2 * IRC - Internet Relay Chat, ircd/s_conf.c
3 * Copyright (C) 1990 Jarkko Oikarinen and
4 * University of Oulu, Computing Center
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 1, or (at your option)
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 #include "ircd_features.h"
34 #include "ircd_alloc.h"
35 #include "ircd_auth.h"
36 #include "ircd_chattr.h"
38 #include "ircd_reply.h"
39 #include "ircd_snprintf.h"
40 #include "ircd_string.h"
59 #include <arpa/inet.h>
69 struct ConfItem *GlobalConfList = 0;
70 int GlobalConfCount = 0;
71 struct s_map *GlobalServiceMapList = 0;
72 struct qline *GlobalQuarantineList = 0;
77 struct LocalConf localConf;
78 struct CRuleConf* cruleConfList;
79 /* struct ServerConf* serverConfList; */
80 struct DenyConf* denyConfList;
83 * output the reason for being k lined from a file - Mmmm
84 * sptr is client being dumped
85 * filename is the file that is to be output to the K lined client
87 static void killcomment(struct Client* sptr, const char* filename)
94 if (NULL == (file = fbopen(filename, "r"))) {
95 send_reply(sptr, ERR_NOMOTD);
96 send_reply(sptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP,
97 ":Connection from your host is refused on this server.");
101 tm = localtime((time_t*) &sb.st_mtime); /* NetBSD needs cast */
102 while (fbgets(line, sizeof(line) - 1, file)) {
103 char* end = line + strlen(line);
106 if ('\n' == *end || '\r' == *end)
111 send_reply(sptr, RPL_MOTD, line);
113 send_reply(sptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP,
114 ":Connection from your host is refused on this server.");
118 struct ConfItem* make_conf(void)
120 struct ConfItem* aconf;
122 aconf = (struct ConfItem*) MyMalloc(sizeof(struct ConfItem));
127 memset(aconf, 0, sizeof(struct ConfItem));
128 aconf->status = CONF_ILLEGAL;
132 void delist_conf(struct ConfItem *aconf)
134 if (aconf == GlobalConfList)
135 GlobalConfList = GlobalConfList->next;
137 struct ConfItem *bconf;
139 for (bconf = GlobalConfList; aconf != bconf->next; bconf = bconf->next)
141 bconf->next = aconf->next;
146 void free_conf(struct ConfItem *aconf)
148 Debug((DEBUG_DEBUG, "free_conf: %s %s %d",
149 aconf->host ? aconf->host : "*",
150 aconf->name ? aconf->name : "*",
151 aconf->address.port));
152 if (aconf->dns_pending)
153 delete_resolver_queries(aconf);
156 memset(aconf->passwd, 0, strlen(aconf->passwd));
157 MyFree(aconf->passwd);
166 * detach_conf - Disassociate configuration from the client.
168 static void detach_conf(struct Client* cptr, struct ConfItem* aconf)
175 assert(0 < aconf->clients);
177 lp = &(cli_confs(cptr));
180 if ((*lp)->value.aconf == aconf) {
181 if (aconf->conn_class && (aconf->status & CONF_CLIENT_MASK) && ConfLinks(aconf) > 0)
184 assert(0 < aconf->clients);
185 if (0 == --aconf->clients && IsIllegal(aconf))
197 * conf_dns_callback - called when resolver query finishes
198 * if the query resulted in a successful search, hp will contain
199 * a non-null pointer, otherwise hp will be null.
200 * if successful save hp in the conf item it was called with
202 static void conf_dns_callback(void* vptr, struct DNSReply* hp)
204 struct ConfItem* aconf = (struct ConfItem*) vptr;
206 aconf->dns_pending = 0;
208 memcpy(&aconf->address.addr, &hp->addr, sizeof(aconf->address.addr));
214 * conf_dns_lookup - do a nameserver lookup of the conf host
215 * if the conf entry is currently doing a ns lookup do nothing, otherwise
216 * if the lookup returns a null pointer, set the conf dns_pending flag
218 static void conf_dns_lookup(struct ConfItem* aconf)
220 if (!aconf->dns_pending) {
221 char buf[HOSTLEN + 1];
222 struct DNSQuery query;
224 query.callback = conf_dns_callback;
225 host_from_uh(buf, aconf->host, HOSTLEN);
228 gethost_byname(buf, &query);
229 aconf->dns_pending = 1;
237 * Do (start) DNS lookups of all hostnames in the conf line and convert
238 * an IP addresses in a.b.c.d number for to IP#s.
