2 * IRC - Internet Relay Chat, ircd/gline.c
3 * Copyright (C) 1990 Jarkko Oikarinen and
4 * University of Oulu, Finland
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 1, or (at your option)
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
27 #include "ircd_alloc.h"
28 #include "ircd_features.h"
30 #include "ircd_policy.h"
31 #include "ircd_reply.h"
32 #include "ircd_snprintf.h"
33 #include "ircd_string.h"
45 #include "sys.h" /* FALSE bleah */
52 #include <arpa/inet.h> /* for inet_ntoa */
54 #define CHECK_APPROVED 0 /* Mask is acceptable */
55 #define CHECK_OVERRIDABLE 1 /* Mask is acceptable, but not by default */
56 #define CHECK_REJECTED 2 /* Mask is totally unacceptable */
58 #define MASK_WILD_0 0x01 /* Wildcards in the last position */
59 #define MASK_WILD_1 0x02 /* Wildcards in the next-to-last position */
61 #define MASK_WILD_MASK 0x03 /* Mask out the positional wildcards */
63 #define MASK_WILDS 0x10 /* Mask contains wildcards */
64 #define MASK_IP 0x20 /* Mask is an IP address */
65 #define MASK_HALT 0x40 /* Finished processing mask */
67 struct Gline* GlobalGlineList = 0;
68 struct Gline* BadChanGlineList = 0;
71 canon_userhost(char *userhost, char **user_p, char **host_p, char *def_user)
75 if (!(tmp = strchr(userhost, '@'))) {
86 make_gline(char *user, char *host, char *reason, time_t expire, time_t lastmod,
89 struct Gline *gline, *sgline, *after = 0;
91 if (!(flags & GLINE_BADCHAN)) { /* search for overlapping glines first */
93 for (gline = GlobalGlineList; gline; gline = sgline) {
94 sgline = gline->gl_next;
96 if (gline->gl_expire <= CurrentTime)
98 else if ((gline->gl_flags & GLINE_LOCAL) != (flags & GLINE_LOCAL))
100 else if (!mmatch(gline->gl_user, user) && /* gline contains new mask */
101 !mmatch(gline->gl_host, host)) {
102 if (expire <= gline->gl_expire) /* will expire before wider gline */
105 after = gline; /* stick new gline after this one */
106 } else if (!mmatch(user, gline->gl_user) && /* new mask contains gline */
107 !mmatch(host, gline->gl_host) &&
108 gline->gl_expire <= expire) /* gline expires before new one */
109 gline_free(gline); /* save some memory */
113 gline = (struct Gline *)MyMalloc(sizeof(struct Gline)); /* alloc memory */
116 DupString(gline->gl_reason, reason); /* initialize gline... */
117 gline->gl_expire = expire;
118 gline->gl_lastmod = lastmod;
119 gline->gl_flags = flags & GLINE_MASK;
121 if (flags & GLINE_BADCHAN) { /* set a BADCHAN gline */
122 DupString(gline->gl_user, user); /* first, remember channel */
125 gline->gl_next = BadChanGlineList; /* then link it into list */
126 gline->gl_prev_p = &BadChanGlineList;
127 if (BadChanGlineList)
128 BadChanGlineList->gl_prev_p = &gline->gl_next;
129 BadChanGlineList = gline;
131 DupString(gline->gl_user, user); /* remember them... */
132 DupString(gline->gl_host, host);
134 if (check_if_ipmask(host)) { /* mark if it's an IP mask */
140 class = sscanf(host,"%d.%d.%d.%d/%d",
141 &ad[0],&ad[1],&ad[2],&ad[3], &bits2);
148 ircd_snprintf(0, ipname, sizeof(ipname), "%d.%d.%d.%d", ad[0], ad[1],
150 gline->ipnum.s_addr = inet_addr(ipname);
151 Debug((DEBUG_DEBUG,"IP gline: %08x/%i",gline->ipnum.s_addr,gline->bits));
152 gline->gl_flags |= GLINE_IPMASK;
156 gline->gl_next = after->gl_next;
157 gline->gl_prev_p = &after->gl_next;
159 after->gl_next->gl_prev_p = &gline->gl_next;
160 after->gl_next = gline;
162 gline->gl_next = GlobalGlineList; /* then link it into list */
163 gline->gl_prev_p = &GlobalGlineList;
165 GlobalGlineList->gl_prev_p = &gline->gl_next;
166 GlobalGlineList = gline;
