X-Git-Url: https://jfr.im/git/solanum.git/blobdiff_plain/cc264f942f73f2099dae23f9cf10efed52f4589f..b2ee72e4487d9ec90ff64f63d8f8c3974d96bc5c:/include/client.h diff --git a/include/client.h b/include/client.h index ee2c5969..af8ccfa4 100644 --- a/include/client.h +++ b/include/client.h @@ -41,9 +41,8 @@ struct Blacklist; /* we store ipv6 ips for remote clients, so this needs to be v6 always */ #define HOSTIPLEN 53 /* sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255.ipv6") */ -#define PASSWDLEN 128 -#define CIPHERKEYLEN 64 /* 512bit */ -#define CLIENT_BUFSIZE 512 /* must be at least 512 bytes */ +#define PASSWDLEN 128 +#define CIPHERKEYLEN 64 /* 512bit */ #define IDLEN 10 @@ -66,6 +65,9 @@ struct LocalUser; struct PreClient; struct ListClient; struct scache_entry; +struct ws_ctl; + +typedef int SSL_OPEN_CB(struct Client *, int status); /* * Client structures @@ -77,6 +79,9 @@ struct User char *away; /* pointer to away message */ int refcnt; /* Number of times this block is referenced */ + char *opername; /* name of operator{} block being used or tried (challenge) */ + struct PrivilegeSet *privset; + char suser[NICKLEN+1]; }; @@ -114,8 +119,7 @@ struct Client time_t tsinfo; /* TS on the nick, SVINFO on server */ unsigned int umodes; /* opers, normal users subset */ - unsigned int flags; /* client flags */ - unsigned int flags2; /* ugh. overflow */ + uint64_t flags; /* client flags */ unsigned int snomask; /* server notice mask */ @@ -125,7 +129,7 @@ struct Client unsigned long serial; /* used to enforce 1 send per nick */ /* client->name is the unique name for a client nick or host */ - char name[HOSTLEN + 1]; + char name[NAMELEN + 1]; /* * client->username is the username from ident or the USER message, @@ -224,7 +228,6 @@ struct LocalUser */ char *passwd; char *auth_user; - char *opername; /* name of operator{} block being used or tried (challenge) */ char *challenge; char *fullcaps; char *cipher_string; @@ -252,7 +255,7 @@ struct LocalUser */ int sent_parsed; /* how many messages we've parsed in this second */ time_t last_knock; /* time of last knock */ - unsigned long random_ping; + uint32_t random_ping; /* target change stuff */ /* targets we're aware of (fnv32(use_id(target_p))): @@ -274,16 +277,34 @@ struct LocalUser struct _ssl_ctl *ssl_ctl; /* which ssl daemon we're associate with */ struct _ssl_ctl *z_ctl; /* second ctl for ssl+zlib */ + struct ws_ctl *ws_ctl; /* ctl for wsockd */ + SSL_OPEN_CB *ssl_callback; /* ssl connection is now open */ uint32_t localflags; struct ZipStats *zipstats; /* zipstats */ uint16_t cork_count; /* used for corking/uncorking connections */ struct ev_entry *event; /* used for associated events */ - struct PrivilegeSet *privset; /* privset... */ - char sasl_agent[IDLEN]; unsigned char sasl_out; unsigned char sasl_complete; + + unsigned int sasl_messages; + unsigned int sasl_failures; + time_t sasl_next_retry; +}; + +#define