authd: rename blacklist_provider to dnsbl_provider, change auth notices accordingly
This commit is contained in:
parent
043f2c9063
commit
a389de2a25
5 changed files with 133 additions and 133 deletions
|
@ -12,7 +12,7 @@ authd_SOURCES = \
|
||||||
res.c \
|
res.c \
|
||||||
reslib.c \
|
reslib.c \
|
||||||
reslist.c \
|
reslist.c \
|
||||||
providers/blacklist.c \
|
providers/dnsbl.c \
|
||||||
providers/ident.c \
|
providers/ident.c \
|
||||||
providers/rdns.c \
|
providers/rdns.c \
|
||||||
providers/opm.c
|
providers/opm.c
|
||||||
|
|
|
@ -19,7 +19,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/* The basic design here is to have "authentication providers" that do things
|
/* The basic design here is to have "authentication providers" that do things
|
||||||
* like query ident and blacklists and even open proxies.
|
* like query ident and DNSBLs and even open proxies.
|
||||||
*
|
*
|
||||||
* Providers are registered in the auth_providers linked list. It is planned to
|
* Providers are registered in the auth_providers linked list. It is planned to
|
||||||
* use a bitmap to store provider ID's later.
|
* use a bitmap to store provider ID's later.
|
||||||
|
@ -93,10 +93,10 @@ init_providers(void)
|
||||||
timeout_ev = rb_event_addish("provider_timeout_event", provider_timeout_event, NULL, 1);
|
timeout_ev = rb_event_addish("provider_timeout_event", provider_timeout_event, NULL, 1);
|
||||||
|
|
||||||
/* FIXME must be started before rdns/ident to receive completion notification from them */
|
/* FIXME must be started before rdns/ident to receive completion notification from them */
|
||||||
load_provider(&blacklist_provider);
|
load_provider(&dnsbl_provider);
|
||||||
load_provider(&opm_provider);
|
load_provider(&opm_provider);
|
||||||
|
|
||||||
/* FIXME must be started after blacklist/opm in case of early completion notifications */
|
/* FIXME must be started after dnsbl/opm in case of early completion notifications */
|
||||||
load_provider(&rdns_provider);
|
load_provider(&rdns_provider);
|
||||||
load_provider(&ident_provider);
|
load_provider(&ident_provider);
|
||||||
}
|
}
|
||||||
|
|
|
@ -105,7 +105,7 @@ struct auth_provider
|
||||||
|
|
||||||
extern struct auth_provider rdns_provider;
|
extern struct auth_provider rdns_provider;
|
||||||
extern struct auth_provider ident_provider;
|
extern struct auth_provider ident_provider;
|
||||||
extern struct auth_provider blacklist_provider;
|
extern struct auth_provider dnsbl_provider;
|
||||||
extern struct auth_provider opm_provider;
|
extern struct auth_provider opm_provider;
|
||||||
|
|
||||||
extern rb_dlink_list auth_providers;
|
extern rb_dlink_list auth_providers;
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
/*
|
/*
|
||||||
* charybdis: A slightly useful ircd.
|
* charybdis: A slightly useful ircd.
|
||||||
* blacklist.c: Manages DNS blacklist entries and lookups
|
* dnsbl.c: Manages DNSBL entries and lookups
|
||||||
*
|
*
|
||||||
* Copyright (C) 2006-2011 charybdis development team
|
* Copyright (C) 2006-2011 charybdis development team
|
||||||
*
|
*
|
||||||
|
@ -44,7 +44,7 @@
|
||||||
#include "stdinc.h"
|
#include "stdinc.h"
|
||||||
#include "dns.h"
|
#include "dns.h"
|
||||||
|
|
||||||
#define SELF_PID (blacklist_provider.id)
|
#define SELF_PID (dnsbl_provider.id)
|
||||||
|
|
||||||
typedef enum filter_t
|
typedef enum filter_t
|
||||||
{
|
{
|
||||||
|
@ -52,12 +52,12 @@ typedef enum filter_t
|
||||||
FILTER_LAST = 2,
|
FILTER_LAST = 2,
|
||||||
} filter_t;
|
} filter_t;
|
||||||
|
|
||||||
/* Blacklist accepted IP types */
|
/* dnsbl accepted IP types */
|
||||||
#define IPTYPE_IPV4 1
|
#define IPTYPE_IPV4 1
|
||||||
#define IPTYPE_IPV6 2
|
#define IPTYPE_IPV6 2
|
||||||
|
|
||||||
/* A configured DNSBL */
|
/* A configured DNSBL */
|
||||||
struct blacklist
|
struct dnsbl
|
||||||
{
|
{
|
||||||
char host[IRCD_RES_HOSTLEN + 1];
|
char host[IRCD_RES_HOSTLEN + 1];
|
||||||
char reason[BUFSIZE]; /* Reason template (ircd fills in the blanks) */
|
char reason[BUFSIZE]; /* Reason template (ircd fills in the blanks) */
|
||||||
