server: Make sure CAP_CAP and CAP_TS6 are non-zero.

A zero CAP_CAP caused duplicate CAPAB to go undetected, allowing a
mismatch between what is sent out via ENCAP GCAP and what applies locally.

A zero CAP_TS6 allowed server connections without SID (with a valid
connect block).

include/capability.h

@@ -26,6 +26,7 @@ struct CapabilityEntry;
 
 extern unsigned int capability_get(struct CapabilityIndex *idx, const char *cap);
 extern unsigned int capability_put(struct CapabilityIndex *idx, const char *cap);
+extern unsigned int capability_put_anonymous(struct CapabilityIndex *idx);
 extern void capability_orphan(struct CapabilityIndex *idx, const char *cap);
 extern void capability_require(struct CapabilityIndex *idx, const char *cap);
 

src/capability.c

@@ -83,6 +83,21 @@ capability_put(struct CapabilityIndex *idx, const char *cap)
 	return (1 << entry->value);
 }
 
+unsigned int
+capability_put_anonymous(struct CapabilityIndex *idx)
+{
+	unsigned int value;
+
+	s_assert(idx != NULL);
+	if (!idx->highest_bit)
+		return 0xFFFFFFFF;
+	value = 1 << idx->highest_bit;
+	idx->highest_bit++;
+	if (idx->highest_bit % (sizeof(unsigned int) * 8) == 0)
+		idx->highest_bit = 0;
+	return value;
+}
+
 void
 capability_orphan(struct CapabilityIndex *idx, const char *cap)
 {

src/s_serv.c

@@ -102,6 +102,10 @@ init_builtin_capabs(void)
 {
 	serv_capindex = capability_index_create("server capabilities");
 
+	/* These two are not set via CAPAB/GCAP keywords. */
+	CAP_CAP = capability_put_anonymous(serv_capindex);
+	CAP_TS6 = capability_put_anonymous(serv_capindex);
+
 	CAP_QS = capability_put(serv_capindex, "QS");
 	CAP_EX = capability_put(serv_capindex, "EX");
 	CAP_CHW = capability_put(serv_capindex, "CHW");