AUTHC_F_DEFERRED 0x01 +#define AUTHC_F_COMPLETE 0x02 + +struct AuthClient +{ + uint32_t cid; /* authd id */ + time_t timeout; /* When to terminate authd query */ + bool accepted; /* did authd accept us? */ + char cause; /* rejection cause */ + char *data; /* reason data */ + char *reason; /* reason we were rejected */ + int flags; }; struct PreClient @@ -292,14 +313,11 @@ struct PreClient char spoofuser[USERLEN + 1]; char spoofhost[HOSTLEN + 1]; - uint32_t authd_cid; /* authd id */ - time_t authd_timeout; /* When to terminate authd query */ - bool authd_accepted; /* did authd accept us? */ - char authd_cause; /* rejection cause */ - char *authd_data; /* reason data */ - char *authd_reason; /* reason we were rejected */ + struct AuthClient auth; struct rb_sockaddr_storage lip; /* address of our side of the connection */ + + char id[IDLEN]; /* UID/SID, unique on the network (unverified) */ }; struct ListClient @@ -386,31 +404,42 @@ struct ListClient /* housekeeping flags */ -#define FLAGS_PINGSENT 0x0001 /* Unreplied ping sent */ -#define FLAGS_DEAD 0x0002 /* Local socket is dead--Exiting soon */ -#define FLAGS_KILLED 0x0004 /* Prevents "QUIT" from being sent for this */ -#define FLAGS_SENTUSER 0x0008 /* Client sent a USER command. */ -#define FLAGS_CLICAP 0x0010 /* In CAP negotiation, wait for CAP END */ -#define FLAGS_CLOSING 0x0020 /* set when closing to suppress errors */ -#define FLAGS_PING_COOKIE 0x0040 /* has sent ping cookie */ -#define FLAGS_GOTID 0x0080 /* successful ident lookup achieved */ -#define FLAGS_FLOODDONE 0x0100 /* flood grace period over / reported */ -#define FLAGS_NORMALEX 0x0400 /* Client exited normally */ -#define FLAGS_MARK 0x10000 /* marked client */ -#define FLAGS_HIDDEN 0x20000 /* hidden server */ -#define FLAGS_EOB 0x40000 /* EOB */ -#define FLAGS_MYCONNECT 0x80000 /* MyConnect */ -#define FLAGS_IOERROR 0x100000 /* IO error */ -#define FLAGS_SERVICE 0x200000 /* network service */ -#define FLAGS_TGCHANGE 0x400000 /* we're allowed to clear something */ -#define FLAGS_DYNSPOOF 0x800000 /* dynamic spoof, only opers see ip */ -#define FLAGS_TGEXCESSIVE 0x1000000 /* whether the client has attemped to change targets excessively fast */ -#define FLAGS_CLICAP_DATA 0x2000000 /* requested CAP LS 302 */ +#define FLAGS_PINGSENT 0x00000001 /* Unreplied ping sent */ +#define FLAGS_DEAD 0x00000002 /* Local socket is dead--Exiting soon */ +#define FLAGS_KILLED 0x00000004 /* Prevents "QUIT" from being sent for this */ +#define FLAGS_SENTUSER 0x00000008 /* Client sent a USER command. */ +#define FLAGS_CLICAP 0x00000010 /* In CAP negotiation, wait for CAP END */ +#define FLAGS_CLOSING 0x00000020 /* set when closing to suppress errors */ +#define FLAGS_PING_COOKIE 0x00000040 /* has sent ping cookie */ +#define FLAGS_GOTID 0x00000080 /* successful ident lookup achieved */ +#define FLAGS_FLOODDONE 0x00000100 /* flood grace period over / reported */ +#define FLAGS_NORMALEX 0x00000200 /* Client exited normally */ +#define FLAGS_MARK 0x00000400 /* marked client */ +#define FLAGS_HIDDEN 0x00000800 /* hidden server */ +#define FLAGS_EOB 0x00001000 /* EOB */ +#define FLAGS_MYCONNECT 0x00002000 /* MyConnect */ +#define FLAGS_IOERROR 0x00004000 /* IO error */ +#define FLAGS_SERVICE 0x00008000 /* network service */ +#define FLAGS_TGCHANGE 0x00010000 /* we're allowed to clear something */ +#define FLAGS_DYNSPOOF 0x00020000 /* dynamic spoof, only opers see ip */ +#define FLAGS_TGEXCESSIVE 0x00040000 /* whether the client has attemped to change targets excessively fast */ +#define FLAGS_CLICAP_DATA 0x00080000 /* requested CAP LS 302 */ +#define FLAGS_EXTENDCHANS 0x00100000 +#define FLAGS_EXEMPTRESV 0x00200000 +#define FLAGS_EXEMPTKLINE 0x00400000 +#define FLAGS_EXEMPTFLOOD 0x00800000 +#define FLAGS_IP_SPOOFING 0x01000000 +#define FLAGS_EXEMPTSPAMBOT 0x02000000 +#define FLAGS_EXEMPTSHIDE 0x04000000 +#define FLAGS_EXEMPTJUPE 0x08000000 + /* flags for local clients, this needs stuff moved from above to here at some point */ #define LFLAGS_SSL 0x00000001 #define LFLAGS_FLUSH 0x00000002 #define LFLAGS_CORK 0x00000004 +#define LFLAGS_SCTP 0x00000008 +#define LFLAGS_INSECURE 0x00000010 /* for marking SSL clients as insecure before registration */ /* umodes, settable flags */ /* lots of this moved to snomask -- jilles */ @@ -430,17 +459,6 @@ struct ListClient #define UMODE_ADMIN 0x2000 /* Admin on server */ #define UMODE_SSLCLIENT 0x4000 /* using SSL */ -/* overflow flags */ -/* EARLIER FLAGS ARE IN s_newconf.h */ -#define FLAGS2_EXTENDCHANS 0x00200000 -#define FLAGS2_EXEMPTRESV 0x00400000 -#define FLAGS2_EXEMPTKLINE 0x00800000 -#define FLAGS2_EXEMPTFLOOD 0x01000000 -#define FLAGS2_IP_SPOOFING 0x10000000 -#define FLAGS2_EXEMPTSPAMBOT 0x20000000 -#define FLAGS2_EXEMPTSHIDE 0x40000000 -#define FLAGS2_EXEMPTJUPE 0x80000000 - #define DEFAULT_OPER_UMODES (UMODE_SERVNOTICE | UMODE_OPERWALL | \ UMODE_WALLOP | UMODE_LOCOPS) #define DEFAULT_OPER_SNOMASK SNO_GENERAL @@ -492,6 +510,14 @@ struct ListClient #define SetFlush(x) ((x)->localClient->localflags |= LFLAGS_FLUSH) #define ClearFlush(x) ((x)->localClient->localflags &= ~LFLAGS_FLUSH) +#define IsSCTP(x) ((x)->localClient->localflags & LFLAGS_SCTP) +#define SetSCTP(x) ((x)->localClient->localflags |= LFLAGS_SCTP) +#define ClearSCTP(x) ((x)->localClient->localflags &= ~LFLAGS_SCTP) + +#define IsInsecure(x) ((x)->localClient->localflags & LFLAGS_INSECURE) +#define SetInsecure(x) ((x)->localClient->localflags |= LFLAGS_INSECURE) +#define ClearInsecure(x) ((x)->localClient->localflags &= ~LFLAGS_INSECURE) + /* oper flags */ #define MyOper(x) (MyConnect(x) && IsOper(x)) @@ -522,25 +548,22 @@ struct ListClient #define SetGotId(x) ((x)->flags |= FLAGS_GOTID) #define IsGotId(x) (((x)->flags & FLAGS_GOTID) != 0) -/* - * flags2 macros. - */ -#define IsExemptKline(x) ((x)->flags2 & FLAGS2_EXEMPTKLINE) -#define SetExemptKline(x) ((x)->flags2 |= FLAGS2_EXEMPTKLINE) -#define IsExemptFlood(x) ((x)->flags2 & FLAGS2_EXEMPTFLOOD) -#define SetExemptFlood(x) ((x)->flags2 |= FLAGS2_EXEMPTFLOOD) -#define IsExemptSpambot(x) ((x)->flags2 & FLAGS2_EXEMPTSPAMBOT) -#define SetExemptSpambot(x) ((x)->flags2 |= FLAGS2_EXEMPTSPAMBOT) -#define IsExemptShide(x) ((x)->flags2 & FLAGS2_EXEMPTSHIDE) -#define SetExemptShide(x) ((x)->flags2 |= FLAGS2_EXEMPTSHIDE) -#define IsExemptJupe(x) ((x)->flags2 & FLAGS2_EXEMPTJUPE) -#define SetExemptJupe(x) ((x)->flags2 |= FLAGS2_EXEMPTJUPE) -#define IsExemptResv(x) ((x)->flags2 & FLAGS2_EXEMPTRESV) -#define SetExemptResv(x) ((x)->flags2 |= FLAGS2_EXEMPTRESV) -#define IsIPSpoof(x) ((x)->flags2 & FLAGS2_IP_SPOOFING) -#define SetIPSpoof(x) ((x)->flags2 |= FLAGS2_IP_SPOOFING) -#define IsExtendChans(x) ((x)->flags2 & FLAGS2_EXTENDCHANS) -#define SetExtendChans(x) ((x)->flags2 |= FLAGS2_EXTENDCHANS) +#define IsExemptKline(x) ((x)->flags & FLAGS_EXEMPTKLINE) +#define SetExemptKline(x) ((x)->flags |= FLAGS_EXEMPTKLINE) +#define IsExemptFlood(x) ((x)->flags & FLAGS_EXEMPTFLOOD) +#define SetExemptFlood(x) ((x)->flags |= FLAGS_EXEMPTFLOOD) +#define IsExemptSpambot(x) ((x)->flags & FLAGS_EXEMPTSPAMBOT) +#define SetExemptSpambot(x) ((x)->flags |= FLAGS_EXEMPTSPAMBOT) +#define IsExemptShide(x) ((x)->flags & FLAGS_EXEMPTSHIDE) +#define SetExemptShide(x) ((x)->flags |= FLAGS_EXEMPTSHIDE) +#define IsExemptJupe(x) ((x)->flags & FLAGS_EXEMPTJUPE) +#define SetExemptJupe(x) ((x)->flags |= FLAGS_EXEMPTJUPE) +#define IsExemptResv(x) ((x)->flags & FLAGS_EXEMPTRESV) +#define SetExemptResv(x) ((x)->flags |= FLAGS_EXEMPTRESV) +#define IsIPSpoof(x) ((x)->flags & FLAGS_IP_SPOOFING) +#define SetIPSpoof(x) ((x)->flags |= FLAGS_IP_SPOOFING) +#define IsExtendChans(x) ((x)->flags & FLAGS_EXTENDCHANS) +#define SetExtendChans(x) ((x)->flags |= FLAGS_EXTENDCHANS) /* for local users: flood grace period is over * for servers: mentioned in networknotice.c notice @@ -560,9 +583,15 @@ struct ListClient #define SHOW_IP 1 #define MASK_IP 2 +enum +{ + D_LINED, + K_LINED +}; + extern void check_banned_lines(void); -extern void check_klines_event(void *unused); extern void check_klines(void); +extern void check_one_kline(struct ConfItem *kline); extern void check_dlines(void); extern void check_xlines(void); extern void resv_nick_fnc(const char *mask, const char *reason, int temp_time); @@ -573,8 +602,8 @@ extern int is_remote_connect(struct Client *); extern void init_client(void); extern struct Client *make_client(struct Client *from); extern void free_pre_client(struct Client *client); -extern void free_client(struct Client *client); +extern void notify_banned_client(struct Client *, struct ConfItem *, int ban); extern int exit_client(struct Client *, struct Client *, struct Client *, const char *); extern void error_exit_client(struct Client *, int);