#include "ircd_defs.h"
#include "s_conf.h"
#include "s_newconf.h"
+#include "newconf.h"
#include "s_serv.h"
#include "s_stats.h"
#include "channel.h"
#include "client.h"
#include "common.h"
#include "hash.h"
-#include "irc_string.h"
-#include "sprintf_irc.h"
+#include "match.h"
#include "ircd.h"
#include "listener.h"
#include "hostmask.h"
#include "numeric.h"
#include "logger.h"
#include "send.h"
-#include "s_gline.h"
#include "reject.h"
#include "cache.h"
#include "blacklist.h"
+#include "privilege.h"
#include "sslproc.h"
+#include "bandbi.h"
+#include "operhash.h"
+#include "chmode.h"
+#include "hook.h"
+#include "s_assert.h"
struct config_server_hide ConfigServerHide;
-extern int yyparse(); /* defined in y.tab.c */
+extern int yyparse(void); /* defined in y.tab.c */
extern char linebuf[];
#ifndef INADDR_NONE
static rb_bh *confitem_heap = NULL;
+rb_dlink_list prop_bans;
+
rb_dlink_list temp_klines[LAST_TEMP_TYPE];
rb_dlink_list temp_dlines[LAST_TEMP_TYPE];
rb_dlink_list service_list;
static void read_conf(FILE *);
static void clear_out_old_conf(void);
+static void expire_prop_bans(void *list);
static void expire_temp_kd(void *list);
static void reorganise_temp_kd(void *list);
{
confitem_heap = rb_bh_create(sizeof(struct ConfItem), CONFITEM_HEAP_SIZE, "confitem_heap");
+ rb_event_addish("expire_prop_bans", expire_prop_bans, &prop_bans, 60);
+
rb_event_addish("expire_temp_klines", expire_temp_kd, &temp_klines[TEMP_MIN], 60);
rb_event_addish("expire_temp_dlines", expire_temp_kd, &temp_dlines[TEMP_MIN], 60);
rb_free(aconf->passwd);
rb_free(aconf->spasswd);
- rb_free(aconf->name);
rb_free(aconf->className);
rb_free(aconf->user);
rb_free(aconf->host);
+ if(IsConfBan(aconf))
+ operhash_delete(aconf->info.oper);
+ else
+ rb_free(aconf->info.name);
+
rb_bh_free(confitem_heap, aconf);
}
/* why ipaddr, and not just source_p->sockhost? --fl */
#if 0
static char ipaddr[HOSTIPLEN];
- inetntop_sock(&source_p->localClient->ip, ipaddr, sizeof(ipaddr));
+ rb_inet_ntop_sock(&source_p->localClient->ip, ipaddr, sizeof(ipaddr));
#endif
sendto_realops_snomask(SNO_UNAUTH, L_ALL,
"Unauthorised client connection from "
aconf = find_address_conf(client_p->host, client_p->sockhost,
client_p->username, client_p->username,
(struct sockaddr *) &client_p->localClient->ip,
- client_p->localClient->ip.ss_family);
+ client_p->localClient->ip.ss_family,
+ client_p->localClient->auth_user);
}
else
{
- strlcpy(non_ident, "~", sizeof(non_ident));
- strlcat(non_ident, username, sizeof(non_ident));
+ rb_strlcpy(non_ident, "~", sizeof(non_ident));
+ rb_strlcat(non_ident, username, sizeof(non_ident));
aconf = find_address_conf(client_p->host, client_p->sockhost,
non_ident, client_p->username,
(struct sockaddr *) &client_p->localClient->ip,
- client_p->localClient->ip.ss_family);
+ client_p->localClient->ip.ss_family,
+ client_p->localClient->auth_user);
}
if(aconf == NULL)
if(aconf->flags & CONF_FLAGS_REDIR)
{
sendto_one_numeric(client_p, RPL_REDIR, form_str(RPL_REDIR),
- aconf->name ? aconf->name : "", aconf->port);
+ aconf->info.name ? aconf->info.name : "", aconf->port);
return (NOT_AUTHORISED);
}
sendto_realops_snomask(SNO_GENERAL, L_ALL,
"%s spoofing: %s as %s",
client_p->name,
- show_ip(NULL, client_p) ? client_p->host : aconf->name,
- aconf->name);
+ show_ip(NULL, client_p) ? client_p->host : aconf->info.name,
+ aconf->info.name);
}
/* user@host spoof */
- if((p = strchr(aconf->name, '@')) != NULL)
+ if((p = strchr(aconf->info.name, '@')) != NULL)
{
char *host = p+1;
*p = '\0';
- strlcpy(client_p->username, aconf->name,
+ rb_strlcpy(client_p->username, aconf->info.name,
sizeof(client_p->username));
