mirror of
https://github.com/pissnet/angiosperm.git
synced 2024-11-14 03:14:49 +00:00
95898abbb1
Also, ignore a connect block that requests certfp authentication without setting the ssl flag, as it will then go on to fail anyway. Finally, correct an erroneous error message about class blocks.
2874 lines
72 KiB
C
2874 lines
72 KiB
C
/* This code is in the public domain.
|
|
*/
|
|
|
|
#include "stdinc.h"
|
|
|
|
#ifdef HAVE_LIBCRYPTO
|
|
#include <openssl/pem.h>
|
|
#include <openssl/rsa.h>
|
|
#endif
|
|
|
|
#include "newconf.h"
|
|
#include "ircd_defs.h"
|
|
#include "logger.h"
|
|
#include "s_conf.h"
|
|
#include "s_user.h"
|
|
#include "s_newconf.h"
|
|
#include "send.h"
|
|
#include "setup.h"
|
|
#include "modules.h"
|
|
#include "listener.h"
|
|
#include "hostmask.h"
|
|
#include "s_serv.h"
|
|
#include "hash.h"
|
|
#include "cache.h"
|
|
#include "ircd.h"
|
|
#include "snomask.h"
|
|
#include "sslproc.h"
|
|
#include "wsproc.h"
|
|
#include "privilege.h"
|
|
#include "chmode.h"
|
|
#include "certfp.h"
|
|
|
|
#define CF_TYPE(x) ((x) & CF_MTYPE)
|
|
|
|
static int yy_defer_accept = 1;
|
|
static int yy_wsock = 0;
|
|
|
|
struct TopConf *conf_cur_block;
|
|
static char *conf_cur_block_name = NULL;
|
|
|
|
static rb_dlink_list conf_items;
|
|
|
|
static struct ConfItem *yy_aconf = NULL;
|
|
|
|
static struct Class *yy_class = NULL;
|
|
|
|
static struct remote_conf *yy_shared = NULL;
|
|
static struct server_conf *yy_server = NULL;
|
|
|
|
static rb_dlink_list yy_aconf_list;
|
|
static rb_dlink_list yy_oper_list;
|
|
static rb_dlink_list yy_cluster_list;
|
|
static struct oper_conf *yy_oper = NULL;
|
|
|
|
static struct alias_entry *yy_alias = NULL;
|
|
|
|
static char *yy_dnsbl_entry_host = NULL;
|
|
static char *yy_dnsbl_entry_reason = NULL;
|
|
static uint8_t yy_dnsbl_entry_iptype = 0;
|
|
static rb_dlink_list yy_dnsbl_entry_filters = { NULL, NULL, 0 };
|
|
|
|
static char *yy_opm_address_ipv4 = NULL;
|
|
static char *yy_opm_address_ipv6 = NULL;
|
|
static uint16_t yy_opm_port_ipv4 = 0;
|
|
static uint16_t yy_opm_port_ipv6 = 0;
|
|
static int yy_opm_timeout = 0;
|
|
static rb_dlink_list yy_opm_scanner_list;
|
|
|
|
static char *yy_privset_extends = NULL;
|
|
|
|
static const char *
|
|
conf_strtype(int type)
|
|
{
|
|
switch (CF_TYPE(type))
|
|
{
|
|
case CF_INT:
|
|
return "integer value";
|
|
case CF_STRING:
|
|
return "unquoted string";
|
|
case CF_YESNO:
|
|
return "yes/no value";
|
|
case CF_QSTRING:
|
|
return "quoted string";
|
|
case CF_TIME:
|
|
return "time/size value";
|
|
default:
|
|
return "unknown type";
|
|
}
|
|
}
|
|
|
|
int
|
|
add_top_conf(const char *name, int (*sfunc) (struct TopConf *),
|
|
int (*efunc) (struct TopConf *), struct ConfEntry *items)
|
|
{
|
|
struct TopConf *tc;
|
|
|
|
tc = rb_malloc(sizeof(struct TopConf));
|
|
|
|
tc->tc_name = name;
|
|
tc->tc_sfunc = sfunc;
|
|
tc->tc_efunc = efunc;
|
|
tc->tc_entries = items;
|
|
|
|
rb_dlinkAddAlloc(tc, &conf_items);
|
|
return 0;
|
|
}
|
|
|
|
struct TopConf *
|
|
find_top_conf(const char *name)
|
|
{
|
|
rb_dlink_node *d;
|
|
struct TopConf *tc;
|
|
|
|
RB_DLINK_FOREACH(d, conf_items.head)
|
|
{
|
|
tc = d->data;
|
|
if(rb_strcasecmp(tc->tc_name, name) == 0)
|
|
return tc;
|
|
}
|
|
|
|
return NULL;
|
|
}
|
|
|
|
|
|
struct ConfEntry *
|
|
find_conf_item(const struct TopConf *top, const char *name)
|
|
{
|
|
struct ConfEntry *cf;
|
|
rb_dlink_node *d;
|
|
|
|
if(top->tc_entries)
|
|
{
|
|
int i;
|
|
|
|
for(i = 0; top->tc_entries[i].cf_type; i++)
|
|
{
|
|
cf = &top->tc_entries[i];
|
|
|
|
if(!rb_strcasecmp(cf->cf_name, name))
|
|
return cf;
|
|
}
|
|
}
|
|
|
|
RB_DLINK_FOREACH(d, top->tc_items.head)
|
|
{
|
|
cf = d->data;
|
|
if(rb_strcasecmp(cf->cf_name, name) == 0)
|
|
return cf;
|
|
}
|
|
|
|
return NULL;
|
|
}
|
|
|
|
int
|
|
remove_top_conf(char *name)
|
|
{
|
|
struct TopConf *tc;
|
|
rb_dlink_node *ptr;
|
|
|
|
if((tc = find_top_conf(name)) == NULL)
|
|
return -1;
|
|
|
|
if((ptr = rb_dlinkFind(tc, &conf_items)) == NULL)
|
|
return -1;
|
|
|
|
rb_dlinkDestroy(ptr, &conf_items);
|
|
rb_free(tc);
|
|
|
|
return 0;
|
|
}
|
|
|
|
static void
|
|
conf_set_serverinfo_name(void *data)
|
|
{
|
|
if(ServerInfo.name == NULL)
|
|
{
|
|
const char *s;
|
|
int dots = 0;
|
|
|
|
for(s = data; *s != '\0'; s++)
|
|
{
|
|
if(!IsServChar(*s))
|
|
{
|
|
conf_report_error("Ignoring serverinfo::name "
|
|
"-- bogus servername.");
|
|
return;
|
|
}
|
|
else if(*s == '.')
|
|
++dots;
|
|
}
|
|
|
|
if(!dots)
|
|
{
|
|
conf_report_error("Ignoring serverinfo::name -- must contain '.'");
|
|
return;
|
|
}
|
|
|
|
s = data;
|
|
|
|
if(IsDigit(*s))
|
|
{
|
|
conf_report_error("Ignoring serverinfo::name -- cannot begin with digit.");
|
|
return;
|
|
}
|
|
|
|
/* the ircd will exit() in main() if we dont set one */
|
|
if(strlen(s) <= HOSTLEN)
|
|
ServerInfo.name = rb_strdup((char *) data);
|
|
}
|
|
}
|
|
|
|
static void
|
|
conf_set_serverinfo_sid(void *data)
|
|
{
|
|
char *sid = data;
|
|
|
|
if(ServerInfo.sid[0] == '\0')
|
|
{
|
|
if(!IsDigit(sid[0]) || !IsIdChar(sid[1]) ||
|
|
!IsIdChar(sid[2]) || sid[3] != '\0')
|
|
{
|
|
conf_report_error("Ignoring serverinfo::sid "
|
|
"-- bogus sid.");
|
|
return;
|
|
}
|
|
|
|
rb_strlcpy(ServerInfo.sid, sid, sizeof(ServerInfo.sid));
|
|
}
|
|
}
|
|
|
|
static void
|
|
conf_set_serverinfo_network_name(void *data)
|
|
{
|
|
char *p;
|
|
|
|
if((p = strchr((char *) data, ' ')))
|
|
*p = '\0';
|
|
|
|
rb_free(ServerInfo.network_name);
|
|
ServerInfo.network_name = rb_strdup((char *) data);
|
|
}
|
|
|
|
static void
|
|
conf_set_serverinfo_vhost(void *data)
|
|
{
|
|
struct rb_sockaddr_storage addr;
|
|
|
|
if(rb_inet_pton_sock(data, &addr) <= 0 || GET_SS_FAMILY(&addr) != AF_INET)
|
|
{
|
|
conf_report_error("Invalid IPv4 address for server vhost (%s)", (char *) data);
|
|
return;
|
|
}
|
|
|
|
ServerInfo.bind4 = addr;
|
|
}
|
|
|
|
static void
|
|
conf_set_serverinfo_vhost6(void *data)
|
|
{
|
|
|
|
struct rb_sockaddr_storage addr;
|
|
|
|
if(rb_inet_pton_sock(data, &addr) <= 0 || GET_SS_FAMILY(&addr) != AF_INET6)
|
|
{
|
|
conf_report_error("Invalid IPv6 address for server vhost (%s)", (char *) data);
|
|
return;
|
|
}
|
|
|
|
ServerInfo.bind6 = addr;
|
|
}
|
|
|
|
static void
|
|
conf_set_serverinfo_nicklen(void *data)
|
|
{
|
|
ConfigFileEntry.nicklen = (*(unsigned int *) data) + 1;
|
|
|
|
if (ConfigFileEntry.nicklen > NICKLEN)
|
|
{
|
|
conf_report_error("Warning -- ignoring serverinfo::nicklen -- provided nicklen (%u) is greater than allowed nicklen (%u)",
|
|
ConfigFileEntry.nicklen - 1, NICKLEN - 1);
|
|
ConfigFileEntry.nicklen = NICKLEN;
|
|
}
|
|
else if (ConfigFileEntry.nicklen < 9 + 1)
|
|
{
|
|
conf_report_error("Warning -- serverinfo::nicklen is too low (%u) -- forcing 9",
|
|
ConfigFileEntry.nicklen - 1);
|
|
ConfigFileEntry.nicklen = 9 + 1;
|
|
}
|
|
}
|
|
|
|
static void
|
|
conf_set_modules_module(void *data)
|
|
{
|
|
char *m_bn;
|
|
|
|
m_bn = rb_basename((char *) data);
|
|
|
|
if(findmodule_byname(m_bn) == NULL)
|
|
load_one_module((char *) data, MAPI_ORIGIN_EXTENSION, false);
|
|
|
|
rb_free(m_bn);
|
|
}
|
|
|
|
static void
|
|
conf_set_modules_path(void *data)
|
|
{
|
|
mod_add_path((char *) data);
|
|
}
|
|
|
|
struct mode_table
|
|
{
|
|
const char *name;
|
|
int mode;
|
|
};
|
|
|
|
/* *INDENT-OFF* */
|
|
static struct mode_table umode_table[] = {
|
|
{"deaf", UMODE_DEAF },
|
|
{"invisible", UMODE_INVISIBLE },
|
|
{"locops", UMODE_LOCOPS },
|
|
{"noforward", UMODE_NOFORWARD },
|
|
{"servnotice", UMODE_SERVNOTICE},
|
|
{"wallop", UMODE_WALLOP },
|
|
{"operwall", UMODE_OPERWALL },
|
|
{NULL, 0}
|
|
};
|
|
|
|
static struct mode_table oper_table[] = {
|
|
{"encrypted", OPER_ENCRYPTED },
|
|
{"need_ssl", OPER_NEEDSSL },
|
|
{NULL, 0}
|
|
};
|
|
|
|
static struct mode_table auth_table[] = {
|
|
{"encrypted", CONF_FLAGS_ENCRYPTED },
|
|
{"spoof_notice", CONF_FLAGS_SPOOF_NOTICE },
|
|
{"exceed_limit", CONF_FLAGS_NOLIMIT },
|
|
{"dnsbl_exempt", CONF_FLAGS_EXEMPTDNSBL },
|
|
{"proxy_exempt", CONF_FLAGS_EXEMPTPROXY },
|
|
{"kline_exempt", CONF_FLAGS_EXEMPTKLINE },
|
|
{"flood_exempt", CONF_FLAGS_EXEMPTFLOOD },
|
|
{"spambot_exempt", CONF_FLAGS_EXEMPTSPAMBOT },
|
|
{"shide_exempt", CONF_FLAGS_EXEMPTSHIDE },
|
|
{"jupe_exempt", CONF_FLAGS_EXEMPTJUPE },
|
|
{"resv_exempt", CONF_FLAGS_EXEMPTRESV },
|
|
{"no_tilde", CONF_FLAGS_NO_TILDE },
|
|
{"need_ident", CONF_FLAGS_NEED_IDENTD },
|
|
{"have_ident", CONF_FLAGS_NEED_IDENTD },
|
|
{"need_ssl", CONF_FLAGS_NEED_SSL },
|
|
{"need_sasl", CONF_FLAGS_NEED_SASL },
|
|
{"extend_chans", CONF_FLAGS_EXTEND_CHANS },
|
|
{"allow_sctp", CONF_FLAGS_ALLOW_SCTP },
|
|
{"kline_spoof_ip", CONF_FLAGS_KLINE_SPOOF },
|
|
{NULL, 0}
|
|
};
|
|
|
|
static struct mode_table connect_table[] = {
|
|
{ "autoconn", SERVER_AUTOCONN },
|
|
{ "compressed", 0 },
|
|
{ "encrypted", SERVER_ENCRYPTED },
|
|
{ "topicburst", SERVER_TB },
|
|
{ "sctp", SERVER_SCTP },
|
|
{ "ssl", SERVER_SSL },
|
|
{ "no-export", SERVER_NO_EXPORT },
|
|
{ NULL, 0 },
|
|
};
|
|
|
|
static struct mode_table cluster_table[] = {
|
|
{ "kline", SHARED_PKLINE },
|
|
{ "tkline", SHARED_TKLINE },
|
|
{ "unkline", SHARED_UNKLINE },
|
|
{ "locops", SHARED_LOCOPS },
|
|
{ "xline", SHARED_PXLINE },
|
|
{ "txline", SHARED_TXLINE },
|
|
{ "unxline", SHARED_UNXLINE },
|
|
{ "resv", SHARED_PRESV },
|
|
{ "tresv", SHARED_TRESV },
|
|
{ "unresv", SHARED_UNRESV },
|
|
{ "all", CLUSTER_ALL },
|
|
{NULL, 0}
|
|
};
|
|
/* *INDENT-ON* */
|
|
|
|
static int
|
|
find_umode(struct mode_table *tab, const char *name)
|
|
{
|
|
int i;
|
|
|
|
for (i = 0; tab[i].name; i++)
|
|
{
|
|
if(strcmp(tab[i].name, name) == 0)
|
|
return tab[i].mode;
|
|
}
|
|
|
|
return -1;
|
|
}
|
|
|
|
static void
|
|
set_modes_from_table(int *modes, const char *whatis, struct mode_table *tab, conf_parm_t * args)
|
|
{
|
|
for (; args; args = args->next)
|
|
{
|
|
const char *umode;
|
|
int dir = 1;
|
|
int mode;
|
|
|
|
if(CF_TYPE(args->type) != CF_STRING)
|
|
{
|
|
conf_report_error("Warning -- %s is not a string; ignoring.", whatis);
|
|
continue;
|
|
}
|
|
|
|
umode = args->v.string;
|
|
|
|
if(*umode == '~')
|
|
{
|
|
dir = 0;
|
|
umode++;
|
|
}
|
|
|
|
mode = find_umode(tab, umode);
|
|
|
|
if(mode == -1)
|
|
{
|
|
conf_report_error("Warning -- unknown %s %s.", whatis, args->v.string);
|
|
continue;
|
|
}
|
|
|
|
if(mode)
|
|
{
|
|
if(dir)
|
|
*modes |= mode;
|
|
else
|
|
*modes &= ~mode;
|
|
}
|
|
else
|
|
*modes = 0;
|
|
}
|
|
}
|
|
|
|
static void
|
|
parse_umodes(const char *pm, int *values, int *mask)
