/* This code is in the public domain. */ #include "stdinc.h" #ifdef HAVE_LIBCRYPTO #include #include #include #if (OPENSSL_VERSION_NUMBER >= 0x30000000L) #include #include #endif #endif #include "newconf.h" #include "ircd_defs.h" #include "logger.h" #include "s_conf.h" #include "s_user.h" #include "s_newconf.h" #include "send.h" #include "setup.h" #include "modules.h" #include "listener.h" #include "hostmask.h" #include "s_serv.h" #include "hash.h" #include "cache.h" #include "ircd.h" #include "snomask.h" #include "sslproc.h" #include "wsproc.h" #include "privilege.h" #include "chmode.h" #include "certfp.h" #define CF_TYPE(x) ((x) & CF_MTYPE) static int yy_defer_accept = 1; static int yy_wsock = 0; struct TopConf *conf_cur_block; static char *conf_cur_block_name = NULL; static rb_dlink_list conf_items; static struct ConfItem *yy_aconf = NULL; static struct Class *yy_class = NULL; static struct remote_conf *yy_shared = NULL; static struct server_conf *yy_server = NULL; static rb_dlink_list yy_aconf_list; static rb_dlink_list yy_oper_list; static rb_dlink_list yy_cluster_list; static struct oper_conf *yy_oper = NULL; static struct alias_entry *yy_alias = NULL; static char *yy_dnsbl_entry_host = NULL; static char *yy_dnsbl_entry_reason = NULL; static uint8_t yy_dnsbl_entry_iptype = 0; static rb_dlink_list yy_dnsbl_entry_filters = { NULL, NULL, 0 }; static char *yy_opm_address_ipv4 = NULL; static char *yy_opm_address_ipv6 = NULL; static uint16_t yy_opm_port_ipv4 = 0; static uint16_t yy_opm_port_ipv6 = 0; static int yy_opm_timeout = 0; static rb_dlink_list yy_opm_scanner_list; static char *yy_privset_extends = NULL; static const char * conf_strtype(int type) { switch (CF_TYPE(type)) { case CF_INT: return "integer value"; case CF_STRING: return "unquoted string"; case CF_YESNO: return "yes/no value"; case CF_QSTRING: return "quoted string"; case CF_TIME: return "time/size value"; default: return "unknown type"; } } int add_top_conf(const char *name, int (*sfunc) (struct TopConf *), int (*efunc) (struct TopConf *), struct ConfEntry *items) { struct TopConf *tc; tc = rb_malloc(sizeof(struct TopConf)); tc->tc_name = name; tc->tc_sfunc = sfunc; tc->tc_efunc = efunc; tc->tc_entries = items; rb_dlinkAddAlloc(tc, &conf_items); return 0; } struct TopConf * find_top_conf(const char *name) { rb_dlink_node *d; struct TopConf *tc; RB_DLINK_FOREACH(d, conf_items.head) { tc = d->data; if(rb_strcasecmp(tc->tc_name, name) == 0) return tc; } return NULL; } struct ConfEntry * find_conf_item(const struct TopConf *top, const char *name) { struct ConfEntry *cf; rb_dlink_node *d; if(top->tc_entries) { int i; for(i = 0; top->tc_entries[i].cf_type; i++) { cf = &top->tc_entries[i]; if(!rb_strcasecmp(cf->cf_name, name)) return cf; } } RB_DLINK_FOREACH(d, top->tc_items.head) { cf = d->data; if(rb_strcasecmp(cf->cf_name, name) == 0) return cf; } return NULL; } int remove_top_conf(char *name) { struct TopConf *tc; rb_dlink_node *ptr; if((tc = find_top_conf(name)) == NULL) return -1; if((ptr = rb_dlinkFind(tc, &conf_items)) == NULL) return -1; rb_dlinkDestroy(ptr, &conf_items); rb_free(tc); return 0; } static void conf_set_serverinfo_name(void *data) { if(ServerInfo.name == NULL) { const char *s; int dots = 0; for(s = data; *s != '\0'; s++) { if(!IsServChar(*s)) { conf_report_error("Ignoring serverinfo::name " "-- bogus servername."); return; } else if(*s == '.') ++dots; } if(!dots) { conf_report_error("Ignoring serverinfo::name -- must contain '.'"); return; } s = data; if(IsDigit(*s)) { conf_report_error("Ignoring serverinfo::name -- cannot begin with digit."); return; } /* the ircd will exit() in main() if we dont set one */ if(strlen(s) <= HOSTLEN) ServerInfo.name = rb_strdup((char *) data); } } static void conf_set_serverinfo_sid(void *data) { char *sid = data; if(ServerInfo.sid[0] == '\0') { if(!IsDigit(sid[0]) || !IsIdChar(sid[1]) || !IsIdChar(sid[2]) || sid[3] != '\0') { conf_report_error("Ignoring serverinfo::sid " "-- bogus sid."); return; } rb_strlcpy(ServerInfo.sid, sid, sizeof(ServerInfo.sid)); } } static void conf_set_serverinfo_network_name(void *data) { char *p; if((p = strchr((char *) data, ' '))) *p = '\0'; rb_free(ServerInfo.network_name); ServerInfo.network_name = rb_strdup((char *) data); } static void conf_set_serverinfo_vhost(void *data) { struct rb_sockaddr_storage addr; if(rb_inet_pton_sock(data, &addr) <= 0 || GET_SS_FAMILY(&addr) != AF_INET) { conf_report_error("Invalid IPv4 address for server vhost (%s)", (char *) data); return; } ServerInfo.bind4 = addr; } static void conf_set_serverinfo_vhost6(void *data) { struct rb_sockaddr_storage addr; if(rb_inet_pton_sock(data, &addr) <= 0 || GET_SS_FAMILY(&addr) != AF_INET6) { conf_report_error("Invalid IPv6 address for server vhost (%s)", (char *) data); return; } ServerInfo.bind6 = addr; } static void conf_set_serverinfo_nicklen(void *data) { ConfigFileEntry.nicklen = (*(unsigned int *) data) + 1; if (ConfigFileEntry.nicklen > NICKLEN) { conf_report_error("Warning -- ignoring serverinfo::nicklen -- provided nicklen (%u) is greater than allowed nicklen (%u)", ConfigFileEntry.nicklen - 1, NICKLEN - 1); ConfigFileEntry.nicklen = NICKLEN; } else if (ConfigFileEntry.nicklen < 9 + 1) { conf_report_error("Warning -- serverinfo::nicklen is too low (%u) -- forcing 9", ConfigFileEntry.nicklen - 1); ConfigFileEntry.nicklen = 9 + 1; } } static void conf_set_modules_module(void *data) { char *m_bn; m_bn = rb_basename((char *) data); if(findmodule_byname(m_bn) == NULL) load_one_module((char *) data, MAPI_ORIGIN_EXTENSION, false); rb_free(m_bn); } static void conf_set_modules_path(void *data) { mod_add_path((char *) data); } struct mode_table { const char *name; int mode; }; /* *INDENT-OFF* */ static struct mode_table umode_table[] = { {"deaf", UMODE_DEAF }, {"invisible", UMODE_INVISIBLE }, {"locops", UMODE_LOCOPS }, {"noforward", UMODE_NOFORWARD }, {"servnotice", UMODE_SERVNOTICE}, {"wallop", UMODE_WALLOP }, {"operwall", UMODE_OPERWALL }, {NULL, 0} }; static struct mode_table oper_table[] = { {"encrypted", OPER_ENCRYPTED }, {"need_ssl", OPER_NEEDSSL }, {NULL, 0} }; static struct mode_table auth_table[] = { {"encrypted", CONF_FLAGS_ENCRYPTED }, {"spoof_notice", CONF_FLAGS_SPOOF_NOTICE }, {"exceed_limit", CONF_FLAGS_NOLIMIT }, {"dnsbl_exempt", CONF_FLAGS_EXEMPTDNSBL }, {"proxy_exempt", CONF_FLAGS_EXEMPTPROXY }, {"kline_exempt", CONF_FLAGS_EXEMPTKLINE }, {"flood_exempt", CONF_FLAGS_EXEMPTFLOOD }, {"spambot_exempt", CONF_FLAGS_EXEMPTSPAMBOT }, {"shide_exempt", CONF_FLAGS_EXEMPTSHIDE }, {"jupe_exempt", CONF_FLAGS_EXEMPTJUPE }, {"resv_exempt", CONF_FLAGS_EXEMPTRESV }, {"no_tilde", CONF_FLAGS_NO_TILDE }, {"need_ident", CONF_FLAGS_NEED_IDENTD }, {"have_ident", CONF_FLAGS_NEED_IDENTD }, {"need_ssl", CONF_FLAGS_NEED_SSL }, {"need_sasl", CONF_FLAGS_NEED_SASL }, {"extend_chans", CONF_FLAGS_EXTEND_CHANS }, {"allow_sctp", CONF_FLAGS_ALLOW_SCTP }, {"kline_spoof_ip", CONF_FLAGS_KLINE_SPOOF }, {NULL, 0} }; static struct mode_table connect_table[] = { { "autoconn", SERVER_AUTOCONN }, { "compressed", 0 }, { "encrypted", SERVER_ENCRYPTED }, { "topicburst", SERVER_TB }, { "sctp", SERVER_SCTP }, { "ssl", SERVER_SSL }, { "no-export", SERVER_NO_EXPORT }, { NULL, 0 }, }; static struct mode_table cluster_table[] = { { "kline", SHARED_PKLINE }, { "tkline", SHARED_TKLINE }, { "unkline", SHARED_UNKLINE }, { "locops", SHARED_LOCOPS }, { "xline", SHARED_PXLINE }, { "txline", SHARED_TXLINE }, { "unxline", SHARED_UNXLINE }, { "resv", SHARED_PRESV }, { "tresv", SHARED_TRESV }, { "unresv", SHARED_UNRESV }, { "all", CLUSTER_ALL }, {NULL, 0} }; /* *INDENT-ON* */ static int find_umode(struct mode_table *tab, const char *name) { int i; for (i = 0; tab[i].name; i++) { if(strcmp(tab[i].name, name) == 0) return tab[i].mode; } return -1; } static void set_modes_from_table(int *modes, const char *whatis, struct mode_table *tab, conf_parm_t * args) { for (; args; args = args->next) { const char *umode; int dir = 1; int mode; if(CF_TYPE(args->type) != CF_STRING) { conf_report_error("Warning -- %s is not a string; ignoring.", whatis); continue; } umode = args->v.string; if(*umode == '~') { dir = 0; umode++; } mode = find_umode(tab, umode); if(mode == -1) { conf_report_error("Warning -- unknown %s %s.", whatis, args->v.string); continue; } if(mode) { if(dir) *modes |= mode; else *modes &= ~mode; } else *modes = 0; } } static void parse_umodes(const char *pm, int *values, int *mask) { int what = MODE_ADD, flag; *values = 0; if (NULL != mask) *mask = 0; for (; *pm; pm++) { switch (*pm) { case '+': what = MODE_ADD; break; case '-': what = MODE_DEL; break; /* don't allow +o */ case 'o': case 'S': case 'Z': case ' ': break; default: flag = user_modes[(unsigned char) *pm]; if (flag) { /* Proper value has probably not yet been set * so don't check oper_only_umodes -- jilles */ if (what == MODE_ADD) *values |= flag; else *values &= ~flag; if (NULL != mask) *mask |= flag; } break; } } } static void conf_set_privset_extends(void *data) { yy_privset_extends = rb_strdup((char *) data); } static void conf_set_privset_privs(void *data) { char *privs = NULL; conf_parm_t *args = data; for (; args; args = args->next) { if (privs == NULL) privs = rb_strdup(args->v.string); else { char *privs_old = privs; privs = rb_malloc(strlen(privs_old) + 1 + strlen(args->v.string) + 1); strcpy(privs, privs_old); strcat(privs, " "); strcat(privs, args->v.string); rb_free(privs_old); } } if (privs) { if (yy_privset_extends) { struct PrivilegeSet *set = privilegeset_get(yy_privset_extends); if (!set) { conf_report_error("Warning -- unknown parent privilege set %s for %s; assuming defaults", yy_privset_extends, conf_cur_block_name); set = privilegeset_get("default"); } privilegeset_extend(set, conf_cur_block_name != NULL ? conf_cur_block_name : "", privs, 0); rb_free(yy_privset_extends); yy_privset_extends = NULL; } else privilegeset_set_new(conf_cur_block_name != NULL ? conf_cur_block_name : "", privs, 0); rb_free(privs); } } static int conf_begin_oper(struct TopConf *tc) { rb_dlink_node *ptr; rb_dlink_node *next_ptr; if(yy_oper != NULL) { free_oper_conf(yy_oper); yy_oper = NULL; } RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_oper_list.head) { free_oper_conf(ptr->data); rb_dlinkDestroy(ptr, &yy_oper_list); } yy_oper = make_oper_conf(); yy_oper->flags |= OPER_ENCRYPTED; return 0; } static int conf_end_oper(struct TopConf *tc) { struct oper_conf *yy_tmpoper; rb_dlink_node *ptr; rb_dlink_node *next_ptr; if(conf_cur_block_name != NULL) { if(strlen(conf_cur_block_name) > OPERNICKLEN) conf_cur_block_name[OPERNICKLEN] = '\0'; yy_oper->name = rb_strdup(conf_cur_block_name); } if(EmptyString(yy_oper->name)) { conf_report_error("Ignoring operator block -- missing name."); return 0; } #ifdef HAVE_LIBCRYPTO if(EmptyString(yy_oper->passwd) && EmptyString(yy_oper->rsa_pubkey_file)) #else if(EmptyString(yy_oper->passwd)) #endif { conf_report_error("Ignoring operator block for %s -- missing password", yy_oper->name); return 0; } if (!yy_oper->privset) yy_oper->privset = privilegeset_get("default"); /* now, yy_oper_list contains a stack of oper_conf's with just user * and host in, yy_oper contains the rest of the information which * we need to copy into each element in yy_oper_list */ RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_oper_list.head) { yy_tmpoper = ptr->data; yy_tmpoper->name = rb_strdup(yy_oper->name); /* could be an rsa key instead.. */ if(!EmptyString(yy_oper->passwd)) yy_tmpoper->passwd = rb_strdup(yy_oper->passwd); yy_tmpoper->flags = yy_oper->flags; yy_tmpoper->umodes = yy_oper->umodes; yy_tmpoper->snomask = yy_oper->snomask; yy_tmpoper->privset = yy_oper->privset; #ifdef HAVE_LIBCRYPTO if(yy_oper->rsa_pubkey_file) { BIO *file; if((file = BIO_new_file(yy_oper->rsa_pubkey_file, "r")) == NULL) { conf_report_error("Ignoring operator block for %s -- " "rsa_public_key_file cant be opened", yy_tmpoper->name); return 0; } #if (OPENSSL_VERSION_NUMBER >= 0x30000000L) OSSL_DECODER_CTX *const ctx = OSSL_DECODER_CTX_new_for_pkey( &yy_tmpoper->rsa_pubkey, "PEM", NULL, "RSA", OSSL_KEYMGMT_SELECT_PUBLIC_KEY, NULL, NULL); if(ctx != NULL) { if(OSSL_DECODER_CTX_get_num_decoders(ctx) < 1 || OSSL_DECODER_from_bio(ctx, file) < 1) { EVP_PKEY_free(yy_tmpoper->rsa_pubkey); yy_tmpoper->rsa_pubkey = NULL; } OSSL_DECODER_CTX_free(ctx); } #else yy_tmpoper->rsa_pubkey = (RSA *) PEM_read_bio_RSA_PUBKEY(file, NULL, 0, NULL); #endif (void)BIO_set_close(file, BIO_CLOSE); BIO_free(file); if(yy_tmpoper->rsa_pubkey == NULL) { conf_report_error("Ignoring operator block for %s -- " "rsa_public_key_file key invalid; check syntax", yy_tmpoper->name); return 0; } } if(!EmptyString(yy_oper->certfp)) yy_tmpoper->certfp = rb_strdup(yy_oper->certfp); #endif /* all is ok, put it on oper_conf_list */ rb_dlinkMoveNode(ptr, &yy_oper_list, &oper_conf_list); } free_oper_conf(yy_oper); yy_oper = NULL; return 0; } static void conf_set_oper_flags(void *data) { conf_parm_t *args = data; set_modes_from_table(&yy_oper->flags, "flag", oper_table, args); } static void conf_set_oper_fingerprint(void *data) { if (yy_oper->certfp) rb_free(yy_oper->certfp); yy_oper->certfp = rb_strdup((char *) data); } static void conf_set_oper_privset(void *data) { yy_oper->privset = privilegeset_get((char *) data); } static void conf_set_oper_user(void *data) { struct oper_conf *yy_tmpoper; char *p; char *host = (char *) data; yy_tmpoper = make_oper_conf(); if((p = strchr(host, '@'))) { *p++ = '\0'; yy_tmpoper->username = rb_strdup(host); yy_tmpoper->host = rb_strdup(p); } else { yy_tmpoper->username = rb_strdup("*"); yy_tmpoper->host = rb_strdup(host); } if(EmptyString(yy_tmpoper->username) || EmptyString(yy_tmpoper->host)) { conf_report_error("Ignoring user -- missing username/host"); free_oper_conf(yy_tmpoper); return; } rb_dlinkAddAlloc(yy_tmpoper, &yy_oper_list); } static void conf_set_oper_password(void *data) { if(yy_oper->passwd) { memset(yy_oper->passwd, 0, strlen(yy_oper->passwd)); rb_free(yy_oper->passwd); } yy_oper->passwd = rb_strdup((char *) data); } static void conf_set_oper_rsa_public_key_file(void *data) { #ifdef HAVE_LIBCRYPTO rb_free(yy_oper->rsa_pubkey_file); yy_oper->rsa_pubkey_file = rb_strdup((char *) data); #else conf_report_error("Warning -- ignoring rsa_public_key_file (OpenSSL support not available"); #endif } static void conf_set_oper_umodes(void *data) { set_modes_from_table(&yy_oper->umodes, "umode", umode_table, data); } static void conf_set_oper_snomask(void *data) { yy_oper->snomask = parse_snobuf_to_mask(0, (const char *) data); } static int conf_begin_class(struct TopConf *tc) { if(yy_class) free_class(yy_class); yy_class = make_class(); return 0; } static int conf_end_class(struct TopConf *tc) { if(conf_cur_block_name != NULL) yy_class->class_name = rb_strdup(conf_cur_block_name); if(EmptyString(yy_class->class_name)) { conf_report_error("Ignoring class block -- missing name."); return 0; } add_class(yy_class); yy_class = NULL; return 0; } static void conf_set_class_ping_time(void *data) { yy_class->ping_freq = *(unsigned int *) data; } static void conf_set_class_cidr_ipv4_bitlen(void *data) { unsigned int maxsize = 32; if(*(unsigned int *) data > maxsize) conf_report_error ("class::cidr_ipv4_bitlen argument exceeds maxsize (%d > %d) - ignoring.", *(unsigned int *) data, maxsize); else yy_class->cidr_ipv4_bitlen = *(unsigned int *) data; } static void conf_set_class_cidr_ipv6_bitlen(void *data) { unsigned int maxsize = 128; if(*(unsigned int *) data > maxsize) conf_report_error ("class::cidr_ipv6_bitlen argument exceeds maxsize (%d > %d) - ignoring.", *(unsigned int *) data, maxsize); else yy_class->cidr_ipv6_bitlen = *(unsigned int *) data; } static void conf_set_class_number_per_cidr(void *data) { yy_class->cidr_amount = *(unsigned int *) data; } static void conf_set_class_number_per_ip(void *data) { yy_class->max_local = *(unsigned int *) data; } static void conf_set_class_number_per_ip_global(void *data) { yy_class->max_global = *(unsigned int *) data; } static void conf_set_class_number_per_ident(void *data) { yy_class->max_ident = *(unsigned int *) data; } static void conf_set_class_connectfreq(void *data) { yy_class->con_freq = *(unsigned int *) data; } static void conf_set_class_max_number(void *data) { yy_class->max_total = *(unsigned int *) data; } static void conf_set_class_max_autoconn(void *data) { yy_class->max_autoconn = *(unsigned int *) data; } static void conf_set_class_sendq(void *data) { yy_class->max_sendq = *(unsigned int *) data; } static char *listener_address[2]; static int conf_begin_listen(struct TopConf *tc) { for (int i = 0; i < ARRAY_SIZE(listener_address); i++) { rb_free(listener_address[i]); listener_address[i] = NULL; } yy_wsock = 0; yy_defer_accept = 0; return 0; } static int conf_end_listen(struct TopConf *tc) { for (int i = 0; i < ARRAY_SIZE(listener_address); i++) { rb_free(listener_address[i]); listener_address[i] = NULL; } yy_wsock = 0; yy_defer_accept = 0; return 0; } static void conf_set_listen_defer_accept(void *data) { yy_defer_accept = *(unsigned int *) data; } static void conf_set_listen_wsock(void *data) { yy_wsock = *(unsigned int *) data; } static void conf_set_listen_port_both(void *data, int ssl, int sctp) { conf_parm_t *args = data; for (; args; args = args->next) { if(CF_TYPE(args->type) != CF_INT) { conf_report_error("listener::port argument is not an integer -- ignoring."); continue; } if(listener_address[0] == NULL) { if (sctp) { conf_report_error("listener::sctp_port has no addresses -- ignoring."); } else { add_tcp_listener(args->v.number, NULL, AF_INET, ssl, ssl || yy_defer_accept, yy_wsock); add_tcp_listener(args->v.number, NULL, AF_INET6, ssl, ssl || yy_defer_accept, yy_wsock); } } else { int family; if(strchr(listener_address[0], ':') != NULL) family = AF_INET6; else family = AF_INET; if (sctp) { #ifdef HAVE_LIBSCTP add_sctp_listener(args->v.number, listener_address[0], listener_address[1], ssl, yy_wsock); #else conf_report_error("Warning -- ignoring listener::sctp_port -- SCTP support not available."); #endif } else { add_tcp_listener(args->v.number, listener_address[0], family, ssl, ssl || yy_defer_accept, yy_wsock); } } } } static void conf_set_listen_port(void *data) { conf_set_listen_port_both(data, 0, 0); } static void conf_set_listen_sslport(void *data) { conf_set_listen_port_both(data, 1, 0 ); } static void conf_set_listen_sctp_port(void *data) { conf_set_listen_port_both(data, 0, 1); } static void conf_set_listen_sctp_sslport(void *data) { conf_set_listen_port_both(data, 1, 1); } static void conf_set_listen_address(void *data) { rb_free(listener_address[1]); listener_address[1] = listener_address[0]; listener_address[0] = rb_strdup(data); } static int conf_begin_auth(struct TopConf *tc) { rb_dlink_node *ptr; rb_dlink_node *next_ptr; if(yy_aconf) free_conf(yy_aconf); RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_aconf_list.head) { free_conf(ptr->data); rb_dlinkDestroy(ptr, &yy_aconf_list); } yy_aconf = make_conf(); yy_aconf->status = CONF_CLIENT; return 0; } static int conf_end_auth(struct TopConf *tc) { struct ConfItem *yy_tmp, *found_conf; rb_dlink_node *ptr; rb_dlink_node *next_ptr; if(EmptyString(yy_aconf->info.name)) yy_aconf->info.name = rb_strdup("NOMATCH"); /* didnt even get one ->host? */ if(EmptyString(yy_aconf->host)) { conf_report_error("Ignoring auth block -- missing user@host"); return 0; } /* so the stacking works in order.. */ collapse(yy_aconf->user); collapse(yy_aconf->host); conf_add_class_to_conf(yy_aconf); if ((found_conf = find_exact_conf_by_address("*", CONF_CLIENT, "*")) && found_conf->spasswd == NULL) conf_report_error("Ignoring redundant auth block (after *@*)"); else if ((found_conf = find_exact_conf_by_address(yy_aconf->host, CONF_CLIENT, yy_aconf->user)) && (!found_conf->spasswd || (yy_aconf->spasswd && 0 == irccmp(found_conf->spasswd, yy_aconf->spasswd)))) conf_report_error("Ignoring duplicate auth block for %s@%s", yy_aconf->user, yy_aconf->host); else add_conf_by_address(yy_aconf->host, CONF_CLIENT, yy_aconf->user, yy_aconf->spasswd, yy_aconf); RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_aconf_list.head) { yy_tmp = ptr->data; if(yy_aconf->passwd) yy_tmp->passwd = rb_strdup(yy_aconf->passwd); if(yy_aconf->spasswd) yy_tmp->spasswd = rb_strdup(yy_aconf->spasswd); /* this will always exist.. */ yy_tmp->info.name = rb_strdup(yy_aconf->info.name); if(yy_aconf->className) yy_tmp->className = rb_strdup(yy_aconf->className); if(yy_aconf->desc) yy_tmp->desc = rb_strdup(yy_aconf->desc); yy_tmp->flags = yy_aconf->flags; yy_tmp->port = yy_aconf->port; collapse(yy_tmp->user); collapse(yy_tmp->host); conf_add_class_to_conf(yy_tmp); if ((found_conf = find_exact_conf_by_address("*", CONF_CLIENT, "*")) && found_conf->spasswd == NULL) conf_report_error("Ignoring redundant auth block (after *@*)"); else if ((found_conf = find_exact_conf_by_address(yy_tmp->host, CONF_CLIENT, yy_tmp->user)) && (!found_conf->spasswd || (yy_tmp->spasswd && 0 == irccmp(found_conf->spasswd, yy_tmp->spasswd)))) conf_report_error("Ignoring duplicate auth block for %s@%s", yy_tmp->user, yy_tmp->host); else add_conf_by_address(yy_tmp->host, CONF_CLIENT, yy_tmp->user, yy_tmp->spasswd, yy_tmp); rb_dlinkDestroy(ptr, &yy_aconf_list); } yy_aconf = NULL; return 0; } static void conf_set_auth_user(void *data) { struct ConfItem *yy_tmp; char *p; /* The first user= line doesn't allocate a new conf */ if(!EmptyString(yy_aconf->host)) { yy_tmp = make_conf(); yy_tmp->status = CONF_CLIENT; } else yy_tmp = yy_aconf; if((p = strchr(data, '@'))) { *p++ = '\0'; yy_tmp->user = rb_strdup(data); yy_tmp->host = rb_strdup(p); } else { yy_tmp->user = rb_strdup("*"); yy_tmp->host = rb_strdup(data); } if(yy_aconf != yy_tmp) rb_dlinkAddAlloc(yy_tmp, &yy_aconf_list); } static void conf_set_auth_auth_user(void *data) { if(yy_aconf->spasswd) memset(yy_aconf->spasswd, 0, strlen(yy_aconf->spasswd)); rb_free(yy_aconf->spasswd); yy_aconf->spasswd = rb_strdup(data); } static void conf_set_auth_passwd(void *data) { if(yy_aconf->passwd) memset(yy_aconf->passwd, 0, strlen(yy_aconf->passwd)); rb_free(yy_aconf->passwd); yy_aconf->passwd = rb_strdup(data); } static void conf_set_auth_spoof(void *data) { char *p; char *user = NULL; char *host = NULL; host = data; /* user@host spoof */ if((p = strchr(host, '@')) != NULL) { *p = '\0'; user = data; host = p+1; if(EmptyString(user)) { conf_report_error("Warning -- spoof ident empty."); return; } if(strlen(user) > USERLEN) { conf_report_error("Warning -- spoof ident length