X-Git-Url: https://jfr.im/git/solanum.git/blobdiff_plain/9b24cbdecc72337e825764f39cdf59ca23f41788..5409fbc0f731a04066c9d6a741e0b8d8eb098d8a:/include/client.h

diff --git a/include/client.h b/include/client.h
index b9a612bf..8df9431d 100644
--- a/include/client.h
+++ b/include/client.h
@@ -1,5 +1,5 @@
 /*
- *  charybdis: A useful ircd.
+ *  Solanum: a slightly advanced ircd
  *  client.h: The ircd client header.
  *
  *  Copyright (C) 1990 Jarkko Oikarinen and University of Oulu, Co Center
@@ -36,14 +36,10 @@
 #include "ircd.h"
 #include "privilege.h"
 
-/* other structs */
-struct Blacklist;
-
 /* we store ipv6 ips for remote clients, so this needs to be v6 always */
 #define HOSTIPLEN	53	/* sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255.ipv6") */
-#define PASSWDLEN       128
-#define CIPHERKEYLEN    64	/* 512bit */
-#define CLIENT_BUFSIZE 512	/* must be at least 512 bytes */
+#define PASSWDLEN	128
+#define CIPHERKEYLEN	64	/* 512bit */
 
 #define IDLEN		10
 
@@ -63,10 +59,12 @@ struct Client;
 struct User;
 struct Server;
 struct LocalUser;
-struct AuthRequest;
 struct PreClient;
 struct ListClient;
 struct scache_entry;
+struct ws_ctl;
+
+typedef int SSL_OPEN_CB(struct Client *, int status);
 
 /*
  * Client structures
@@ -78,6 +76,9 @@ struct User
 	char *away;		/* pointer to away message */
 	int refcnt;		/* Number of times this block is referenced */
 
+	char *opername; /* name of operator{} block being used or tried (challenge) */
+	struct PrivilegeSet *privset;
+
 	char suser[NICKLEN+1];
 };
 
@@ -115,8 +116,7 @@ struct Client
 
 	time_t tsinfo;		/* TS on the nick, SVINFO on server */
 	unsigned int umodes;	/* opers, normal users subset */
-	unsigned int flags;	/* client flags */
-	unsigned int flags2;	/* ugh. overflow */
+	uint64_t flags;		/* client flags */
 
 	unsigned int snomask;	/* server notice mask */
 
@@ -126,7 +126,7 @@ struct Client
 	unsigned long serial;	/* used to enforce 1 send per nick */
 
 	/* client->name is the unique name for a client nick or host */
-	char name[HOSTLEN + 1];
+	char name[NAMELEN + 1];
 
 	/*
 	 * client->username is the username from ident or the USER message,
@@ -190,6 +190,7 @@ struct LocalUser
 	/* Send and receive linebuf queues .. */
 	buf_head_t buf_sendq;
 	buf_head_t buf_recvq;
+
 	/*
 	 * we want to use unsigned int here so the sizes have a better chance of
 	 * staying the same on 64 bit machines. The current trend is to use
@@ -199,13 +200,15 @@ struct LocalUser
 	 * performed on these, it's not safe to allow them to become negative,
 	 * which is possible for long running server connections. Unsigned values
 	 * generally overflow gracefully. --Bleep
+	 *
+	 * We have modern conveniences. Let's use uint32_t. --Elizafox
 	 */
-	unsigned int sendM;	/* Statistics: protocol messages send */
-	unsigned int sendK;	/* Statistics: total k-bytes send */
-	unsigned int receiveM;	/* Statistics: protocol messages received */
-	unsigned int receiveK;	/* Statistics: total k-bytes received */
-	unsigned short sendB;	/* counters to count upto 1-k lots of bytes */
-	unsigned short receiveB;	/* sent and received. */
+	uint32_t sendM;		/* Statistics: protocol messages send */
+	uint32_t sendK;		/* Statistics: total k-bytes send */
+	uint32_t receiveM;	/* Statistics: protocol messages received */
+	uint32_t receiveK;	/* Statistics: total k-bytes received */
+	uint16_t sendB;		/* counters to count upto 1-k lots of bytes */
+	uint16_t receiveB;	/* sent and received. */
 	struct Listener *listener;	/* listener accepted from */
 	struct ConfItem *att_conf;	/* attached conf */
 	struct server_conf *att_sconf;
@@ -222,7 +225,6 @@ struct LocalUser
 	 */
 	char *passwd;
 	char *auth_user;
-	char *opername; /* name of operator{} block being used or tried (challenge) */
 	char *challenge;
 	char *fullcaps;
 	char *cipher_string;
@@ -250,8 +252,7 @@ struct LocalUser
 	 */
 	int sent_parsed;	/* how many messages we've parsed in this second */
 	time_t last_knock;	/* time of last knock */
-	unsigned long random_ping;
-	struct AuthRequest *auth_request;
+	uint32_t random_ping;
 
