+ /* Allocate the AuthRequest. */
+ auth = auth_freelist;
+ if (auth)
+ auth_freelist = auth->next;
+ else
+ auth = MyMalloc(sizeof(*auth));
+ assert(0 != auth);
+ memset(auth, 0, sizeof(*auth));
+ auth->client = client;
+ cli_auth(client) = auth;
+ s_fd(&auth->socket) = -1;
+ timer_add(timer_init(&auth->timeout), auth_timeout_callback, (void*) auth,
+ TT_RELATIVE, feature_int(FEAT_AUTH_TIMEOUT));
+
+ /* Try to get socket endpoint addresses. */
+ if (!os_get_sockname(cli_fd(client), &auth->local)
+ || !os_get_peername(cli_fd(client), &remote)) {
+ ++ServerStats->is_abad;
+ if (IsUserPort(auth->client))
+ sendheader(auth->client, REPORT_FAIL_ID);
+ exit_client(auth->client, auth->client, &me, "Socket local/peer lookup failed");
+ return;
+ }
+ auth->port = remote.port;
+
+ /* Set required client inputs for users. */
+ if (IsUserPort(client)) {
+ cli_user(client) = make_user(client);
+ cli_user(client)->server = &me;
+ FlagSet(&auth->flags, AR_NEEDS_USER);
+ FlagSet(&auth->flags, AR_NEEDS_NICK);
+
+ /* Try to start iauth lookup. */
+ start_iauth_query(auth);
+ }
+
+ /* Try to start DNS lookup. */
+ start_dns_query(auth);
+
+ /* Try to start ident lookup. */
+ start_auth_query(auth);
+
+ /* Add client to GlobalClientList. */
+ add_client_to_list(client);
+
+ /* Check which auth events remain pending. */
+ check_auth_finished(auth);
+}
+
+/** Mark that a user has PONGed while unregistered.
+ * @param[in] auth Authorization request for client.
+ * @param[in] cookie PONG cookie value sent by client.
+ * @return Zero if client should be kept, CPTR_KILLED if rejected.
+ */
+int auth_set_pong(struct AuthRequest *auth, unsigned int cookie)
+{
+ assert(auth != NULL);
+ if (!FlagHas(&auth->flags, AR_NEEDS_PONG))
+ return 0;
+ if (cookie != auth->cookie)
+ {
+ send_reply(auth->client, SND_EXPLICIT | ERR_BADPING,
+ ":To connect, type /QUOTE PONG %u", auth->cookie);
+ return 0;
+ }
+ cli_lasttime(auth->client) = CurrentTime;
+ FlagClr(&auth->flags, AR_NEEDS_PONG);
+ return check_auth_finished(auth);
+}
+
+/** Record a user's claimed username and userinfo.
+ * @param[in] auth Authorization request for client.
+ * @param[in] username Client's asserted username.
+ * @param[in] hostname Third argument of USER command (client's
+ * hostname, per RFC 1459).
+ * @param[in] servername Fourth argument of USER command (server's
+ * name, per RFC 1459).
+ * @param[in] userinfo Client's asserted self-description.
+ * @return Zero if client should be kept, CPTR_KILLED if rejected.
+ */
+int auth_set_user(struct AuthRequest *auth, const char *username, const char *hostname, const char *servername, const char *userinfo)
+{
+ struct Client *cptr;
+
+ assert(auth != NULL);
+ if (FlagHas(&auth->flags, AR_IAUTH_HURRY))
+ return 0;
+ FlagClr(&auth->flags, AR_NEEDS_USER);
+ cptr = auth->client;
+ ircd_strncpy(cli_info(cptr), userinfo, REALLEN);
+ ircd_strncpy(cli_user(cptr)->username, username, USERLEN);
+ ircd_strncpy(cli_user(cptr)->host, cli_sockhost(cptr), HOSTLEN);
+ if (IAuthHas(iauth, IAUTH_UNDERNET))
+ sendto_iauth(cptr, "U %s %s %s :%s", username, hostname, servername, userinfo);
+ else if (IAuthHas(iauth, IAUTH_ADDLINFO))
+ sendto_iauth(cptr, "U %s", username);
+ return check_auth_finished(auth);
+}
+
+/** Handle authorization-related aspects of initial nickname selection.
+ * This is called after verifying that the nickname is available.
+ * @param[in] auth Authorization request for client.
+ * @param[in] nickname Client's requested nickname.
+ * @return Zero if client should be kept, CPTR_KILLED if rejected.
+ */
+int auth_set_nick(struct AuthRequest *auth, const char *nickname)
+{
+ assert(auth != NULL);
+ FlagClr(&auth->flags, AR_NEEDS_NICK);
+ /*
+ * If the client hasn't gotten a cookie-ping yet,
+ * choose a cookie and send it. -record!jegelhof@cloud9.net
+ */
+ if (!auth->cookie) {
+ do {
+ auth->cookie = ircrandom();
+ } while (!auth->cookie);
+ sendrawto_one(auth->client, "PING :%u", auth->cookie);
+ FlagSet(&auth->flags, AR_NEEDS_PONG);
+ }
+ if (IAuthHas(iauth, IAUTH_UNDERNET))
+ sendto_iauth(auth->client, "n %s", nickname);
+ return check_auth_finished(auth);
+}
+
+/** Record a user's password.
+ * @param[in] auth Authorization request for client.
+ * @param[in] password Client's password.
+ * @return Zero if client should be kept, CPTR_KILLED if rejected.
+ */
+int auth_set_password(struct AuthRequest *auth, const char *password)
+{
+ assert(auth != NULL);
+ if (IAuthHas(iauth, IAUTH_ADDLINFO))
+ sendto_iauth(auth->client, "P :%s", password);
+ return 0;
+}
+
+/** Send exit notification for \a cptr to iauth.
+ * @param[in] cptr Client who is exiting.
+ */
+void auth_send_exit(struct Client *cptr)
+{
+ sendto_iauth(cptr, "D");
+}
+
+/** Forward an XREPLY on to iauth.