241 lookup_confhost(struct ConfItem *aconf)
243 if (EmptyString(aconf->host) || EmptyString(aconf->name)) {
244 Debug((DEBUG_ERROR, "Host/server name error: (%s) (%s)",
245 aconf->host, aconf->name));
248 if (aconf->origin_name
249 && !ircd_aton(&aconf->origin.addr, aconf->origin_name)) {
250 Debug((DEBUG_ERROR, "Origin name error: (%s) (%s)",
251 aconf->origin_name, aconf->name));
254 * Do name lookup now on hostnames given and store the
255 * ip numbers in conf structure.
257 if (IsIP6Char(*aconf->host)) {
258 if (!ircd_aton(&aconf->address.addr, aconf->host)) {
259 Debug((DEBUG_ERROR, "Host/server name error: (%s) (%s)",
260 aconf->host, aconf->name));
264 conf_dns_lookup(aconf);
268 * conf_find_server - find a server by name or hostname
269 * returns a server conf item pointer if found, 0 otherwise
271 * NOTE: at some point when we don't have to scan the entire
272 * list it may be cheaper to look for server names and host
273 * names in separate loops (original code did it that way)
275 struct ConfItem* conf_find_server(const char* name)
277 struct ConfItem* conf;
280 for (conf = GlobalConfList; conf; conf = conf->next) {
281 if (CONF_SERVER == conf->status) {
283 * Check first servernames, then try hostnames.
284 * XXX - match returns 0 if there _is_ a match... guess they
285 * haven't decided what true is yet
287 if (0 == match(name, conf->name))
295 * conf_eval_crule - evaluate connection rules
296 * returns the name of the rule triggered if found, 0 otherwise
298 * Evaluate connection rules... If no rules found, allow the
299 * connect. Otherwise stop with the first true rule (ie: rules
300 * are ored together. Oper connects are effected only by D
301 * lines (CRULE_ALL) not d lines (CRULE_AUTO).
303 const char* conf_eval_crule(const char* name, int mask)
305 struct CRuleConf* p = cruleConfList;
308 for ( ; p; p = p->next) {
309 if (0 != (p->type & mask) && 0 == match(p->hostmask, name)) {
310 if (crule_eval(p->node))
318 * Remove all conf entries from the client except those which match
319 * the status field mask.
321 void det_confs_butmask(struct Client* cptr, int mask)
327 for (link = cli_confs(cptr); link; link = next) {
329 if ((link->value.aconf->status & mask) == 0)
330 detach_conf(cptr, link->value.aconf);
335 * check_limit_and_attach - check client limits and attach I:line
337 * Made it accept 1 charactor, and 2 charactor limits (0->99 now),
338 * and dislallow more than 255 people here as well as in ipcheck.
339 * removed the old "ONE" scheme too.
340 * -- Isomer 2000-06-22
342 static enum AuthorizationCheckResult
343 check_limit_and_attach(struct Client* cptr, struct ConfItem* aconf)
348 if (IsDigit(*aconf->passwd) && !aconf->passwd[1])
349 number = *aconf->passwd-'0';
350 else if (IsDigit(*aconf->passwd) && IsDigit(aconf->passwd[1]) &&
352 number = (*aconf->passwd-'0')*10+(aconf->passwd[1]-'0');
354 if (IPcheck_nr(cptr) > number)
355 return ACR_TOO_MANY_FROM_IP;
356 return attach_conf(cptr, aconf);
360 * Find the first (best) I line to attach.
