solanum/ircd/newconf.c
Aaron Jones 95898abbb1
ircd/newconf: ignore invalid connect block passwords (#261)
Also, ignore a connect block that requests certfp authentication
without setting the ssl flag, as it will then go on to fail anyway.

Finally, correct an erroneous error message about class blocks.
2021-08-14 23:14:39 +00:00

2874 lines
72 KiB
C

/* This code is in the public domain.
*/
#include "stdinc.h"
#ifdef HAVE_LIBCRYPTO
#include <openssl/pem.h>
#include <openssl/rsa.h>
#endif
#include "newconf.h"
#include "ircd_defs.h"
#include "logger.h"
#include "s_conf.h"
#include "s_user.h"
#include "s_newconf.h"
#include "send.h"
#include "setup.h"
#include "modules.h"
#include "listener.h"
#include "hostmask.h"
#include "s_serv.h"
#include "hash.h"
#include "cache.h"
#include "ircd.h"
#include "snomask.h"
#include "sslproc.h"
#include "wsproc.h"
#include "privilege.h"
#include "chmode.h"
#include "certfp.h"
#define CF_TYPE(x) ((x) & CF_MTYPE)
static int yy_defer_accept = 1;
static int yy_wsock = 0;
struct TopConf *conf_cur_block;
static char *conf_cur_block_name = NULL;
static rb_dlink_list conf_items;
static struct ConfItem *yy_aconf = NULL;
static struct Class *yy_class = NULL;
static struct remote_conf *yy_shared = NULL;
static struct server_conf *yy_server = NULL;
static rb_dlink_list yy_aconf_list;
static rb_dlink_list yy_oper_list;
static rb_dlink_list yy_cluster_list;
static struct oper_conf *yy_oper = NULL;
static struct alias_entry *yy_alias = NULL;
static char *yy_dnsbl_entry_host = NULL;
static char *yy_dnsbl_entry_reason = NULL;
static uint8_t yy_dnsbl_entry_iptype = 0;
static rb_dlink_list yy_dnsbl_entry_filters = { NULL, NULL, 0 };
static char *yy_opm_address_ipv4 = NULL;
static char *yy_opm_address_ipv6 = NULL;
static uint16_t yy_opm_port_ipv4 = 0;
static uint16_t yy_opm_port_ipv6 = 0;
static int yy_opm_timeout = 0;
static rb_dlink_list yy_opm_scanner_list;
static char *yy_privset_extends = NULL;
static const char *
conf_strtype(int type)
{
switch (CF_TYPE(type))
{
case CF_INT:
return "integer value";
case CF_STRING:
return "unquoted string";
case CF_YESNO:
return "yes/no value";
case CF_QSTRING:
return "quoted string";
case CF_TIME:
return "time/size value";
default:
return "unknown type";
}
}
int
add_top_conf(const char *name, int (*sfunc) (struct TopConf *),
int (*efunc) (struct TopConf *), struct ConfEntry *items)
{
struct TopConf *tc;
tc = rb_malloc(sizeof(struct TopConf));
tc->tc_name = name;
tc->tc_sfunc = sfunc;
tc->tc_efunc = efunc;
tc->tc_entries = items;
rb_dlinkAddAlloc(tc, &conf_items);
return 0;
}
struct TopConf *
find_top_conf(const char *name)
{
rb_dlink_node *d;
struct TopConf *tc;
RB_DLINK_FOREACH(d, conf_items.head)
{
tc = d->data;
if(rb_strcasecmp(tc->tc_name, name) == 0)
return tc;
}
return NULL;
}
struct ConfEntry *
find_conf_item(const struct TopConf *top, const char *name)
{
struct ConfEntry *cf;
rb_dlink_node *d;
if(top->tc_entries)
{
int i;
for(i = 0; top->tc_entries[i].cf_type; i++)
{
cf = &top->tc_entries[i];
if(!rb_strcasecmp(cf->cf_name, name))
return cf;
}
}
RB_DLINK_FOREACH(d, top->tc_items.head)
{
cf = d->data;
if(rb_strcasecmp(cf->cf_name, name) == 0)
return cf;
}
return NULL;
}
int
remove_top_conf(char *name)
{
struct TopConf *tc;
rb_dlink_node *ptr;
if((tc = find_top_conf(name)) == NULL)
return -1;
if((ptr = rb_dlinkFind(tc, &conf_items)) == NULL)
return -1;
rb_dlinkDestroy(ptr, &conf_items);
rb_free(tc);
return 0;
}
static void
conf_set_serverinfo_name(void *data)
{
if(ServerInfo.name == NULL)
{
const char *s;
int dots = 0;
for(s = data; *s != '\0'; s++)
{
if(!IsServChar(*s))
{
conf_report_error("Ignoring serverinfo::name "
"-- bogus servername.");
return;
}
else if(*s == '.')
++dots;
}
if(!dots)
{
conf_report_error("Ignoring serverinfo::name -- must contain '.'");
return;
}
s = data;
if(IsDigit(*s))
{
conf_report_error("Ignoring serverinfo::name -- cannot begin with digit.");
return;
}
/* the ircd will exit() in main() if we dont set one */
if(strlen(s) <= HOSTLEN)
ServerInfo.name = rb_strdup((char *) data);
}
}
static void
conf_set_serverinfo_sid(void *data)
{
char *sid = data;
if(ServerInfo.sid[0] == '\0')
{
if(!IsDigit(sid[0]) || !IsIdChar(sid[1]) ||
!IsIdChar(sid[2]) || sid[3] != '\0')
{
conf_report_error("Ignoring serverinfo::sid "
"-- bogus sid.");
return;
}
rb_strlcpy(ServerInfo.sid, sid, sizeof(ServerInfo.sid));
}
}
static void
conf_set_serverinfo_network_name(void *data)
{
char *p;
if((p = strchr((char *) data, ' ')))
*p = '\0';
rb_free(ServerInfo.network_name);
ServerInfo.network_name = rb_strdup((char *) data);
}
static void
conf_set_serverinfo_vhost(void *data)
{
struct rb_sockaddr_storage addr;
if(rb_inet_pton_sock(data, &addr) <= 0 || GET_SS_FAMILY(&addr) != AF_INET)
{
conf_report_error("Invalid IPv4 address for server vhost (%s)", (char *) data);
return;
}
ServerInfo.bind4 = addr;
}
static void
conf_set_serverinfo_vhost6(void *data)
{
struct rb_sockaddr_storage addr;
if(rb_inet_pton_sock(data, &addr) <= 0 || GET_SS_FAMILY(&addr) != AF_INET6)
{
conf_report_error("Invalid IPv6 address for server vhost (%s)", (char *) data);
return;
}
ServerInfo.bind6 = addr;
}
static void
conf_set_serverinfo_nicklen(void *data)
{
ConfigFileEntry.nicklen = (*(unsigned int *) data) + 1;
if (ConfigFileEntry.nicklen > NICKLEN)
{
conf_report_error("Warning -- ignoring serverinfo::nicklen -- provided nicklen (%u) is greater than allowed nicklen (%u)",
ConfigFileEntry.nicklen - 1, NICKLEN - 1);
ConfigFileEntry.nicklen = NICKLEN;
}
else if (ConfigFileEntry.nicklen < 9 + 1)
{
conf_report_error("Warning -- serverinfo::nicklen is too low (%u) -- forcing 9",
ConfigFileEntry.nicklen - 1);
ConfigFileEntry.nicklen = 9 + 1;
}
}
static void
conf_set_modules_module(void *data)
{
char *m_bn;
m_bn = rb_basename((char *) data);
if(findmodule_byname(m_bn) == NULL)
load_one_module((char *) data, MAPI_ORIGIN_EXTENSION, false);
rb_free(m_bn);
}
static void
conf_set_modules_path(void *data)
{
mod_add_path((char *) data);
}
struct mode_table
{
const char *name;
int mode;
};
/* *INDENT-OFF* */
static struct mode_table umode_table[] = {
{"deaf", UMODE_DEAF },
{"invisible", UMODE_INVISIBLE },
{"locops", UMODE_LOCOPS },
{"noforward", UMODE_NOFORWARD },
{"servnotice", UMODE_SERVNOTICE},
{"wallop", UMODE_WALLOP },
{"operwall", UMODE_OPERWALL },
{NULL, 0}
};
static struct mode_table oper_table[] = {
{"encrypted", OPER_ENCRYPTED },
{"need_ssl", OPER_NEEDSSL },
{NULL, 0}
};
static struct mode_table auth_table[] = {
{"encrypted", CONF_FLAGS_ENCRYPTED },
{"spoof_notice", CONF_FLAGS_SPOOF_NOTICE },
{"exceed_limit", CONF_FLAGS_NOLIMIT },
{"dnsbl_exempt", CONF_FLAGS_EXEMPTDNSBL },
{"proxy_exempt", CONF_FLAGS_EXEMPTPROXY },
{"kline_exempt", CONF_FLAGS_EXEMPTKLINE },
{"flood_exempt", CONF_FLAGS_EXEMPTFLOOD },
{"spambot_exempt", CONF_FLAGS_EXEMPTSPAMBOT },
{"shide_exempt", CONF_FLAGS_EXEMPTSHIDE },
{"jupe_exempt", CONF_FLAGS_EXEMPTJUPE },
{"resv_exempt", CONF_FLAGS_EXEMPTRESV },
{"no_tilde", CONF_FLAGS_NO_TILDE },
{"need_ident", CONF_FLAGS_NEED_IDENTD },
{"have_ident", CONF_FLAGS_NEED_IDENTD },
{"need_ssl", CONF_FLAGS_NEED_SSL },
{"need_sasl", CONF_FLAGS_NEED_SASL },
{"extend_chans", CONF_FLAGS_EXTEND_CHANS },
{"allow_sctp", CONF_FLAGS_ALLOW_SCTP },
{"kline_spoof_ip", CONF_FLAGS_KLINE_SPOOF },
{NULL, 0}
};
static struct mode_table connect_table[] = {
{ "autoconn", SERVER_AUTOCONN },
{ "compressed", 0 },
{ "encrypted", SERVER_ENCRYPTED },
{ "topicburst", SERVER_TB },
{ "sctp", SERVER_SCTP },
{ "ssl", SERVER_SSL },
{ "no-export", SERVER_NO_EXPORT },
{ NULL, 0 },
};
static struct mode_table cluster_table[] = {
{ "kline", SHARED_PKLINE },
{ "tkline", SHARED_TKLINE },
{ "unkline", SHARED_UNKLINE },
{ "locops", SHARED_LOCOPS },
{ "xline", SHARED_PXLINE },
{ "txline", SHARED_TXLINE },
{ "unxline", SHARED_UNXLINE },
{ "resv", SHARED_PRESV },
{ "tresv", SHARED_TRESV },
{ "unresv", SHARED_UNRESV },
{ "all", CLUSTER_ALL },
{NULL, 0}
};
/* *INDENT-ON* */
static int
find_umode(struct mode_table *tab, const char *name)
{
int i;
for (i = 0; tab[i].name; i++)
{
if(strcmp(tab[i].name, name) == 0)
return tab[i].mode;
}
return -1;
}
static void
set_modes_from_table(int *modes, const char *whatis, struct mode_table *tab, conf_parm_t * args)
{
for (; args; args = args->next)
{
const char *umode;
int dir = 1;
int mode;
if(CF_TYPE(args->type) != CF_STRING)
{
conf_report_error("Warning -- %s is not a string; ignoring.", whatis);
continue;
}
umode = args->v.string;
if(*umode == '~')
{
dir = 0;
umode++;
}
mode = find_umode(tab, umode);
if(mode == -1)
{
conf_report_error("Warning -- unknown %s %s.", whatis, args->v.string);
continue;
}
if(mode)
{
if(dir)
*modes |= mode;
else
*modes &= ~mode;
}
else
*modes = 0;
}
}
static void
parse_umodes(const char *pm, int *values, int *mask)
