* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
* USA
- *
- * $Id: s_user.c 3586 2007-11-20 11:16:43Z nenolod $
*/
#include "stdinc.h"
#include "channel.h"
#include "class.h"
#include "client.h"
-#include "common.h"
#include "hash.h"
#include "match.h"
#include "ircd.h"
#include "hook.h"
#include "monitor.h"
#include "snomask.h"
-#include "blacklist.h"
#include "substitution.h"
#include "chmode.h"
#include "s_assert.h"
* output -
* side effects - display to client user counts etc.
*/
-int
+void
show_lusers(struct Client *source_p)
{
if(rb_dlink_list_length(&lclient_list) > (unsigned long)MaxClientCount)
form_str(RPL_STATSCONN),
MaxConnectionCount, MaxClientCount,
Count.totalrestartcount);
-
- return 0;
}
/*
** would just issue "KILL foobar" to clean out dups. But,
** this is not fair. It should actually request another
** nick from local user or kill him/her...
-*/
+ */
int
register_local_user(struct Client *client_p, struct Client *source_p)
{
struct ConfItem *aconf, *xconf;
struct User *user = source_p->user;
- char tmpstr2[IRCD_BUFSIZE];
+ char tmpstr2[BUFSIZE];
char ipaddr[HOSTIPLEN];
char myusername[USERLEN+1];
int status;
if(source_p->flags & FLAGS_CLICAP)
return -1;
- /* still has DNSbls to validate against */
- if(rb_dlink_list_length(&source_p->preClient->dnsbl_queries) > 0)
+ /* Waiting on authd */
+ if(source_p->preClient->authd_cid)
return -1;
client_p->localClient->last = rb_current_time();
rb_strlcpy(source_p->name, source_p->preClient->spoofnick, NICKLEN + 1);
add_to_client_hash(source_p->name, source_p);
- rb_snprintf(note, NICKLEN + 10, "Nick: %s", source_p->name);
+ snprintf(note, NICKLEN + 10, "Nick: %s", source_p->name);
rb_note(source_p->localClient->F, note);
}
rb_strlcpy(source_p->host, source_p->sockhost, sizeof(source_p->host));
}
-
aconf = source_p->localClient->att_conf;
if(aconf == NULL)
return CLIENT_EXITED;
}
- /* dnsbl check */
- if (source_p->preClient->dnsbl_listed != NULL)
+ /* authd rejection check */
+ if(source_p->preClient->authd_accepted == false)
{
- if (IsExemptKline(source_p) || IsConfExemptDNSBL(aconf))
- sendto_one_notice(source_p, ":*** Your IP address %s is listed in %s, but you are exempt",
- source_p->sockhost, source_p->preClient->dnsbl_listed->host);
- else
+ struct blacklist_stats *stats;
+ rb_dlink_list varlist = { NULL, NULL, 0 };
+ char *reason;
+
+ substitution_append_var(&varlist, "nick", source_p->name);
+ substitution_append_var(&varlist, "ip", source_p->sockhost);
+ substitution_append_var(&varlist, "host", source_p->host);
+ substitution_append_var(&varlist, "dnsbl-host", source_p->preClient->authd_data);
+ substitution_append_var(&varlist, "network-name", ServerInfo.network_name);
+ reason = substitution_parse(source_p->preClient->authd_reason, &varlist);
+
+ switch(source_p->preClient->authd_cause)
{
- sendto_realops_snomask(SNO_REJ, L_NETWIDE,
- "Listed on DNSBL %s: %s (%s@%s) [%s] [%s]",
- source_p->preClient->dnsbl_listed->host,
- source_p->name,
- source_p->username, source_p->host,
- IsIPSpoof(source_p) ? "255.255.255.255" : source_p->sockhost,
- source_p->info);
-
- rb_dlink_list varlist = { NULL, NULL, 0 };
+ case 'B': /* Blacklists */
+ if((stats = rb_dictionary_retrieve(bl_stats, source_p->preClient->authd_data)) != NULL)
+ stats->hits++;
- substitution_append_var(&varlist, "nick", source_p->name);
- substitution_append_var(&varlist, "ip", source_p->sockhost);
- substitution_append_var(&varlist, "host", source_p->host);
- substitution_append_var(&varlist, "dnsbl-host", source_p->preClient->dnsbl_listed->host);
- substitution_append_var(&varlist, "network-name", ServerInfo.network_name);
-
- ServerStats.is_ref++;
-
- sendto_one(source_p, form_str(ERR_YOUREBANNEDCREEP),
- me.name, source_p->name,
- substitution_parse(source_p->preClient->dnsbl_listed->reject_reason, &varlist));
