X-Git-Url: https://jfr.im/git/solanum.git/blobdiff_plain/456e5b3d641ed7bb69fbe3aec4873f89e9eee668..b84e58f90558c3b3134e749bbbbb597bdc359e8c:/src/newconf.c diff --git a/src/newconf.c b/src/newconf.c index 12893dd0..2ff8c1ef 100644 --- a/src/newconf.c +++ b/src/newconf.c @@ -32,6 +32,8 @@ #define CF_TYPE(x) ((x) & CF_MTYPE) +static int yy_defer_accept = 1; + struct TopConf *conf_cur_block; static char *conf_cur_block_name; @@ -54,6 +56,10 @@ static struct alias_entry *yy_alias = NULL; static char *yy_blacklist_host = NULL; static char *yy_blacklist_reason = NULL; +static int yy_blacklist_ipv4 = 1; +static int yy_blacklist_ipv6 = 0; +static rb_dlink_list yy_blacklist_filters; + static char *yy_privset_extends = NULL; static const char * @@ -257,6 +263,25 @@ conf_set_serverinfo_vhost6(void *data) #endif } +static void +conf_set_serverinfo_nicklen(void *data) +{ + ConfigFileEntry.nicklen = (*(unsigned int *) data) + 1; + + if (ConfigFileEntry.nicklen > NICKLEN) + { + conf_report_error("Warning -- ignoring serverinfo::nicklen -- provided nicklen (%u) is greater than allowed nicklen (%u)", + ConfigFileEntry.nicklen - 1, NICKLEN - 1); + ConfigFileEntry.nicklen = NICKLEN; + } + else if (ConfigFileEntry.nicklen < 9 + 1) + { + conf_report_error("Warning -- serverinfo::nicklen is too low (%u) -- forcing 9", + ConfigFileEntry.nicklen); + ConfigFileEntry.nicklen = 9 + 1; + } +} + static void conf_set_modules_module(void *data) { @@ -265,10 +290,8 @@ conf_set_modules_module(void *data) m_bn = rb_basename((char *) data); - if(findmodule_byname(m_bn) != -1) - return; - - load_one_module((char *) data, 0); + if(findmodule_byname(m_bn) == -1) + load_one_module((char *) data, 0); rb_free(m_bn); #else @@ -595,6 +618,9 @@ conf_end_oper(struct TopConf *tc) return 0; } } + + if(!EmptyString(yy_oper->certfp)) + yy_tmpoper->certfp = rb_strdup(yy_oper->certfp); #endif /* all is ok, put it on oper_conf_list */ @@ -615,6 +641,14 @@ conf_set_oper_flags(void *data) set_modes_from_table(&yy_oper->flags, "flag", oper_table, args); } +static void +conf_set_oper_fingerprint(void *data) +{ + if (yy_oper->certfp) + rb_free(yy_oper->certfp); + yy_oper->certfp = rb_strdup((char *) data); +} + static void conf_set_oper_privset(void *data) { @@ -811,7 +845,11 @@ conf_end_listen(struct TopConf *tc) return 0; } - +static void +conf_set_listen_defer_accept(void *data) +{ + yy_defer_accept = *(unsigned int *) data; +} static void conf_set_listen_port_both(void *data, int ssl) @@ -827,9 +865,9 @@ conf_set_listen_port_both(void *data, int ssl) } if(listener_address == NULL) { - add_listener(args->v.number, listener_address, AF_INET, ssl); + add_listener(args->v.number, listener_address, AF_INET, ssl, yy_defer_accept); #ifdef RB_IPV6 - add_listener(args->v.number, listener_address, AF_INET6, ssl); + add_listener(args->v.number, listener_address, AF_INET6, ssl, yy_defer_accept); #endif } else @@ -842,7 +880,7 @@ conf_set_listen_port_both(void *data, int ssl) #endif family = AF_INET; - add_listener(args->v.number, listener_address, family, ssl); + add_listener(args->v.number, listener_address, family, ssl, yy_defer_accept); } @@ -892,12 +930,12 @@ conf_begin_auth(struct TopConf *tc) static int conf_end_auth(struct TopConf *tc) { - struct ConfItem *yy_tmp; + struct ConfItem *yy_tmp, *found_conf; rb_dlink_node *ptr; rb_dlink_node *next_ptr; - if(EmptyString(yy_aconf->name)) - yy_aconf->name = rb_strdup("NOMATCH"); + if(EmptyString(yy_aconf->info.name)) + yy_aconf->info.name = rb_strdup("NOMATCH"); /* didnt even get one ->host? */ if(EmptyString(yy_aconf->host)) @@ -910,9 +948,11 @@ conf_end_auth(struct TopConf *tc) collapse(yy_aconf->user); collapse(yy_aconf->host); conf_add_class_to_conf(yy_aconf); - if (find_exact_conf_by_address("*", CONF_CLIENT, "*")) + if ((found_conf = find_exact_conf_by_address("*", CONF_CLIENT, "*")) && found_conf->spasswd == NULL) conf_report_error("Ignoring redundant auth block (after *@*)"); - else if (find_exact_conf_by_address(yy_aconf->host, CONF_CLIENT, yy_aconf->user)) + else if ((found_conf = find_exact_conf_by_address(yy_aconf->host, CONF_CLIENT, yy_aconf->user)) && + (!found_conf->spasswd || (yy_aconf->spasswd && + 0 == irccmp(found_conf->spasswd, yy_aconf->spasswd)))) conf_report_error("Ignoring duplicate auth block for %s@%s", yy_aconf->user, yy_aconf->host); else @@ -929,7 +969,7 @@ conf_end_auth(struct TopConf *tc) yy_tmp->spasswd = rb_strdup(yy_aconf->spasswd); /* this will always exist.. */ - yy_tmp->name = rb_strdup(yy_aconf->name); + yy_tmp->info.name = rb_strdup(yy_aconf->info.name); if(yy_aconf->className) yy_tmp->className = rb_strdup(yy_aconf->className); @@ -942,9 +982,11 @@ conf_end_auth(struct TopConf *tc) conf_add_class_to_conf(yy_tmp); - if (find_exact_conf_by_address("*", CONF_CLIENT, "*")) + if ((found_conf = find_exact_conf_by_address("*", CONF_CLIENT, "*")) && found_conf->spasswd == NULL) conf_report_error("Ignoring redundant auth block (after *@*)"); - else if (find_exact_conf_by_address(yy_tmp->host, CONF_CLIENT, yy_tmp->user)) + else if ((found_conf = find_exact_conf_by_address(yy_tmp->host, CONF_CLIENT, yy_tmp->user)) && + (!found_conf->spasswd || (yy_tmp->spasswd && + 0 == irccmp(found_conf->spasswd, yy_tmp->spasswd)))) conf_report_error("Ignoring duplicate auth block for %s@%s", yy_tmp->user, yy_tmp->host); else @@ -1062,8 +1104,8 @@ conf_set_auth_spoof(void *data) return; } - rb_free(yy_aconf->name); - yy_aconf->name = rb_strdup(data); + rb_free(yy_aconf->info.name); + yy_aconf->info.name = rb_strdup(data); yy_aconf->flags |= CONF_FLAGS_SPOOF_IP; } @@ -1079,8 +1121,8 @@ static void conf_set_auth_redir_serv(void *data) { yy_aconf->flags |= CONF_FLAGS_REDIR; - rb_free(yy_aconf->name); - yy_aconf->name = rb_strdup(data); + rb_free(yy_aconf->info.name); + yy_aconf->info.name = rb_strdup(data); } static void @@ -1234,9 +1276,9 @@ conf_end_connect(struct TopConf *tc) return 0; } - if(EmptyString(yy_server->passwd) || EmptyString(yy_server->spasswd)) + if((EmptyString(yy_server->passwd) || EmptyString(yy_server->spasswd)) && EmptyString(yy_server->certfp)) { - conf_report_error("Ignoring connect block for %s -- missing password.", + conf_report_error("Ignoring connect block for %s -- no fingerprint or password credentials provided.", yy_server->name); return 0; } @@ -1308,6 +1350,17 @@ conf_set_connect_accept_password(void *data) yy_server->passwd = rb_strdup(data); } +static void +conf_set_connect_fingerprint(void *data) +{ + if (yy_server->certfp) + rb_free(yy_server->certfp); + yy_server->certfp = rb_strdup((char *) data); + + /* force SSL to be enabled if fingerprint is enabled. */ + yy_server->flags |= SERVER_SSL; +} + static void conf_set_connect_port(void *data) { @@ -1566,6 +1619,7 @@ conf_set_general_default_umodes(void *data) /* don't allow +o */ case 'o': case 'S': + case 'Z': case ' ': break; @@ -1635,26 +1689,9 @@ conf_set_serverhide_links_delay(void *data) ConfigServerHide.links_delay = val; } -static int -conf_begin_service(struct TopConf *tc) -{ - struct Client *target_p; - rb_dlink_node *ptr; - - RB_DLINK_FOREACH(ptr, global_serv_list.head) - { - target_p = ptr->data; - - target_p->flags &= ~FLAGS_SERVICE; - } - - return 0; -} - static void conf_set_service_name(void *data) { - struct Client *target_p; const char *s; char *tmp; int dots = 0; @@ -1679,9 +1716,6 @@ conf_set_service_name(void *data) tmp = rb_strdup(data); rb_dlinkAddAlloc(tmp, &service_list); - - if((target_p = find_server(NULL, tmp))) - target_p->flags |= FLAGS_SERVICE; } static int @@ -1745,25 +1779,188 @@ conf_set_alias_target(void *data) yy_alias->target = rb_strdup(data); } +/* XXX for below */ +static void conf_set_blacklist_reason(void *data); + static void conf_set_blacklist_host(void *data) { + if (yy_blacklist_host) + { + conf_report_error("blacklist::host %s overlaps existing host %s", + (char *)data, yy_blacklist_host); + + /* Cleanup */ + conf_set_blacklist_reason(NULL); + return; + } + + yy_blacklist_ipv4 = 1; + yy_blacklist_ipv6 = 0; yy_blacklist_host = rb_strdup(data); } +static void +conf_set_blacklist_type(void *data) +{ + conf_parm_t *args = data; + + /* Don't assume we have either if we got here */ + yy_blacklist_ipv4 = 0; + yy_blacklist_ipv6 = 0; + + for (; args; args = args->next) + { + if (!strcasecmp(args->v.string, "ipv4")) + yy_blacklist_ipv4 = 1; + else if (!strcasecmp(args->v.string, "ipv6")) + yy_blacklist_ipv6 = 1; + else + conf_report_error("blacklist::type has unknown address family %s", + args->v.string); + } + + /* If we have neither, just default to IPv4 */ + if (!yy_blacklist_ipv4 && !yy_blacklist_ipv6) + { + conf_report_error("blacklist::type has neither IPv4 nor IPv6 (defaulting to IPv4)"); + yy_blacklist_ipv4 = 1; + } +} + +static void +conf_set_blacklist_matches(void *data) +{ + conf_parm_t *args = data; + + for (; args; args = args->next) + { + struct BlacklistFilter *filter; + char *str = args->v.string; + char *p; + int type = BLACKLIST_FILTER_LAST; + + if (CF_TYPE(args->type) != CF_QSTRING) + { + conf_report_error("blacklist::matches -- must be quoted string"); + continue; + } + + if (str == NULL) + { + conf_report_error("blacklist::matches -- invalid entry"); + continue; + } + + if (strlen(str) > HOSTIPLEN) + { + conf_report_error("blacklist::matches has an entry too long: %s", + str); + continue; + } + + for (p = str; *p != '\0'; p++) + { + /* Check for validity */ + if (*p == '.') + type = BLACKLIST_FILTER_ALL; + else if (!isalnum(*p)) + { + conf_report_error("blacklist::matches has invalid IP match entry %s", + str); + type = 0; + break; + } + } + + if (type == BLACKLIST_FILTER_ALL) + { + /* Basic IP sanity check */ + struct rb_sockaddr_storage tmp; + if (rb_inet_pton(AF_INET, str, &tmp) <= 0) + { + conf_report_error("blacklist::matches has invalid IP match entry %s", + str); + continue; + } + } + else if (type == BLACKLIST_FILTER_LAST) + { + /* Verify it's the correct length */ + if (strlen(str) > 3) + { + conf_report_error("blacklist::matches has invalid octet match entry %s", + str); + continue; + } + } + else + { + continue; /* Invalid