|
|
{
|
|
int what = MODE_ADD, flag;
|
|
|
|
*values = 0;
|
|
|
|
if (NULL != mask)
|
|
*mask = 0;
|
|
|
|
for (; *pm; pm++)
|
|
{
|
|
switch (*pm)
|
|
{
|
|
case '+':
|
|
what = MODE_ADD;
|
|
break;
|
|
case '-':
|
|
what = MODE_DEL;
|
|
break;
|
|
|
|
/* don't allow +o */
|
|
case 'o':
|
|
case 'S':
|
|
case 'Z':
|
|
case ' ':
|
|
break;
|
|
|
|
default:
|
|
flag = user_modes[(unsigned char) *pm];
|
|
if (flag)
|
|
{
|
|
/* Proper value has probably not yet been set
|
|
* so don't check oper_only_umodes -- jilles */
|
|
if (what == MODE_ADD)
|
|
*values |= flag;
|
|
else
|
|
*values &= ~flag;
|
|
|
|
if (NULL != mask)
|
|
*mask |= flag;
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
static void
|
|
conf_set_privset_extends(void *data)
|
|
{
|
|
yy_privset_extends = rb_strdup((char *) data);
|
|
}
|
|
|
|
static void
|
|
conf_set_privset_privs(void *data)
|
|
{
|
|
char *privs = NULL;
|
|
conf_parm_t *args = data;
|
|
|
|
for (; args; args = args->next)
|
|
{
|
|
if (privs == NULL)
|
|
privs = rb_strdup(args->v.string);
|
|
else
|
|
{
|
|
char *privs_old = privs;
|
|
|
|
privs = rb_malloc(strlen(privs_old) + 1 + strlen(args->v.string) + 1);
|
|
strcpy(privs, privs_old);
|
|
strcat(privs, " ");
|
|
strcat(privs, args->v.string);
|
|
|
|
rb_free(privs_old);
|
|
}
|
|
}
|
|
|
|
if (privs)
|
|
{
|
|
if (yy_privset_extends)
|
|
{
|
|
struct PrivilegeSet *set = privilegeset_get(yy_privset_extends);
|
|
|
|
if (!set)
|
|
{
|
|
conf_report_error("Warning -- unknown parent privilege set %s for %s; assuming defaults", yy_privset_extends, conf_cur_block_name);
|
|
|
|
set = privilegeset_get("default");
|
|
}
|
|
|
|
privilegeset_extend(set, conf_cur_block_name != NULL ? conf_cur_block_name : "<unknown>", privs, 0);
|
|
|
|
rb_free(yy_privset_extends);
|
|
yy_privset_extends = NULL;
|
|
}
|
|
else
|
|
privilegeset_set_new(conf_cur_block_name != NULL ? conf_cur_block_name : "<unknown>", privs, 0);
|
|
|
|
rb_free(privs);
|
|
}
|
|
}
|
|
|
|
static int
|
|
conf_begin_oper(struct TopConf *tc)
|
|
{
|
|
rb_dlink_node *ptr;
|
|
rb_dlink_node *next_ptr;
|
|
|
|
if(yy_oper != NULL)
|
|
{
|
|
free_oper_conf(yy_oper);
|
|
yy_oper = NULL;
|
|
}
|
|
|
|
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_oper_list.head)
|
|
{
|
|
free_oper_conf(ptr->data);
|
|
rb_dlinkDestroy(ptr, &yy_oper_list);
|
|
}
|
|
|
|
yy_oper = make_oper_conf();
|
|
yy_oper->flags |= OPER_ENCRYPTED;
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int
|
|
conf_end_oper(struct TopConf *tc)
|
|
{
|
|
struct oper_conf *yy_tmpoper;
|
|
rb_dlink_node *ptr;
|
|
rb_dlink_node *next_ptr;
|
|
|
|
if(conf_cur_block_name != NULL)
|
|
{
|
|
if(strlen(conf_cur_block_name) > OPERNICKLEN)
|
|
conf_cur_block_name[OPERNICKLEN] = '\0';
|
|
|
|
yy_oper->name = rb_strdup(conf_cur_block_name);
|
|
}
|
|
|
|
if(EmptyString(yy_oper->name))
|
|
{
|
|
conf_report_error("Ignoring operator block -- missing name.");
|
|
return 0;
|
|
}
|
|
|
|
#ifdef HAVE_LIBCRYPTO
|
|
if(EmptyString(yy_oper->passwd) && EmptyString(yy_oper->rsa_pubkey_file))
|
|
#else
|
|
if(EmptyString(yy_oper->passwd))
|
|
#endif
|
|
{
|
|
conf_report_error("Ignoring operator block for %s -- missing password",
|
|
yy_oper->name);
|
|
return 0;
|
|
}
|
|
|
|
|
|
if (!yy_oper->privset)
|
|
yy_oper->privset = privilegeset_get("default");
|
|
|
|
/* now, yy_oper_list contains a stack of oper_conf's with just user
|
|
* and host in, yy_oper contains the rest of the information which
|
|
* we need to copy into each element in yy_oper_list
|
|
*/
|
|
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_oper_list.head)
|
|
{
|
|
yy_tmpoper = ptr->data;
|
|
|
|
yy_tmpoper->name = rb_strdup(yy_oper->name);
|
|
|
|
/* could be an rsa key instead.. */
|
|
if(!EmptyString(yy_oper->passwd))
|
|
yy_tmpoper->passwd = rb_strdup(yy_oper->passwd);
|
|
|
|
yy_tmpoper->flags = yy_oper->flags;
|
|
yy_tmpoper->umodes = yy_oper->umodes;
|
|
yy_tmpoper->snomask = yy_oper->snomask;
|
|
yy_tmpoper->privset = yy_oper->privset;
|
|
|
|
#ifdef HAVE_LIBCRYPTO
|
|
if(yy_oper->rsa_pubkey_file)
|
|
{
|
|
BIO *file;
|
|
|
|
if((file = BIO_new_file(yy_oper->rsa_pubkey_file, "r")) == NULL)
|
|
{
|
|
conf_report_error("Ignoring operator block for %s -- "
|
|
"rsa_public_key_file cant be opened",
|
|
yy_tmpoper->name);
|
|
return 0;
|
|
}
|
|
|
|
yy_tmpoper->rsa_pubkey =
|
|
(RSA *) PEM_read_bio_RSA_PUBKEY(file, NULL, 0, NULL);
|
|
|
|
(void)BIO_set_close(file, BIO_CLOSE);
|
|
BIO_free(file);
|
|
|
|
if(yy_tmpoper->rsa_pubkey == NULL)
|
|
{
|
|
conf_report_error("Ignoring operator block for %s -- "
|
|
"rsa_public_key_file key invalid; check syntax",
|
|
yy_tmpoper->name);
|
|
return 0;
|
|
}
|
|
}
|
|
|
|
if(!EmptyString(yy_oper->certfp))
|
|
yy_tmpoper->certfp = rb_strdup(yy_oper->certfp);
|
|
#endif
|
|
|
|
/* all is ok, put it on oper_conf_list */
|
|
rb_dlinkMoveNode(ptr, &yy_oper_list, &oper_conf_list);
|
|
}
|
|
|
|
free_oper_conf(yy_oper);
|
|
yy_oper = NULL;
|
|
|
|
return 0;
|
|
}
|
|
|
|
static void
|
|
conf_set_oper_flags(void *data)
|
|
{
|
|
conf_parm_t *args = data;
|
|
|
|
set_modes_from_table(&yy_oper->flags, "flag", oper_table, args);
|
|
}
|
|
|
|
static void
|
|
conf_set_oper_fingerprint(void *data)
|
|
{
|
|
if (yy_oper->certfp)
|
|
rb_free(yy_oper->certfp);
|
|
yy_oper->certfp = rb_strdup((char *) data);
|
|
}
|
|
|
|
static void
|
|
conf_set_oper_privset(void *data)
|
|
{
|
|
yy_oper->privset = privilegeset_get((char *) data);
|
|
}
|
|
|
|
static void
|
|
conf_set_oper_user(void *data)
|
|
{
|
|
struct oper_conf *yy_tmpoper;
|
|
char *p;
|
|
char *host = (char *) data;
|
|
|
|
yy_tmpoper = make_oper_conf();
|
|
|
|
if((p = strchr(host, '@')))
|
|
{
|
|
*p++ = '\0';
|
|
|
|
yy_tmpoper->username = rb_strdup(host);
|
|
yy_tmpoper->host = rb_strdup(p);
|
|
}
|
|
else
|
|
{
|
|
|
|
yy_tmpoper->username = rb_strdup("*");
|
|
yy_tmpoper->host = rb_strdup(host);
|
|
}
|
|
|
|
if(EmptyString(yy_tmpoper->username) || EmptyString(yy_tmpoper->host))
|
|
{
|
|
conf_report_error("Ignoring user -- missing username/host");
|
|
free_oper_conf(yy_tmpoper);
|
|
return;
|
|
}
|
|
|
|
rb_dlinkAddAlloc(yy_tmpoper, &yy_oper_list);
|
|
}
|
|
|
|
static void
|
|
conf_set_oper_password(void *data)
|
|
{
|
|
if(yy_oper->passwd)
|
|
{
|
|
memset(yy_oper->passwd, 0, strlen(yy_oper->passwd));
|
|
rb_free(yy_oper->passwd);
|
|
}
|
|
|
|
yy_oper->passwd = rb_strdup((char *) data);
|
|
}
|
|
|
|
static void
|
|
conf_set_oper_rsa_public_key_file(void *data)
|
|
{
|
|
#ifdef HAVE_LIBCRYPTO
|
|
rb_free(yy_oper->rsa_pubkey_file);
|
|
yy_oper->rsa_pubkey_file = rb_strdup((char *) data);
|
|
#else
|
|
conf_report_error("Warning -- ignoring rsa_public_key_file (OpenSSL support not available");
|
|
#endif
|
|
}
|
|
|
|
static void
|
|
conf_set_oper_umodes(void *data)
|
|
{
|
|
set_modes_from_table(&yy_oper->umodes, "umode", umode_table, data);
|
|
}
|
|
|
|
static void
|
|
conf_set_oper_snomask(void *data)
|
|
{
|
|
yy_oper->snomask = parse_snobuf_to_mask(0, (const char *) data);
|
|
}
|
|
|
|
static int
|
|
conf_begin_class(struct TopConf *tc)
|
|
{
|
|
if(yy_class)
|
|
free_class(yy_class);
|
|
|
|
yy_class = make_class();
|
|
return 0;
|
|
}
|
|
|
|
static int
|
|
conf_end_class(struct TopConf *tc)
|
|
{
|
|
if(conf_cur_block_name != NULL)
|
|
yy_class->class_name = rb_strdup(conf_cur_block_name);
|
|
|
|
if(EmptyString(yy_class->class_name))
|
|
{
|
|
conf_report_error("Ignoring class block -- missing name.");
|
|
return 0;
|
|
}
|
|
|
|
add_class(yy_class);
|
|
yy_class = NULL;
|
|
return 0;
|
|
}
|
|
|
|
static void
|
|
conf_set_class_ping_time(void *data)
|
|
{
|
|
yy_class->ping_freq = *(unsigned int *) data;
|
|
}
|
|
|
|
static void
|
|
conf_set_class_cidr_ipv4_bitlen(void *data)
|
|
{
|
|
unsigned int maxsize = 32;
|
|
if(*(unsigned int *) data > maxsize)
|
|
conf_report_error
|
|
("class::cidr_ipv4_bitlen argument exceeds maxsize (%d > %d) - ignoring.",
|
|
*(unsigned int *) data, maxsize);
|
|
else
|
|
yy_class->cidr_ipv4_bitlen = *(unsigned int *) data;
|
|
|
|
}
|
|
|
|
static void
|
|
conf_set_class_cidr_ipv6_bitlen(void *data)
|
|
{
|
|
unsigned int maxsize = 128;
|
|
if(*(unsigned int *) data > maxsize)
|
|
conf_report_error
|
|
("class::cidr_ipv6_bitlen argument exceeds maxsize (%d > %d) - ignoring.",
|
|
*(unsigned int *) data, maxsize);
|
|
else
|
|
yy_class->cidr_ipv6_bitlen = *(unsigned int *) data;
|
|
|
|
}
|
|
|
|
static void
|
|
conf_set_class_number_per_cidr(void *data)
|
|
{
|
|
yy_class->cidr_amount = *(unsigned int *) data;
|
|
}
|
|
|
|
static void
|
|
conf_set_class_number_per_ip(void *data)
|
|
{
|
|
yy_class->max_local = *(unsigned int *) data;
|
|
}
|
|
|
|
|
|
static void
|
|
conf_set_class_number_per_ip_global(void *data)
|
|
{
|
|
yy_class->max_global = *(unsigned int *) data;
|
|
}
|
|
|
|
static void
|
|
conf_set_class_number_per_ident(void *data)
|
|
{
|
|
yy_class->max_ident = *(unsigned int *) data;
|
|
}
|
|
|
|
static void
|
|
conf_set_class_connectfreq(void *data)
|
|
{
|
|
yy_class->con_freq = *(unsigned int *) data;
|
|
}
|
|
|
|
static void
|
|
conf_set_class_max_number(void *data)
|
|
{
|
|
yy_class->max_total = *(unsigned int *) data;
|
|
}
|
|
|
|
static void
|
|
conf_set_class_max_autoconn(void *data)
|
|
{
|
|
yy_class->max_autoconn = *(unsigned int *) data;
|
|
}
|
|
|
|
static void
|
|
conf_set_class_sendq(void *data)
|
|
{
|
|
yy_class->max_sendq = *(unsigned int *) data;
|
|
}
|
|
|
|
static char *listener_address[2];
|
|
|
|
static int
|
|
conf_begin_listen(struct TopConf *tc)
|
|
{
|
|
for (int i = 0; i < ARRAY_SIZE(listener_address); i++) {
|
|
rb_free(listener_address[i]);
|
|
listener_address[i] = NULL;
|
|
}
|
|
yy_wsock = 0;
|
|
yy_defer_accept = 0;
|
|
return 0;
|
|
}
|
|
|
|
static int
|
|
conf_end_listen(struct TopConf *tc)
|
|
{
|
|
for (int i = 0; i < ARRAY_SIZE(listener_address); i++) {
|
|
rb_free(listener_address[i]);
|
|
listener_address[i] = NULL;
|
|
}
|
|
yy_wsock = 0;
|
|
yy_defer_accept = 0;
|
|
return 0;
|
|
}
|
|
|
|
static void
|
|
conf_set_listen_defer_accept(void *data)
|
|
{
|
|
yy_defer_accept = *(unsigned int *) data;
|
|
}
|
|
|
|
static void
|
|
conf_set_listen_wsock(void *data)
|
|
{
|
|
yy_wsock = *(unsigned int *) data;
|
|
}
|
|
|
|
static void
|
|
conf_set_listen_port_both(void *data, int ssl, int sctp)
|
|
{
|
|
conf_parm_t *args = data;
|
|
for (; args; args = args->next)
|
|
{
|
|
if(CF_TYPE(args->type) != CF_INT)
|
|
{
|
|
conf_report_error("listener::port argument is not an integer -- ignoring.");
