2 * IRC - Internet Relay Chat, ircd/s_conf.c
3 * Copyright (C) 1990 Jarkko Oikarinen and
4 * University of Oulu, Computing Center
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 1, or (at your option)
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
29 #include "ircd_features.h"
34 #include "ircd_alloc.h"
35 #include "ircd_auth.h"
36 #include "ircd_chattr.h"
38 #include "ircd_reply.h"
39 #include "ircd_snprintf.h"
40 #include "ircd_string.h"
59 #include <arpa/inet.h>
70 #define INADDR_NONE 0xffffffff
73 struct ConfItem *GlobalConfList = 0;
74 int GlobalConfCount = 0;
75 struct s_map *GlobalServiceMapList = 0;
76 struct qline *GlobalQuarantineList = 0;
81 struct LocalConf localConf;
82 struct CRuleConf* cruleConfList;
83 /* struct ServerConf* serverConfList; */
84 struct DenyConf* denyConfList;
87 * output the reason for being k lined from a file - Mmmm
88 * sptr is client being dumped
89 * filename is the file that is to be output to the K lined client
91 static void killcomment(struct Client* sptr, const char* filename)
98 if (NULL == (file = fbopen(filename, "r"))) {
99 send_reply(sptr, ERR_NOMOTD);
100 send_reply(sptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP,
101 ":Connection from your host is refused on this server.");
105 tm = localtime((time_t*) &sb.st_mtime); /* NetBSD needs cast */
106 while (fbgets(line, sizeof(line) - 1, file)) {
107 char* end = line + strlen(line);
110 if ('\n' == *end || '\r' == *end)
115 send_reply(sptr, RPL_MOTD, line);
117 send_reply(sptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP,
118 ":Connection from your host is refused on this server.");
122 struct ConfItem* make_conf(void)
124 struct ConfItem* aconf;
126 aconf = (struct ConfItem*) MyMalloc(sizeof(struct ConfItem));
131 memset(aconf, 0, sizeof(struct ConfItem));
132 aconf->status = CONF_ILLEGAL;
133 aconf->ipnum.s_addr = INADDR_NONE;
137 void delist_conf(struct ConfItem *aconf)
139 if (aconf == GlobalConfList)
140 GlobalConfList = GlobalConfList->next;
142 struct ConfItem *bconf;
144 for (bconf = GlobalConfList; aconf != bconf->next; bconf = bconf->next)
146 bconf->next = aconf->next;
151 void free_conf(struct ConfItem *aconf)
153 Debug((DEBUG_DEBUG, "free_conf: %s %s %d",
154 aconf->host ? aconf->host : "*",
155 aconf->name ? aconf->name : "*",
157 if (aconf->dns_pending)
158 delete_resolver_queries(aconf);
161 memset(aconf->passwd, 0, strlen(aconf->passwd));
162 MyFree(aconf->passwd);
171 * detach_conf - Disassociate configuration from the client.
173 static void detach_conf(struct Client* cptr, struct ConfItem* aconf)
180 assert(0 < aconf->clients);
182 lp = &(cli_confs(cptr));
185 if ((*lp)->value.aconf == aconf) {
186 if (aconf->conn_class && (aconf->status & CONF_CLIENT_MASK) && ConfLinks(aconf) > 0)
189 assert(0 < aconf->clients);
190 if (0 == --aconf->clients && IsIllegal(aconf))
202 * conf_dns_callback - called when resolver query finishes
203 * if the query resulted in a successful search, hp will contain
204 * a non-null pointer, otherwise hp will be null.
205 * if successful save hp in the conf item it was called with
207 static void conf_dns_callback(void* vptr, struct hostent* hp)
209 struct ConfItem* aconf = (struct ConfItem*) vptr;
211 aconf->dns_pending = 0;
213 memcpy(&aconf->ipnum, hp->h_addr, sizeof(struct in_addr));
219 * conf_dns_lookup - do a nameserver lookup of the conf host
220 * if the conf entry is currently doing a ns lookup do nothing, otherwise
221 * if the lookup returns a null pointer, set the conf dns_pending flag
223 static void conf_dns_lookup(struct ConfItem* aconf)
225 if (!aconf->dns_pending) {
226 char buf[HOSTLEN + 1];
227 struct DNSQuery query;
229 query.callback = conf_dns_callback;
230 host_from_uh(buf, aconf->host, HOSTLEN);
233 gethost_byname(buf, &query);
234 aconf->dns_pending = 1;
242 * Do (start) DNS lookups of all hostnames in the conf line and convert
243 * an IP addresses in a.b.c.d number for to IP#s.