invalid."); return; } if(!valid_username(user)) { conf_report_error("Warning -- invalid spoof (ident)."); return; } /* this must be restored! */ *p = '@'; } if(EmptyString(host)) { conf_report_error("Warning -- spoof host empty."); return; } if(strlen(host) > HOSTLEN) { conf_report_error("Warning -- spoof host length invalid."); return; } if(!valid_hostname(host)) { conf_report_error("Warning -- invalid spoof (host)."); return; } rb_free(yy_aconf->info.name); yy_aconf->info.name = rb_strdup(data); yy_aconf->flags |= CONF_FLAGS_SPOOF_IP; } static void conf_set_auth_desc(void *data) { rb_free(yy_aconf->desc); yy_aconf->desc = rb_strdup(data); } static void conf_set_auth_flags(void *data) { conf_parm_t *args = data; set_modes_from_table((int *) &yy_aconf->flags, "flag", auth_table, args); } static void conf_set_auth_redir_serv(void *data) { yy_aconf->flags |= CONF_FLAGS_REDIR; rb_free(yy_aconf->info.name); yy_aconf->info.name = rb_strdup(data); } static void conf_set_auth_redir_port(void *data) { int port = *(unsigned int *) data; yy_aconf->flags |= CONF_FLAGS_REDIR; yy_aconf->port = port; } static void conf_set_auth_class(void *data) { rb_free(yy_aconf->className); yy_aconf->className = rb_strdup(data); } static void conf_set_auth_umodes(void *data) { char *umodes = data; parse_umodes(umodes, &yy_aconf->umodes, &yy_aconf->umodes_mask); } static int conf_begin_connect(struct TopConf *tc) { if(yy_server) free_server_conf(yy_server); yy_server = make_server_conf(); yy_server->port = PORTNUM; yy_server->flags |= SERVER_TB; if(conf_cur_block_name != NULL) yy_server->name = rb_strdup(conf_cur_block_name); return 0; } static int conf_end_connect(struct TopConf *tc) { if (EmptyString(yy_server->name)) { conf_report_error("Ignoring connect block -- missing name."); return 0; } if (ServerInfo.name != NULL && !irccmp(ServerInfo.name, yy_server->name)) { conf_report_error("Ignoring connect block for %s -- name is " "equal to my own name.", yy_server->name); return 0; } if ((EmptyString(yy_server->passwd) || EmptyString(yy_server->spasswd)) && EmptyString(yy_server->certfp)) { conf_report_error("Ignoring connect block for %s -- no " "fingerprint or password credentials " "provided.", yy_server->name); return 0; } if ((yy_server->flags & SERVER_SSL) && EmptyString(yy_server->certfp)) { conf_report_error("Ignoring connect block for %s -- no " "fingerprint provided for SSL " "connection.", yy_server->name); return 0; } if (! (yy_server->flags & SERVER_SSL) && ! EmptyString(yy_server->certfp)) { conf_report_error("Ignoring connect block for %s -- " "fingerprint authentication has " "been requested; but the ssl flag " "is not set.", yy_server->name); return 0; } if (EmptyString(yy_server->connect_host) && GET_SS_FAMILY(&yy_server->connect4) != AF_INET && GET_SS_FAMILY(&yy_server->connect6) != AF_INET6) { conf_report_error("Ignoring connect block for %s -- missing " "host.", yy_server->name); return 0; } add_server_conf(yy_server); rb_dlinkAdd(yy_server, &yy_server->node, &server_conf_list); yy_server = NULL; return 0; } static void conf_set_connect_host(void *data) { struct rb_sockaddr_storage addr; if(rb_inet_pton_sock(data, &addr) <= 0) { rb_free(yy_server->connect_host); yy_server->connect_host = rb_strdup(data); } else if(GET_SS_FAMILY(&addr) == AF_INET) { yy_server->connect4 = addr; } else if(GET_SS_FAMILY(&addr) == AF_INET6) { yy_server->connect6 = addr; } else { conf_report_error("Unsupported IP address for server connect host (%s)", (char *)data); return; } } static void conf_set_connect_vhost(void *data) { struct rb_sockaddr_storage addr; if(rb_inet_pton_sock(data, &addr) <= 0) { rb_free(yy_server->bind_host); yy_server->bind_host = rb_strdup(data); } else if(GET_SS_FAMILY(&addr) == AF_INET) { yy_server->bind4 = addr; } else if(GET_SS_FAMILY(&addr) == AF_INET6) { yy_server->bind6 = addr; } else { conf_report_error("Unsupported IP address for server connect vhost (%s)", (char *)data); return; } } static void conf_set_connect_send_password(void *data) { if(yy_server->spasswd) { memset(yy_server->spasswd, 0, strlen(yy_server->spasswd)); rb_free(yy_server->spasswd); } if (EmptyString((const char *) data)) { yy_server->spasswd = NULL; conf_report_warning("Invalid send_password for connect " "block; must not be empty if provided"); } else if (strpbrk(data, " :")) { yy_server->spasswd = NULL; conf_report_error("Invalid send_password for connect " "block; cannot contain spaces or colons"); } else yy_server->spasswd = rb_strdup(data); } static void conf_set_connect_accept_password(void *data) { if(yy_server->passwd) { memset(yy_server->passwd, 0, strlen(yy_server->passwd)); rb_free(yy_server->passwd); } if (EmptyString((const char *) data)) { yy_server->passwd = NULL; conf_report_warning("Invalid accept_password for connect " "block; must not be empty if provided"); } else if (strpbrk(data, " :")) { yy_server->passwd = NULL; conf_report_error("Invalid accept_password for connect " "block; cannot contain spaces or colons"); } else yy_server->passwd = rb_strdup(data); } static void conf_set_connect_fingerprint(void *data) { if (yy_server->certfp) rb_free(yy_server->certfp); yy_server->certfp = rb_strdup((char *) data); /* force SSL to be enabled if fingerprint is enabled. */ yy_server->flags |= SERVER_SSL; } static void conf_set_connect_port(void *data) { int port = *(unsigned int *) data; if(port < 1) port = PORTNUM; yy_server->port = port; } static void conf_set_connect_aftype(void *data) { char *aft = data; if(rb_strcasecmp(aft, "ipv4") == 0) yy_server->aftype = AF_INET; else if(rb_strcasecmp(aft, "ipv6") == 0) yy_server->aftype = AF_INET6; else