|
|
continue;
|
|
}
|
|
if(listener_address[0] == NULL)
|
|
{
|
|
if (sctp) {
|
|
conf_report_error("listener::sctp_port has no addresses -- ignoring.");
|
|
} else {
|
|
add_tcp_listener(args->v.number, NULL, AF_INET, ssl, ssl || yy_defer_accept, yy_wsock);
|
|
add_tcp_listener(args->v.number, NULL, AF_INET6, ssl, ssl || yy_defer_accept, yy_wsock);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
int family;
|
|
if(strchr(listener_address[0], ':') != NULL)
|
|
family = AF_INET6;
|
|
else
|
|
family = AF_INET;
|
|
|
|
if (sctp) {
|
|
#ifdef HAVE_LIBSCTP
|
|
add_sctp_listener(args->v.number, listener_address[0], listener_address[1], ssl, yy_wsock);
|
|
#else
|
|
conf_report_error("Warning -- ignoring listener::sctp_port -- SCTP support not available.");
|
|
#endif
|
|
} else {
|
|
add_tcp_listener(args->v.number, listener_address[0], family, ssl, ssl || yy_defer_accept, yy_wsock);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
static void
|
|
conf_set_listen_port(void *data)
|
|
{
|
|
conf_set_listen_port_both(data, 0, 0);
|
|
}
|
|
|
|
static void
|
|
conf_set_listen_sslport(void *data)
|
|
{
|
|
conf_set_listen_port_both(data, 1, 0 );
|
|
}
|
|
|
|
static void
|
|
conf_set_listen_sctp_port(void *data)
|
|
{
|
|
conf_set_listen_port_both(data, 0, 1);
|
|
}
|
|
|
|
static void
|
|
conf_set_listen_sctp_sslport(void *data)
|
|
{
|
|
conf_set_listen_port_both(data, 1, 1);
|
|
}
|
|
|
|
static void
|
|
conf_set_listen_address(void *data)
|
|
{
|
|
rb_free(listener_address[1]);
|
|
listener_address[1] = listener_address[0];
|
|
listener_address[0] = rb_strdup(data);
|
|
}
|
|
|
|
static int
|
|
conf_begin_auth(struct TopConf *tc)
|
|
{
|
|
rb_dlink_node *ptr;
|
|
rb_dlink_node *next_ptr;
|
|
|
|
if(yy_aconf)
|
|
free_conf(yy_aconf);
|
|
|
|
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_aconf_list.head)
|
|
{
|
|
free_conf(ptr->data);
|
|
rb_dlinkDestroy(ptr, &yy_aconf_list);
|
|
}
|
|
|
|
yy_aconf = make_conf();
|
|
yy_aconf->status = CONF_CLIENT;
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int
|
|
conf_end_auth(struct TopConf *tc)
|
|
{
|
|
struct ConfItem *yy_tmp, *found_conf;
|
|
rb_dlink_node *ptr;
|
|
rb_dlink_node *next_ptr;
|
|
|
|
if(EmptyString(yy_aconf->info.name))
|
|
yy_aconf->info.name = rb_strdup("NOMATCH");
|
|
|
|
/* didnt even get one ->host? */
|
|
if(EmptyString(yy_aconf->host))
|
|
{
|
|
conf_report_error("Ignoring auth block -- missing user@host");
|
|
return 0;
|
|
}
|
|
|
|
/* so the stacking works in order.. */
|
|
collapse(yy_aconf->user);
|
|
collapse(yy_aconf->host);
|
|
conf_add_class_to_conf(yy_aconf);
|
|
if ((found_conf = find_exact_conf_by_address("*", CONF_CLIENT, "*")) && found_conf->spasswd == NULL)
|
|
conf_report_error("Ignoring redundant auth block (after *@*)");
|
|
else if ((found_conf = find_exact_conf_by_address(yy_aconf->host, CONF_CLIENT, yy_aconf->user)) &&
|
|
(!found_conf->spasswd || (yy_aconf->spasswd &&
|
|
0 == irccmp(found_conf->spasswd, yy_aconf->spasswd))))
|
|
conf_report_error("Ignoring duplicate auth block for %s@%s",
|
|
yy_aconf->user, yy_aconf->host);
|
|
else
|
|
add_conf_by_address(yy_aconf->host, CONF_CLIENT, yy_aconf->user, yy_aconf->spasswd, yy_aconf);
|
|
|
|
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_aconf_list.head)
|
|
{
|
|
yy_tmp = ptr->data;
|
|
|
|
if(yy_aconf->passwd)
|
|
yy_tmp->passwd = rb_strdup(yy_aconf->passwd);
|
|
|
|
if(yy_aconf->spasswd)
|
|
yy_tmp->spasswd = rb_strdup(yy_aconf->spasswd);
|
|
|
|
/* this will always exist.. */
|
|
yy_tmp->info.name = rb_strdup(yy_aconf->info.name);
|
|
|
|
if(yy_aconf->className)
|
|
yy_tmp->className = rb_strdup(yy_aconf->className);
|
|
|
|
yy_tmp->flags = yy_aconf->flags;
|
|
yy_tmp->port = yy_aconf->port;
|
|
|
|
collapse(yy_tmp->user);
|
|
collapse(yy_tmp->host);
|
|
|
|
conf_add_class_to_conf(yy_tmp);
|
|
|
|
if ((found_conf = find_exact_conf_by_address("*", CONF_CLIENT, "*")) && found_conf->spasswd == NULL)
|
|
conf_report_error("Ignoring redundant auth block (after *@*)");
|
|
else if ((found_conf = find_exact_conf_by_address(yy_tmp->host, CONF_CLIENT, yy_tmp->user)) &&
|
|
(!found_conf->spasswd || (yy_tmp->spasswd &&
|
|
0 == irccmp(found_conf->spasswd, yy_tmp->spasswd))))
|
|
conf_report_error("Ignoring duplicate auth block for %s@%s",
|
|
yy_tmp->user, yy_tmp->host);
|
|
else
|
|
add_conf_by_address(yy_tmp->host, CONF_CLIENT, yy_tmp->user, yy_tmp->spasswd, yy_tmp);
|
|
rb_dlinkDestroy(ptr, &yy_aconf_list);
|
|
}
|
|
|
|
yy_aconf = NULL;
|
|
return 0;
|
|
}
|
|
|
|
static void
|
|
conf_set_auth_user(void *data)
|
|
{
|
|
struct ConfItem *yy_tmp;
|
|
char *p;
|
|
|
|
/* The first user= line doesn't allocate a new conf */
|
|
if(!EmptyString(yy_aconf->host))
|
|
{
|
|
yy_tmp = make_conf();
|
|
yy_tmp->status = CONF_CLIENT;
|
|
}
|
|
else
|
|
yy_tmp = yy_aconf;
|
|
|
|
if((p = strchr(data, '@')))
|
|
{
|
|
*p++ = '\0';
|
|
|
|
yy_tmp->user = rb_strdup(data);
|
|
yy_tmp->host = rb_strdup(p);
|
|
}
|
|
else
|
|
{
|
|
yy_tmp->user = rb_strdup("*");
|
|
yy_tmp->host = rb_strdup(data);
|
|
}
|
|
|
|
if(yy_aconf != yy_tmp)
|
|
rb_dlinkAddAlloc(yy_tmp, &yy_aconf_list);
|
|
}
|
|
|
|
static void
|
|
conf_set_auth_auth_user(void *data)
|
|
{
|
|
if(yy_aconf->spasswd)
|
|
memset(yy_aconf->spasswd, 0, strlen(yy_aconf->spasswd));
|
|
rb_free(yy_aconf->spasswd);
|
|
yy_aconf->spasswd = rb_strdup(data);
|
|
}
|
|
|
|
static void
|
|
conf_set_auth_passwd(void *data)
|
|
{
|
|
if(yy_aconf->passwd)
|
|
memset(yy_aconf->passwd, 0, strlen(yy_aconf->passwd));
|
|
rb_free(yy_aconf->passwd);
|
|
yy_aconf->passwd = rb_strdup(data);
|
|
}
|
|
|
|
static void
|
|
conf_set_auth_spoof(void *data)
|
|
{
|
|
char *p;
|
|
char *user = NULL;
|
|
char *host = NULL;
|
|
|
|
host = data;
|
|
|
|
/* user@host spoof */
|
|
if((p = strchr(host, '@')) != NULL)
|
|
{
|
|
*p = '\0';
|
|
user = data;
|
|
host = p+1;
|
|
|
|
if(EmptyString(user))
|
|
{
|
|
conf_report_error("Warning -- spoof ident empty.");
|
|
return;
|
|
}
|
|
|
|
if(strlen(user) > USERLEN)
|
|
{
|
|
conf_report_error("Warning -- spoof ident length invalid.");
|
|
return;
|
|
}
|
|
|
|
if(!valid_username(user))
|
|
{
|
|
conf_report_error("Warning -- invalid spoof (ident).");
|
|
return;
|
|
}
|
|
|
|
/* this must be restored! */
|
|
*p = '@';
|
|
}
|
|
|
|
if(EmptyString(host))
|
|
{
|
|
conf_report_error("Warning -- spoof host empty.");
|
|
return;
|
|
}
|
|
|
|
if(strlen(host) > HOSTLEN)
|
|
{
|
|
conf_report_error("Warning -- spoof host length invalid.");
|
|
return;
|
|
}
|
|
|
|
if(!valid_hostname(host))
|
|
{
|
|
conf_report_error("Warning -- invalid spoof (host).");
|
|
return;
|
|
}
|
|
|
|
rb_free(yy_aconf->info.name);
|
|
yy_aconf->info.name = rb_strdup(data);
|
|
yy_aconf->flags |= CONF_FLAGS_SPOOF_IP;
|
|
}
|
|
|
|
static void
|
|
conf_set_auth_flags(void *data)
|
|
{
|
|
conf_parm_t *args = data;
|
|
|
|
set_modes_from_table((int *) &yy_aconf->flags, "flag", auth_table, args);
|
|
}
|
|
|
|
static void
|
|
conf_set_auth_redir_serv(void *data)
|
|
{
|
|
yy_aconf->flags |= CONF_FLAGS_REDIR;
|
|
rb_free(yy_aconf->info.name);
|
|
yy_aconf->info.name = rb_strdup(data);
|
|
}
|
|
|
|
static void
|
|
conf_set_auth_redir_port(void *data)
|
|
{
|
|
int port = *(unsigned int *) data;
|
|
|
|
yy_aconf->flags |= CONF_FLAGS_REDIR;
|
|
yy_aconf->port = port;
|
|
}
|
|
|
|
static void
|
|
conf_set_auth_class(void *data)
|
|
{
|
|
rb_free(yy_aconf->className);
|
|
yy_aconf->className = rb_strdup(data);
|
|
}
|
|
|
|
static void
|
|
conf_set_auth_umodes(void *data)
|
|
{
|
|
char *umodes = data;
|
|
|
|
parse_umodes(umodes, &yy_aconf->umodes, &yy_aconf->umodes_mask);
|
|
}
|
|
|
|
static int
|
|
conf_begin_connect(struct TopConf *tc)
|
|
{
|
|
if(yy_server)
|
|
free_server_conf(yy_server);
|
|
|
|
yy_server = make_server_conf();
|
|
yy_server->port = PORTNUM;
|
|
yy_server->flags |= SERVER_TB;
|
|
|
|
if(conf_cur_block_name != NULL)
|
|
yy_server->name = rb_strdup(conf_cur_block_name);
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int
|
|
conf_end_connect(struct TopConf *tc)
|
|
{
|
|
if (EmptyString(yy_server->name))
|
|
{
|
|
conf_report_error("Ignoring connect block -- missing name.");
|
|
return 0;
|
|
}
|
|
|
|
if (ServerInfo.name != NULL && !irccmp(ServerInfo.name, yy_server->name))
|
|
{
|
|
conf_report_error("Ignoring connect block for %s -- name is "
|
|
"equal to my own name.", yy_server->name);
|
|
return 0;
|
|
}
|
|
|
|
if ((EmptyString(yy_server->passwd) || EmptyString(yy_server->spasswd))
|
|
&& EmptyString(yy_server->certfp))
|
|
{
|
|
conf_report_error("Ignoring connect block for %s -- no "
|
|
"fingerprint or password credentials "
|
|
"provided.", yy_server->name);
|
|
return 0;
|
|
}
|
|
|
|
if ((yy_server->flags & SERVER_SSL) && EmptyString(yy_server->certfp))
|
|
{
|
|
conf_report_error("Ignoring connect block for %s -- no "
|
|
"fingerprint provided for SSL "
|
|
"connection.", yy_server->name);
|
|
return 0;
|
|
}
|
|
|
|
if (! (yy_server->flags & SERVER_SSL) && ! EmptyString(yy_server->certfp))
|
|
{
|
|
conf_report_error("Ignoring connect block for %s -- "
|
|
"fingerprint authentication has "
|
|
"been requested; but the ssl flag "
|
|
"is not set.", yy_server->name);
|
|
return 0;
|
|
}
|
|
|
|
if (EmptyString(yy_server->connect_host)
|
|
&& GET_SS_FAMILY(&yy_server->connect4) != AF_INET
|
|
&& GET_SS_FAMILY(&yy_server->connect6) != AF_INET6)
|
|
{
|
|
conf_report_error("Ignoring connect block for %s -- missing "
|
|
"host.", yy_server->name);
|
|
return 0;
|
|
}
|
|
|
|
add_server_conf(yy_server);
|
|
rb_dlinkAdd(yy_server, &yy_server->node, &server_conf_list);
|
|
|
|
yy_server = NULL;
|
|
return 0;
|
|
}
|
|
|
|
static void
|
|
conf_set_connect_host(void *data)
|
|
{
|
|
struct rb_sockaddr_storage addr;
|
|
|
|
if(rb_inet_pton_sock(data, &addr) <= 0)
|
|
{
|
|
rb_free(yy_server->connect_host);
|
|
yy_server->connect_host = rb_strdup(data);
|
|
}
|
|
else if(GET_SS_FAMILY(&addr) == AF_INET)
|
|
{
|
|
yy_server->connect4 = addr;
|
|
}
|
|
else if(GET_SS_FAMILY(&addr) == AF_INET6)
|
|
{
|
|
yy_server->connect6 = addr;
|
|
}
|
|
else
|
|
{
|
|
conf_report_error("Unsupported IP address for server connect host (%s)",
|
|
(char *)data);
|
|
return;
|
|
}
|
|
}
|
|
|
|
static void
|
|
conf_set_connect_vhost(void *data)
|
|
{
|
|
struct rb_sockaddr_storage addr;
|
|
|
|
if(rb_inet_pton_sock(data, &addr) <= 0)
|
|
{
|
|
rb_free(yy_server->bind_host);
|
|
yy_server->bind_host = rb_strdup(data);
|
|
}
|
|
else if(GET_SS_FAMILY(&addr) == AF_INET)