-
- substitution_free(&varlist);
-
- sendto_one_notice(source_p, ":*** Your IP address %s is listed in %s",
- source_p->sockhost, source_p->preClient->dnsbl_listed->host);
- source_p->preClient->dnsbl_listed->hits++;
- add_reject(source_p, NULL, NULL);
- exit_client(client_p, source_p, &me, "*** Banned (DNS blacklist)");
- return CLIENT_EXITED;
+ if(IsExemptKline(source_p) || IsConfExemptDNSBL(aconf))
+ {
+ sendto_one_notice(source_p, ":*** Your IP address %s is listed in %s, but you are exempt",
+ source_p->sockhost, source_p->preClient->authd_data);
+ }
+ else
+ {
+ sendto_realops_snomask(SNO_REJ, L_NETWIDE,
+ "Listed on DNSBL %s: %s (%s@%s) [%s] [%s]",
+ source_p->preClient->authd_data,
+ source_p->name,
+ source_p->username, source_p->host,
+ IsIPSpoof(source_p) ? "255.255.255.255" : source_p->sockhost,
+ source_p->info);
+
+ ServerStats.is_ref++;
+
+ sendto_one(source_p, form_str(ERR_YOUREBANNEDCREEP),
+ me.name, source_p->name, reason);
+
+ sendto_one_notice(source_p, ":*** Your IP address %s is listed in %s",
+ source_p->sockhost, source_p->preClient->authd_data);
+ add_reject(source_p, NULL, NULL);
+ exit_client(client_p, source_p, &me, "*** Banned (DNS blacklist)");
+ substitution_free(&varlist);
+ return CLIENT_EXITED;
+ }
+ break;
+ case 'O':
+ if(IsExemptKline(source_p) || IsConfExemptProxy(aconf))
+ {
+ sendto_one_notice(source_p, ":*** Your IP address %s has been detected as an open proxy (ip:port %s), but you are exempt",
+ source_p->sockhost, source_p->preClient->authd_data);
+ }
+ else
+ {
+ sendto_realops_snomask(SNO_REJ, L_NETWIDE,
+ "Open proxy %s: %s (%s@%s) [%s] [%s]",
+ source_p->preClient->authd_data,
+ source_p->name,
+ source_p->username, source_p->host,
+ IsIPSpoof(source_p) ? "255.255.255.255" : source_p->sockhost,
+ source_p->info);
+
+ ServerStats.is_ref++;
+
+ sendto_one(source_p, form_str(ERR_YOUREBANNEDCREEP),
+ me.name, source_p->name, reason);
+
+ sendto_one_notice(source_p, ":*** Your IP address %s has been detected as an open proxy (ip:port %s)",
+ source_p->sockhost, source_p->preClient->authd_data);
+ add_reject(source_p, NULL, NULL);
+ exit_client(client_p, source_p, &me, "*** Banned (Open proxy)");
+ substitution_free(&varlist);
+ return CLIENT_EXITED;
+ }
+ default: /* Unknown, but handle the case properly */
+ if (IsExemptKline(source_p))
+ {
+ sendto_one_notice(source_p, ":*** You were rejected, but you are exempt (reason: %s)",
+ reason);
+ }
+ else
+ {
+ sendto_realops_snomask(SNO_REJ, L_NETWIDE,
+ "Rejected by authentication system (reason %s): %s (%s@%s) [%s] [%s]",
+ reason, source_p->name, source_p->username, source_p->host,
+ IsIPSpoof(source_p) ? "255.255.255.255" : source_p->sockhost,
+ source_p->info);
+
+ ServerStats.is_ref++;
+
+ sendto_one(source_p, form_str(ERR_YOUREBANNEDCREEP),
+ me.name, source_p->name, reason);
+
+ sendto_one_notice(source_p, ":*** Rejected by authentication system: %s",
+ reason);
+ add_reject(source_p, NULL, NULL);
+ exit_client(client_p, source_p, &me, "*** Banned (authentication system)");
+ substitution_free(&varlist);
+ return CLIENT_EXITED;
+ }
}
+
+ substitution_free(&varlist);
}
/* valid user name check */
ServerStats.is_ref++;
sendto_one_notice(source_p, ":*** Your username is invalid. Please make sure that your username contains "
"only alphanumeric characters.");
- rb_sprintf(tmpstr2, "Invalid username [%s]", source_p->username);
+ sprintf(tmpstr2, "Invalid username [%s]", source_p->username);
exit_client(client_p, source_p, &me, tmpstr2);
return (CLIENT_EXITED);
}
free_pre_client(source_p);
- return (introduce_client(client_p, source_p, user, source_p->name, 1));
+ introduce_client(client_p, source_p, user, source_p->name, 1);
+ return 0;
}
/*
* of the net, either from a local client connect or
* from a remote connect.
