
- { "EX", CAP_EX },
- { "CHW", CAP_CHW},
- { "IE", CAP_IE},
- { "KLN", CAP_KLN},
- { "KNOCK", CAP_KNOCK},
- { "ZIP", CAP_ZIP},
- { "TB", CAP_TB},
- { "UNKLN", CAP_UNKLN},
- { "CLUSTER", CAP_CLUSTER},
- { "ENCAP", CAP_ENCAP },
- { "SERVICES", CAP_SERVICE },
- { "RSFNC", CAP_RSFNC },
- { "SAVE", CAP_SAVE },
- { "EUID", CAP_EUID },
- { "EOPMOD", CAP_EOPMOD },
- {0, 0}
-};
+struct CapabilityIndex *serv_capindex = NULL;
+
+unsigned int CAP_CAP;
+unsigned int CAP_QS;
+unsigned int CAP_EX;
+unsigned int CAP_CHW;
+unsigned int CAP_IE;
+unsigned int CAP_KLN;
+unsigned int CAP_ZIP;
+unsigned int CAP_KNOCK;
+unsigned int CAP_TB;
+unsigned int CAP_UNKLN;
+unsigned int CAP_CLUSTER;
+unsigned int CAP_ENCAP;
+unsigned int CAP_TS6;
+unsigned int CAP_SERVICE;
+unsigned int CAP_RSFNC;
+unsigned int CAP_SAVE;
+unsigned int CAP_EUID;
+unsigned int CAP_EOPMOD;
+unsigned int CAP_BAN;
+unsigned int CAP_MLOCK;
+
+/*
+ * initialize our builtin capability table. --nenolod
+ */
+void
+init_builtin_capabs(void)
+{
+ serv_capindex = capability_index_create("server capabilities");
+
+ /* These two are not set via CAPAB/GCAP keywords. */
+ CAP_CAP = capability_put_anonymous(serv_capindex);
+ CAP_TS6 = capability_put_anonymous(serv_capindex);
+
+ CAP_QS = capability_put(serv_capindex, "QS");
+ CAP_EX = capability_put(serv_capindex, "EX");
+ CAP_CHW = capability_put(serv_capindex, "CHW");
+ CAP_IE = capability_put(serv_capindex, "IE");
+ CAP_KLN = capability_put(serv_capindex, "KLN");
+ CAP_KNOCK = capability_put(serv_capindex, "KNOCK");
+ CAP_ZIP = capability_put(serv_capindex, "ZIP");
+ CAP_TB = capability_put(serv_capindex, "TB");
+ CAP_UNKLN = capability_put(serv_capindex, "UNKLN");
+ CAP_CLUSTER = capability_put(serv_capindex, "CLUSTER");
+ CAP_ENCAP = capability_put(serv_capindex, "ENCAP");
+ CAP_SERVICE = capability_put(serv_capindex, "SERVICES");
+ CAP_RSFNC = capability_put(serv_capindex, "RSFNC");
+ CAP_SAVE = capability_put(serv_capindex, "SAVE");
+ CAP_EUID = capability_put(serv_capindex, "EUID");
+ CAP_EOPMOD = capability_put(serv_capindex, "EOPMOD");
+ CAP_BAN = capability_put(serv_capindex, "BAN");
+ CAP_MLOCK = capability_put(serv_capindex, "MLOCK");
+
+ capability_require(serv_capindex, "QS");
+ capability_require(serv_capindex, "ENCAP");
+}
static CNCB serv_connect_callback;
static CNCB serv_connect_ssl_callback;
if(parc <= server || EmptyString(parv[server]) ||
match(parv[server], me.name) || (strcmp(parv[server], me.id) == 0))
return (HUNTED_ISME);
-
+
new = LOCAL_COPY(parv[server]);
/*
*/
if(!target_p && wilds)
{
- RB_DLINK_FOREACH(ptr, global_client_list.head)
+ RB_DLINK_FOREACH(ptr, global_serv_list.head)
{
if(match(new, ((struct Client *) (ptr->data))->name))
{
struct server_conf *tmp_p;
rb_dlink_node *ptr;
int error = -1;
+ const char *encr;
s_assert(NULL != client_p);
if(client_p == NULL)
{
error = -2;
- if(ServerConfEncrypted(tmp_p))
+ if(tmp_p->passwd)
{
- if(!strcmp(tmp_p->passwd, rb_crypt(client_p->localClient->passwd,
- tmp_p->passwd)))
+ if(ServerConfEncrypted(tmp_p))
{
- server_p = tmp_p;
- break;
+ encr = rb_crypt(client_p->localClient->passwd,
+ tmp_p->passwd);
+ if(encr != NULL && !strcmp(tmp_p->passwd, encr))
+ {
+ server_p = tmp_p;
+ break;
+ }
+ else
+ continue;
}
+ else if(strcmp(tmp_p->passwd, client_p->localClient->passwd))
+ continue;
}
- else if(!strcmp(tmp_p->passwd, client_p->localClient->passwd))