+ * @param[in] sptr Source of the XREPLY.
+ * @param[in] routing Routing information for the original XQUERY.
+ * @param[in] reply Contents of the reply.
+ */
+void auth_send_xreply(struct Client *sptr, const char *routing,
+ const char *reply)
+{
+ sendto_iauth(NULL, "X %#C %s :%s", sptr, routing, reply);
+}
+
+/** Mark that a user has started capabilities negotiation.
+ * This blocks authorization until auth_cap_done() is called.
+ * @param[in] auth Authorization request for client.
+ * @return Zero if client should be kept, CPTR_KILLED if rejected.
+ */
+int auth_cap_start(struct AuthRequest *auth)
+{
+ assert(auth != NULL);
+ FlagSet(&auth->flags, AR_CAP_PENDING);
+ return 0;
+}
+
+/** Mark that a user has completed capabilities negotiation.
+ * This unblocks authorization if auth_cap_start() was called.
+ * @param[in] auth Authorization request for client.
+ * @return Zero if client should be kept, CPTR_KILLED if rejected.
+ */
+int auth_cap_done(struct AuthRequest *auth)
+{
+ assert(auth != NULL);
+ FlagClr(&auth->flags, AR_CAP_PENDING);
+ return check_auth_finished(auth);
+}
+
+/** Attempt to spawn the process for an IAuth instance.
+ * @param[in] iauth IAuth descriptor.
+ * @param[in] automatic If non-zero, apply sanity checks against
+ * excessive automatic restarts.
+ * @return 0 on success, non-zero on failure.
+ */
+int iauth_do_spawn(struct IAuth *iauth, int automatic)
+{
+ pid_t cpid;
+ int s_io[2];
+ int s_err[2];
+ int res;
+
+ if (automatic && CurrentTime - iauth->started < 5)
+ {
+ sendto_opmask_butone(NULL, SNO_AUTH, "IAuth crashed fast, leaving it dead.");
+ return -1;
+ }
+
+ /* Record time we tried to spawn the iauth process. */
+ iauth->started = CurrentTime;
+
+ /* Attempt to allocate a pair of sockets. */
+ res = os_socketpair(s_io);
+ if (res) {
+ res = errno;
+ Debug((DEBUG_INFO, "Unable to create IAuth socketpair: %s", strerror(res)));
+ return res;
+ }
+
+ /* Mark the parent's side of the pair (element 0) as non-blocking. */
+ res = os_set_nonblocking(s_io[0]);
+ if (!res) {
+ res = errno;
+ Debug((DEBUG_INFO, "Unable to make IAuth socket non-blocking: %s", strerror(res)));
+ close(s_io[1]);
+ close(s_io[0]);
+ return res;
+ }
+
+ /* Initialize the socket structure to talk to the child. */
+ res = socket_add(i_socket(iauth), iauth_sock_callback, iauth,
+ SS_CONNECTED, SOCK_EVENT_READABLE, s_io[0]);
+ if (!res) {
+ res = errno;
+ Debug((DEBUG_INFO, "Unable to register IAuth socket: %s", strerror(res)));
+ close(s_io[1]);
+ close(s_io[0]);
+ return res;
+ }
+
+ /* Allocate another pair for stderr. */
+ res = os_socketpair(s_err);
+ if (res) {
+ res = errno;
+ Debug((DEBUG_INFO, "Unable to create IAuth stderr: %s", strerror(res)));
+ socket_del(i_socket(iauth));
+ close(s_io[1]);
+ close(s_io[0]);
+ return res;
+ }
+
+ /* Mark parent side of this pair non-blocking, too. */
+ res = os_set_nonblocking(s_err[0]);
+ if (!res) {
+ res = errno;
+ Debug((DEBUG_INFO, "Unable to make IAuth stderr non-blocking: %s", strerror(res)));
+ close(s_err[1]);
+ close(s_err[0]);
+ socket_del(i_socket(iauth));
+ close(s_io[1]);
+ close(s_io[0]);
+ return res;
+ }
+
+ /* And set up i_stderr(iauth). */
+ res = socket_add(i_stderr(iauth), iauth_stderr_callback, iauth,
+ SS_CONNECTED, SOCK_EVENT_READABLE, s_err[0]);
+ if (!res) {
+ res = errno;
+ Debug((DEBUG_INFO, "Unable to register IAuth stderr: %s", strerror(res)));
+ close(s_err[1]);
+ close(s_err[0]);
+ socket_del(i_socket(iauth));
+ close(s_io[1]);
+ close(s_io[0]);
+ return res;
+ }
+
+ /* Attempt to fork a child process. */
+ cpid = fork();
+ if (cpid < 0) {
+ /* Error forking the child, still in parent. */
+ res = errno;
+ Debug((DEBUG_INFO, "Unable to fork IAuth child: %s", strerror(res)));
+ socket_del(i_stderr(iauth));
+ close(s_err[1]);
+ close(s_err[0]);
+ socket_del(i_socket(iauth));
+ close(s_io[1]);
+ close(s_io[0]);
+ return res;
+ }
+
+ if (cpid > 0) {
+ /* We are the parent process. Close the child's sockets. */
+ close(s_io[1]);
+ close(s_err[1]);
+ /* Send our server name (supposedly for proxy checking purposes)
+ * and maximum number of connections (for allocation hints).
+ * Need to use conf_get_local() since &me may not be fully
+ * initialized the first time we run.
+ */
+ sendto_iauth(NULL, "M %s %d", conf_get_local()->name, MAXCONNECTIONS);
+ /* Indicate success (until the child dies). */
+ return 0;
+ }
+
+ /* We are the child process.
+ * Duplicate our end of the socket to stdin, stdout and stderr.
+ * Then close all the higher-numbered FDs and exec the process.