*/
-int
+void
introduce_client(struct Client *client_p, struct Client *source_p, struct User *user, const char *nick, int use_euid)
{
char ubuf[BUFSIZE];
hdata2.client = client_p;
hdata2.target = source_p;
call_hook(h_introduce_client, &hdata2);
-
- return 0;
}
/*
* valid_hostname - check hostname for validity
*
* Inputs - pointer to user
- * Output - YES if valid, NO if not
+ * Output - true if valid, false if not
* Side effects - NONE
*
* NOTE: this doesn't allow a hostname to begin with a dot and
* will not allow more dots than chars.
*/
-int
+bool
valid_hostname(const char *hostname)
{
const char *p = hostname, *last_slash = 0;
s_assert(NULL != p);
if(hostname == NULL)
- return NO;
+ return false;
if(!strcmp(hostname, "localhost"))
- return YES;
+ return true;
if('.' == *p || ':' == *p || '/' == *p)
- return NO;
+ return false;
while (*p)
{
if(!IsHostChar(*p))
- return NO;
+ return false;
if(*p == '.' || *p == ':')
found_sep++;
else if(*p == '/')
}
if(found_sep == 0)
- return NO;
+ return false;
if(last_slash && IsDigit(last_slash[1]))
- return NO;
+ return false;
- return YES;
+ return true;
}
/*
* valid_username - check username for validity
*
* Inputs - pointer to user
- * Output - YES if valid, NO if not
+ * Output - true if valid, false if not
* Side effects - NONE
*
* Absolutely always reject any '*' '!' '?' '@' in an user name
* Allow '.' in username to allow for "first.last"
* style of username
*/
-int
+bool
valid_username(const char *username)
{
int dots = 0;
s_assert(NULL != p);
if(username == NULL)
- return NO;
+ return false;
if('~' == *p)
++p;
* or "-hi-@somehost", "h-----@somehost" would still be accepted.
*/
if(!IsAlNum(*p))
- return NO;
+ return false;
while (*++p)
{
{
dots++;
if(dots > ConfigFileEntry.dots_in_ident)
- return NO;
+ return false;
if(!IsUserChar(p[1]))
- return NO;
+ return false;
}
else if(!IsUserChar(*p))
- return NO;
+ return false;
}
- return YES;
+ return true;
}
/* report_and_set_user_flags
const char *pm;
struct Client *target_p;
int what, setflags;
- int badflag = NO; /* Only send one bad flag notice */
- int showsnomask = NO;
+ bool badflag = false; /* Only send one bad flag notice */
+ bool showsnomask = false;
unsigned int setsnomask;
char buf[BUFSIZE];
hook_data_umode_changed hdata;
if (!(source_p->umodes & UMODE_SERVNOTICE) && source_p->snomask != 0)
{
source_p->snomask = 0;
- showsnomask = YES;
+ showsnomask = true;
}
source_p->flags2 &= ~OPER_FLAGS;
&& (ConfigFileEntry.oper_only_umodes & UMODE_SERVNOTICE))
{
if (what == MODE_ADD || source_p->umodes & UMODE_SERVNOTICE)
- badflag = YES;
+ badflag = true;
continue;
}
- showsnomask = YES;
+ showsnomask = true;
if(what == MODE_ADD)
{
if (parc > 3)
default:
if (MyConnect(source_p) && *pm == 'Q' && !ConfigChannel.use_forward)
{
- badflag = YES;
+ badflag = true;
break;
}
|| (orphaned_umodes & flag)))
{
if (what == MODE_ADD || source_p->umodes & flag)
- badflag = YES;
+ badflag = true;
}
else
{
else
{
if(MyConnect(source_p))
- badflag = YES;
+ badflag = true;
}
break;
}
* output - none
* side effects - opers up source_p using aconf for reference
*/
-int
+void
oper_up(struct Client *source_p, struct oper_conf *oper_p)
{
unsigned int old = source_p->umodes, oldsnomask = source_p->snomask;
sendto_one_notice(source_p, ":*** Oper privilege set is %s", oper_p->privset->name);
sendto_one_notice(source_p, ":*** Oper privs are %s", oper_p->privset->privs);
send_oper_motd(source_p);
-
- return (1);
}
/*
target_p->info);
if(*mode)
- sendto_channel_local_butone(target_p, ALL_MEMBERS, chptr,
- ":%s MODE %s +%s %s",
- target_p->servptr->name,
- chptr->chname, mode, modeval);
+ sendto_channel_local_with_capability_butone(target_p, ALL_MEMBERS, NOCAPS, CLICAP_CHGHOST, chptr,
+ ":%s MODE %s +%s %s", target_p->servptr->name, chptr->chname, mode, modeval);
*modeval = '\0';
}
rb_strlcpy(target_p->host, host, sizeof target_p->host);
if (changed)
- add_history(target_p, 1);
+ whowas_add_history(target_p, 1);
del_from_client_hash(target_p->name, target_p);
rb_strlcpy(target_p->name, nick, NICKLEN);