 	/* target change stuff */
 	/* targets we're aware of (fnv32(use_id(target_p))):
@@ -273,16 +274,34 @@ struct LocalUser
 
 	struct _ssl_ctl *ssl_ctl;		/* which ssl daemon we're associate with */
 	struct _ssl_ctl *z_ctl;			/* second ctl for ssl+zlib */
+	struct ws_ctl *ws_ctl;			/* ctl for wsockd */
+	SSL_OPEN_CB *ssl_callback;		/* ssl connection is now open */
 	uint32_t localflags;
 	struct ZipStats *zipstats;		/* zipstats */
 	uint16_t cork_count;			/* used for corking/uncorking connections */
 	struct ev_entry *event;			/* used for associated events */
 
-	struct PrivilegeSet *privset;		/* privset... */
-
 	char sasl_agent[IDLEN];
 	unsigned char sasl_out;
 	unsigned char sasl_complete;
+
+	unsigned int sasl_messages;
+	unsigned int sasl_failures;
+	time_t sasl_next_retry;
+};
+
+#define AUTHC_F_DEFERRED 0x01
+#define AUTHC_F_COMPLETE 0x02
+
+struct AuthClient
+{
+	uint32_t cid;	/* authd id */
+	time_t timeout;	/* When to terminate authd query */
+	bool accepted;	/* did authd accept us? */
+	char cause;	/* rejection cause */
+	char *data;	/* reason data */
+	char *reason;	/* reason we were rejected */
+	int flags;
 };
 
 struct PreClient
@@ -291,10 +310,11 @@ struct PreClient
 	char spoofuser[USERLEN + 1];
 	char spoofhost[HOSTLEN + 1];
 
-	rb_dlink_list dnsbl_queries; /* list of struct BlacklistClient * */
-	struct Blacklist *dnsbl_listed; /* first dnsbl where it's listed */
+	struct AuthClient auth;
 
 	struct rb_sockaddr_storage lip; /* address of our side of the connection */
+
+	char id[IDLEN]; /* UID/SID, unique on the network (unverified) */
 };
 
 struct ListClient
@@ -351,7 +371,7 @@ struct ListClient
 				 (x)->handler = SERVER_HANDLER; }
 
 #define SetClient(x)            {(x)->status = STAT_CLIENT; \
-				 (x)->handler = IsOper((x)) ? \
+				 (x)->handler = IsOperGeneral((x)) ? \
 					OPER_HANDLER : CLIENT_HANDLER; }
 #define SetRemoteClient(x)	{(x)->status = STAT_CLIENT; \
 				 (x)->handler = RCLIENT_HANDLER; }
@@ -381,31 +401,44 @@ struct ListClient
 