- strlcpy(client_p->host, host,
+ rb_strlcpy(client_p->host, host,
sizeof(client_p->host));
*p = '@';
}
else
- strlcpy(client_p->host, aconf->name, sizeof(client_p->host));
+ rb_strlcpy(client_p->host, aconf->info.name, sizeof(client_p->host));
}
return (attach_iline(client_p, aconf));
}
else if(aconf->status & CONF_KILL)
{
if(ConfigFileEntry.kline_with_reason)
- {
sendto_one(client_p,
form_str(ERR_YOUREBANNEDCREEP),
- me.name, client_p->name, aconf->passwd);
- }
- add_reject(client_p, aconf->user, aconf->host);
- return (BANNED_CLIENT);
- }
- else if(aconf->status & CONF_GLINE)
- {
- sendto_one_notice(client_p, ":*** G-lined");
-
- if(ConfigFileEntry.kline_with_reason)
- sendto_one(client_p,
- form_str(ERR_YOUREBANNEDCREEP),
- me.name, client_p->name, aconf->passwd);
-
+ me.name, client_p->name,
+ get_user_ban_reason(aconf));
add_reject(client_p, aconf->user, aconf->host);
return (BANNED_CLIENT);
}
add_ip_limit(struct Client *client_p, struct ConfItem *aconf)
{
rb_patricia_node_t *pnode;
+ int bitlen;
/* If the limits are 0 don't do anything.. */
- if(ConfCidrAmount(aconf) == 0 || ConfCidrBitlen(aconf) == 0)
+ if(ConfCidrAmount(aconf) == 0
+ || (ConfCidrIpv4Bitlen(aconf) == 0 && ConfCidrIpv6Bitlen(aconf) == 0))
return -1;
pnode = rb_match_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip);
+ if(GET_SS_FAMILY(&client_p->localClient->ip) == AF_INET)
+ bitlen = ConfCidrIpv4Bitlen(aconf);
+ else
+ bitlen = ConfCidrIpv6Bitlen(aconf);
+
if(pnode == NULL)
- pnode = make_and_lookup_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip, ConfCidrBitlen(aconf));
+ pnode = make_and_lookup_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip, bitlen);
s_assert(pnode != NULL);
if(pnode != NULL)
{
- if(((long) pnode->data) >= ConfCidrAmount(aconf)
- && !IsConfExemptLimits(aconf))
+ if(((intptr_t)pnode->data) >= ConfCidrAmount(aconf) && !IsConfExemptLimits(aconf))
{
/* This should only happen if the limits are set to 0 */
- if((unsigned long) pnode->data == 0)
+ if((intptr_t)pnode->data == 0)
{
rb_patricia_remove(ConfIpLimits(aconf), pnode);
}
return (0);
}
- pnode->data++;
+ pnode->data = (void *)(((intptr_t)pnode->data) + 1);
}
return 1;
}
rb_patricia_node_t *pnode;
/* If the limits are 0 don't do anything.. */
- if(ConfCidrAmount(aconf) == 0 || ConfCidrBitlen(aconf) == 0)
+ if(ConfCidrAmount(aconf) == 0
+ || (ConfCidrIpv4Bitlen(aconf) == 0 && ConfCidrIpv6Bitlen(aconf) == 0))
return;
pnode = rb_match_ip(ConfIpLimits(aconf), (struct sockaddr *)&client_p->localClient->ip);
if(pnode == NULL)
return;
- pnode->data--;
- if(((unsigned long) pnode->data) == 0)
+ pnode->data = (void *)(((intptr_t)pnode->data) - 1);
+ if(((intptr_t)pnode->data) == 0)
{
rb_patricia_remove(ConfIpLimits(aconf), pnode);
}
int local_count = 0;
int global_count = 0;
int ident_count = 0;
- int unidented = 0;
+ int unidented;
if(IsConfExemptLimits(aconf))
return (attach_conf(client_p, aconf));
- if(*client_p->username == '~')
- unidented = 1;
-
+ unidented = !IsGotId(client_p) && !IsNoTilde(aconf) &&
+ (!IsConfDoSpoofIp(aconf) || !strchr(aconf->info.name, '@'));
/* find_hostname() returns the head of the list to search */
RB_DLINK_FOREACH(ptr, find_hostname(client_p->host))
read_conf_files(NO);
if(ServerInfo.description != NULL)
- strlcpy(me.info, ServerInfo.description, sizeof(me.info));
+ rb_strlcpy(me.info, ServerInfo.description, sizeof(me.info));
else
- strlcpy(me.info, "unknown", sizeof(me.info));
+ rb_strlcpy(me.info, "unknown", sizeof(me.info));
open_logfiles();
return (0);
}
-static struct banconf_entry
-{
- const char **filename;
- void (*func) (FILE *);
- int perm;
-} banconfs[] = {
- { &ConfigFileEntry.klinefile, parse_k_file, 0 },