246 lookup_confhost(struct ConfItem *aconf)
248 if (EmptyString(aconf->host) || EmptyString(aconf->name)) {
249 Debug((DEBUG_ERROR, "Host/server name error: (%s) (%s)",
250 aconf->host, aconf->name));
254 * Do name lookup now on hostnames given and store the
255 * ip numbers in conf structure.
257 if (IsDigit(*aconf->host)) {
259 * rfc 1035 sez host names may not start with a digit
260 * XXX - this has changed code needs to be updated
262 aconf->ipnum.s_addr = inet_addr(aconf->host);
263 if (INADDR_NONE == aconf->ipnum.s_addr) {
264 Debug((DEBUG_ERROR, "Host/server name error: (%s) (%s)",
265 aconf->host, aconf->name));
269 conf_dns_lookup(aconf);
273 * conf_find_server - find a server by name or hostname
274 * returns a server conf item pointer if found, 0 otherwise
276 * NOTE: at some point when we don't have to scan the entire
277 * list it may be cheaper to look for server names and host
278 * names in separate loops (original code did it that way)
280 struct ConfItem* conf_find_server(const char* name)
282 struct ConfItem* conf;
285 for (conf = GlobalConfList; conf; conf = conf->next) {
286 if (CONF_SERVER == conf->status) {
288 * Check first servernames, then try hostnames.
289 * XXX - match returns 0 if there _is_ a match... guess they
290 * haven't decided what true is yet
292 if (0 == match(name, conf->name))
300 * conf_eval_crule - evaluate connection rules
301 * returns the name of the rule triggered if found, 0 otherwise
303 * Evaluate connection rules... If no rules found, allow the
304 * connect. Otherwise stop with the first true rule (ie: rules
305 * are ored together. Oper connects are effected only by D
306 * lines (CRULE_ALL) not d lines (CRULE_AUTO).
308 const char* conf_eval_crule(const char* name, int mask)
310 struct CRuleConf* p = cruleConfList;
313 for ( ; p; p = p->next) {
314 if (0 != (p->type & mask) && 0 == match(p->hostmask, name)) {
315 if (crule_eval(p->node))
323 * Remove all conf entries from the client except those which match
324 * the status field mask.
326 void det_confs_butmask(struct Client* cptr, int mask)
332 for (link = cli_confs(cptr); link; link = next) {
334 if ((link->value.aconf->status & mask) == 0)
335 detach_conf(cptr, link->value.aconf);
340 * check_limit_and_attach - check client limits and attach I:line
342 * Made it accept 1 charactor, and 2 charactor limits (0->99 now),
343 * and dislallow more than 255 people here as well as in ipcheck.
344 * removed the old "ONE" scheme too.
345 * -- Isomer 2000-06-22
347 static enum AuthorizationCheckResult
348 check_limit_and_attach(struct Client* cptr, struct ConfItem* aconf)
353 if (IsDigit(*aconf->passwd) && !aconf->passwd[1])
354 number = *aconf->passwd-'0';
355 else if (IsDigit(*aconf->passwd) && IsDigit(aconf->passwd[1]) &&
357 number = (*aconf->passwd-'0')*10+(aconf->passwd[1]-'0');
359 if (IPcheck_nr(cptr) > number)
360 return ACR_TOO_MANY_FROM_IP;
361 return attach_conf(cptr, aconf);
365 * Find the first (best) I line to attach.