+ */
+ if (dup2(s_io[1], 0) == 0
+ && dup2(s_io[1], 1) == 1
+ && dup2(s_err[1], 2) == 2) {
+ close_connections(0);
+ execvp(iauth->i_argv[0], iauth->i_argv);
+ }
+
+ /* If we got here, something was seriously wrong. */
+ exit(EXIT_FAILURE);
+}
+
+/** See if an %IAuth program must be spawned.
+ * If a process is already running with the specified options, keep it.
+ * Otherwise spawn a new child process to perform the %IAuth function.
+ * @param[in] argc Number of parameters to use when starting process.
+ * @param[in] argv Array of parameters to start process.
+ * @return 0 on failure, 1 on new process, 2 on reuse of existing process.
+ */
+int auth_spawn(int argc, char *argv[])
+{
+ int ii;
+
+ if (iauth) {
+ int same = 1;
+
+ /* Check that incoming arguments all match pre-existing arguments. */
+ for (ii = 0; same && (ii < argc); ++ii) {
+ if (NULL == iauth->i_argv[ii]
+ || 0 != strcmp(iauth->i_argv[ii], argv[ii]))
+ same = 0;
+ }
+ /* Check that we have no more pre-existing arguments. */
+ if (same && iauth->i_argv[ii])
+ same = 0;
+ /* If they are the same and still connected, clear the "closing" flag and exit. */
+ if (same && i_GetConnected(iauth)) {
+ Debug((DEBUG_INFO, "Reusing existing IAuth process"));
+ IAuthClr(iauth, IAUTH_CLOSING);
+ return 2;
+ }
+ auth_close_unused();
+ }
+
+ /* Need to initialize a new connection. */
+ iauth = MyCalloc(1, sizeof(*iauth));
+ msgq_init(i_sendQ(iauth));
+ /* Populate iauth's argv array. */
+ iauth->i_argv = MyCalloc(argc + 1, sizeof(iauth->i_argv[0]));
+ for (ii = 0; ii < argc; ++ii)
+ DupString(iauth->i_argv[ii], argv[ii]);
+ iauth->i_argv[ii] = NULL;
+ /* Try to spawn it, and handle the results. */
+ if (iauth_do_spawn(iauth, 0))
+ return 0;
+ IAuthClr(iauth, IAUTH_CLOSING);
+ return 1;
+}
+
+/** Mark all %IAuth connections as closing. */
+void auth_mark_closing(void)
+{
+ if (iauth)
+ IAuthSet(iauth, IAUTH_CLOSING);
+}
+
+/** Complete disconnection of an %IAuth connection.
+ * @param[in] iauth %Connection to fully close.
+ */
+static void iauth_disconnect(struct IAuth *iauth)
+{
+ if (iauth == NULL)
+ return;
+
+ /* Close main socket. */
+ if (s_fd(i_socket(iauth)) != -1) {
+ close(s_fd(i_socket(iauth)));
+ socket_del(i_socket(iauth));
+ s_fd(i_socket(iauth)) = -1;
+ }
+
+ /* Close error socket. */
+ if (s_fd(i_stderr(iauth)) != -1) {
+ close(s_fd(i_stderr(iauth)));
+ socket_del(i_stderr(iauth));
+ s_fd(i_stderr(iauth)) = -1;
+ }
+}
+
+/** Close all %IAuth connections marked as closing. */
+void auth_close_unused(void)
+{
+ if (IAuthHas(iauth, IAUTH_CLOSING)) {
+ int ii;
+ iauth_disconnect(iauth);
+ if (iauth->i_argv) {
+ for (ii = 0; iauth->i_argv[ii]; ++ii)
+ MyFree(iauth->i_argv[ii]);
+ MyFree(iauth->i_argv);
+ }
+ MyFree(iauth);
+ }
+}
+
+/** Send queued output to \a iauth.
+ * @param[in] iauth Writable connection with queued data.
+ */
+static void iauth_write(struct IAuth *iauth)
+{
+ unsigned int bytes_tried, bytes_sent;
+ IOResult iores;
+
+ if (IAuthHas(iauth, IAUTH_BLOCKED))
+ return;
+ while (MsgQLength(i_sendQ(iauth)) > 0) {
+ iores = os_sendv_nonb(s_fd(i_socket(iauth)), i_sendQ(iauth), &bytes_tried, &bytes_sent);
+ switch (iores) {
+ case IO_SUCCESS:
+ msgq_delete(i_sendQ(iauth), bytes_sent);
+ iauth->i_sendB += bytes_sent;
+ if (bytes_tried == bytes_sent)
+ break;
+ /* If bytes_sent < bytes_tried, fall through to IO_BLOCKED. */
+ case IO_BLOCKED:
+ IAuthSet(iauth, IAUTH_BLOCKED);
+ socket_events(i_socket(iauth), SOCK_ACTION_ADD | SOCK_EVENT_WRITABLE);
+ return;
+ case IO_FAILURE:
+ iauth_disconnect(iauth);
+ return;
+ }
+ }
+ /* We were able to flush all events, so remove notification. */
+ socket_events(i_socket(iauth), SOCK_ACTION_DEL | SOCK_EVENT_WRITABLE);
+}
+
+/** Send a message to iauth.
+ * @param[in] cptr Optional client context for message.
+ * @param[in] format Format string for message.
+ * @return Non-zero on successful send or buffering, zero on failure.
+ */
+static int sendto_iauth(struct Client *cptr, const char *format, ...)
+{
+ struct VarData vd;
+ struct MsgBuf *mb;
+
+ /* Do not send requests when we have no iauth. */
+ if (!i_GetConnected(iauth))
+ return 0;
+ /* Do not send for clients in the NORMAL state. */
+ if (cptr
+ && (format[0] != 'D')
+ && (!cli_auth(cptr) || !FlagHas(&cli_auth(cptr)->flags, AR_IAUTH_PENDING)))
+ return 0;
+
+ /* Build the message buffer. */
+ vd.vd_format = format;
+ va_start(vd.vd_args, format);
+ if (0 == cptr)
+ mb = msgq_make(NULL, "-1 %v", &vd);
+ else
+ mb = msgq_make(NULL, "%d %v", cli_fd(cptr), &vd);
+ va_end(vd.vd_args);
+
+ /* Tack it onto the iauth sendq and try to write it. */
+ ++iauth->i_sendM;
+ msgq_add(i_sendQ(iauth), mb, 0);
+ msgq_clean(mb);
+ iauth_write(iauth);
+ return 1;
+}
+
+/** Send text to interested operators (SNO_AUTH server notice).