- { &ConfigFileEntry.klinefile, parse_k_file, 1 },
- { &ConfigFileEntry.dlinefile, parse_d_file, 0 },
- { &ConfigFileEntry.dlinefile, parse_d_file, 1 },
- { &ConfigFileEntry.xlinefile, parse_x_file, 0 },
- { &ConfigFileEntry.xlinefile, parse_x_file, 1 },
- { &ConfigFileEntry.resvfile, parse_resv_file,0 },
- { &ConfigFileEntry.resvfile, parse_resv_file,1 },
- { NULL, NULL, 0 }
-};
-
void
rehash_bans(int sig)
{
- FILE *file;
- char buf[MAXPATHLEN];
- int i;
-
- if(sig != 0)
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "Got signal SIGUSR2, reloading ban confs");
-
- clear_out_address_conf_bans();
- clear_s_newconf_bans();
-
- for(i = 0; banconfs[i].filename; i++)
- {
- if(banconfs[i].perm)
- snprintf(buf, sizeof(buf), "%s.perm", *banconfs[i].filename);
- else
- snprintf(buf, sizeof(buf), "%s", *banconfs[i].filename);
-
- if((file = fopen(buf, "r")) == NULL)
- {
- if(banconfs[i].perm)
- continue;
-
- ilog(L_MAIN, "Failed reading ban file %s",
- *banconfs[i].filename);
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "Can't open %s file bans could be missing!",
- *banconfs[i].filename);
- }
- else
- {
- (banconfs[i].func)(file);
- fclose(file);
- }
- }
-
- check_banned_lines();
+ bandb_rehash_bans();
}
/*
ConfigFileEntry.fname_operlog = NULL;
ConfigFileEntry.fname_foperlog = NULL;
ConfigFileEntry.fname_serverlog = NULL;
- ConfigFileEntry.fname_glinelog = NULL;
ConfigFileEntry.fname_klinelog = NULL;
ConfigFileEntry.fname_operspylog = NULL;
ConfigFileEntry.fname_ioerrorlog = NULL;
- ConfigFileEntry.glines = NO;
ConfigFileEntry.use_egd = NO;
- ConfigFileEntry.gline_time = 12 * 3600;
- ConfigFileEntry.gline_min_cidr = 16;
- ConfigFileEntry.gline_min_cidr6 = 48;
ConfigFileEntry.hide_spoof_ips = YES;
ConfigFileEntry.hide_error_messages = 1;
ConfigFileEntry.dots_in_ident = 0;
ConfigFileEntry.max_targets = MAX_TARGETS_DEFAULT;
- ConfigFileEntry.servlink_path = rb_strdup(SLPATH);
ConfigFileEntry.egdpool_path = NULL;
ConfigFileEntry.use_whois_actually = YES;
ConfigFileEntry.burst_away = NO;
ConfigFileEntry.collision_fnc = YES;
+ ConfigFileEntry.resv_fnc = YES;
ConfigFileEntry.global_snotices = YES;
ConfigFileEntry.operspy_dont_care_user_info = NO;
+ ConfigFileEntry.use_propagated_bans = YES;
+ ConfigFileEntry.max_ratelimit_tokens = 30;
+ ConfigFileEntry.away_interval = 30;
#ifdef HAVE_LIBZ
ConfigFileEntry.compression_level = 4;
ConfigChannel.use_except = YES;
ConfigChannel.use_invex = YES;
- ConfigChannel.use_knock = YES;
ConfigChannel.use_forward = YES;
+ ConfigChannel.use_knock = YES;
ConfigChannel.knock_delay = 300;
ConfigChannel.knock_delay_channel = 60;
ConfigChannel.max_chans_per_user = 15;
ConfigChannel.max_bans = 25;
ConfigChannel.max_bans_large = 500;
+ ConfigChannel.only_ascii_channels = NO;
ConfigChannel.burst_topicwho = NO;
ConfigChannel.kick_on_split_riding = NO;
ConfigChannel.default_split_server_count = 10;
ConfigChannel.no_join_on_split = NO;
ConfigChannel.no_create_on_split = YES;
+ ConfigChannel.resv_forcepart = YES;
+ ConfigChannel.channel_target_change = YES;
+ ConfigChannel.disable_local_channels = NO;
ConfigServerHide.flatten_links = 0;
ConfigServerHide.links_delay = 300;
ConfigFileEntry.min_nonwildcard = 4;
ConfigFileEntry.min_nonwildcard_simple = 3;
ConfigFileEntry.default_floodcount = 8;
- ConfigFileEntry.client_flood = CLIENT_FLOOD_DEFAULT;
+ ConfigFileEntry.default_ident_timeout = IDENT_TIMEOUT_DEFAULT;
ConfigFileEntry.tkline_expire_notices = 0;
ConfigFileEntry.reject_after_count = 5;
ConfigFileEntry.reject_ban_time = 300;
ConfigFileEntry.reject_duration = 120;
- ConfigFileEntry.max_unknown_ip = 2;
+ ConfigFileEntry.throttle_count = 4;
