vulpineawoo/solanum
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Add secure{} blocks

Browse source
This commit is contained in:
Ed Kellett 2020-10-28 20:55:35 +00:00
parent bbdc439aa3
commit 1cf798beb1
4 changed files with 33 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
include/s_conf.h
View file

@ -84,6 +84,7 @@ struct ConfItem
#define CONF_DLINE 0x020000
#define CONF_EXEMPTDLINE 0x100000
#define CONF_SECURE 0x200000
#define IsIllegal(x) ((x)->status & CONF_ILLEGAL)

4
ircd/hostmask.c
View file

@ -646,7 +646,7 @@ clear_out_address_conf(void)
/* We keep the temporary K-lines and destroy the
* permanent ones, just to be confusing :) -A1kmm */
if(arec->aconf->flags & CONF_FLAGS_TEMPORARY ||
(arec->type != CONF_CLIENT && arec->type != CONF_EXEMPTDLINE))
(arec->type != CONF_CLIENT && arec->type != CONF_EXEMPTDLINE && arec->type != CONF_SECURE))
{
*store_next = arec;
store_next = &arec->next;
@ -679,7 +679,7 @@ clear_out_address_conf_bans(void)
/* We keep the temporary K-lines and destroy the
* permanent ones, just to be confusing :) -A1kmm */
if(arec->aconf->flags & CONF_FLAGS_TEMPORARY ||
(arec->type == CONF_CLIENT || arec->type == CONF_EXEMPTDLINE))
(arec->type == CONF_CLIENT || arec->type == CONF_EXEMPTDLINE || arec->type == CONF_SECURE))
{
*store_next = arec;
store_next = &arec->next;

8
ircd/listener.c
View file

@ -541,6 +541,14 @@ add_connection(struct Listener *listener, rb_fde_t *F, struct sockaddr *sai, str
SetSSL(new_client);
SetSecure(new_client);
}
else
{
struct ConfItem *aconf;
aconf = find_conf_by_address(NULL, NULL, NULL, sai, CONF_SECURE | 1, sai->sa_family, NULL, NULL);
if (aconf != NULL)
SetSecure(new_client);
}
if (listener->wsock)
{

22
ircd/newconf.c
View file

@ -1536,6 +1536,25 @@ conf_set_exempt_ip(void *data)
add_conf_by_address(yy_tmp->host, CONF_EXEMPTDLINE, NULL, NULL, yy_tmp);
}
static void
conf_set_secure_ip(void *data)
{
struct ConfItem *yy_tmp;
int masktype = parse_netmask_strict(data, NULL, NULL);
if(masktype != HM_IPV4 && masktype != HM_IPV6)
{
conf_report_error("Ignoring secure -- invalid secure::ip.");
return;
}
yy_tmp = make_conf();
yy_tmp->passwd = rb_strdup("*");
yy_tmp->host = rb_strdup(data);
yy_tmp->status = CONF_SECURE;
add_conf_by_address(yy_tmp->host, CONF_SECURE, NULL, NULL, yy_tmp);
}
static int
conf_cleanup_cluster(struct TopConf *tc)
{
@ -2894,6 +2913,9 @@ newconf_init()
add_top_conf("exempt", NULL, NULL, NULL);
add_conf_item("exempt", "ip", CF_QSTRING, conf_set_exempt_ip);
add_top_conf("secure", NULL, NULL, NULL);
add_conf_item("secure", "ip", CF_QSTRING, conf_set_secure_ip);
add_top_conf("cluster", conf_cleanup_cluster, conf_cleanup_cluster, NULL);
add_conf_item("cluster", "name", CF_QSTRING, conf_set_cluster_name);
add_conf_item("cluster", "flags", CF_STRING | CF_FLIST, conf_set_cluster_flags);