X-Git-Url: https://jfr.im/git/solanum.git/blobdiff_plain/2f355b7e3cafdef3a614b723cc2a6c70a1d8339e..36828ff7205558bda3857b402e1bf0f62783ed1a:/ircd/client.c diff --git a/ircd/client.c b/ircd/client.c index f411848b..136c30a4 100644 --- a/ircd/client.c +++ b/ircd/client.c @@ -1,5 +1,5 @@ /* - * charybdis: an advanced ircd. + * Solanum: a slightly advanced ircd * client.c: Controls clients. * * Copyright (C) 1990 Jarkko Oikarinen and University of Oulu, Co Center @@ -32,7 +32,7 @@ #include "ircd.h" #include "numeric.h" #include "packet.h" -#include "s_auth.h" +#include "authproc.h" #include "s_conf.h" #include "s_newconf.h" #include "logger.h" @@ -47,11 +47,11 @@ #include "hook.h" #include "msg.h" #include "monitor.h" -#include "blacklist.h" #include "reject.h" #include "scache.h" #include "rb_dictionary.h" #include "sslproc.h" +#include "wsproc.h" #include "s_assert.h" #define DEBUG_EXITED_CLIENTS @@ -76,16 +76,10 @@ static rb_bh *pclient_heap = NULL; static rb_bh *user_heap = NULL; static rb_bh *away_heap = NULL; static char current_uid[IDLEN]; -static int32_t current_connid = 0; +static uint32_t current_connid = 0; rb_dictionary *nd_dict = NULL; -enum -{ - D_LINED, - K_LINED -}; - rb_dlink_list dead_list; #ifdef DEBUG_EXITED_CLIENTS static rb_dlink_list dead_remote_list; @@ -129,6 +123,80 @@ init_client(void) nd_dict = rb_dictionary_create("nickdelay", irccmp); } +/* + * connid_get - allocate a connid + * + * inputs - none + * outputs - a connid token which is used to represent a logical circuit + * side effects - current_connid is incremented, possibly multiple times. + * the association of the connid to it's client is committed. + */ +uint32_t +connid_get(struct Client *client_p) +{ + s_assert(MyConnect(client_p)); + if (!MyConnect(client_p)) + return 0; + + /* find a connid that is available */ + while (find_cli_connid_hash(++current_connid) != NULL) + { + /* handle wraparound, current_connid must NEVER be 0 */ + if (current_connid == 0) + ++current_connid; + } + + add_to_cli_connid_hash(client_p, current_connid); + rb_dlinkAddAlloc(RB_UINT_TO_POINTER(current_connid), &client_p->localClient->connids); + + return current_connid; +} + +/* + * connid_put - free a connid + * + * inputs - connid to free + * outputs - nothing + * side effects - connid bookkeeping structures are freed + */ +void +connid_put(uint32_t id) +{ + struct Client *client_p; + + s_assert(id != 0); + if (id == 0) + return; + + client_p = find_cli_connid_hash(id); + if (client_p == NULL) + return; + + del_from_cli_connid_hash(id); + rb_dlinkFindDestroy(RB_UINT_TO_POINTER(id), &client_p->localClient->connids); +} + +/* + * client_release_connids - release any connids still attached to a client + * + * inputs - client to garbage collect + * outputs - none + * side effects - client's connids are garbage collected + */ +void +client_release_connids(struct Client *client_p) +{ + rb_dlink_node *ptr, *ptr2; + + if (client_p->localClient->connids.head) + s_assert(MyConnect(client_p)); + + if (!MyConnect(client_p)) + return; + + RB_DLINK_FOREACH_SAFE(ptr, ptr2, client_p->localClient->connids.head) + connid_put(RB_POINTER_TO_UINT(ptr->data)); +} /* * make_client - create a new Client struct and set it to initial state. @@ -160,17 +228,6 @@ make_client(struct Client *from) client_p->localClient->F = NULL; - if(current_connid+1 == 0) - current_connid++; - - client_p->localClient->connid = ++current_connid; - - if(current_connid+1 == 0) - current_connid++; - - client_p->localClient->zconnid = ++current_connid; - add_to_cli_connid_hash(client_p); - client_p->preClient = rb_bh_alloc(pclient_heap); /* as good a place