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters (1).
+ * @param[in] params Text to send.
+ * @return Zero.
+ */
+static int iauth_cmd_snotice(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ sendto_opmask_butone(NULL, SNO_AUTH, "%s", params[0]);
+ return 0;
+}
+
+/** Set the debug level for the session.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters (1).
+ * @param[in] params String starting with an integer.
+ * @return Zero.
+ */
+static int iauth_cmd_debuglevel(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ int new_level;
+
+ new_level = parc > 0 ? atoi(params[0]) : 0;
+ if (i_debug(iauth) > 0 || new_level > 0) {
+ /* The "ia_dbg" name is borrowed from (IRCnet) ircd. */
+ sendto_opmask_butone(NULL, SNO_AUTH, "ia_dbg = %d", new_level);
+ }
+ i_debug(iauth) = new_level;
+ return 0;
+}
+
+/** Set policy options for the session.
+ * Old policy is forgotten, and any of the following characters in \a
+ * params enable the corresponding policy:
+ * \li A IAUTH_ADDLINFO
+ * \li R IAUTH_REQUIRED
+ * \li T IAUTH_TIMEOUT
+ * \li W IAUTH_EXTRAWAIT
+ * \li U IAUTH_UNDERNET
+ *
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters (1).
+ * @param[in] params Zero or more policy options.
+ * @return Zero.
+ */
+static int iauth_cmd_policy(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ enum IAuthFlag flag;
+ char *p;
+
+ /* Erase old policy first. */
+ for (flag = IAUTH_FIRST_OPTION; flag < IAUTH_LAST_FLAG; ++flag)
+ IAuthClr(iauth, flag);
+
+ if (parc > 0) /* only try to parse if we were given a policy string */
+ /* Parse new policy set. */
+ for (p = params[0]; *p; p++) switch (*p) {
+ case 'A': IAuthSet(iauth, IAUTH_ADDLINFO); break;
+ case 'R': IAuthSet(iauth, IAUTH_REQUIRED); break;
+ case 'T': IAuthSet(iauth, IAUTH_TIMEOUT); break;
+ case 'W': IAuthSet(iauth, IAUTH_EXTRAWAIT); break;
+ case 'U': IAuthSet(iauth, IAUTH_UNDERNET); break;
+ }
+
+ /* Optionally notify operators. */
+ if (i_debug(iauth) > 0)
+ sendto_opmask_butone(NULL, SNO_AUTH, "iauth options: %s", params[0]);
+ return 0;
+}
+
+/** Set the iauth program version number.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters (1).
+ * @param[in] params Version number or name.
+ * @return Zero.
+ */
+static int iauth_cmd_version(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ MyFree(iauth->i_version);
+ DupString(iauth->i_version, parc > 0 ? params[0] : "<NONE>");
+ sendto_opmask_butone(NULL, SNO_AUTH, "iauth version %s running.",
+ iauth->i_version);
+ return 0;
+}
+
+/** Paste a parameter list together into a single string.
+ * @param[in] parc Number of parameters.
+ * @param[in] params Parameter list to paste together.
+ * @return Pasted parameter list.
+ */
+static char *paste_params(int parc, char **params)
+{
+ char *str, *tmp;
+ int len = 0, lengths[MAXPARA], i;
+
+ /* Compute the length... */
+ for (i = 0; i < parc; i++)
+ len += lengths[i] = strlen(params[i]);
+
+ /* Allocate memory, accounting for string lengths, spaces (parc - 1), a
+ * sentinel, and the trailing \0
+ */
+ str = MyMalloc(len + parc + 1);
+
+ /* Build the pasted string */
+ for (tmp = str, i = 0; i < parc; i++) {
+ if (i) /* add space separator... */
+ *(tmp++) = ' ';
+ if (i == parc - 1) /* add colon sentinel */
+ *(tmp++) = ':';
+
+ /* Copy string component... */
+ memcpy(tmp, params[i], lengths[i]);
+ tmp += lengths[i]; /* move to end of string */
+ }
+
+ /* terminate the string... */
+ *tmp = '\0';
+
+ return str; /* return the pasted string */
+}
+
+/** Clear cached iauth configuration information.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters (0).
+ * @param[in] params Parameter list (ignored).
+ * @return Zero.
+ */
+static int iauth_cmd_newconfig(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ struct SLink *head;
+ struct SLink *next;
+
+ head = iauth->i_config;
+ iauth->i_config = NULL;
+ for (; head; head = next) {
+ next = head->next;
+ MyFree(head->value.cp);
+ free_link(head);
+ }
+ sendto_opmask_butone(NULL, SNO_AUTH, "New iauth configuration.");
+ return 0;
+}
+
+/** Append iauth configuration information.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters.
+ * @param[in] params Description of configuration element.
+ * @return Zero.
+ */
+static int iauth_cmd_config(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ struct SLink *node;
+
+ if (iauth->i_config) {
+ for (node = iauth->i_config; node->next; node = node->next) ;
+ node = node->next = make_link();
+ } else {
+ node = iauth->i_config = make_link();
+ }
+ node->value.cp = paste_params(parc, params);
+ node->next = 0; /* must be explicitly cleared */
+ return 0;
+}
+
+/** Clear cached iauth configuration information.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters (0).
+ * @param[in] params Parameter list (ignored).
+ * @return Zero.
+ */
+static int iauth_cmd_newstats(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ struct SLink *head;
+ struct SLink *next;
+
+ head = iauth->i_stats;
+ iauth->i_stats = NULL;
+ for (; head; head = next) {
+ next = head->next;
+ MyFree(head->value.cp);
+ free_link(head);
+ }
+ sendto_opmask_butone(NULL, SNO_AUTH, "New iauth statistics.");
+ return 0;
+}
+
+/** Append iauth statistics information.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters.
