2 * IRC - Internet Relay Chat, ircd/s_conf.c
3 * Copyright (C) 1990 Jarkko Oikarinen and
4 * University of Oulu, Computing Center
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 1, or (at your option)
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 #include "ircd_features.h"
34 #include "ircd_alloc.h"
35 #include "ircd_auth.h"
36 #include "ircd_chattr.h"
38 #include "ircd_reply.h"
39 #include "ircd_snprintf.h"
40 #include "ircd_string.h"
59 #include <arpa/inet.h>
70 #define INADDR_NONE 0xffffffff
73 struct ConfItem *GlobalConfList = 0;
74 int GlobalConfCount = 0;
75 struct s_map *GlobalServiceMapList = 0;
76 struct qline *GlobalQuarantineList = 0;
81 struct LocalConf localConf;
82 struct CRuleConf* cruleConfList;
83 /* struct ServerConf* serverConfList; */
84 struct DenyConf* denyConfList;
87 * output the reason for being k lined from a file - Mmmm
88 * sptr is client being dumped
89 * filename is the file that is to be output to the K lined client
91 static void killcomment(struct Client* sptr, const char* filename)
98 if (NULL == (file = fbopen(filename, "r"))) {
99 send_reply(sptr, ERR_NOMOTD);
100 send_reply(sptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP,
101 ":Connection from your host is refused on this server.");
105 tm = localtime((time_t*) &sb.st_mtime); /* NetBSD needs cast */
106 while (fbgets(line, sizeof(line) - 1, file)) {
107 char* end = line + strlen(line);
110 if ('\n' == *end || '\r' == *end)
115 send_reply(sptr, RPL_MOTD, line);
117 send_reply(sptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP,
118 ":Connection from your host is refused on this server.");
122 struct ConfItem* make_conf(void)
124 struct ConfItem* aconf;
126 aconf = (struct ConfItem*) MyMalloc(sizeof(struct ConfItem));
131 memset(aconf, 0, sizeof(struct ConfItem));
132 aconf->status = CONF_ILLEGAL;
133 aconf->ipnum.s_addr = INADDR_NONE;
137 void delist_conf(struct ConfItem *aconf)
139 if (aconf == GlobalConfList)
140 GlobalConfList = GlobalConfList->next;
142 struct ConfItem *bconf;
144 for (bconf = GlobalConfList; aconf != bconf->next; bconf = bconf->next)
146 bconf->next = aconf->next;
151 void free_conf(struct ConfItem *aconf)
153 Debug((DEBUG_DEBUG, "free_conf: %s %s %d",
154 aconf->host ? aconf->host : "*",
155 aconf->name ? aconf->name : "*",
157 if (aconf->dns_pending)
158 delete_resolver_queries(aconf);
161 memset(aconf->passwd, 0, strlen(aconf->passwd));
162 MyFree(aconf->passwd);
171 * detach_conf - Disassociate configuration from the client.
173 static void detach_conf(struct Client* cptr, struct ConfItem* aconf)
180 assert(0 < aconf->clients);
182 lp = &(cli_confs(cptr));
185 if ((*lp)->value.aconf == aconf) {
186 if (aconf->conn_class && (aconf->status & CONF_CLIENT_MASK) && ConfLinks(aconf) > 0)
189 assert(0 < aconf->clients);
190 if (0 == --aconf->clients && IsIllegal(aconf))
202 * conf_dns_callback - called when resolver query finishes
203 * if the query resulted in a successful search, hp will contain
204 * a non-null pointer, otherwise hp will be null.
205 * if successful save hp in the conf item it was called with
207 static void conf_dns_callback(void* vptr, struct DNSReply* hp)
209 struct ConfItem* aconf = (struct ConfItem*) vptr;
211 aconf->dns_pending = 0;
213 struct sockaddr_in *sin = (struct sockaddr_in*)&hp->addr;
214 memcpy(&aconf->ipnum, &sin->sin_addr, sizeof(struct in_addr));
220 * conf_dns_lookup - do a nameserver lookup of the conf host
221 * if the conf entry is currently doing a ns lookup do nothing, otherwise
222 * if the lookup returns a null pointer, set the conf dns_pending flag
224 static void conf_dns_lookup(struct ConfItem* aconf)
226 if (!aconf->dns_pending) {
227 char buf[HOSTLEN + 1];
228 struct DNSQuery query;
230 query.callback = conf_dns_callback;
231 host_from_uh(buf, aconf->host, HOSTLEN);
234 gethost_byname(buf, &query);
235 aconf->dns_pending = 1;
243 * Do (start) DNS lookups of all hostnames in the conf line and convert
244 * an IP addresses in a.b.c.d number for to IP#s.