|
@ -65,24 +65,24 @@ struct blacklist
|
||||||
rb_dlink_list filters; /* Filters for queries */
|
rb_dlink_list filters; /* Filters for queries */
|
||||||
|
|
||||||
bool delete; /* If true delete when no clients */
|
bool delete; /* If true delete when no clients */
|
||||||
int refcount; /* When 0 and delete is set, remove this blacklist */
|
int refcount; /* When 0 and delete is set, remove this dnsbl */
|
||||||
unsigned int hits;
|
unsigned int hits;
|
||||||
|
|
||||||
time_t lastwarning; /* Last warning about garbage replies sent */
|
time_t lastwarning; /* Last warning about garbage replies sent */
|
||||||
};
|
};
|
||||||
|
|
||||||
/* A lookup in progress for a particular DNSBL for a particular client */
|
/* A lookup in progress for a particular DNSBL for a particular client */
|
||||||
struct blacklist_lookup
|
struct dnsbl_lookup
|
||||||
{
|
{
|
||||||
struct blacklist *bl; /* Blacklist we're checking */
|
struct dnsbl *bl; /* dnsbl we're checking */
|
||||||
struct auth_client *auth; /* Client */
|
struct auth_client *auth; /* Client */
|
||||||
struct dns_query *query; /* DNS query pointer */
|
struct dns_query *query; /* DNS query pointer */
|
||||||
|
|
||||||
rb_dlink_node node;
|
rb_dlink_node node;
|
||||||
};
|
};
|
||||||
|
|
||||||
/* A blacklist filter */
|
/* A dnsbl filter */
|
||||||
struct blacklist_filter
|
struct dnsbl_filter
|
||||||
{
|
{
|
||||||
filter_t type; /* Type of filter */
|
filter_t type; /* Type of filter */
|
||||||
char filter[HOSTIPLEN]; /* The filter itself */
|
char filter[HOSTIPLEN]; /* The filter itself */
|
||||||
|
@ -90,38 +90,38 @@ struct blacklist_filter
|
||||||
rb_dlink_node node;
|
rb_dlink_node node;
|
||||||
};
|
};
|
||||||
|
|
||||||
/* Blacklist user data attached to auth_client instance */
|
/* dnsbl user data attached to auth_client instance */
|
||||||
struct blacklist_user
|
struct dnsbl_user
|
||||||
{
|
{
|
||||||
bool started;
|
bool started;
|
||||||
rb_dlink_list queries; /* Blacklist queries in flight */
|
rb_dlink_list queries; /* dnsbl queries in flight */
|
||||||
};
|
};
|
||||||
|
|
||||||
/* public interfaces */
|
/* public interfaces */
|
||||||
static void blacklists_destroy(void);
|
static void dnsbls_destroy(void);
|
||||||
|
|
||||||
static bool blacklists_start(struct auth_client *);
|
static bool dnsbls_start(struct auth_client *);
|
||||||
static inline void blacklists_generic_cancel(struct auth_client *, const char *);
|
static inline void dnsbls_generic_cancel(struct auth_client *, const char *);
|
||||||
static void blacklists_timeout(struct auth_client *);
|
static void dnsbls_timeout(struct auth_client *);
|
||||||
static void blacklists_cancel(struct auth_client *);
|
static void dnsbls_cancel(struct auth_client *);
|
||||||
static void blacklists_cancel_none(struct auth_client *);
|
static void dnsbls_cancel_none(struct auth_client *);
|
||||||
|
|
||||||
/* private interfaces */
|
/* private interfaces */
|
||||||
static void unref_blacklist(struct blacklist *);
|
static void unref_dnsbl(struct dnsbl *);
|
||||||
static struct blacklist *new_blacklist(const char *, const char *, uint8_t, rb_dlink_list *);
|
static struct dnsbl *new_dnsbl(const char *, const char *, uint8_t, rb_dlink_list *);
|
||||||
static struct blacklist *find_blacklist(const char *);
|
static struct dnsbl *find_dnsbl(const char *);
|
||||||
static bool blacklist_check_reply(struct blacklist_lookup *, const char *);
|
static bool dnsbl_check_reply(struct dnsbl_lookup *, const char *);
|
||||||
static void blacklist_dns_callback(const char *, bool, query_type, void *);
|
static void dnsbl_dns_callback(const char *, bool, query_type, void *);
|
||||||
static void initiate_blacklist_dnsquery(struct blacklist *, struct auth_client *);
|
static void initiate_dnsbl_dnsquery(struct dnsbl *, struct auth_client *);
|
||||||
|
|
||||||
/* Variables */
|
/* Variables */
|
||||||
static rb_dlink_list blacklist_list = { NULL, NULL, 0 };
|
static rb_dlink_list dnsbl_list = { NULL, NULL, 0 };
|
||||||
static int blacklist_timeout = BLACKLIST_TIMEOUT_DEFAULT;
|