|
|
{
|
|
yy_server->bind4 = addr;
|
|
}
|
|
else if(GET_SS_FAMILY(&addr) == AF_INET6)
|
|
{
|
|
yy_server->bind6 = addr;
|
|
}
|
|
else
|
|
{
|
|
conf_report_error("Unsupported IP address for server connect vhost (%s)",
|
|
(char *)data);
|
|
return;
|
|
}
|
|
}
|
|
|
|
static void
|
|
conf_set_connect_send_password(void *data)
|
|
{
|
|
if(yy_server->spasswd)
|
|
{
|
|
memset(yy_server->spasswd, 0, strlen(yy_server->spasswd));
|
|
rb_free(yy_server->spasswd);
|
|
}
|
|
|
|
if (EmptyString((const char *) data))
|
|
{
|
|
yy_server->spasswd = NULL;
|
|
conf_report_warning("Invalid send_password for connect "
|
|
"block; must not be empty if provided");
|
|
}
|
|
else if (strpbrk(data, " :"))
|
|
{
|
|
yy_server->spasswd = NULL;
|
|
conf_report_error("Invalid send_password for connect "
|
|
"block; cannot contain spaces or colons");
|
|
}
|
|
else
|
|
yy_server->spasswd = rb_strdup(data);
|
|
}
|
|
|
|
static void
|
|
conf_set_connect_accept_password(void *data)
|
|
{
|
|
if(yy_server->passwd)
|
|
{
|
|
memset(yy_server->passwd, 0, strlen(yy_server->passwd));
|
|
rb_free(yy_server->passwd);
|
|
}
|
|
|
|
if (EmptyString((const char *) data))
|
|
{
|
|
yy_server->passwd = NULL;
|
|
conf_report_warning("Invalid accept_password for connect "
|
|
"block; must not be empty if provided");
|
|
}
|
|
else if (strpbrk(data, " :"))
|
|
{
|
|
yy_server->passwd = NULL;
|
|
conf_report_error("Invalid accept_password for connect "
|
|
"block; cannot contain spaces or colons");
|
|
}
|
|
else
|
|
yy_server->passwd = rb_strdup(data);
|
|
}
|
|
|
|
static void
|
|
conf_set_connect_fingerprint(void *data)
|
|
{
|
|
if (yy_server->certfp)
|
|
rb_free(yy_server->certfp);
|
|
yy_server->certfp = rb_strdup((char *) data);
|
|
|
|
/* force SSL to be enabled if fingerprint is enabled. */
|
|
yy_server->flags |= SERVER_SSL;
|
|
}
|
|
|
|
static void
|
|
conf_set_connect_port(void *data)
|
|
{
|
|
int port = *(unsigned int *) data;
|
|
|
|
if(port < 1)
|
|
port = PORTNUM;
|
|
|
|
yy_server->port = port;
|
|
}
|
|
|
|
static void
|
|
conf_set_connect_aftype(void *data)
|
|
{
|
|
char *aft = data;
|
|
|
|
if(rb_strcasecmp(aft, "ipv4") == 0)
|
|
yy_server->aftype = AF_INET;
|
|
else if(rb_strcasecmp(aft, "ipv6") == 0)
|
|
yy_server->aftype = AF_INET6;
|
|
else
|
|
conf_report_error("connect::aftype '%s' is unknown.", aft);
|
|
}
|
|
|
|
static void
|
|
conf_set_connect_flags(void *data)
|
|
{
|
|
conf_parm_t *args = data;
|
|
|
|
set_modes_from_table(&yy_server->flags, "flag", connect_table, args);
|
|
}
|
|
|
|
static void
|
|
conf_set_connect_class(void *data)
|
|
{
|
|
rb_free(yy_server->class_name);
|
|
yy_server->class_name = rb_strdup(data);
|
|
}
|
|
|
|
static void
|
|
conf_set_exempt_ip(void *data)
|
|
{
|
|
struct ConfItem *yy_tmp;
|
|
int masktype = parse_netmask_strict(data, NULL, NULL);
|
|
|
|
if(masktype != HM_IPV4 && masktype != HM_IPV6)
|
|
{
|
|
conf_report_error("Ignoring exempt -- invalid exempt::ip.");
|
|
return;
|
|
}
|
|
|
|
yy_tmp = make_conf();
|
|
yy_tmp->passwd = rb_strdup("*");
|
|
yy_tmp->host = rb_strdup(data);
|
|
yy_tmp->status = CONF_EXEMPTDLINE;
|
|
add_conf_by_address(yy_tmp->host, CONF_EXEMPTDLINE, NULL, NULL, yy_tmp);
|
|
}
|
|
|
|
static void
|
|
conf_set_secure_ip(void *data)
|
|
{
|
|
struct ConfItem *yy_tmp;
|
|
int masktype = parse_netmask_strict(data, NULL, NULL);
|
|
|
|
if(masktype != HM_IPV4 && masktype != HM_IPV6)
|
|
{
|
|
conf_report_error("Ignoring secure -- invalid secure::ip.");
|
|
return;
|
|
}
|
|
|
|
yy_tmp = make_conf();
|
|
yy_tmp->passwd = rb_strdup("*");
|
|
yy_tmp->host = rb_strdup(data);
|
|
yy_tmp->status = CONF_SECURE;
|
|
add_conf_by_address(yy_tmp->host, CONF_SECURE, NULL, NULL, yy_tmp);
|
|
}
|
|
|
|
static int
|
|
conf_cleanup_cluster(struct TopConf *tc)
|
|
{
|
|
rb_dlink_node *ptr, *next_ptr;
|
|
|
|
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_cluster_list.head)
|
|
{
|
|
free_remote_conf(ptr->data);
|
|
rb_dlinkDestroy(ptr, &yy_cluster_list);
|
|
}
|
|
|
|
if(yy_shared != NULL)
|
|
{
|
|
free_remote_conf(yy_shared);
|
|
yy_shared = NULL;
|
|
}
|
|
|
|
return 0;
|
|
}
|
|
|
|
static void
|
|
conf_set_cluster_name(void *data)
|
|
{
|
|
if(yy_shared != NULL)
|
|
free_remote_conf(yy_shared);
|
|
|
|
yy_shared = make_remote_conf();
|
|
yy_shared->server = rb_strdup(data);
|
|
rb_dlinkAddAlloc(yy_shared, &yy_cluster_list);
|
|
|
|
yy_shared = NULL;
|
|
}
|
|
|
|
static void
|
|
conf_set_cluster_flags(void *data)
|
|
{
|
|
conf_parm_t *args = data;
|
|
int flags = 0;
|
|
rb_dlink_node *ptr, *next_ptr;
|
|
|
|
if(yy_shared != NULL)
|
|
free_remote_conf(yy_shared);
|
|
|
|
set_modes_from_table(&flags, "flag", cluster_table, args);
|
|
|
|
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_cluster_list.head)
|
|
{
|
|
yy_shared = ptr->data;
|
|
yy_shared->flags = flags;
|
|
rb_dlinkAddTail(yy_shared, &yy_shared->node, &cluster_conf_list);
|
|
rb_dlinkDestroy(ptr, &yy_cluster_list);
|
|
}
|
|
|
|
yy_shared = NULL;
|
|
}
|
|
|
|
static void
|
|
conf_set_general_havent_read_conf(void *data)
|
|
{
|
|
if(*(unsigned int *) data)
|
|
{
|
|
conf_report_error("You haven't read your config file properly.");
|
|
conf_report_error
|
|
("There is a line in the example conf that will kill your server if not removed.");
|
|
conf_report_error
|
|
("Consider actually reading/editing the conf file, and removing this line.");
|
|
if (!testing_conf)
|
|
exit(0);
|
|
}
|
|
}
|
|
|
|
static void
|
|
conf_set_general_hide_error_messages(void *data)
|
|
{
|
|
char *val = data;
|
|
|
|
if(rb_strcasecmp(val, "yes") == 0)
|
|
ConfigFileEntry.hide_error_messages = 2;
|
|
else if(rb_strcasecmp(val, "opers") == 0)
|
|
ConfigFileEntry.hide_error_messages = 1;
|
|
else if(rb_strcasecmp(val, "no") == 0)
|
|
ConfigFileEntry.hide_error_messages = 0;
|
|
else
|
|
conf_report_error("Invalid setting '%s' for general::hide_error_messages.", val);
|
|
}
|
|
|
|
static void
|
|
conf_set_general_stats_k_oper_only(void *data)
|
|
{
|
|
char *val = data;
|
|
|
|
if(rb_strcasecmp(val, "yes") == 0)
|
|
ConfigFileEntry.stats_k_oper_only = 2;
|
|
else if(rb_strcasecmp(val, "masked") == 0)
|
|
ConfigFileEntry.stats_k_oper_only = 1;
|
|
else if(rb_strcasecmp(val, "no") == 0)
|
|
ConfigFileEntry.stats_k_oper_only = 0;
|
|
else
|
|
conf_report_error("Invalid setting '%s' for general::stats_k_oper_only.", val);
|
|
}
|
|
|
|
static void
|
|
conf_set_general_stats_i_oper_only(void *data)
|
|
{
|
|
char *val = data;
|
|
|
|
if(rb_strcasecmp(val, "yes") == 0)
|
|
ConfigFileEntry.stats_i_oper_only = 2;
|
|
else if(rb_strcasecmp(val, "masked") == 0)
|
|
ConfigFileEntry.stats_i_oper_only = 1;
|
|
else if(rb_strcasecmp(val, "no") == 0)
|
|
ConfigFileEntry.stats_i_oper_only = 0;
|
|
else
|
|
conf_report_error("Invalid setting '%s' for general::stats_i_oper_only.", val);
|
|
}
|
|
|
|
static void
|
|
conf_set_general_stats_l_oper_only(void *data)
|
|
{
|
|
char *val = data;
|
|
|
|
if(rb_strcasecmp(val, "yes") == 0)
|
|
ConfigFileEntry.stats_l_oper_only = STATS_L_OPER_ONLY_YES;
|
|
else if(rb_strcasecmp(val, "self") == 0)
|
|
ConfigFileEntry.stats_l_oper_only = STATS_L_OPER_ONLY_SELF;
|
|
else if(rb_strcasecmp(val, "no") == 0)
|
|
ConfigFileEntry.stats_l_oper_only = STATS_L_OPER_ONLY_NO;
|
|
else
|
|
conf_report_error("Invalid setting '%s' for general::stats_l_oper_only.", val);
|
|
}
|
|
|
|
static void
|
|
conf_set_general_default_umodes(void *data)
|
|
{
|
|
char *umodes = data;
|
|
|
|
parse_umodes(umodes, &ConfigFileEntry.default_umodes, NULL);
|
|
}
|
|
|
|
static void
|
|
conf_set_general_oper_umodes(void *data)
|
|
{
|
|
set_modes_from_table(&ConfigFileEntry.oper_umodes, "umode", umode_table, data);
|
|
}
|
|
|
|
static void
|
|
conf_set_general_certfp_method(void *data)
|
|
{
|
|
char *method = data;
|
|
|
|
if (!rb_strcasecmp(method, CERTFP_NAME_CERT_SHA1))
|
|
ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_CERT_SHA1;
|
|
else if (!rb_strcasecmp(method, CERTFP_NAME_CERT_SHA256))
|
|
ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_CERT_SHA256;
|
|
else if (!rb_strcasecmp(method, CERTFP_NAME_CERT_SHA512))
|
|
ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_CERT_SHA512;
|
|
else if (!rb_strcasecmp(method, CERTFP_NAME_SPKI_SHA256))
|
|
ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SPKI_SHA256;
|
|
else if (!rb_strcasecmp(method, CERTFP_NAME_SPKI_SHA512))
|
|
ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SPKI_SHA512;
|
|
else
|
|
{
|
|
ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_CERT_SHA1;
|
|
conf_report_error("Ignoring general::certfp_method -- bogus certfp method %s", method);
|
|
}
|
|
}
|
|
|
|
static void
|
|
conf_set_general_oper_only_umodes(void *data)
|
|
{
|
|
set_modes_from_table(&ConfigFileEntry.oper_only_umodes, "umode", umode_table, data);
|
|
}
|
|
|
|
static void
|
|
conf_set_general_oper_snomask(void *data)
|
|
{
|
|
char *pm;
|
|
int what = MODE_ADD, flag;
|
|
|
|
ConfigFileEntry.oper_snomask = 0;
|
|
for (pm = (char *) data; *pm; pm++)
|
|
{
|
|
switch (*pm)
|
|
{
|
|
case '+':
|
|
what = MODE_ADD;
|
|
break;
|
|
case '-':
|
|
what = MODE_DEL;
|
|
break;
|
|
|
|
default:
|
|
if ((flag = snomask_modes[(unsigned char) *pm]))
|
|
{
|
|
if (what == MODE_ADD)
|
|
ConfigFileEntry.oper_snomask |= flag;
|
|
else
|
|
ConfigFileEntry.oper_snomask &= ~flag;
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
static void
|
|
conf_set_general_hidden_caps(void *data)
|
|
{
|
|
size_t n = 0;
|
|
|
|
for (conf_parm_t *arg = data; arg; arg = arg->next)
|
|
n += 1;
|
|
|
|
if (ConfigFileEntry.hidden_caps != NULL)
|
|
{
|
|
for (n = 0; ConfigFileEntry.hidden_caps[n] != NULL; n++)
|
|
rb_free(ConfigFileEntry.hidden_caps[n]);
|
|
rb_free(ConfigFileEntry.hidden_caps);
|
|
}
|
|
ConfigFileEntry.hidden_caps = rb_malloc(sizeof *ConfigFileEntry.hidden_caps * (n + 1));
|
|
|
|
n = 0;
|
|
for (conf_parm_t *arg = data; arg; arg = arg->next)
|
|
{
|
|
ConfigFileEntry.hidden_caps[n++] = rb_strdup(arg->v.string);
|
|
}
|
|
ConfigFileEntry.hidden_caps[n] = NULL;
|
|
}
|
|
|
|
static void
|
|
conf_set_serverhide_links_delay(void *data)
|
|
{
|
|
int val = *(unsigned int *) data;
|
|
|
|
ConfigServerHide.links_delay = val;
|
|
}
|
|
|
|
static void
|
|
conf_set_service_name(void *data)
|
|
{
|
|
const char *s;
|
|
char *tmp;
|
|
int dots = 0;
|
|
|
|
for(s = data; *s != '\0'; s++)
|
|
{
|
|
if(!IsServChar(*s))
|
|
{
|
|
conf_report_error("Ignoring service::name "
|
|
"-- bogus servername.");
|
|
return;
|
|
}
|
|
else if(*s == '.')