247 lookup_confhost(struct ConfItem *aconf)
249 if (EmptyString(aconf->host) || EmptyString(aconf->name)) {
250 Debug((DEBUG_ERROR, "Host/server name error: (%s) (%s)",
251 aconf->host, aconf->name));
255 * Do name lookup now on hostnames given and store the
256 * ip numbers in conf structure.
258 if (IsDigit(*aconf->host)) {
260 * rfc 1035 sez host names may not start with a digit
261 * XXX - this has changed code needs to be updated
263 aconf->ipnum.s_addr = inet_addr(aconf->host);
264 if (INADDR_NONE == aconf->ipnum.s_addr) {
265 Debug((DEBUG_ERROR, "Host/server name error: (%s) (%s)",
266 aconf->host, aconf->name));
270 conf_dns_lookup(aconf);
274 * conf_find_server - find a server by name or hostname
275 * returns a server conf item pointer if found, 0 otherwise
277 * NOTE: at some point when we don't have to scan the entire
278 * list it may be cheaper to look for server names and host
279 * names in separate loops (original code did it that way)
281 struct ConfItem* conf_find_server(const char* name)
283 struct ConfItem* conf;
286 for (conf = GlobalConfList; conf; conf = conf->next) {
287 if (CONF_SERVER == conf->status) {
289 * Check first servernames, then try hostnames.
290 * XXX - match returns 0 if there _is_ a match... guess they
291 * haven't decided what true is yet
293 if (0 == match(name, conf->name))
301 * conf_eval_crule - evaluate connection rules
302 * returns the name of the rule triggered if found, 0 otherwise
304 * Evaluate connection rules... If no rules found, allow the
305 * connect. Otherwise stop with the first true rule (ie: rules
306 * are ored together. Oper connects are effected only by D
307 * lines (CRULE_ALL) not d lines (CRULE_AUTO).
309 const char* conf_eval_crule(const char* name, int mask)
311 struct CRuleConf* p = cruleConfList;
314 for ( ; p; p = p->next) {
315 if (0 != (p->type & mask) && 0 == match(p->hostmask, name)) {
316 if (crule_eval(p->node))
324 * Remove all conf entries from the client except those which match
325 * the status field mask.
327 void det_confs_butmask(struct Client* cptr, int mask)
333 for (link = cli_confs(cptr); link; link = next) {
335 if ((link->value.aconf->status & mask) == 0)
336 detach_conf(cptr, link->value.aconf);
341 * check_limit_and_attach - check client limits and attach I:line
343 * Made it accept 1 charactor, and 2 charactor limits (0->99 now),
344 * and dislallow more than 255 people here as well as in ipcheck.
345 * removed the old "ONE" scheme too.
346 * -- Isomer 2000-06-22
348 static enum AuthorizationCheckResult
349 check_limit_and_attach(struct Client* cptr, struct ConfItem* aconf)
354 if (IsDigit(*aconf->passwd) && !aconf->passwd[1])
355 number = *aconf->passwd-'0';
356 else if (IsDigit(*aconf->passwd) && IsDigit(aconf->passwd[1]) &&
358 number = (*aconf->passwd-'0')*10+(aconf->passwd[1]-'0');
360 if (IPcheck_nr(cptr) > number)
361 return ACR_TOO_MANY_FROM_IP;
362 return attach_conf(cptr, aconf);
366 * Find the first (best) I line to attach.