+ * @param[in] params Statistics element.
+ * @return Zero.
+ */
+static int iauth_cmd_stats(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ struct SLink *node;
+ if (iauth->i_stats) {
+ for (node = iauth->i_stats; node->next; node = node->next) ;
+ node = node->next = make_link();
+ } else {
+ node = iauth->i_stats = make_link();
+ }
+ node->value.cp = paste_params(parc, params);
+ node->next = 0; /* must be explicitly cleared */
+ return 0;
+}
+
+/** Set client's username to a trusted string even if it breaks the rules.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters (1).
+ * @param[in] params Forced username.
+ * @return One.
+ */
+static int iauth_cmd_username_forced(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ assert(cli_auth(cli) != NULL);
+ FlagClr(&cli_auth(cli)->flags, AR_AUTH_PENDING);
+ if (!EmptyString(params[0])) {
+ ircd_strncpy(cli_username(cli), params[0], USERLEN);
+ SetGotId(cli);
+ FlagSet(&cli_auth(cli)->flags, AR_IAUTH_USERNAME);
+ FlagSet(&cli_auth(cli)->flags, AR_IAUTH_FUSERNAME);
+ }
+ return 1;
+}
+
+/** Set client's username to a trusted string.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters (1).
+ * @param[in] params Trusted username.
+ * @return One.
+ */
+static int iauth_cmd_username_good(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ assert(cli_auth(cli) != NULL);
+ FlagClr(&cli_auth(cli)->flags, AR_AUTH_PENDING);
+ if (!EmptyString(params[0])) {
+ ircd_strncpy(cli_username(cli), params[0], USERLEN);
+ SetGotId(cli);
+ FlagSet(&cli_auth(cli)->flags, AR_IAUTH_USERNAME);
+ }
+ return 1;
+}
+
+/** Set client's username to an untrusted string.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters (1).
+ * @param[in] params Untrusted username.
+ * @return One.
+ */
+static int iauth_cmd_username_bad(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ assert(cli_auth(cli) != NULL);
+ FlagClr(&cli_auth(cli)->flags, AR_AUTH_PENDING);
+ if (!EmptyString(params[0]))
+ ircd_strncpy(cli_user(cli)->username, params[0], USERLEN);
+ return 1;
+}
+
+/** Set client's hostname.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters (1).
+ * @param[in] params New hostname for client.
+ * @return Non-zero if \a cli authorization should be checked for completion.
+ */
+static int iauth_cmd_hostname(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ struct AuthRequest *auth;
+
+ if (EmptyString(params[0])) {
+ sendto_iauth(cli, "E Missing :Missing hostname parameter");
+ return 0;
+ }
+
+ auth = cli_auth(cli);
+ assert(auth != NULL);
+
+ /* If a DNS request is pending, abort it. */
+ if (FlagHas(&auth->flags, AR_DNS_PENDING)) {
+ FlagClr(&auth->flags, AR_DNS_PENDING);
+ delete_resolver_queries(auth);
+ if (IsUserPort(cli))
+ sendheader(cli, REPORT_FIN_DNS);
+ }
+ /* Set hostname from params. */
+ ircd_strncpy(cli_sockhost(cli), params[0], HOSTLEN);
+ /* If we have gotten here, the user is in a "hurry" state and has
+ * been pre-registered. Their hostname was set during that, and
+ * needs to be overwritten now.
+ */
+ if (FlagHas(&auth->flags, AR_IAUTH_HURRY)) {
+ ircd_strncpy(cli_user(cli)->host, cli_sockhost(cli), HOSTLEN);
+ ircd_strncpy(cli_user(cli)->realhost, cli_sockhost(cli), HOSTLEN);
+ }
+ return 1;
+}
+
+/** Set client's IP address.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters (1).
+ * @param[in] params New IP address for client in dotted quad or
+ * standard IPv6 format.
+ * @return Zero.
+ */
+static int iauth_cmd_ip_address(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ struct irc_in_addr addr;
+ struct AuthRequest *auth;
+
+ if (EmptyString(params[0])) {
+ sendto_iauth(cli, "E Missing :Missing IP address parameter");
+ return 0;
+ }
+
+ /* Get AuthRequest for client. */
+ auth = cli_auth(cli);
+ assert(auth != NULL);
+
+ /* Parse the client's new IP address. */
+ if (!ircd_aton(&addr, params[0])) {
+ sendto_iauth(cli, "E Invalid :Unable to parse IP address [%s]", params[0]);
+ return 0;
+ }
+
+ /* If this is the first IP override, save the client's original
+ * address in case we get a DNS response later.
+ */
+ if (!irc_in_addr_valid(&auth->original))
+ memcpy(&auth->original, &cli_ip(cli), sizeof(auth->original));
+
+ /* Undo original IP connection in IPcheck. */
+ IPcheck_connect_fail(cli);
+ ClearIPChecked(cli);
+
+ /* Update the IP and charge them as a remote connect. */
+ memcpy(&cli_ip(cli), &addr, sizeof(cli_ip(cli)));
+ IPcheck_remote_connect(cli, 0);
+
+ return 0;
+}
+
+/** Find a ConfItem structure for a named connection class.
+ * @param[in] class_name Name of configuration class to find.
+ * @return A ConfItem of type CONF_CLIENT for the class, or NULL on failure.