362 enum AuthorizationCheckResult attach_iline(struct Client* cptr)
364 struct ConfItem* aconf;
365 static char uhost[HOSTLEN + USERLEN + 3];
366 static char fullname[HOSTLEN + 1];
367 struct DNSReply* hp = 0;
371 if (cli_dns_reply(cptr))
372 hp = cli_dns_reply(cptr);
374 for (aconf = GlobalConfList; aconf; aconf = aconf->next) {
375 if (aconf->status != CONF_CLIENT)
377 if (aconf->address.port && aconf->address.port != cli_listener(cptr)->addr.port)
379 if (!aconf->host || !aconf->name)
382 ircd_strncpy(fullname, hp->h_name, HOSTLEN);
383 fullname[HOSTLEN] = '\0';
385 Debug((DEBUG_DNS, "a_il: %s->%s", cli_sockhost(cptr), fullname));
387 if (strchr(aconf->name, '@')) {
388 strcpy(uhost, cli_username(cptr));
393 strncat(uhost, fullname, sizeof(uhost) - 1 - strlen(uhost));
394 uhost[sizeof(uhost) - 1] = 0;
395 if (0 == match(aconf->name, uhost)) {
396 if (strchr(uhost, '@'))
397 SetFlag(cptr, FLAG_DOID);
398 return check_limit_and_attach(cptr, aconf);
401 if (strchr(aconf->host, '@')) {
402 ircd_strncpy(uhost, cli_username(cptr), sizeof(uhost) - 2);
403 uhost[sizeof(uhost) - 2] = 0;
408 strncat(uhost, cli_sock_ip(cptr), sizeof(uhost) - 1 - strlen(uhost));
409 uhost[sizeof(uhost) - 1] = 0;
410 if (match(aconf->host, uhost))
412 if (strchr(uhost, '@'))
413 SetFlag(cptr, FLAG_DOID);
415 return check_limit_and_attach(cptr, aconf);
417 return ACR_NO_AUTHORIZATION;
420 static int is_attached(struct ConfItem *aconf, struct Client *cptr)
424 for (lp = cli_confs(cptr); lp; lp = lp->next) {
425 if (lp->value.aconf == aconf)
434 * Associate a specific configuration entry to a *local*
435 * client (this is the one which used in accepting the
436 * connection). Note, that this automaticly changes the
437 * attachment if there was an old one...
439 enum AuthorizationCheckResult attach_conf(struct Client *cptr, struct ConfItem *aconf)
443 if (is_attached(aconf, cptr))
444 return ACR_ALREADY_AUTHORIZED;
445 if (IsIllegal(aconf))
446 return ACR_NO_AUTHORIZATION;
447 if ((aconf->status & (CONF_OPERATOR | CONF_CLIENT)) &&
448 ConfLinks(aconf) >= ConfMaxLinks(aconf) && ConfMaxLinks(aconf) > 0)
449 return ACR_TOO_MANY_IN_CLASS; /* Use this for printing error message */
451 lp->next = cli_confs(cptr);
452 lp->value.aconf = aconf;
453 cli_confs(cptr) = lp;
455 if (aconf->status & CONF_CLIENT_MASK)
460 const struct LocalConf* conf_get_local(void)
466 * attach_confs_byname
468 * Attach a CONF line to a client if the name passed matches that for
469 * the conf file (for non-C/N lines) or is an exact match (C/N lines
470 * only). The difference in behaviour is to stop C:*::* and N:*::*.
472 struct ConfItem* attach_confs_byname(struct Client* cptr, const char* name,
475 struct ConfItem* tmp;
476 struct ConfItem* first = NULL;
480 if (HOSTLEN < strlen(name))
483 for (tmp = GlobalConfList; tmp; tmp = tmp->next) {
484 if (0 != (tmp->status & statmask) && !IsIllegal(tmp)) {
485 assert(0 != tmp->name);
486 if (0 == match(tmp->name, name) || 0 == ircd_strcmp(tmp->name, name)) {
487 if (ACR_OK == attach_conf(cptr, tmp) && !first)
496 * Added for new access check meLazy
498 struct ConfItem* attach_confs_byhost(struct Client* cptr, const char* host,
501 struct ConfItem* tmp;
502 struct ConfItem* first = 0;
505 if (HOSTLEN < strlen(host))
508 for (tmp = GlobalConfList; tmp; tmp = tmp->next) {
509 if (0 != (tmp->status & statmask) && !IsIllegal(tmp)) {
510 assert(0 != tmp->host);
511 if (0 == match(tmp->host, host) || 0 == ircd_strcmp(tmp->host, host)) {
512 if (ACR_OK == attach_conf(cptr, tmp) && !first)
521 * find a conf entry which matches the hostname and has the same name.