+ ConfigFileEntry.throttle_duration = 60;
+
+ ConfigFileEntry.client_flood_max_lines = CLIENT_FLOOD_DEFAULT;
+ ConfigFileEntry.client_flood_burst_rate = 5;
+ ConfigFileEntry.client_flood_burst_max = 5;
+ ConfigFileEntry.client_flood_message_time = 1;
+ ConfigFileEntry.client_flood_message_num = 2;
ServerInfo.default_max_clients = MAXCONNECTIONS;
+
+ ConfigFileEntry.nicklen = NICKLEN;
+
+ if (!alias_dict)
+ alias_dict = irc_dictionary_create(strcasecmp);
}
#undef YES
validate_conf(); /* Check to make sure some values are still okay. */
/* Some global values are also loaded here. */
check_class(); /* Make sure classes are valid */
+ privilegeset_delete_all_illegal();
+ construct_cflags_strings();
}
static void
validate_conf(void)
{
+ if(ConfigFileEntry.default_ident_timeout < 1)
+ ConfigFileEntry.default_ident_timeout = IDENT_TIMEOUT_DEFAULT;
+
if(ConfigFileEntry.ts_warn_delta < TS_WARN_DELTA_MIN)
ConfigFileEntry.ts_warn_delta = TS_WARN_DELTA_DEFAULT;
if(ConfigFileEntry.ts_max_delta < TS_MAX_DELTA_MIN)
ConfigFileEntry.ts_max_delta = TS_MAX_DELTA_DEFAULT;
- if(ConfigFileEntry.servlink_path == NULL)
- ConfigFileEntry.servlink_path = rb_strdup(SLPATH);
-
if(ServerInfo.network_name == NULL)
ServerInfo.network_name = rb_strdup(NETWORK_NAME_DEFAULT);
if(ServerInfo.network_desc == NULL)
ServerInfo.network_desc = rb_strdup(NETWORK_DESC_DEFAULT);
- if(ServerInfo.ssld_count < 1)\r
+ if(ServerInfo.ssld_count < 1)
ServerInfo.ssld_count = 1;
- if(!rb_setup_ssl_server(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params))\r
- {\r
- ilog(L_MAIN, "WARNING: Unable to setup SSL.");\r
- ssl_ok = 0;\r
- } else {\r
- ssl_ok = 1;\r
- send_new_ssl_certs(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params);\r
- }\r
-\r
- if(ServerInfo.ssld_count > get_ssld_count())\r
- {\r
- int start = ServerInfo.ssld_count - get_ssld_count();\r
- /* start up additional ssld if needed */\r
- start_ssldaemon(start, ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params);\r
- \r
+ if(!rb_setup_ssl_server(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params))
+ {
+ ilog(L_MAIN, "WARNING: Unable to setup SSL.");
+ ssl_ok = 0;
+ } else {
+ ssl_ok = 1;
+ send_new_ssl_certs(ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params);
+ }
+
+ if(ServerInfo.ssld_count > get_ssld_count())
+ {
+ int start = ServerInfo.ssld_count - get_ssld_count();
+ /* start up additional ssld if needed */
+ start_ssldaemon(start, ServerInfo.ssl_cert, ServerInfo.ssl_private_key, ServerInfo.ssl_dh_params);
+
}
- if((ConfigFileEntry.client_flood < CLIENT_FLOOD_MIN) ||
- (ConfigFileEntry.client_flood > CLIENT_FLOOD_MAX))
- ConfigFileEntry.client_flood = CLIENT_FLOOD_MAX;
+ /* RFC 1459 says 1 message per 2 seconds on average and bursts of
+ * 5 messages are acceptable, so allow at least that.
+ */
+ if(ConfigFileEntry.client_flood_burst_rate < 5)
+ ConfigFileEntry.client_flood_burst_rate = 5;
+ if(ConfigFileEntry.client_flood_burst_max < 5)
+ ConfigFileEntry.client_flood_burst_max = 5;
+ if(ConfigFileEntry.client_flood_message_time >
+ ConfigFileEntry.client_flood_message_num * 2)
+ ConfigFileEntry.client_flood_message_time =
+ ConfigFileEntry.client_flood_message_num * 2;
+
+ if((ConfigFileEntry.client_flood_max_lines < CLIENT_FLOOD_MIN) ||
+ (ConfigFileEntry.client_flood_max_lines > CLIENT_FLOOD_MAX))
+ ConfigFileEntry.client_flood_max_lines = CLIENT_FLOOD_MAX;
if(!split_users || !split_servers ||
(!ConfigChannel.no_create_on_split && !ConfigChannel.no_join_on_split))
}
}
-/*
- * lookup_confhost - start DNS lookups of all hostnames in the conf
- * line and convert an IP addresses in a.b.c.d number for to IP#s.