367 enum AuthorizationCheckResult attach_iline(struct Client* cptr)
369 struct ConfItem* aconf;
372 static char uhost[HOSTLEN + USERLEN + 3];
373 static char fullname[HOSTLEN + 1];
374 struct hostent* hp = 0;
378 if (cli_dns_reply(cptr))
379 hp = cli_dns_reply(cptr);
381 for (aconf = GlobalConfList; aconf; aconf = aconf->next) {
382 if (aconf->status != CONF_CLIENT)
384 if (aconf->port && aconf->port != cli_listener(cptr)->port)
386 if (!aconf->host || !aconf->name)
389 for (i = 0, hname = hp->h_name; hname; hname = hp->h_aliases[i++]) {
390 ircd_strncpy(fullname, hname, HOSTLEN);
391 fullname[HOSTLEN] = '\0';
393 Debug((DEBUG_DNS, "a_il: %s->%s", cli_sockhost(cptr), fullname));
395 if (strchr(aconf->name, '@')) {
396 strcpy(uhost, cli_username(cptr));
401 strncat(uhost, fullname, sizeof(uhost) - 1 - strlen(uhost));
402 uhost[sizeof(uhost) - 1] = 0;
403 if (0 == match(aconf->name, uhost)) {
404 if (strchr(uhost, '@'))
405 SetFlag(cptr, FLAG_DOID);
406 return check_limit_and_attach(cptr, aconf);
410 if (strchr(aconf->host, '@')) {
411 ircd_strncpy(uhost, cli_username(cptr), sizeof(uhost) - 2);
412 uhost[sizeof(uhost) - 2] = 0;
417 strncat(uhost, cli_sock_ip(cptr), sizeof(uhost) - 1 - strlen(uhost));
418 uhost[sizeof(uhost) - 1] = 0;
419 if (match(aconf->host, uhost))
421 if (strchr(uhost, '@'))
422 SetFlag(cptr, FLAG_DOID);
424 return check_limit_and_attach(cptr, aconf);
426 return ACR_NO_AUTHORIZATION;
429 static int is_attached(struct ConfItem *aconf, struct Client *cptr)
433 for (lp = cli_confs(cptr); lp; lp = lp->next) {
434 if (lp->value.aconf == aconf)
443 * Associate a specific configuration entry to a *local*
444 * client (this is the one which used in accepting the
445 * connection). Note, that this automaticly changes the
446 * attachment if there was an old one...
448 enum AuthorizationCheckResult attach_conf(struct Client *cptr, struct ConfItem *aconf)
452 if (is_attached(aconf, cptr))
453 return ACR_ALREADY_AUTHORIZED;
454 if (IsIllegal(aconf))
455 return ACR_NO_AUTHORIZATION;
456 if ((aconf->status & (CONF_OPERATOR | CONF_CLIENT)) &&
457 ConfLinks(aconf) >= ConfMaxLinks(aconf) && ConfMaxLinks(aconf) > 0)
458 return ACR_TOO_MANY_IN_CLASS; /* Use this for printing error message */
460 lp->next = cli_confs(cptr);
461 lp->value.aconf = aconf;
462 cli_confs(cptr) = lp;
464 if (aconf->status & CONF_CLIENT_MASK)
469 const struct LocalConf* conf_get_local(void)
475 * attach_confs_byname
477 * Attach a CONF line to a client if the name passed matches that for
478 * the conf file (for non-C/N lines) or is an exact match (C/N lines
479 * only). The difference in behaviour is to stop C:*::* and N:*::*.
481 struct ConfItem* attach_confs_byname(struct Client* cptr, const char* name,
484 struct ConfItem* tmp;
485 struct ConfItem* first = NULL;
489 if (HOSTLEN < strlen(name))
492 for (tmp = GlobalConfList; tmp; tmp = tmp->next) {
493 if (0 != (tmp->status & statmask) && !IsIllegal(tmp)) {
494 assert(0 != tmp->name);
495 if (0 == match(tmp->name, name) || 0 == ircd_strcmp(tmp->name, name)) {
496 if (ACR_OK == attach_conf(cptr, tmp) && !first)
505 * Added for new access check meLazy
507 struct ConfItem* attach_confs_byhost(struct Client* cptr, const char* host,
510 struct ConfItem* tmp;
511 struct ConfItem* first = 0;
514 if (HOSTLEN < strlen(host))
517 for (tmp = GlobalConfList; tmp; tmp = tmp->next) {
518 if (0 != (tmp->status & statmask) && !IsIllegal(tmp)) {
519 assert(0 != tmp->host);
520 if (0 == match(tmp->host, host) || 0 == ircd_strcmp(tmp->host, host)) {
521 if (ACR_OK == attach_conf(cptr, tmp) && !first)
530 * find a conf entry which matches the hostname and has the same name.