523 struct ConfItem* find_conf_exact(const char* name, const char* user,
524 const char* host, int statmask)
526 struct ConfItem *tmp;
527 char userhost[USERLEN + HOSTLEN + 3];
530 ircd_snprintf(0, userhost, sizeof(userhost), "%s@%s", user, host);
532 ircd_strncpy(userhost, host, sizeof(userhost) - 1);
534 for (tmp = GlobalConfList; tmp; tmp = tmp->next) {
535 if (!(tmp->status & statmask) || !tmp->name || !tmp->host ||
536 0 != ircd_strcmp(tmp->name, name))
539 * Accept if the *real* hostname (usually sockecthost)
540 * socket host) matches *either* host or name field
541 * of the configuration.
543 if (match(tmp->host, userhost))
545 if (tmp->status & CONF_OPERATOR) {
546 if (tmp->clients < MaxLinks(tmp->conn_class))
557 struct ConfItem* find_conf_byname(struct SLink* lp, const char* name,
560 struct ConfItem* tmp;
563 if (HOSTLEN < strlen(name))
566 for (; lp; lp = lp->next) {
567 tmp = lp->value.aconf;
568 if (0 != (tmp->status & statmask)) {
569 assert(0 != tmp->name);
570 if (0 == ircd_strcmp(tmp->name, name) || 0 == match(tmp->name, name))
578 * Added for new access check meLazy
580 struct ConfItem* find_conf_byhost(struct SLink* lp, const char* host,
583 struct ConfItem* tmp = NULL;
586 if (HOSTLEN < strlen(host))
589 for (; lp; lp = lp->next) {
590 tmp = lp->value.aconf;
591 if (0 != (tmp->status & statmask)) {
592 assert(0 != tmp->host);
593 if (0 == match(tmp->host, host))
603 * Find a conf line using the IP# stored in it to search upon.
604 * Added 1/8/92 by Avalon.
606 struct ConfItem* find_conf_byip(struct SLink* lp, const struct irc_in_addr* ip,
609 struct ConfItem* tmp;
611 for (; lp; lp = lp->next) {
612 tmp = lp->value.aconf;
613 if (0 != (tmp->status & statmask)
614 && !irc_in_addr_cmp(&tmp->address.addr, ip))
623 * - looks for a match on all given fields.
626 static struct ConfItem *find_conf_entry(struct ConfItem *aconf,
629 struct ConfItem *bconf;
632 mask &= ~CONF_ILLEGAL;
634 for (bconf = GlobalConfList; bconf; bconf = bconf->next) {
635 if (!(bconf->status & mask) || (bconf->port != aconf->port))
638 if ((EmptyString(bconf->host) && !EmptyString(aconf->host)) ||
639 (EmptyString(aconf->host) && !EmptyString(bconf->host)))
641 if (!EmptyString(bconf->host) && 0 != ircd_strcmp(bconf->host, aconf->host))
644 if ((EmptyString(bconf->passwd) && !EmptyString(aconf->passwd)) ||
645 (EmptyString(aconf->passwd) && !EmptyString(bconf->passwd)))
647 if (!EmptyString(bconf->passwd) && (!IsDigit(*bconf->passwd) || bconf->passwd[1])
648 && 0 != ircd_strcmp(bconf->passwd, aconf->passwd))
651 if ((EmptyString(bconf->name) && !EmptyString(aconf->name)) ||
652 (EmptyString(aconf->name) && !EmptyString(bconf->name)))
654 if (!EmptyString(bconf->name) && 0 != ircd_strcmp(bconf->name, aconf->name))
662 * If conf line is a class definition, create a class entry
663 * for it and make the conf_line illegal and delete it.