174 do_gline(struct Client *cptr, struct Client *sptr, struct Gline *gline)
176 struct Client *acptr;
177 int fd, retval = 0, tval;
179 if (!GlineIsActive(gline)) /* no action taken on inactive glines */
182 for (fd = HighestFd; fd >= 0; --fd) {
186 if ((acptr = LocalClientArray[fd])) {
187 if (!cli_user(acptr))
190 if (cli_user(acptr)->username &&
191 match (gline->gl_user, (cli_user(acptr))->username) != 0)
194 if (GlineIsIpMask(gline)) {
195 Debug((DEBUG_DEBUG,"IP gline: %08x %08x/%i",(cli_ip(cptr)).s_addr,gline->ipnum.s_addr,gline->bits));
196 if (((cli_ip(acptr)).s_addr & NETMASK(gline->bits)) != gline->ipnum.s_addr)
200 if (match(gline->gl_host, cli_sockhost(acptr)) != 0)
204 /* ok, here's one that got G-lined */
205 send_reply(acptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, ":%s",
208 /* let the ops know about it */
209 sendto_opmask_butone(0, SNO_GLINE, "G-line active for %s",
210 get_client_name(acptr, TRUE));
212 /* and get rid of him */
213 if ((tval = exit_client_msg(cptr, acptr, &me, "G-lined (%s)",
215 retval = tval; /* retain killed status */
222 * This routine implements the mask checking applied to local
223 * G-lines. Basically, host masks must have a minimum of two non-wild
224 * domain fields, and IP masks must have a minimum of 16 bits. If the
225 * mask has even one wild-card, OVERRIDABLE is returned, assuming the
226 * other check doesn't fail.
229 gline_checkmask(char *mask)
231 unsigned int flags = MASK_IP;
232 unsigned int dots = 0;
233 unsigned int ipmask = 0;
235 for (; *mask; mask++) { /* go through given mask */
236 if (*mask == '.') { /* it's a separator; advance positional wilds */
237 flags = (flags & ~MASK_WILD_MASK) | ((flags << 1) & MASK_WILD_MASK);
240 if ((flags & (MASK_IP | MASK_WILDS)) == MASK_IP)
241 ipmask += 8; /* It's an IP with no wilds, count bits */
242 } else if (*mask == '*' || *mask == '?')
243 flags |= MASK_WILD_0 | MASK_WILDS; /* found a wildcard */
244 else if (*mask == '/') { /* n.n.n.n/n notation; parse bit specifier */
245 ipmask = strtoul(++mask, &mask, 10);
247 if (*mask || dots != 3 || ipmask > 32 || /* sanity-check to date */
248 (flags & (MASK_WILDS | MASK_IP)) != MASK_IP)
249 return CHECK_REJECTED; /* how strange... */
251 if (ipmask < 32) /* it's a masked address; mark wilds */
254 flags |= MASK_HALT; /* Halt the ipmask calculation */
256 break; /* get out of the loop */
257 } else if (!IsDigit(*mask)) {
258 flags &= ~MASK_IP; /* not an IP anymore! */
263 /* Sanity-check quads */
264 if (dots > 3 || (!(flags & MASK_WILDS) && dots < 3)) {
269 /* update bit count if necessary */
270 if ((flags & (MASK_IP | MASK_WILDS | MASK_HALT)) == MASK_IP)
273 /* Check to see that it's not too wide of a mask */
274 if (flags & MASK_WILDS &&
275 ((!(flags & MASK_IP) && (dots < 2 || flags & MASK_WILD_MASK)) ||
276 (flags & MASK_IP && ipmask < 16)))
277 return CHECK_REJECTED; /* to wide, reject */
279 /* Ok, it's approved; require override if it has wildcards, though */
280 return flags & MASK_WILDS ? CHECK_OVERRIDABLE : CHECK_APPROVED;
284 gline_propagate(struct Client *cptr, struct Client *sptr, struct Gline *gline)
286 if (GlineIsLocal(gline) || (IsUser(sptr) && !gline->gl_lastmod))
289 if (gline->gl_lastmod)
290 sendcmdto_serv_butone(sptr, CMD_GLINE, cptr, "* %c%s%s%s %Tu %Tu :%s",
291 GlineIsRemActive(gline) ? '+' : '-', gline->gl_user,
292 GlineIsBadChan(gline) ? "" : "@",
293 GlineIsBadChan(gline) ? "" : gline->gl_host,
294 gline->gl_expire - CurrentTime, gline->gl_lastmod,
297 sendcmdto_serv_butone(sptr, CMD_GLINE, cptr,
298 (GlineIsRemActive(gline) ?
