X-Git-Url: https://jfr.im/git/solanum.git/blobdiff_plain/bd44fc7b09b4c7c50010e3e6e5de690e3b1f1920..d513218a9e3feb262b7966fbca2a0ff9da5f6aa8:/src/newconf.c diff --git a/src/newconf.c b/src/newconf.c index 1769d35d..717cfcf4 100644 --- a/src/newconf.c +++ b/src/newconf.c @@ -29,11 +29,14 @@ #include "blacklist.h" #include "sslproc.h" #include "privilege.h" +#include "chmode.h" #define CF_TYPE(x) ((x) & CF_MTYPE) +static int yy_defer_accept = 1; + struct TopConf *conf_cur_block; -static char *conf_cur_block_name; +static char *conf_cur_block_name = NULL; static rb_dlink_list conf_items; @@ -54,12 +57,16 @@ static struct alias_entry *yy_alias = NULL; static char *yy_blacklist_host = NULL; static char *yy_blacklist_reason = NULL; +static int yy_blacklist_ipv4 = 1; +static int yy_blacklist_ipv6 = 0; +static rb_dlink_list yy_blacklist_filters; + static char *yy_privset_extends = NULL; static const char * conf_strtype(int type) { - switch (type & CF_MTYPE) + switch (CF_TYPE(type)) { case CF_INT: return "integer value"; @@ -77,7 +84,7 @@ conf_strtype(int type) } int -add_top_conf(const char *name, int (*sfunc) (struct TopConf *), +add_top_conf(const char *name, int (*sfunc) (struct TopConf *), int (*efunc) (struct TopConf *), struct ConfEntry *items) { struct TopConf *tc; @@ -257,6 +264,25 @@ conf_set_serverinfo_vhost6(void *data) #endif } +static void +conf_set_serverinfo_nicklen(void *data) +{ + ConfigFileEntry.nicklen = (*(unsigned int *) data) + 1; + + if (ConfigFileEntry.nicklen > NICKLEN) + { + conf_report_error("Warning -- ignoring serverinfo::nicklen -- provided nicklen (%u) is greater than allowed nicklen (%u)", + ConfigFileEntry.nicklen - 1, NICKLEN - 1); + ConfigFileEntry.nicklen = NICKLEN; + } + else if (ConfigFileEntry.nicklen < 9 + 1) + { + conf_report_error("Warning -- serverinfo::nicklen is too low (%u) -- forcing 9", + ConfigFileEntry.nicklen - 1); + ConfigFileEntry.nicklen = 9 + 1; + } +} + static void conf_set_modules_module(void *data) { @@ -265,10 +291,8 @@ conf_set_modules_module(void *data) m_bn = rb_basename((char *) data); - if(findmodule_byname(m_bn) != -1) - return; - - load_one_module((char *) data, 0); + if(findmodule_byname(m_bn) == -1) + load_one_module((char *) data, 0); rb_free(m_bn); #else @@ -401,7 +425,7 @@ set_modes_from_table(int *modes, const char *whatis, struct mode_table *tab, con int dir = 1; int mode; - if((args->type & CF_MTYPE) != CF_STRING) + if(CF_TYPE(args->type) != CF_STRING) { conf_report_error("Warning -- %s is not a string; ignoring.", whatis); continue; @@ -580,7 +604,7 @@ conf_end_oper(struct TopConf *tc) yy_tmpoper->name); return 0; } - + yy_tmpoper->rsa_pubkey = (RSA *) PEM_read_bio_RSA_PUBKEY(file, NULL, 0, NULL); @@ -595,6 +619,9 @@ conf_end_oper(struct TopConf *tc) return 0; } } + + if(!EmptyString(yy_oper->certfp)) + yy_tmpoper->certfp = rb_strdup(yy_oper->certfp); #endif /* all is ok, put it on oper_conf_list */ @@ -618,6 +645,8 @@ conf_set_oper_flags(void *data) static void conf_set_oper_fingerprint(void *data) { + if (yy_oper->certfp) + rb_free(yy_oper->certfp); yy_oper->certfp = rb_strdup((char *) data); } @@ -817,7 +846,11 @@ conf_end_listen(struct TopConf *tc) return 0; } - +static void +conf_set_listen_defer_accept(void *data) +{ + yy_defer_accept = *(unsigned int *) data; +} static void conf_set_listen_port_both(void *data, int ssl) @@ -825,7 +858,7 @@ conf_set_listen_port_both(void *data, int ssl) conf_parm_t *args = data; for (; args; args = args->next) { - if((args->type & CF_MTYPE) != CF_INT) + if(CF_TYPE(args->type) != CF_INT) { conf_report_error ("listener::port argument is not an integer " "-- ignoring."); @@ -833,9 +866,9 @@ conf_set_listen_port_both(void *data, int ssl) } if(listener_address == NULL) { - add_listener(args->v.number, listener_address, AF_INET, ssl); + add_listener(args->v.number, listener_address, AF_INET, ssl, ssl || yy_defer_accept); #ifdef RB_IPV6 - add_listener(args->v.number, listener_address, AF_INET6, ssl); + add_listener(args->v.number, listener_address, AF_INET6, ssl, ssl || yy_defer_accept); #endif } else @@ -844,12 +877,12 @@ conf_set_listen_port_both(void *data, int ssl) #ifdef RB_IPV6 if(strchr(listener_address, ':') != NULL) family = AF_INET6; - else + else #endif family = AF_INET; - - add_listener(args->v.number, listener_address, family, ssl); - + + add_listener(args->v.number, listener_address, family, ssl, ssl || yy_defer_accept); + } } @@ -935,7 +968,7 @@ conf_end_auth(struct TopConf *tc) if(yy_aconf->spasswd) yy_tmp->spasswd = rb_strdup(yy_aconf->spasswd); - + /* this will always exist.. */ yy_tmp->info.name = rb_strdup(yy_aconf->info.name); @@ -950,9 +983,11 @@ conf_end_auth(struct TopConf *tc) conf_add_class_to_conf(yy_tmp); - if (find_exact_conf_by_address("*", CONF_CLIENT, "*")) + if ((found_conf = find_exact_conf_by_address("*", CONF_CLIENT, "*")) && found_conf->spasswd == NULL) conf_report_error("Ignoring redundant auth block (after *@*)"); - else if (find_exact_conf_by_address(yy_tmp->host, CONF_CLIENT, yy_tmp->user)) + else if ((found_conf = find_exact_conf_by_address(yy_tmp->host, CONF_CLIENT, yy_tmp->user)) && + (!found_conf->spasswd || (yy_tmp->spasswd && + 0 == irccmp(found_conf->spasswd, yy_tmp->spasswd)))) conf_report_error("Ignoring duplicate auth block for %s@%s", yy_tmp->user, yy_tmp->host); else @@ -1145,7 +1180,7 @@ conf_set_shared_oper(void *data) if(args->next != NULL) { - if((args->type & CF_MTYPE) != CF_QSTRING) + if(CF_TYPE(args->type) != CF_QSTRING) { conf_report_error("Ignoring shared::oper -- server is not a qstring"); return; @@ -1157,7 +1192,7 @@ conf_set_shared_oper(void *data) else yy_shared->server = rb_strdup("*"); - if((args->type & CF_MTYPE) != CF_QSTRING) + if(CF_TYPE(args->type) != CF_QSTRING) { conf_report_error("Ignoring shared::oper -- oper is not a qstring"); return; @@ -1242,9 +1277,9 @@ conf_end_connect(struct TopConf *tc) return 0; } - if(EmptyString(yy_server->passwd) || EmptyString(yy_server->spasswd)) + if((EmptyString(yy_server->passwd) || EmptyString(yy_server->spasswd)) && EmptyString(yy_server->certfp)) { - conf_report_error("Ignoring connect block for %s -- missing password.", + conf_report_error("Ignoring connect block for %s -- no fingerprint or password credentials provided.", yy_server->name); return 0; } @@ -1316,6 +1351,17 @@ conf_set_connect_accept_password(void *data) yy_server->passwd = rb_strdup(data); } +static void +conf_set_connect_fingerprint(void *data) +{ + if (yy_server->certfp) + rb_free(yy_server->certfp); + yy_server->certfp = rb_strdup((char *) data); + + /* force SSL to be enabled if fingerprint is enabled. */ + yy_server->flags |= SERVER_SSL; +} + static void conf_set_connect_port(void *data) { @@ -1574,6 +1620,7 @@ conf_set_general_default_umodes(void *data) /* don't allow +o */ case 'o': case 'S': + case 'Z': case ' ': break; @@ -1589,7 +1636,7 @@ conf_set_general_default_umodes(void *data) } break; } - } + } } static void @@ -1598,6 +1645,24 @@ conf_set_general_oper_umodes(void *data) set_modes_from_table(&ConfigFileEntry.oper_umodes, "umode", umode_table, data); } +static void +conf_set_general_certfp_method(void *data) +{ + char *method = data; + + if (!strcasecmp(method, "sha1")) + ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SHA1; + else if (!strcasecmp(method, "sha256")) + ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SHA256; + else if (!strcasecmp(method, "sha512")) + ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SHA512; + else + { + ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SHA1; + conf_report_error("Ignoring general::certfp_method -- bogus certfp method %s", method); + } +} + static void conf_set_general_oper_only_umodes(void *data) { @@ -1643,26 +1708,9 @@ conf_set_serverhide_links_delay(void *data) ConfigServerHide.links_delay = val; } -static int -conf_begin_service(struct TopConf *tc) -{ - struct Client *target_p; - rb_dlink_node *ptr; - - RB_DLINK_FOREACH(ptr, global_serv_list.head) - { - target_p = ptr->data; - - target_p->flags &= ~FLAGS_SERVICE; - } - - return 0; -} - static void conf_set_service_name(void *data) { - struct Client *target_p; const char *s; char *tmp; int dots = 0; @@ -1687,9 +1735,6 @@ conf_set_service_name(void *data) tmp = rb_strdup(data); rb_dlinkAddAlloc(tmp, &service_list); - - if((target_p = find_server(NULL, tmp))) - target_p->flags |= FLAGS_SERVICE; } static int @@ -1753,25 +1798,224 @@ conf_set_alias_target(void *data) yy_alias->target = rb_strdup(data); } +static void +conf_set_channel_autochanmodes(void *data) +{ + char *pm; + int what = MODE_ADD; + + ConfigChannel.autochanmodes = 0; + for (pm = (char *) data; *pm; pm++) + { + switch (*pm) + { + case '+': + what = MODE_ADD; + break; + case '-': + what = MODE_DEL; + break; + + default: + if (chmode_table[(unsigned char) *pm].set_func == chm_simple) + { + if (what == MODE_ADD) + ConfigChannel.autochanmodes |= chmode_table[(unsigned char) *pm].mode_type; + else + ConfigChannel.autochanmodes &= ~chmode_table[(unsigned char) *pm].mode_type; + } + else + { + conf_report_error("channel::autochanmodes -- Invalid channel mode %c", *pm); + continue; + } + break; + } + } +} + +/* XXX for below */ +static void conf_set_blacklist_reason(void *data); + static void conf_set_blacklist_host(void *data) { + if (yy_blacklist_host) + { + conf_report_error("blacklist::host %s overlaps existing host %s", + (char *)data, yy_blacklist_host); + + /* Cleanup */ + conf_set_blacklist_reason(NULL); + return; + } + + yy_blacklist_ipv4 = 1; + yy_blacklist_ipv6 = 0; yy_blacklist_host = rb_strdup(data); } +static void +conf_set_blacklist_type(void *data) +{ + conf_parm_t *args = data; + + /* Don't assume we have either if we got here */ + yy_blacklist_ipv4 = 0; + yy_blacklist_ipv6 = 0; + + for (; args; args = args->next) + { + if (!strcasecmp(args->v.string, "ipv4")) + yy_blacklist_ipv4 = 1; + else if (!strcasecmp(args->v.string, "ipv6")) + yy_blacklist_ipv6 = 1; + else + conf_report_error("blacklist::type has unknown address family %s", + args->v.string); + } + + /* If we have neither, just default to IPv4 */ + if (!yy_blacklist_ipv4 && !yy_blacklist_ipv6) + { + conf_report_error("blacklist::type has neither IPv4 nor IPv6 (defaulting to IPv4)"); + yy_blacklist_ipv4 = 1; + } +} + +static void +conf_set_blacklist_matches(void *data) +{ + conf_parm_t *args = data; + + for (; args; args = args->next) + { + struct BlacklistFilter *filter; + char *str = args->v.string; + char *p; + int type = BLACKLIST_FILTER_LAST; + + if (CF_TYPE(args->type) != CF_QSTRING) + { + conf_report_error("blacklist::matches -- must be quoted string"); + continue; + } + + if (str == NULL) + { + conf_report_error("blacklist::matches -- invalid entry"); + continue; + } + + if (strlen(str) > HOSTIPLEN) + { + conf_report_error("blacklist::matches has an entry too long: %s", + str); + continue; + } + + for (p = str; *p != '\0'; p++) + { + /* Check for validity */ + if (*p == '.') + type = BLACKLIST_FILTER_ALL; + else if (!isalnum((unsigned char)*p)) + { + conf_report_error("blacklist::matches has invalid IP match entry %s", + str); + type = 0; + break; + } + } + + if (type == BLACKLIST_FILTER_ALL) + { + /* Basic IP sanity check */ + struct rb_sockaddr_storage tmp; + if (rb_inet_pton(AF_INET, str, &tmp) <= 0) + { + conf_report_error("blacklist::matches has invalid IP match entry %s", + str); + continue; + } + } + else if (type == BLACKLIST_FILTER_LAST) + { + /* Verify it's the correct length */ + if (strlen(str) > 3) + { + conf_report_error("blacklist::matches has invalid octet match entry %s", + str); + continue; + } + } + else + { + continue; /* Invalid entry */ + } + + filter = rb_malloc(sizeof(struct BlacklistFilter)); + filter->type = type; + rb_strlcpy(filter->filterstr, str, sizeof(filter->filterstr)); + + rb_dlinkAdd(filter, &filter->node, &yy_blacklist_filters); + } +} + static void conf_set_blacklist_reason(void *data) { - yy_blacklist_reason = rb_strdup(data); + rb_dlink_node *ptr, *nptr; - if (yy_blacklist_host && yy_blacklist_reason) + if (yy_blacklist_host && data) { - new_blacklist(yy_blacklist_host, yy_blacklist_reason); - rb_free(yy_blacklist_host); - rb_free(yy_blacklist_reason); - yy_blacklist_host = NULL; - yy_blacklist_reason = NULL; + yy_blacklist_reason = rb_strdup(data); + if (yy_blacklist_ipv6) + { + /* Make sure things fit (64 = alnum count + dots) */ + if ((64 + strlen(yy_blacklist_host)) > IRCD_RES_HOSTLEN) + { + conf_report_error("blacklist::host %s results in IPv6 queries that are too long", + yy_blacklist_host); + goto cleanup_bl; + } + } + /* Avoid doing redundant check, IPv6 is bigger than IPv4 --Elizabeth */ + if (yy_blacklist_ipv4 && !yy_blacklist_ipv6) + { + /* Make sure things fit (16 = number of nums + dots) */ + if ((16 + strlen(yy_blacklist_host)) > IRCD_RES_HOSTLEN) + { + conf_report_error("blacklist::host %s results in IPv4 queries that are too long", + yy_blacklist_host); + goto cleanup_bl; + } + } + + new_blacklist(yy_blacklist_host, yy_blacklist_reason, yy_blacklist_ipv4, yy_blacklist_ipv6, + &yy_blacklist_filters); } + +cleanup_bl: + if (data == NULL) + { + RB_DLINK_FOREACH_SAFE(ptr, nptr, yy_blacklist_filters.head) + { + rb_dlinkDelete(ptr, &yy_blacklist_filters); + rb_free(ptr); + } + } + else + { + yy_blacklist_filters = (rb_dlink_list){ NULL, NULL, 0 }; + } + + rb_free(yy_blacklist_host); + rb_free(yy_blacklist_reason); + yy_blacklist_host = NULL; + yy_blacklist_reason = NULL; + yy_blacklist_ipv4 = 1; + yy_blacklist_ipv6 = 0; } /* public functions */ @@ -1821,11 +2065,13 @@ conf_start_block(char *block, char *name) int conf_end_block(struct TopConf *tc) { + int ret = 0; if(tc->tc_efunc) - return tc->tc_efunc(tc); + ret = tc->tc_efunc(tc); rb_free(conf_cur_block_name); - return 0; + conf_cur_block_name = NULL; + return ret; } static void @@ -1848,7 +2094,7 @@ conf_set_generic_string(void *data, int len, void *location) } int -conf_call_set(struct TopConf *tc, char *item, conf_parm_t * value, int type) +conf_call_set(struct TopConf *tc, char *item, conf_parm_t * value) { struct ConfEntry *cf; conf_parm_t *cp; @@ -1865,7 +2111,7 @@ conf_call_set(struct TopConf *tc, char *item, conf_parm_t * value, int type) /* if it takes one thing, make sure they only passed one thing, and handle as needed. */ - if(value->type & CF_FLIST && !cf->cf_type & CF_FLIST) + if((value->v.list->type & CF_FLIST) && !(cf->cf_type & CF_FLIST)) { conf_report_error ("Option %s::%s does not take a list of values.", tc->tc_name, item); @@ -1877,7 +2123,7 @@ conf_call_set(struct TopConf *tc, char *item, conf_parm_t * value, int type) if(CF_TYPE(value->v.list->type) != CF_TYPE(cf->cf_type)) { - /* if it expects a string value, but we got a yesno, + /* if it expects a string value, but we got a yesno, * convert it back */ if((CF_TYPE(value->v.list->type) == CF_YESNO) && @@ -1953,7 +2199,7 @@ add_conf_item(const char *topconf, const char *name, int type, void (*func) (voi if((tc = find_top_conf(topconf)) == NULL) return -1; - if((cf = find_conf_item(tc, name)) != NULL) + if(find_conf_item(tc, name) != NULL) return -1; cf = rb_malloc(sizeof(struct ConfEntry)); @@ -1994,7 +2240,6 @@ remove_conf_item(const char *topconf, const char *name) static struct ConfEntry conf_serverinfo_table[] = { { "description", CF_QSTRING, NULL, 0, &ServerInfo.description }, - { "network_desc", CF_QSTRING, NULL, 0, &ServerInfo.network_desc }, { "hub", CF_YESNO, NULL, 0, &ServerInfo.hub }, { "network_name", CF_QSTRING, conf_set_serverinfo_network_name, 0, NULL }, @@ -2005,12 +2250,15 @@ static struct ConfEntry conf_serverinfo_table[] = { "ssl_private_key", CF_QSTRING, NULL, 0, &ServerInfo.ssl_private_key }, { "ssl_ca_cert", CF_QSTRING, NULL, 0, &ServerInfo.ssl_ca_cert }, - { "ssl_cert", CF_QSTRING, NULL, 0, &ServerInfo.ssl_cert }, + { "ssl_cert", CF_QSTRING, NULL, 0, &ServerInfo.ssl_cert }, { "ssl_dh_params", CF_QSTRING, NULL, 0, &ServerInfo.ssl_dh_params }, + { "ssl_cipher_list", CF_QSTRING, NULL, 0, &ServerInfo.ssl_cipher_list }, { "ssld_count", CF_INT, NULL, 0, &ServerInfo.ssld_count }, { "default_max_clients",CF_INT, NULL, 0, &ServerInfo.default_max_clients }, + { "nicklen", CF_INT, conf_set_serverinfo_nicklen, 0, NULL }, + { "\0", 0, NULL, 0, NULL } }; @@ -2024,15 +2272,15 @@ static struct ConfEntry conf_admin_table[] = static struct ConfEntry conf_log_table[] = { - { "fname_userlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_userlog }, - { "fname_fuserlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_fuserlog }, - { "fname_operlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_operlog }, - { "fname_foperlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_foperlog }, - { "fname_serverlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_serverlog }, - { "fname_killlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_killlog }, - { "fname_klinelog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_klinelog }, - { "fname_operspylog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_operspylog }, - { "fname_ioerrorlog", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.fname_ioerrorlog }, + { "fname_userlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_userlog }, + { "fname_fuserlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_fuserlog }, + { "fname_operlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_operlog }, + { "fname_foperlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_foperlog }, + { "fname_serverlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_serverlog }, + { "fname_killlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_killlog }, + { "fname_klinelog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_klinelog }, + { "fname_operspylog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_operspylog }, + { "fname_ioerrorlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_ioerrorlog }, { "\0", 0, NULL, 0, NULL } }; @@ -2090,6 +2338,7 @@ static struct ConfEntry conf_connect_table[] = { { "send_password", CF_QSTRING, conf_set_connect_send_password, 0, NULL }, { "accept_password", CF_QSTRING, conf_set_connect_accept_password, 0, NULL }, + { "fingerprint", CF_QSTRING, conf_set_connect_fingerprint, 0, NULL }, { "flags", CF_STRING | CF_FLIST, conf_set_connect_flags, 0, NULL }, { "host", CF_QSTRING, conf_set_connect_host, 0, NULL }, { "vhost", CF_QSTRING, conf_set_connect_vhost, 0, NULL }, @@ -2117,10 +2366,10 @@ static struct ConfEntry conf_general_table[] = { "default_operstring", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.default_operstring }, { "default_adminstring",CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.default_adminstring }, { "servicestring", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.servicestring }, - { "egdpool_path", CF_QSTRING, NULL, MAXPATHLEN, &ConfigFileEntry.egdpool_path }, { "kline_reason", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.kline_reason }, { "identify_service", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.identifyservice }, { "identify_command", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.identifycommand }, + { "sasl_service", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.sasl_service }, { "anti_spam_exit_message_time", CF_TIME, NULL, 0, &ConfigFileEntry.anti_spam_exit_message_time }, { "disable_fake_channels", CF_YESNO, NULL, 0, &ConfigFileEntry.disable_fake_channels }, @@ -2132,8 +2381,8 @@ static struct ConfEntry conf_general_table[] = { "burst_away", CF_YESNO, NULL, 0, &ConfigFileEntry.burst_away }, { "caller_id_wait", CF_TIME, NULL, 0, &ConfigFileEntry.caller_id_wait }, { "client_exit", CF_YESNO, NULL, 0, &ConfigFileEntry.client_exit }, - { "client_flood", CF_INT, NULL, 0, &ConfigFileEntry.client_flood }, { "collision_fnc", CF_YESNO, NULL, 0, &ConfigFileEntry.collision_fnc }, + { "resv_fnc", CF_YESNO, NULL, 0, &ConfigFileEntry.resv_fnc }, { "connect_timeout", CF_TIME, NULL, 0, &ConfigFileEntry.connect_timeout }, { "default_floodcount", CF_INT, NULL, 0, &ConfigFileEntry.default_floodcount }, { "default_ident_timeout", CF_INT, NULL, 0, &ConfigFileEntry.default_ident_timeout }, @@ -2172,11 +2421,18 @@ static struct ConfEntry conf_general_table[] = { "stats_y_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_y_oper_only }, { "target_change", CF_YESNO, NULL, 0, &ConfigFileEntry.target_change }, { "ts_max_delta", CF_TIME, NULL, 0, &ConfigFileEntry.ts_max_delta }, - { "use_egd", CF_YESNO, NULL, 0, &ConfigFileEntry.use_egd }, { "ts_warn_delta", CF_TIME, NULL, 0, &ConfigFileEntry.ts_warn_delta }, { "use_whois_actually", CF_YESNO, NULL, 0, &ConfigFileEntry.use_whois_actually }, { "warn_no_nline", CF_YESNO, NULL, 0, &ConfigFileEntry.warn_no_nline }, { "use_propagated_bans",CF_YESNO, NULL, 0, &ConfigFileEntry.use_propagated_bans }, + { "client_flood_max_lines", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_max_lines }, + { "client_flood_burst_rate", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_burst_rate }, + { "client_flood_burst_max", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_burst_max }, + { "client_flood_message_num", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_message_num }, + { "client_flood_message_time", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_message_time }, + { "max_ratelimit_tokens", CF_INT, NULL, 0, &ConfigFileEntry.max_ratelimit_tokens }, + { "away_interval", CF_INT, NULL, 0, &ConfigFileEntry.away_interval }, + { "certfp_method", CF_STRING, conf_set_general_certfp_method, 0, NULL }, { "\0", 0, NULL, 0, NULL } }; @@ -2196,9 +2452,13 @@ static struct ConfEntry conf_channel_table[] = { "only_ascii_channels", CF_YESNO, NULL, 0, &ConfigChannel.only_ascii_channels }, { "use_except", CF_YESNO, NULL, 0, &ConfigChannel.use_except }, { "use_invex", CF_YESNO, NULL, 0, &ConfigChannel.use_invex }, - { "use_knock", CF_YESNO, NULL, 0, &ConfigChannel.use_knock }, { "use_forward", CF_YESNO, NULL, 0, &ConfigChannel.use_forward }, + { "use_knock", CF_YESNO, NULL, 0, &ConfigChannel.use_knock }, { "resv_forcepart", CF_YESNO, NULL, 0, &ConfigChannel.resv_forcepart }, + { "channel_target_change", CF_YESNO, NULL, 0, &ConfigChannel.channel_target_change }, + { "disable_local_channels", CF_YESNO, NULL, 0, &ConfigChannel.disable_local_channels }, + { "autochanmodes", CF_QSTRING, conf_set_channel_autochanmodes, 0, NULL }, + { "displayed_usercount", CF_INT, NULL, 0, &ConfigChannel.displayed_usercount }, { "\0", 0, NULL, 0, NULL } }; @@ -2227,6 +2487,7 @@ newconf_init() add_top_conf("privset", NULL, NULL, conf_privset_table); add_top_conf("listen", conf_begin_listen, conf_end_listen, NULL); + add_conf_item("listen", "defer_accept", CF_YESNO, conf_set_listen_defer_accept); add_conf_item("listen", "port", CF_INT | CF_FLIST, conf_set_listen_port); add_conf_item("listen", "sslport", CF_INT | CF_FLIST, conf_set_listen_sslport); add_conf_item("listen", "ip", CF_QSTRING, conf_set_listen_address); @@ -2235,7 +2496,7 @@ newconf_init() add_top_conf("auth", conf_begin_auth, conf_end_auth, conf_auth_table); add_top_conf("shared", conf_cleanup_shared, conf_cleanup_shared, NULL); - add_conf_item("shared", "oper", CF_QSTRING|CF_FLIST, conf_set_shared_oper); + add_conf_item("shared", "oper", CF_QSTRING | CF_FLIST, conf_set_shared_oper); add_conf_item("shared", "flags", CF_STRING | CF_FLIST, conf_set_shared_flags); add_top_conf("connect", conf_begin_connect, conf_end_connect, conf_connect_table); @@ -2251,7 +2512,7 @@ newconf_init() add_top_conf("channel", NULL, NULL, conf_channel_table); add_top_conf("serverhide", NULL, NULL, conf_serverhide_table); - add_top_conf("service", conf_begin_service, NULL, NULL); + add_top_conf("service", NULL, NULL, NULL); add_conf_item("service", "name", CF_QSTRING, conf_set_service_name); add_top_conf("alias", conf_begin_alias, conf_end_alias, NULL); @@ -2260,5 +2521,7 @@ newconf_init() add_top_conf("blacklist", NULL, NULL, NULL); add_conf_item("blacklist", "host", CF_QSTRING, conf_set_blacklist_host); + add_conf_item("blacklist", "type", CF_STRING | CF_FLIST, conf_set_blacklist_type); + add_conf_item("blacklist", "matches", CF_QSTRING | CF_FLIST, conf_set_blacklist_matches); add_conf_item("blacklist", "reject_reason", CF_QSTRING, conf_set_blacklist_reason); }