entry */ + } + + filter = rb_malloc(sizeof(struct BlacklistFilter)); + filter->type = type; + rb_strlcpy(filter->filterstr, str, sizeof(filter->filterstr)); + + rb_dlinkAdd(filter, &filter->node, &yy_blacklist_filters); + } +} + static void conf_set_blacklist_reason(void *data) { yy_blacklist_reason = rb_strdup(data); + rb_dlink_node *ptr, *nptr; if (yy_blacklist_host && yy_blacklist_reason) { - new_blacklist(yy_blacklist_host, yy_blacklist_reason); - rb_free(yy_blacklist_host); - rb_free(yy_blacklist_reason); - yy_blacklist_host = NULL; - yy_blacklist_reason = NULL; + if (yy_blacklist_ipv6) + { + /* Make sure things fit (64 = alnum count + dots) */ + if ((64 + strlen(yy_blacklist_host)) > IRCD_RES_HOSTLEN) + { + conf_report_error("blacklist::host %s results in IPv6 queries that are too long", + yy_blacklist_host); + goto cleanup_bl; + } + } + /* Avoid doing redundant check, IPv6 is bigger than IPv4 --Elizabeth */ + if (yy_blacklist_ipv4 && !yy_blacklist_ipv6) + { + /* Make sure things fit (16 = number of nums + dots) */ + if ((16 + strlen(yy_blacklist_host)) > IRCD_RES_HOSTLEN) + { + conf_report_error("blacklist::host %s results in IPv4 queries that are too long", + yy_blacklist_host); + goto cleanup_bl; + } + } + + new_blacklist(yy_blacklist_host, yy_blacklist_reason, yy_blacklist_ipv4, yy_blacklist_ipv6, + &yy_blacklist_filters); + } + +cleanup_bl: + if (data == NULL) + { + RB_DLINK_FOREACH_SAFE(ptr, nptr, yy_blacklist_filters.head) + { + rb_dlinkDelete(ptr, &yy_blacklist_filters); + rb_free(ptr); + } } + else + { + yy_blacklist_filters = (rb_dlink_list){ NULL, NULL, 0 }; + } + + rb_free(yy_blacklist_host); + rb_free(yy_blacklist_reason); + yy_blacklist_host = NULL; + yy_blacklist_reason = NULL; + yy_blacklist_ipv4 = 1; + yy_blacklist_ipv6 = 0; } /* public functions */ @@ -1857,7 +2054,7 @@ conf_call_set(struct TopConf *tc, char *item, conf_parm_t * value, int type) /* if it takes one thing, make sure they only passed one thing, and handle as needed. */ - if(value->type & CF_FLIST && !cf->cf_type & CF_FLIST) + if((value->v.list->type & CF_FLIST) && !(cf->cf_type & CF_FLIST)) { conf_report_error ("Option %s::%s does not take a list of values.", tc->tc_name, item); @@ -1945,7 +2142,7 @@ add_conf_item(const char *topconf, const char *name, int type, void (*func) (voi if((tc = find_top_conf(topconf)) == NULL) return -1; - if((cf = find_conf_item(tc, name)) != NULL) + if(find_conf_item(tc, name) != NULL) return -1; cf = rb_malloc(sizeof(struct ConfEntry)); @@ -2003,6 +2200,8 @@ static struct ConfEntry conf_serverinfo_table[] = { "default_max_clients",CF_INT, NULL, 0, &ServerInfo.default_max_clients }, + { "nicklen", CF_INT, conf_set_serverinfo_nicklen, 0, NULL }, + { "\0", 0, NULL, 0, NULL } }; @@ -2016,15 +2215,15 @@ static struct ConfEntry conf_admin_table[] = static struct ConfEntry conf_log_table[] = { - { "fname_userlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_userlog }, - { "fname_fuserlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_fuserlog }, - { "fname_operlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_operlog }, - { "fname_foperlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_foperlog }, - { "fname_serverlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_serverlog }, - { "fname_killlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_killlog }, - { "fname_klinelog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_klinelog }, - { "fname_operspylog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_operspylog }, - { "fname_ioerrorlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_ioerrorlog }, + { "fname_userlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_userlog }, + { "fname_fuserlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_fuserlog }, + { "fname_operlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_operlog }, + { "fname_foperlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_foperlog }, + { "fname_serverlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_serverlog }, + { "fname_killlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_killlog }, + { "fname_klinelog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_klinelog }, + { "fname_operspylog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_operspylog }, + { "fname_ioerrorlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_ioerrorlog }, { "\0", 0, NULL, 0, NULL } }; @@ -2037,6 +2236,7 @@ static struct ConfEntry conf_operator_table[] = { "snomask", CF_QSTRING, conf_set_oper_snomask, 0, NULL }, { "user", CF_QSTRING, conf_set_oper_user, 0, NULL }, { "password", CF_QSTRING, conf_set_oper_password, 0, NULL }, + { "fingerprint", CF_QSTRING, conf_set_oper_fingerprint, 0, NULL }, { "\0", 0, NULL, 0, NULL } }; @@ -2081,6 +2281,7 @@ static struct ConfEntry conf_connect_table[] = { { "send_password", CF_QSTRING, conf_set_connect_send_password, 0, NULL }, { "accept_password", CF_QSTRING, conf_set_connect_accept_password, 0, NULL }, + { "fingerprint", CF_QSTRING, conf_set_connect_fingerprint, 0, NULL }, { "flags", CF_STRING | CF_FLIST, conf_set_connect_flags, 0, NULL }, { "host", CF_QSTRING, conf_set_connect_host, 0, NULL }, { "vhost", CF_QSTRING, conf_set_connect_vhost, 0, NULL }, @@ -2108,7 +2309,7 @@ static struct ConfEntry conf_general_table[] = { "default_operstring", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.default_operstring }, { "default_adminstring",CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.default_adminstring }, { "servicestring", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.servicestring }, - { "egdpool_path", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.egdpool_path }, + { "egdpool_path", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.egdpool_path }, { "kline_reason", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.kline_reason }, { "identify_service", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.identifyservice }, { "identify_command", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.identifycommand }, @@ -2123,10 +2324,11 @@ static struct ConfEntry conf_general_table[] = { "burst_away", CF_YESNO, NULL, 0, &ConfigFileEntry.burst_away }, { "caller_id_wait", CF_TIME, NULL, 0, &ConfigFileEntry.caller_id_wait }, { "client_exit", CF_YESNO, NULL, 0, &ConfigFileEntry.client_exit }, - { "client_flood", CF_INT, NULL, 0, &ConfigFileEntry.client_flood }, { "collision_fnc", CF_YESNO, NULL, 0, &ConfigFileEntry.collision_fnc }, + { "resv_fnc", CF_YESNO, NULL, 0, &ConfigFileEntry.resv_fnc }, { "connect_timeout", CF_TIME, NULL, 0, &ConfigFileEntry.connect_timeout }, { "default_floodcount", CF_INT, NULL, 0, &ConfigFileEntry.default_floodcount }, + { "default_ident_timeout", CF_INT, NULL, 