- *
- */
-
-/*
- * conf_connect_allowed
- *
- * inputs - pointer to inaddr
- * - int type ipv4 or ipv6
- * output - ban info or NULL
- * side effects - none
- */
-struct ConfItem *
-conf_connect_allowed(struct sockaddr *addr, int aftype)
-{
- struct ConfItem *aconf = find_dline(addr, aftype);
-
- /* DLINE exempt also gets you out of static limits/pacing... */
- if(aconf && (aconf->status & CONF_EXEMPTDLINE))
- return NULL;
-
- if(aconf != NULL)
- return aconf;
-
- return NULL;
-}
-
/* add_temp_kline()
*
* inputs - pointer to struct ConfItem
}
aconf->flags |= CONF_FLAGS_TEMPORARY;
- add_conf_by_address(aconf->host, CONF_KILL, aconf->user, aconf);
+ add_conf_by_address(aconf->host, CONF_KILL, aconf->user, NULL, aconf);
}
/* add_temp_dline()
}
aconf->flags |= CONF_FLAGS_TEMPORARY;
- add_conf_by_address(aconf->host, CONF_DLINE, aconf->user, aconf);
+ add_conf_by_address(aconf->host, CONF_DLINE, aconf->user, NULL, aconf);
+}
+
+/* valid_wild_card()
+ *
+ * input - user buffer, host buffer
+ * output - 0 if invalid, 1 if valid
+ * side effects -
+ */
+int
+valid_wild_card(const char *luser, const char *lhost)
+{
+ const char *p;
+ char tmpch;
+ int nonwild = 0;
+ int bitlen;
+
+ /* user has no wildcards, always accept -- jilles */
+ if(!strchr(luser, '?') && !strchr(luser, '*'))
+ return 1;
+
+ /* check there are enough non wildcard chars */
+ p = luser;
+ while((tmpch = *p++))
+ {
+ if(!IsKWildChar(tmpch))
+ {
+ /* found enough chars, return */
+ if(++nonwild >= ConfigFileEntry.min_nonwildcard)
+ return 1;
+ }
+ }
+
+ /* try host, as user didnt contain enough */
+ /* special case for cidr masks -- jilles */
+ if((p = strrchr(lhost, '/')) != NULL && IsDigit(p[1]))
+ {
+ bitlen = atoi(p + 1);
+ /* much like non-cidr for ipv6, rather arbitrary for ipv4 */
+ if(bitlen > 0
+ && bitlen >=
+ (strchr(lhost, ':') ? 4 * (ConfigFileEntry.min_nonwildcard - nonwild) : 6 -
+ 2 * nonwild))
+ return 1;
+ }
+ else
+ {
+ p = lhost;
+ while((tmpch = *p++))
+ {
+ if(!IsKWildChar(tmpch))
+ if(++nonwild >= ConfigFileEntry.min_nonwildcard)
+ return 1;
+ }
+ }
+
+ return 0;
+}
+
+rb_dlink_node *
+find_prop_ban(unsigned int status, const char *user, const char *host)
+{
+ rb_dlink_node *ptr;
+ struct ConfItem *aconf;
+
+ RB_DLINK_FOREACH(ptr, prop_bans.head)
+ {
+ aconf = ptr->data;
+
+ if((aconf->status & ~CONF_ILLEGAL) == status &&
+ (!user || !aconf->user ||
+ !irccmp(aconf->user, user)) &&
+ !irccmp(aconf->host, host))
+ return ptr;
+ }
+ return NULL;
+}
+
+void
+deactivate_conf(struct ConfItem *aconf, rb_dlink_node *ptr)
+{
+ int i;
+
+ s_assert(ptr->data == aconf);
+
+ switch (aconf->status)
+ {
+ case CONF_KILL:
+ if (aconf->lifetime == 0 &&
+ aconf->flags & CONF_FLAGS_TEMPORARY)
+ for (i = 0; i < LAST_TEMP_TYPE; i++)
+ rb_dlinkFindDestroy(aconf, &temp_klines[i]);
+ /* Make sure delete_one_address_conf() does not
+ * free the aconf.