|
|
dots++;
|
|
}
|
|
|
|
if(!dots)
|
|
{
|
|
conf_report_error("Ignoring service::name -- must contain '.'");
|
|
return;
|
|
}
|
|
|
|
tmp = rb_strdup(data);
|
|
rb_dlinkAddAlloc(tmp, &service_list);
|
|
}
|
|
|
|
static int
|
|
conf_begin_alias(struct TopConf *tc)
|
|
{
|
|
yy_alias = rb_malloc(sizeof(struct alias_entry));
|
|
|
|
if (conf_cur_block_name != NULL)
|
|
yy_alias->name = rb_strdup(conf_cur_block_name);
|
|
|
|
yy_alias->flags = 0;
|
|
|
|
return 0;
|
|
}
|
|
|
|
static int
|
|
conf_end_alias(struct TopConf *tc)
|
|
{
|
|
if (yy_alias == NULL)
|
|
return -1;
|
|
|
|
if (yy_alias->name == NULL)
|
|
{
|
|
conf_report_error("Ignoring alias -- must have a name.");
|
|
|
|
rb_free(yy_alias);
|
|
|
|
return -1;
|
|
}
|
|
|
|
if (yy_alias->target == NULL)
|
|
{
|
|
conf_report_error("Ignoring alias -- must have a target.");
|
|
|
|
rb_free(yy_alias);
|
|
|
|
return -1;
|
|
}
|
|
|
|
rb_dictionary_add(alias_dict, yy_alias->name, yy_alias);
|
|
|
|
return 0;
|
|
}
|
|
|
|
static void
|
|
conf_set_alias_name(void *data)
|
|
{
|
|
if (data == NULL || yy_alias == NULL) /* this shouldn't ever happen */
|
|
return;
|
|
|
|
yy_alias->name = rb_strdup(data);
|
|
}
|
|
|
|
static void
|
|
conf_set_alias_target(void *data)
|
|
{
|
|
if (data == NULL || yy_alias == NULL) /* this shouldn't ever happen */
|
|
return;
|
|
|
|
yy_alias->target = rb_strdup(data);
|
|
}
|
|
|
|
static void
|
|
conf_set_channel_autochanmodes(void *data)
|
|
{
|
|
char *pm;
|
|
int what = MODE_ADD;
|
|
|
|
ConfigChannel.autochanmodes = 0;
|
|
for (pm = (char *) data; *pm; pm++)
|
|
{
|
|
switch (*pm)
|
|
{
|
|
case '+':
|
|
what = MODE_ADD;
|
|
break;
|
|
case '-':
|
|
what = MODE_DEL;
|
|
break;
|
|
|
|
default:
|
|
if (chmode_table[(unsigned char) *pm].set_func == chm_simple)
|
|
{
|
|
if (what == MODE_ADD)
|
|
ConfigChannel.autochanmodes |= chmode_table[(unsigned char) *pm].mode_type;
|
|
else
|
|
ConfigChannel.autochanmodes &= ~chmode_table[(unsigned char) *pm].mode_type;
|
|
}
|
|
else
|
|
{
|
|
conf_report_error("channel::autochanmodes -- Invalid channel mode %c", *pm);
|
|
continue;
|
|
}
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
|
|
/* XXX for below */
|
|
static void conf_set_dnsbl_entry_reason(void *data);
|
|
|
|
#define IPTYPE_IPV4 1
|
|
#define IPTYPE_IPV6 2
|
|
|
|
static int
|
|
conf_warn_blacklist_deprecation(struct TopConf *tc)
|
|
{
|
|
conf_report_error("blacklist{} blocks have been deprecated -- use dnsbl{} blocks instead.");
|
|
return 0;
|
|
}
|
|
|
|
static void
|
|
conf_set_dnsbl_entry_host(void *data)
|
|
{
|
|
if (yy_dnsbl_entry_host)
|
|
{
|
|
conf_report_error("dnsbl::host %s overlaps existing host %s",
|
|
(char *)data, yy_dnsbl_entry_host);
|
|
|
|
/* Cleanup */
|
|
conf_set_dnsbl_entry_reason(NULL);
|
|
return;
|
|
}
|
|
|
|
yy_dnsbl_entry_iptype |= IPTYPE_IPV4;
|
|
yy_dnsbl_entry_host = rb_strdup(data);
|
|
}
|
|
|
|
static void
|
|
conf_set_dnsbl_entry_type(void *data)
|
|
{
|
|
conf_parm_t *args = data;
|
|
|
|
/* Don't assume we have either if we got here */
|
|
yy_dnsbl_entry_iptype = 0;
|
|
|
|
for (; args; args = args->next)
|
|
{
|
|
if (!rb_strcasecmp(args->v.string, "ipv4"))
|
|
yy_dnsbl_entry_iptype |= IPTYPE_IPV4;
|
|
else if (!rb_strcasecmp(args->v.string, "ipv6"))
|
|
yy_dnsbl_entry_iptype |= IPTYPE_IPV6;
|
|
else
|
|
conf_report_error("dnsbl::type has unknown address family %s",
|
|
args->v.string);
|
|
}
|
|
|
|
/* If we have neither, just default to IPv4 */
|
|
if (!yy_dnsbl_entry_iptype)
|
|
{
|
|
conf_report_warning("dnsbl::type has neither IPv4 nor IPv6 (defaulting to IPv4)");
|
|
yy_dnsbl_entry_iptype = IPTYPE_IPV4;
|
|
}
|
|
}
|
|
|
|
static void
|
|
conf_set_dnsbl_entry_matches(void *data)
|
|
{
|
|
conf_parm_t *args = data;
|
|
enum filter_t { FILTER_NONE, FILTER_ALL, FILTER_LAST };
|
|
|
|
for (; args; args = args->next)
|
|
{
|
|
char *str = args->v.string;
|
|
char *p;
|
|
enum filter_t type = FILTER_LAST;
|
|
|
|
if (CF_TYPE(args->type) != CF_QSTRING)
|
|
{
|
|
conf_report_error("dnsbl::matches -- must be quoted string");
|
|
continue;
|
|
}
|
|
|
|
if (str == NULL)
|
|
{
|
|
conf_report_error("dnsbl::matches -- invalid entry");
|
|
continue;
|
|
}
|
|
|
|
if (strlen(str) > HOSTIPLEN)
|
|
{
|
|
conf_report_error("dnsbl::matches has an entry too long: %s",
|
|
str);
|
|
continue;
|
|
}
|
|
|
|
for (p = str; *p != '\0'; p++)
|
|
{
|
|
/* Check for validity */
|
|
if (*p == '.')
|
|
type = FILTER_ALL;
|
|
else if (!isdigit((unsigned char)*p))
|
|
{
|
|
conf_report_error("dnsbl::matches has invalid IP match entry %s",
|
|
str);
|
|
type = FILTER_NONE;
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (type == FILTER_ALL)
|
|
{
|
|
/* Basic IP sanity check */
|
|
struct rb_sockaddr_storage tmp;
|
|
if (rb_inet_pton(AF_INET, str, &tmp) <= 0)
|
|
{
|
|
conf_report_error("dnsbl::matches has invalid IP match entry %s",
|
|
str);
|
|
continue;
|
|
}
|
|
}
|
|
else if (type == FILTER_LAST)
|
|
{
|
|
/* Verify it's the correct length */
|
|
if (strlen(str) > 3)
|
|
{
|
|
conf_report_error("dnsbl::matches has invalid octet match entry %s",
|
|
str);
|
|
continue;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
continue; /* Invalid entry */
|
|
}
|
|
|
|
rb_dlinkAddAlloc(rb_strdup(str), &yy_dnsbl_entry_filters);
|
|
}
|
|
}
|
|
|
|
static void
|
|
conf_set_dnsbl_entry_reason(void *data)
|
|
{
|
|
rb_dlink_node *ptr, *nptr;
|
|
|
|
if (yy_dnsbl_entry_host && data)
|
|
{
|
|
yy_dnsbl_entry_reason = rb_strdup(data);
|
|
if (yy_dnsbl_entry_iptype & IPTYPE_IPV6)
|
|
{
|
|
/* Make sure things fit (magic number 64 = alnum count + dots)
|
|
* Example: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa
|
|
*/
|
|
if ((64 + strlen(yy_dnsbl_entry_host)) > IRCD_RES_HOSTLEN)
|
|
{
|
|
conf_report_error("dnsbl::host %s results in IPv6 queries that are too long",
|
|
yy_dnsbl_entry_host);
|
|
goto cleanup_bl;
|
|
}
|
|
}
|
|
/* Avoid doing redundant check, IPv6 is bigger than IPv4 --Elizabeth */
|
|
if ((yy_dnsbl_entry_iptype & IPTYPE_IPV4) && !(yy_dnsbl_entry_iptype & IPTYPE_IPV6))
|
|
{
|
|
/* Make sure things fit for worst case (magic number 16 = number of nums + dots)
|
|
* Example: 127.127.127.127.in-addr.arpa
|
|
*/
|
|
if ((16 + strlen(yy_dnsbl_entry_host)) > IRCD_RES_HOSTLEN)
|
|
{
|
|
conf_report_error("dnsbl::host %s results in IPv4 queries that are too long",
|
|
yy_dnsbl_entry_host);
|
|
goto cleanup_bl;
|
|
}
|
|
}
|
|
|
|
add_dnsbl_entry(yy_dnsbl_entry_host, yy_dnsbl_entry_reason, yy_dnsbl_entry_iptype, &yy_dnsbl_entry_filters);
|
|
}
|
|
|
|
cleanup_bl:
|
|
RB_DLINK_FOREACH_SAFE(ptr, nptr, yy_dnsbl_entry_filters.head)
|
|
{
|
|
rb_free(ptr->data);
|
|
rb_dlinkDestroy(ptr, &yy_dnsbl_entry_filters);
|
|
}
|
|
|
|
yy_dnsbl_entry_filters = (rb_dlink_list){ NULL, NULL, 0 };
|
|
|
|
rb_free(yy_dnsbl_entry_host);
|
|
rb_free(yy_dnsbl_entry_reason);
|
|
yy_dnsbl_entry_host = NULL;
|
|
yy_dnsbl_entry_reason = NULL;
|
|
yy_dnsbl_entry_iptype = 0;
|
|
}
|
|
|
|
|
|
struct opm_scanner
|
|
{
|
|
const char *type;
|
|
uint16_t port;
|
|
|
|
rb_dlink_node node;
|
|
};
|
|
|
|
static int
|
|
conf_begin_opm(struct TopConf *tc)
|
|
{
|
|
yy_opm_address_ipv4 = yy_opm_address_ipv6 = NULL;
|
|
yy_opm_port_ipv4 = yy_opm_port_ipv6 = yy_opm_timeout = 0;
|
|
delete_opm_proxy_scanner_all();
|
|
delete_opm_listener_all();
|
|
return 0;
|
|
}
|
|
|
|
static int
|
|
conf_end_opm(struct TopConf *tc)
|
|
{
|
|
rb_dlink_node *ptr, *nptr;
|
|
bool fail = false;
|
|
|
|
if(rb_dlink_list_length(&yy_opm_scanner_list) == 0)
|
|
{
|
|
conf_report_error("No opm scanners configured -- disabling opm.");
|
|
fail = true;
|
|
goto end;
|
|
}
|
|
|
|
if(yy_opm_port_ipv4 > 0)
|
|
{
|
|
if(yy_opm_address_ipv4 != NULL)
|
|
conf_create_opm_listener(yy_opm_address_ipv4, yy_opm_port_ipv4);
|
|
else
|
|
{
|
|
char ip[HOSTIPLEN];
|
|
if(!rb_inet_ntop_sock((struct sockaddr *)&ServerInfo.bind4, ip, sizeof(ip)))
|
|
conf_report_error("No opm::listen_ipv4 nor serverinfo::vhost directive; cannot listen on IPv4");
|
|
else
|
|
conf_create_opm_listener(ip, yy_opm_port_ipv4);
|
|
}
|
|
}
|
|
|
|
if(yy_opm_port_ipv6 > 0)
|
|
{
|
|
if(yy_opm_address_ipv6 != NULL)
|
|
conf_create_opm_listener(yy_opm_address_ipv6, yy_opm_port_ipv6);
|
|
else
|
|
{
|
|
char ip[HOSTIPLEN];
|
|
if(!rb_inet_ntop_sock((struct sockaddr *)&ServerInfo.bind6, ip, sizeof(ip)))
|
|
conf_report_error("No opm::listen_ipv6 nor serverinfo::vhost directive; cannot listen on IPv6");
|
|
else
|
|
conf_create_opm_listener(ip, yy_opm_port_ipv6);
|
|
}
|
|
}
|
|
|
|
/* If there's no listeners... */
|
|
fail = (yy_opm_port_ipv4 == 0 || yy_opm_port_ipv6 == 0);
|
|
if(!fail && yy_opm_timeout > 0 && yy_opm_timeout < 60)
|
|
/* Send timeout */
|
|
set_authd_timeout("opm_timeout", yy_opm_timeout);
|
|
else if(fail)
|
|
conf_report_error("No opm listeners -- disabling");
|
|
else if(yy_opm_timeout <= 0 || yy_opm_timeout >= 60)
|
|
conf_report_error("opm::timeout value is invalid -- ignoring");
|
|
|
|
end:
|
|
RB_DLINK_FOREACH_SAFE(ptr, nptr, yy_opm_scanner_list.head)
|
|
{
|
|
struct opm_scanner *scanner = ptr->data;
|
|
|
|
if(!fail)
|
|
create_opm_proxy_scanner(scanner->type, scanner->port);
|
|
|
|
rb_dlinkDelete(&scanner->node, &yy_opm_scanner_list);
|
|
rb_free(scanner);
|
|
}
|
|
|
|
if(!fail)
|
|
opm_check_enable(true);
|
|
|
|
rb_free(yy_opm_address_ipv4);
|
|
rb_free(yy_opm_address_ipv6);
|
|
return 0;
|
|
}
|
|
|
|
static void
|
|
conf_set_opm_timeout(void *data)
|
|
{
|
|
int timeout = *((int *)data);
|
|
|
|
if(timeout <= 0 || timeout > 60)
|
|
{
|
|
conf_report_error("opm::timeout value %d is bogus, ignoring", timeout);
|
|
return;
|
|
}
|
|
|
|
yy_opm_timeout = timeout;
|
|
}
|
|
|
|
static void
|
|
conf_set_opm_listen_address_both(void *data, bool ipv6)
|
|
{
|
|
struct rb_sockaddr_storage addr;
|
|
const char *confstr = (ipv6 ? "opm::listen_ipv6" : "opm::listen_ipv4");
|
|
char *ip = data;
|
|
|
|
if(!rb_inet_pton_sock(ip, &addr))
|
|
{
|
|