static int dnsbl_timeout = DNSBL_TIMEOUT_DEFAULT;
|
||||||
|
|
||||||
/* private interfaces */
|
/* private interfaces */
|
||||||
|
|
||||||
static void
|
static void
|
||||||
unref_blacklist(struct blacklist *bl)
|
unref_dnsbl(struct dnsbl *bl)
|
||||||
{
|
{
|
||||||
rb_dlink_node *ptr, *nptr;
|
rb_dlink_node *ptr, *nptr;
|
||||||
|
|
||||||
|
@ -134,23 +134,23 @@ unref_blacklist(struct blacklist *bl)
|
||||||
rb_free(ptr);
|
rb_free(ptr);
|
||||||
}
|
}
|
||||||
|
|
||||||
rb_dlinkFindDestroy(bl, &blacklist_list);
|
rb_dlinkFindDestroy(bl, &dnsbl_list);
|
||||||
rb_free(bl);
|
rb_free(bl);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
static struct blacklist *
|
static struct dnsbl *
|
||||||
new_blacklist(const char *name, const char *reason, uint8_t iptype, rb_dlink_list *filters)
|
new_dnsbl(const char *name, const char *reason, uint8_t iptype, rb_dlink_list *filters)
|
||||||
{
|
{
|
||||||
struct blacklist *bl;
|
struct dnsbl *bl;
|
||||||
|
|
||||||
if (name == NULL || reason == NULL || iptype == 0)
|
if (name == NULL || reason == NULL || iptype == 0)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
if((bl = find_blacklist(name)) == NULL)
|
if((bl = find_dnsbl(name)) == NULL)
|
||||||
{
|
{
|
||||||
bl = rb_malloc(sizeof(struct blacklist));
|
bl = rb_malloc(sizeof(struct dnsbl));
|
||||||
rb_dlinkAddAlloc(bl, &blacklist_list);
|
rb_dlinkAddAlloc(bl, &dnsbl_list);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
bl->delete = false;
|
bl->delete = false;
|
||||||
|
@ -166,14 +166,14 @@ new_blacklist(const char *name, const char *reason, uint8_t iptype, rb_dlink_lis
|
||||||
return bl;
|
return bl;
|
||||||
}
|
}
|
||||||
|
|
||||||
static struct blacklist *
|
static struct dnsbl *
|
||||||
find_blacklist(const char *name)
|
find_dnsbl(const char *name)
|
||||||
{
|
{
|
||||||
rb_dlink_node *ptr;
|
rb_dlink_node *ptr;
|
||||||
|
|
||||||
RB_DLINK_FOREACH(ptr, blacklist_list.head)
|
RB_DLINK_FOREACH(ptr, dnsbl_list.head)
|
||||||
{
|
{
|
||||||
struct blacklist *bl = (struct blacklist *)ptr->data;
|
struct dnsbl *bl = (struct dnsbl *)ptr->data;
|
||||||
|
|
||||||
if (!strcasecmp(bl->host, name))
|
if (!strcasecmp(bl->host, name))
|
||||||
return bl;
|
return bl;
|
||||||
|
@ -183,9 +183,9 @@ find_blacklist(const char *name)
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline bool
|
static inline bool
|
||||||
blacklist_check_reply(struct blacklist_lookup *bllookup, const char *ipaddr)
|
dnsbl_check_reply(struct dnsbl_lookup *bllookup, const char *ipaddr)
|
||||||
{
|
{
|
||||||
struct blacklist *bl = bllookup->bl;
|
struct dnsbl *bl = bllookup->bl;
|
||||||
const char *lastoctet;
|
const char *lastoctet;
|
||||||
rb_dlink_node *ptr;
|
rb_dlink_node *ptr;
|
||||||
|
|
||||||
|
@ -199,7 +199,7 @@ blacklist_check_reply(struct blacklist_lookup *bllookup, const char *ipaddr)
|
||||||
|
|
||||||
RB_DLINK_FOREACH(ptr, bl->filters.head)
|
RB_DLINK_FOREACH(ptr, bl->filters.head)
|
||||||
{
|
{
|
||||||
struct blacklist_filter *filter = ptr->data;
|
struct dnsbl_filter *filter = ptr->data;
|
||||||
const char *cmpstr;
|
const char *cmpstr;
|
||||||
|
|
||||||
if (filter->type == FILTER_ALL)
|
if (filter->type == FILTER_ALL)
|
||||||
|
@ -208,7 +208,7 @@ blacklist_check_reply(struct blacklist_lookup *bllookup, const char *ipaddr)
|
||||||
cmpstr = lastoctet;
|
cmpstr = lastoctet;
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
warn_opers(L_CRIT, "Blacklist: Unknown blacklist filter type (host %s): %d",
|
warn_opers(L_CRIT, "dnsbl: Unknown dnsbl filter type (host %s): %d",
|
||||||
bl->host, filter->type);
|
bl->host, filter->type);
|
||||||
exit(EX_PROVIDER_ERROR);
|
exit(EX_PROVIDER_ERROR);
|
||||||
}
|
}
|
||||||
|
@ -222,7 +222,7 @@ blacklist_check_reply(struct blacklist_lookup *bllookup, const char *ipaddr)
|
||||||
blwarn:
|
blwarn:
|
||||||
if (bl->lastwarning + 3600 < rb_current_time())
|
if (bl->lastwarning + 3600 < rb_current_time())
|
||||||
{
|
{
|
||||||
warn_opers(L_WARN, "Garbage/undecipherable reply received from blacklist %s (reply %s)",
|