+ */
+ aconf->clients++;
+ delete_one_address_conf(aconf->host, aconf);
+ aconf->clients--;
+ break;
+ case CONF_DLINE:
+ if (aconf->lifetime == 0 &&
+ aconf->flags & CONF_FLAGS_TEMPORARY)
+ for (i = 0; i < LAST_TEMP_TYPE; i++)
+ rb_dlinkFindDestroy(aconf, &temp_dlines[i]);
+ aconf->clients++;
+ delete_one_address_conf(aconf->host, aconf);
+ aconf->clients--;
+ break;
+ case CONF_XLINE:
+ rb_dlinkFindDestroy(aconf, &xline_conf_list);
+ break;
+ case CONF_RESV_NICK:
+ rb_dlinkFindDestroy(aconf, &resv_conf_list);
+ break;
+ case CONF_RESV_CHANNEL:
+ del_from_resv_hash(aconf->host, aconf);
+ break;
+ }
+ if (aconf->lifetime != 0 && rb_current_time() < aconf->lifetime)
+ aconf->status |= CONF_ILLEGAL;
+ else
+ {
+ if (aconf->lifetime != 0)
+ rb_dlinkDestroy(ptr, &prop_bans);
+ free_conf(aconf);
+ }
+}
+
+/* Given a new ban ConfItem, look for any matching ban, update the lifetime
+ * from it and delete it.
+ */
+void
+replace_old_ban(struct ConfItem *aconf)
+{
+ rb_dlink_node *ptr;
+ struct ConfItem *oldconf;
+
+ ptr = find_prop_ban(aconf->status, aconf->user, aconf->host);
+ if(ptr != NULL)
+ {
+ oldconf = ptr->data;
+ /* Remember at least as long as the old one. */
+ if(oldconf->lifetime > aconf->lifetime)
+ aconf->lifetime = oldconf->lifetime;
+ /* Force creation time to increase. */
+ if(oldconf->created >= aconf->created)
+ aconf->created = oldconf->created + 1;
+ /* Leave at least one second of validity. */
+ if(aconf->hold <= aconf->created)
+ aconf->hold = aconf->created + 1;
+ if(aconf->lifetime < aconf->hold)
+ aconf->lifetime = aconf->hold;
+ /* Tell deactivate_conf() to destroy it. */
+ oldconf->lifetime = rb_current_time();
+ deactivate_conf(oldconf, ptr);
+ }
+}
+
+static void
+expire_prop_bans(void *list)
+{
+ rb_dlink_node *ptr;
+ rb_dlink_node *next_ptr;
+ struct ConfItem *aconf;
+
+ RB_DLINK_FOREACH_SAFE(ptr, next_ptr, ((rb_dlink_list *) list)->head)
+ {
+ aconf = ptr->data;
+
+ if(aconf->lifetime <= rb_current_time() ||
+ (aconf->hold <= rb_current_time() &&
+ !(aconf->status & CONF_ILLEGAL)))
+ {
+ /* Alert opers that a TKline expired - Hwy */
+ /* XXX show what type of ban it is */
+ if(ConfigFileEntry.tkline_expire_notices &&
+ !(aconf->status & CONF_ILLEGAL))
+ sendto_realops_snomask(SNO_GENERAL, L_ALL,
+ "Propagated ban for [%s%s%s] expired",
+ aconf->user ? aconf->user : "",
+ aconf->user ? "@" : "",
+ aconf->host ? aconf->host : "*");
+
+ /* will destroy or mark illegal */
+ deactivate_conf(aconf, ptr);
+ }
+ }
}
/* expire_tkline()
static char null[] = "<NULL>";
static char zero[] = "default";
- *name = EmptyString(aconf->name) ? null : aconf->name;
+ *name = EmptyString(aconf->info.name) ? null : aconf->info.name;
*host = EmptyString(aconf->host) ? null : aconf->host;
*pass = EmptyString(aconf->passwd) ? null : aconf->passwd;
*user = EmptyString(aconf->user) ? null : aconf->user;
*port = (int) aconf->port;
}
+char *
+get_user_ban_reason(struct ConfItem *aconf)
+{
+ static char reasonbuf[BUFSIZE];
+
+ if (aconf->flags & CONF_FLAGS_TEMPORARY &&
+ (aconf->status == CONF_KILL || aconf->status == CONF_DLINE))
+ rb_snprintf(reasonbuf, sizeof reasonbuf,
+ "Temporary %c-line %d min. - ",
+ aconf->status == CONF_DLINE ? 'D' : 'K',
+ (int)((aconf->hold - aconf->created) / 60));
+ else
+ reasonbuf[0] = '\0';
+ if (aconf->passwd)
+ rb_strlcat(reasonbuf, aconf->passwd, sizeof reasonbuf);
+ else
+ rb_strlcat(reasonbuf, "No Reason", sizeof reasonbuf);
+ if (aconf->created)
+ {
+ rb_strlcat(reasonbuf, " (", sizeof reasonbuf);
+ rb_strlcat(reasonbuf, smalldate(aconf->created),
+ sizeof reasonbuf);
+ rb_strlcat(reasonbuf, ")", sizeof reasonbuf);
+ }
+ return reasonbuf;
+}
+
void
get_printable_kline(struct Client *source_p, struct ConfItem *aconf,
char **host, char **reason,
char **user, char **oper_reason)
{
static char null[] = "<NULL>";