+ */
+static struct ConfItem *auth_find_class_conf(const char *class_name)
+{
+ static struct ConfItem *aconf_list;
+ struct ConnectionClass *class;
+ struct ConfItem *aconf;
+
+ /* Make sure the configuration class is valid. */
+ class = find_class(class_name);
+ if (!class || !class->valid)
+ return NULL;
+
+ /* Look for an existing ConfItem for the class. */
+ for (aconf = aconf_list; aconf; aconf = aconf->next)
+ if (aconf->conn_class == class)
+ break;
+
+ /* If no ConfItem, create one. */
+ if (!aconf) {
+ aconf = make_conf(CONF_CLIENT);
+ if (!aconf) {
+ sendto_opmask_butone(NULL, SNO_AUTH,
+ "Unable to allocate ConfItem for class %s!",
+ ConClass(class));
+ return NULL;
+ }
+ /* make_conf() "helpfully" links the conf into GlobalConfList,
+ * which we do not want, so undo that. (Ugh.)
+ */
+ if (aconf == GlobalConfList) {
+ GlobalConfList = aconf->next;
+ }
+ /* Back to business as usual. */
+ aconf->conn_class = class;
+ aconf->next = aconf_list;
+ aconf_list = aconf;
+ }
+
+ return aconf;
+}
+
+/** Accept a client in IAuth.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters.
+ * @param[in] params Optional class name for client.
+ * @return Negative (CPTR_KILLED) if the connection is refused, one otherwise.
+ */
+static int iauth_cmd_done_client(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ static time_t warn_time;
+
+ /* Clear iauth pending flag. */
+ assert(cli_auth(cli) != NULL);
+ FlagClr(&cli_auth(cli)->flags, AR_IAUTH_PENDING);
+
+ /* If a connection class was specified (and usable), assign the client to it. */
+ if (!EmptyString(params[0])) {
+ struct ConfItem *aconf;
+
+ aconf = auth_find_class_conf(params[0]);
+ if (aconf) {
+ enum AuthorizationCheckResult acr;
+
+ acr = attach_conf(cli, aconf);
+ switch (acr) {
+ case ACR_OK:
+ /* There should maybe be some way to set FLAG_DOID here.. */
+ break;
+ case ACR_TOO_MANY_IN_CLASS:
+ ++ServerStats->is_ref;
+ return exit_client(cli, cli, &me,
+ "Sorry, your connection class is full - try "
+ "again later or try another server");
+ default:
+ log_write(LS_IAUTH, L_ERROR, 0, "IAuth: Unexpected AuthorizationCheckResult %d from attach_conf()", acr);
+ break;
+ }
+ } else
+ sendto_opmask_butone_ratelimited(NULL, SNO_AUTH, &warn_time,
+ "iauth tried to use undefined class [%s]",
+ params[0]);
+ }
+
+ return 1;
+}
+
+/** Accept a client in IAuth and assign them to an account.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters.
+ * @param[in] params Account name and optional class name for client.
+ * @return Negative if the connection is refused, otherwise non-zero
+ * if \a cli authorization should be checked for completion.
+ */
+static int iauth_cmd_done_account(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ size_t len;
+
+ /* Sanity check. */
+ if (EmptyString(params[0])) {
+ sendto_iauth(cli, "E Missing :Missing account parameter");
+ return 0;
+ }
+ /* Check length of account name. */
+ len = strcspn(params[0], ": ");
+ if (len > ACCOUNTLEN) {
+ sendto_iauth(cli, "E Invalid :Account parameter too long");
+ return 0;
+ }
+ /* If account has a creation timestamp, use it. */
+ assert(cli_user(cli) != NULL);
+ if (params[0][len] == ':') {
+ cli_user(cli)->acc_create = strtoul(params[0] + len + 1, NULL, 10);
+ params[0][len] = '\0';
+ }
+
+ /* Copy account name to User structure. */
+ ircd_strncpy(cli_user(cli)->account, params[0], ACCOUNTLEN);
+ SetAccount(cli);
+
+ /* Fall through to the normal "done" handler. */
+ return iauth_cmd_done_client(iauth, cli, parc - 1, params + 1);
+}
+
+/** Reject a client's connection.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters (1).
+ * @param[in] params Optional kill message.
+ * @return Zero.
+ */
+static int iauth_cmd_kill(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ if (cli_auth(cli))
+ FlagClr(&cli_auth(cli)->flags, AR_IAUTH_PENDING);
+ if (EmptyString(params[0]))
+ params[0] = "Access denied";
+ exit_client(cli, cli, &me, params[0]);
+ return 0;
+}
+
+/** Change a client's usermode.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters (at least one).
+ * @param[in] params Usermode arguments for client (with the first
+ * starting with '+').
+ * @return Zero.
+ */
+static int iauth_cmd_usermode(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ if (params[0][0] == '+')
+ {
+ set_user_mode(cli, cli, parc + 2, params - 2, ALLOWMODES_ANY);
+ }
+ return 0;
+}
+
+
+/** Send a challenge string to the client.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters (1).
+ * @param[in] params Challenge message for client.
+ * @return Zero.
+ */
+static int iauth_cmd_challenge(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ if (!EmptyString(params[0]))
+ sendrawto_one(cli, "NOTICE AUTH :*** %s", params[0]);
+ return 0;
+}
+
+/** Send an extension query to a specified remote server.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] cli Client referenced by command.
+ * @param[in] parc Number of parameters (3).
+ * @param[in] params Remote server, routing information, and query.
+ * @return Zero.
+ */
+static int iauth_cmd_xquery(struct IAuth *iauth, struct Client *cli,
+ int parc, char **params)
+{
+ char *serv;
+ const char *routing;
+ const char *query;
+ struct Client *acptr;
+
+ /* Process parameters */
+ if (EmptyString(params[0])) {
+ sendto_iauth(cli, "E Missing :Missing server parameter");
+ return 0;
+ } else
+ serv = params[0];
+
+ if (EmptyString(params[1])) {
+ sendto_iauth(cli, "E Missing :Missing routing parameter");
+ return 0;
+ } else
+ routing = params[1];
+
+ if (EmptyString(params[2])) {
+ sendto_iauth(cli, "E Missing :Missing query parameter");
+ return 0;
+ } else
+ query = params[2];
+
+ /* Try to find the specified server */
+ if (!(acptr = find_match_server(serv))) {
+ sendto_iauth(cli, "x %s %s :Server not online", serv, routing);
+ return 0;
+ }
+
+ /* If it's to us, do nothing; otherwise, forward the query */
+ if (!IsMe(acptr))
+ /* The "iauth:" prefix helps ircu route the reply to iauth */
+ sendcmdto_one(&me, CMD_XQUERY, acptr, "%C iauth:%s :%s", acptr, routing,
+ query);
+
+ return 0;
+}
+
+/** Parse a \a message from \a iauth.