as any... */ @@ -184,7 +241,7 @@ make_client(struct Client *from) } SetUnknown(client_p); - strcpy(client_p->username, "unknown"); + rb_strlcpy(client_p->username, "unknown", sizeof(client_p->username)); return client_p; } @@ -192,17 +249,15 @@ make_client(struct Client *from) void free_pre_client(struct Client *client_p) { - struct Blacklist *blptr; - s_assert(NULL != client_p); if(client_p->preClient == NULL) return; - blptr = client_p->preClient->dnsbl_listed; - if (blptr != NULL) - unref_blacklist(blptr); - s_assert(rb_dlink_list_length(&client_p->preClient->dnsbl_queries) == 0); + s_assert(client_p->preClient->auth.cid == 0); + + rb_free(client_p->preClient->auth.data); + rb_free(client_p->preClient->auth.reason); rb_bh_free(pclient_heap, client_p->preClient); client_p->preClient = NULL; @@ -229,7 +284,7 @@ free_local_client(struct Client *client_p) client_p->localClient->listener = 0; } - del_from_cli_connid_hash(client_p); + client_release_connids(client_p); if(client_p->localClient->F != NULL) { rb_close(client_p->localClient->F); @@ -245,22 +300,26 @@ free_local_client(struct Client *client_p) rb_free(client_p->localClient->auth_user); rb_free(client_p->localClient->challenge); rb_free(client_p->localClient->fullcaps); - rb_free(client_p->localClient->opername); rb_free(client_p->localClient->mangledhost); - if (client_p->localClient->privset) - privilegeset_unref(client_p->localClient->privset); - if(IsSSL(client_p)) - ssld_decrement_clicount(client_p->localClient->ssl_ctl); + if (IsSSL(client_p)) + ssld_decrement_clicount(client_p->localClient->ssl_ctl); + + rb_free(client_p->localClient->cipher_string); + + if (IsCapable(client_p, CAP_ZIP)) + ssld_decrement_clicount(client_p->localClient->z_ctl); + + rb_free(client_p->localClient->zipstats); - if(IsCapable(client_p, CAP_ZIP)) - ssld_decrement_clicount(client_p->localClient->z_ctl); + if (client_p->localClient->ws_ctl != NULL) + wsockd_decrement_clicount(client_p->localClient->ws_ctl); rb_bh_free(lclient_heap, client_p->localClient); client_p->localClient = NULL; } -void +static void free_client(struct Client *client_p) { s_assert(NULL != client_p); @@ -340,7 +399,7 @@ check_pings_list(rb_dlink_list * list) { if(IsServer(client_p)) { - sendto_realops_snomask(SNO_GENERAL, L_ALL, + sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "No response from %s, closing link", client_p->name); ilog(L_SERVER, @@ -393,9 +452,8 @@ check_unknowns_list(rb_dlink_list * list) if(IsDead(client_p) || IsClosing(client_p)) continue; - /* still has DNSbls to validate against */ - if(client_p->preClient != NULL && - rb_dlink_list_length(&client_p->preClient->dnsbl_queries) > 0) + /* Still querying with authd */ + if(client_p->preClient != NULL && client_p->preClient->auth.cid != 0) continue; /* @@ -408,7 +466,7 @@ check_unknowns_list(rb_dlink_list * list) { if(IsAnyServer(client_p)) { - sendto_realops_snomask(SNO_GENERAL, is_remote_connect(client_p) ? L_NETWIDE : L_ALL, + sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "No response from %s, closing link", client_p->name); ilog(L_SERVER, @@ -420,7 +478,7 @@ check_unknowns_list(rb_dlink_list * list) } } -static void +void notify_banned_client(struct Client *client_p, struct ConfItem *aconf, int ban) { static const char conn_closed[] = "Connection closed"; @@ -465,19 +523,6 @@ check_banned_lines(void) check_xlines(); } -/* check_klines_event() - * - * inputs - - * outputs - - * side effects - check_klines() is called, kline_queued unset - */ -void -check_klines_event(void *unused) -{ - kline_queued = false; - check_klines(); -} - /* check_klines * * inputs - @@ -503,16 +548,16 @@ check_klines(void) { if(IsExemptKline(client_p)) { - sendto_realops_snomask(SNO_GENERAL, L_ALL, + sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "KLINE over-ruled for %s, client is kline_exempt [%s@%s]", get_client_name(client_p, HIDE_IP), aconf->user, aconf->host); continue; } - sendto_realops_snomask(SNO_GENERAL, L_ALL, - "KLINE active for %s", - get_client_name(client_p, HIDE_IP)); + sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, + "KLINE active for %s (%s@%s)", + get_client_name(client_p, HIDE_IP), aconf->user, aconf->host); notify_banned_client(client_p, aconf, K_LINED); continue; @@ -520,6 +565,88 @@ check_klines(void) } } + +/* check_one_kline() + * + * This process needs to be kept in sync with find_kline() aka find_conf_by_address(). + * + * inputs - pointer to kline to check + * outputs - + * side effects - all clients will be checked against given kline + */ +void +check_one_kline(struct ConfItem *kline) +{ + struct Client *client_p; + rb_dlink_node *ptr; + rb_dlink_node *next_ptr; + int masktype; + int bits; + struct rb_sockaddr_storage sockaddr; + struct sockaddr_in ip4; + + masktype = parse_netmask(kline->host, (struct sockaddr_storage *)&sockaddr, &bits); + + RB_DLINK_FOREACH_SAFE(ptr, next_ptr, lclient_list.head) + { + int matched = 0; + + client_p = ptr->data; + + if(IsMe(client_p) || !IsPerson(client_p)) + continue; + + if(!match(kline->user, client_p->username)) + continue; + + /* match one kline */ + switch (masktype) { + case HM_IPV4: + case HM_IPV6: + if (IsConfDoSpoofIp(client_p->localClient->att_conf) && + IsConfKlineSpoof(client_p->localClient->att_conf)) + continue; + if (client_p->localClient->ip.ss_family == AF_INET6 && sockaddr.ss_family == AF_INET && + rb_ipv4_from_ipv6((struct sockaddr_in6 *)&client_p->localClient->ip, &ip4) + && comp_with_mask_sock((struct sockaddr *)&ip4, (struct sockaddr *)&sockaddr, bits)) + matched = 1; + else if (client_p->localClient->ip.ss_family == sockaddr.ss_family && + comp_with_mask_sock((struct sockaddr *)&client_p->localClient->ip, + (struct sockaddr *)&sockaddr, bits)) + matched = 1; + break; + case HM_HOST: + if (match(kline->host, client_p->orighost)) + matched = 1; + if (IsConfDoSpoofIp(client_p->localClient->att_conf) && + IsConfKlineSpoof(client_p->localClient->att_conf)) + continue; + if (match(kline->host, client_p->sockhost)) + matched = 1; + break; + } + + if (!matched) + continue; + + if(IsExemptKline(client_p)) + { + sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, + "KLINE over-ruled for %s, client is kline_exempt [%s@%s]", + get_client_name(client_p, HIDE_IP), + kline->user, kline->host); + continue; + } + + sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, + "KLINE active for %s (%s@%s)", + get_client_name(client_p, HIDE_IP), kline->user, kline->host); + + notify_banned_client(client_p, kline, K_LINED); + } +} + + /* check_dlines() * * inputs - @@ -546,9 +673,9 @@ check_dlines(void) if(aconf->status & CONF_EXEMPTDLINE) continue; - sendto_realops_snomask(SNO_GENERAL, L_ALL, - "DLINE active for %s", - get_client_name(client_p, HIDE_IP)); + sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, + "DLINE active for %s (%s)", + get_client_name(client_p, HIDE_IP), aconf->host); notify_banned_client(client_p, aconf, D_LINED); continue; @@ -595,15 +722,16 @@ check_xlines(void) { if(IsExemptKline(client_p)) { - sendto_realops_snomask(SNO_GENERAL, L_ALL, + sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "XLINE over-ruled for %s, client is kline_exempt [%s]", get_client_name(client_p, HIDE_IP), aconf->host); continue; } - sendto_realops_snomask(SNO_GENERAL, L_ALL, "XLINE active for %s", - get_client_name(client_p, HIDE_IP)); + sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, + "XLINE active for %s (%s)", + get_client_name(client_p, HIDE_IP), aconf->host); (void) exit_client(client_p, client_p, &me, "Bad user info"); continue; @@ -645,11 +773,11 @@ resv_nick_fnc(const char *mask, const char *reason, int temp_time) nick = client_p->id; /* Tell opers. */ - sendto_realops_snomask(SNO_GENERAL, L_ALL, + sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "RESV forced nick change for %s!