{
int what = MODE_ADD, flag;
*values = 0;
if (NULL != mask)
*mask = 0;
for (; *pm; pm++)
{
switch (*pm)
{
case '+':
what = MODE_ADD;
break;
case '-':
what = MODE_DEL;
break;
/* don't allow +o */
case 'o':
case 'S':
case 'Z':
case ' ':
break;
default:
flag = user_modes[(unsigned char) *pm];
if (flag)
{
/* Proper value has probably not yet been set
* so don't check oper_only_umodes -- jilles */
if (what == MODE_ADD)
*values |= flag;
else
*values &= ~flag;
if (NULL != mask)
*mask |= flag;
}
break;
}
}
}
static void
conf_set_privset_extends(void *data)
{
yy_privset_extends = rb_strdup((char *) data);
}
static void
conf_set_privset_privs(void *data)
{
char *privs = NULL;
conf_parm_t *args = data;
for (; args; args = args->next)
{
if (privs == NULL)
privs = rb_strdup(args->v.string);
else
{
char *privs_old = privs;
privs = rb_malloc(strlen(privs_old) + 1 + strlen(args->v.string) + 1);
strcpy(privs, privs_old);
strcat(privs, " ");
strcat(privs, args->v.string);
rb_free(privs_old);
}
}
if (privs)
{
if (yy_privset_extends)
{
struct PrivilegeSet *set = privilegeset_get(yy_privset_extends);
if (!set)
{
conf_report_error("Warning -- unknown parent privilege set %s for %s; assuming defaults", yy_privset_extends, conf_cur_block_name);
set = privilegeset_get("default");
}
privilegeset_extend(set, conf_cur_block_name != NULL ? conf_cur_block_name : "<unknown>", privs, 0);
rb_free(yy_privset_extends);
yy_privset_extends = NULL;
}
else
privilegeset_set_new(conf_cur_block_name != NULL ? conf_cur_block_name : "<unknown>", privs, 0);
rb_free(privs);
}
}
static int
conf_begin_oper(struct TopConf *tc)
{
rb_dlink_node *ptr;
rb_dlink_node *next_ptr;
if(yy_oper != NULL)
{
free_oper_conf(yy_oper);
yy_oper = NULL;
}
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_oper_list.head)
{
free_oper_conf(ptr->data);
rb_dlinkDestroy(ptr, &yy_oper_list);
}
yy_oper = make_oper_conf();
yy_oper->flags |= OPER_ENCRYPTED;
return 0;
}
static int
conf_end_oper(struct TopConf *tc)
{
struct oper_conf *yy_tmpoper;
rb_dlink_node *ptr;
rb_dlink_node *next_ptr;
if(conf_cur_block_name != NULL)
{
if(strlen(conf_cur_block_name) > OPERNICKLEN)
conf_cur_block_name[OPERNICKLEN] = '\0';
yy_oper->name = rb_strdup(conf_cur_block_name);
}
if(EmptyString(yy_oper->name))
{
conf_report_error("Ignoring operator block -- missing name.");
return 0;
}
#ifdef HAVE_LIBCRYPTO
if(EmptyString(yy_oper->passwd) && EmptyString(yy_oper->rsa_pubkey_file))
#else
if(EmptyString(yy_oper->passwd))
#endif
{
conf_report_error("Ignoring operator block for %s -- missing password",
yy_oper->name);
return 0;
}
if (!yy_oper->privset)
yy_oper->privset = privilegeset_get("default");
/* now, yy_oper_list contains a stack of oper_conf's with just user
* and host in, yy_oper contains the rest of the information which
* we need to copy into each element in yy_oper_list
*/
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_oper_list.head)
{
yy_tmpoper = ptr->data;
yy_tmpoper->name = rb_strdup(yy_oper->name);
/* could be an rsa key instead.. */
if(!EmptyString(yy_oper->passwd))
yy_tmpoper->passwd = rb_strdup(yy_oper->passwd);
yy_tmpoper->flags = yy_oper->flags;
yy_tmpoper->umodes = yy_oper->umodes;
yy_tmpoper->snomask = yy_oper->snomask;
yy_tmpoper->privset = yy_oper->privset;
#ifdef HAVE_LIBCRYPTO
if(yy_oper->rsa_pubkey_file)
{
BIO *file;
if((file = BIO_new_file(yy_oper->rsa_pubkey_file, "r")) == NULL)
{
conf_report_error("Ignoring operator block for %s -- "
"rsa_public_key_file cant be opened",
yy_tmpoper->name);
return 0;
}
yy_tmpoper->rsa_pubkey =
(RSA *) PEM_read_bio_RSA_PUBKEY(file, NULL, 0, NULL);
(void)BIO_set_close(file, BIO_CLOSE);
BIO_free(file);
if(yy_tmpoper->rsa_pubkey == NULL)
{
conf_report_error("Ignoring operator block for %s -- "
"rsa_public_key_file key invalid; check syntax",
yy_tmpoper->name);
return 0;
}
}
if(!EmptyString(yy_oper->certfp))
yy_tmpoper->certfp = rb_strdup(yy_oper->certfp);
#endif
/* all is ok, put it on oper_conf_list */
rb_dlinkMoveNode(ptr, &yy_oper_list, &oper_conf_list);
}
free_oper_conf(yy_oper);
yy_oper = NULL;
return 0;
}
static void
conf_set_oper_flags(void *data)
{
conf_parm_t *args = data;
set_modes_from_table(&yy_oper->flags, "flag", oper_table, args);
}
static void
conf_set_oper_fingerprint(void *data)
{
if (yy_oper->certfp)
rb_free(yy_oper->certfp);
yy_oper->certfp = rb_strdup((char *) data);
}
static void
conf_set_oper_privset(void *data)
{
yy_oper->privset = privilegeset_get((char *) data);
}
static void
conf_set_oper_user(void *data)
{
struct oper_conf *yy_tmpoper;
char *p;
char *host = (char *) data;
yy_tmpoper = make_oper_conf();
if((p = strchr(host, '@')))
{
*p++ = '\0';
yy_tmpoper->username = rb_strdup(host);
yy_tmpoper->host = rb_strdup(p);
}
else
{
yy_tmpoper->username = rb_strdup("*");
yy_tmpoper->host = rb_strdup(host);
}
if(EmptyString(yy_tmpoper->username) || EmptyString(yy_tmpoper->host))
{
conf_report_error("Ignoring user -- missing username/host");
free_oper_conf(yy_tmpoper);
return;
}
rb_dlinkAddAlloc(yy_tmpoper, &yy_oper_list);
}
static void
conf_set_oper_password(void *data)
{
if(yy_oper->passwd)
{
memset(yy_oper->passwd, 0, strlen(yy_oper->passwd));
rb_free(yy_oper->passwd);
}
yy_oper->passwd = rb_strdup((char *) data);
}
static void
conf_set_oper_rsa_public_key_file(void *data)
{
#ifdef HAVE_LIBCRYPTO
rb_free(yy_oper->rsa_pubkey_file);
yy_oper->rsa_pubkey_file = rb_strdup((char *) data);
#else
conf_report_error("Warning -- ignoring rsa_public_key_file (OpenSSL support not available");
#endif
}
static void
conf_set_oper_umodes(void *data)
{
set_modes_from_table(&yy_oper->umodes, "umode", umode_table, data);
}
static void
conf_set_oper_snomask(void *data)
{
yy_oper->snomask = parse_snobuf_to_mask(0, (const char *) data);
}
static int
conf_begin_class(struct TopConf *tc)
{
if(yy_class)
free_class(yy_class);
yy_class = make_class();
return 0;
}
static int
conf_end_class(struct TopConf *tc)
{
if(conf_cur_block_name != NULL)
yy_class->class_name = rb_strdup(conf_cur_block_name);
if(EmptyString(yy_class->class_name))
{
conf_report_error("Ignoring class block -- missing name.");
return 0;
}
add_class(yy_class);
yy_class = NULL;
return 0;
}
static void
conf_set_class_ping_time(void *data)
{
yy_class->ping_freq = *(unsigned int *) data;
}
static void
conf_set_class_cidr_ipv4_bitlen(void *data)
{
unsigned int maxsize = 32;
if(*(unsigned int *) data > maxsize)
conf_report_error
("class::cidr_ipv4_bitlen argument exceeds maxsize (%d > %d) - ignoring.",
*(unsigned int *) data, maxsize);
else
yy_class->cidr_ipv4_bitlen = *(unsigned int *) data;
}
static void
conf_set_class_cidr_ipv6_bitlen(void *data)
{
unsigned int maxsize = 128;
if(*(unsigned int *) data > maxsize)
conf_report_error
("class::cidr_ipv6_bitlen argument exceeds maxsize (%d > %d) - ignoring.",
*(unsigned int *) data, maxsize);
else
yy_class->cidr_ipv6_bitlen = *(unsigned int *) data;
}
static void
conf_set_class_number_per_cidr(void *data)
{
yy_class->cidr_amount = *(unsigned int *) data;
}
static void
conf_set_class_number_per_ip(void *data)
{
yy_class->max_local = *(unsigned int *) data;
}
static void
conf_set_class_number_per_ip_global(void *data)
{
yy_class->max_global = *(unsigned int *) data;
}
static void
conf_set_class_number_per_ident(void *data)
{
yy_class->max_ident = *(unsigned int *) data;
}
static void
conf_set_class_connectfreq(void *data)
{
yy_class->con_freq = *(unsigned int *) data;
}
static void
conf_set_class_max_number(void *data)
{
yy_class->max_total = *(unsigned int *) data;
}
static void
conf_set_class_max_autoconn(void *data)
{
yy_class->max_autoconn = *(unsigned int *) data;
}
static void
conf_set_class_sendq(void *data)
{
yy_class->max_sendq = *(unsigned int *) data;
}
static char *listener_address[2];
static int
conf_begin_listen(struct TopConf *tc)
{
for (int i = 0; i < ARRAY_SIZE(listener_address); i++) {
rb_free(listener_address[i]);
listener_address[i] = NULL;
}
yy_wsock = 0;
yy_defer_accept = 0;
return 0;
}
static int
conf_end_listen(struct TopConf *tc)
{
for (int i = 0; i < ARRAY_SIZE(listener_address); i++) {
rb_free(listener_address[i]);
listener_address[i] = NULL;
}
yy_wsock = 0;
yy_defer_accept = 0;
return 0;
}
static void
conf_set_listen_defer_accept(void *data)
{
yy_defer_accept = *(unsigned int *) data;
}
static void
conf_set_listen_wsock(void *data)
{
yy_wsock = *(unsigned int *) data;
}
static void
conf_set_listen_port_both(void *data, int ssl, int sctp)
{
conf_parm_t *args = data;
for (; args; args = args->next)
{
if(CF_TYPE(args->type) != CF_INT)
{
conf_report_error("listener::port argument is not an integer -- ignoring.");
continue;
}
if(listener_address[0] == NULL)
{
if (sctp) {
conf_report_error("listener::sctp_port has no addresses -- ignoring.");