299 "* +%s%s%s %Tu :%s" : "* -%s%s%s"),
300 gline->gl_user, GlineIsBadChan(gline) ? "" : "@",
301 GlineIsBadChan(gline) ? "" : gline->gl_host,
302 gline->gl_expire - CurrentTime, gline->gl_reason);
308 gline_add(struct Client *cptr, struct Client *sptr, char *userhost,
309 char *reason, time_t expire, time_t lastmod, unsigned int flags)
311 struct Gline *agline;
312 char uhmask[USERLEN + HOSTLEN + 2];
316 assert(0 != userhost);
319 /* NO_OLD_GLINE allows *@#channel to work correctly */
320 if (*userhost == '#' || *userhost == '&' || *userhost == '+'
321 # ifndef NO_OLD_GLINE
322 || userhost[2] == '#' || userhost[2] == '&' || userhost[2] == '+'
323 # endif /* OLD_GLINE */
325 if ((flags & GLINE_LOCAL) && !HasPriv(sptr, PRIV_LOCAL_BADCHAN))
326 return send_reply(sptr, ERR_NOPRIVILEGES);
328 flags |= GLINE_BADCHAN;
329 # ifndef NO_OLD_GLINE
330 if (userhost[2] == '#' || userhost[2] == '&' || userhost[2] == '+')
333 # endif /* OLD_GLINE */
337 canon_userhost(userhost, &user, &host, "*");
339 ircd_snprintf(0, uhmask, sizeof(uhmask), "%s@%s", user, host))
340 return send_reply(sptr, ERR_LONGMASK);
341 else if (MyUser(sptr) || (IsUser(sptr) && flags & GLINE_LOCAL)) {
342 switch (gline_checkmask(host)) {
343 case CHECK_OVERRIDABLE: /* oper overrided restriction */
344 if (flags & GLINE_OPERFORCE)
348 return send_reply(sptr, ERR_MASKTOOWIDE, uhmask);
352 if ((tmp = count_users(uhmask)) >=
353 feature_int(FEAT_GLINEMAXUSERCOUNT) && !(flags & GLINE_OPERFORCE))
354 return send_reply(sptr, ERR_TOOMANYUSERS, tmp);
359 * You cannot set a negative (or zero) expire time, nor can you set an
360 * expiration time for greater than GLINE_MAX_EXPIRE.