%s@%s to %s; nick matched [%s] (%s)", client_p->name, client_p->username, client_p->host, nick, mask, reason); - sendto_realops_snomask(SNO_NCHANGE, L_ALL, + sendto_realops_snomask(SNO_NCHANGE, L_NETWIDE, "Nick change: From %s to %s [%s@%s]", client_p->name, nick, client_p->username, client_p->host); @@ -1016,11 +1144,11 @@ free_exited_clients(void *unused) { s_assert(0); sendto_realops_snomask(SNO_GENERAL, L_ALL, - "On abort_list: %s stat: %u flags: %u/%u handler: %c", + "On abort_list: %s stat: %u flags: %llu handler: %c", target_p->name, (unsigned int) target_p->status, - target_p->flags, target_p->flags2, target_p->handler); + (unsigned long long)target_p->flags, target_p->handler); sendto_realops_snomask(SNO_GENERAL, L_ALL, - "Please report this to the charybdis developers!"); + "Please report this to the solanum developers!"); found++; } } @@ -1160,11 +1288,11 @@ exit_aborted_clients(void *unused) { s_assert(0); sendto_realops_snomask(SNO_GENERAL, L_ALL, - "On dead_list: %s stat: %u flags: %u/%u handler: %c", + "On dead_list: %s stat: %u flags: %llu handler: %c", abt->client->name, (unsigned int) abt->client->status, - abt->client->flags, abt->client->flags2, abt->client->handler); + (unsigned long long)abt->client->flags, abt->client->handler); sendto_realops_snomask(SNO_GENERAL, L_ALL, - "Please report this to the charybdis developers!"); + "Please report this to the solanum developers!"); continue; } } @@ -1174,7 +1302,7 @@ exit_aborted_clients(void *unused) rb_dlinkDelete(ptr, &abort_list); if(IsAnyServer(abt->client)) - sendto_realops_snomask(SNO_GENERAL, L_ALL, + sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "Closing link to %s: %s", abt->client->name, abt->notice); @@ -1291,11 +1419,18 @@ exit_remote_client(struct Client *client_p, struct Client *source_p, struct Clie */ static int -exit_unknown_client(struct Client *client_p, struct Client *source_p, struct Client *from, - const char *comment) +exit_unknown_client(struct Client *client_p, /* The local client originating the + * exit or NULL, if this exit is + * generated by this server for + * internal reasons. + * This will not get any of the + * generated messages. */ + struct Client *source_p, /* Client exiting */ + struct Client *from, /* Client firing off this Exit, + * never NULL! */ + const char *comment) { - delete_auth_queries(source_p); - abort_blacklist_queries(source_p); + authd_abort_client(source_p); rb_dlinkDelete(&source_p->localClient->tnode, &unknown_list); if(!IsIOError(source_p)) @@ -1309,7 +1444,8 @@ exit_unknown_client(struct Client *client_p, struct Client *source_p, struct Cli del_from_id_hash(source_p->id, source_p); del_from_hostname_hash(source_p->host, source_p); - del_from_client_hash(source_p->name, source_p); + if (!IsAnyServer(source_p)) + del_from_client_hash(source_p->name, source_p); remove_client_from_list(source_p); SetDead(source_p); rb_dlinkAddAlloc(source_p, &dead_list); @@ -1338,13 +1474,9 @@ exit_remote_server(struct Client *client_p, struct Client *source_p, struct Clie snprintf(newcomment, sizeof(newcomment), "by %s: %s", from->name, comment); - if(source_p->serv != NULL) - remove_dependents(client_p, source_p, from, IsPerson(from) ? newcomment : comment, comment1); + remove_dependents(client_p, source_p, from, IsPerson(from) ? newcomment : comment, comment1); - if(source_p->servptr && source_p->servptr->serv) - rb_dlinkDelete(&source_p->lnode, &source_p->servptr->serv->servers); - else - s_assert(0); + rb_dlinkDelete(&source_p->lnode, &source_p->servptr->serv->servers); rb_dlinkFindDestroy(source_p, &global_serv_list); target_p = source_p->from; @@ -1362,6 +1494,7 @@ exit_remote_server(struct Client *client_p, struct Client *source_p, struct Clie del_from_client_hash(source_p->name, source_p); remove_client_from_list(source_p); + scache_split(source_p->serv->nameinfo); SetDead(source_p); @@ -1554,6 +1687,8 @@ exit_client(struct Client *client_p, /* The local client originating the const char *comment /* Reason for the exit */ ) { + int ret = -1; + hook_data_client_exit hdata; if(IsClosing(source_p)) return -1; @@ -1574,23 +1709,25 @@ exit_client(struct Client *client_p, /* The local client originating the { /* Local clients of various types */ if(IsPerson(source_p)) - return exit_local_client(client_p, source_p, from, comment); + ret = exit_local_client(client_p, source_p, from, comment); else if(IsServer(source_p)) - return exit_local_server(client_p, source_p, from, comment); + ret = exit_local_server(client_p, source_p, from, comment); /* IsUnknown || IsConnecting || IsHandShake */ else if(!IsReject(source_p)) - return exit_unknown_client(client_p, source_p, from, comment); + ret = exit_unknown_client(client_p, source_p, from, comment); } else { /* Remotes */ if(IsPerson(source_p)) - return exit_remote_client(client_p, source_p, from, comment); + ret = exit_remote_client(client_p, source_p, from, comment); else if(IsServer(source_p)) - return exit_remote_server(client_p, source_p, from, comment); + ret = exit_remote_server(client_p, source_p, from, comment); } - return -1; + call_hook(h_after_client_exit, NULL); + + return ret; } /* @@ -1697,11 +1834,11 @@ show_ip(struct Client *source_p, struct Client *target_p) * to local opers. */ if(!ConfigFileEntry.hide_spoof_ips && - (source_p == NULL || MyOper(source_p))) + (source_p == NULL || HasPrivilege(source_p, "auspex:hostname"))) return 1; return 0; } - else if(IsDynSpoof(target_p) && (source_p != NULL && !IsOper(source_p))) + else if(IsDynSpoof(target_p) && (source_p != NULL && !HasPrivilege(source_p, "auspex:hostname"))) return 0; else return 1; @@ -1795,6 +1932,9 @@ free_user(struct User *user, struct Client *client_p) { if(user->away) rb_free((char *) user->away); + rb_free(user->opername); + if (user->privset) + privilegeset_unref(user->privset); /* * sanity check */ @@ -1949,7 +2089,7 @@ close_connection(struct Client *client_p) else ServerStats.is_ni++; - del_from_cli_connid_hash(client_p); + client_release_connids(client_p); if(client_p->localClient->F != NULL) { @@ -1996,7 +2136,7 @@ error_exit_client(struct Client *client_p, int error) { if(error == 0) { - sendto_realops_snomask(SNO_GENERAL, is_remote_connect(client_p) && !IsServer(client_p) ? L_NETWIDE : L_ALL, + sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "Server %s closed the connection", client_p->name); @@ -2005,7 +2145,7 @@ error_exit_client(struct Client *client_p, int error) } else { - sendto_realops_snomask(SNO_GENERAL, is_remote_connect(client_p) && !IsServer(client_p) ? L_NETWIDE : L_ALL, + sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "Lost connection to %s: %s", client_p->name, strerror(current_error)); ilog(L_SERVER, "Lost connection to %s: %s",