warn_opers(L_WARN, "Garbage/undecipherable reply received from dnsbl %s (reply %s)",
|
||||||
bl->host, ipaddr);
|
bl->host, ipaddr);
|
||||||
bl->lastwarning = rb_current_time();
|
bl->lastwarning = rb_current_time();
|
||||||
}
|
}
|
||||||
|
@ -231,11 +231,11 @@ blwarn:
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
blacklist_dns_callback(const char *result, bool status, query_type type, void *data)
|
dnsbl_dns_callback(const char *result, bool status, query_type type, void *data)
|
||||||
{
|
{
|
||||||
struct blacklist_lookup *bllookup = (struct blacklist_lookup *)data;
|
struct dnsbl_lookup *bllookup = (struct dnsbl_lookup *)data;
|
||||||
struct blacklist_user *bluser;
|
struct dnsbl_user *bluser;
|
||||||
struct blacklist *bl;
|
struct dnsbl *bl;
|
||||||
struct auth_client *auth;
|
struct auth_client *auth;
|
||||||
|
|
||||||
lrb_assert(bllookup != NULL);
|
lrb_assert(bllookup != NULL);
|
||||||
|
@ -247,16 +247,16 @@ blacklist_dns_callback(const char *result, bool status, query_type type, void *d
|
||||||
if((bluser = get_provider_data(auth, SELF_PID)) == NULL)
|
if((bluser = get_provider_data(auth, SELF_PID)) == NULL)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
if (result != NULL && status && blacklist_check_reply(bllookup, result))
|
if (result != NULL && status && dnsbl_check_reply(bllookup, result))
|
||||||
{
|
{
|
||||||
/* Match found, so proceed no further */
|
/* Match found, so proceed no further */
|
||||||
bl->hits++;
|
bl->hits++;
|
||||||
reject_client(auth, SELF_PID, bl->host, bl->reason);
|
reject_client(auth, SELF_PID, bl->host, bl->reason);
|
||||||
blacklists_cancel(auth);
|
dnsbls_cancel(auth);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
unref_blacklist(bl);
|
unref_dnsbl(bl);
|
||||||
cancel_query(bllookup->query); /* Ignore future responses */
|
cancel_query(bllookup->query); /* Ignore future responses */
|
||||||
rb_dlinkDelete(&bllookup->node, &bluser->queries);
|
rb_dlinkDelete(&bllookup->node, &bluser->queries);
|
||||||
rb_free(bllookup);
|
rb_free(bllookup);
|
||||||
|
@ -264,8 +264,8 @@ blacklist_dns_callback(const char *result, bool status, query_type type, void *d
|
||||||
if(!rb_dlink_list_length(&bluser->queries))
|
if(!rb_dlink_list_length(&bluser->queries))
|
||||||
{
|
{
|
||||||
/* Done here */
|
/* Done here */
|
||||||
notice_client(auth->cid, "*** IP not found in DNS blacklist%s",
|
notice_client(auth->cid, "*** No DNSBL entr%s found for this IP",
|
||||||
rb_dlink_list_length(&blacklist_list) > 1 ? "s" : "");
|
rb_dlink_list_length(&dnsbl_list) > 1 ? "ies" : "y");
|
||||||
rb_free(bluser);
|
rb_free(bluser);
|
||||||
set_provider_data(auth, SELF_PID, NULL);
|
set_provider_data(auth, SELF_PID, NULL);
|
||||||
set_provider_timeout_absolute(auth, SELF_PID, 0);
|
set_provider_timeout_absolute(auth, SELF_PID, 0);
|
||||||
|
@ -276,10 +276,10 @@ blacklist_dns_callback(const char *result, bool status, query_type type, void *d
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
initiate_blacklist_dnsquery(struct blacklist *bl, struct auth_client *auth)
|
initiate_dnsbl_dnsquery(struct dnsbl *bl, struct auth_client *auth)
|
||||||
{
|
{
|
||||||
struct blacklist_lookup *bllookup = rb_malloc(sizeof(struct blacklist_lookup));
|
struct dnsbl_lookup *bllookup = rb_malloc(sizeof(struct dnsbl_lookup));
|
||||||
struct blacklist_user *bluser = get_provider_data(auth, SELF_PID);
|
struct dnsbl_user *bluser = get_provider_data(auth, SELF_PID);
|
||||||
char buf[IRCD_RES_HOSTLEN + 1];
|
char buf[IRCD_RES_HOSTLEN + 1];
|
||||||
int aftype;
|
int aftype;
|
||||||
|
|
||||||
|
@ -289,23 +289,23 @@ initiate_blacklist_dnsquery(struct blacklist *bl, struct auth_client *auth)
|
||||||
aftype = GET_SS_FAMILY(&auth->c_addr);
|
aftype = GET_SS_FAMILY(&auth->c_addr);
|
||||||
if((aftype == AF_INET && (bl->iptype & IPTYPE_IPV4) == 0) ||
|
if((aftype == AF_INET && (bl->iptype & IPTYPE_IPV4) == 0) ||
|
||||||
(aftype == AF_INET6 && (bl->iptype & IPTYPE_IPV6) == 0))
|
(aftype == AF_INET6 && (bl->iptype & IPTYPE_IPV6) == 0))
|
||||||
/* Incorrect blacklist type for this IP... */
|
/* Incorrect dnsbl type for this IP... */