362 if (!(flags & GLINE_FORCE) && (expire <= 0 || expire > GLINE_MAX_EXPIRE)) {
363 if (!IsServer(sptr) && MyConnect(sptr))
364 send_reply(sptr, ERR_BADEXPIRE, expire);
368 expire += CurrentTime; /* convert from lifetime to timestamp */
371 sendto_opmask_butone(0, SNO_GLINE, "%s adding %s %s for %s%s%s, expiring at "
373 #ifdef HEAD_IN_SAND_SNOTICES
376 IsServer(sptr) ? cli_name(sptr) :
377 cli_name((cli_user(sptr))->server),
379 flags & GLINE_LOCAL ? "local" : "global",
380 flags & GLINE_BADCHAN ? "BADCHAN" : "GLINE", user,
381 flags & GLINE_BADCHAN ? "" : "@",
382 flags & GLINE_BADCHAN ? "" : host,
383 expire + TSoffset, reason);
386 log_write(LS_GLINE, L_INFO, LOG_NOSNOTICE,
387 "%#C adding %s %s for %s, expiring at %Tu: %s", sptr,
388 flags & GLINE_LOCAL ? "local" : "global",
389 flags & GLINE_BADCHAN ? "BADCHAN" : "GLINE", userhost,
390 expire + TSoffset, reason);
393 agline = make_gline(user, host, reason, expire, lastmod, flags);
395 if (!agline) /* if it overlapped, silently return */
398 gline_propagate(cptr, sptr, agline);
400 if (GlineIsBadChan(agline))
403 return do_gline(cptr, sptr, agline); /* knock off users if necessary */
407 gline_activate(struct Client *cptr, struct Client *sptr, struct Gline *gline,
408 time_t lastmod, unsigned int flags)
410 unsigned int saveflags = 0;
414 saveflags = gline->gl_flags;
416 if (flags & GLINE_LOCAL)
417 gline->gl_flags &= ~GLINE_LDEACT;
419 gline->gl_flags |= GLINE_ACTIVE;
421 if (gline->gl_lastmod) {
422 if (gline->gl_lastmod >= lastmod) /* force lastmod to increase */
425 gline->gl_lastmod = lastmod;
429 if ((saveflags & GLINE_ACTMASK) == GLINE_ACTIVE)
430 return 0; /* was active to begin with */
432 /* Inform ops and log it */
433 sendto_opmask_butone(0, SNO_GLINE, "%s activating global %s for %s%s%s, "
434 "expiring at %Tu: %s",
435 #ifdef HEAD_IN_SAND_SNOTICES
438 IsServer(sptr) ? cli_name(sptr) :
439 cli_name((cli_user(sptr))->server),
441 GlineIsBadChan(gline) ? "BADCHAN" : "GLINE",
442 gline->gl_user, GlineIsBadChan(gline) ? "" : "@",
443 GlineIsBadChan(gline) ? "" : gline->gl_host,
444 gline->gl_expire + TSoffset, gline->gl_reason);
446 log_write(LS_GLINE, L_INFO, LOG_NOSNOTICE,
447 "%#C activating global %s for %s%s%s, expiring at %Tu: %s", sptr,
448 GlineIsBadChan(gline) ? "BADCHAN" : "GLINE", gline->gl_user,
449 GlineIsBadChan(gline) ? "" : "@",
450 GlineIsBadChan(gline) ? "" : gline->gl_host,
451 gline->gl_expire + TSoffset, gline->gl_reason);
453 if (!(flags & GLINE_LOCAL)) /* don't propagate local changes */
454 gline_propagate(cptr, sptr, gline);
456 return GlineIsBadChan(gline) ? 0 : do_gline(cptr, sptr, gline);
460 gline_deactivate(struct Client *cptr, struct Client *sptr, struct Gline *gline,
461 time_t lastmod, unsigned int flags)
463 unsigned int saveflags = 0;
468 saveflags = gline->gl_flags;
470 if (GlineIsLocal(gline))
471 msg = "removing local";
472 else if (!gline->gl_lastmod && !(flags & GLINE_LOCAL)) {
473 msg = "removing global";
474 gline->gl_flags &= ~GLINE_ACTIVE; /* propagate a -<mask> */
476 msg = "deactivating global";
478 if (flags & GLINE_LOCAL)
479 gline->gl_flags |= GLINE_LDEACT;
481 gline->gl_flags &= ~GLINE_ACTIVE;
483 if (gline->gl_lastmod) {
484 if (gline->gl_lastmod >= lastmod)