} else {
add_tcp_listener(args->v.number, NULL, AF_INET, ssl, ssl || yy_defer_accept, yy_wsock);
add_tcp_listener(args->v.number, NULL, AF_INET6, ssl, ssl || yy_defer_accept, yy_wsock);
}
}
else
{
int family;
if(strchr(listener_address[0], ':') != NULL)
family = AF_INET6;
else
family = AF_INET;
if (sctp) {
#ifdef HAVE_LIBSCTP
add_sctp_listener(args->v.number, listener_address[0], listener_address[1], ssl, yy_wsock);
#else
conf_report_error("Warning -- ignoring listener::sctp_port -- SCTP support not available.");
#endif
} else {
add_tcp_listener(args->v.number, listener_address[0], family, ssl, ssl || yy_defer_accept, yy_wsock);
}
}
}
}
static void
conf_set_listen_port(void *data)
{
conf_set_listen_port_both(data, 0, 0);
}
static void
conf_set_listen_sslport(void *data)
{
conf_set_listen_port_both(data, 1, 0 );
}
static void
conf_set_listen_sctp_port(void *data)
{
conf_set_listen_port_both(data, 0, 1);
}
static void
conf_set_listen_sctp_sslport(void *data)
{
conf_set_listen_port_both(data, 1, 1);
}
static void
conf_set_listen_address(void *data)
{
rb_free(listener_address[1]);
listener_address[1] = listener_address[0];
listener_address[0] = rb_strdup(data);
}
static int
conf_begin_auth(struct TopConf *tc)
{
rb_dlink_node *ptr;
rb_dlink_node *next_ptr;
if(yy_aconf)
free_conf(yy_aconf);
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_aconf_list.head)
{
free_conf(ptr->data);
rb_dlinkDestroy(ptr, &yy_aconf_list);
}
yy_aconf = make_conf();
yy_aconf->status = CONF_CLIENT;
return 0;
}
static int
conf_end_auth(struct TopConf *tc)
{
struct ConfItem *yy_tmp, *found_conf;
rb_dlink_node *ptr;
rb_dlink_node *next_ptr;
if(EmptyString(yy_aconf->info.name))
yy_aconf->info.name = rb_strdup("NOMATCH");
/* didnt even get one ->host? */
if(EmptyString(yy_aconf->host))
{
conf_report_error("Ignoring auth block -- missing user@host");
return 0;
}
/* so the stacking works in order.. */
collapse(yy_aconf->user);
collapse(yy_aconf->host);
conf_add_class_to_conf(yy_aconf);
if ((found_conf = find_exact_conf_by_address("*", CONF_CLIENT, "*")) && found_conf->spasswd == NULL)
conf_report_error("Ignoring redundant auth block (after *@*)");
else if ((found_conf = find_exact_conf_by_address(yy_aconf->host, CONF_CLIENT, yy_aconf->user)) &&
(!found_conf->spasswd || (yy_aconf->spasswd &&
0 == irccmp(found_conf->spasswd, yy_aconf->spasswd))))
conf_report_error("Ignoring duplicate auth block for %s@%s",
yy_aconf->user, yy_aconf->host);
else
add_conf_by_address(yy_aconf->host, CONF_CLIENT, yy_aconf->user, yy_aconf->spasswd, yy_aconf);
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_aconf_list.head)
{
yy_tmp = ptr->data;
if(yy_aconf->passwd)
yy_tmp->passwd = rb_strdup(yy_aconf->passwd);
if(yy_aconf->spasswd)
yy_tmp->spasswd = rb_strdup(yy_aconf->spasswd);
/* this will always exist.. */
yy_tmp->info.name = rb_strdup(yy_aconf->info.name);
if(yy_aconf->className)
yy_tmp->className = rb_strdup(yy_aconf->className);
yy_tmp->flags = yy_aconf->flags;
yy_tmp->port = yy_aconf->port;
collapse(yy_tmp->user);
collapse(yy_tmp->host);
conf_add_class_to_conf(yy_tmp);
if ((found_conf = find_exact_conf_by_address("*", CONF_CLIENT, "*")) && found_conf->spasswd == NULL)
conf_report_error("Ignoring redundant auth block (after *@*)");
else if ((found_conf = find_exact_conf_by_address(yy_tmp->host, CONF_CLIENT, yy_tmp->user)) &&
(!found_conf->spasswd || (yy_tmp->spasswd &&
0 == irccmp(found_conf->spasswd, yy_tmp->spasswd))))
conf_report_error("Ignoring duplicate auth block for %s@%s",
yy_tmp->user, yy_tmp->host);
else
add_conf_by_address(yy_tmp->host, CONF_CLIENT, yy_tmp->user, yy_tmp->spasswd, yy_tmp);
rb_dlinkDestroy(ptr, &yy_aconf_list);
}
yy_aconf = NULL;
return 0;
}
static void
conf_set_auth_user(void *data)
{
struct ConfItem *yy_tmp;
char *p;
/* The first user= line doesn't allocate a new conf */
if(!EmptyString(yy_aconf->host))
{
yy_tmp = make_conf();
yy_tmp->status = CONF_CLIENT;
}
else
yy_tmp = yy_aconf;
if((p = strchr(data, '@')))
{
*p++ = '\0';
yy_tmp->user = rb_strdup(data);
yy_tmp->host = rb_strdup(p);
}
else
{
yy_tmp->user = rb_strdup("*");
yy_tmp->host = rb_strdup(data);
}
if(yy_aconf != yy_tmp)
rb_dlinkAddAlloc(yy_tmp, &yy_aconf_list);
}
static void
conf_set_auth_auth_user(void *data)
{
if(yy_aconf->spasswd)
memset(yy_aconf->spasswd, 0, strlen(yy_aconf->spasswd));
rb_free(yy_aconf->spasswd);
yy_aconf->spasswd = rb_strdup(data);
}
static void
conf_set_auth_passwd(void *data)
{
if(yy_aconf->passwd)
memset(yy_aconf->passwd, 0, strlen(yy_aconf->passwd));
rb_free(yy_aconf->passwd);
yy_aconf->passwd = rb_strdup(data);
}
static void
conf_set_auth_spoof(void *data)
{
char *p;
char *user = NULL;
char *host = NULL;
host = data;
/* user@host spoof */
if((p = strchr(host, '@')) != NULL)
{
*p = '\0';
user = data;
host = p+1;
if(EmptyString(user))
{
conf_report_error("Warning -- spoof ident empty.");
return;
}
if(strlen(user) > USERLEN)
{
conf_report_error("Warning -- spoof ident length invalid.");
return;
}
if(!valid_username(user))
{
conf_report_error("Warning -- invalid spoof (ident).");
return;
}
/* this must be restored! */
*p = '@';
}
if(EmptyString(host))
{
conf_report_error("Warning -- spoof host empty.");
return;
}
if(strlen(host) > HOSTLEN)
{
conf_report_error("Warning -- spoof host length invalid.");
return;
}
if(!valid_hostname(host))
{
conf_report_error("Warning -- invalid spoof (host).");
return;
}
rb_free(yy_aconf->info.name);
yy_aconf->info.name = rb_strdup(data);
yy_aconf->flags |= CONF_FLAGS_SPOOF_IP;
}
static void
conf_set_auth_flags(void *data)
{
conf_parm_t *args = data;
set_modes_from_table((int *) &yy_aconf->flags, "flag", auth_table, args);
}
static void
conf_set_auth_redir_serv(void *data)
{
yy_aconf->flags |= CONF_FLAGS_REDIR;
rb_free(yy_aconf->info.name);
yy_aconf->info.name = rb_strdup(data);
}
static void
conf_set_auth_redir_port(void *data)
{
int port = *(unsigned int *) data;
yy_aconf->flags |= CONF_FLAGS_REDIR;
yy_aconf->port = port;
}
static void
conf_set_auth_class(void *data)
{
rb_free(yy_aconf->className);
yy_aconf->className = rb_strdup(data);
}
static void
conf_set_auth_umodes(void *data)
{
char *umodes = data;
parse_umodes(umodes, &yy_aconf->umodes, &yy_aconf->umodes_mask);
}
static int
conf_begin_connect(struct TopConf *tc)
{
if(yy_server)
free_server_conf(yy_server);
yy_server = make_server_conf();
yy_server->port = PORTNUM;
yy_server->flags |= SERVER_TB;
if(conf_cur_block_name != NULL)
yy_server->name = rb_strdup(conf_cur_block_name);
return 0;
}
static int
conf_end_connect(struct TopConf *tc)
{
if (EmptyString(yy_server->name))
{
conf_report_error("Ignoring connect block -- missing name.");
return 0;
}
if (ServerInfo.name != NULL && !irccmp(ServerInfo.name, yy_server->name))
{
conf_report_error("Ignoring connect block for %s -- name is "
"equal to my own name.", yy_server->name);
return 0;
}
if ((EmptyString(yy_server->passwd) || EmptyString(yy_server->spasswd))
&& EmptyString(yy_server->certfp))
{
conf_report_error("Ignoring connect block for %s -- no "
"fingerprint or password credentials "
"provided.", yy_server->name);
return 0;
}
if ((yy_server->flags & SERVER_SSL) && EmptyString(yy_server->certfp))
{
conf_report_error("Ignoring connect block for %s -- no "
"fingerprint provided for SSL "
"connection.", yy_server->name);
return 0;
}
if (! (yy_server->flags & SERVER_SSL) && ! EmptyString(yy_server->certfp))
{
conf_report_error("Ignoring connect block for %s -- "
"fingerprint authentication has "
"been requested; but the ssl flag "
"is not set.", yy_server->name);
return 0;
}
if (EmptyString(yy_server->connect_host)
&& GET_SS_FAMILY(&yy_server->connect4) != AF_INET
&& GET_SS_FAMILY(&yy_server->connect6) != AF_INET6)
{
conf_report_error("Ignoring connect block for %s -- missing "
"host.", yy_server->name);
return 0;
}
add_server_conf(yy_server);
rb_dlinkAdd(yy_server, &yy_server->node, &server_conf_list);
yy_server = NULL;
return 0;
}
static void
conf_set_connect_host(void *data)
{
struct rb_sockaddr_storage addr;
if(rb_inet_pton_sock(data, &addr) <= 0)
{
rb_free(yy_server->connect_host);
yy_server->connect_host = rb_strdup(data);
}
else if(GET_SS_FAMILY(&addr) == AF_INET)
{
yy_server->connect4 = addr;
}
else if(GET_SS_FAMILY(&addr) == AF_INET6)
{
yy_server->connect6 = addr;
}
else
{
conf_report_error("Unsupported IP address for server connect host (%s)",
(char *)data);
return;
}
}
static void
conf_set_connect_vhost(void *data)
{
struct rb_sockaddr_storage addr;
if(rb_inet_pton_sock(data, &addr) <= 0)
{
rb_free(yy_server->bind_host);
yy_server->bind_host = rb_strdup(data);
}
else if(GET_SS_FAMILY(&addr) == AF_INET)
{
yy_server->bind4 = addr;
}
else if(GET_SS_FAMILY(&addr) == AF_INET6)
{
yy_server->bind6 = addr;
}
else
{