+ static char operreasonbuf[BUFSIZE];
*host = EmptyString(aconf->host) ? null : aconf->host;
- *reason = EmptyString(aconf->passwd) ? null : aconf->passwd;
*user = EmptyString(aconf->user) ? null : aconf->user;
+ *reason = get_user_ban_reason(aconf);
- if(EmptyString(aconf->spasswd) || !IsOper(source_p))
+ if(!IsOper(source_p))
*oper_reason = NULL;
else
- *oper_reason = aconf->spasswd;
+ {
+ rb_snprintf(operreasonbuf, sizeof operreasonbuf, "%s%s(%s)",
+ EmptyString(aconf->spasswd) ? "" : aconf->spasswd,
+ EmptyString(aconf->spasswd) ? "" : " ",
+ aconf->info.oper);
+ *oper_reason = operreasonbuf;
+ }
}
/*
conf_fbfile_in = NULL;
- filename = get_conf_name(CONF_TYPE);
+ filename = ConfigFileEntry.configfile;
/* We need to know the initial filename for the yyerror() to report
FIXME: The full path is in conffilenamebuf first time since we
dont know anything else
- Gozem 2002-07-21
+
+
*/
- strlcpy(conffilebuf, filename, sizeof(conffilebuf));
+ rb_strlcpy(conffilebuf, filename, sizeof(conffilebuf));
if((conf_fbfile_in = fopen(filename, "r")) == NULL)
{
if(cold)
{
+ inotice("Failed in reading configuration file %s, aborting", filename);
ilog(L_MAIN, "Failed in reading configuration file %s", filename);
+
+ int e;
+ e = errno;
+
+ inotice("FATAL: %s %s", strerror(e), filename);
+ ilog(L_MAIN, "FATAL: %s %s", strerror(e), filename);
+
exit(-1);
}
else
clear_out_old_conf();
}
+ call_hook(h_conf_read_start, NULL);
read_conf(conf_fbfile_in);
+ call_hook(h_conf_read_end, NULL);
+
fclose(conf_fbfile_in);
}
*/
/* clean out general */
- rb_free(ConfigFileEntry.servlink_path);
- ConfigFileEntry.servlink_path = NULL;
+ rb_free(ConfigFileEntry.kline_reason);
+ ConfigFileEntry.kline_reason = NULL;
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, service_list.head)
{
}
/* remove any aliases... -- nenolod */
- irc_dictionary_destroy(alias_dict, free_alias_cb, NULL);
- alias_dict = NULL;
-
- destroy_blacklists();
-
- /* OK, that should be everything... */
-}
-
-
-/* write_confitem()
- *
- * inputs - kline, dline or resv type flag
- * - client pointer to report to
- * - user name of target
- * - host name of target
- * - reason for target
- * - time string
- * - type of xline
- * output - NONE
- * side effects - This function takes care of finding the right conf
- * file and adding the line to it, as well as notifying
- * opers and the user.
- */
-void
-write_confitem(KlineType type, struct Client *source_p, char *user,
- char *host, const char *reason, const char *oper_reason,
- const char *current_date, int xtype)
-{
- char buffer[1024];
- FILE *out;
- const char *filename; /* filename to use for kline */
-
- filename = get_conf_name(type);
-
- if(type == KLINE_TYPE)
+ if (alias_dict != NULL)
{
- if(EmptyString(oper_reason))
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s added K-Line for [%s@%s] [%s]",
- get_oper_name(source_p), user,
- host, reason);
- ilog(L_KLINE, "K %s 0 %s %s %s",
- get_oper_name(source_p), user, host, reason);
- }
- else
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s added K-Line for [%s@%s] [%s|%s]",
- get_oper_name(source_p), user,
- host, reason, oper_reason);
- ilog(L_KLINE, "K %s 0 %s %s %s|%s",
- get_oper_name(source_p), user, host,
- reason, oper_reason);
- }
-
- sendto_one_notice(source_p, ":Added K-Line [%s@%s]",
- user, host);
- }
- else if(type == DLINE_TYPE)
- {
- if(EmptyString(oper_reason))
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s added D-Line for [%s] [%s]",
- get_oper_name(source_p), host, reason);
- ilog(L_KLINE, "D %s 0 %s %s",
- get_oper_name(source_p), host, reason);
- }
- else
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s added D-Line for [%s] [%s|%s]",
- get_oper_name(source_p), host,
- reason, oper_reason);
- ilog(L_KLINE, "D %s 0 %s %s|%s",
- get_oper_name(source_p), host,