|
||||||
{
|
{
|
||||||
rb_free(bllookup);
|
rb_free(bllookup);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
build_rdns(buf, sizeof(buf), &auth->c_addr, bl->host);
|
build_rdns(buf, sizeof(buf), &auth->c_addr, bl->host);
|
||||||
bllookup->query = lookup_ip(buf, AF_INET, blacklist_dns_callback, bllookup);
|
bllookup->query = lookup_ip(buf, AF_INET, dnsbl_dns_callback, bllookup);
|
||||||
|
|
||||||
rb_dlinkAdd(bllookup, &bllookup->node, &bluser->queries);
|
rb_dlinkAdd(bllookup, &bllookup->node, &bluser->queries);
|
||||||
bl->refcount++;
|
bl->refcount++;
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline bool
|
static inline bool
|
||||||
lookup_all_blacklists(struct auth_client *auth)
|
lookup_all_dnsbls(struct auth_client *auth)
|
||||||
{
|
{
|
||||||
struct blacklist_user *bluser = get_provider_data(auth, SELF_PID);
|
struct dnsbl_user *bluser = get_provider_data(auth, SELF_PID);
|
||||||
rb_dlink_node *ptr;
|
rb_dlink_node *ptr;
|
||||||
int iptype;
|
int iptype;
|
||||||
|
|
||||||
|
@ -317,56 +317,56 @@ lookup_all_blacklists(struct auth_client *auth)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
bluser->started = true;
|
bluser->started = true;
|
||||||
notice_client(auth->cid, "*** Checking your IP against DNS blacklist%s",
|
notice_client(auth->cid, "*** Checking your IP against DNSBL%s",
|
||||||
rb_dlink_list_length(&blacklist_list) > 1 ? "s" : "");
|
rb_dlink_list_length(&dnsbl_list) > 1 ? "s" : "");
|
||||||
|
|
||||||
RB_DLINK_FOREACH(ptr, blacklist_list.head)
|
RB_DLINK_FOREACH(ptr, dnsbl_list.head)
|
||||||
{
|
{
|
||||||
struct blacklist *bl = (struct blacklist *)ptr->data;
|
struct dnsbl *bl = (struct dnsbl *)ptr->data;
|
||||||
|
|
||||||
if (!bl->delete && (bl->iptype & iptype))
|
if (!bl->delete && (bl->iptype & iptype))
|
||||||
initiate_blacklist_dnsquery(bl, auth);
|
initiate_dnsbl_dnsquery(bl, auth);
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!rb_dlink_list_length(&bluser->queries))
|
if(!rb_dlink_list_length(&bluser->queries))
|
||||||
/* None checked. */
|
/* None checked. */
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
set_provider_timeout_relative(auth, SELF_PID, blacklist_timeout);
|
set_provider_timeout_relative(auth, SELF_PID, dnsbl_timeout);
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline void
|
static inline void
|
||||||
delete_blacklist(struct blacklist *bl)
|
delete_dnsbl(struct dnsbl *bl)
|
||||||
{
|
{
|
||||||
if (bl->refcount > 0)
|
if (bl->refcount > 0)
|
||||||
bl->delete = true;
|
bl->delete = true;
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
rb_dlinkFindDestroy(bl, &blacklist_list);
|
rb_dlinkFindDestroy(bl, &dnsbl_list);
|
||||||
rb_free(bl);
|
rb_free(bl);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
delete_all_blacklists(void)
|
delete_all_dnsbls(void)
|
||||||
{
|
{
|
||||||
rb_dlink_node *ptr, *nptr;
|
rb_dlink_node *ptr, *nptr;
|
||||||
|
|
||||||
RB_DLINK_FOREACH_SAFE(ptr, nptr, blacklist_list.head)
|
RB_DLINK_FOREACH_SAFE(ptr, nptr, dnsbl_list.head)
|
||||||
{
|
{
|
||||||
delete_blacklist(ptr->data);
|
delete_dnsbl(ptr->data);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* public interfaces */
|
/* public interfaces */
|
||||||
static bool
|
static bool
|
||||||
blacklists_start(struct auth_client *auth)
|
dnsbls_start(struct auth_client *auth)
|
||||||
{
|
{
|
||||||
lrb_assert(get_provider_data(auth, SELF_PID) == NULL);
|
lrb_assert(get_provider_data(auth, SELF_PID) == NULL);
|
||||||
|
|
||||||
if (!rb_dlink_list_length(&blacklist_list)) {
|
if (!rb_dlink_list_length(&dnsbl_list)) {
|
||||||
/* Nothing to do... */
|
/* Nothing to do... */
|
||||||
provider_done(auth, SELF_PID);
|
provider_done(auth, SELF_PID);
|
||||||
return true;
|
return true;
|
||||||
|
@ -374,12 +374,12 @@ blacklists_start(struct auth_client *auth)
|
||||||
|
|
||||||
auth_client_ref(auth);
|
auth_client_ref(auth);
|
||||||
|
|
||||||
set_provider_data(auth, SELF_PID, rb_malloc(sizeof(struct blacklist_user)));
|
set_provider_data(auth, SELF_PID, rb_malloc(sizeof(struct dnsbl_user)));
|
||||||
|
|