conf_report_error("Unsupported IP address for server connect vhost (%s)",
(char *)data);
return;
}
}
static void
conf_set_connect_send_password(void *data)
{
if(yy_server->spasswd)
{
memset(yy_server->spasswd, 0, strlen(yy_server->spasswd));
rb_free(yy_server->spasswd);
}
if (EmptyString((const char *) data))
{
yy_server->spasswd = NULL;
conf_report_warning("Invalid send_password for connect "
"block; must not be empty if provided");
}
else if (strpbrk(data, " :"))
{
yy_server->spasswd = NULL;
conf_report_error("Invalid send_password for connect "
"block; cannot contain spaces or colons");
}
else
yy_server->spasswd = rb_strdup(data);
}
static void
conf_set_connect_accept_password(void *data)
{
if(yy_server->passwd)
{
memset(yy_server->passwd, 0, strlen(yy_server->passwd));
rb_free(yy_server->passwd);
}
if (EmptyString((const char *) data))
{
yy_server->passwd = NULL;
conf_report_warning("Invalid accept_password for connect "
"block; must not be empty if provided");
}
else if (strpbrk(data, " :"))
{
yy_server->passwd = NULL;
conf_report_error("Invalid accept_password for connect "
"block; cannot contain spaces or colons");
}
else
yy_server->passwd = rb_strdup(data);
}
static void
conf_set_connect_fingerprint(void *data)
{
if (yy_server->certfp)
rb_free(yy_server->certfp);
yy_server->certfp = rb_strdup((char *) data);
/* force SSL to be enabled if fingerprint is enabled. */
yy_server->flags |= SERVER_SSL;
}
static void
conf_set_connect_port(void *data)
{
int port = *(unsigned int *) data;
if(port < 1)
port = PORTNUM;
yy_server->port = port;
}
static void
conf_set_connect_aftype(void *data)
{
char *aft = data;
if(rb_strcasecmp(aft, "ipv4") == 0)
yy_server->aftype = AF_INET;
else if(rb_strcasecmp(aft, "ipv6") == 0)
yy_server->aftype = AF_INET6;
else
conf_report_error("connect::aftype '%s' is unknown.", aft);
}
static void
conf_set_connect_flags(void *data)
{
conf_parm_t *args = data;
set_modes_from_table(&yy_server->flags, "flag", connect_table, args);
}
static void
conf_set_connect_class(void *data)
{
rb_free(yy_server->class_name);
yy_server->class_name = rb_strdup(data);
}
static void
conf_set_exempt_ip(void *data)
{
struct ConfItem *yy_tmp;
int masktype = parse_netmask_strict(data, NULL, NULL);
if(masktype != HM_IPV4 && masktype != HM_IPV6)
{
conf_report_error("Ignoring exempt -- invalid exempt::ip.");
return;
}
yy_tmp = make_conf();
yy_tmp->passwd = rb_strdup("*");
yy_tmp->host = rb_strdup(data);
yy_tmp->status = CONF_EXEMPTDLINE;
add_conf_by_address(yy_tmp->host, CONF_EXEMPTDLINE, NULL, NULL, yy_tmp);
}
static void
conf_set_secure_ip(void *data)
{
struct ConfItem *yy_tmp;
int masktype = parse_netmask_strict(data, NULL, NULL);
if(masktype != HM_IPV4 && masktype != HM_IPV6)
{
conf_report_error("Ignoring secure -- invalid secure::ip.");
return;
}
yy_tmp = make_conf();
yy_tmp->passwd = rb_strdup("*");
yy_tmp->host = rb_strdup(data);
yy_tmp->status = CONF_SECURE;
add_conf_by_address(yy_tmp->host, CONF_SECURE, NULL, NULL, yy_tmp);
}
static int
conf_cleanup_cluster(struct TopConf *tc)
{
rb_dlink_node *ptr, *next_ptr;
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_cluster_list.head)
{
free_remote_conf(ptr->data);
rb_dlinkDestroy(ptr, &yy_cluster_list);
}
if(yy_shared != NULL)
{
free_remote_conf(yy_shared);
yy_shared = NULL;
}
return 0;
}
static void
conf_set_cluster_name(void *data)
{
if(yy_shared != NULL)
free_remote_conf(yy_shared);
yy_shared = make_remote_conf();
yy_shared->server = rb_strdup(data);
rb_dlinkAddAlloc(yy_shared, &yy_cluster_list);
yy_shared = NULL;
}
static void
conf_set_cluster_flags(void *data)
{
conf_parm_t *args = data;
int flags = 0;
rb_dlink_node *ptr, *next_ptr;
if(yy_shared != NULL)
free_remote_conf(yy_shared);
set_modes_from_table(&flags, "flag", cluster_table, args);
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_cluster_list.head)
{
yy_shared = ptr->data;
yy_shared->flags = flags;
rb_dlinkAddTail(yy_shared, &yy_shared->node, &cluster_conf_list);
rb_dlinkDestroy(ptr, &yy_cluster_list);
}
yy_shared = NULL;
}
static void
conf_set_general_havent_read_conf(void *data)
{
if(*(unsigned int *) data)
{
conf_report_error("You haven't read your config file properly.");
conf_report_error
("There is a line in the example conf that will kill your server if not removed.");
conf_report_error
("Consider actually reading/editing the conf file, and removing this line.");
if (!testing_conf)
exit(0);
}
}
static void
conf_set_general_hide_error_messages(void *data)
{
char *val = data;
if(rb_strcasecmp(val, "yes") == 0)
ConfigFileEntry.hide_error_messages = 2;
else if(rb_strcasecmp(val, "opers") == 0)
ConfigFileEntry.hide_error_messages = 1;
else if(rb_strcasecmp(val, "no") == 0)
ConfigFileEntry.hide_error_messages = 0;
else
conf_report_error("Invalid setting '%s' for general::hide_error_messages.", val);
}
static void
conf_set_general_stats_k_oper_only(void *data)
{
char *val = data;
if(rb_strcasecmp(val, "yes") == 0)
ConfigFileEntry.stats_k_oper_only = 2;
else if(rb_strcasecmp(val, "masked") == 0)
ConfigFileEntry.stats_k_oper_only = 1;
else if(rb_strcasecmp(val, "no") == 0)
ConfigFileEntry.stats_k_oper_only = 0;
else
conf_report_error("Invalid setting '%s' for general::stats_k_oper_only.", val);
}
static void
conf_set_general_stats_i_oper_only(void *data)
{
char *val = data;
if(rb_strcasecmp(val, "yes") == 0)
ConfigFileEntry.stats_i_oper_only = 2;
else if(rb_strcasecmp(val, "masked") == 0)
ConfigFileEntry.stats_i_oper_only = 1;
else if(rb_strcasecmp(val, "no") == 0)
ConfigFileEntry.stats_i_oper_only = 0;
else
conf_report_error("Invalid setting '%s' for general::stats_i_oper_only.", val);
}
static void
conf_set_general_stats_l_oper_only(void *data)
{
char *val = data;
if(rb_strcasecmp(val, "yes") == 0)
ConfigFileEntry.stats_l_oper_only = STATS_L_OPER_ONLY_YES;
else if(rb_strcasecmp(val, "self") == 0)
ConfigFileEntry.stats_l_oper_only = STATS_L_OPER_ONLY_SELF;
else if(rb_strcasecmp(val, "no") == 0)
ConfigFileEntry.stats_l_oper_only = STATS_L_OPER_ONLY_NO;
else
conf_report_error("Invalid setting '%s' for general::stats_l_oper_only.", val);
}
static void
conf_set_general_default_umodes(void *data)
{
char *umodes = data;
parse_umodes(umodes, &ConfigFileEntry.default_umodes, NULL);
}
static void
conf_set_general_oper_umodes(void *data)
{
set_modes_from_table(&ConfigFileEntry.oper_umodes, "umode", umode_table, data);
}
static void
conf_set_general_certfp_method(void *data)
{
char *method = data;
if (!rb_strcasecmp(method, CERTFP_NAME_CERT_SHA1))
ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_CERT_SHA1;
else if (!rb_strcasecmp(method, CERTFP_NAME_CERT_SHA256))
ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_CERT_SHA256;
else if (!rb_strcasecmp(method, CERTFP_NAME_CERT_SHA512))
ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_CERT_SHA512;
else if (!rb_strcasecmp(method, CERTFP_NAME_SPKI_SHA256))
ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SPKI_SHA256;
else if (!rb_strcasecmp(method, CERTFP_NAME_SPKI_SHA512))
ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SPKI_SHA512;
else
{
ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_CERT_SHA1;
conf_report_error("Ignoring general::certfp_method -- bogus certfp method %s", method);
}
}
static void
conf_set_general_oper_only_umodes(void *data)
{
set_modes_from_table(&ConfigFileEntry.oper_only_umodes, "umode", umode_table, data);
}
static void
conf_set_general_oper_snomask(void *data)
{
char *pm;
int what = MODE_ADD, flag;
ConfigFileEntry.oper_snomask = 0;
for (pm = (char *) data; *pm; pm++)
{
switch (*pm)
{
case '+':
what = MODE_ADD;
break;
case '-':
what = MODE_DEL;
break;
default:
if ((flag = snomask_modes[(unsigned char) *pm]))
{
if (what == MODE_ADD)
ConfigFileEntry.oper_snomask |= flag;
else
ConfigFileEntry.oper_snomask &= ~flag;
}
break;
}
}
}
static void
conf_set_general_hidden_caps(void *data)
{
size_t n = 0;
for (conf_parm_t *arg = data; arg; arg = arg->next)
n += 1;
if (ConfigFileEntry.hidden_caps != NULL)
{
for (n = 0; ConfigFileEntry.hidden_caps[n] != NULL; n++)
rb_free(ConfigFileEntry.hidden_caps[n]);
rb_free(ConfigFileEntry.hidden_caps);
}
ConfigFileEntry.hidden_caps = rb_malloc(sizeof *ConfigFileEntry.hidden_caps * (n + 1));
n = 0;
for (conf_parm_t *arg = data; arg; arg = arg->next)
{
ConfigFileEntry.hidden_caps[n++] = rb_strdup(arg->v.string);
}
ConfigFileEntry.hidden_caps[n] = NULL;
}
static void
conf_set_serverhide_links_delay(void *data)
{
int val = *(unsigned int *) data;
ConfigServerHide.links_delay = val;
}
static void
conf_set_service_name(void *data)
{
const char *s;
char *tmp;
int dots = 0;
for(s = data; *s != '\0'; s++)
{
if(!IsServChar(*s))
{
conf_report_error("Ignoring service::name "
"-- bogus servername.");
return;
}
else if(*s == '.')