665 void conf_add_class(const char* const* fields, int count)
669 add_class(atoi(fields[1]), atoi(fields[2]), atoi(fields[3]),
670 atoi(fields[4]), atoi(fields[5]));
673 void conf_add_listener(const char* const* fields, int count)
681 if (count < 5 || EmptyString(fields[4]))
684 if (!EmptyString(fields[3])) {
685 const char* x = fields[3];
686 if ('S' == ToUpper(*x))
689 if ('H' == ToUpper(*x))
692 /* port vhost mask */
693 add_listener(atoi(fields[4]), fields[2], fields[1], is_server, is_hidden);
696 void conf_add_admin(const char* const* fields, int count)
699 * if you have one, it MUST have 3 lines
702 log_write(LS_CONFIG, L_CRIT, 0, "Your A: line must have 4 fields!");
705 MyFree(localConf.location1);
706 DupString(localConf.location1, fields[1]);
708 MyFree(localConf.location2);
709 DupString(localConf.location2, fields[2]);
711 MyFree(localConf.contact);
712 DupString(localConf.contact, fields[3]);
716 * conf_add_crule - Create expression tree from connect rule and add it
719 void conf_add_crule(const char* const* fields, int count, int type)
721 struct CRuleNode* node;
724 if (count < 4 || EmptyString(fields[1]) || EmptyString(fields[3]))
727 if ((node = crule_parse(fields[3]))) {
728 struct CRuleConf* p = (struct CRuleConf*) MyMalloc(sizeof(struct CRuleConf));
731 DupString(p->hostmask, fields[1]);
732 collapse(p->hostmask);
734 DupString(p->rule, fields[3]);
738 p->next = cruleConfList;
744 void conf_erase_crule_list(void)
746 struct CRuleConf* next;
747 struct CRuleConf* p = cruleConfList;
749 for ( ; p; p = next) {
751 crule_free(&p->node);
759 const struct CRuleConf* conf_get_crule_list(void)
761 return cruleConfList;
764 void conf_erase_deny_list(void)
766 struct DenyConf* next;
767 struct DenyConf* p = denyConfList;
768 for ( ; p; p = next) {
778 const struct DenyConf* conf_get_deny_list(void)
784 find_quarantine(const char *chname)
788 for (qline = GlobalQuarantineList; qline; qline = qline->next)
789 if (!ircd_strcmp(qline->chname, chname))
790 return qline->reason;
794 void clear_quarantines(void)
797 while ((qline = GlobalQuarantineList))
799 GlobalQuarantineList = qline->next;
800 MyFree(qline->reason);
801 MyFree(qline->chname);
808 * read_configuration_file
810 * Read configuration file.
812 * returns 0, if file cannot be opened
816 #define MAXCONFLINKS 150
818 static int conf_error;
819 static int conf_already_read;
821 void init_lexer(void);
823 int read_configuration_file(void)
826 feature_unmark(); /* unmark all features for resetting later */
827 /* Now just open an fd. The buffering isn't really needed... */
832 feature_mark(); /* reset unmarked features */
833 conf_already_read = 1;
838 yyerror(const char *msg)
840 sendto_opmask_butone(0, SNO_ALL, "Config file parse error line %d: %s",
842 log_write(LS_CONFIG, L_ERROR, 0, "Config file parse error line %d: %s",
844 if (!conf_already_read)
845 fprintf(stderr, "Config file parse error line %d: %s\n", lineno, msg);
852 * Actual REHASH service routine. Called with sig == 0 if it has been called
853 * as a result of an operator issuing this command, else assume it has been
854 * called as a result of the server receiving a HUP signal.
856 int rehash(struct Client *cptr, int sig)
858 struct ConfItem** tmp = &GlobalConfList;
859 struct ConfItem* tmp2;
860 struct Client* acptr;
866 sendto_opmask_butone(0, SNO_OLDSNO,
867 "Got signal SIGHUP, reloading ircd conf. file");
869 while ((tmp2 = *tmp)) {
872 * Configuration entry is still in use by some
873 * local clients, cannot delete it--mark it so
874 * that it will be deleted when the last client
877 if (CONF_CLIENT == (tmp2->status & CONF_CLIENT))
883 tmp2->status |= CONF_ILLEGAL;
890 conf_erase_crule_list();
891 conf_erase_deny_list();
895 * delete the juped nicks list
905 mark_listeners_closing();
906 iauth_mark_closing();
908 read_configuration_file();
910 log_reopen(); /* reopen log files */
912 iauth_close_unused();
914 class_delete_marked(); /* unless it fails */
917 * Flush out deleted I and P lines although still in use.