+ * @param[in] iauth Active IAuth session.
+ * @param[in] message Message to be parsed.
+ */
+static void iauth_parse(struct IAuth *iauth, char *message)
+{
+ char *params[MAXPARA + 1]; /* leave space for NULL */
+ int parc = 0;
+ iauth_cmd_handler handler;
+ struct AuthRequest *auth;
+ struct Client *cli;
+ int has_cli;
+ int id;
+
+ /* Find command handler... */
+ switch (*(message++)) {
+ case '>': handler = iauth_cmd_snotice; has_cli = 0; break;
+ case 'G': handler = iauth_cmd_debuglevel; has_cli = 0; break;
+ case 'O': handler = iauth_cmd_policy; has_cli = 0; break;
+ case 'V': handler = iauth_cmd_version; has_cli = 0; break;
+ case 'a': handler = iauth_cmd_newconfig; has_cli = 0; break;
+ case 'A': handler = iauth_cmd_config; has_cli = 0; break;
+ case 's': handler = iauth_cmd_newstats; has_cli = 0; break;
+ case 'S': handler = iauth_cmd_stats; has_cli = 0; break;
+ case 'X': handler = iauth_cmd_xquery; has_cli = 0; break;
+ case 'o': handler = iauth_cmd_username_forced; has_cli = 1; break;
+ case 'U': handler = iauth_cmd_username_good; has_cli = 1; break;
+ case 'u': handler = iauth_cmd_username_bad; has_cli = 1; break;
+ case 'N': handler = iauth_cmd_hostname; has_cli = 1; break;
+ case 'I': handler = iauth_cmd_ip_address; has_cli = 1; break;
+ case 'M': handler = iauth_cmd_usermode; has_cli = 1; break;
+ case 'C': handler = iauth_cmd_challenge; has_cli = 1; break;
+ case 'D': handler = iauth_cmd_done_client; has_cli = 1; break;
+ case 'R': handler = iauth_cmd_done_account; has_cli = 1; break;
+ case 'k': /* The 'k' command indicates the user should be booted
+ * off without telling opers. There is no way to
+ * signal that to exit_client(), so we fall through to
+ * the case that we do implement.
+ */
+ case 'K': handler = iauth_cmd_kill; has_cli = 2; break;
+ case 'r': /* we handle termination directly */ return;
+ default: sendto_iauth(NULL, "E Garbage :[%s]", message); return;
+ }
+
+ while (parc < MAXPARA) {
+ while (IsSpace(*message)) /* skip leading whitespace */
+ message++;
+
+ if (!*message) /* hit the end of the string, break out */
+ break;
+
+ if (*message == ':') { /* found sentinel... */
+ params[parc++] = message + 1;
+ break; /* it's the last parameter anyway */
+ }
+
+ params[parc++] = message; /* save the parameter */
+ while (*message && !IsSpace(*message))
+ message++; /* find the end of the parameter */
+
+ if (*message) /* terminate the parameter */
+ *(message++) = '\0';
+ }
+
+ params[parc] = NULL; /* terminate the parameter list */
+
+ /* Check to see if the command specifies a client... */
+ if (!has_cli) {
+ /* Handler does not need a client. */
+ handler(iauth, NULL, parc, params);
+ } else {
+ /* Try to find the client associated with the request. */
+ id = strtol(params[0], NULL, 10);
+ if (parc < 3)
+ sendto_iauth(NULL, "E Missing :Need <id> <ip> <port>");
+ else if (id < 0 || id > HighestFd || !(cli = LocalClientArray[id]))
+ /* Client no longer exists (or never existed). */
+ sendto_iauth(NULL, "E Gone :[%s %s %s]", params[0], params[1],
+ params[2]);
+ else if ((!(auth = cli_auth(cli)) ||
+ !FlagHas(&auth->flags, AR_IAUTH_PENDING)) &&
+ has_cli == 1)
+ /* Client is done with IAuth checks. */
+ sendto_iauth(cli, "E Done :[%s %s %s]", params[0], params[1], params[2]);
+ else {
+ struct irc_sockaddr addr;
+ int res;
+
+ /* Parse IP address and port number from parameters */
+ res = ipmask_parse(params[1], &addr.addr, NULL);
+ addr.port = strtol(params[2], NULL, 10);
+
+ /* Check IP address and port number against expected. */
+ if (0 == res ||
+ irc_in_addr_cmp(&addr.addr, &cli_ip(cli)) ||
+ (auth && addr.port != auth->port))
+ /* Report mismatch to iauth. */
+ sendto_iauth(cli, "E Mismatch :[%s] != [%s]", params[1],
+ ircd_ntoa(&cli_ip(cli)));
+ else if (handler(iauth, cli, parc - 3, params + 3) > 0)
+ /* Handler indicated a possible state change. */
+ check_auth_finished(auth);
+ }
+ }
+}
+
+/** Read input from \a iauth.
+ * Reads up to SERVER_TCP_WINDOW bytes per pass.
+ * @param[in] iauth Readable connection.