dots++;
}
if(!dots)
{
conf_report_error("Ignoring service::name -- must contain '.'");
return;
}
tmp = rb_strdup(data);
rb_dlinkAddAlloc(tmp, &service_list);
}
static int
conf_begin_alias(struct TopConf *tc)
{
yy_alias = rb_malloc(sizeof(struct alias_entry));
if (conf_cur_block_name != NULL)
yy_alias->name = rb_strdup(conf_cur_block_name);
yy_alias->flags = 0;
return 0;
}
static int
conf_end_alias(struct TopConf *tc)
{
if (yy_alias == NULL)
return -1;
if (yy_alias->name == NULL)
{
conf_report_error("Ignoring alias -- must have a name.");
rb_free(yy_alias);
return -1;
}
if (yy_alias->target == NULL)
{
conf_report_error("Ignoring alias -- must have a target.");
rb_free(yy_alias);
return -1;
}
rb_dictionary_add(alias_dict, yy_alias->name, yy_alias);
return 0;
}
static void
conf_set_alias_name(void *data)
{
if (data == NULL || yy_alias == NULL) /* this shouldn't ever happen */
return;
yy_alias->name = rb_strdup(data);
}
static void
conf_set_alias_target(void *data)
{
if (data == NULL || yy_alias == NULL) /* this shouldn't ever happen */
return;
yy_alias->target = rb_strdup(data);
}
static void
conf_set_channel_autochanmodes(void *data)
{
char *pm;
int what = MODE_ADD;
ConfigChannel.autochanmodes = 0;
for (pm = (char *) data; *pm; pm++)
{
switch (*pm)
{
case '+':
what = MODE_ADD;
break;
case '-':
what = MODE_DEL;
break;
default:
if (chmode_table[(unsigned char) *pm].set_func == chm_simple)
{
if (what == MODE_ADD)
ConfigChannel.autochanmodes |= chmode_table[(unsigned char) *pm].mode_type;
else
ConfigChannel.autochanmodes &= ~chmode_table[(unsigned char) *pm].mode_type;
}
else
{
conf_report_error("channel::autochanmodes -- Invalid channel mode %c", *pm);
continue;
}
break;
}
}
}
/* XXX for below */
static void conf_set_dnsbl_entry_reason(void *data);
#define IPTYPE_IPV4 1
#define IPTYPE_IPV6 2
static int
conf_warn_blacklist_deprecation(struct TopConf *tc)
{
conf_report_error("blacklist{} blocks have been deprecated -- use dnsbl{} blocks instead.");
return 0;
}
static void
conf_set_dnsbl_entry_host(void *data)
{
if (yy_dnsbl_entry_host)
{
conf_report_error("dnsbl::host %s overlaps existing host %s",
(char *)data, yy_dnsbl_entry_host);
/* Cleanup */
conf_set_dnsbl_entry_reason(NULL);
return;
}
yy_dnsbl_entry_iptype |= IPTYPE_IPV4;
yy_dnsbl_entry_host = rb_strdup(data);
}
static void
conf_set_dnsbl_entry_type(void *data)
{
conf_parm_t *args = data;
/* Don't assume we have either if we got here */
yy_dnsbl_entry_iptype = 0;
for (; args; args = args->next)
{
if (!rb_strcasecmp(args->v.string, "ipv4"))
yy_dnsbl_entry_iptype |= IPTYPE_IPV4;
else if (!rb_strcasecmp(args->v.string, "ipv6"))
yy_dnsbl_entry_iptype |= IPTYPE_IPV6;
else
conf_report_error("dnsbl::type has unknown address family %s",
args->v.string);
}
/* If we have neither, just default to IPv4 */
if (!yy_dnsbl_entry_iptype)
{
conf_report_warning("dnsbl::type has neither IPv4 nor IPv6 (defaulting to IPv4)");
yy_dnsbl_entry_iptype = IPTYPE_IPV4;
}
}
static void
conf_set_dnsbl_entry_matches(void *data)
{
conf_parm_t *args = data;
enum filter_t { FILTER_NONE, FILTER_ALL, FILTER_LAST };
for (; args; args = args->next)
{
char *str = args->v.string;
char *p;
enum filter_t type = FILTER_LAST;
if (CF_TYPE(args->type) != CF_QSTRING)
{
conf_report_error("dnsbl::matches -- must be quoted string");
continue;
}
if (str == NULL)
{
conf_report_error("dnsbl::matches -- invalid entry");
continue;
}
if (strlen(str) > HOSTIPLEN)
{
conf_report_error("dnsbl::matches has an entry too long: %s",
str);
continue;
}
for (p = str; *p != '\0'; p++)
{
/* Check for validity */
if (*p == '.')
type = FILTER_ALL;
else if (!isdigit((unsigned char)*p))
{
conf_report_error("dnsbl::matches has invalid IP match entry %s",
str);
type = FILTER_NONE;
break;
}
}
if (type == FILTER_ALL)
{
/* Basic IP sanity check */
struct rb_sockaddr_storage tmp;
if (rb_inet_pton(AF_INET, str, &tmp) <= 0)
{
conf_report_error("dnsbl::matches has invalid IP match entry %s",
str);
continue;
}
}
else if (type == FILTER_LAST)
{
/* Verify it's the correct length */
if (strlen(str) > 3)
{
conf_report_error("dnsbl::matches has invalid octet match entry %s",
str);
continue;
}
}
else
{
continue; /* Invalid entry */
}
rb_dlinkAddAlloc(rb_strdup(str), &yy_dnsbl_entry_filters);
}
}
static void
conf_set_dnsbl_entry_reason(void *data)
{
rb_dlink_node *ptr, *nptr;
if (yy_dnsbl_entry_host && data)
{
yy_dnsbl_entry_reason = rb_strdup(data);
if (yy_dnsbl_entry_iptype & IPTYPE_IPV6)
{
/* Make sure things fit (magic number 64 = alnum count + dots)
* Example: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa
*/
if ((64 + strlen(yy_dnsbl_entry_host)) > IRCD_RES_HOSTLEN)
{
conf_report_error("dnsbl::host %s results in IPv6 queries that are too long",
yy_dnsbl_entry_host);
goto cleanup_bl;
}
}
/* Avoid doing redundant check, IPv6 is bigger than IPv4 --Elizabeth */
if ((yy_dnsbl_entry_iptype & IPTYPE_IPV4) && !(yy_dnsbl_entry_iptype & IPTYPE_IPV6))
{
/* Make sure things fit for worst case (magic number 16 = number of nums + dots)
* Example: 127.127.127.127.in-addr.arpa
*/
if ((16 + strlen(yy_dnsbl_entry_host)) > IRCD_RES_HOSTLEN)
{
conf_report_error("dnsbl::host %s results in IPv4 queries that are too long",
yy_dnsbl_entry_host);
goto cleanup_bl;
}
}
add_dnsbl_entry(yy_dnsbl_entry_host, yy_dnsbl_entry_reason, yy_dnsbl_entry_iptype, &yy_dnsbl_entry_filters);
}
cleanup_bl:
RB_DLINK_FOREACH_SAFE(ptr, nptr, yy_dnsbl_entry_filters.head)
{
rb_free(ptr->data);
rb_dlinkDestroy(ptr, &yy_dnsbl_entry_filters);
}
yy_dnsbl_entry_filters = (rb_dlink_list){ NULL, NULL, 0 };
rb_free(yy_dnsbl_entry_host);
rb_free(yy_dnsbl_entry_reason);
yy_dnsbl_entry_host = NULL;
yy_dnsbl_entry_reason = NULL;
yy_dnsbl_entry_iptype = 0;
}
struct opm_scanner
{
const char *type;
uint16_t port;
rb_dlink_node node;
};
static int
conf_begin_opm(struct TopConf *tc)
{
yy_opm_address_ipv4 = yy_opm_address_ipv6 = NULL;
yy_opm_port_ipv4 = yy_opm_port_ipv6 = yy_opm_timeout = 0;
delete_opm_proxy_scanner_all();
delete_opm_listener_all();
return 0;
}
static int
conf_end_opm(struct TopConf *tc)
{
rb_dlink_node *ptr, *nptr;
bool fail = false;
if(rb_dlink_list_length(&yy_opm_scanner_list) == 0)
{
conf_report_error("No opm scanners configured -- disabling opm.");
fail = true;
goto end;
}
if(yy_opm_port_ipv4 > 0)
{
if(yy_opm_address_ipv4 != NULL)
conf_create_opm_listener(yy_opm_address_ipv4, yy_opm_port_ipv4);
else
{
char ip[HOSTIPLEN];
if(!rb_inet_ntop_sock((struct sockaddr *)&ServerInfo.bind4, ip, sizeof(ip)))
conf_report_error("No opm::listen_ipv4 nor serverinfo::vhost directive; cannot listen on IPv4");
else
conf_create_opm_listener(ip, yy_opm_port_ipv4);
}
}
if(yy_opm_port_ipv6 > 0)
{
if(yy_opm_address_ipv6 != NULL)
conf_create_opm_listener(yy_opm_address_ipv6, yy_opm_port_ipv6);
else
{
char ip[HOSTIPLEN];
if(!rb_inet_ntop_sock((struct sockaddr *)&ServerInfo.bind6, ip, sizeof(ip)))
conf_report_error("No opm::listen_ipv6 nor serverinfo::vhost directive; cannot listen on IPv6");
else
conf_create_opm_listener(ip, yy_opm_port_ipv6);
}
}
/* If there's no listeners... */
fail = (yy_opm_port_ipv4 == 0 || yy_opm_port_ipv6 == 0);
if(!fail && yy_opm_timeout > 0 && yy_opm_timeout < 60)
/* Send timeout */
set_authd_timeout("opm_timeout", yy_opm_timeout);
else if(fail)
conf_report_error("No opm listeners -- disabling");
else if(yy_opm_timeout <= 0 || yy_opm_timeout >= 60)
conf_report_error("opm::timeout value is invalid -- ignoring");
end:
RB_DLINK_FOREACH_SAFE(ptr, nptr, yy_opm_scanner_list.head)
{
struct opm_scanner *scanner = ptr->data;
if(!fail)
create_opm_proxy_scanner(scanner->type, scanner->port);
rb_dlinkDelete(&scanner->node, &yy_opm_scanner_list);
rb_free(scanner);
}
if(!fail)
opm_check_enable(true);
rb_free(yy_opm_address_ipv4);
rb_free(yy_opm_address_ipv6);
return 0;
}
static void
conf_set_opm_timeout(void *data)
{
int timeout = *((int *)data);
if(timeout <= 0 || timeout > 60)
{
conf_report_error("opm::timeout value %d is bogus, ignoring", timeout);
return;
}
yy_opm_timeout = timeout;
}
static void
conf_set_opm_listen_address_both(void *data, bool ipv6)
{
struct rb_sockaddr_storage addr;
const char *confstr = (ipv6 ? "opm::listen_ipv6" : "opm::listen_ipv4");
char *ip = data;
if(!rb_inet_pton_sock(ip, &addr))
{
conf_report_error("%s is an invalid address: %s", confstr, ip);
return;
}
if(ipv6)
{
if(GET_SS_FAMILY(&addr) != AF_INET6)
{
conf_report_error("%s is of the wrong address type: %s", confstr, ip);
return;
}
if(yy_opm_address_ipv6 != NULL)
{
conf_report_error("%s overwrites previous address %s", confstr, ip);
return;
}
yy_opm_address_ipv6 = rb_strdup(ip);
}
else
{
if(GET_SS_FAMILY(&addr) != AF_INET)
{
conf_report_error("%s is of the wrong address type: %s", confstr, ip);
return;
}
if(yy_opm_address_ipv4 != NULL)
{
conf_report_error("%s overwrites previous address %s", confstr, ip);
