static rb_dlink_list yy_aconf_list;
static rb_dlink_list yy_oper_list;
-static rb_dlink_list yy_shared_list;
static rb_dlink_list yy_cluster_list;
static struct oper_conf *yy_oper = NULL;
static struct alias_entry *yy_alias = NULL;
-static char *yy_blacklist_host = NULL;
-static char *yy_blacklist_reason = NULL;
-static uint8_t yy_blacklist_iptype = 0;
-static rb_dlink_list yy_blacklist_filters = { NULL, NULL, 0 };
+static char *yy_dnsbl_entry_host = NULL;
+static char *yy_dnsbl_entry_reason = NULL;
+static uint8_t yy_dnsbl_entry_iptype = 0;
+static rb_dlink_list yy_dnsbl_entry_filters = { NULL, NULL, 0 };
static char *yy_opm_address_ipv4 = NULL;
static char *yy_opm_address_ipv6 = NULL;
/* *INDENT-OFF* */
static struct mode_table umode_table[] = {
- {"callerid", UMODE_CALLERID },
{"deaf", UMODE_DEAF },
{"invisible", UMODE_INVISIBLE },
{"locops", UMODE_LOCOPS },
{"noforward", UMODE_NOFORWARD },
- {"regonlymsg", UMODE_REGONLYMSG},
{"servnotice", UMODE_SERVNOTICE},
{"wallop", UMODE_WALLOP },
{"operwall", UMODE_OPERWALL },
{ "all", CLUSTER_ALL },
{NULL, 0}
};
-
-static struct mode_table shared_table[] =
-{
- { "kline", SHARED_PKLINE|SHARED_TKLINE },
- { "xline", SHARED_PXLINE|SHARED_TXLINE },
- { "resv", SHARED_PRESV|SHARED_TRESV },
- { "dline", SHARED_PDLINE|SHARED_TDLINE },
- { "tdline", SHARED_TDLINE },
- { "pdline", SHARED_PDLINE },
- { "undline", SHARED_UNDLINE },
- { "tkline", SHARED_TKLINE },
- { "unkline", SHARED_UNKLINE },
- { "txline", SHARED_TXLINE },
- { "unxline", SHARED_UNXLINE },
- { "tresv", SHARED_TRESV },
- { "unresv", SHARED_UNRESV },
- { "locops", SHARED_LOCOPS },
- { "rehash", SHARED_REHASH },
- { "grant", SHARED_GRANT },
- { "die", SHARED_DIE },
- { "module", SHARED_MODULE },
- { "all", SHARED_ALL },
- { "none", 0 },
- {NULL, 0}
-};
/* *INDENT-ON* */
static int
yy_class->max_total = *(unsigned int *) data;
}
+static void
+conf_set_class_max_autoconn(void *data)
+{
+ yy_class->max_autoconn = *(unsigned int *) data;
+}
+
static void
conf_set_class_sendq(void *data)
{
yy_aconf->className = rb_strdup(data);
}
-/* ok, shared_oper handles the stacking, shared_flags handles adding
- * things.. so all we need to do when we start and end a shared block, is
- * clean up anything thats been left over.