+
+ if(tmp_p->certfp)
{
- server_p = tmp_p;
- break;
+ if(!client_p->certfp || strcasecmp(tmp_p->certfp, client_p->certfp) != 0)
+ continue;
}
+
+ server_p = tmp_p;
+ break;
}
}
*
*/
void
-send_capabilities(struct Client *client_p, int cap_can_send)
+send_capabilities(struct Client *client_p, unsigned int cap_can_send)
{
- struct Capability *cap;
- char msgbuf[BUFSIZE];
- char *t;
- int tl;
-
- t = msgbuf;
+ sendto_one(client_p, "CAPAB :%s", capability_index_list(serv_capindex, cap_can_send));
+}
- for (cap = captab; cap->name; ++cap)
+static void
+burst_ban(struct Client *client_p)
+{
+ rb_dlink_node *ptr;
+ struct ConfItem *aconf;
+ const char *type, *oper;
+ /* +5 for !,@,{,} and null */
+ char operbuf[NICKLEN + USERLEN + HOSTLEN + HOSTLEN + 5];
+ char *p;
+ size_t melen;
+
+ melen = strlen(me.name);
+ RB_DLINK_FOREACH(ptr, prop_bans.head)
{
- if(cap->cap & cap_can_send)
+ aconf = ptr->data;
+
+ /* Skip expired stuff. */
+ if(aconf->lifetime < rb_current_time())
+ continue;
+ switch(aconf->status & ~CONF_ILLEGAL)
+ {
+ case CONF_KILL: type = "K"; break;
+ case CONF_DLINE: type = "D"; break;
+ case CONF_XLINE: type = "X"; break;
+ case CONF_RESV_NICK: type = "R"; break;
+ case CONF_RESV_CHANNEL: type = "R"; break;
+ default:
+ continue;
+ }
+ oper = aconf->info.oper;
+ if(aconf->flags & CONF_FLAGS_MYOPER)
{
- tl = rb_sprintf(t, "%s ", cap->name);
- t += tl;
+ /* Our operator{} names may not be meaningful
+ * to other servers, so rewrite to our server
+ * name.
+ */
+ rb_strlcpy(operbuf, aconf->info.oper, sizeof buf);
+ p = strrchr(operbuf, '{');
+ if (p != NULL &&
+ operbuf + sizeof operbuf - p > (ptrdiff_t)(melen + 2))
+ {
+ memcpy(p + 1, me.name, melen);
+ p[melen + 1] = '}';
+ p[melen + 2] = '\0';
+ oper = operbuf;
+ }
}
+ sendto_one(client_p, ":%s BAN %s %s %s %lu %d %d %s :%s%s%s",
+ me.id,
+ type,
+ aconf->user ? aconf->user : "*", aconf->host,
+ (unsigned long)aconf->created,
+ (int)(aconf->hold - aconf->created),
+ (int)(aconf->lifetime - aconf->created),
+ oper,
+ aconf->passwd,
+ aconf->spasswd ? "|" : "",
+ aconf->spasswd ? aconf->spasswd : "");
}
-
- t--;
- *t = '\0';
-
- sendto_one(client_p, "CAPAB :%s", msgbuf);
}
/* burst_modes_TS6()
{
banptr = ptr->data;
- tlen = strlen(banptr->banstr) + 1;
+ tlen = strlen(banptr->banstr) + (banptr->forward ? strlen(banptr->forward) + 1 : 0) + 1;
/* uh oh */
if(cur_len + tlen > BUFSIZE - 3)
t = buf + mlen;
}
- rb_sprintf(t, "%s ", banptr->banstr);
+ if (banptr->forward)
+ rb_sprintf(t, "%s$%s ", banptr->banstr, banptr->forward);
+ else
+ rb_sprintf(t, "%s ", banptr->banstr);
t += tlen;
cur_len += tlen;
}
RB_DLINK_FOREACH(ptr, global_client_list.head)
{
- const char *awaymsg = NULL;
-
target_p = ptr->data;
if(!IsPerson(target_p))
IsIPSpoof(target_p) ? "0" : target_p->sockhost,
target_p->id, target_p->info);
+ if(!EmptyString(target_p->certfp))
+ sendto_one(client_p, ":%s ENCAP * CERTFP :%s",
+ use_id(target_p), target_p->certfp);
+
if(!IsCapable(client_p, CAP_EUID))
{
if(IsDynSpoof(target_p))
use_id(target_p), target_p->user->suser);
}
- if(ConfigFileEntry.burst_away && (awaymsg = get_metadata(target_p, "away")) != NULL)
+ if(ConfigFileEntry.burst_away && !EmptyString(target_p->user->away))
sendto_one(client_p, ":%s AWAY :%s",
use_id(target_p),
- awaymsg);
+ target_p->user->away);
hclientinfo.target = target_p;