 /* housekeeping flags */
 
-#define FLAGS_PINGSENT     0x0001	/* Unreplied ping sent */
-#define FLAGS_DEAD	   0x0002	/* Local socket is dead--Exiting soon */
-#define FLAGS_KILLED       0x0004	/* Prevents "QUIT" from being sent for this */
-#define FLAGS_SENTUSER     0x0008	/* Client sent a USER command. */
-#define FLAGS_CLICAP       0x0010	/* In CAP negotiation, wait for CAP END */
-#define FLAGS_CLOSING      0x0020	/* set when closing to suppress errors */
-#define FLAGS_PING_COOKIE  0x0040	/* has sent ping cookie */
-#define FLAGS_GOTID        0x0080	/* successful ident lookup achieved */
-#define FLAGS_FLOODDONE    0x0100	/* flood grace period over / reported */
-#define FLAGS_NORMALEX     0x0400	/* Client exited normally */
-#define FLAGS_MARK	   0x10000	/* marked client */
-#define FLAGS_HIDDEN       0x20000	/* hidden server */
-#define FLAGS_EOB          0x40000	/* EOB */
-#define FLAGS_MYCONNECT	   0x80000	/* MyConnect */
-#define FLAGS_IOERROR      0x100000	/* IO error */
-#define FLAGS_SERVICE	   0x200000	/* network service */
-#define FLAGS_TGCHANGE     0x400000	/* we're allowed to clear something */
-#define FLAGS_DYNSPOOF     0x800000	/* dynamic spoof, only opers see ip */
-#define FLAGS_TGEXCESSIVE  0x1000000	/* whether the client has attemped to change targets excessively fast */
-#define FLAGS_CLICAP_DATA  0x2000000	/* requested CAP LS 302 */
+#define FLAGS_PINGSENT		0x00000001	/* Unreplied ping sent */
+#define FLAGS_DEAD		0x00000002	/* Local socket is dead--Exiting soon */
+#define FLAGS_KILLED		0x00000004	/* Prevents "QUIT" from being sent for this */
+#define FLAGS_SENTUSER		0x00000008	/* Client sent a USER command. */
+#define FLAGS_CLICAP		0x00000010	/* In CAP negotiation, wait for CAP END */
+#define FLAGS_CLOSING		0x00000020	/* set when closing to suppress errors */
+#define FLAGS_PING_COOKIE	0x00000040	/* has sent ping cookie */
+#define FLAGS_GOTID		0x00000080	/* successful ident lookup achieved */
+#define FLAGS_FLOODDONE		0x00000100	/* flood grace period over / reported */
+#define FLAGS_NORMALEX		0x00000200	/* Client exited normally */
+#define FLAGS_MARK		0x00000400	/* marked client */
+#define FLAGS_HIDDEN		0x00000800	/* hidden server */
+#define FLAGS_EOB		0x00001000	/* EOB */
+#define FLAGS_MYCONNECT		0x00002000	/* MyConnect */
+#define FLAGS_IOERROR		0x00004000	/* IO error */
+#define FLAGS_SERVICE		0x00008000	/* network service */
+#define FLAGS_TGCHANGE		0x00010000	/* we're allowed to clear something */
+#define FLAGS_DYNSPOOF		0x00020000	/* dynamic spoof, only opers see ip */
+#define FLAGS_TGEXCESSIVE	0x00040000	/* whether the client has attemped to change targets excessively fast */
+#define FLAGS_CLICAP_DATA	0x00080000	/* requested CAP LS 302 */
+#define FLAGS_EXTENDCHANS	0x00100000
+#define FLAGS_EXEMPTRESV	0x00200000
+#define FLAGS_EXEMPTKLINE	0x00400000
+#define FLAGS_EXEMPTFLOOD	0x00800000
+#define FLAGS_IP_SPOOFING	0x01000000
+#define FLAGS_EXEMPTSPAMBOT	0x02000000
+#define FLAGS_EXEMPTSHIDE	0x04000000
+#define FLAGS_EXEMPTJUPE	0x08000000
+#define FLAGS_IDENTIFIED	0x10000000	/* owns their current nick */
+
 