- */
-static int
-conf_cleanup_shared(struct TopConf *tc)
-{
- rb_dlink_node *ptr, *next_ptr;
-
- RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_shared_list.head)
- {
- free_remote_conf(ptr->data);
- rb_dlinkDestroy(ptr, &yy_shared_list);
- }
-
- if(yy_shared != NULL)
- {
- free_remote_conf(yy_shared);
- yy_shared = NULL;
- }
-
- return 0;
-}
-
-static void
-conf_set_shared_oper(void *data)
-{
- conf_parm_t *args = data;
- const char *username;
- char *p;
-
- if(yy_shared != NULL)
- free_remote_conf(yy_shared);
-
- yy_shared = make_remote_conf();
-
- if(args->next != NULL)
- {
- if(CF_TYPE(args->type) != CF_QSTRING)
- {
- conf_report_error("Ignoring shared::oper -- server is not a qstring");
- return;
- }
-
- yy_shared->server = rb_strdup(args->v.string);
- args = args->next;
- }
- else
- yy_shared->server = rb_strdup("*");
-
- if(CF_TYPE(args->type) != CF_QSTRING)
- {
- conf_report_error("Ignoring shared::oper -- oper is not a qstring");
- return;
- }
-
- if((p = strchr(args->v.string, '@')) == NULL)
- {
- conf_report_error("Ignoring shard::oper -- oper is not a user@host");
- return;
- }
-
- username = args->v.string;
- *p++ = '\0';
-
- if(EmptyString(p))
- yy_shared->host = rb_strdup("*");
- else
- yy_shared->host = rb_strdup(p);
-
- if(EmptyString(username))
- yy_shared->username = rb_strdup("*");
- else
- yy_shared->username = rb_strdup(username);
-
- rb_dlinkAddAlloc(yy_shared, &yy_shared_list);
- yy_shared = NULL;
-}
-
-static void
-conf_set_shared_flags(void *data)
-{
- conf_parm_t *args = data;
- int flags = 0;
- rb_dlink_node *ptr, *next_ptr;
-
- if(yy_shared != NULL)
- free_remote_conf(yy_shared);
-
- set_modes_from_table(&flags, "flag", shared_table, args);
-
- RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_shared_list.head)
- {
- yy_shared = ptr->data;
-
- yy_shared->flags = flags;
- rb_dlinkDestroy(ptr, &yy_shared_list);
- rb_dlinkAddTail(yy_shared, &yy_shared->node, &shared_conf_list);
- }
-
- yy_shared = NULL;
-}
-
static int
conf_begin_connect(struct TopConf *tc)
{
conf_set_exempt_ip(void *data)
{
struct ConfItem *yy_tmp;
+ int masktype = parse_netmask_strict(data, NULL, NULL);
- if(parse_netmask(data, NULL, NULL) == HM_HOST)
+ if(masktype != HM_IPV4 && masktype != HM_IPV6)
{
conf_report_error("Ignoring exempt -- invalid exempt::ip.");
return;
add_conf_by_address(yy_tmp->host, CONF_EXEMPTDLINE, NULL, NULL, yy_tmp);
}
+static void
+conf_set_secure_ip(void *data)
+{
+ struct ConfItem *yy_tmp;
+ int masktype = parse_netmask_strict(data, NULL, NULL);
+
+ if(masktype != HM_IPV4 && masktype != HM_IPV6)
+ {
+ conf_report_error("Ignoring secure -- invalid secure::ip.");
+ return;
+ }
+
+ yy_tmp = make_conf();
+ yy_tmp->passwd = rb_strdup("*");
+ yy_tmp->host = rb_strdup(data);
+ yy_tmp->status = CONF_SECURE;
+ add_conf_by_address(yy_tmp->host, CONF_SECURE, NULL, NULL, yy_tmp);
+}
+
static int
conf_cleanup_cluster(struct TopConf *tc)
{
}
/* XXX for below */
-static void conf_set_blacklist_reason(void *data);
+static void conf_set_dnsbl_entry_reason(void *data);
#define IPTYPE_IPV4 1