368 enum AuthorizationCheckResult attach_iline(struct Client* cptr)
370 struct ConfItem* aconf;
371 static char uhost[HOSTLEN + USERLEN + 3];
372 static char fullname[HOSTLEN + 1];
373 struct DNSReply* hp = 0;
377 if (cli_dns_reply(cptr))
378 hp = cli_dns_reply(cptr);
380 for (aconf = GlobalConfList; aconf; aconf = aconf->next) {
381 if (aconf->status != CONF_CLIENT)
383 if (aconf->port && aconf->port != cli_listener(cptr)->port)
385 if (!aconf->host || !aconf->name)
388 ircd_strncpy(fullname, hp->h_name, HOSTLEN);
389 fullname[HOSTLEN] = '\0';
391 Debug((DEBUG_DNS, "a_il: %s->%s", cli_sockhost(cptr), fullname));
393 if (strchr(aconf->name, '@')) {
394 strcpy(uhost, cli_username(cptr));
399 strncat(uhost, fullname, sizeof(uhost) - 1 - strlen(uhost));
400 uhost[sizeof(uhost) - 1] = 0;
401 if (0 == match(aconf->name, uhost)) {
402 if (strchr(uhost, '@'))
403 SetFlag(cptr, FLAG_DOID);
404 return check_limit_and_attach(cptr, aconf);
407 if (strchr(aconf->host, '@')) {
408 ircd_strncpy(uhost, cli_username(cptr), sizeof(uhost) - 2);
409 uhost[sizeof(uhost) - 2] = 0;
414 strncat(uhost, cli_sock_ip(cptr), sizeof(uhost) - 1 - strlen(uhost));
415 uhost[sizeof(uhost) - 1] = 0;
416 if (match(aconf->host, uhost))
418 if (strchr(uhost, '@'))
419 SetFlag(cptr, FLAG_DOID);
421 return check_limit_and_attach(cptr, aconf);
423 return ACR_NO_AUTHORIZATION;
426 static int is_attached(struct ConfItem *aconf, struct Client *cptr)
430 for (lp = cli_confs(cptr); lp; lp = lp->next) {
431 if (lp->value.aconf == aconf)
440 * Associate a specific configuration entry to a *local*
441 * client (this is the one which used in accepting the
442 * connection). Note, that this automaticly changes the
443 * attachment if there was an old one...
445 enum AuthorizationCheckResult attach_conf(struct Client *cptr, struct ConfItem *aconf)
449 if (is_attached(aconf, cptr))
450 return ACR_ALREADY_AUTHORIZED;
451 if (IsIllegal(aconf))
452 return ACR_NO_AUTHORIZATION;
453 if ((aconf->status & (CONF_OPERATOR | CONF_CLIENT)) &&
454 ConfLinks(aconf) >= ConfMaxLinks(aconf) && ConfMaxLinks(aconf) > 0)
455 return ACR_TOO_MANY_IN_CLASS; /* Use this for printing error message */
457 lp->next = cli_confs(cptr);
458 lp->value.aconf = aconf;
459 cli_confs(cptr) = lp;
461 if (aconf->status & CONF_CLIENT_MASK)
466 const struct LocalConf* conf_get_local(void)
472 * attach_confs_byname
474 * Attach a CONF line to a client if the name passed matches that for
475 * the conf file (for non-C/N lines) or is an exact match (C/N lines
476 * only). The difference in behaviour is to stop C:*::* and N:*::*.
478 struct ConfItem* attach_confs_byname(struct Client* cptr, const char* name,
481 struct ConfItem* tmp;
482 struct ConfItem* first = NULL;
486 if (HOSTLEN < strlen(name))
489 for (tmp = GlobalConfList; tmp; tmp = tmp->next) {
490 if (0 != (tmp->status & statmask) && !IsIllegal(tmp)) {
491 assert(0 != tmp->name);
492 if (0 == match(tmp->name, name) || 0 == ircd_strcmp(tmp->name, name)) {
493 if (ACR_OK == attach_conf(cptr, tmp) && !first)
502 * Added for new access check meLazy
504 struct ConfItem* attach_confs_byhost(struct Client* cptr, const char* host,
507 struct ConfItem* tmp;
508 struct ConfItem* first = 0;
511 if (HOSTLEN < strlen(host))
514 for (tmp = GlobalConfList; tmp; tmp = tmp->next) {
515 if (0 != (tmp->status & statmask) && !IsIllegal(tmp)) {
516 assert(0 != tmp->host);
517 if (0 == match(tmp->host, host) || 0 == ircd_strcmp(tmp->host, host)) {
518 if (ACR_OK == attach_conf(cptr, tmp) && !first)
527 * find a conf entry which matches the hostname and has the same name.