call_hook(h_burst_client, &hclientinfo);
ConfigChannel.burst_topicwho ? " " : "",
chptr->topic);
+ if(IsCapable(client_p, CAP_MLOCK))
+ sendto_one(client_p, ":%s MLOCK %ld %s :%s",
+ me.id, (long) chptr->channelts, chptr->chname,
+ EmptyString(chptr->mode_lock) ? "" : chptr->mode_lock);
+
hchaninfo.chptr = chptr;
call_hook(h_burst_channel, &hchaninfo);
}
show_capabilities(struct Client *target_p)
{
static char msgbuf[BUFSIZE];
- struct Capability *cap;
+
+ *msgbuf = '\0';
if(has_id(target_p))
rb_strlcpy(msgbuf, " TS6", sizeof(msgbuf));
if(!IsServer(target_p) || !target_p->serv->caps) /* short circuit if no caps */
return msgbuf + 1;
- for (cap = captab; cap->cap; ++cap)
- {
- if(cap->cap & target_p->serv->caps)
- rb_snprintf_append(msgbuf, sizeof(msgbuf), " %s", cap->name);
- }
+ rb_strlcat(msgbuf, " ", sizeof(msgbuf));
+ rb_strlcat(msgbuf, capability_index_list(serv_capindex, target_p->serv->caps), sizeof(msgbuf));
return msgbuf + 1;
}
if(IsUnknown(client_p))
{
- /*
- * jdc -- 1. Use EmptyString(), not [0] index reference.
- * 2. Check ->spasswd, not ->passwd.
- */
- if(!EmptyString(server_p->spasswd))
- {
- sendto_one(client_p, "PASS %s TS %d :%s",
- server_p->spasswd, TS_CURRENT, me.id);
- }
+ /* the server may be linking based on certificate fingerprint now. --nenolod */
+ sendto_one(client_p, "PASS %s TS %d :%s",
+ EmptyString(server_p->spasswd) ? "*" : server_p->spasswd, TS_CURRENT, me.id);
/* pass info to new server */
send_capabilities(client_p, default_server_capabs
SetServer(client_p);
- /* Update the capability combination usage counts */
- set_chcap_usage_counts(client_p);
-
rb_dlinkAdd(client_p, &client_p->lnode, &me.serv->servers);
rb_dlinkMoveNode(&client_p->localClient->tnode, &unknown_list, &serv_list);
rb_dlinkAddTailAlloc(client_p, &global_serv_list);
me.id, client_p->name, client_p->id,
IsHidden(client_p) ? "(H) " : "", client_p->info);
- if(IsCapable(target_p, CAP_ENCAP) &&
- !EmptyString(client_p->serv->fullcaps))
+ if(!EmptyString(client_p->serv->fullcaps))
sendto_one(target_p, ":%s ENCAP * GCAP :%s",
client_p->id, client_p->serv->fullcaps);
}
me.name, client_p->name,
IsHidden(client_p) ? "(H) " : "", client_p->info);
- if(IsCapable(target_p, CAP_ENCAP) &&
- !EmptyString(client_p->serv->fullcaps))
+ if(!EmptyString(client_p->serv->fullcaps))
sendto_one(target_p, ":%s ENCAP * GCAP :%s",
client_p->name, client_p->serv->fullcaps);
}
target_p->name, target_p->hopcount + 1,
IsHidden(target_p) ? "(H) " : "", target_p->info);
- if(IsCapable(client_p, CAP_ENCAP) &&
- !EmptyString(target_p->serv->fullcaps))
+ if(!EmptyString(target_p->serv->fullcaps))
sendto_one(client_p, ":%s ENCAP * GCAP :%s",
get_id(target_p, client_p),
target_p->serv->fullcaps);
}
+ if(IsCapable(client_p, CAP_BAN))
+ burst_ban(client_p);
+
burst_TS6(client_p);
/* Always send a PING after connect burst is done */
/* Next, send the initial handshake */
SetHandshake(client_p);
- if(!EmptyString(server_p->spasswd))
- {
- sendto_one(client_p, "PASS %s TS %d :%s",
- server_p->spasswd, TS_CURRENT, me.id);
- }
+ /* the server may be linking based on certificate fingerprint now. --nenolod */
+ sendto_one(client_p, "PASS %s TS %d :%s",
+ EmptyString(server_p->spasswd) ? "*" : server_p->spasswd, TS_CURRENT, me.id);
/* pass my info to the new server */
send_capabilities(client_p, default_server_capabs
projects / solanum.git / blobdiff