X-Git-Url: https://jfr.im/git/solanum.git/blobdiff_plain/8f103562177a59758d4d12069ac6bfe805a22537..04e5ed6c57154114cca330767e3bfb1006b46ee9:/include/client.h diff --git a/include/client.h b/include/client.h index 508b9db2..d3ff6a57 100644 --- a/include/client.h +++ b/include/client.h @@ -21,22 +21,16 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 * USA - * - * $Id: client.h 3446 2007-05-14 22:21:16Z jilles $ */ #ifndef INCLUDED_client_h #define INCLUDED_client_h -#include "config.h" - -#if !defined(CONFIG_RATBOX_LEVEL_1) -#error Incorrect config.h for this revision of ircd. -#endif +#include "defaults.h" #include "ircd_defs.h" #include "channel.h" -#include "res.h" +#include "dns.h" #include "snomask.h" #include "match.h" #include "ircd.h" @@ -47,12 +41,16 @@ struct Blacklist; /* we store ipv6 ips for remote clients, so this needs to be v6 always */ #define HOSTIPLEN 53 /* sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255.ipv6") */ -#define PASSWDLEN 128 -#define CIPHERKEYLEN 64 /* 512bit */ -#define CLIENT_BUFSIZE 512 /* must be at least 512 bytes */ +#define PASSWDLEN 128 +#define CIPHERKEYLEN 64 /* 512bit */ #define IDLEN 10 +#define TGCHANGE_NUM 10 /* how many targets we keep track of */ +#define TGCHANGE_REPLY 5 /* how many reply targets */ +#define TGCHANGE_INITIAL 10 /* initial free targets (normal) */ +#define TGCHANGE_INITIAL_LOW 4 /* initial free targets (possible spambot) */ + /* * pre declare structs */ @@ -64,10 +62,12 @@ struct Client; struct User; struct Server; struct LocalUser; -struct AuthRequest; struct PreClient; struct ListClient; struct scache_entry; +struct ws_ctl; + +typedef int SSL_OPEN_CB(struct Client *, int status); /* * Client structures @@ -79,6 +79,9 @@ struct User char *away; /* pointer to away message */ int refcnt; /* Number of times this block is referenced */ + char *opername; /* name of operator{} block being used or tried (challenge) */ + struct PrivilegeSet *privset; + char suser[NICKLEN+1]; }; @@ -112,11 +115,11 @@ struct Client struct Client *servptr; /* Points to server this Client is on */ struct Client *from; /* == self, if Local Client, *NEVER* NULL! */ - struct Whowas *whowas; /* Pointers to whowas structs */ + rb_dlink_list whowas_clist; + time_t tsinfo; /* TS on the nick, SVINFO on server */ unsigned int umodes; /* opers, normal users subset */ - unsigned int flags; /* client flags */ - unsigned int flags2; /* ugh. overflow */ + uint64_t flags; /* client flags */ unsigned int snomask; /* server notice mask */ @@ -126,12 +129,12 @@ struct Client unsigned long serial; /* used to enforce 1 send per nick */ /* client->name is the unique name for a client nick or host */ - char name[HOSTLEN + 1]; + char name[NAMELEN + 1]; - /* - * client->username is the username from ident or the USER message, - * If the client is idented the USER message is ignored, otherwise - * the username part of the USER message is put here prefixed with a + /* + * client->username is the username from ident or the USER message, + * If the client is idented the USER message is ignored, otherwise + * the username part of the USER message is put here prefixed with a * tilde depending on the I:line, Once a client has registered, this * field should be considered read-only. */ @@ -161,23 +164,26 @@ struct Client struct PreClient *preClient; time_t large_ctcp_sent; /* ctcp to large group sent, relax flood checks */ + char *certfp; /* client certificate fingerprint */ }; struct LocalUser { - rb_dlink_node tnode; /* This is the node for the local list type the client is on*/ + rb_dlink_node tnode; /* This is the node for the local list type the client is on */ + rb_dlink_list connids; /* This is the list of connids to free */ + /* * The following fields are allocated only for local clients * (directly connected to *this* server with a socket. */ /* Anti flooding part, all because of lamers... */ - time_t last_join_time; /* when this client last + time_t last_join_time; /* when this client last joined a channel */ - time_t last_leave_time; /* when this client last + time_t last_leave_time; /* when this client last * left a channel */ - int join_leave_count; /* count of JOIN/LEAVE in less than + int join_leave_count; /* count of JOIN/LEAVE in less than MIN_JOIN_LEAVE_TIME seconds */ - int oper_warn_count_down; /* warn opers of this possible + int oper_warn_count_down; /* warn opers of this possible spambot every time this gets to 0 */ time_t last_caller_id_time; @@ -187,22 +193,25 @@ struct LocalUser /* Send and receive linebuf queues .. */ buf_head_t buf_sendq; buf_head_t buf_recvq; + /* * we want to use unsigned int here so the sizes have a better chance of * staying the same on 64 bit machines. The current trend is to use * I32LP64, (32 bit ints, 64 bit longs and pointers) and since ircd - * will NEVER run on an operating system where ints are less than 32 bits, + * will NEVER run on an operating system where ints are less than 32 bits, * it's a relatively safe bet to use ints. Since right shift operations are - * performed on these, it's not safe to allow them to become negative, - * which is possible for long running server connections. Unsigned values + * performed on these, it's not safe to allow them to become negative, + * which is possible for long running server connections. Unsigned values * generally overflow gracefully. --Bleep + * + * We have modern conveniences. Let's use uint32_t. --Elizafox */ - unsigned int sendM; /* Statistics: protocol messages send */ - unsigned int sendK; /* Statistics: total k-bytes send */ - unsigned int receiveM; /* Statistics: protocol messages received */ - unsigned int receiveK; /* Statistics: total k-bytes received */ - unsigned short sendB; /* counters to count upto 1-k lots of bytes */ - unsigned short receiveB; /* sent and received. */ + uint32_t sendM; /* Statistics: protocol messages send */ + uint32_t sendK; /* Statistics: total k-bytes send */ + uint32_t receiveM; /* Statistics: protocol messages received */ + uint32_t receiveK; /* Statistics: total k-bytes received */ + uint16_t sendB; /* counters to count upto 1-k lots of bytes */ + uint16_t receiveB; /* sent and received. */ struct Listener *listener; /* listener accepted from */ struct ConfItem *att_conf; /* attached conf */ struct server_conf *att_sconf; @@ -219,9 +228,9 @@ struct LocalUser */ char *passwd; char *auth_user; - char *opername; /* name of operator{} block being used or tried (challenge) */ char *challenge; char *fullcaps; + char *cipher_string; int caps; /* capabilities bit-field */ rb_fde_t *F; /* >= 0, for local clients */ @@ -229,9 +238,7 @@ struct LocalUser /* time challenge response is valid for */ time_t chal_time; - struct DNSQuery *dnsquery; /* for outgoing server's name lookup */ - - time_t last_away; /* Away since... */ + time_t next_away; /* Don't allow next away before... */ time_t last; /* clients allowed to talk through +g */ @@ -246,18 +253,23 @@ struct LocalUser * to avoid flooding. * -- adrian */ - int allow_read; /* how many we're allowed to read in this second */ - int actually_read; /* how many we've actually read in this second */ int sent_parsed; /* how many messages we've parsed in this second */ time_t last_knock; /* time of last knock */ - unsigned long random_ping; - struct AuthRequest *auth_request; + uint32_t random_ping; /* target change stuff */ - uint32_t targets[10]; /* targets were aware of (fnv32(use_id(target_p))) */ - unsigned int targinfo[2]; /* cyclic array, no in use */ + /* targets we're aware of (fnv32(use_id(target_p))): + * 0..TGCHANGE_NUM-1 regular slots + * TGCHANGE_NUM..TGCHANGE_NUM+TGCHANGE_REPLY-1 reply slots + */ + uint32_t targets[TGCHANGE_NUM + TGCHANGE_REPLY]; + unsigned int targets_free; /* free targets */ time_t target_last; /* last time we cleared a slot */ + /* ratelimit items */ + time_t ratelimit; + unsigned int join_who_credits; + struct ListClient *safelist_data; char *mangledhost; /* non-NULL if host mangling module loaded and @@ -265,12 +277,34 @@ struct LocalUser struct _ssl_ctl *ssl_ctl; /* which ssl daemon we're associate with */ struct _ssl_ctl *z_ctl; /* second ctl for ssl+zlib */ + struct ws_ctl *ws_ctl; /* ctl for wsockd */ + SSL_OPEN_CB *ssl_callback; /* ssl connection is now open */ uint32_t localflags; struct ZipStats *zipstats; /* zipstats */ uint16_t cork_count; /* used for corking/uncorking connections */ struct ev_entry *event; /* used for associated events */ - struct PrivilegeSet *privset; /* privset... */ + char sasl_agent[IDLEN]; + unsigned char sasl_out; + unsigned char sasl_complete; + + unsigned int sasl_messages; + unsigned int sasl_failures; + time_t sasl_next_retry; +}; + +#define AUTHC_F_DEFERRED 0x01 +#define AUTHC_F_COMPLETE 0x02 + +struct AuthClient +{ + uint32_t cid; /* authd id */ + time_t timeout; /* When to terminate authd query */ + bool accepted; /* did authd accept us? */ + char cause; /* rejection cause */ + char *data; /* reason data */ + char *reason; /* reason we were rejected */ + int flags; }; struct PreClient @@ -279,24 +313,19 @@ struct PreClient char spoofuser[USERLEN + 1]; char spoofhost[HOSTLEN + 1]; - char sasl_agent[IDLEN]; - unsigned char sasl_out; - unsigned char sasl_complete; - - rb_dlink_list dnsbl_queries; /* list of struct BlacklistClient * */ - struct Blacklist *dnsbl_listed; /* first dnsbl where it's listed */ + struct AuthClient auth; struct rb_sockaddr_storage lip; /* address of our side of the connection */ + + char id[IDLEN]; /* UID/SID, unique on the network (unverified) */ }; struct ListClient { - unsigned int hash_indice; + char *chname; unsigned int users_min, users_max; - - /* It would be nice to add other modifiers, - * but not for 1.1 --nenolod - */ + time_t created_min, created_max, topic_min, topic_max; + int operspy; }; /* @@ -375,29 +404,42 @@ struct ListClient /* housekeeping flags */ -#define FLAGS_PINGSENT 0x0001 /* Unreplied ping sent */ -#define FLAGS_DEAD 0x0002 /* Local socket is dead--Exiting soon */ -#define FLAGS_KILLED 0x0004 /* Prevents "QUIT" from being sent for this */ -#define FLAGS_SENTUSER 0x0008 /* Client sent a USER command. */ -#define FLAGS_CLICAP 0x0010 /* In CAP negotiation, wait for CAP END */ -#define FLAGS_CLOSING 0x0020 /* set when closing to suppress errors */ -#define FLAGS_PING_COOKIE 0x0040 /* has sent ping cookie */ -#define FLAGS_GOTID 0x0080 /* successful ident lookup achieved */ -#define FLAGS_FLOODDONE 0x0100 /* flood grace period over / reported */ -#define FLAGS_NORMALEX 0x0400 /* Client exited normally */ -#define FLAGS_MARK 0x10000 /* marked client */ -#define FLAGS_HIDDEN 0x20000 /* hidden server */ -#define FLAGS_EOB 0x40000 /* EOB */ -#define FLAGS_MYCONNECT 0x80000 /* MyConnect */ -#define FLAGS_IOERROR 0x100000 /* IO error */ -#define FLAGS_SERVICE 0x200000 /* network service */ -#define FLAGS_TGCHANGE 0x400000 /* we're allowed to clear something */ -#define FLAGS_DYNSPOOF 0x800000 /* dynamic spoof, only opers see ip */ +#define FLAGS_PINGSENT 0x00000001 /* Unreplied ping sent */ +#define FLAGS_DEAD 0x00000002 /* Local socket is dead--Exiting soon */ +#define FLAGS_KILLED 0x00000004 /* Prevents "QUIT" from being sent for this */ +#define FLAGS_SENTUSER 0x00000008 /* Client sent a USER command. */ +#define FLAGS_CLICAP 0x00000010 /* In CAP negotiation, wait for CAP END */ +#define FLAGS_CLOSING 0x00000020 /* set when closing to suppress errors */ +#define FLAGS_PING_COOKIE 0x00000040 /* has sent ping cookie */ +#define FLAGS_GOTID 0x00000080 /* successful ident lookup achieved */ +#define FLAGS_FLOODDONE 0x00000100 /* flood grace period over / reported */ +#define FLAGS_NORMALEX 0x00000200 /* Client exited normally */ +#define FLAGS_MARK 0x00000400 /* marked client */ +#define FLAGS_HIDDEN 0x00000800 /* hidden server */ +#define FLAGS_EOB 0x00001000 /* EOB */ +#define FLAGS_MYCONNECT 0x00002000 /* MyConnect */ +#define FLAGS_IOERROR 0x00004000 /* IO error */ +#define FLAGS_SERVICE 0x00008000 /* network service */ +#define FLAGS_TGCHANGE 0x00010000 /* we're allowed to clear something */ +#define FLAGS_DYNSPOOF 0x00020000 /* dynamic spoof, only opers see ip */ +#define FLAGS_TGEXCESSIVE 0x00040000 /* whether the client has attemped to change targets excessively fast */ +#define FLAGS_CLICAP_DATA 0x00080000 /* requested CAP LS 302 */ +#define FLAGS_EXTENDCHANS 0x00100000 +#define FLAGS_EXEMPTRESV 0x00200000 +#define FLAGS_EXEMPTKLINE 0x00400000 +#define FLAGS_EXEMPTFLOOD 0x00800000 +#define FLAGS_IP_SPOOFING 0x01000000 +#define FLAGS_EXEMPTSPAMBOT 0x02000000 +#define FLAGS_EXEMPTSHIDE 0x04000000 +#define FLAGS_EXEMPTJUPE 0x08000000 + /* flags for local clients, this needs stuff moved from above to here at some point */ #define LFLAGS_SSL 0x00000001 #define LFLAGS_FLUSH 0x00000002 #define LFLAGS_CORK 0x00000004 +#define LFLAGS_SCTP 0x00000008 +#define LFLAGS_INSECURE 0x00000010 /* for marking SSL clients as insecure before registration */ /* umodes, settable flags */ /* lots of this moved to snomask -- jilles */ @@ -410,30 +452,16 @@ struct ListClient #define UMODE_SERVICE 0x0040 #define UMODE_DEAF 0x0080 #define UMODE_NOFORWARD 0x0100 /* don't forward */ -#define UMODE_REGONLYMSG 0x0200 /* only allow logged in users to msg */ /* user information flags, only settable by remote mode or local oper */ #define UMODE_OPER 0x1000 /* Operator */ #define UMODE_ADMIN 0x2000 /* Admin on server */ #define UMODE_SSLCLIENT 0x4000 /* using SSL */ -/* overflow flags */ -/* EARLIER FLAGS ARE IN s_newconf.h */ -#define FLAGS2_EXEMPTRESV 0x00400000 -#define FLAGS2_EXEMPTKLINE 0x00800000 -#define FLAGS2_EXEMPTFLOOD 0x01000000 -#define FLAGS2_IP_SPOOFING 0x10000000 -#define FLAGS2_EXEMPTSPAMBOT 0x20000000 -#define FLAGS2_EXEMPTSHIDE 0x40000000 -#define FLAGS2_EXEMPTJUPE 0x80000000 - #define DEFAULT_OPER_UMODES (UMODE_SERVNOTICE | UMODE_OPERWALL | \ UMODE_WALLOP | UMODE_LOCOPS) #define DEFAULT_OPER_SNOMASK SNO_GENERAL -#define CLICAP_MULTI_PREFIX 0x0001 -#define CLICAP_SASL 0x0002 - /* * flags macros. */ @@ -467,6 +495,9 @@ struct ListClient #define IsDynSpoof(x) ((x)->flags & FLAGS_DYNSPOOF) #define SetDynSpoof(x) ((x)->flags |= FLAGS_DYNSPOOF) #define ClearDynSpoof(x) ((x)->flags &= ~FLAGS_DYNSPOOF) +#define IsTGExcessive(x) ((x)->flags & FLAGS_TGEXCESSIVE) +#define SetTGExcessive(x) ((x)->flags |= FLAGS_TGEXCESSIVE) +#define ClearTGExcessive(x) ((x)->flags &= ~FLAGS_TGEXCESSIVE) /* local flags */ @@ -478,6 +509,14 @@ struct ListClient #define SetFlush(x) ((x)->localClient->localflags |= LFLAGS_FLUSH) #define ClearFlush(x) ((x)->localClient->localflags &= ~LFLAGS_FLUSH) +#define IsSCTP(x) ((x)->localClient->localflags & LFLAGS_SCTP) +#define SetSCTP(x) ((x)->localClient->localflags |= LFLAGS_SCTP) +#define ClearSCTP(x) ((x)->localClient->localflags &= ~LFLAGS_SCTP) + +#define IsInsecure(x) ((x)->localClient->localflags & LFLAGS_INSECURE) +#define SetInsecure(x) ((x)->localClient->localflags |= LFLAGS_INSECURE) +#define ClearInsecure(x) ((x)->localClient->localflags &= ~LFLAGS_INSECURE) + /* oper flags */ #define MyOper(x) (MyConnect(x) && IsOper(x)) @@ -503,28 +542,26 @@ struct ListClient #define IsService(x) ((x)->umodes & UMODE_SERVICE) #define IsDeaf(x) ((x)->umodes & UMODE_DEAF) #define IsNoForward(x) ((x)->umodes & UMODE_NOFORWARD) -#define IsSetRegOnlyMsg(x) ((x)->umodes & UMODE_REGONLYMSG) #define SetGotId(x) ((x)->flags |= FLAGS_GOTID) #define IsGotId(x) (((x)->flags & FLAGS_GOTID) != 0) -/* - * flags2 macros. - */ -#define IsExemptKline(x) ((x)->flags2 & FLAGS2_EXEMPTKLINE) -#define SetExemptKline(x) ((x)->flags2 |= FLAGS2_EXEMPTKLINE) -#define IsExemptFlood(x) ((x)->flags2 & FLAGS2_EXEMPTFLOOD) -#define SetExemptFlood(x) ((x)->flags2 |= FLAGS2_EXEMPTFLOOD) -#define IsExemptSpambot(x) ((x)->flags2 & FLAGS2_EXEMPTSPAMBOT) -#define SetExemptSpambot(x) ((x)->flags2 |= FLAGS2_EXEMPTSPAMBOT) -#define IsExemptShide(x) ((x)->flags2 & FLAGS2_EXEMPTSHIDE) -#define SetExemptShide(x) ((x)->flags2 |= FLAGS2_EXEMPTSHIDE) -#define IsExemptJupe(x) ((x)->flags2 & FLAGS2_EXEMPTJUPE) -#define SetExemptJupe(x) ((x)->flags2 |= FLAGS2_EXEMPTJUPE) -#define IsExemptResv(x) ((x)->flags2 & FLAGS2_EXEMPTRESV) -#define SetExemptResv(x) ((x)->flags2 |= FLAGS2_EXEMPTRESV) -#define IsIPSpoof(x) ((x)->flags2 & FLAGS2_IP_SPOOFING) -#define SetIPSpoof(x) ((x)->flags2 |= FLAGS2_IP_SPOOFING) +#define IsExemptKline(x) ((x)->flags & FLAGS_EXEMPTKLINE) +#define SetExemptKline(x) ((x)->flags |= FLAGS_EXEMPTKLINE) +#define IsExemptFlood(x) ((x)->flags & FLAGS_EXEMPTFLOOD) +#define SetExemptFlood(x) ((x)->flags |= FLAGS_EXEMPTFLOOD) +#define IsExemptSpambot(x) ((x)->flags & FLAGS_EXEMPTSPAMBOT) +#define SetExemptSpambot(x) ((x)->flags |= FLAGS_EXEMPTSPAMBOT) +#define IsExemptShide(x) ((x)->flags & FLAGS_EXEMPTSHIDE) +#define SetExemptShide(x) ((x)->flags |= FLAGS_EXEMPTSHIDE) +#define IsExemptJupe(x) ((x)->flags & FLAGS_EXEMPTJUPE) +#define SetExemptJupe(x) ((x)->flags |= FLAGS_EXEMPTJUPE) +#define IsExemptResv(x) ((x)->flags & FLAGS_EXEMPTRESV) +#define SetExemptResv(x) ((x)->flags |= FLAGS_EXEMPTRESV) +#define IsIPSpoof(x) ((x)->flags & FLAGS_IP_SPOOFING) +#define SetIPSpoof(x) ((x)->flags |= FLAGS_IP_SPOOFING) +#define IsExtendChans(x) ((x)->flags & FLAGS_EXTENDCHANS) +#define SetExtendChans(x) ((x)->flags |= FLAGS_EXTENDCHANS) /* for local users: flood grace period is over * for servers: mentioned in networknotice.c notice @@ -544,11 +581,18 @@ struct ListClient #define SHOW_IP 1 #define MASK_IP 2 +enum +{ + D_LINED, + K_LINED +}; + extern void check_banned_lines(void); -extern void check_klines_event(void *unused); extern void check_klines(void); +extern void check_one_kline(struct ConfItem *kline); extern void check_dlines(void); extern void check_xlines(void); +extern void resv_nick_fnc(const char *mask, const char *reason, int temp_time); extern const char *get_client_name(struct Client *client, int show_ip); extern const char *log_client_name(struct Client *, int); @@ -556,17 +600,17 @@ extern int is_remote_connect(struct Client *); extern void init_client(void); extern struct Client *make_client(struct Client *from); extern void free_pre_client(struct Client *client); -extern void free_client(struct Client *client); +extern void notify_banned_client(struct Client *, struct ConfItem *, int ban); extern int exit_client(struct Client *, struct Client *, struct Client *, const char *); extern void error_exit_client(struct Client *, int); - - extern void count_local_client_memory(size_t * count, size_t * memory); extern void count_remote_client_memory(size_t * count, size_t * memory); +extern int clean_nick(const char *, int loc_client); + extern struct Client *find_chasing(struct Client *, const char *, int *); extern struct Client *find_person(const char *); extern struct Client *find_named_person(const char *); @@ -577,9 +621,9 @@ extern void del_all_accepts(struct Client *client_p); extern void dead_link(struct Client *client_p, int sendqex); extern int show_ip(struct Client *source_p, struct Client *target_p); -extern int show_ip_conf(struct ConfItem *aconf, struct Client *target_p); +extern int show_ip_conf(struct ConfItem *aconf, struct Client *source_p); +extern int show_ip_whowas(struct Whowas *whowas, struct Client *source_p); -extern void initUser(void); extern void free_user(struct User *, struct Client *); extern struct User *make_user(struct Client *); extern struct Server *make_server(struct Client *); @@ -590,4 +634,8 @@ extern char *generate_uid(void); void allocate_away(struct Client *); void free_away(struct Client *); +uint32_t connid_get(struct Client *client_p); +void connid_put(uint32_t id); +void client_release_connids(struct Client *client_p); + #endif /* INCLUDED_client_h */