||||||
if (run_after_provider(auth, "rdns") && run_after_provider(auth, "ident")) {
|
if (run_after_provider(auth, "rdns") && run_after_provider(auth, "ident")) {
|
||||||
/* Start the lookup if ident and rdns are finished, or not loaded. */
|
/* Start the lookup if ident and rdns are finished, or not loaded. */
|
||||||
if (!lookup_all_blacklists(auth)) {
|
if (!lookup_all_dnsbls(auth)) {
|
||||||
blacklists_cancel_none(auth);
|
dnsbls_cancel_none(auth);
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -389,30 +389,30 @@ blacklists_start(struct auth_client *auth)
|
||||||
|
|
||||||
/* This is called every time a provider is completed as long as we are marked not done */
|
/* This is called every time a provider is completed as long as we are marked not done */
|
||||||
static void
|
static void
|
||||||
blacklists_initiate(struct auth_client *auth, uint32_t provider)
|
dnsbls_initiate(struct auth_client *auth, uint32_t provider)
|
||||||
{
|
{
|
||||||
struct blacklist_user *bluser = get_provider_data(auth, SELF_PID);
|
struct dnsbl_user *bluser = get_provider_data(auth, SELF_PID);
|
||||||
|
|
||||||
lrb_assert(provider != SELF_PID);
|
lrb_assert(provider != SELF_PID);
|
||||||
lrb_assert(!is_provider_done(auth, SELF_PID));
|
lrb_assert(!is_provider_done(auth, SELF_PID));
|
||||||
lrb_assert(rb_dlink_list_length(&blacklist_list) > 0);
|
lrb_assert(rb_dlink_list_length(&dnsbl_list) > 0);
|
||||||
|
|
||||||
if (bluser == NULL || bluser->started) {
|
if (bluser == NULL || bluser->started) {
|
||||||
/* Nothing to do */
|
/* Nothing to do */
|
||||||
return;
|
return;
|
||||||
} else if (run_after_provider(auth, "rdns") && run_after_provider(auth, "ident")) {
|
} else if (run_after_provider(auth, "rdns") && run_after_provider(auth, "ident")) {
|
||||||
/* Start the lookup if ident and rdns are finished, or not loaded. */
|
/* Start the lookup if ident and rdns are finished, or not loaded. */
|
||||||
if (!lookup_all_blacklists(auth)) {
|
if (!lookup_all_dnsbls(auth)) {
|
||||||
blacklists_cancel_none(auth);
|
dnsbls_cancel_none(auth);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline void
|
static inline void
|
||||||
blacklists_generic_cancel(struct auth_client *auth, const char *message)
|
dnsbls_generic_cancel(struct auth_client *auth, const char *message)
|
||||||
{
|
{
|
||||||
rb_dlink_node *ptr, *nptr;
|
rb_dlink_node *ptr, *nptr;
|
||||||
struct blacklist_user *bluser = get_provider_data(auth, SELF_PID);
|
struct dnsbl_user *bluser = get_provider_data(auth, SELF_PID);
|
||||||
|
|
||||||
if(bluser == NULL)
|
if(bluser == NULL)
|
||||||
return;
|
return;
|
||||||
|
@ -423,10 +423,10 @@ blacklists_generic_cancel(struct auth_client *auth, const char *message)
|
||||||
|
|
||||||
RB_DLINK_FOREACH_SAFE(ptr, nptr, bluser->queries.head)
|
RB_DLINK_FOREACH_SAFE(ptr, nptr, bluser->queries.head)
|
||||||
{
|
{
|
||||||
struct blacklist_lookup *bllookup = ptr->data;
|
struct dnsbl_lookup *bllookup = ptr->data;
|
||||||
|
|
||||||
cancel_query(bllookup->query);
|
cancel_query(bllookup->query);
|
||||||
unref_blacklist(bllookup->bl);
|
unref_dnsbl(bllookup->bl);
|
||||||
|
|
||||||
rb_dlinkDelete(&bllookup->node, &bluser->queries);
|
rb_dlinkDelete(&bllookup->node, &bluser->queries);
|
||||||
rb_free(bllookup);
|
rb_free(bllookup);
|
||||||
|
@ -442,40 +442,40 @@ blacklists_generic_cancel(struct auth_client *auth, const char *message)
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
blacklists_timeout(struct auth_client *auth)
|
dnsbls_timeout(struct auth_client *auth)
|
||||||
{
|
{
|
||||||
blacklists_generic_cancel(auth, "*** No response from DNS blacklists");
|
dnsbls_generic_cancel(auth, "*** No response from DNS dnsbls");
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
blacklists_cancel(struct auth_client *auth)
|
dnsbls_cancel(struct auth_client *auth)
|
||||||
{
|
{
|
||||||
blacklists_generic_cancel(auth, "*** Aborting DNS blacklist checks");
|
dnsbls_generic_cancel(auth, "*** Aborting DNS dnsbl checks");
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
blacklists_cancel_none(struct auth_client *auth)