532 struct ConfItem* find_conf_exact(const char* name, const char* user,
533 const char* host, int statmask)
535 struct ConfItem *tmp;
536 char userhost[USERLEN + HOSTLEN + 3];
539 ircd_snprintf(0, userhost, sizeof(userhost), "%s@%s", user, host);
541 ircd_strncpy(userhost, host, sizeof(userhost) - 1);
543 for (tmp = GlobalConfList; tmp; tmp = tmp->next) {
544 if (!(tmp->status & statmask) || !tmp->name || !tmp->host ||
545 0 != ircd_strcmp(tmp->name, name))
548 * Accept if the *real* hostname (usually sockecthost)
549 * socket host) matches *either* host or name field
550 * of the configuration.
552 if (match(tmp->host, userhost))
554 if (tmp->status & CONF_OPERATOR) {
555 if (tmp->clients < MaxLinks(tmp->conn_class))
566 struct ConfItem* find_conf_byname(struct SLink* lp, const char* name,
569 struct ConfItem* tmp;
572 if (HOSTLEN < strlen(name))
575 for (; lp; lp = lp->next) {
576 tmp = lp->value.aconf;
577 if (0 != (tmp->status & statmask)) {
578 assert(0 != tmp->name);
579 if (0 == ircd_strcmp(tmp->name, name) || 0 == match(tmp->name, name))
587 * Added for new access check meLazy
589 struct ConfItem* find_conf_byhost(struct SLink* lp, const char* host,
592 struct ConfItem* tmp = NULL;
595 if (HOSTLEN < strlen(host))
598 for (; lp; lp = lp->next) {
599 tmp = lp->value.aconf;
600 if (0 != (tmp->status & statmask)) {
601 assert(0 != tmp->host);
602 if (0 == match(tmp->host, host))
612 * Find a conf line using the IP# stored in it to search upon.
613 * Added 1/8/92 by Avalon.
615 struct ConfItem* find_conf_byip(struct SLink* lp, const char* ip,
618 struct ConfItem* tmp;
620 for (; lp; lp = lp->next) {
621 tmp = lp->value.aconf;
622 if (0 != (tmp->status & statmask)) {
623 if (0 == memcmp(&tmp->ipnum, ip, sizeof(struct in_addr)))
633 * - looks for a match on all given fields.
636 static struct ConfItem *find_conf_entry(struct ConfItem *aconf,
639 struct ConfItem *bconf;
642 mask &= ~CONF_ILLEGAL;
644 for (bconf = GlobalConfList; bconf; bconf = bconf->next) {
645 if (!(bconf->status & mask) || (bconf->port != aconf->port))
648 if ((EmptyString(bconf->host) && !EmptyString(aconf->host)) ||
649 (EmptyString(aconf->host) && !EmptyString(bconf->host)))
651 if (!EmptyString(bconf->host) && 0 != ircd_strcmp(bconf->host, aconf->host))
654 if ((EmptyString(bconf->passwd) && !EmptyString(aconf->passwd)) ||
655 (EmptyString(aconf->passwd) && !EmptyString(bconf->passwd)))
657 if (!EmptyString(bconf->passwd) && (!IsDigit(*bconf->passwd) || bconf->passwd[1])
658 && 0 != ircd_strcmp(bconf->passwd, aconf->passwd))
661 if ((EmptyString(bconf->name) && !EmptyString(aconf->name)) ||
662 (EmptyString(aconf->name) && !EmptyString(bconf->name)))
664 if (!EmptyString(bconf->name) && 0 != ircd_strcmp(bconf->name, aconf->name))
672 * If conf line is a class definition, create a class entry
673 * for it and make the conf_line illegal and delete it.