- reason, oper_reason);
- }
-
- sendto_one_notice(source_p, ":Added D-Line [%s] to %s", host, filename);
-
- }
- else if(type == RESV_TYPE)
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "%s added RESV for [%s] [%s]",
- get_oper_name(source_p), host, reason);
- ilog(L_KLINE, "R %s 0 %s %s",
- get_oper_name(source_p), host, reason);
-
- sendto_one_notice(source_p, ":Added RESV for [%s] [%s]",
- host, reason);
- }
-
- if((out = fopen(filename, "a")) == NULL)
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL, "*** Problem opening %s ", filename);
- sendto_one_notice(source_p, ":*** Problem opening file, added temporarily only");
- return;
+ irc_dictionary_destroy(alias_dict, free_alias_cb, NULL);
+ alias_dict = NULL;
}
- if(oper_reason == NULL)
- oper_reason = "";
-
- if(type == KLINE_TYPE)
- {
- rb_snprintf(buffer, sizeof(buffer),
- "\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",%ld\n",
- user, host, reason, oper_reason, current_date,
- get_oper_name(source_p), rb_current_time());
- }
- else if(type == DLINE_TYPE)
- {
- rb_snprintf(buffer, sizeof(buffer),
- "\"%s\",\"%s\",\"%s\",\"%s\",\"%s\",%ld\n", host,
- reason, oper_reason, current_date, get_oper_name(source_p), rb_current_time());
- }
- else if(type == RESV_TYPE)
- {
- rb_snprintf(buffer, sizeof(buffer), "\"%s\",\"%s\",\"%s\",%ld\n",
- host, reason, get_oper_name(source_p), rb_current_time());
- }
+ destroy_blacklists();
- if(fputs(buffer, out) == -1)
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL, "*** Problem writing to %s", filename);
- sendto_one_notice(source_p, ":*** Problem writing to file, added temporarily only");
- fclose(out);
- return;
- }
+ privilegeset_mark_all_illegal();
- if (fclose(out))
- {
- sendto_realops_snomask(SNO_GENERAL, L_ALL, "*** Problem writing to %s", filename);
- sendto_one_notice(source_p, ":*** Problem writing to file, added temporarily only");
- return;
- }
+ /* OK, that should be everything... */
}
-/* get_conf_name
- *
- * inputs - type of conf file to return name of file for
- * output - pointer to filename for type of conf
- * side effects - none
- */
-const char *
-get_conf_name(KlineType type)
-{
- if(type == CONF_TYPE)
- {
- return (ConfigFileEntry.configfile);
- }
- else if(type == DLINE_TYPE)
- {
- return (ConfigFileEntry.dlinefile);
- }
- else if(type == RESV_TYPE)
- {
- return (ConfigFileEntry.resvfile);
- }
-
- return ConfigFileEntry.klinefile;
-}
/*
* conf_add_class_to_conf
{
if(aconf->status == CONF_CLIENT)
{
- sendto_realops_snomask(SNO_GENERAL, L_ALL,
- "Warning -- Using default class for missing class \"%s\" in auth{} for %s@%s",
+ conf_report_error(
+ "Using default class for missing class \"%s\" in auth{} for %s@%s",
aconf->className, aconf->user, aconf->host);
}
}
else
{
- add_conf_by_address(aconf->host, CONF_DLINE, NULL, aconf);
+ add_conf_by_address(aconf->host, CONF_DLINE, NULL, NULL, aconf);
}
}
+static char *
+strip_tabs(char *dest, const char *src, size_t len)
+{
+ char *d = dest;
+
+ if(dest == NULL || src == NULL)
+ return NULL;
+
+ rb_strlcpy(dest, src, len);
+
+ while(*d)
+ {
+ if(*d == '\t')
+ *d = ' ';
+ d++;
+ }
+ return dest;
+}
/*
* yyerror
{
char newlinebuf[BUFSIZE];
- strip_tabs(newlinebuf, (const unsigned char *) linebuf, strlen(linebuf));
+ strip_tabs(newlinebuf, linebuf, strlen(linebuf));
+ ierror("\"%s\", line %d: %s at '%s'", conffilebuf, lineno + 1, msg, newlinebuf);
sendto_realops_snomask(SNO_GENERAL, L_ALL, "\"%s\", line %d: %s at '%s'",
conffilebuf, lineno + 1, msg, newlinebuf);
- ilog(L_MAIN, "\"%s\", line %d: %s at '%s'", conffilebuf, lineno + 1, msg, newlinebuf);
}
int
conf_fgets(char *lbuf, int max_size, FILE * fb)
{
- char *buff;
-
- if((buff = fgets(lbuf, max_size, fb)) == NULL)
+ if(fgets(lbuf, max_size, fb) == NULL)
return (0);
return (strlen(lbuf));