return;
}
yy_opm_address_ipv4 = rb_strdup(ip);
}
}
static void
conf_set_opm_listen_address_ipv4(void *data)
{
conf_set_opm_listen_address_both(data, false);
}
static void
conf_set_opm_listen_address_ipv6(void *data)
{
conf_set_opm_listen_address_both(data, true);
}
static void
conf_set_opm_listen_port_both(void *data, bool ipv6)
{
int port = *((int *)data);
const char *confstr = (ipv6 ? "opm::port_ipv6" : "opm::port_ipv4");
if(port > 65535 || port <= 0)
{
conf_report_error("%s is out of range: %d", confstr, port);
return;
}
if(ipv6)
{
if(yy_opm_port_ipv4)
{
conf_report_error("%s overwrites existing port %hu",
confstr, yy_opm_port_ipv4);
return;
}
yy_opm_port_ipv4 = port;
}
else
{
if(yy_opm_port_ipv6)
{
conf_report_error("%s overwrites existing port %hu",
confstr, yy_opm_port_ipv6);
return;
}
yy_opm_port_ipv6 = port;
}
}
static void
conf_set_opm_listen_port_ipv4(void *data)
{
conf_set_opm_listen_port_both(data, false);
}
static void
conf_set_opm_listen_port_ipv6(void *data)
{
conf_set_opm_listen_port_both(data, true);
}
static void
conf_set_opm_listen_port(void *data)
{
conf_set_opm_listen_port_both(data, true);
conf_set_opm_listen_port_both(data, false);
}
static void
conf_set_opm_scan_ports_all(void *data, const char *node, const char *type)
{
conf_parm_t *args = data;
for (; args; args = args->next)
{
rb_dlink_node *ptr;
bool dup = false;
if(CF_TYPE(args->type) != CF_INT)
{
conf_report_error("%s argument is not an integer -- ignoring.", node);
continue;
}
if(args->v.number > 65535 || args->v.number <= 0)
{
conf_report_error("%s argument is not an integer between 1 and 65535 -- ignoring.", node);
continue;
}
/* Check for duplicates */
RB_DLINK_FOREACH(ptr, yy_opm_scanner_list.head)
{
struct opm_scanner *scanner = ptr->data;
if(scanner->port == args->v.number && strcmp(type, scanner->type) == 0)
{
conf_report_error("%s argument is duplicate", node);
dup = true;
break;
}
}
if(!dup)
{
struct opm_scanner *scanner = rb_malloc(sizeof(struct opm_scanner));
scanner->port = args->v.number;
scanner->type = type;
rb_dlinkAdd(scanner, &scanner->node, &yy_opm_scanner_list);
}
}
}
static void
conf_set_opm_scan_ports_socks4(void *data)
{
conf_set_opm_scan_ports_all(data, "opm::socks4_ports", "socks4");
}
static void
conf_set_opm_scan_ports_socks5(void *data)
{
conf_set_opm_scan_ports_all(data, "opm::socks5_ports", "socks5");
}
static void
conf_set_opm_scan_ports_httpconnect(void *data)
{
conf_set_opm_scan_ports_all(data, "opm::httpconnect_ports", "httpconnect");
}
static void
conf_set_opm_scan_ports_httpsconnect(void *data)
{
conf_set_opm_scan_ports_all(data, "opm::httpsconnect_ports", "httpsconnect");
}
/* public functions */
void
conf_report_error(const char *fmt, ...)
{
va_list ap;
char msg[BUFSIZE + 1] = { 0 };
va_start(ap, fmt);
vsnprintf(msg, BUFSIZE, fmt, ap);
va_end(ap);
if (testing_conf)
{
fprintf(stderr, "\"%s\", line %d: %s\n", current_file, lineno + 1, msg);
return;
}
ierror("\"%s\", line %d: %s", current_file, lineno + 1, msg);
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "error: \"%s\", line %d: %s", current_file, lineno + 1, msg);
}
void
conf_report_warning(const char *fmt, ...)
{
va_list ap;
char msg[BUFSIZE + 1] = { 0 };
va_start(ap, fmt);
vsnprintf(msg, BUFSIZE, fmt, ap);
va_end(ap);
if (testing_conf)
{
fprintf(stderr, "\"%s\", line %d: %s\n", current_file, lineno + 1, msg);
return;
}
iwarn("\"%s\", line %d: %s", current_file, lineno + 1, msg);
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "warning: \"%s\", line %d: %s", current_file, lineno + 1, msg);
}
int
conf_start_block(char *block, char *name)
{
if((conf_cur_block = find_top_conf(block)) == NULL)
{
conf_report_error("Configuration block '%s' is not defined.", block);
return -1;
}
if(name)
conf_cur_block_name = rb_strdup(name);
else
conf_cur_block_name = NULL;
if(conf_cur_block->tc_sfunc)
if(conf_cur_block->tc_sfunc(conf_cur_block) < 0)
return -1;
return 0;
}
int
conf_end_block(struct TopConf *tc)
{
int ret = 0;
if(tc->tc_efunc)
ret = tc->tc_efunc(tc);
rb_free(conf_cur_block_name);
conf_cur_block_name = NULL;
return ret;
}
static void
conf_set_generic_int(void *data, void *location)
{
*((int *) location) = *((unsigned int *) data);
}
static void
conf_set_generic_string(void *data, int len, void *location)
{
char **loc = location;
char *input = data;
if(len && strlen(input) > (unsigned int)len)
input[len] = '\0';
rb_free(*loc);
*loc = rb_strdup(input);
}
int
conf_call_set(struct TopConf *tc, char *item, conf_parm_t * value)
{
struct ConfEntry *cf;
conf_parm_t *cp;
if(!tc)
return -1;
if((cf = find_conf_item(tc, item)) == NULL)
{
conf_report_error
("Non-existent configuration setting %s::%s.", tc->tc_name, (char *) item);
return -1;
}
/* if it takes one thing, make sure they only passed one thing,
and handle as needed. */
if((value->v.list->type & CF_FLIST) && !(cf->cf_type & CF_FLIST))
{
conf_report_error
("Option %s::%s does not take a list of values.", tc->tc_name, item);
return -1;
}
cp = value->v.list;
if(CF_TYPE(value->v.list->type) != CF_TYPE(cf->cf_type))
{
/* if it expects a string value, but we got a yesno,
* convert it back
*/
if((CF_TYPE(value->v.list->type) == CF_YESNO) &&
(CF_TYPE(cf->cf_type) == CF_STRING))
{
value->v.list->type = CF_STRING;
if(cp->v.number == 1)
cp->v.string = rb_strdup("yes");
else
cp->v.string = rb_strdup("no");
}
/* maybe it's a CF_TIME and they passed CF_INT --
should still be valid */
else if(!((CF_TYPE(value->v.list->type) == CF_INT) &&
(CF_TYPE(cf->cf_type) == CF_TIME)))
{
conf_report_error
("Wrong type for %s::%s (expected %s, got %s)",
tc->tc_name, (char *) item,
conf_strtype(cf->cf_type), conf_strtype(value->v.list->type));
return -1;
}
}
if(cf->cf_type & CF_FLIST)
{
#if 0
if(cf->cf_arg)
conf_set_generic_list(value->v.list, cf->cf_arg);
else
#endif
/* just pass it the extended argument list */
cf->cf_func(value->v.list);
}
else
{
/* it's old-style, needs only one arg */
switch (cf->cf_type)
{
case CF_INT:
case CF_TIME:
case CF_YESNO:
if(cf->cf_arg)
conf_set_generic_int(&cp->v.number, cf->cf_arg);
else
cf->cf_func(&cp->v.number);
break;
case CF_STRING:
case CF_QSTRING:
if(EmptyString(cp->v.string))
conf_report_error("Ignoring %s::%s -- empty field",
tc->tc_name, item);
else if(cf->cf_arg)
conf_set_generic_string(cp->v.string, cf->cf_len, cf->cf_arg);
else
cf->cf_func(cp->v.string);
break;
}
}
return 0;
}
int
add_conf_item(const char *topconf, const char *name, int type, void (*func) (void *))
{
struct TopConf *tc;
struct ConfEntry *cf;
if((tc = find_top_conf(topconf)) == NULL)
return -1;
if(find_conf_item(tc, name) != NULL)
return -1;
cf = rb_malloc(sizeof(struct ConfEntry));
cf->cf_name = name;
cf->cf_type = type;
cf->cf_func = func;
cf->cf_arg = NULL;
rb_dlinkAddAlloc(cf, &tc->tc_items);
return 0;
}
int
remove_conf_item(const char *topconf, const char *name)
{
struct TopConf *tc;
struct ConfEntry *cf;
rb_dlink_node *ptr;
if((tc = find_top_conf(topconf)) == NULL)
return -1;
if((cf = find_conf_item(tc, name)) == NULL)
return -1;
if((ptr = rb_dlinkFind(cf, &tc->tc_items)) == NULL)
return -1;
rb_dlinkDestroy(ptr, &tc->tc_items);
rb_free(cf);
return 0;
}
/* *INDENT-OFF* */
static struct ConfEntry conf_serverinfo_table[] =
{
{ "description", CF_QSTRING, NULL, 0, &ServerInfo.description },
{ "network_name", CF_QSTRING, conf_set_serverinfo_network_name, 0, NULL },
{ "name", CF_QSTRING, conf_set_serverinfo_name, 0, NULL },
{ "sid", CF_QSTRING, conf_set_serverinfo_sid, 0, NULL },
{ "vhost", CF_QSTRING, conf_set_serverinfo_vhost, 0, NULL },
{ "vhost6", CF_QSTRING, conf_set_serverinfo_vhost6, 0, NULL },
{ "ssl_private_key", CF_QSTRING, NULL, 0, &ServerInfo.ssl_private_key },
{ "ssl_ca_cert", CF_QSTRING, NULL, 0, &ServerInfo.ssl_ca_cert },
{ "ssl_cert", CF_QSTRING, NULL, 0, &ServerInfo.ssl_cert },
{ "ssl_dh_params", CF_QSTRING, NULL, 0, &ServerInfo.ssl_dh_params },
{ "ssl_cipher_list", CF_QSTRING, NULL, 0, &ServerInfo.ssl_cipher_list },
{ "ssld_count", CF_INT, NULL, 0, &ServerInfo.ssld_count },
{ "default_max_clients",CF_INT, NULL, 0, &ServerInfo.default_max_clients },
{ "nicklen", CF_INT, conf_set_serverinfo_nicklen, 0, NULL },
{ "\0", 0, NULL, 0, NULL }
};
static struct ConfEntry conf_admin_table[] =
{
{ "name", CF_QSTRING, NULL, 200, &AdminInfo.name },
{ "description",CF_QSTRING, NULL, 200, &AdminInfo.description },
{ "email", CF_QSTRING, NULL, 200, &AdminInfo.email },
{ "\0", 0, NULL, 0, NULL }
};
static struct ConfEntry conf_log_table[] =
{
{ "fname_userlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_userlog },
{ "fname_fuserlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_fuserlog },
{ "fname_operlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_operlog },
{ "fname_foperlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_foperlog },