675 void conf_add_class(const char* const* fields, int count)
679 add_class(atoi(fields[1]), atoi(fields[2]), atoi(fields[3]),
680 atoi(fields[4]), atoi(fields[5]));
683 void conf_add_listener(const char* const* fields, int count)
691 if (count < 5 || EmptyString(fields[4]))
694 if (!EmptyString(fields[3])) {
695 const char* x = fields[3];
696 if ('S' == ToUpper(*x))
699 if ('H' == ToUpper(*x))
702 /* port vhost mask */
703 add_listener(atoi(fields[4]), fields[2], fields[1], is_server, is_hidden);
706 void conf_add_local(const char* const* fields, int count)
708 if (count < 6 || EmptyString(fields[1]) || EmptyString(fields[5])) {
709 log_write(LS_CONFIG, L_CRIT, 0, "Your M: line must have 6 fields!");
713 * these two can only be set the first time
715 if (0 == localConf.name) {
716 if (string_is_hostname(fields[1]))
717 DupString(localConf.name, fields[1]);
719 if (0 == localConf.numeric) {
720 localConf.numeric = atoi(fields[5]);
721 if (0 == localConf.numeric)
722 log_write(LS_CONFIG, L_WARNING, 0,
723 "Your M: line must have a Numeric value greater than 0");
726 * these two can be changed while the server is running
728 if (string_is_address(fields[2])) {
729 if (INADDR_NONE == (localConf.vhost_address.s_addr = inet_addr(fields[2])))
730 localConf.vhost_address.s_addr = INADDR_ANY;
732 MyFree(localConf.description);
733 DupString(localConf.description, fields[3]);
735 * XXX - shouldn't be setting these directly here
737 ircd_strncpy(cli_info(&me), fields[3], REALLEN);
738 set_virtual_host(localConf.vhost_address);
741 void conf_add_admin(const char* const* fields, int count)
744 * if you have one, it MUST have 3 lines
747 log_write(LS_CONFIG, L_CRIT, 0, "Your A: line must have 4 fields!");
750 MyFree(localConf.location1);
751 DupString(localConf.location1, fields[1]);
753 MyFree(localConf.location2);
754 DupString(localConf.location2, fields[2]);
756 MyFree(localConf.contact);
757 DupString(localConf.contact, fields[3]);
761 * conf_add_crule - Create expression tree from connect rule and add it
764 void conf_add_crule(const char* const* fields, int count, int type)
766 struct CRuleNode* node;
769 if (count < 4 || EmptyString(fields[1]) || EmptyString(fields[3]))
772 if ((node = crule_parse(fields[3]))) {
773 struct CRuleConf* p = (struct CRuleConf*) MyMalloc(sizeof(struct CRuleConf));
776 DupString(p->hostmask, fields[1]);
777 collapse(p->hostmask);
779 DupString(p->rule, fields[3]);
783 p->next = cruleConfList;
789 void conf_erase_crule_list(void)
791 struct CRuleConf* next;
792 struct CRuleConf* p = cruleConfList;
794 for ( ; p; p = next) {
796 crule_free(&p->node);
804 const struct CRuleConf* conf_get_crule_list(void)
806 return cruleConfList;
810 void conf_add_server(const char* const* fields, int count)
812 struct ServerConf* server;
816 * missing host, password, or alias?
818 if (count < 6 || EmptyString(fields[1]) || EmptyString(fields[2]) || EmptyString(fields[3]))
823 if (string_is_hostname(fields[1]))
824 addr.s_addr = INADDR_NONE;
825 else if (INADDR_NONE == (addr.s_addr = inet_addr(fields[1])))
828 server = (struct ServerConf*) MyMalloc(sizeof(struct ServerConf));
830 DupString(server->hostname, fields[1]);
831 DupString(server->passwd, fields[2]);
832 DupString(server->alias, fields[3]);
833 server->address.s_addr = addr.s_addr;
834 server->port = atoi(fields[4]);
835 server->dns_pending = 0;
836 server->connected = 0;
838 server->conn_class = find_class(atoi(fields[5]));
840 server->next = serverConfList;
841 serverConfList = server;
843 /* if (INADDR_NONE == server->address.s_addr) */
844 /* lookup_confhost(server); */
847 void conf_add_deny(const char* const* fields, int count, int ip_kill)
849 struct DenyConf* conf;
851 if (count < 4 || EmptyString(fields[1]) || EmptyString(fields[3]))
854 conf = (struct DenyConf*) MyMalloc(sizeof(struct DenyConf));
856 memset(conf, 0, sizeof(struct DenyConf));
858 if (fields[1][0] == '$' && fields[1][1] == 'R')
859 conf->flags |= DENY_FLAGS_REALNAME;
861 DupString(conf->hostmask, fields[1]);
862 collapse(conf->hostmask);
864 if (!EmptyString(fields[2])) {
865 const char* p = fields[2];
867 conf->flags |= DENY_FLAGS_FILE;
870 DupString(conf->message, p);
872 DupString(conf->usermask, fields[3]);
873 collapse(conf->usermask);
877 * Here we use the same kludge as in listener.c to parse
878 * a.b.c.d, or a.b.c.*, or a.b.c.d/e.