529 struct ConfItem* find_conf_exact(const char* name, const char* user,
530 const char* host, int statmask)
532 struct ConfItem *tmp;
533 char userhost[USERLEN + HOSTLEN + 3];
536 ircd_snprintf(0, userhost, sizeof(userhost), "%s@%s", user, host);
538 ircd_strncpy(userhost, host, sizeof(userhost) - 1);
540 for (tmp = GlobalConfList; tmp; tmp = tmp->next) {
541 if (!(tmp->status & statmask) || !tmp->name || !tmp->host ||
542 0 != ircd_strcmp(tmp->name, name))
545 * Accept if the *real* hostname (usually sockecthost)
546 * socket host) matches *either* host or name field
547 * of the configuration.
549 if (match(tmp->host, userhost))
551 if (tmp->status & CONF_OPERATOR) {
552 if (tmp->clients < MaxLinks(tmp->conn_class))
563 struct ConfItem* find_conf_byname(struct SLink* lp, const char* name,
566 struct ConfItem* tmp;
569 if (HOSTLEN < strlen(name))
572 for (; lp; lp = lp->next) {
573 tmp = lp->value.aconf;
574 if (0 != (tmp->status & statmask)) {
575 assert(0 != tmp->name);
576 if (0 == ircd_strcmp(tmp->name, name) || 0 == match(tmp->name, name))
584 * Added for new access check meLazy
586 struct ConfItem* find_conf_byhost(struct SLink* lp, const char* host,
589 struct ConfItem* tmp = NULL;
592 if (HOSTLEN < strlen(host))
595 for (; lp; lp = lp->next) {
596 tmp = lp->value.aconf;
597 if (0 != (tmp->status & statmask)) {
598 assert(0 != tmp->host);
599 if (0 == match(tmp->host, host))
609 * Find a conf line using the IP# stored in it to search upon.
610 * Added 1/8/92 by Avalon.
612 struct ConfItem* find_conf_byip(struct SLink* lp, const char* ip,
615 struct ConfItem* tmp;
617 for (; lp; lp = lp->next) {
618 tmp = lp->value.aconf;
619 if (0 != (tmp->status & statmask)) {
620 if (0 == memcmp(&tmp->ipnum, ip, sizeof(struct in_addr)))
630 * - looks for a match on all given fields.
633 static struct ConfItem *find_conf_entry(struct ConfItem *aconf,
636 struct ConfItem *bconf;
639 mask &= ~CONF_ILLEGAL;
641 for (bconf = GlobalConfList; bconf; bconf = bconf->next) {
642 if (!(bconf->status & mask) || (bconf->port != aconf->port))
645 if ((EmptyString(bconf->host) && !EmptyString(aconf->host)) ||
646 (EmptyString(aconf->host) && !EmptyString(bconf->host)))
648 if (!EmptyString(bconf->host) && 0 != ircd_strcmp(bconf->host, aconf->host))
651 if ((EmptyString(bconf->passwd) && !EmptyString(aconf->passwd)) ||
652 (EmptyString(aconf->passwd) && !EmptyString(bconf->passwd)))
654 if (!EmptyString(bconf->passwd) && (!IsDigit(*bconf->passwd) || bconf->passwd[1])
655 && 0 != ircd_strcmp(bconf->passwd, aconf->passwd))
658 if ((EmptyString(bconf->name) && !EmptyString(aconf->name)) ||
659 (EmptyString(aconf->name) && !EmptyString(bconf->name)))
661 if (!EmptyString(bconf->name) && 0 != ircd_strcmp(bconf->name, aconf->name))
669 * If conf line is a class definition, create a class entry
670 * for it and make the conf_line illegal and delete it.