conf_report_error("connect::aftype '%s' is unknown.", aft); } static void conf_set_connect_flags(void *data) { conf_parm_t *args = data; set_modes_from_table(&yy_server->flags, "flag", connect_table, args); } static void conf_set_connect_class(void *data) { rb_free(yy_server->class_name); yy_server->class_name = rb_strdup(data); } static void conf_set_exempt_ip(void *data) { struct ConfItem *yy_tmp; int masktype = parse_netmask_strict(data, NULL, NULL); if(masktype != HM_IPV4 && masktype != HM_IPV6) { conf_report_error("Ignoring exempt -- invalid exempt::ip."); return; } yy_tmp = make_conf(); yy_tmp->passwd = rb_strdup("*"); yy_tmp->host = rb_strdup(data); yy_tmp->status = CONF_EXEMPTDLINE; add_conf_by_address(yy_tmp->host, CONF_EXEMPTDLINE, NULL, NULL, yy_tmp); } static void conf_set_secure_ip(void *data) { struct ConfItem *yy_tmp; int masktype = parse_netmask_strict(data, NULL, NULL); if(masktype != HM_IPV4 && masktype != HM_IPV6) { conf_report_error("Ignoring secure -- invalid secure::ip."); return; } yy_tmp = make_conf(); yy_tmp->passwd = rb_strdup("*"); yy_tmp->host = rb_strdup(data); yy_tmp->status = CONF_SECURE; add_conf_by_address(yy_tmp->host, CONF_SECURE, NULL, NULL, yy_tmp); } static int conf_cleanup_cluster(struct TopConf *tc) { rb_dlink_node *ptr, *next_ptr; RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_cluster_list.head) { free_remote_conf(ptr->data); rb_dlinkDestroy(ptr, &yy_cluster_list); } if(yy_shared != NULL) { free_remote_conf(yy_shared); yy_shared = NULL; } return 0; } static void conf_set_cluster_name(void *data) { if(yy_shared != NULL) free_remote_conf(yy_shared); yy_shared = make_remote_conf(); yy_shared->server = rb_strdup(data); rb_dlinkAddAlloc(yy_shared, &yy_cluster_list); yy_shared = NULL; } static void conf_set_cluster_flags(void *data) { conf_parm_t *args = data; int flags = 0; rb_dlink_node *ptr, *next_ptr; if(yy_shared != NULL) free_remote_conf(yy_shared); set_modes_from_table(&flags, "flag", cluster_table, args); RB_DLINK_FOREACH_SAFE(ptr, next_ptr, yy_cluster_list.head) { yy_shared = ptr->data; yy_shared->flags = flags; rb_dlinkAddTail(yy_shared, &yy_shared->node, &cluster_conf_list); rb_dlinkDestroy(ptr, &yy_cluster_list); } yy_shared = NULL; } static void conf_set_general_havent_read_conf(void *data) { if(*(unsigned int *) data) { conf_report_error("You haven't read your config file properly."); conf_report_error ("There is a line in the example conf that will kill your server if not removed."); conf_report_error ("Consider actually reading/editing the conf file, and removing this line."); if (!testing_conf) exit(0); } } static void conf_set_general_hide_error_messages(void *data) { char *val = data; if(rb_strcasecmp(val, "yes") == 0) ConfigFileEntry.hide_error_messages = 2; else if(rb_strcasecmp(val, "opers") == 0) ConfigFileEntry.hide_error_messages = 1; else if(rb_strcasecmp(val, "no") == 0) ConfigFileEntry.hide_error_messages = 0; else conf_report_error("Invalid setting '%s' for general::hide_error_messages.", val); } static void conf_set_general_stats_k_oper_only(void *data) { char *val = data; if(rb_strcasecmp(val, "yes") == 0) ConfigFileEntry.stats_k_oper_only = 2; else if(rb_strcasecmp(val, "masked") == 0) ConfigFileEntry.stats_k_oper_only = 1; else if(rb_strcasecmp(val, "no") == 0) ConfigFileEntry.stats_k_oper_only = 0; else conf_report_error("Invalid setting '%s' for general::stats_k_oper_only.", val); } static void conf_set_general_stats_i_oper_only(void *data) { char *val = data; if(rb_strcasecmp(val, "yes") == 0) ConfigFileEntry.stats_i_oper_only = 2; else if(rb_strcasecmp(val, "masked") == 0) ConfigFileEntry.stats_i_oper_only = 1; else if(rb_strcasecmp(val, "no") == 0) ConfigFileEntry.stats_i_oper_only = 0; else conf_report_error("Invalid setting '%s' for general::stats_i_oper_only.", val); } static void conf_set_general_stats_l_oper_only(void *data) { char *val = data; if(rb_strcasecmp(val, "yes") == 0) ConfigFileEntry.stats_l_oper_only = STATS_L_OPER_ONLY_YES; else if(rb_strcasecmp(val, "self") == 0) ConfigFileEntry.stats_l_oper_only = STATS_L_OPER_ONLY_SELF; else if(rb_strcasecmp(val, "no") == 0) ConfigFileEntry.stats_l_oper_only = STATS_L_OPER_ONLY_NO; else conf_report_error("Invalid setting '%s' for general::stats_l_oper_only.", val); } static void conf_set_general_default_umodes(void *data) { char *umodes = data; parse_umodes(umodes, &ConfigFileEntry.default_umodes, NULL); } static void conf_set_general_oper_umodes(void *data) { set_modes_from_table(&ConfigFileEntry.oper_umodes, "umode", umode_table, data); } static void conf_set_general_certfp_method(void *data) { char *method = data; if (!rb_strcasecmp(method, CERTFP_NAME_CERT_SHA1)) ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_CERT_SHA1; else if (!rb_strcasecmp(method, CERTFP_NAME_CERT_SHA256)) ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_CERT_SHA256; else if (!rb_strcasecmp(method, CERTFP_NAME_CERT_SHA512)) ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_CERT_SHA512; else if (!rb_strcasecmp(method, CERTFP_NAME_SPKI_SHA256)) ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SPKI_SHA256; else if (!rb_strcasecmp(method, CERTFP_NAME_SPKI_SHA512)) ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_SPKI_SHA512; else { ConfigFileEntry.certfp_method = RB_SSL_CERTFP_METH_CERT_SHA1; conf_report_error("Ignoring general::certfp_method -- bogus certfp method %s", method); } } static void conf_set_general_oper_only_umodes(void *data) { set_modes_from_table(&ConfigFileEntry.oper_only_umodes, "umode", umode_table, data); } static void conf_set_general_oper_snomask(void *data) { char *pm; int what = MODE_ADD, flag; ConfigFileEntry.oper_snomask = 0; for (pm = (char *) data; *pm; pm++) { switch (*pm) { case '+': what = MODE_ADD; break; case '-': what = MODE_DEL; break; default: if ((flag = snomask_modes[(unsigned char) *pm])) { if (what == MODE_ADD) ConfigFileEntry.oper_snomask |= flag; else ConfigFileEntry.oper_snomask &= ~flag; } break; } } } static void conf_set_general_hidden_caps(void *data) { size_t n = 0; for (conf_parm_t *arg = data; arg; arg = arg->next) n += 1; if (ConfigFileEntry.hidden_caps != NULL) { for (n = 0; ConfigFileEntry.hidden_caps[n] != NULL; n++) rb_free(ConfigFileEntry.hidden_caps[n]); rb_free(ConfigFileEntry.hidden_caps); } ConfigFileEntry.hidden_caps = rb_malloc(sizeof *ConfigFileEntry.hidden_caps * (n + 1)); n = 0; for (conf_parm_t *arg = data; arg; arg = arg->next) { ConfigFileEntry.hidden_caps[n++] = rb_strdup(arg->v.string); } ConfigFileEntry.hidden_caps[n] = NULL; } static void conf_set_serverhide_links_delay(void *data) { int val = *(unsigned int *) data; ConfigServerHide.links_delay = val; } static void conf_set_service_name(void *data) { const char *s; char *tmp; int dots = 0; for(s = data; *s != '\0'; s++) { if(!IsServChar(*s)) { conf_report_error("Ignoring service::name " "-- bogus servername."); return; } else if(*s == '.') dots++; } if(!dots) { conf_report_error("Ignoring service::name -- must contain '.'"); return; } tmp = rb_strdup(data); rb_dlinkAddAlloc(tmp, &service_list); } static int conf_begin_alias(struct TopConf *tc) { yy_alias = rb_malloc(sizeof(struct alias_entry)); if (conf_cur_block_name != NULL) yy_alias->name = rb_strdup(conf_cur_block_name); yy_alias->flags = 0; return 0; } static int conf_end_alias(struct TopConf *tc) { if (yy_alias == NULL) return -1; if (yy_alias->name == NULL) { conf_report_error("Ignoring alias -- must have a name."); rb_free(yy_alias); return -1; } if (yy_alias->target == NULL) { conf_report_error("Ignoring alias -- must have a target."); rb_free(yy_alias); return -1; } rb_dictionary_add(alias_dict, yy_alias->name, yy_alias); return 0; } static void conf_set_alias_name(void *data) { if (data == NULL || yy_alias == NULL) /* this shouldn't ever happen */ return; yy_alias->name = rb_strdup(data); } static void conf_set_alias_target(void *data) { if (data == NULL || yy_alias == NULL) /* this shouldn't ever happen */ return; yy_alias->target = rb_strdup(data); } static void conf_set_channel_autochanmodes(void *data) { char *pm; int what = MODE_ADD; ConfigChannel.autochanmodes = 0; for (pm = (char *) data; *pm; pm++) { switch (*pm) { case '+': what = MODE_ADD; break; case '-': what = MODE_DEL; break; default: if (chmode_table[(unsigned char) *pm].set_func == chm_simple) { if (what == MODE_ADD) ConfigChannel.autochanmodes |= chmode_table[(unsigned char) *pm].mode_type; else ConfigChannel.autochanmodes &= ~chmode_table[(unsigned char) *pm].mode_type; } else { conf_report_error("channel::autochanmodes -- Invalid channel mode %c", *pm); continue; } break; } } } /* XXX for below */ static void conf_set_dnsbl_entry_reason(void *data); #define IPTYPE_IPV4 1 #define IPTYPE_IPV6 2 static int conf_warn_blacklist_deprecation(struct TopConf *tc) { conf_report_error("blacklist{} blocks have been deprecated -- use dnsbl{} blocks instead."); return 0; } static void conf_set_dnsbl_entry_host(void *data) { if (yy_dnsbl_entry_host) { conf_report_error("dnsbl::host %s overlaps existing host %s", (char *)data, yy_dnsbl_entry_host); /* Cleanup */ conf_set_dnsbl_entry_reason(NULL); return; } yy_dnsbl_entry_iptype |= IPTYPE_IPV4; yy_dnsbl_entry_host = rb_strdup(data); } static void conf_set_dnsbl_entry_type(void *data) { conf_parm_t *args = data; /* Don't assume we have either if we got here */ yy_dnsbl_entry_iptype = 0; for (; args; args = args->next) { if (!rb_strcasecmp(args->v.string, "ipv4")) yy_dnsbl_entry_iptype |= IPTYPE_IPV4; else if (!rb_strcasecmp(args->v.string, "ipv6")) yy_dnsbl_entry_iptype |= IPTYPE_IPV6; else conf_report_error("dnsbl::type has unknown address family %s", args->v.string); } /* If we have neither, just default to IPv4 */ if (!yy_dnsbl_entry_iptype) { conf_report_warning("dnsbl::type has neither IPv4 nor IPv6 (defaulting to IPv4)"); yy_dnsbl_entry_iptype = IPTYPE_IPV4; } } static void conf_set_dnsbl_entry_matches(void *data) { conf_parm_t *args = data; enum filter_t { FILTER_NONE, FILTER_ALL, FILTER_LAST }; for (; args; args = args->next) { char *str = args->v.string; char *p; enum filter_t type = FILTER_LAST; if (CF_TYPE(args->type) != CF_QSTRING) { conf_report_error("dnsbl::matches -- must be quoted string"); continue; } if (str == NULL) { conf_report_error("dnsbl::matches -- invalid entry"); continue; } if (strlen(str) > HOSTIPLEN) { conf_report_error("dnsbl::matches has an entry too long: %s", str); continue; } for (p = str; *p != '\0'; p++) { /* Check for validity */ if (*p == '.') type = FILTER_ALL; else if (!isdigit((unsigned char)*p)) { conf_report_error("dnsbl::matches has invalid IP match entry %s", str); type = FILTER_NONE; break; } } if (type == FILTER_ALL) { /* Basic IP sanity check */ struct rb_sockaddr_storage tmp; if (rb_inet_pton(AF_INET, str, &tmp) <= 0) { conf_report_error("dnsbl::matches has invalid IP match entry %s", str); continue; } } else if (type == FILTER_LAST) { /* Verify it's the correct length */ if (strlen(str) > 3) { conf_report_error("dnsbl::matches has invalid octet match entry %s", str); continue; } } else { continue; /* Invalid entry */ } rb_dlinkAddAlloc(rb_strdup(str), &yy_dnsbl_entry_filters); } } static void conf_set_dnsbl_entry_reason(void *data) { rb_dlink_node *ptr, *nptr; if (yy_dnsbl_entry_host && data) { yy_dnsbl_entry_reason = rb_strdup(data); if (yy_dnsbl_entry_iptype & IPTYPE_IPV6) { /* Make sure things fit (magic number 64 = alnum count + dots) * Example: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa */ if ((64 + strlen(yy_dnsbl_entry_host)) > IRCD_RES_HOSTLEN) { conf_report_error("dnsbl::host %s results in IPv6 queries that are too long", yy_dnsbl_entry_host); goto cleanup_bl; } } /* Avoid doing redundant check, IPv6 is bigger than IPv4 --Elizabeth */ if ((yy_dnsbl_entry_iptype & IPTYPE_IPV4) && !