#define IPTYPE_IPV6 2
+static int
+conf_warn_blacklist_deprecation(struct TopConf *tc)
+{
+ conf_report_error("blacklist{} blocks have been deprecated -- use dnsbl{} blocks instead.");
+ return 0;
+}
+
static void
-conf_set_blacklist_host(void *data)
+conf_set_dnsbl_entry_host(void *data)
{
- if (yy_blacklist_host)
+ if (yy_dnsbl_entry_host)
{
- conf_report_error("blacklist::host %s overlaps existing host %s",
- (char *)data, yy_blacklist_host);
+ conf_report_error("dnsbl::host %s overlaps existing host %s",
+ (char *)data, yy_dnsbl_entry_host);
/* Cleanup */
- conf_set_blacklist_reason(NULL);
+ conf_set_dnsbl_entry_reason(NULL);
return;
}
- yy_blacklist_iptype |= IPTYPE_IPV4;
- yy_blacklist_host = rb_strdup(data);
+ yy_dnsbl_entry_iptype |= IPTYPE_IPV4;
+ yy_dnsbl_entry_host = rb_strdup(data);
}
static void
-conf_set_blacklist_type(void *data)
+conf_set_dnsbl_entry_type(void *data)
{
conf_parm_t *args = data;
/* Don't assume we have either if we got here */
- yy_blacklist_iptype = 0;
+ yy_dnsbl_entry_iptype = 0;
for (; args; args = args->next)
{
if (!rb_strcasecmp(args->v.string, "ipv4"))
- yy_blacklist_iptype |= IPTYPE_IPV4;
+ yy_dnsbl_entry_iptype |= IPTYPE_IPV4;
else if (!rb_strcasecmp(args->v.string, "ipv6"))
- yy_blacklist_iptype |= IPTYPE_IPV6;
+ yy_dnsbl_entry_iptype |= IPTYPE_IPV6;
else
- conf_report_error("blacklist::type has unknown address family %s",
+ conf_report_error("dnsbl::type has unknown address family %s",
args->v.string);
}
/* If we have neither, just default to IPv4 */
- if (!yy_blacklist_iptype)
+ if (!yy_dnsbl_entry_iptype)
{
- conf_report_warning("blacklist::type has neither IPv4 nor IPv6 (defaulting to IPv4)");
- yy_blacklist_iptype = IPTYPE_IPV4;
+ conf_report_warning("dnsbl::type has neither IPv4 nor IPv6 (defaulting to IPv4)");
+ yy_dnsbl_entry_iptype = IPTYPE_IPV4;
}
}
static void
-conf_set_blacklist_matches(void *data)
+conf_set_dnsbl_entry_matches(void *data)
{
conf_parm_t *args = data;
enum filter_t { FILTER_NONE, FILTER_ALL, FILTER_LAST };
if (CF_TYPE(args->type) != CF_QSTRING)
{
- conf_report_error("blacklist::matches -- must be quoted string");
+ conf_report_error("dnsbl::matches -- must be quoted string");
continue;
}
if (str == NULL)
{
- conf_report_error("blacklist::matches -- invalid entry");
+ conf_report_error("dnsbl::matches -- invalid entry");
continue;
}
if (strlen(str) > HOSTIPLEN)
{
- conf_report_error("blacklist::matches has an entry too long: %s",
+ conf_report_error("dnsbl::matches has an entry too long: %s",
str);
continue;
}
type = FILTER_ALL;
else if (!isdigit((unsigned char)*p))
{
- conf_report_error("blacklist::matches has invalid IP match entry %s",
+ conf_report_error("dnsbl::matches has invalid IP match entry %s",
str);
type = FILTER_NONE;
break;
struct rb_sockaddr_storage tmp;
if (rb_inet_pton(AF_INET, str, &tmp) <= 0)
{
- conf_report_error("blacklist::matches has invalid IP match entry %s",
+ conf_report_error("dnsbl::matches has invalid IP match entry %s",
str);
continue;
}
/* Verify it's the correct length */
if (strlen(str) > 3)
{