conf_report_error("%s is an invalid address: %s", confstr, ip);
|
|
return;
|
|
}
|
|
|
|
if(ipv6)
|
|
{
|
|
if(GET_SS_FAMILY(&addr) != AF_INET6)
|
|
{
|
|
conf_report_error("%s is of the wrong address type: %s", confstr, ip);
|
|
return;
|
|
}
|
|
|
|
if(yy_opm_address_ipv6 != NULL)
|
|
{
|
|
conf_report_error("%s overwrites previous address %s", confstr, ip);
|
|
return;
|
|
}
|
|
|
|
yy_opm_address_ipv6 = rb_strdup(ip);
|
|
}
|
|
else
|
|
{
|
|
if(GET_SS_FAMILY(&addr) != AF_INET)
|
|
{
|
|
conf_report_error("%s is of the wrong address type: %s", confstr, ip);
|
|
return;
|
|
}
|
|
|
|
if(yy_opm_address_ipv4 != NULL)
|
|
{
|
|
conf_report_error("%s overwrites previous address %s", confstr, ip);
|
|
return;
|
|
}
|
|
|
|
yy_opm_address_ipv4 = rb_strdup(ip);
|
|
}
|
|
}
|
|
|
|
static void
|
|
conf_set_opm_listen_address_ipv4(void *data)
|
|
{
|
|
conf_set_opm_listen_address_both(data, false);
|
|
}
|
|
|
|
static void
|
|
conf_set_opm_listen_address_ipv6(void *data)
|
|
{
|
|
conf_set_opm_listen_address_both(data, true);
|
|
}
|
|
|
|
static void
|
|
conf_set_opm_listen_port_both(void *data, bool ipv6)
|
|
{
|
|
int port = *((int *)data);
|
|
const char *confstr = (ipv6 ? "opm::port_ipv6" : "opm::port_ipv4");
|
|
|
|
if(port > 65535 || port <= 0)
|
|
{
|
|
conf_report_error("%s is out of range: %d", confstr, port);
|
|
return;
|
|
}
|
|
|
|
if(ipv6)
|
|
{
|
|
if(yy_opm_port_ipv4)
|
|
{
|
|
conf_report_error("%s overwrites existing port %hu",
|
|
confstr, yy_opm_port_ipv4);
|
|
return;
|
|
}
|
|
|
|
yy_opm_port_ipv4 = port;
|
|
}
|
|
else
|
|
{
|
|
if(yy_opm_port_ipv6)
|
|
{
|
|
conf_report_error("%s overwrites existing port %hu",
|
|
confstr, yy_opm_port_ipv6);
|
|
return;
|
|
}
|
|
|
|
yy_opm_port_ipv6 = port;
|
|
}
|
|
}
|
|
|
|
static void
|
|
conf_set_opm_listen_port_ipv4(void *data)
|
|
{
|
|
conf_set_opm_listen_port_both(data, false);
|
|
}
|
|
|
|
static void
|
|
conf_set_opm_listen_port_ipv6(void *data)
|
|
{
|
|
conf_set_opm_listen_port_both(data, true);
|
|
}
|
|
|
|
static void
|
|
conf_set_opm_listen_port(void *data)
|
|
{
|
|
conf_set_opm_listen_port_both(data, true);
|
|
conf_set_opm_listen_port_both(data, false);
|
|
}
|
|
|
|
static void
|
|
conf_set_opm_scan_ports_all(void *data, const char *node, const char *type)
|
|
{
|
|
conf_parm_t *args = data;
|
|
for (; args; args = args->next)
|
|
{
|
|
rb_dlink_node *ptr;
|
|
bool dup = false;
|
|
|
|
if(CF_TYPE(args->type) != CF_INT)
|
|
{
|
|
conf_report_error("%s argument is not an integer -- ignoring.", node);
|
|
continue;
|
|
}
|
|
|
|
if(args->v.number > 65535 || args->v.number <= 0)
|
|
{
|
|
conf_report_error("%s argument is not an integer between 1 and 65535 -- ignoring.", node);
|
|
continue;
|
|
}
|
|
|
|
/* Check for duplicates */
|
|
RB_DLINK_FOREACH(ptr, yy_opm_scanner_list.head)
|
|
{
|
|
struct opm_scanner *scanner = ptr->data;
|
|
|
|
if(scanner->port == args->v.number && strcmp(type, scanner->type) == 0)
|
|
{
|
|
conf_report_error("%s argument is duplicate", node);
|
|
dup = true;
|
|
break;
|
|
}
|
|
}
|
|
|
|
if(!dup)
|
|
{
|
|
struct opm_scanner *scanner = rb_malloc(sizeof(struct opm_scanner));
|
|
scanner->port = args->v.number;
|
|
scanner->type = type;
|
|
rb_dlinkAdd(scanner, &scanner->node, &yy_opm_scanner_list);
|
|
}
|
|
}
|
|
}
|
|
|
|
static void
|
|
conf_set_opm_scan_ports_socks4(void *data)
|
|
{
|
|
conf_set_opm_scan_ports_all(data, "opm::socks4_ports", "socks4");
|
|
}
|
|
|
|
static void
|
|
conf_set_opm_scan_ports_socks5(void *data)
|
|
{
|
|
conf_set_opm_scan_ports_all(data, "opm::socks5_ports", "socks5");
|
|
}
|
|
|
|
static void
|
|
conf_set_opm_scan_ports_httpconnect(void *data)
|
|
{
|
|
conf_set_opm_scan_ports_all(data, "opm::httpconnect_ports", "httpconnect");
|
|
}
|
|
|
|
static void
|
|
conf_set_opm_scan_ports_httpsconnect(void *data)
|
|
{
|
|
conf_set_opm_scan_ports_all(data, "opm::httpsconnect_ports", "httpsconnect");
|
|
}
|
|
|
|
/* public functions */
|
|
|
|
|
|
void
|
|
conf_report_error(const char *fmt, ...)
|
|
{
|
|
va_list ap;
|
|
char msg[BUFSIZE + 1] = { 0 };
|
|
|
|
va_start(ap, fmt);
|
|
vsnprintf(msg, BUFSIZE, fmt, ap);
|
|
va_end(ap);
|
|
|
|
if (testing_conf)
|
|
{
|
|
fprintf(stderr, "\"%s\", line %d: %s\n", current_file, lineno + 1, msg);
|
|
return;
|
|
}
|
|
|
|
ierror("\"%s\", line %d: %s", current_file, lineno + 1, msg);
|
|
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "error: \"%s\", line %d: %s", current_file, lineno + 1, msg);
|
|
}
|
|
|
|
void
|
|
conf_report_warning(const char *fmt, ...)
|
|
{
|
|
va_list ap;
|
|
char msg[BUFSIZE + 1] = { 0 };
|
|
|
|
va_start(ap, fmt);
|
|
vsnprintf(msg, BUFSIZE, fmt, ap);
|
|
va_end(ap);
|
|
|
|
if (testing_conf)
|
|
{
|
|
fprintf(stderr, "\"%s\", line %d: %s\n", current_file, lineno + 1, msg);
|
|
return;
|
|
}
|
|
|
|
iwarn("\"%s\", line %d: %s", current_file, lineno + 1, msg);
|
|
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "warning: \"%s\", line %d: %s", current_file, lineno + 1, msg);
|
|
}
|
|
|
|
int
|
|
conf_start_block(char *block, char *name)
|
|
{
|
|
if((conf_cur_block = find_top_conf(block)) == NULL)
|
|
{
|
|
conf_report_error("Configuration block '%s' is not defined.", block);
|
|
return -1;
|
|
}
|
|
|
|
if(name)
|
|
conf_cur_block_name = rb_strdup(name);
|
|
else
|
|
conf_cur_block_name = NULL;
|
|
|
|
if(conf_cur_block->tc_sfunc)
|
|
if(conf_cur_block->tc_sfunc(conf_cur_block) < 0)
|
|
return -1;
|
|
|
|
return 0;
|
|
}
|
|
|
|
int
|
|
conf_end_block(struct TopConf *tc)
|
|
{
|
|
int ret = 0;
|
|
if(tc->tc_efunc)
|
|
ret = tc->tc_efunc(tc);
|
|
|
|
rb_free(conf_cur_block_name);
|
|
conf_cur_block_name = NULL;
|
|
return ret;
|
|
}
|
|
|
|
static void
|
|
conf_set_generic_int(void *data, void *location)
|
|
{
|
|
*((int *) location) = *((unsigned int *) data);
|
|
}
|
|
|
|
static void
|
|
conf_set_generic_string(void *data, int len, void *location)
|
|
{
|
|
char **loc = location;
|
|
char *input = data;
|
|
|
|
if(len && strlen(input) > (unsigned int)len)
|
|
input[len] = '\0';
|
|
|
|
rb_free(*loc);
|
|
*loc = rb_strdup(input);
|
|
}
|
|
|
|
int
|
|
conf_call_set(struct TopConf *tc, char *item, conf_parm_t * value)
|
|
{
|
|
struct ConfEntry *cf;
|
|
conf_parm_t *cp;
|
|
|
|
if(!tc)
|
|
return -1;
|
|
|
|
if((cf = find_conf_item(tc, item)) == NULL)
|
|
{
|
|
conf_report_error
|
|
("Non-existent configuration setting %s::%s.", tc->tc_name, (char *) item);
|
|
return -1;
|
|
}
|
|
|
|
/* if it takes one thing, make sure they only passed one thing,
|
|
and handle as needed. */
|
|
if((value->v.list->type & CF_FLIST) && !(cf->cf_type & CF_FLIST))
|
|
{
|
|
conf_report_error
|
|
("Option %s::%s does not take a list of values.", tc->tc_name, item);
|
|
return -1;
|
|
}
|
|
|
|
cp = value->v.list;
|
|
|
|
|
|
if(CF_TYPE(value->v.list->type) != CF_TYPE(cf->cf_type))
|
|
{
|
|
/* if it expects a string value, but we got a yesno,
|
|
* convert it back
|
|
*/
|
|
if((CF_TYPE(value->v.list->type) == CF_YESNO) &&
|
|
(CF_TYPE(cf->cf_type) == CF_STRING))
|
|
{
|
|
value->v.list->type = CF_STRING;
|
|
|
|
if(cp->v.number == 1)
|
|
cp->v.string = rb_strdup("yes");
|
|
else
|
|
cp->v.string = rb_strdup("no");
|
|
}
|
|
|
|
/* maybe it's a CF_TIME and they passed CF_INT --
|
|
should still be valid */
|
|
else if(!((CF_TYPE(value->v.list->type) == CF_INT) &&
|
|
(CF_TYPE(cf->cf_type) == CF_TIME)))
|
|
{
|
|
conf_report_error
|
|
("Wrong type for %s::%s (expected %s, got %s)",
|
|
tc->tc_name, (char *) item,
|
|
conf_strtype(cf->cf_type), conf_strtype(value->v.list->type));
|
|
return -1;
|
|
}
|
|
}
|
|
|
|
if(cf->cf_type & CF_FLIST)
|
|
{
|
|
#if 0
|
|
if(cf->cf_arg)
|
|
conf_set_generic_list(value->v.list, cf->cf_arg);
|
|
else
|
|
#endif
|
|
/* just pass it the extended argument list */
|
|
cf->cf_func(value->v.list);
|
|
}
|
|
else
|
|
{
|
|
/* it's old-style, needs only one arg */
|
|
switch (cf->cf_type)
|
|
{
|
|
case CF_INT:
|
|
case CF_TIME:
|
|
case CF_YESNO:
|
|
if(cf->cf_arg)
|
|
conf_set_generic_int(&cp->v.number, cf->cf_arg);
|
|
else
|
|
cf->cf_func(&cp->v.number);
|
|
break;
|
|
case CF_STRING:
|
|
case CF_QSTRING:
|
|
if(EmptyString(cp->v.string))
|
|
conf_report_error("Ignoring %s::%s -- empty field",
|
|
tc->tc_name, item);
|
|
else if(cf->cf_arg)
|
|
conf_set_generic_string(cp->v.string, cf->cf_len, cf->cf_arg);
|
|
else
|
|
cf->cf_func(cp->v.string);
|
|
break;
|
|
}
|
|
}
|
|
|
|
|
|
return 0;
|
|
}
|
|
|
|
int
|
|
add_conf_item(const char *topconf, const char *name, int type, void (*func) (void *))
|
|
{
|
|
struct TopConf *tc;
|
|
struct ConfEntry *cf;
|
|
|
|
if((tc = find_top_conf(topconf)) == NULL)
|
|
return -1;
|
|
|
|
if(find_conf_item(tc, name) != NULL)
|
|
return -1;
|
|
|
|
cf = rb_malloc(sizeof(struct ConfEntry));
|
|
|
|
cf->cf_name = name;
|
|
cf->cf_type = type;
|
|
cf->cf_func = func;
|
|
cf->cf_arg = NULL;
|
|
|
|
rb_dlinkAddAlloc(cf, &tc->tc_items);
|
|
|
|
return 0;
|
|
}
|
|
|
|
int
|
|
remove_conf_item(const char *topconf, const char *name)
|
|
{
|
|
struct TopConf *tc;
|
|
struct ConfEntry *cf;
|
|
rb_dlink_node *ptr;
|
|
|
|
if((tc = find_top_conf(topconf)) == NULL)
|
|
return -1;
|
|
|
|
if((cf = find_conf_item(tc, name)) == NULL)
|
|
return -1;
|
|
|
|
if((ptr = rb_dlinkFind(cf, &tc->tc_items)) == NULL)
|
|
return -1;
|
|
|
|
rb_dlinkDestroy(ptr, &tc->tc_items);
|
|
rb_free(cf);
|
|
|
|
return 0;
|
|
}
|
|
|
|
/* *INDENT-OFF* */
|
|
static struct ConfEntry conf_serverinfo_table[] =
|
|
{
|
|
{ "description", CF_QSTRING, NULL, 0, &ServerInfo.description },
|
|
|
|
{ "network_name", CF_QSTRING, conf_set_serverinfo_network_name, 0, NULL },
|
|
{ "name", CF_QSTRING, conf_set_serverinfo_name, 0, NULL },
|
|
{ "sid", CF_QSTRING, conf_set_serverinfo_sid, 0, NULL },
|
|
{ "vhost", CF_QSTRING, conf_set_serverinfo_vhost, 0, NULL },
|
|
{ "vhost6", CF_QSTRING, conf_set_serverinfo_vhost6, 0, NULL },
|
|
|
|
{ "ssl_private_key", CF_QSTRING, NULL, 0, &ServerInfo.ssl_private_key },
|
|