{ "fname_serverlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_serverlog },
{ "fname_killlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_killlog },
{ "fname_klinelog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_klinelog },
{ "fname_operspylog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_operspylog },
{ "fname_ioerrorlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_ioerrorlog },
{ "\0", 0, NULL, 0, NULL }
};
static struct ConfEntry conf_operator_table[] =
{
{ "rsa_public_key_file", CF_QSTRING, conf_set_oper_rsa_public_key_file, 0, NULL },
{ "flags", CF_STRING | CF_FLIST, conf_set_oper_flags, 0, NULL },
{ "umodes", CF_STRING | CF_FLIST, conf_set_oper_umodes, 0, NULL },
{ "privset", CF_QSTRING, conf_set_oper_privset, 0, NULL },
{ "snomask", CF_QSTRING, conf_set_oper_snomask, 0, NULL },
{ "user", CF_QSTRING, conf_set_oper_user, 0, NULL },
{ "password", CF_QSTRING, conf_set_oper_password, 0, NULL },
{ "fingerprint", CF_QSTRING, conf_set_oper_fingerprint, 0, NULL },
{ "\0", 0, NULL, 0, NULL }
};
static struct ConfEntry conf_privset_table[] =
{
{ "extends", CF_QSTRING, conf_set_privset_extends, 0, NULL },
{ "privs", CF_STRING | CF_FLIST, conf_set_privset_privs, 0, NULL },
{ "\0", 0, NULL, 0, NULL }
};
static struct ConfEntry conf_class_table[] =
{
{ "ping_time", CF_TIME, conf_set_class_ping_time, 0, NULL },
{ "cidr_ipv4_bitlen", CF_INT, conf_set_class_cidr_ipv4_bitlen, 0, NULL },
{ "cidr_ipv6_bitlen", CF_INT, conf_set_class_cidr_ipv6_bitlen, 0, NULL },
{ "number_per_cidr", CF_INT, conf_set_class_number_per_cidr, 0, NULL },
{ "number_per_ip", CF_INT, conf_set_class_number_per_ip, 0, NULL },
{ "number_per_ip_global", CF_INT,conf_set_class_number_per_ip_global, 0, NULL },
{ "number_per_ident", CF_INT, conf_set_class_number_per_ident, 0, NULL },
{ "connectfreq", CF_TIME, conf_set_class_connectfreq, 0, NULL },
{ "max_number", CF_INT, conf_set_class_max_number, 0, NULL },
{ "max_autoconn", CF_INT, conf_set_class_max_autoconn, 0, NULL },
{ "sendq", CF_TIME, conf_set_class_sendq, 0, NULL },
{ "\0", 0, NULL, 0, NULL }
};
static struct ConfEntry conf_auth_table[] =
{
{ "user", CF_QSTRING, conf_set_auth_user, 0, NULL },
{ "auth_user", CF_QSTRING, conf_set_auth_auth_user, 0, NULL },
{ "password", CF_QSTRING, conf_set_auth_passwd, 0, NULL },
{ "class", CF_QSTRING, conf_set_auth_class, 0, NULL },
{ "spoof", CF_QSTRING, conf_set_auth_spoof, 0, NULL },
{ "redirserv", CF_QSTRING, conf_set_auth_redir_serv, 0, NULL },
{ "redirport", CF_INT, conf_set_auth_redir_port, 0, NULL },
{ "flags", CF_STRING | CF_FLIST, conf_set_auth_flags, 0, NULL },
{ "umodes", CF_QSTRING, conf_set_auth_umodes, 0, NULL},
{ "\0", 0, NULL, 0, NULL }
};
static struct ConfEntry conf_connect_table[] =
{
{ "send_password", CF_QSTRING, conf_set_connect_send_password, 0, NULL },
{ "accept_password", CF_QSTRING, conf_set_connect_accept_password, 0, NULL },
{ "fingerprint", CF_QSTRING, conf_set_connect_fingerprint, 0, NULL },
{ "flags", CF_STRING | CF_FLIST, conf_set_connect_flags, 0, NULL },
{ "host", CF_QSTRING, conf_set_connect_host, 0, NULL },
{ "vhost", CF_QSTRING, conf_set_connect_vhost, 0, NULL },
{ "port", CF_INT, conf_set_connect_port, 0, NULL },
{ "aftype", CF_STRING, conf_set_connect_aftype, 0, NULL },
{ "class", CF_QSTRING, conf_set_connect_class, 0, NULL },
{ "\0", 0, NULL, 0, NULL }
};
static struct ConfEntry conf_general_table[] =
{
{ "oper_only_umodes", CF_STRING | CF_FLIST, conf_set_general_oper_only_umodes, 0, NULL },
{ "oper_umodes", CF_STRING | CF_FLIST, conf_set_general_oper_umodes, 0, NULL },
{ "oper_snomask", CF_QSTRING, conf_set_general_oper_snomask, 0, NULL },
{ "havent_read_conf", CF_YESNO, conf_set_general_havent_read_conf, 0, NULL },
{ "hide_error_messages",CF_STRING, conf_set_general_hide_error_messages,0, NULL },
{ "stats_i_oper_only", CF_STRING, conf_set_general_stats_i_oper_only, 0, NULL },
{ "stats_k_oper_only", CF_STRING, conf_set_general_stats_k_oper_only, 0, NULL },
{ "stats_l_oper_only", CF_STRING, conf_set_general_stats_l_oper_only, 0, NULL },
{ "default_umodes", CF_QSTRING, conf_set_general_default_umodes, 0, NULL },
{ "default_operstring", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.default_operstring },
{ "default_adminstring",CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.default_adminstring },
{ "servicestring", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.servicestring },
{ "kline_reason", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.kline_reason },
{ "identify_service", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.identifyservice },
{ "identify_command", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.identifycommand },
{ "sasl_service", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.sasl_service },
{ "anti_spam_exit_message_time", CF_TIME, NULL, 0, &ConfigFileEntry.anti_spam_exit_message_time },
{ "disable_fake_channels", CF_YESNO, NULL, 0, &ConfigFileEntry.disable_fake_channels },
{ "min_nonwildcard_simple", CF_INT, NULL, 0, &ConfigFileEntry.min_nonwildcard_simple },
{ "non_redundant_klines", CF_YESNO, NULL, 0, &ConfigFileEntry.non_redundant_klines },
{ "tkline_expire_notices", CF_YESNO, NULL, 0, &ConfigFileEntry.tkline_expire_notices },
{ "hidden_caps", CF_QSTRING | CF_FLIST, conf_set_general_hidden_caps, 0, NULL },
{ "anti_nick_flood", CF_YESNO, NULL, 0, &ConfigFileEntry.anti_nick_flood },
{ "burst_away", CF_YESNO, NULL, 0, &ConfigFileEntry.burst_away },
{ "caller_id_wait", CF_TIME, NULL, 0, &ConfigFileEntry.caller_id_wait },
{ "client_exit", CF_YESNO, NULL, 0, &ConfigFileEntry.client_exit },
{ "collision_fnc", CF_YESNO, NULL, 0, &ConfigFileEntry.collision_fnc },
{ "resv_fnc", CF_YESNO, NULL, 0, &ConfigFileEntry.resv_fnc },
{ "post_registration_delay", CF_TIME, NULL, 0, &ConfigFileEntry.post_registration_delay },
{ "connect_timeout", CF_TIME, NULL, 0, &ConfigFileEntry.connect_timeout },
{ "default_floodcount", CF_INT, NULL, 0, &ConfigFileEntry.default_floodcount },
{ "default_ident_timeout", CF_INT, NULL, 0, &ConfigFileEntry.default_ident_timeout },
{ "disable_auth", CF_YESNO, NULL, 0, &ConfigFileEntry.disable_auth },
{ "dots_in_ident", CF_INT, NULL, 0, &ConfigFileEntry.dots_in_ident },
{ "failed_oper_notice", CF_YESNO, NULL, 0, &ConfigFileEntry.failed_oper_notice },
{ "global_snotices", CF_YESNO, NULL, 0, &ConfigFileEntry.global_snotices },
{ "hide_spoof_ips", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_spoof_ips },
{ "dline_with_reason", CF_YESNO, NULL, 0, &ConfigFileEntry.dline_with_reason },
{ "kline_with_reason", CF_YESNO, NULL, 0, &ConfigFileEntry.kline_with_reason },
{ "hide_tkdline_duration", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_tkdline_duration },
{ "map_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.map_oper_only },
{ "max_accept", CF_INT, NULL, 0, &ConfigFileEntry.max_accept },
{ "max_monitor", CF_INT, NULL, 0, &ConfigFileEntry.max_monitor },
{ "max_nick_time", CF_TIME, NULL, 0, &ConfigFileEntry.max_nick_time },
{ "max_nick_changes", CF_INT, NULL, 0, &ConfigFileEntry.max_nick_changes },
{ "max_targets", CF_INT, NULL, 0, &ConfigFileEntry.max_targets },
{ "min_nonwildcard", CF_INT, NULL, 0, &ConfigFileEntry.min_nonwildcard },
{ "nick_delay", CF_TIME, NULL, 0, &ConfigFileEntry.nick_delay },
{ "no_oper_flood", CF_YESNO, NULL, 0, &ConfigFileEntry.no_oper_flood },
{ "operspy_admin_only", CF_YESNO, NULL, 0, &ConfigFileEntry.operspy_admin_only },
{ "operspy_dont_care_user_info", CF_YESNO, NULL, 0, &ConfigFileEntry.operspy_dont_care_user_info },
{ "pace_wait", CF_TIME, NULL, 0, &ConfigFileEntry.pace_wait },
{ "pace_wait_simple", CF_TIME, NULL, 0, &ConfigFileEntry.pace_wait_simple },
{ "ping_cookie", CF_YESNO, NULL, 0, &ConfigFileEntry.ping_cookie },
{ "reject_after_count", CF_INT, NULL, 0, &ConfigFileEntry.reject_after_count },
{ "reject_ban_time", CF_TIME, NULL, 0, &ConfigFileEntry.reject_ban_time },
{ "reject_duration", CF_TIME, NULL, 0, &ConfigFileEntry.reject_duration },
{ "throttle_count", CF_INT, NULL, 0, &ConfigFileEntry.throttle_count },
{ "throttle_duration", CF_TIME, NULL, 0, &ConfigFileEntry.throttle_duration },
{ "short_motd", CF_YESNO, NULL, 0, &ConfigFileEntry.short_motd },
{ "stats_c_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_c_oper_only },
{ "stats_e_disabled", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_e_disabled },
{ "stats_o_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_o_oper_only },
{ "stats_P_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_P_oper_only },
{ "stats_y_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_y_oper_only },
{ "target_change", CF_YESNO, NULL, 0, &ConfigFileEntry.target_change },
{ "ts_max_delta", CF_TIME, NULL, 0, &ConfigFileEntry.ts_max_delta },
{ "ts_warn_delta", CF_TIME, NULL, 0, &ConfigFileEntry.ts_warn_delta },