919 for (tmp = &GlobalConfList; (tmp2 = *tmp);) {
920 if (CONF_ILLEGAL == (tmp2->status & CONF_ILLEGAL)) {
930 for (i = 0; i <= HighestFd; i++) {
931 if ((acptr = LocalClientArray[i])) {
932 assert(!IsMe(acptr));
933 if (IsServer(acptr)) {
934 det_confs_butmask(acptr,
935 ~(CONF_HUB | CONF_LEAF | CONF_UWORLD | CONF_ILLEGAL));
936 attach_confs_byname(acptr, cli_name(acptr),
937 CONF_HUB | CONF_LEAF | CONF_UWORLD);
939 /* Because admin's are getting so uppity about people managing to
940 * get past K/G's etc, we'll "fix" the bug by actually explaining
943 if ((found_g = find_kill(acptr))) {
944 sendto_opmask_butone(0, found_g == -2 ? SNO_GLINE : SNO_OPERKILL,
945 found_g == -2 ? "G-line active for %s%s" :
946 "K-line active for %s%s",
947 IsUnknown(acptr) ? "Unregistered Client ":"",
948 get_client_name(acptr, SHOW_IP));
949 if (exit_client(cptr, acptr, &me, found_g == -2 ? "G-lined" :
950 "K-lined") == CPTR_KILLED)
962 * Read configuration file.
964 * returns 0, if file cannot be opened
970 if (read_configuration_file()) {
972 * make sure we're sane to start if the config
973 * file read didn't get everything we need.
974 * XXX - should any of these abort the server?
975 * TODO: add warning messages
977 if (0 == localConf.name || 0 == localConf.numeric)
982 if (0 == localConf.location1)
983 DupString(localConf.location1, "");
984 if (0 == localConf.location2)
985 DupString(localConf.location2, "");
986 if (0 == localConf.contact)
987 DupString(localConf.contact, "");
999 * 0: Client may continue to try and connect
1000 * -1: Client was K/k:'d - sideeffect: reason was sent.
1001 * -2: Client was G/g:'d - sideeffect: reason was sent.
1003 * Client may have been sent a reason why they are denied, as above.
1005 int find_kill(struct Client *cptr)
1009 const char* realname;
1010 struct DenyConf* deny;
1011 struct Gline* agline = NULL;
1015 if (!cli_user(cptr))
1018 host = cli_sockhost(cptr);
1019 name = cli_user(cptr)->username;
1020 realname = cli_info(cptr);
1022 assert(strlen(host) <= HOSTLEN);
1023 assert((name ? strlen(name) : 0) <= HOSTLEN);
1024 assert((realname ? strlen(realname) : 0) <= REALLEN);
1026 /* 2000-07-14: Rewrote this loop for massive speed increases.
1029 for (deny = denyConfList; deny; deny = deny->next) {
1030 if (0 != match(deny->usermask, name))
1033 if (EmptyString(deny->hostmask))
1036 if (deny->flags & DENY_FLAGS_REALNAME) { /* K: by real name */
1037 if (0 == match(deny->hostmask + 2, realname))
1039 } else if (deny->flags & DENY_FLAGS_IP) { /* k: by IP */
1041 char tbuf1[SOCKIPLEN], tbuf2[SOCKIPLEN];
1042 Debug((DEBUG_DEBUG, "ip: %s network: %s/%u",
1043 ircd_ntoa_r(tbuf1, &cli_ip(cptr)), ircd_ntoa_r(tbuf2, &deny->address), deny->bits));
1045 if (ipmask_check(&cli_ip(cptr), &deny->address, deny->bits))
1048 else if (0 == match(deny->hostmask, host))
1052 if (EmptyString(deny->message))
1053 send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP,
1054 ":Connection from your host is refused on this server.");
1056 if (deny->flags & DENY_FLAGS_FILE)
1057 killcomment(cptr, deny->message);
1059 send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, ":%s.", deny->message);
1062 else if ((agline = gline_lookup(cptr, 0))) {
1064 * find active glines
1065 * added a check against the user's IP address to find_gline() -Kev
1067 send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, ":%s.", GlineReason(agline));
1079 * Ordinary client access check. Look for conf lines which have the same
1080 * status as the flags passed.