672 void conf_add_class(const char* const* fields, int count)
676 add_class(atoi(fields[1]), atoi(fields[2]), atoi(fields[3]),
677 atoi(fields[4]), atoi(fields[5]));
680 void conf_add_listener(const char* const* fields, int count)
688 if (count < 5 || EmptyString(fields[4]))
691 if (!EmptyString(fields[3])) {
692 const char* x = fields[3];
693 if ('S' == ToUpper(*x))
696 if ('H' == ToUpper(*x))
699 /* port vhost mask */
700 add_listener(atoi(fields[4]), fields[2], fields[1], is_server, is_hidden);
703 void conf_add_local(const char* const* fields, int count)
705 if (count < 6 || EmptyString(fields[1]) || EmptyString(fields[5])) {
706 log_write(LS_CONFIG, L_CRIT, 0, "Your M: line must have 6 fields!");
710 * these two can only be set the first time
712 if (0 == localConf.name) {
713 if (string_is_hostname(fields[1]))
714 DupString(localConf.name, fields[1]);
716 if (0 == localConf.numeric) {
717 localConf.numeric = atoi(fields[5]);
718 if (0 == localConf.numeric)
719 log_write(LS_CONFIG, L_WARNING, 0,
720 "Your M: line must have a Numeric value greater than 0");
723 * these two can be changed while the server is running
725 if (string_is_address(fields[2])) {
726 if (INADDR_NONE == (localConf.vhost_address.s_addr = inet_addr(fields[2])))
727 localConf.vhost_address.s_addr = INADDR_ANY;
729 MyFree(localConf.description);
730 DupString(localConf.description, fields[3]);
732 * XXX - shouldn't be setting these directly here
734 ircd_strncpy(cli_info(&me), fields[3], REALLEN);
735 set_virtual_host(localConf.vhost_address);
738 void conf_add_admin(const char* const* fields, int count)
741 * if you have one, it MUST have 3 lines
744 log_write(LS_CONFIG, L_CRIT, 0, "Your A: line must have 4 fields!");
747 MyFree(localConf.location1);
748 DupString(localConf.location1, fields[1]);
750 MyFree(localConf.location2);
751 DupString(localConf.location2, fields[2]);
753 MyFree(localConf.contact);
754 DupString(localConf.contact, fields[3]);
758 * conf_add_crule - Create expression tree from connect rule and add it
761 void conf_add_crule(const char* const* fields, int count, int type)
763 struct CRuleNode* node;
766 if (count < 4 || EmptyString(fields[1]) || EmptyString(fields[3]))
769 if ((node = crule_parse(fields[3]))) {
770 struct CRuleConf* p = (struct CRuleConf*) MyMalloc(sizeof(struct CRuleConf));
773 DupString(p->hostmask, fields[1]);
774 collapse(p->hostmask);
776 DupString(p->rule, fields[3]);
780 p->next = cruleConfList;
786 void conf_erase_crule_list(void)
788 struct CRuleConf* next;
789 struct CRuleConf* p = cruleConfList;
791 for ( ; p; p = next) {
793 crule_free(&p->node);
801 const struct CRuleConf* conf_get_crule_list(void)
803 return cruleConfList;
807 void conf_add_server(const char* const* fields, int count)
809 struct ServerConf* server;
813 * missing host, password, or alias?
815 if (count < 6 || EmptyString(fields[1]) || EmptyString(fields[2]) || EmptyString(fields[3]))
820 if (string_is_hostname(fields[1]))
821 addr.s_addr = INADDR_NONE;
822 else if (INADDR_NONE == (addr.s_addr = inet_addr(fields[1])))
825 server = (struct ServerConf*) MyMalloc(sizeof(struct ServerConf));
827 DupString(server->hostname, fields[1]);
828 DupString(server->passwd, fields[2]);
829 DupString(server->alias, fields[3]);
830 server->address.s_addr = addr.s_addr;
831 server->port = atoi(fields[4]);
832 server->dns_pending = 0;
833 server->connected = 0;
835 server->conn_class = find_class(atoi(fields[5]));
837 server->next = serverConfList;
838 serverConfList = server;
840 /* if (INADDR_NONE == server->address.s_addr) */
841 /* lookup_confhost(server); */
844 void conf_add_deny(const char* const* fields, int count, int ip_kill)
846 struct DenyConf* conf;
848 if (count < 4 || EmptyString(fields[1]) || EmptyString(fields[3]))
851 conf = (struct DenyConf*) MyMalloc(sizeof(struct DenyConf));
853 memset(conf, 0, sizeof(struct DenyConf));
855 if (fields[1][0] == '$' && fields[1][1] == 'R')
856 conf->flags |= DENY_FLAGS_REALNAME;
858 DupString(conf->hostmask, fields[1]);
859 collapse(conf->hostmask);
861 if (!EmptyString(fields[2])) {
862 const char* p = fields[2];
864 conf->flags |= DENY_FLAGS_FILE;
867 DupString(conf->message, p);
869 DupString(conf->usermask, fields[3]);
870 collapse(conf->usermask);
874 * Here we use the same kludge as in listener.c to parse
875 * a.b.c.d, or a.b.c.*, or a.b.c.d/e.