|
dnsbls_cancel_none(struct auth_client *auth)
|
||||||
{
|
{
|
||||||
blacklists_generic_cancel(auth, "*** Could not check DNS blacklists");
|
dnsbls_generic_cancel(auth, "*** Could not check DNS dnsbls");
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
blacklists_destroy(void)
|
dnsbls_destroy(void)
|
||||||
{
|
{
|
||||||
rb_dictionary_iter iter;
|
rb_dictionary_iter iter;
|
||||||
struct auth_client *auth;
|
struct auth_client *auth;
|
||||||
|
|
||||||
RB_DICTIONARY_FOREACH(auth, &iter, auth_clients)
|
RB_DICTIONARY_FOREACH(auth, &iter, auth_clients)
|
||||||
{
|
{
|
||||||
blacklists_cancel(auth);
|
dnsbls_cancel(auth);
|
||||||
/* auth is now invalid as we have no reference */
|
/* auth is now invalid as we have no reference */
|
||||||
}
|
}
|
||||||
|
|
||||||
delete_all_blacklists();
|
delete_all_dnsbls();
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
add_conf_blacklist(const char *key, int parc, const char **parv)
|
add_conf_dnsbl(const char *key, int parc, const char **parv)
|
||||||
{
|
{
|
||||||
rb_dlink_list filters = { NULL, NULL, 0 };
|
rb_dlink_list filters = { NULL, NULL, 0 };
|
||||||
char *tmp, *elemlist = rb_strdup(parv[2]);
|
char *tmp, *elemlist = rb_strdup(parv[2]);
|
||||||
|
@ -486,18 +486,18 @@ add_conf_blacklist(const char *key, int parc, const char **parv)
|
||||||
|
|
||||||
for(char *elem = rb_strtok_r(elemlist, ",", &tmp); elem; elem = rb_strtok_r(NULL, ",", &tmp))
|
for(char *elem = rb_strtok_r(elemlist, ",", &tmp); elem; elem = rb_strtok_r(NULL, ",", &tmp))
|
||||||
{
|
{
|
||||||
struct blacklist_filter *filter = rb_malloc(sizeof(struct blacklist_filter));
|
struct dnsbl_filter *filter = rb_malloc(sizeof(struct dnsbl_filter));
|
||||||
int dot_c = 0;
|
int dot_c = 0;
|
||||||
filter_t type = FILTER_LAST;
|
filter_t type = FILTER_LAST;
|
||||||
|
|
||||||
/* Check blacklist filter type and for validity */
|
/* Check dnsbl filter type and for validity */
|
||||||
for(char *c = elem; *c != '\0'; c++)
|
for(char *c = elem; *c != '\0'; c++)
|
||||||
{
|
{
|
||||||
if(*c == '.')
|
if(*c == '.')
|
||||||
{
|
{
|
||||||
if(++dot_c > 3)
|
if(++dot_c > 3)
|
||||||
{
|
{
|
||||||
warn_opers(L_CRIT, "Blacklist: addr_conf_blacklist got a bad filter (too many octets)");
|
warn_opers(L_CRIT, "dnsbl: addr_conf_dnsbl got a bad filter (too many octets)");
|
||||||
exit(EX_PROVIDER_ERROR);
|
exit(EX_PROVIDER_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -505,7 +505,7 @@ add_conf_blacklist(const char *key, int parc, const char **parv)
|
||||||
}
|
}
|
||||||
else if(!isdigit(*c))
|
else if(!isdigit(*c))
|
||||||
{
|
{
|
||||||
warn_opers(L_CRIT, "Blacklist: addr_conf_blacklist got a bad filter (invalid character in blacklist filter: %c)",
|
warn_opers(L_CRIT, "dnsbl: addr_conf_dnsbl got a bad filter (invalid character in dnsbl filter: %c)",
|
||||||
*c);
|
*c);
|
||||||
exit(EX_PROVIDER_ERROR);
|
exit(EX_PROVIDER_ERROR);
|
||||||
}
|
}
|
||||||
|
@ -513,7 +513,7 @@ add_conf_blacklist(const char *key, int parc, const char **parv)
|
||||||
|
|
||||||
if(dot_c > 0 && dot_c < 3)
|
if(dot_c > 0 && dot_c < 3)
|
||||||
{
|
{
|
||||||
warn_opers(L_CRIT, "Blacklist: addr_conf_blacklist got a bad filter (insufficient octets)");
|
warn_opers(L_CRIT, "dnsbl: addr_conf_dnsbl got a bad filter (insufficient octets)");
|
||||||
exit(EX_PROVIDER_ERROR);
|
exit(EX_PROVIDER_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -526,56 +526,56 @@ end:
|
||||||
rb_free(elemlist);
|
rb_free(elemlist);
|
||||||
|
|
||||||
iptype = atoi(parv[1]) & 0x3;
|
iptype = atoi(parv[1]) & 0x3;
|
||||||
if(new_blacklist(parv[0], parv[3], iptype, &filters) == NULL)
|
if(new_dnsbl(parv[0], parv[3], iptype, &filters) == NULL)
|
||||||
{
|
{
|
||||||
warn_opers(L_CRIT, "Blacklist: addr_conf_blacklist got a malformed blacklist");
|
warn_opers(L_CRIT, "dnsbl: addr_conf_dnsbl got a malformed dnsbl");
|
||||||
exit(EX_PROVIDER_ERROR);
|
exit(EX_PROVIDER_ERROR);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
del_conf_blacklist(const char *key, int parc, const char **parv)
|