1082 enum AuthorizationCheckResult conf_check_client(struct Client *cptr)
1084 enum AuthorizationCheckResult acr = ACR_OK;
1088 if ((acr = attach_iline(cptr))) {
1089 Debug((DEBUG_DNS, "ch_cl: access denied: %s[%s]",
1090 cli_name(cptr), cli_sockhost(cptr)));
1099 * Check access for a server given its name (passed in cptr struct).
1100 * Must check for all C/N lines which have a name which matches the
1101 * name given and a host which matches. A host alias which is the
1102 * same as the server name is also acceptable in the host field of a
1107 * -1 = Access denied
1110 int conf_check_server(struct Client *cptr)
1112 struct ConfItem* c_conf = NULL;
1115 Debug((DEBUG_DNS, "sv_cl: check access for %s[%s]",
1116 cli_name(cptr), cli_sockhost(cptr)));
1118 if (IsUnknown(cptr) && !attach_confs_byname(cptr, cli_name(cptr), CONF_SERVER)) {
1119 Debug((DEBUG_DNS, "No C/N lines for %s", cli_sockhost(cptr)));
1122 lp = cli_confs(cptr);
1124 * We initiated this connection so the client should have a C and N
1125 * line already attached after passing through the connect_server()
1128 if (IsConnecting(cptr) || IsHandshake(cptr)) {
1129 c_conf = find_conf_byname(lp, cli_name(cptr), CONF_SERVER);
1131 sendto_opmask_butone(0, SNO_OLDSNO, "Connect Error: lost C:line for %s",
1133 det_confs_butmask(cptr, 0);
1141 if (cli_dns_reply(cptr)) {
1142 struct DNSReply* hp = cli_dns_reply(cptr);
1143 const char* name = hp->h_name;
1145 * If we are missing a C or N line from above, search for
1146 * it under all known hostnames we have for this ip#.
1148 if ((c_conf = find_conf_byhost(lp, hp->h_name, CONF_SERVER)))
1149 ircd_strncpy(cli_sockhost(cptr), name, HOSTLEN);
1151 c_conf = find_conf_byip(lp, &hp->addr, CONF_SERVER);
1155 * Check for C lines with the hostname portion the ip number
1156 * of the host the server runs on. This also checks the case where
1157 * there is a server connecting from 'localhost'.
1159 c_conf = find_conf_byhost(lp, cli_sockhost(cptr), CONF_SERVER);
1163 * Attach by IP# only if all other checks have failed.
1164 * It is quite possible to get here with the strange things that can
1165 * happen when using DNS in the way the irc server does. -avalon
1168 c_conf = find_conf_byip(lp, &cli_ip(cptr), CONF_SERVER);
1170 * detach all conf lines that got attached by attach_confs()
1172 det_confs_butmask(cptr, 0);
1174 * if no C or no N lines, then deny access
1177 Debug((DEBUG_DNS, "sv_cl: access denied: %s[%s@%s]",
1178 cli_name(cptr), cli_username(cptr), cli_sockhost(cptr)));
1181 ircd_strncpy(cli_name(cptr), c_conf->name, HOSTLEN);
1183 * attach the C and N lines to the client structure for later use.
1185 attach_conf(cptr, c_conf);
1186 attach_confs_byname(cptr, cli_name(cptr), CONF_HUB | CONF_LEAF | CONF_UWORLD);
1188 if (!irc_in_addr_valid(&c_conf->address.addr))
1189 memcpy(&c_conf->address.addr, &cli_ip(cptr), sizeof(c_conf->address.addr));
1191 Debug((DEBUG_DNS, "sv_cl: access ok: %s[%s]",
1192 cli_name(cptr), cli_sockhost(cptr)));