881 c_class = sscanf(conf->hostmask, "%d.%d.%d.%d/%d",
882 &ad[0], &ad[1], &ad[2], &ad[3], &bits2);
884 conf->bits = c_class * 8;
889 ircd_snprintf(0, ipname, sizeof(ipname), "%d.%d.%d.%d", ad[0], ad[1],
893 * This ensures endian correctness
895 conf->address = inet_addr(ipname);
896 Debug((DEBUG_DEBUG, "IPkill: %s = %08x/%i (%08x)", ipname,
897 conf->address, conf->bits, NETMASK(conf->bits)));
898 conf->flags |= DENY_FLAGS_IP;
900 conf->next = denyConfList;
906 void conf_erase_deny_list(void)
908 struct DenyConf* next;
909 struct DenyConf* p = denyConfList;
910 for ( ; p; p = next) {
920 const struct DenyConf* conf_get_deny_list(void)
926 void conf_add_quarantine(const char *chname, const char *reason)
930 qline = (struct qline *) MyMalloc(sizeof(struct qline));
931 DupString(qline->chname, chname);
932 DupString(qline->reason, reason);
933 qline->next = GlobalQuarantineList;
934 GlobalQuarantineList = qline;
939 find_quarantine(const char *chname)
943 for (qline = GlobalQuarantineList; qline; qline = qline->next)
944 if (!ircd_strcmp(qline->chname, chname))
945 return qline->reason;
949 void clear_quarantines(void)
952 while ((qline = GlobalQuarantineList))
954 GlobalQuarantineList = qline->next;
955 MyFree(qline->reason);
956 MyFree(qline->chname);
963 * read_configuration_file
965 * Read configuration file.
967 * returns 0, if file cannot be opened
971 #define MAXCONFLINKS 150
973 static int conf_error;
974 static int conf_already_read;
976 void init_lexer(void);
978 int read_configuration_file(void)
981 feature_unmark(); /* unmark all features for resetting later */
982 /* Now just open an fd. The buffering isn't really needed... */
987 feature_mark(); /* reset unmarked features */
988 conf_already_read = 1;
993 yyerror(const char *msg)
995 sendto_opmask_butone(0, SNO_ALL, "Config file parse error line %d: %s",
997 log_write(LS_CONFIG, L_ERROR, 0, "Config file parse error line %d: %s",
999 if (!conf_already_read)
1000 fprintf(stderr, "Config file parse error line %d: %s\n", lineno, msg);
1007 * Actual REHASH service routine. Called with sig == 0 if it has been called
1008 * as a result of an operator issuing this command, else assume it has been
1009 * called as a result of the server receiving a HUP signal.
1011 int rehash(struct Client *cptr, int sig)
1013 struct ConfItem** tmp = &GlobalConfList;
1014 struct ConfItem* tmp2;
1015 struct Client* acptr;
1021 sendto_opmask_butone(0, SNO_OLDSNO,
1022 "Got signal SIGHUP, reloading ircd conf. file");
1024 while ((tmp2 = *tmp)) {
1025 if (tmp2->clients) {
1027 * Configuration entry is still in use by some
1028 * local clients, cannot delete it--mark it so
1029 * that it will be deleted when the last client
1032 if (CONF_CLIENT == (tmp2->status & CONF_CLIENT))
1038 tmp2->status |= CONF_ILLEGAL;
1045 conf_erase_crule_list();
1046 conf_erase_deny_list();
1050 * delete the juped nicks list
1054 clear_quarantines();
1059 class_mark_delete();
1060 mark_listeners_closing();
1061 iauth_mark_closing();
1063 read_configuration_file();
1065 log_reopen(); /* reopen log files */
1067 iauth_close_unused();
1069 class_delete_marked(); /* unless it fails */
1072 * Flush out deleted I and P lines although still in use.