884 c_class = sscanf(conf->hostmask, "%d.%d.%d.%d/%d",
885 &ad[0], &ad[1], &ad[2], &ad[3], &bits2);
887 conf->bits = c_class * 8;
892 ircd_snprintf(0, ipname, sizeof(ipname), "%d.%d.%d.%d", ad[0], ad[1],
896 * This ensures endian correctness
898 conf->address = inet_addr(ipname);
899 Debug((DEBUG_DEBUG, "IPkill: %s = %08x/%i (%08x)", ipname,
900 conf->address, conf->bits, NETMASK(conf->bits)));
901 conf->flags |= DENY_FLAGS_IP;
903 conf->next = denyConfList;
909 void conf_erase_deny_list(void)
911 struct DenyConf* next;
912 struct DenyConf* p = denyConfList;
913 for ( ; p; p = next) {
923 const struct DenyConf* conf_get_deny_list(void)
929 void conf_add_quarantine(const char *chname, const char *reason)
933 qline = (struct qline *) MyMalloc(sizeof(struct qline));
934 DupString(qline->chname, chname);
935 DupString(qline->reason, reason);
936 qline->next = GlobalQuarantineList;
937 GlobalQuarantineList = qline;
942 find_quarantine(const char *chname)
946 for (qline = GlobalQuarantineList; qline; qline = qline->next)
947 if (!ircd_strcmp(qline->chname, chname))
948 return qline->reason;
952 void clear_quarantines(void)
955 while ((qline = GlobalQuarantineList))
957 GlobalQuarantineList = qline->next;
958 MyFree(qline->reason);
959 MyFree(qline->chname);
966 * read_configuration_file
968 * Read configuration file.
970 * returns 0, if file cannot be opened
974 #define MAXCONFLINKS 150
976 static int conf_error;
977 static int conf_already_read;
979 void init_lexer(void);
981 int read_configuration_file(void)
984 feature_unmark(); /* unmark all features for resetting later */
985 /* Now just open an fd. The buffering isn't really needed... */
990 feature_mark(); /* reset unmarked features */
991 conf_already_read = 1;
996 yyerror(const char *msg)
998 sendto_opmask_butone(0, SNO_ALL, "Config file parse error line %d: %s",
1000 log_write(LS_CONFIG, L_ERROR, 0, "Config file parse error line %d: %s",
1002 if (!conf_already_read)
1003 fprintf(stderr, "Config file parse error line %d: %s\n", lineno, msg);
1010 * Actual REHASH service routine. Called with sig == 0 if it has been called
1011 * as a result of an operator issuing this command, else assume it has been
1012 * called as a result of the server receiving a HUP signal.
1014 int rehash(struct Client *cptr, int sig)
1016 struct ConfItem** tmp = &GlobalConfList;
1017 struct ConfItem* tmp2;
1018 struct Client* acptr;
1024 sendto_opmask_butone(0, SNO_OLDSNO,
1025 "Got signal SIGHUP, reloading ircd conf. file");
1027 while ((tmp2 = *tmp)) {
1028 if (tmp2->clients) {
1030 * Configuration entry is still in use by some
1031 * local clients, cannot delete it--mark it so
1032 * that it will be deleted when the last client
1035 if (CONF_CLIENT == (tmp2->status & CONF_CLIENT))
1041 tmp2->status |= CONF_ILLEGAL;
1048 conf_erase_crule_list();
1049 conf_erase_deny_list();
1053 * delete the juped nicks list
1057 clear_quarantines();
1062 class_mark_delete();
1063 mark_listeners_closing();
1064 iauth_mark_closing();
1066 read_configuration_file();
1068 log_reopen(); /* reopen log files */
1070 iauth_close_unused();
1072 class_delete_marked(); /* unless it fails */
1075 * Flush out deleted I and P lines although still in use.