{ "use_whois_actually", CF_YESNO, NULL, 0, &ConfigFileEntry.use_whois_actually },
{ "warn_no_nline", CF_YESNO, NULL, 0, &ConfigFileEntry.warn_no_nline },
{ "use_propagated_bans",CF_YESNO, NULL, 0, &ConfigFileEntry.use_propagated_bans },
{ "client_flood_max_lines", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_max_lines },
{ "client_flood_burst_rate", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_burst_rate },
{ "client_flood_burst_max", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_burst_max },
{ "client_flood_message_num", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_message_num },
{ "client_flood_message_time", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_message_time },
{ "max_ratelimit_tokens", CF_INT, NULL, 0, &ConfigFileEntry.max_ratelimit_tokens },
{ "away_interval", CF_INT, NULL, 0, &ConfigFileEntry.away_interval },
{ "hide_opers_in_whois", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_opers_in_whois },
{ "hide_opers", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_opers },
{ "certfp_method", CF_STRING, conf_set_general_certfp_method, 0, NULL },
{ "drain_reason", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.drain_reason },
{ "sasl_only_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.sasl_only_client_message },
{ "identd_only_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.identd_only_client_message },
{ "sctp_forbidden_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.sctp_forbidden_client_message },
{ "ssltls_only_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.ssltls_only_client_message },
{ "not_authorised_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.not_authorised_client_message },
{ "illegal_hostname_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.not_authorised_client_message },
{ "server_full_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.server_full_client_message },
{ "illegal_name_long_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.illegal_name_long_client_message },
{ "illegal_name_short_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.illegal_name_short_client_message },
{ "tls_ciphers_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.tls_ciphers_oper_only },
{ "oper_secure_only", CF_YESNO, NULL, 0, &ConfigFileEntry.oper_secure_only },
{ "\0", 0, NULL, 0, NULL }
};
static struct ConfEntry conf_channel_table[] =
{
{ "default_split_user_count", CF_INT, NULL, 0, &ConfigChannel.default_split_user_count },
{ "default_split_server_count", CF_INT, NULL, 0, &ConfigChannel.default_split_server_count },
{ "burst_topicwho", CF_YESNO, NULL, 0, &ConfigChannel.burst_topicwho },
{ "kick_on_split_riding", CF_YESNO, NULL, 0, &ConfigChannel.kick_on_split_riding },
{ "knock_delay", CF_TIME, NULL, 0, &ConfigChannel.knock_delay },
{ "knock_delay_channel",CF_TIME, NULL, 0, &ConfigChannel.knock_delay_channel },
{ "max_bans", CF_INT, NULL, 0, &ConfigChannel.max_bans },
{ "max_bans_large", CF_INT, NULL, 0, &ConfigChannel.max_bans_large },
{ "max_chans_per_user", CF_INT, NULL, 0, &ConfigChannel.max_chans_per_user },
{ "max_chans_per_user_large", CF_INT, NULL, 0, &ConfigChannel.max_chans_per_user_large },
{ "no_create_on_split", CF_YESNO, NULL, 0, &ConfigChannel.no_create_on_split },
{ "no_join_on_split", CF_YESNO, NULL, 0, &ConfigChannel.no_join_on_split },
{ "only_ascii_channels", CF_YESNO, NULL, 0, &ConfigChannel.only_ascii_channels },
{ "use_except", CF_YESNO, NULL, 0, &ConfigChannel.use_except },
{ "use_invex", CF_YESNO, NULL, 0, &ConfigChannel.use_invex },
{ "use_forward", CF_YESNO, NULL, 0, &ConfigChannel.use_forward },
{ "use_knock", CF_YESNO, NULL, 0, &ConfigChannel.use_knock },
{ "resv_forcepart", CF_YESNO, NULL, 0, &ConfigChannel.resv_forcepart },
{ "channel_target_change", CF_YESNO, NULL, 0, &ConfigChannel.channel_target_change },
{ "disable_local_channels", CF_YESNO, NULL, 0, &ConfigChannel.disable_local_channels },
{ "autochanmodes", CF_QSTRING, conf_set_channel_autochanmodes, 0, NULL },
{ "displayed_usercount", CF_INT, NULL, 0, &ConfigChannel.displayed_usercount },
{ "strip_topic_colors", CF_YESNO, NULL, 0, &ConfigChannel.strip_topic_colors },
{ "opmod_send_statusmsg", CF_YESNO, NULL, 0, &ConfigChannel.opmod_send_statusmsg },
{ "ip_bans_through_vhost", CF_YESNO, NULL, 0, &ConfigChannel.ip_bans_through_vhost },
{ "\0", 0, NULL, 0, NULL }
};
static struct ConfEntry conf_serverhide_table[] =
{
{ "disable_hidden", CF_YESNO, NULL, 0, &ConfigServerHide.disable_hidden },
{ "flatten_links", CF_YESNO, NULL, 0, &ConfigServerHide.flatten_links },
{ "hidden", CF_YESNO, NULL, 0, &ConfigServerHide.hidden },
{ "links_delay", CF_TIME, conf_set_serverhide_links_delay, 0, NULL },
{ "\0", 0, NULL, 0, NULL }
};
/* *INDENT-ON* */
void
newconf_init()
{
add_top_conf("modules", NULL, NULL, NULL);
add_conf_item("modules", "path", CF_QSTRING, conf_set_modules_path);
add_conf_item("modules", "module", CF_QSTRING, conf_set_modules_module);
add_top_conf("serverinfo", NULL, NULL, conf_serverinfo_table);
add_top_conf("admin", NULL, NULL, conf_admin_table);
add_top_conf("log", NULL, NULL, conf_log_table);
add_top_conf("operator", conf_begin_oper, conf_end_oper, conf_operator_table);
add_top_conf("class", conf_begin_class, conf_end_class, conf_class_table);
add_top_conf("privset", NULL, NULL, conf_privset_table);
add_top_conf("listen", conf_begin_listen, conf_end_listen, NULL);
add_conf_item("listen", "defer_accept", CF_YESNO, conf_set_listen_defer_accept);
add_conf_item("listen", "wsock", CF_YESNO, conf_set_listen_wsock);
add_conf_item("listen", "port", CF_INT | CF_FLIST, conf_set_listen_port);
add_conf_item("listen", "sslport", CF_INT | CF_FLIST, conf_set_listen_sslport);
add_conf_item("listen", "sctp_port", CF_INT | CF_FLIST, conf_set_listen_sctp_port);
add_conf_item("listen", "sctp_sslport", CF_INT | CF_FLIST, conf_set_listen_sctp_sslport);
add_conf_item("listen", "ip", CF_QSTRING, conf_set_listen_address);
add_conf_item("listen", "host", CF_QSTRING, conf_set_listen_address);
add_top_conf("auth", conf_begin_auth, conf_end_auth, conf_auth_table);
add_top_conf("connect", conf_begin_connect, conf_end_connect, conf_connect_table);
add_top_conf("exempt", NULL, NULL, NULL);
add_conf_item("exempt", "ip", CF_QSTRING, conf_set_exempt_ip);
add_top_conf("secure", NULL, NULL, NULL);
add_conf_item("secure", "ip", CF_QSTRING, conf_set_secure_ip);
add_top_conf("cluster", conf_cleanup_cluster, conf_cleanup_cluster, NULL);
add_conf_item("cluster", "name", CF_QSTRING, conf_set_cluster_name);
add_conf_item("cluster", "flags", CF_STRING | CF_FLIST, conf_set_cluster_flags);
add_top_conf("general", NULL, NULL, conf_general_table);
add_top_conf("channel", NULL, NULL, conf_channel_table);
add_top_conf("serverhide", NULL, NULL, conf_serverhide_table);
add_top_conf("service", NULL, NULL, NULL);
add_conf_item("service", "name", CF_QSTRING, conf_set_service_name);
add_top_conf("alias", conf_begin_alias, conf_end_alias, NULL);
add_conf_item("alias", "name", CF_QSTRING, conf_set_alias_name);
add_conf_item("alias", "target", CF_QSTRING, conf_set_alias_target);
add_top_conf("dnsbl", NULL, NULL, NULL);
add_conf_item("dnsbl", "host", CF_QSTRING, conf_set_dnsbl_entry_host);
add_conf_item("dnsbl", "type", CF_STRING | CF_FLIST, conf_set_dnsbl_entry_type);
add_conf_item("dnsbl", "matches", CF_QSTRING | CF_FLIST, conf_set_dnsbl_entry_matches);
add_conf_item("dnsbl", "reject_reason", CF_QSTRING, conf_set_dnsbl_entry_reason);
add_top_conf("blacklist", conf_warn_blacklist_deprecation, NULL, NULL);
add_conf_item("blacklist", "host", CF_QSTRING, conf_set_dnsbl_entry_host);
add_conf_item("blacklist", "type", CF_STRING | CF_FLIST, conf_set_dnsbl_entry_type);
add_conf_item("blacklist", "matches", CF_QSTRING | CF_FLIST, conf_set_dnsbl_entry_matches);
add_conf_item("blacklist", "reject_reason", CF_QSTRING, conf_set_dnsbl_entry_reason);
add_top_conf("opm", conf_begin_opm, conf_end_opm, NULL);
add_conf_item("opm", "timeout", CF_INT, conf_set_opm_timeout);
add_conf_item("opm", "listen_ipv4", CF_QSTRING, conf_set_opm_listen_address_ipv4);
add_conf_item("opm", "listen_ipv6", CF_QSTRING, conf_set_opm_listen_address_ipv6);
add_conf_item("opm", "port_v4", CF_INT, conf_set_opm_listen_port_ipv4);
add_conf_item("opm", "port_v6", CF_INT, conf_set_opm_listen_port_ipv6);
add_conf_item("opm", "listen_port", CF_INT, conf_set_opm_listen_port);
add_conf_item("opm", "socks4_ports", CF_INT | CF_FLIST, conf_set_opm_scan_ports_socks4);
add_conf_item("opm", "socks5_ports", CF_INT | CF_FLIST, conf_set_opm_scan_ports_socks5);
add_conf_item("opm", "httpconnect_ports", CF_INT | CF_FLIST, conf_set_opm_scan_ports_httpconnect);
add_conf_item("opm", "httpsconnect_ports", CF_INT | CF_FLIST, conf_set_opm_scan_ports_httpsconnect);
}