 /* flags for local clients, this needs stuff moved from above to here at some point */
 #define LFLAGS_SSL		0x00000001
 #define LFLAGS_FLUSH		0x00000002
 #define LFLAGS_CORK		0x00000004
+#define LFLAGS_SCTP		0x00000008
+#define LFLAGS_SECURE		0x00000010	/* for marking SSL clients as secure before registration */
+#define LFLAGS_FAKE		0x00000020
 
 /* umodes, settable flags */
 /* lots of this moved to snomask -- jilles */
@@ -413,28 +446,15 @@ struct ListClient
 #define UMODE_WALLOP       0x0002	/* send wallops to them */
 #define UMODE_OPERWALL     0x0004	/* Operwalls */
 #define UMODE_INVISIBLE    0x0008	/* makes user invisible */
-#define UMODE_CALLERID     0x0010	/* block unless caller id's */
 #define UMODE_LOCOPS       0x0020	/* show locops */
 #define UMODE_SERVICE      0x0040
 #define UMODE_DEAF	   0x0080
 #define UMODE_NOFORWARD    0x0100	/* don't forward */
-#define UMODE_REGONLYMSG   0x0200	/* only allow logged in users to msg */
 
 /* user information flags, only settable by remote mode or local oper */
 #define UMODE_OPER         0x1000	/* Operator */
 #define UMODE_ADMIN        0x2000	/* Admin on server */
-#define UMODE_SSLCLIENT    0x4000	/* using SSL */
-
-/* overflow flags */
-/* EARLIER FLAGS ARE IN s_newconf.h */
-#define FLAGS2_EXTENDCHANS	0x00200000
-#define FLAGS2_EXEMPTRESV	0x00400000
-#define FLAGS2_EXEMPTKLINE      0x00800000
-#define FLAGS2_EXEMPTFLOOD      0x01000000
-#define FLAGS2_IP_SPOOFING      0x10000000
-#define FLAGS2_EXEMPTSPAMBOT	0x20000000
-#define FLAGS2_EXEMPTSHIDE	0x40000000
-#define FLAGS2_EXEMPTJUPE	0x80000000
+#define UMODE_SECURE       0x4000	/* has a secure connection */
 
 #define DEFAULT_OPER_UMODES (UMODE_SERVNOTICE | UMODE_OPERWALL | \
                              UMODE_WALLOP | UMODE_LOCOPS)
@@ -476,6 +496,9 @@ struct ListClient
 #define IsTGExcessive(x)	((x)->flags & FLAGS_TGEXCESSIVE)
 #define SetTGExcessive(x)	((x)->flags |= FLAGS_TGEXCESSIVE)
 #define ClearTGExcessive(x)	((x)->flags &= ~FLAGS_TGEXCESSIVE)
+#define IsIdentified(x)		((x)->flags & FLAGS_IDENTIFIED)
+#define SetIdentified(x)	((x)->flags |= FLAGS_IDENTIFIED)
+#define ClearIdentified(x)	((x)->flags &= ~FLAGS_IDENTIFIED)
 
 /* local flags */
 
@@ -487,55 +510,52 @@ struct ListClient
 #define SetFlush(x)		((x)->localClient->localflags |= LFLAGS_FLUSH)
 #define ClearFlush(x)		((x)->localClient->localflags &= ~LFLAGS_FLUSH)
 
+#define IsSCTP(x)		((x)->localClient->localflags & LFLAGS_SCTP)
+#define SetSCTP(x)		((x)->localClient->localflags |= LFLAGS_SCTP)
+#define ClearSCTP(x)		((x)->localClient->localflags &= ~LFLAGS_SCTP)
+
+#define IsSecure(x)		((x)->localClient->localflags & LFLAGS_SECURE)
+#define SetSecure(x)		((x)->localClient->localflags |= LFLAGS_SECURE)
+#define ClearSecure(x)		((x)->localClient->localflags &= ~LFLAGS_SECURE)
+
 /* oper flags */
 #define MyOper(x)               (MyConnect(x) && IsOper(x))
 
