Merge branch 'edk0-check-one-kline'

doc/ircd.conf.example

@@ -579,7 +579,6 @@ general {
 	resv_fnc = yes;
 	global_snotices = yes;
 	dline_with_reason = yes;
-	kline_delay = 0 seconds;
 	kline_with_reason = yes;
 	kline_reason = "K-Lined";
 	identify_service = "NickServ@services.int";

doc/reference.conf

@@ -1173,12 +1173,6 @@ general {
 	 */
 	dline_with_reason = yes;
 
-	/* kline delay: delay the checking of klines until a specified time.
-	 * Useful if large kline lists are applied often to prevent the
-	 * server eating CPU.
-	 */
-	kline_delay = 0 seconds;
-
 	/* kline reason: show the user the reason why they are k/dlined
 	 * on exit.  may give away who set k/dline when set via tcm.
 	 */

include/client.h

@@ -578,9 +578,15 @@ struct ListClient
 #define SHOW_IP 1
 #define MASK_IP 2
 
+enum
+{
+	D_LINED,
+	K_LINED
+};
+
 extern void check_banned_lines(void);
-extern void check_klines_event(void *unused);
 extern void check_klines(void);
+extern void check_one_kline(struct ConfItem *kline);
 extern void check_dlines(void);
 extern void check_xlines(void);
 extern void resv_nick_fnc(const char *mask, const char *reason, int temp_time);
@@ -592,6 +598,7 @@ extern void init_client(void);
 extern struct Client *make_client(struct Client *from);
 extern void free_pre_client(struct Client *client);
 
+extern void notify_banned_client(struct Client *, struct ConfItem *, int ban);
 extern int exit_client(struct Client *, struct Client *, struct Client *, const char *);
 
 extern void error_exit_client(struct Client *, int);

include/s_conf.h

@@ -178,7 +178,6 @@ struct config_file_entry
 	int ts_warn_delta;
 	int dline_with_reason;
 	int kline_with_reason;
-	int kline_delay;
 	int warn_no_nline;
 	int nick_delay;
 	int non_redundant_klines;

ircd/client.c

@@ -80,12 +80,6 @@ static uint32_t current_connid = 0;
 
 rb_dictionary *nd_dict = NULL;
 
-enum
-{
-	D_LINED,
-	K_LINED
-};
-
 rb_dlink_list dead_list;
 #ifdef DEBUG_EXITED_CLIENTS
 static rb_dlink_list dead_remote_list;
@@ -487,7 +481,7 @@ check_unknowns_list(rb_dlink_list * list)
 	}
 }
 
-static void
+void
 notify_banned_client(struct Client *client_p, struct ConfItem *aconf, int ban)
 {
 	static const char conn_closed[] = "Connection closed";
@@ -532,19 +526,6 @@ check_banned_lines(void)
 	check_xlines();
 }
 
-/* check_klines_event()
- *
- * inputs	-
- * outputs	-
- * side effects - check_klines() is called, kline_queued unset
- */
-void
-check_klines_event(void *unused)
-{
-	kline_queued = false;
-	check_klines();
-}
-
 /* check_klines
  *
  * inputs       -
@@ -587,6 +568,74 @@ check_klines(void)
 	}
 }
 
+
+/* check_one_kline()
+ *
+ * This process needs to be kept in sync with find_kline() aka find_conf_by_address().
+ *
+ * inputs       - pointer to kline to check
+ * outputs      -
+ * side effects - all clients will be checked against given kline
+ */
+void
+check_one_kline(struct ConfItem *kline)
+{
+	struct Client *client_p;
+	rb_dlink_node *ptr;
+	rb_dlink_node *next_ptr;
+
+	RB_DLINK_FOREACH_SAFE(ptr, next_ptr, lclient_list.head)
+	{
+		client_p = ptr->data;
+
+		if(IsMe(client_p) || !IsPerson(client_p))
+			continue;
+
+		if(!match(kline->user, client_p->username))
+			continue;
+
+		/* match one kline */
+		{
+			int matched = 0;
+			int masktype;
+			int bits;
+			struct rb_sockaddr_storage sockaddr;
+
+			masktype = parse_netmask(kline->host, (struct sockaddr *)&sockaddr, &bits);
+
+			switch (masktype) {
+			case HM_IPV4:
+			case HM_IPV6:
+				if(comp_with_mask_sock((struct sockaddr *)&client_p->localClient->ip,
+						(struct sockaddr *)&sockaddr, bits))
+					matched = 1;
+			case HM_HOST:
+				if (match(kline->host, client_p->orighost))
+					matched = 1;
+			}
+
+			if (!matched)
+				continue;
+		}
+
+		if(IsExemptKline(client_p))
+		{
+			sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
+						 "KLINE over-ruled for %s, client is kline_exempt [%s@%s]",
+						 get_client_name(client_p, HIDE_IP),
+						 kline->user, kline->host);
+			continue;
+		}
+
+		sendto_realops_snomask(SNO_GENERAL, L_ALL,
+					 "KLINE active for %s",
+					 get_client_name(client_p, HIDE_IP));
+
+		notify_banned_client(client_p, kline, K_LINED);
+	}
+}
+
+
 /* check_dlines()
  *
  * inputs       -

ircd/hostmask.c

@@ -198,6 +198,9 @@ get_mask_hash(const char *text)
 