{ "ssl_ca_cert", CF_QSTRING, NULL, 0, &ServerInfo.ssl_ca_cert },
|
|
{ "ssl_cert", CF_QSTRING, NULL, 0, &ServerInfo.ssl_cert },
|
|
{ "ssl_dh_params", CF_QSTRING, NULL, 0, &ServerInfo.ssl_dh_params },
|
|
{ "ssl_cipher_list", CF_QSTRING, NULL, 0, &ServerInfo.ssl_cipher_list },
|
|
{ "ssld_count", CF_INT, NULL, 0, &ServerInfo.ssld_count },
|
|
|
|
{ "default_max_clients",CF_INT, NULL, 0, &ServerInfo.default_max_clients },
|
|
|
|
{ "nicklen", CF_INT, conf_set_serverinfo_nicklen, 0, NULL },
|
|
|
|
{ "\0", 0, NULL, 0, NULL }
|
|
};
|
|
|
|
static struct ConfEntry conf_admin_table[] =
|
|
{
|
|
{ "name", CF_QSTRING, NULL, 200, &AdminInfo.name },
|
|
{ "description",CF_QSTRING, NULL, 200, &AdminInfo.description },
|
|
{ "email", CF_QSTRING, NULL, 200, &AdminInfo.email },
|
|
{ "\0", 0, NULL, 0, NULL }
|
|
};
|
|
|
|
static struct ConfEntry conf_log_table[] =
|
|
{
|
|
{ "fname_userlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_userlog },
|
|
{ "fname_fuserlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_fuserlog },
|
|
{ "fname_operlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_operlog },
|
|
{ "fname_foperlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_foperlog },
|
|
{ "fname_serverlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_serverlog },
|
|
{ "fname_killlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_killlog },
|
|
{ "fname_klinelog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_klinelog },
|
|
{ "fname_operspylog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_operspylog },
|
|
{ "fname_ioerrorlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_ioerrorlog },
|
|
{ "\0", 0, NULL, 0, NULL }
|
|
};
|
|
|
|
static struct ConfEntry conf_operator_table[] =
|
|
{
|
|
{ "rsa_public_key_file", CF_QSTRING, conf_set_oper_rsa_public_key_file, 0, NULL },
|
|
{ "flags", CF_STRING | CF_FLIST, conf_set_oper_flags, 0, NULL },
|
|
{ "umodes", CF_STRING | CF_FLIST, conf_set_oper_umodes, 0, NULL },
|
|
{ "privset", CF_QSTRING, conf_set_oper_privset, 0, NULL },
|
|
{ "snomask", CF_QSTRING, conf_set_oper_snomask, 0, NULL },
|
|
{ "user", CF_QSTRING, conf_set_oper_user, 0, NULL },
|
|
{ "password", CF_QSTRING, conf_set_oper_password, 0, NULL },
|
|
{ "fingerprint", CF_QSTRING, conf_set_oper_fingerprint, 0, NULL },
|
|
{ "\0", 0, NULL, 0, NULL }
|
|
};
|
|
|
|
static struct ConfEntry conf_privset_table[] =
|
|
{
|
|
{ "extends", CF_QSTRING, conf_set_privset_extends, 0, NULL },
|
|
{ "privs", CF_STRING | CF_FLIST, conf_set_privset_privs, 0, NULL },
|
|
{ "\0", 0, NULL, 0, NULL }
|
|
};
|
|
|
|
static struct ConfEntry conf_class_table[] =
|
|
{
|
|
{ "ping_time", CF_TIME, conf_set_class_ping_time, 0, NULL },
|
|
{ "cidr_ipv4_bitlen", CF_INT, conf_set_class_cidr_ipv4_bitlen, 0, NULL },
|
|
{ "cidr_ipv6_bitlen", CF_INT, conf_set_class_cidr_ipv6_bitlen, 0, NULL },
|
|
{ "number_per_cidr", CF_INT, conf_set_class_number_per_cidr, 0, NULL },
|
|
{ "number_per_ip", CF_INT, conf_set_class_number_per_ip, 0, NULL },
|
|
{ "number_per_ip_global", CF_INT,conf_set_class_number_per_ip_global, 0, NULL },
|
|
{ "number_per_ident", CF_INT, conf_set_class_number_per_ident, 0, NULL },
|
|
{ "connectfreq", CF_TIME, conf_set_class_connectfreq, 0, NULL },
|
|
{ "max_number", CF_INT, conf_set_class_max_number, 0, NULL },
|
|
{ "max_autoconn", CF_INT, conf_set_class_max_autoconn, 0, NULL },
|
|
{ "sendq", CF_TIME, conf_set_class_sendq, 0, NULL },
|
|
{ "\0", 0, NULL, 0, NULL }
|
|
};
|
|
|
|
static struct ConfEntry conf_auth_table[] =
|
|
{
|
|
{ "user", CF_QSTRING, conf_set_auth_user, 0, NULL },
|
|
{ "auth_user", CF_QSTRING, conf_set_auth_auth_user, 0, NULL },
|
|
{ "password", CF_QSTRING, conf_set_auth_passwd, 0, NULL },
|
|
{ "class", CF_QSTRING, conf_set_auth_class, 0, NULL },
|
|
{ "spoof", CF_QSTRING, conf_set_auth_spoof, 0, NULL },
|
|
{ "redirserv", CF_QSTRING, conf_set_auth_redir_serv, 0, NULL },
|
|
{ "redirport", CF_INT, conf_set_auth_redir_port, 0, NULL },
|
|
{ "flags", CF_STRING | CF_FLIST, conf_set_auth_flags, 0, NULL },
|
|
{ "umodes", CF_QSTRING, conf_set_auth_umodes, 0, NULL},
|
|
{ "\0", 0, NULL, 0, NULL }
|
|
};
|
|
|
|
static struct ConfEntry conf_connect_table[] =
|
|
{
|
|
{ "send_password", CF_QSTRING, conf_set_connect_send_password, 0, NULL },
|
|
{ "accept_password", CF_QSTRING, conf_set_connect_accept_password, 0, NULL },
|
|
{ "fingerprint", CF_QSTRING, conf_set_connect_fingerprint, 0, NULL },
|
|
{ "flags", CF_STRING | CF_FLIST, conf_set_connect_flags, 0, NULL },
|
|
{ "host", CF_QSTRING, conf_set_connect_host, 0, NULL },
|
|
{ "vhost", CF_QSTRING, conf_set_connect_vhost, 0, NULL },
|
|
{ "port", CF_INT, conf_set_connect_port, 0, NULL },
|
|
{ "aftype", CF_STRING, conf_set_connect_aftype, 0, NULL },
|
|
{ "class", CF_QSTRING, conf_set_connect_class, 0, NULL },
|
|
{ "\0", 0, NULL, 0, NULL }
|
|
};
|
|
|
|
static struct ConfEntry conf_general_table[] =
|
|
{
|
|
{ "oper_only_umodes", CF_STRING | CF_FLIST, conf_set_general_oper_only_umodes, 0, NULL },
|
|
{ "oper_umodes", CF_STRING | CF_FLIST, conf_set_general_oper_umodes, 0, NULL },
|
|
{ "oper_snomask", CF_QSTRING, conf_set_general_oper_snomask, 0, NULL },
|
|
{ "havent_read_conf", CF_YESNO, conf_set_general_havent_read_conf, 0, NULL },
|
|
{ "hide_error_messages",CF_STRING, conf_set_general_hide_error_messages,0, NULL },
|
|
{ "stats_i_oper_only", CF_STRING, conf_set_general_stats_i_oper_only, 0, NULL },
|
|
{ "stats_k_oper_only", CF_STRING, conf_set_general_stats_k_oper_only, 0, NULL },
|
|
{ "stats_l_oper_only", CF_STRING, conf_set_general_stats_l_oper_only, 0, NULL },
|
|
{ "default_umodes", CF_QSTRING, conf_set_general_default_umodes, 0, NULL },
|
|
|
|
{ "default_operstring", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.default_operstring },
|
|
{ "default_adminstring",CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.default_adminstring },
|
|
{ "servicestring", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.servicestring },
|
|
{ "kline_reason", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.kline_reason },
|
|
{ "identify_service", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.identifyservice },
|
|
{ "identify_command", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.identifycommand },
|
|
{ "sasl_service", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.sasl_service },
|
|
|
|
{ "anti_spam_exit_message_time", CF_TIME, NULL, 0, &ConfigFileEntry.anti_spam_exit_message_time },
|
|
{ "disable_fake_channels", CF_YESNO, NULL, 0, &ConfigFileEntry.disable_fake_channels },
|
|
{ "min_nonwildcard_simple", CF_INT, NULL, 0, &ConfigFileEntry.min_nonwildcard_simple },
|
|
{ "non_redundant_klines", CF_YESNO, NULL, 0, &ConfigFileEntry.non_redundant_klines },
|
|
{ "tkline_expire_notices", CF_YESNO, NULL, 0, &ConfigFileEntry.tkline_expire_notices },
|
|
|
|
{ "hidden_caps", CF_QSTRING | CF_FLIST, conf_set_general_hidden_caps, 0, NULL },
|
|
|
|
{ "anti_nick_flood", CF_YESNO, NULL, 0, &ConfigFileEntry.anti_nick_flood },
|
|
{ "burst_away", CF_YESNO, NULL, 0, &ConfigFileEntry.burst_away },
|
|
{ "caller_id_wait", CF_TIME, NULL, 0, &ConfigFileEntry.caller_id_wait },
|
|
{ "client_exit", CF_YESNO, NULL, 0, &ConfigFileEntry.client_exit },
|
|
{ "collision_fnc", CF_YESNO, NULL, 0, &ConfigFileEntry.collision_fnc },
|
|
{ "resv_fnc", CF_YESNO, NULL, 0, &ConfigFileEntry.resv_fnc },
|
|
{ "post_registration_delay", CF_TIME, NULL, 0, &ConfigFileEntry.post_registration_delay },
|
|
{ "connect_timeout", CF_TIME, NULL, 0, &ConfigFileEntry.connect_timeout },
|
|
{ "default_floodcount", CF_INT, NULL, 0, &ConfigFileEntry.default_floodcount },
|
|
{ "default_ident_timeout", CF_INT, NULL, 0, &ConfigFileEntry.default_ident_timeout },
|
|
{ "disable_auth", CF_YESNO, NULL, 0, &ConfigFileEntry.disable_auth },
|
|
{ "dots_in_ident", CF_INT, NULL, 0, &ConfigFileEntry.dots_in_ident },
|
|
{ "failed_oper_notice", CF_YESNO, NULL, 0, &ConfigFileEntry.failed_oper_notice },
|
|
{ "global_snotices", CF_YESNO, NULL, 0, &ConfigFileEntry.global_snotices },
|
|
{ "hide_spoof_ips", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_spoof_ips },
|
|
{ "dline_with_reason", CF_YESNO, NULL, 0, &ConfigFileEntry.dline_with_reason },
|
|
{ "kline_with_reason", CF_YESNO, NULL, 0, &ConfigFileEntry.kline_with_reason },
|
|
{ "hide_tkdline_duration", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_tkdline_duration },
|
|
{ "map_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.map_oper_only },
|
|
{ "max_accept", CF_INT, NULL, 0, &ConfigFileEntry.max_accept },
|
|
{ "max_monitor", CF_INT, NULL, 0, &ConfigFileEntry.max_monitor },
|
|
{ "max_nick_time", CF_TIME, NULL, 0, &ConfigFileEntry.max_nick_time },
|
|
{ "max_nick_changes", CF_INT, NULL, 0, &ConfigFileEntry.max_nick_changes },
|
|
{ "max_targets", CF_INT, NULL, 0, &ConfigFileEntry.max_targets },
|
|
{ "min_nonwildcard", CF_INT, NULL, 0, &ConfigFileEntry.min_nonwildcard },
|
|
{ "nick_delay", CF_TIME, NULL, 0, &ConfigFileEntry.nick_delay },
|
|
{ "no_oper_flood", CF_YESNO, NULL, 0, &ConfigFileEntry.no_oper_flood },
|
|
{ "operspy_admin_only", CF_YESNO, NULL, 0, &ConfigFileEntry.operspy_admin_only },
|
|
{ "operspy_dont_care_user_info", CF_YESNO, NULL, 0, &ConfigFileEntry.operspy_dont_care_user_info },
|
|
{ "pace_wait", CF_TIME, NULL, 0, &ConfigFileEntry.pace_wait },
|
|
{ "pace_wait_simple", CF_TIME, NULL, 0, &ConfigFileEntry.pace_wait_simple },
|
|
{ "ping_cookie", CF_YESNO, NULL, 0, &ConfigFileEntry.ping_cookie },
|
|
{ "reject_after_count", CF_INT, NULL, 0, &ConfigFileEntry.reject_after_count },
|
|
{ "reject_ban_time", CF_TIME, NULL, 0, &ConfigFileEntry.reject_ban_time },
|
|
{ "reject_duration", CF_TIME, NULL, 0, &ConfigFileEntry.reject_duration },
|
|
{ "throttle_count", CF_INT, NULL, 0, &ConfigFileEntry.throttle_count },
|
|
{ "throttle_duration", CF_TIME, NULL, 0, &ConfigFileEntry.throttle_duration },
|
|
{ "short_motd", CF_YESNO, NULL, 0, &ConfigFileEntry.short_motd },
|
|