487 gline->gl_lastmod = lastmod;
491 if ((saveflags & GLINE_ACTMASK) != GLINE_ACTIVE)
492 return 0; /* was inactive to begin with */
495 /* Inform ops and log it */
496 sendto_opmask_butone(0, SNO_GLINE, "%s %s %s for %s%s%s, expiring at %Tu: "
498 #ifdef HEAD_IN_SAND_SNOTICES
501 IsServer(sptr) ? cli_name(sptr) :
502 cli_name((cli_user(sptr))->server),
504 msg, GlineIsBadChan(gline) ? "BADCHAN" : "GLINE",
505 gline->gl_user, GlineIsBadChan(gline) ? "" : "@",
506 GlineIsBadChan(gline) ? "" : gline->gl_host,
507 gline->gl_expire + TSoffset, gline->gl_reason);
509 log_write(LS_GLINE, L_INFO, LOG_NOSNOTICE,
510 "%#C %s %s for %s%s%s, expiring at %Tu: %s", sptr, msg,
511 GlineIsBadChan(gline) ? "BADCHAN" : "GLINE", gline->gl_user,
512 GlineIsBadChan(gline) ? "" : "@",
513 GlineIsBadChan(gline) ? "" : gline->gl_host,
514 gline->gl_expire + TSoffset, gline->gl_reason);
516 if (!(flags & GLINE_LOCAL)) /* don't propagate local changes */
517 gline_propagate(cptr, sptr, gline);
519 /* if it's a local gline or a Uworld gline (and not locally deactivated).. */
520 if (GlineIsLocal(gline) || (!gline->gl_lastmod && !(flags & GLINE_LOCAL)))
521 gline_free(gline); /* get rid of it */
527 gline_find(char *userhost, unsigned int flags)
530 struct Gline *sgline;
531 char *user, *host, *t_uh;
533 if (flags & (GLINE_BADCHAN | GLINE_ANY)) {
534 for (gline = BadChanGlineList; gline; gline = sgline) {
535 sgline = gline->gl_next;
537 if (gline->gl_expire <= CurrentTime)
539 else if ((flags & GLINE_GLOBAL && gline->gl_flags & GLINE_LOCAL) ||
540 (flags & GLINE_LASTMOD && !gline->gl_lastmod))
542 else if ((flags & GLINE_EXACT ? ircd_strcmp(gline->gl_user, userhost) :
543 match(gline->gl_user, userhost)) == 0)
548 if ((flags & (GLINE_BADCHAN | GLINE_ANY)) == GLINE_BADCHAN ||
549 *userhost == '#' || *userhost == '&' || *userhost == '+'
551 || userhost[2] == '#' || userhost[2] == '&' || userhost[2] == '+'
552 #endif /* NO_OLD_GLINE */
556 DupString(t_uh, userhost);
557 canon_userhost(t_uh, &user, &host, 0);
559 for (gline = GlobalGlineList; gline; gline = sgline) {
560 sgline = gline->gl_next;
562 if (gline->gl_expire <= CurrentTime)
564 else if ((flags & GLINE_GLOBAL && gline->gl_flags & GLINE_LOCAL) ||
565 (flags & GLINE_LASTMOD && !gline->gl_lastmod))
567 else if (flags & GLINE_EXACT) {
568 if (ircd_strcmp(gline->gl_host, host) == 0 &&
569 ((!user && ircd_strcmp(gline->gl_user, "*") == 0) ||
570 ircd_strcmp(gline->gl_user, user) == 0))
573 if (match(gline->gl_host, host) == 0 &&
574 ((!user && ircd_strcmp(gline->gl_user, "*") == 0) ||
575 match(gline->gl_user, user) == 0))
586 gline_lookup(struct Client *cptr, unsigned int flags)
589 struct Gline *sgline;
591 for (gline = GlobalGlineList; gline; gline = sgline) {
592 sgline = gline->gl_next;
594 if (gline->gl_expire <= CurrentTime) {
599 if ((flags & GLINE_GLOBAL && gline->gl_flags & GLINE_LOCAL) ||
600 (flags & GLINE_LASTMOD && !gline->gl_lastmod))
603 if (match(gline->gl_user, (cli_user(cptr))->username) != 0)
606 if (GlineIsIpMask(gline)) {
607 Debug((DEBUG_DEBUG,"IP gline: %08x %08x/%i",(cli_ip(cptr)).s_addr,gline->ipnum.s_addr,gline->bits));
608 if (((cli_ip(cptr)).s_addr & NETMASK(gline->bits)) != gline->ipnum.s_addr)