-#define SetOper(x)              {(x)->umodes |= UMODE_OPER; \
-				 if (MyClient((x))) (x)->handler = OPER_HANDLER;}
-
-#define ClearOper(x)            {(x)->umodes &= ~(UMODE_OPER|UMODE_ADMIN); \
-				 if (MyClient((x)) && !IsOper((x)) && !IsServer((x))) \
-				  (x)->handler = CLIENT_HANDLER; }
+#define SetOper(x)              ((x)->umodes |= UMODE_OPER)
+#define ClearOper(x)            ((x)->umodes &= ~(UMODE_OPER|UMODE_ADMIN))
 
 /* umode flags */
 #define IsInvisible(x)          ((x)->umodes & UMODE_INVISIBLE)
 #define SetInvisible(x)         ((x)->umodes |= UMODE_INVISIBLE)
 #define ClearInvisible(x)       ((x)->umodes &= ~UMODE_INVISIBLE)
-#define IsSSLClient(x)		((x)->umodes & UMODE_SSLCLIENT)
-#define SetSSLClient(x)		((x)->umodes |= UMODE_SSLCLIENT)
-#define ClearSSLClient(x)	((x)->umodes &= ~UMODE_SSLCLIENT)
+#define IsSecureClient(x)       ((x)->umodes & UMODE_SECURE)
 #define SendWallops(x)          ((x)->umodes & UMODE_WALLOP)
 #define SendLocops(x)           ((x)->umodes & UMODE_LOCOPS)
 #define SendServNotice(x)       ((x)->umodes & UMODE_SERVNOTICE)
 #define SendOperwall(x)         ((x)->umodes & UMODE_OPERWALL)
-#define IsSetCallerId(x)	((x)->umodes & UMODE_CALLERID)
-#define IsService(x)		((x)->umodes & UMODE_SERVICE)
-#define IsDeaf(x)		((x)->umodes & UMODE_DEAF)
-#define IsNoForward(x)		((x)->umodes & UMODE_NOFORWARD)
-#define IsSetRegOnlyMsg(x)	((x)->umodes & UMODE_REGONLYMSG)
+#define IsService(x)            ((x)->umodes & UMODE_SERVICE)
+#define IsDeaf(x)               ((x)->umodes & UMODE_DEAF)
+#define IsNoForward(x)          ((x)->umodes & UMODE_NOFORWARD)
 
 #define SetGotId(x)             ((x)->flags |= FLAGS_GOTID)
 #define IsGotId(x)              (((x)->flags & FLAGS_GOTID) != 0)
 