{ "stats_c_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_c_oper_only },
|
|
{ "stats_e_disabled", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_e_disabled },
|
|
{ "stats_o_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_o_oper_only },
|
|
{ "stats_P_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_P_oper_only },
|
|
{ "stats_y_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_y_oper_only },
|
|
{ "target_change", CF_YESNO, NULL, 0, &ConfigFileEntry.target_change },
|
|
{ "ts_max_delta", CF_TIME, NULL, 0, &ConfigFileEntry.ts_max_delta },
|
|
{ "ts_warn_delta", CF_TIME, NULL, 0, &ConfigFileEntry.ts_warn_delta },
|
|
{ "use_whois_actually", CF_YESNO, NULL, 0, &ConfigFileEntry.use_whois_actually },
|
|
{ "warn_no_nline", CF_YESNO, NULL, 0, &ConfigFileEntry.warn_no_nline },
|
|
{ "use_propagated_bans",CF_YESNO, NULL, 0, &ConfigFileEntry.use_propagated_bans },
|
|
{ "client_flood_max_lines", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_max_lines },
|
|
{ "client_flood_burst_rate", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_burst_rate },
|
|
{ "client_flood_burst_max", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_burst_max },
|
|
{ "client_flood_message_num", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_message_num },
|
|
{ "client_flood_message_time", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_message_time },
|
|
{ "max_ratelimit_tokens", CF_INT, NULL, 0, &ConfigFileEntry.max_ratelimit_tokens },
|
|
{ "away_interval", CF_INT, NULL, 0, &ConfigFileEntry.away_interval },
|
|
{ "hide_opers_in_whois", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_opers_in_whois },
|
|
{ "hide_opers", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_opers },
|
|
{ "certfp_method", CF_STRING, conf_set_general_certfp_method, 0, NULL },
|
|
{ "drain_reason", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.drain_reason },
|
|
{ "sasl_only_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.sasl_only_client_message },
|
|
{ "identd_only_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.identd_only_client_message },
|
|
{ "sctp_forbidden_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.sctp_forbidden_client_message },
|
|
{ "ssltls_only_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.ssltls_only_client_message },
|
|
{ "not_authorised_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.not_authorised_client_message },
|
|
{ "illegal_hostname_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.not_authorised_client_message },
|
|
{ "server_full_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.server_full_client_message },
|
|
{ "illegal_name_long_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.illegal_name_long_client_message },
|
|
{ "illegal_name_short_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.illegal_name_short_client_message },
|
|
{ "tls_ciphers_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.tls_ciphers_oper_only },
|
|
{ "oper_secure_only", CF_YESNO, NULL, 0, &ConfigFileEntry.oper_secure_only },
|
|
{ "\0", 0, NULL, 0, NULL }
|
|
};
|
|
|
|
static struct ConfEntry conf_channel_table[] =
|
|
{
|
|
{ "default_split_user_count", CF_INT, NULL, 0, &ConfigChannel.default_split_user_count },
|
|
{ "default_split_server_count", CF_INT, NULL, 0, &ConfigChannel.default_split_server_count },
|
|
{ "burst_topicwho", CF_YESNO, NULL, 0, &ConfigChannel.burst_topicwho },
|
|
{ "kick_on_split_riding", CF_YESNO, NULL, 0, &ConfigChannel.kick_on_split_riding },
|
|
{ "knock_delay", CF_TIME, NULL, 0, &ConfigChannel.knock_delay },
|
|
{ "knock_delay_channel",CF_TIME, NULL, 0, &ConfigChannel.knock_delay_channel },
|
|
{ "max_bans", CF_INT, NULL, 0, &ConfigChannel.max_bans },
|
|
{ "max_bans_large", CF_INT, NULL, 0, &ConfigChannel.max_bans_large },
|
|
{ "max_chans_per_user", CF_INT, NULL, 0, &ConfigChannel.max_chans_per_user },
|
|
{ "max_chans_per_user_large", CF_INT, NULL, 0, &ConfigChannel.max_chans_per_user_large },
|
|
{ "no_create_on_split", CF_YESNO, NULL, 0, &ConfigChannel.no_create_on_split },
|
|
{ "no_join_on_split", CF_YESNO, NULL, 0, &ConfigChannel.no_join_on_split },
|
|
{ "only_ascii_channels", CF_YESNO, NULL, 0, &ConfigChannel.only_ascii_channels },
|
|
{ "use_except", CF_YESNO, NULL, 0, &ConfigChannel.use_except },
|
|
{ "use_invex", CF_YESNO, NULL, 0, &ConfigChannel.use_invex },
|
|
{ "use_forward", CF_YESNO, NULL, 0, &ConfigChannel.use_forward },
|
|
{ "use_knock", CF_YESNO, NULL, 0, &ConfigChannel.use_knock },
|
|
{ "resv_forcepart", CF_YESNO, NULL, 0, &ConfigChannel.resv_forcepart },
|
|
{ "channel_target_change", CF_YESNO, NULL, 0, &ConfigChannel.channel_target_change },
|
|
{ "disable_local_channels", CF_YESNO, NULL, 0, &ConfigChannel.disable_local_channels },
|
|
{ "autochanmodes", CF_QSTRING, conf_set_channel_autochanmodes, 0, NULL },
|
|
{ "displayed_usercount", CF_INT, NULL, 0, &ConfigChannel.displayed_usercount },
|
|
{ "strip_topic_colors", CF_YESNO, NULL, 0, &ConfigChannel.strip_topic_colors },
|
|
{ "opmod_send_statusmsg", CF_YESNO, NULL, 0, &ConfigChannel.opmod_send_statusmsg },
|
|
{ "ip_bans_through_vhost", CF_YESNO, NULL, 0, &ConfigChannel.ip_bans_through_vhost },
|
|
{ "\0", 0, NULL, 0, NULL }
|
|
};
|
|
|
|
static struct ConfEntry conf_serverhide_table[] =
|
|
{
|
|
{ "disable_hidden", CF_YESNO, NULL, 0, &ConfigServerHide.disable_hidden },
|
|
{ "flatten_links", CF_YESNO, NULL, 0, &ConfigServerHide.flatten_links },
|
|
{ "hidden", CF_YESNO, NULL, 0, &ConfigServerHide.hidden },
|
|
{ "links_delay", CF_TIME, conf_set_serverhide_links_delay, 0, NULL },
|
|
{ "\0", 0, NULL, 0, NULL }
|
|
};
|
|
/* *INDENT-ON* */
|
|
|
|
void
|
|
newconf_init()
|
|
{
|
|
add_top_conf("modules", NULL, NULL, NULL);
|
|
add_conf_item("modules", "path", CF_QSTRING, conf_set_modules_path);
|
|
add_conf_item("modules", "module", CF_QSTRING, conf_set_modules_module);
|
|
|
|
add_top_conf("serverinfo", NULL, NULL, conf_serverinfo_table);
|
|
add_top_conf("admin", NULL, NULL, conf_admin_table);
|
|
add_top_conf("log", NULL, NULL, conf_log_table);
|
|
add_top_conf("operator", conf_begin_oper, conf_end_oper, conf_operator_table);
|
|
add_top_conf("class", conf_begin_class, conf_end_class, conf_class_table);
|
|
add_top_conf("privset", NULL, NULL, conf_privset_table);
|
|
|
|
add_top_conf("listen", conf_begin_listen, conf_end_listen, NULL);
|
|
add_conf_item("listen", "defer_accept", CF_YESNO, conf_set_listen_defer_accept);
|
|
add_conf_item("listen", "wsock", CF_YESNO, conf_set_listen_wsock);
|
|
add_conf_item("listen", "port", CF_INT | CF_FLIST, conf_set_listen_port);
|
|
add_conf_item("listen", "sslport", CF_INT | CF_FLIST, conf_set_listen_sslport);
|
|
add_conf_item("listen", "sctp_port", CF_INT | CF_FLIST, conf_set_listen_sctp_port);
|
|
add_conf_item("listen", "sctp_sslport", CF_INT | CF_FLIST, conf_set_listen_sctp_sslport);
|
|
add_conf_item("listen", "ip", CF_QSTRING, conf_set_listen_address);
|
|
add_conf_item("listen", "host", CF_QSTRING, conf_set_listen_address);
|
|
|
|
add_top_conf("auth", conf_begin_auth, conf_end_auth, conf_auth_table);
|
|
|
|
add_top_conf("connect", conf_begin_connect, conf_end_connect, conf_connect_table);
|
|
|
|
add_top_conf("exempt", NULL, NULL, NULL);
|
|
add_conf_item("exempt", "ip", CF_QSTRING, conf_set_exempt_ip);
|
|
|
|
add_top_conf("secure", NULL, NULL, NULL);
|
|
add_conf_item("secure", "ip", CF_QSTRING, conf_set_secure_ip);
|
|
|
|
add_top_conf("cluster", conf_cleanup_cluster, conf_cleanup_cluster, NULL);
|
|
add_conf_item("cluster", "name", CF_QSTRING, conf_set_cluster_name);
|
|
add_conf_item("cluster", "flags", CF_STRING | CF_FLIST, conf_set_cluster_flags);
|
|
|
|
add_top_conf("general", NULL, NULL, conf_general_table);
|
|
add_top_conf("channel", NULL, NULL, conf_channel_table);
|
|
add_top_conf("serverhide", NULL, NULL, conf_serverhide_table);
|
|
|
|
add_top_conf("service", NULL, NULL, NULL);
|
|
add_conf_item("service", "name", CF_QSTRING, conf_set_service_name);
|
|
|
|
add_top_conf("alias", conf_begin_alias, conf_end_alias, NULL);
|
|
add_conf_item("alias", "name", CF_QSTRING, conf_set_alias_name);
|
|
add_conf_item("alias", "target", CF_QSTRING, conf_set_alias_target);
|
|
|
|
add_top_conf("dnsbl", NULL, NULL, NULL);
|
|
add_conf_item("dnsbl", "host", CF_QSTRING, conf_set_dnsbl_entry_host);
|
|
add_conf_item("dnsbl", "type", CF_STRING | CF_FLIST, conf_set_dnsbl_entry_type);
|
|
add_conf_item("dnsbl", "matches", CF_QSTRING | CF_FLIST, conf_set_dnsbl_entry_matches);
|
|
add_conf_item("dnsbl", "reject_reason", CF_QSTRING, conf_set_dnsbl_entry_reason);
|
|
|
|
add_top_conf("blacklist", conf_warn_blacklist_deprecation, NULL, NULL);
|
|
add_conf_item("blacklist", "host", CF_QSTRING, conf_set_dnsbl_entry_host);
|
|
add_conf_item("blacklist", "type", CF_STRING | CF_FLIST, conf_set_dnsbl_entry_type);
|
|
add_conf_item("blacklist", "matches", CF_QSTRING | CF_FLIST, conf_set_dnsbl_entry_matches);
|
|
add_conf_item("blacklist", "reject_reason", CF_QSTRING, conf_set_dnsbl_entry_reason);
|
|
|
|
add_top_conf("opm", conf_begin_opm, conf_end_opm, NULL);
|
|
add_conf_item("opm", "timeout", CF_INT, conf_set_opm_timeout);
|
|
add_conf_item("opm", "listen_ipv4", CF_QSTRING, conf_set_opm_listen_address_ipv4);
|
|
add_conf_item("opm", "listen_ipv6", CF_QSTRING, conf_set_opm_listen_address_ipv6);
|
|
add_conf_item("opm", "port_v4", CF_INT, conf_set_opm_listen_port_ipv4);
|
|
add_conf_item("opm", "port_v6", CF_INT, conf_set_opm_listen_port_ipv6);
|
|
add_conf_item("opm", "listen_port", CF_INT, conf_set_opm_listen_port);
|
|
add_conf_item("opm", "socks4_ports", CF_INT | CF_FLIST, conf_set_opm_scan_ports_socks4);
|
|
add_conf_item("opm", "socks5_ports", CF_INT | CF_FLIST, conf_set_opm_scan_ports_socks5);
|
|
add_conf_item("opm", "httpconnect_ports", CF_INT | CF_FLIST, conf_set_opm_scan_ports_httpconnect);
|
|
add_conf_item("opm", "httpsconnect_ports", CF_INT | CF_FLIST, conf_set_opm_scan_ports_httpsconnect);
|
|
}
|