612 if (match(gline->gl_host, (cli_user(cptr))->host) != 0)
624 gline_free(struct Gline *gline)
628 *gline->gl_prev_p = gline->gl_next; /* squeeze this gline out */
630 gline->gl_next->gl_prev_p = gline->gl_prev_p;
632 MyFree(gline->gl_user); /* free up the memory */
634 MyFree(gline->gl_host);
635 MyFree(gline->gl_reason);
640 gline_burst(struct Client *cptr)
643 struct Gline *sgline;
645 for (gline = GlobalGlineList; gline; gline = sgline) { /* all glines */
646 sgline = gline->gl_next;
648 if (gline->gl_expire <= CurrentTime) /* expire any that need expiring */
650 else if (!GlineIsLocal(gline) && gline->gl_lastmod)
651 sendcmdto_one(&me, CMD_GLINE, cptr, "* %c%s@%s %Tu %Tu :%s",
652 GlineIsRemActive(gline) ? '+' : '-', gline->gl_user,
653 gline->gl_host, gline->gl_expire - CurrentTime,
654 gline->gl_lastmod, gline->gl_reason);
657 for (gline = BadChanGlineList; gline; gline = sgline) { /* all glines */
658 sgline = gline->gl_next;
660 if (gline->gl_expire <= CurrentTime) /* expire any that need expiring */
662 else if (!GlineIsLocal(gline) && gline->gl_lastmod)
663 sendcmdto_one(&me, CMD_GLINE, cptr, "* %c%s %Tu %Tu :%s",
664 GlineIsRemActive(gline) ? '+' : '-', gline->gl_user,
665 gline->gl_expire - CurrentTime, gline->gl_lastmod,
671 gline_resend(struct Client *cptr, struct Gline *gline)
673 if (GlineIsLocal(gline) || !gline->gl_lastmod)
676 sendcmdto_one(&me, CMD_GLINE, cptr, "* %c%s%s%s %Tu %Tu :%s",
677 GlineIsRemActive(gline) ? '+' : '-', gline->gl_user,
678 GlineIsBadChan(gline) ? "" : "@",
679 GlineIsBadChan(gline) ? "" : gline->gl_host,
680 gline->gl_expire - CurrentTime, gline->gl_lastmod,
687 gline_list(struct Client *sptr, char *userhost)
690 struct Gline *sgline;
693 if (!(gline = gline_find(userhost, GLINE_ANY))) /* no such gline */
694 return send_reply(sptr, ERR_NOSUCHGLINE, userhost);
696 /* send gline information along */
697 send_reply(sptr, RPL_GLIST, gline->gl_user,
698 GlineIsBadChan(gline) ? "" : "@",
699 GlineIsBadChan(gline) ? "" : gline->gl_host,
700 gline->gl_expire + TSoffset,
701 GlineIsLocal(gline) ? cli_name(&me) : "*",
702 GlineIsActive(gline) ? '+' : '-', gline->gl_reason);
704 for (gline = GlobalGlineList; gline; gline = sgline) {
705 sgline = gline->gl_next;
707 if (gline->gl_expire <= CurrentTime)
710 send_reply(sptr, RPL_GLIST, gline->gl_user, "@", gline->gl_host,
711 gline->gl_expire + TSoffset,
712 GlineIsLocal(gline) ? cli_name(&me) : "*",
713 GlineIsActive(gline) ? '+' : '-', gline->gl_reason);
716 for (gline = BadChanGlineList; gline; gline = sgline) {
717 sgline = gline->gl_next;
719 if (gline->gl_expire <= CurrentTime)
722 send_reply(sptr, RPL_GLIST, gline->gl_user, "", "",
723 gline->gl_expire + TSoffset,
724 GlineIsLocal(gline) ? cli_name(&me) : "*",
725 GlineIsActive(gline) ? '+' : '-', gline->gl_reason);
729 /* end of gline information */
730 return send_reply(sptr, RPL_ENDOFGLIST);
734 gline_stats(struct Client *sptr)
737 struct Gline *sgline;
739 for (gline = GlobalGlineList; gline; gline = sgline) {
740 sgline = gline->gl_next;
742 if (gline->gl_expire <= CurrentTime)
745 send_reply(sptr, RPL_STATSGLINE, 'G', gline->gl_user, gline->gl_host,
746 gline->gl_expire + TSoffset, gline->gl_reason);