1074 for (tmp = &GlobalConfList; (tmp2 = *tmp);) {
1075 if (CONF_ILLEGAL == (tmp2->status & CONF_ILLEGAL)) {
1085 for (i = 0; i <= HighestFd; i++) {
1086 if ((acptr = LocalClientArray[i])) {
1087 assert(!IsMe(acptr));
1088 if (IsServer(acptr)) {
1089 det_confs_butmask(acptr,
1090 ~(CONF_HUB | CONF_LEAF | CONF_UWORLD | CONF_ILLEGAL));
1091 attach_confs_byname(acptr, cli_name(acptr),
1092 CONF_HUB | CONF_LEAF | CONF_UWORLD);
1094 /* Because admin's are getting so uppity about people managing to
1095 * get past K/G's etc, we'll "fix" the bug by actually explaining
1098 if ((found_g = find_kill(acptr))) {
1099 sendto_opmask_butone(0, found_g == -2 ? SNO_GLINE : SNO_OPERKILL,
1100 found_g == -2 ? "G-line active for %s%s" :
1101 "K-line active for %s%s",
1102 IsUnknown(acptr) ? "Unregistered Client ":"",
1103 get_client_name(acptr, SHOW_IP));
1104 if (exit_client(cptr, acptr, &me, found_g == -2 ? "G-lined" :
1105 "K-lined") == CPTR_KILLED)
1117 * Read configuration file.
1119 * returns 0, if file cannot be opened
1125 if (read_configuration_file()) {
1127 * make sure we're sane to start if the config
1128 * file read didn't get everything we need.
1129 * XXX - should any of these abort the server?
1130 * TODO: add warning messages
1132 if (0 == localConf.name || 0 == localConf.numeric)
1137 if (0 == localConf.location1)
1138 DupString(localConf.location1, "");
1139 if (0 == localConf.location2)
1140 DupString(localConf.location2, "");
1141 if (0 == localConf.contact)
1142 DupString(localConf.contact, "");
1154 * 0: Client may continue to try and connect
1155 * -1: Client was K/k:'d - sideeffect: reason was sent.
1156 * -2: Client was G/g:'d - sideeffect: reason was sent.
1158 * Client may have been sent a reason why they are denied, as above.
1160 int find_kill(struct Client *cptr)
1164 const char* realname;
1165 struct DenyConf* deny;
1166 struct Gline* agline = NULL;
1170 if (!cli_user(cptr))
1173 host = cli_sockhost(cptr);
1174 name = cli_user(cptr)->username;
1175 realname = cli_info(cptr);
1177 assert(strlen(host) <= HOSTLEN);
1178 assert((name ? strlen(name) : 0) <= HOSTLEN);
1179 assert((realname ? strlen(realname) : 0) <= REALLEN);
1181 /* 2000-07-14: Rewrote this loop for massive speed increases.
1184 for (deny = denyConfList; deny; deny = deny->next) {
1185 if (0 != match(deny->usermask, name))
1188 if (EmptyString(deny->hostmask))
1191 if (deny->flags & DENY_FLAGS_REALNAME) { /* K: by real name */
1192 if (0 == match(deny->hostmask + 2, realname))
1194 } else if (deny->flags & DENY_FLAGS_IP) { /* k: by IP */
1195 Debug((DEBUG_DEBUG, "ip: %08x network: %08x/%i mask: %08x",
1196 cli_ip(cptr).s_addr, deny->address, deny->bits, NETMASK(deny->bits)));
1197 if ((cli_ip(cptr).s_addr & NETMASK(deny->bits)) == deny->address)
1200 else if (0 == match(deny->hostmask, host))
1204 if (EmptyString(deny->message))
1205 send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP,
1206 ":Connection from your host is refused on this server.");
1208 if (deny->flags & DENY_FLAGS_FILE)
1209 killcomment(cptr, deny->message);
1211 send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, ":%s.", deny->message);
1214 else if ((agline = gline_lookup(cptr, 0))) {
1216 * find active glines
1217 * added a check against the user's IP address to find_gline() -Kev
1219 send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, ":%s.", GlineReason(agline));
1231 * Ordinary client access check. Look for conf lines which have the same
1232 * status as the flags passed.