del_conf_dnsbl(const char *key, int parc, const char **parv)
|
||||||
{
|
{
|
||||||
struct blacklist *bl = find_blacklist(parv[0]);
|
struct dnsbl *bl = find_dnsbl(parv[0]);
|
||||||
if(bl == NULL)
|
if(bl == NULL)
|
||||||
{
|
{
|
||||||
/* Not fatal for now... */
|
/* Not fatal for now... */
|
||||||
warn_opers(L_WARN, "Blacklist: tried to remove nonexistent blacklist %s", parv[0]);
|
warn_opers(L_WARN, "dnsbl: tried to remove nonexistent dnsbl %s", parv[0]);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
delete_blacklist(bl);
|
delete_dnsbl(bl);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
del_conf_blacklist_all(const char *key, int parc, const char **parv)
|
del_conf_dnsbl_all(const char *key, int parc, const char **parv)
|
||||||
{
|
{
|
||||||
delete_all_blacklists();
|
delete_all_dnsbls();
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
add_conf_blacklist_timeout(const char *key, int parc, const char **parv)
|
add_conf_dnsbl_timeout(const char *key, int parc, const char **parv)
|
||||||
{
|
{
|
||||||
int timeout = atoi(parv[0]);
|
int timeout = atoi(parv[0]);
|
||||||
|
|
||||||
if(timeout < 0)
|
if(timeout < 0)
|
||||||
{
|
{
|
||||||
warn_opers(L_CRIT, "Blacklist: blacklist timeout < 0 (value: %d)", timeout);
|
warn_opers(L_CRIT, "dnsbl: dnsbl timeout < 0 (value: %d)", timeout);
|
||||||
exit(EX_PROVIDER_ERROR);
|
exit(EX_PROVIDER_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
blacklist_timeout = timeout;
|
dnsbl_timeout = timeout;
|
||||||
}
|
}
|
||||||
|
|
||||||
#if 0
|
#if 0
|
||||||
static void
|
static void
|
||||||
blacklist_stats(uint32_t rid, char letter)
|
dnsbl_stats(uint32_t rid, char letter)
|
||||||
{
|
{
|
||||||
rb_dlink_node *ptr;
|
rb_dlink_node *ptr;
|
||||||
|
|
||||||
RB_DLINK_FOREACH(ptr, blacklist_list.head)
|
RB_DLINK_FOREACH(ptr, dnsbl_list.head)
|
||||||
{
|
{
|
||||||
struct blacklist *bl = ptr->data;
|
struct dnsbl *bl = ptr->data;
|
||||||
|
|
||||||
if(bl->delete)
|
if(bl->delete)
|
||||||
continue;
|
continue;
|
||||||
|
@ -587,24 +587,24 @@ blacklist_stats(uint32_t rid, char letter)
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
struct auth_opts_handler blacklist_options[] =
|
struct auth_opts_handler dnsbl_options[] =
|
||||||
{
|
{
|
||||||
{ "rbl", 4, add_conf_blacklist },
|
{ "rbl", 4, add_conf_dnsbl },
|
||||||
{ "rbl_del", 1, del_conf_blacklist },
|
{ "rbl_del", 1, del_conf_dnsbl },
|
||||||
{ "rbl_del_all", 0, del_conf_blacklist_all },
|
{ "rbl_del_all", 0, del_conf_dnsbl_all },
|
||||||
{ "rbl_timeout", 1, add_conf_blacklist_timeout },
|
{ "rbl_timeout", 1, add_conf_dnsbl_timeout },
|
||||||
{ NULL, 0, NULL },
|
{ NULL, 0, NULL },
|
||||||
};
|
};
|
||||||
|
|
||||||
struct auth_provider blacklist_provider =
|
struct auth_provider dnsbl_provider =
|
||||||
{
|
{
|
||||||
.name = "blacklist",
|
.name = "dnsbl",
|
||||||
.letter = 'B',
|
.letter = 'B',
|
||||||
.destroy = blacklists_destroy,
|
.destroy = dnsbls_destroy,
|
||||||
.start = blacklists_start,
|
.start = dnsbls_start,
|
||||||
.cancel = blacklists_cancel,
|
.cancel = dnsbls_cancel,
|
||||||
.timeout = blacklists_timeout,
|
.timeout = dnsbls_timeout,
|
||||||
.completed = blacklists_initiate,
|
.completed = dnsbls_initiate,
|
||||||
.opt_handlers = blacklist_options,
|
.opt_handlers = dnsbl_options,
|
||||||
/* .stats_handler = { 'B', blacklist_stats }, */
|
/* .stats_handler = { 'B', dnsbl_stats }, */
|
||||||
};
|
};
|
|
@ -77,7 +77,7 @@ extern const char *ircd_paths[IRCD_PATH_COUNT];
|
||||||
#define LINKS_DELAY_DEFAULT 300
|
#define LINKS_DELAY_DEFAULT 300
|
||||||
#define MAX_TARGETS_DEFAULT 4 /* default for max_targets */
|
#define MAX_TARGETS_DEFAULT 4 /* default for max_targets */
|
||||||
#define IDENT_TIMEOUT_DEFAULT 5
|
#define IDENT_TIMEOUT_DEFAULT 5
|
||||||
#define BLACKLIST_TIMEOUT_DEFAULT 10
|
#define DNSBL_TIMEOUT_DEFAULT 10
|
||||||
#define OPM_TIMEOUT_DEFAULT 10
|
#define OPM_TIMEOUT_DEFAULT 10
|
||||||
#define RDNS_TIMEOUT_DEFAULT 5
|
#define RDNS_TIMEOUT_DEFAULT 5
|
||||||
#define MIN_JOIN_LEAVE_TIME 60
|
#define MIN_JOIN_LEAVE_TIME 60
|
||||||
|
|
Loading…
Reference in a new issue