1077 for (tmp = &GlobalConfList; (tmp2 = *tmp);) {
1078 if (CONF_ILLEGAL == (tmp2->status & CONF_ILLEGAL)) {
1088 for (i = 0; i <= HighestFd; i++) {
1089 if ((acptr = LocalClientArray[i])) {
1090 assert(!IsMe(acptr));
1091 if (IsServer(acptr)) {
1092 det_confs_butmask(acptr,
1093 ~(CONF_HUB | CONF_LEAF | CONF_UWORLD | CONF_ILLEGAL));
1094 attach_confs_byname(acptr, cli_name(acptr),
1095 CONF_HUB | CONF_LEAF | CONF_UWORLD);
1097 /* Because admin's are getting so uppity about people managing to
1098 * get past K/G's etc, we'll "fix" the bug by actually explaining
1101 if ((found_g = find_kill(acptr))) {
1102 sendto_opmask_butone(0, found_g == -2 ? SNO_GLINE : SNO_OPERKILL,
1103 found_g == -2 ? "G-line active for %s%s" :
1104 "K-line active for %s%s",
1105 IsUnknown(acptr) ? "Unregistered Client ":"",
1106 get_client_name(acptr, SHOW_IP));
1107 if (exit_client(cptr, acptr, &me, found_g == -2 ? "G-lined" :
1108 "K-lined") == CPTR_KILLED)
1120 * Read configuration file.
1122 * returns 0, if file cannot be opened
1128 if (read_configuration_file()) {
1130 * make sure we're sane to start if the config
1131 * file read didn't get everything we need.
1132 * XXX - should any of these abort the server?
1133 * TODO: add warning messages
1135 if (0 == localConf.name || 0 == localConf.numeric)
1140 if (0 == localConf.location1)
1141 DupString(localConf.location1, "");
1142 if (0 == localConf.location2)
1143 DupString(localConf.location2, "");
1144 if (0 == localConf.contact)
1145 DupString(localConf.contact, "");
1157 * 0: Client may continue to try and connect
1158 * -1: Client was K/k:'d - sideeffect: reason was sent.
1159 * -2: Client was G/g:'d - sideeffect: reason was sent.
1161 * Client may have been sent a reason why they are denied, as above.
1163 int find_kill(struct Client *cptr)
1167 const char* realname;
1168 struct DenyConf* deny;
1169 struct Gline* agline = NULL;
1173 if (!cli_user(cptr))
1176 host = cli_sockhost(cptr);
1177 name = cli_user(cptr)->username;
1178 realname = cli_info(cptr);
1180 assert(strlen(host) <= HOSTLEN);
1181 assert((name ? strlen(name) : 0) <= HOSTLEN);
1182 assert((realname ? strlen(realname) : 0) <= REALLEN);
1184 /* 2000-07-14: Rewrote this loop for massive speed increases.
1187 for (deny = denyConfList; deny; deny = deny->next) {
1188 if (0 != match(deny->usermask, name))
1191 if (EmptyString(deny->hostmask))
1194 if (deny->flags & DENY_FLAGS_REALNAME) { /* K: by real name */
1195 if (0 == match(deny->hostmask + 2, realname))
1197 } else if (deny->flags & DENY_FLAGS_IP) { /* k: by IP */
1198 Debug((DEBUG_DEBUG, "ip: %08x network: %08x/%i mask: %08x",
1199 cli_ip(cptr).s_addr, deny->address, deny->bits, NETMASK(deny->bits)));
1200 if ((cli_ip(cptr).s_addr & NETMASK(deny->bits)) == deny->address)
1203 else if (0 == match(deny->hostmask, host))
1207 if (EmptyString(deny->message))
1208 send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP,
1209 ":Connection from your host is refused on this server.");
1211 if (deny->flags & DENY_FLAGS_FILE)
1212 killcomment(cptr, deny->message);
1214 send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, ":%s.", deny->message);
1217 else if ((agline = gline_lookup(cptr, 0))) {
1219 * find active glines
1220 * added a check against the user's IP address to find_gline() -Kev
1222 send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, ":%s.", GlineReason(agline));
1234 * Ordinary client access check. Look for conf lines which have the same
1235 * status as the flags passed.