1234 enum AuthorizationCheckResult conf_check_client(struct Client *cptr)
1236 enum AuthorizationCheckResult acr = ACR_OK;
1240 if ((acr = attach_iline(cptr))) {
1241 Debug((DEBUG_DNS, "ch_cl: access denied: %s[%s]",
1242 cli_name(cptr), cli_sockhost(cptr)));
1251 * Check access for a server given its name (passed in cptr struct).
1252 * Must check for all C/N lines which have a name which matches the
1253 * name given and a host which matches. A host alias which is the
1254 * same as the server name is also acceptable in the host field of a
1259 * -1 = Access denied
1262 int conf_check_server(struct Client *cptr)
1264 struct ConfItem* c_conf = NULL;
1267 Debug((DEBUG_DNS, "sv_cl: check access for %s[%s]",
1268 cli_name(cptr), cli_sockhost(cptr)));
1270 if (IsUnknown(cptr) && !attach_confs_byname(cptr, cli_name(cptr), CONF_SERVER)) {
1271 Debug((DEBUG_DNS, "No C/N lines for %s", cli_sockhost(cptr)));
1274 lp = cli_confs(cptr);
1276 * We initiated this connection so the client should have a C and N
1277 * line already attached after passing through the connect_server()
1280 if (IsConnecting(cptr) || IsHandshake(cptr)) {
1281 c_conf = find_conf_byname(lp, cli_name(cptr), CONF_SERVER);
1283 sendto_opmask_butone(0, SNO_OLDSNO, "Connect Error: lost C:line for %s",
1285 det_confs_butmask(cptr, 0);
1293 if (cli_dns_reply(cptr)) {
1294 struct DNSReply* hp = cli_dns_reply(cptr);
1295 const char* name = hp->h_name;
1297 * If we are missing a C or N line from above, search for
1298 * it under all known hostnames we have for this ip#.
1300 if ((c_conf = find_conf_byhost(lp, hp->h_name, CONF_SERVER)))
1301 ircd_strncpy(cli_sockhost(cptr), name, HOSTLEN);
1303 c_conf = find_conf_byip(lp, (char*)&((struct sockaddr_in*)&hp->addr)->sin_addr, CONF_SERVER);
1307 * Check for C lines with the hostname portion the ip number
1308 * of the host the server runs on. This also checks the case where
1309 * there is a server connecting from 'localhost'.
1311 c_conf = find_conf_byhost(lp, cli_sockhost(cptr), CONF_SERVER);
1315 * Attach by IP# only if all other checks have failed.
1316 * It is quite possible to get here with the strange things that can
1317 * happen when using DNS in the way the irc server does. -avalon
1320 c_conf = find_conf_byip(lp, (const char*) &(cli_ip(cptr)), CONF_SERVER);
1322 * detach all conf lines that got attached by attach_confs()
1324 det_confs_butmask(cptr, 0);
1326 * if no C or no N lines, then deny access
1329 Debug((DEBUG_DNS, "sv_cl: access denied: %s[%s@%s]",
1330 cli_name(cptr), cli_username(cptr), cli_sockhost(cptr)));
1333 ircd_strncpy(cli_name(cptr), c_conf->name, HOSTLEN);
1335 * attach the C and N lines to the client structure for later use.
1337 attach_conf(cptr, c_conf);
1338 attach_confs_byname(cptr, cli_name(cptr), CONF_HUB | CONF_LEAF | CONF_UWORLD);
1340 if (INADDR_NONE == c_conf->ipnum.s_addr)
1341 c_conf->ipnum.s_addr = cli_ip(cptr).s_addr;
1343 Debug((DEBUG_DNS, "sv_cl: access ok: %s[%s]",
1344 cli_name(cptr), cli_sockhost(cptr)));