 /* struct ConfItem* find_conf_by_address(const char*, struct rb_sockaddr_storage*,
  *         int type, int fam, const char *username)
+ *
+ * This process needs to be kept in sync with check_one_kline().
+ *
  * Input: The hostname, the address, the type of mask to find, the address
  *        family, the username.
  * Output: The matching value with the highest precedence.

ircd/newconf.c

@@ -1616,15 +1616,6 @@ conf_set_general_hide_error_messages(void *data)
 		conf_report_error("Invalid setting '%s' for general::hide_error_messages.", val);
 }
 
-static void
-conf_set_general_kline_delay(void *data)
-{
-	ConfigFileEntry.kline_delay = *(unsigned int *) data;
-
-	/* THIS MUST BE HERE to stop us being unable to check klines */
-	kline_queued = false;
-}
-
 static void
 conf_set_general_stats_k_oper_only(void *data)
 {
@@ -2732,7 +2723,6 @@ static struct ConfEntry conf_general_table[] =
 	{ "compression_level", 	CF_INT,    conf_set_general_compression_level,	0, NULL },
 	{ "havent_read_conf", 	CF_YESNO,  conf_set_general_havent_read_conf,	0, NULL },
 	{ "hide_error_messages",CF_STRING, conf_set_general_hide_error_messages,0, NULL },
-	{ "kline_delay", 	CF_TIME,   conf_set_general_kline_delay,	0, NULL },
 	{ "stats_k_oper_only", 	CF_STRING, conf_set_general_stats_k_oper_only,	0, NULL },
 	{ "stats_i_oper_only", 	CF_STRING, conf_set_general_stats_i_oper_only,	0, NULL },
 	{ "default_umodes",	CF_QSTRING, conf_set_general_default_umodes, 0, NULL },

ircd/s_conf.c

@@ -707,7 +707,6 @@ set_default_conf(void)
 	ConfigFileEntry.client_exit = true;
 	ConfigFileEntry.dline_with_reason = true;
 	ConfigFileEntry.kline_with_reason = true;
-	ConfigFileEntry.kline_delay = 0;
 	ConfigFileEntry.warn_no_nline = true;
 	ConfigFileEntry.non_redundant_klines = true;
 	ConfigFileEntry.stats_e_disabled = false;

modules/core/m_ban.c

@@ -286,20 +286,7 @@ ms_ban(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source_p
 			else
 			{
 				add_conf_by_address(aconf->host, CONF_KILL, aconf->user, NULL, aconf);
-				if(ConfigFileEntry.kline_delay ||
+				check_one_kline(aconf);
-						(IsServer(source_p) &&
-						 !HasSentEob(source_p)))
-				{
-					if(kline_queued == 0)
-					{
-						rb_event_addonce("check_klines", check_klines_event, NULL,
-							ConfigFileEntry.kline_delay ?
-								ConfigFileEntry.kline_delay : 1);
-						kline_queued = 1;
-					}
-				}
-				else
-					check_klines();
 			}
 			break;
 		case CONF_XLINE:

modules/m_info.c

@@ -284,12 +284,6 @@ static struct InfoStruct info_table[] = {
 		&ConfigFileEntry.hide_spoof_ips,
 		"Hide IPs of spoofed users"
 	},
-	{
-		"kline_delay",
-		OUTPUT_DECIMAL,
-		&ConfigFileEntry.kline_delay,
-		"Duration of time to delay kline checking"
-	},
 	{
 		"kline_reason",
 		OUTPUT_STRING,

modules/m_kline.c

@@ -85,6 +85,7 @@ static void remove_permkline_match(struct Client *, struct ConfItem *);
 static bool remove_temp_kline(struct Client *, struct ConfItem *);
 static void remove_prop_kline(struct Client *, struct ConfItem *);
 
+
 /* mo_kline()
  *
  *   parv[1] - temp time or user@host
@@ -215,17 +216,7 @@ mo_kline(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source
 	else
 		apply_kline(source_p, aconf, reason, oper_reason);
 
-	if(ConfigFileEntry.kline_delay)
+	check_one_kline(aconf);
-	{
-		if(!kline_queued)
-		{
-			rb_event_addonce("check_klines", check_klines_event, NULL,
-					 ConfigFileEntry.kline_delay);
-			kline_queued = true;
-		}
-	}
-	else
-		check_klines();
 }
 
 /* ms_kline()
@@ -325,17 +316,7 @@ handle_remote_kline(struct Client *source_p, int tkline_time,
 	else
 		apply_kline(source_p, aconf, reason, oper_reason);
 
-	if(ConfigFileEntry.kline_delay)
+	check_one_kline(aconf);
-	{
-		if(!kline_queued)
-		{
-			rb_event_addonce("check_klines", check_klines_event, NULL,
-					 ConfigFileEntry.kline_delay);
-			kline_queued = true;
-		}
-	}
-	else
-		check_klines();
 }
 
 /* mo_unkline()