1237 enum AuthorizationCheckResult conf_check_client(struct Client *cptr)
1239 enum AuthorizationCheckResult acr = ACR_OK;
1243 if ((acr = attach_iline(cptr))) {
1244 Debug((DEBUG_DNS, "ch_cl: access denied: %s[%s]",
1245 cli_name(cptr), cli_sockhost(cptr)));
1254 * Check access for a server given its name (passed in cptr struct).
1255 * Must check for all C/N lines which have a name which matches the
1256 * name given and a host which matches. A host alias which is the
1257 * same as the server name is also acceptable in the host field of a
1262 * -1 = Access denied
1265 int conf_check_server(struct Client *cptr)
1267 struct ConfItem* c_conf = NULL;
1270 Debug((DEBUG_DNS, "sv_cl: check access for %s[%s]",
1271 cli_name(cptr), cli_sockhost(cptr)));
1273 if (IsUnknown(cptr) && !attach_confs_byname(cptr, cli_name(cptr), CONF_SERVER)) {
1274 Debug((DEBUG_DNS, "No C/N lines for %s", cli_sockhost(cptr)));
1277 lp = cli_confs(cptr);
1279 * We initiated this connection so the client should have a C and N
1280 * line already attached after passing through the connect_server()
1283 if (IsConnecting(cptr) || IsHandshake(cptr)) {
1284 c_conf = find_conf_byname(lp, cli_name(cptr), CONF_SERVER);
1286 sendto_opmask_butone(0, SNO_OLDSNO, "Connect Error: lost C:line for %s",
1288 det_confs_butmask(cptr, 0);
1296 if (cli_dns_reply(cptr)) {
1298 struct hostent* hp = cli_dns_reply(cptr);
1299 const char* name = hp->h_name;
1301 * If we are missing a C or N line from above, search for
1302 * it under all known hostnames we have for this ip#.
1304 for (i = 0; name; name = hp->h_aliases[i++]) {
1305 if ((c_conf = find_conf_byhost(lp, name, CONF_SERVER))) {
1306 ircd_strncpy(cli_sockhost(cptr), name, HOSTLEN);
1311 for (i = 0; hp->h_addr_list[i]; i++) {
1312 if ((c_conf = find_conf_byip(lp, hp->h_addr_list[i], CONF_SERVER)))
1319 * Check for C lines with the hostname portion the ip number
1320 * of the host the server runs on. This also checks the case where
1321 * there is a server connecting from 'localhost'.
1323 c_conf = find_conf_byhost(lp, cli_sockhost(cptr), CONF_SERVER);
1327 * Attach by IP# only if all other checks have failed.
1328 * It is quite possible to get here with the strange things that can
1329 * happen when using DNS in the way the irc server does. -avalon
1332 c_conf = find_conf_byip(lp, (const char*) &(cli_ip(cptr)), CONF_SERVER);
1334 * detach all conf lines that got attached by attach_confs()
1336 det_confs_butmask(cptr, 0);
1338 * if no C or no N lines, then deny access
1341 Debug((DEBUG_DNS, "sv_cl: access denied: %s[%s@%s]",
1342 cli_name(cptr), cli_username(cptr), cli_sockhost(cptr)));
1345 ircd_strncpy(cli_name(cptr), c_conf->name, HOSTLEN);
1347 * attach the C and N lines to the client structure for later use.
1349 attach_conf(cptr, c_conf);
1350 attach_confs_byname(cptr, cli_name(cptr), CONF_HUB | CONF_LEAF | CONF_UWORLD);
1352 if (INADDR_NONE == c_conf->ipnum.s_addr)
1353 c_conf->ipnum.s_addr = cli_ip(cptr).s_addr;
1355 Debug((DEBUG_DNS, "sv_cl: access ok: %s[%s]",
1356 cli_name(cptr), cli_sockhost(cptr)));