+ */
+static void iauth_read(struct IAuth *iauth)
+{
+ static char readbuf[SERVER_TCP_WINDOW];
+ unsigned int length, count;
+ char *sol;
+ char *eol;
+
+ /* Copy partial data to readbuf, append new data. */
+ length = iauth->i_count;
+ memcpy(readbuf, iauth->i_buffer, length);
+ if (IO_SUCCESS != os_recv_nonb(s_fd(i_socket(iauth)),
+ readbuf + length,
+ sizeof(readbuf) - length - 1,
+ &count))
+ return;
+ readbuf[length += count] = '\0';
+
+ /* Parse each complete line. */
+ for (sol = readbuf; (eol = strchr(sol, '\n')) != NULL; sol = eol + 1) {
+ *eol = '\0';
+ if (*(eol - 1) == '\r') /* take out carriage returns, too... */
+ *(eol - 1) = '\0';
+
+ /* If spammy debug, send the message to opers. */
+ if (i_debug(iauth) > 1)
+ sendto_opmask_butone(NULL, SNO_AUTH, "Parsing: \"%s\"", sol);
+
+ /* Parse the line... */
+ iauth_parse(iauth, sol);
+ }
+
+ /* Put unused data back into connection's buffer. */
+ iauth->i_count = strlen(sol);
+ if (iauth->i_count > BUFSIZE)
+ iauth->i_count = BUFSIZE;
+ memcpy(iauth->i_buffer, sol, iauth->i_count);
+}
+
+/** Handle socket activity for an %IAuth connection.
+ * @param[in] ev &Socket event; the IAuth connection is the user data
+ * pointer for the socket.
+ */
+static void iauth_sock_callback(struct Event *ev)
+{
+ struct IAuth *iauth;
+
+ assert(0 != ev_socket(ev));
+ iauth = (struct IAuth*) s_data(ev_socket(ev));
+ assert(0 != iauth);
+
+ switch (ev_type(ev)) {
+ case ET_DESTROY:
+ /* Hm, what happened here? */
+ if (!IAuthHas(iauth, IAUTH_CLOSING))
+ iauth_do_spawn(iauth, 1);
+ break;
+ case ET_READ:
+ iauth_read(iauth);
+ break;
+ case ET_WRITE:
+ IAuthClr(iauth, IAUTH_BLOCKED);
+ iauth_write(iauth);
+ break;
+ case ET_ERROR:
+ log_write(LS_IAUTH, L_ERROR, 0, "IAuth socket error: %s", strerror(ev_data(ev)));
+ /* and fall through to the ET_EOF case */
+ case ET_EOF:
+ iauth_disconnect(iauth);
+ break;
+ default:
+ assert(0 && "Unrecognized event type");
+ break;
+ }
+}
+
+/** Read error input from \a iauth.
+ * @param[in] iauth Readable connection.
+ */
+static void iauth_read_stderr(struct IAuth *iauth)
+{
+ static char readbuf[SERVER_TCP_WINDOW];
+ unsigned int length, count;
+ char *sol;
+ char *eol;
+
+ /* Copy partial data to readbuf, append new data. */
+ length = iauth->i_errcount;
+ memcpy(readbuf, iauth->i_errbuf, length);
+ if (IO_SUCCESS != os_recv_nonb(s_fd(i_stderr(iauth)),
+ readbuf + length,
+ sizeof(readbuf) - length - 1,
+ &count))
+ return;
+ readbuf[length += count] = '\0';
+
+ /* Send each complete line to SNO_AUTH. */
+ for (sol = readbuf; (eol = strchr(sol, '\n')) != NULL; sol = eol + 1) {
+ *eol = '\0';
+ if (*(eol - 1) == '\r') /* take out carriage returns, too... */
+ *(eol - 1) = '\0';
+ Debug((DEBUG_ERROR, "IAuth error: %s", sol));
+ log_write(LS_IAUTH, L_ERROR, 0, "IAuth error: %s", sol);
+ sendto_opmask_butone(NULL, SNO_AUTH, "%s", sol);
+ }
+
+ /* Put unused data back into connection's buffer. */
+ iauth->i_errcount = strlen(sol);
+ if (iauth->i_errcount > BUFSIZE)
+ iauth->i_errcount = BUFSIZE;
+ memcpy(iauth->i_errbuf, sol, iauth->i_errcount);
+}
+
+/** Handle error socket activity for an %IAuth connection.
+ * @param[in] ev &Socket event; the IAuth connection is the user data
+ * pointer for the socket.
+ */
+static void iauth_stderr_callback(struct Event *ev)
+{
+ struct IAuth *iauth;
+
+ assert(0 != ev_socket(ev));
+ iauth = (struct IAuth*) s_data(ev_socket(ev));
+ assert(0 != iauth);
+
+ switch (ev_type(ev)) {
+ case ET_DESTROY:
+ /* We do not restart iauth here: the stdout handler does that for us. */
+ break;
+ case ET_READ:
+ iauth_read_stderr(iauth);
+ break;
+ case ET_ERROR:
+ log_write(LS_IAUTH, L_ERROR, 0, "IAuth stderr error: %s", strerror(ev_data(ev)));
+ /* and fall through to the ET_EOF case */
+ case ET_EOF:
+ iauth_disconnect(iauth);
+ break;
+ default:
+ assert(0 && "Unrecognized event type");
+ break;
+ }
+}
+
+/** Report active iauth's configuration to \a cptr.
+ * @param[in] cptr Client requesting statistics.
+ * @param[in] sd Stats descriptor for request.
+ * @param[in] param Extra parameter from user (may be NULL).
+ */
+void report_iauth_conf(struct Client *cptr, const struct StatDesc *sd, char *param)
+{
+ struct SLink *link;
+
+ if (iauth) for (link = iauth->i_config; link; link = link->next)
+ {
+ send_reply(cptr, SND_EXPLICIT | RPL_STATSDEBUG, ":%s",
+ link->value.cp);
+ }
+}
+
+/** Report active iauth's statistics to \a cptr.
+ * @param[in] cptr Client requesting statistics.
+ * @param[in] sd Stats descriptor for request.
+ * @param[in] param Extra parameter from user (may be NULL).
+ */
+ void report_iauth_stats(struct Client *cptr, const struct StatDesc *sd, char *param)
+{
+ struct SLink *link;
+
+ if (iauth) for (link = iauth->i_stats; link; link = link->next)
+ {
+ send_reply(cptr, SND_EXPLICIT | RPL_STATSDEBUG, ":%s",
+ link->value.cp);
+ }
+}