0, &ConfigFileEntry.default_ident_timeout }, { "disable_auth", CF_YESNO, NULL, 0, &ConfigFileEntry.disable_auth }, { "dots_in_ident", CF_INT, NULL, 0, &ConfigFileEntry.dots_in_ident }, { "failed_oper_notice", CF_YESNO, NULL, 0, &ConfigFileEntry.failed_oper_notice }, @@ -2166,6 +2368,14 @@ static struct ConfEntry conf_general_table[] = { "ts_warn_delta", CF_TIME, NULL, 0, &ConfigFileEntry.ts_warn_delta }, { "use_whois_actually", CF_YESNO, NULL, 0, &ConfigFileEntry.use_whois_actually }, { "warn_no_nline", CF_YESNO, NULL, 0, &ConfigFileEntry.warn_no_nline }, + { "use_propagated_bans",CF_YESNO, NULL, 0, &ConfigFileEntry.use_propagated_bans }, + { "client_flood_max_lines", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_max_lines }, + { "client_flood_burst_rate", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_burst_rate }, + { "client_flood_burst_max", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_burst_max }, + { "client_flood_message_num", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_message_num }, + { "client_flood_message_time", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_message_time }, + { "max_ratelimit_tokens", CF_INT, NULL, 0, &ConfigFileEntry.max_ratelimit_tokens }, + { "away_interval", CF_INT, NULL, 0, &ConfigFileEntry.away_interval }, { "\0", 0, NULL, 0, NULL } }; @@ -2185,9 +2395,11 @@ static struct ConfEntry conf_channel_table[] = { "only_ascii_channels", CF_YESNO, NULL, 0, &ConfigChannel.only_ascii_channels }, { "use_except", CF_YESNO, NULL, 0, &ConfigChannel.use_except }, { "use_invex", CF_YESNO, NULL, 0, &ConfigChannel.use_invex }, - { "use_knock", CF_YESNO, NULL, 0, &ConfigChannel.use_knock }, { "use_forward", CF_YESNO, NULL, 0, &ConfigChannel.use_forward }, + { "use_knock", CF_YESNO, NULL, 0, &ConfigChannel.use_knock }, { "resv_forcepart", CF_YESNO, NULL, 0, &ConfigChannel.resv_forcepart }, + { "channel_target_change", CF_YESNO, NULL, 0, &ConfigChannel.channel_target_change }, + { "disable_local_channels", CF_YESNO, NULL, 0, &ConfigChannel.disable_local_channels }, { "\0", 0, NULL, 0, NULL } }; @@ -2216,6 +2428,7 @@ newconf_init() add_top_conf("privset", NULL, NULL, conf_privset_table); add_top_conf("listen", conf_begin_listen, conf_end_listen, NULL); + add_conf_item("listen", "defer_accept", CF_YESNO, conf_set_listen_defer_accept); add_conf_item("listen", "port", CF_INT | CF_FLIST, conf_set_listen_port); add_conf_item("listen", "sslport", CF_INT | CF_FLIST, conf_set_listen_sslport); add_conf_item("listen", "ip", CF_QSTRING, conf_set_listen_address); @@ -2240,7 +2453,7 @@ newconf_init() add_top_conf("channel", NULL, NULL, conf_channel_table); add_top_conf("serverhide", NULL, NULL, conf_serverhide_table); - add_top_conf("service", conf_begin_service, NULL, NULL); + add_top_conf("service", NULL, NULL, NULL); add_conf_item("service", "name", CF_QSTRING, conf_set_service_name); add_top_conf("alias", conf_begin_alias, conf_end_alias, NULL); @@ -2249,5 +2462,7 @@ newconf_init() add_top_conf("blacklist", NULL, NULL, NULL); add_conf_item("blacklist", "host", CF_QSTRING, conf_set_blacklist_host); + add_conf_item("blacklist", "type", CF_STRING | CF_FLIST, conf_set_blacklist_type); + add_conf_item("blacklist", "matches", CF_QSTRING | CF_FLIST, conf_set_blacklist_matches); add_conf_item("blacklist", "reject_reason", CF_QSTRING, conf_set_blacklist_reason); }