-/*
- * flags2 macros.
- */
-#define IsExemptKline(x)        ((x)->flags2 & FLAGS2_EXEMPTKLINE)
-#define SetExemptKline(x)       ((x)->flags2 |= FLAGS2_EXEMPTKLINE)
-#define IsExemptFlood(x)        ((x)->flags2 & FLAGS2_EXEMPTFLOOD)
-#define SetExemptFlood(x)       ((x)->flags2 |= FLAGS2_EXEMPTFLOOD)
-#define IsExemptSpambot(x)	((x)->flags2 & FLAGS2_EXEMPTSPAMBOT)
-#define SetExemptSpambot(x)	((x)->flags2 |= FLAGS2_EXEMPTSPAMBOT)
-#define IsExemptShide(x)	((x)->flags2 & FLAGS2_EXEMPTSHIDE)
-#define SetExemptShide(x)	((x)->flags2 |= FLAGS2_EXEMPTSHIDE)
-#define IsExemptJupe(x)		((x)->flags2 & FLAGS2_EXEMPTJUPE)
-#define SetExemptJupe(x)	((x)->flags2 |= FLAGS2_EXEMPTJUPE)
-#define IsExemptResv(x)		((x)->flags2 & FLAGS2_EXEMPTRESV)
-#define SetExemptResv(x)	((x)->flags2 |= FLAGS2_EXEMPTRESV)
-#define IsIPSpoof(x)            ((x)->flags2 & FLAGS2_IP_SPOOFING)
-#define SetIPSpoof(x)           ((x)->flags2 |= FLAGS2_IP_SPOOFING)
-#define IsExtendChans(x)	((x)->flags2 & FLAGS2_EXTENDCHANS)
-#define SetExtendChans(x)	((x)->flags2 |= FLAGS2_EXTENDCHANS)
+#define IsExemptKline(x)        ((x)->flags & FLAGS_EXEMPTKLINE)
+#define SetExemptKline(x)       ((x)->flags |= FLAGS_EXEMPTKLINE)
+#define IsExemptFlood(x)        ((x)->flags & FLAGS_EXEMPTFLOOD)
+#define SetExemptFlood(x)       ((x)->flags |= FLAGS_EXEMPTFLOOD)
+#define IsExemptSpambot(x)	((x)->flags & FLAGS_EXEMPTSPAMBOT)
+#define SetExemptSpambot(x)	((x)->flags |= FLAGS_EXEMPTSPAMBOT)
+#define IsExemptShide(x)	((x)->flags & FLAGS_EXEMPTSHIDE)
+#define SetExemptShide(x)	((x)->flags |= FLAGS_EXEMPTSHIDE)
+#define IsExemptJupe(x)		((x)->flags & FLAGS_EXEMPTJUPE)
+#define SetExemptJupe(x)	((x)->flags |= FLAGS_EXEMPTJUPE)
+#define IsExemptResv(x)		((x)->flags & FLAGS_EXEMPTRESV)
+#define SetExemptResv(x)	((x)->flags |= FLAGS_EXEMPTRESV)
+#define IsIPSpoof(x)            ((x)->flags & FLAGS_IP_SPOOFING)
+#define SetIPSpoof(x)           ((x)->flags |= FLAGS_IP_SPOOFING)
+#define IsExtendChans(x)	((x)->flags & FLAGS_EXTENDCHANS)
+#define SetExtendChans(x)	((x)->flags |= FLAGS_EXTENDCHANS)
 
 /* for local users: flood grace period is over
  * for servers: mentioned in networknotice.c notice
@@ -555,9 +575,15 @@ struct ListClient
 #define SHOW_IP 1
 #define MASK_IP 2
 
+enum
+{
+	D_LINED,
+	K_LINED
+};
+
 extern void check_banned_lines(void);
-extern void check_klines_event(void *unused);
 extern void check_klines(void);
+extern void check_one_kline(struct ConfItem *kline);
 extern void check_dlines(void);
 extern void check_xlines(void);
 extern void resv_nick_fnc(const char *mask, const char *reason, int temp_time);
@@ -568,14 +594,12 @@ extern int is_remote_connect(struct Client *);
 extern void init_client(void);
 extern struct Client *make_client(struct Client *from);
 extern void free_pre_client(struct Client *client);
-extern void free_client(struct Client *client);
 
+extern void notify_banned_client(struct Client *, struct ConfItem *, int ban);
 extern int exit_client(struct Client *, struct Client *, struct Client *, const char *);
 
 extern void error_exit_client(struct Client *, int);
 
-
-
 extern void count_local_client_memory(size_t * count, size_t * memory);
 extern void count_remote_client_memory(size_t * count, size_t * memory);
 
@@ -594,7 +618,6 @@ extern int show_ip(struct Client *source_p, struct Client *target_p);
 extern int show_ip_conf(struct ConfItem *aconf, struct Client *source_p);
 extern int show_ip_whowas(struct Whowas *whowas, struct Client *source_p);
 
-extern void initUser(void);
 extern void free_user(struct User *, struct Client *);
 extern struct User *make_user(struct Client *);
 extern struct Server *make_server(struct Client *);