- conf_report_error("blacklist::matches has invalid octet match entry %s",
+ conf_report_error("dnsbl::matches has invalid octet match entry %s",
str);
continue;
}
continue; /* Invalid entry */
}
- rb_dlinkAddAlloc(rb_strdup(str), &yy_blacklist_filters);
+ rb_dlinkAddAlloc(rb_strdup(str), &yy_dnsbl_entry_filters);
}
}
static void
-conf_set_blacklist_reason(void *data)
+conf_set_dnsbl_entry_reason(void *data)
{
rb_dlink_node *ptr, *nptr;
- if (yy_blacklist_host && data)
+ if (yy_dnsbl_entry_host && data)
{
- yy_blacklist_reason = rb_strdup(data);
- if (yy_blacklist_iptype & IPTYPE_IPV6)
+ yy_dnsbl_entry_reason = rb_strdup(data);
+ if (yy_dnsbl_entry_iptype & IPTYPE_IPV6)
{
/* Make sure things fit (magic number 64 = alnum count + dots)
* Example: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa
*/
- if ((64 + strlen(yy_blacklist_host)) > IRCD_RES_HOSTLEN)
+ if ((64 + strlen(yy_dnsbl_entry_host)) > IRCD_RES_HOSTLEN)
{
- conf_report_error("blacklist::host %s results in IPv6 queries that are too long",
- yy_blacklist_host);
+ conf_report_error("dnsbl::host %s results in IPv6 queries that are too long",
+ yy_dnsbl_entry_host);
goto cleanup_bl;
}
}
/* Avoid doing redundant check, IPv6 is bigger than IPv4 --Elizabeth */
- if ((yy_blacklist_iptype & IPTYPE_IPV4) && !(yy_blacklist_iptype & IPTYPE_IPV6))
+ if ((yy_dnsbl_entry_iptype & IPTYPE_IPV4) && !(yy_dnsbl_entry_iptype & IPTYPE_IPV6))
{
/* Make sure things fit for worst case (magic number 16 = number of nums + dots)
* Example: 127.127.127.127.in-addr.arpa
*/
- if ((16 + strlen(yy_blacklist_host)) > IRCD_RES_HOSTLEN)
+ if ((16 + strlen(yy_dnsbl_entry_host)) > IRCD_RES_HOSTLEN)
{
- conf_report_error("blacklist::host %s results in IPv4 queries that are too long",
- yy_blacklist_host);
+ conf_report_error("dnsbl::host %s results in IPv4 queries that are too long",
+ yy_dnsbl_entry_host);
goto cleanup_bl;
}
}
- add_blacklist(yy_blacklist_host, yy_blacklist_reason, yy_blacklist_iptype, &yy_blacklist_filters);
+ add_dnsbl_entry(yy_dnsbl_entry_host, yy_dnsbl_entry_reason, yy_dnsbl_entry_iptype, &yy_dnsbl_entry_filters);
}
cleanup_bl:
- RB_DLINK_FOREACH_SAFE(ptr, nptr, yy_blacklist_filters.head)
+ RB_DLINK_FOREACH_SAFE(ptr, nptr, yy_dnsbl_entry_filters.head)
{
rb_free(ptr->data);
- rb_dlinkDestroy(ptr, &yy_blacklist_filters);
+ rb_dlinkDestroy(ptr, &yy_dnsbl_entry_filters);
}
- yy_blacklist_filters = (rb_dlink_list){ NULL, NULL, 0 };
+ yy_dnsbl_entry_filters = (rb_dlink_list){ NULL, NULL, 0 };
- rb_free(yy_blacklist_host);
- rb_free(yy_blacklist_reason);
- yy_blacklist_host = NULL;
- yy_blacklist_reason = NULL;
- yy_blacklist_iptype = 0;
+ rb_free(yy_dnsbl_entry_host);
+ rb_free(yy_dnsbl_entry_reason);
+ yy_dnsbl_entry_host = NULL;
+ yy_dnsbl_entry_reason = NULL;
+ yy_dnsbl_entry_iptype = 0;
}
{ "number_per_ident", CF_INT, conf_set_class_number_per_ident, 0, NULL },
{ "connectfreq", CF_TIME, conf_set_class_connectfreq, 0, NULL },
{ "max_number", CF_INT, conf_set_class_max_number, 0, NULL },
+ { "max_autoconn", CF_INT, conf_set_class_max_autoconn, 0, NULL },
{ "sendq", CF_TIME, conf_set_class_sendq, 0, NULL },
{ "\0", 0, NULL, 0, NULL }
};
{ "hide_opers", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_opers },
{ "certfp_method", CF_STRING, conf_set_general_certfp_method, 0, NULL },
{ "drain_reason", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.drain_reason },
+ { "tls_ciphers_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.tls_ciphers_oper_only },
{ "\0", 0, NULL, 0, NULL }
};
{ "autochanmodes", CF_QSTRING, conf_set_channel_autochanmodes, 0, NULL },
{ "displayed_usercount", CF_INT, NULL, 0, &ConfigChannel.displayed_usercount },
{ "strip_topic_colors", CF_YESNO, NULL, 0, &ConfigChannel.strip_topic_colors },
+ { "opmod_send_statusmsg", CF_YESNO, NULL, 0, &ConfigChannel.opmod_send_statusmsg },
{ "\0", 0, NULL, 0, NULL }
};
add_top_conf("auth", conf_begin_auth, conf_end_auth, conf_auth_table);
- add_top_conf("shared", conf_cleanup_shared, conf_cleanup_shared, NULL);
- add_conf_item("shared", "oper", CF_QSTRING | CF_FLIST, conf_set_shared_oper);
- add_conf_item("shared", "flags", CF_STRING | CF_FLIST, conf_set_shared_flags);
-
add_top_conf("connect", conf_begin_connect, conf_end_connect, conf_connect_table);
add_top_conf("exempt", NULL, NULL, NULL);
add_conf_item("exempt", "ip", CF_QSTRING, conf_set_exempt_ip);
+ add_top_conf("secure", NULL, NULL, NULL);
+ add_conf_item("secure", "ip", CF_QSTRING, conf_set_secure_ip);
+
add_top_conf("cluster", conf_cleanup_cluster, conf_cleanup_cluster, NULL);
add_conf_item("cluster", "name", CF_QSTRING, conf_set_cluster_name);
add_conf_item("cluster", "flags", CF_STRING | CF_FLIST, conf_set_cluster_flags);
add_conf_item("alias", "name", CF_QSTRING, conf_set_alias_name);
add_conf_item("alias", "target", CF_QSTRING, conf_set_alias_target);
- add_top_conf("blacklist", NULL, NULL, NULL);
- add_conf_item("blacklist", "host", CF_QSTRING, conf_set_blacklist_host);
- add_conf_item("blacklist", "type", CF_STRING | CF_FLIST, conf_set_blacklist_type);
- add_conf_item("blacklist", "matches", CF_QSTRING | CF_FLIST, conf_set_blacklist_matches);
- add_conf_item("blacklist", "reject_reason", CF_QSTRING, conf_set_blacklist_reason);
+ add_top_conf("dnsbl", NULL, NULL, NULL);
+ add_conf_item("dnsbl", "host", CF_QSTRING, conf_set_dnsbl_entry_host);
+ add_conf_item("dnsbl", "type", CF_STRING | CF_FLIST, conf_set_dnsbl_entry_type);
+ add_conf_item("dnsbl", "matches", CF_QSTRING | CF_FLIST, conf_set_dnsbl_entry_matches);
+ add_conf_item("dnsbl", "reject_reason", CF_QSTRING, conf_set_dnsbl_entry_reason);
+
+ add_top_conf("blacklist", conf_warn_blacklist_deprecation, NULL, NULL);
+ add_conf_item("blacklist", "host", CF_QSTRING, conf_set_dnsbl_entry_host);
+ add_conf_item("blacklist", "type", CF_STRING | CF_FLIST, conf_set_dnsbl_entry_type);
+ add_conf_item("blacklist", "matches", CF_QSTRING | CF_FLIST, conf_set_dnsbl_entry_matches);
+ add_conf_item("blacklist", "reject_reason", CF_QSTRING, conf_set_dnsbl_entry_reason);
add_top_conf("opm", conf_begin_opm, conf_end_opm, NULL);
add_conf_item("opm", "timeout", CF_INT, conf_set_opm_timeout);