(yy_dnsbl_entry_iptype & IPTYPE_IPV6)) { /* Make sure things fit for worst case (magic number 16 = number of nums + dots) * Example: 127.127.127.127.in-addr.arpa */ if ((16 + strlen(yy_dnsbl_entry_host)) > IRCD_RES_HOSTLEN) { conf_report_error("dnsbl::host %s results in IPv4 queries that are too long", yy_dnsbl_entry_host); goto cleanup_bl; } } add_dnsbl_entry(yy_dnsbl_entry_host, yy_dnsbl_entry_reason, yy_dnsbl_entry_iptype, &yy_dnsbl_entry_filters); } cleanup_bl: RB_DLINK_FOREACH_SAFE(ptr, nptr, yy_dnsbl_entry_filters.head) { rb_free(ptr->data); rb_dlinkDestroy(ptr, &yy_dnsbl_entry_filters); } yy_dnsbl_entry_filters = (rb_dlink_list){ NULL, NULL, 0 }; rb_free(yy_dnsbl_entry_host); rb_free(yy_dnsbl_entry_reason); yy_dnsbl_entry_host = NULL; yy_dnsbl_entry_reason = NULL; yy_dnsbl_entry_iptype = 0; } struct opm_scanner { const char *type; uint16_t port; rb_dlink_node node; }; static int conf_begin_opm(struct TopConf *tc) { yy_opm_address_ipv4 = yy_opm_address_ipv6 = NULL; yy_opm_port_ipv4 = yy_opm_port_ipv6 = yy_opm_timeout = 0; delete_opm_proxy_scanner_all(); delete_opm_listener_all(); return 0; } static int conf_end_opm(struct TopConf *tc) { rb_dlink_node *ptr, *nptr; bool fail = false; if(rb_dlink_list_length(&yy_opm_scanner_list) == 0) { conf_report_error("No opm scanners configured -- disabling opm."); fail = true; goto end; } if(yy_opm_port_ipv4 > 0) { if(yy_opm_address_ipv4 != NULL) conf_create_opm_listener(yy_opm_address_ipv4, yy_opm_port_ipv4); else { char ip[HOSTIPLEN]; if(!rb_inet_ntop_sock((struct sockaddr *)&ServerInfo.bind4, ip, sizeof(ip))) conf_report_error("No opm::listen_ipv4 nor serverinfo::vhost directive; cannot listen on IPv4"); else conf_create_opm_listener(ip, yy_opm_port_ipv4); } } if(yy_opm_port_ipv6 > 0) { if(yy_opm_address_ipv6 != NULL) conf_create_opm_listener(yy_opm_address_ipv6, yy_opm_port_ipv6); else { char ip[HOSTIPLEN]; if(!rb_inet_ntop_sock((struct sockaddr *)&ServerInfo.bind6, ip, sizeof(ip))) conf_report_error("No opm::listen_ipv6 nor serverinfo::vhost directive; cannot listen on IPv6"); else conf_create_opm_listener(ip, yy_opm_port_ipv6); } } /* If there's no listeners... */ fail = (yy_opm_port_ipv4 == 0 || yy_opm_port_ipv6 == 0); if(!fail && yy_opm_timeout > 0 && yy_opm_timeout < 60) /* Send timeout */ set_authd_timeout("opm_timeout", yy_opm_timeout); else if(fail) conf_report_error("No opm listeners -- disabling"); else if(yy_opm_timeout <= 0 || yy_opm_timeout >= 60) conf_report_error("opm::timeout value is invalid -- ignoring"); end: RB_DLINK_FOREACH_SAFE(ptr, nptr, yy_opm_scanner_list.head) { struct opm_scanner *scanner = ptr->data; if(!fail) create_opm_proxy_scanner(scanner->type, scanner->port); rb_dlinkDelete(&scanner->node, &yy_opm_scanner_list); rb_free(scanner); } if(!fail) opm_check_enable(true); rb_free(yy_opm_address_ipv4); rb_free(yy_opm_address_ipv6); return 0; } static void conf_set_opm_timeout(void *data) { int timeout = *((int *)data); if(timeout <= 0 || timeout > 60) { conf_report_error("opm::timeout value %d is bogus, ignoring", timeout); return; } yy_opm_timeout = timeout; } static void conf_set_opm_listen_address_both(void *data, bool ipv6) { struct rb_sockaddr_storage addr; const char *confstr = (ipv6 ? "opm::listen_ipv6" : "opm::listen_ipv4"); char *ip = data; if(!rb_inet_pton_sock(ip, &addr)) { conf_report_error("%s is an invalid address: %s", confstr, ip); return; } if(ipv6) { if(GET_SS_FAMILY(&addr) != AF_INET6) { conf_report_error("%s is of the wrong address type: %s", confstr, ip); return; } if(yy_opm_address_ipv6 != NULL) { conf_report_error("%s overwrites previous address %s", confstr, ip); return; } yy_opm_address_ipv6 = rb_strdup(ip); } else { if(GET_SS_FAMILY(&addr) != AF_INET) { conf_report_error("%s is of the wrong address type: %s", confstr, ip); return; } if(yy_opm_address_ipv4 != NULL) { conf_report_error("%s overwrites previous address %s", confstr, ip); return; } yy_opm_address_ipv4 = rb_strdup(ip); } } static void conf_set_opm_listen_address_ipv4(void *data) { conf_set_opm_listen_address_both(data, false); } static void conf_set_opm_listen_address_ipv6(void *data) { conf_set_opm_listen_address_both(data, true); } static void conf_set_opm_listen_port_both(void *data, bool ipv6) { int port = *((int *)data); const char *confstr = (ipv6 ? "opm::port_ipv6" : "opm::port_ipv4"); if(port > 65535 || port <= 0) { conf_report_error("%s is out of range: %d", confstr, port); return; } if(ipv6) { if(yy_opm_port_ipv4) { conf_report_error("%s overwrites existing port %hu", confstr, yy_opm_port_ipv4); return; } yy_opm_port_ipv4 = port; } else { if(yy_opm_port_ipv6) { conf_report_error("%s overwrites existing port %hu", confstr, yy_opm_port_ipv6); return; } yy_opm_port_ipv6 = port; } } static void conf_set_opm_listen_port_ipv4(void *data) { conf_set_opm_listen_port_both(data, false); } static void conf_set_opm_listen_port_ipv6(void *data) { conf_set_opm_listen_port_both(data, true); } static void conf_set_opm_listen_port(void *data) { conf_set_opm_listen_port_both(data, true); conf_set_opm_listen_port_both(data, false); } static void conf_set_opm_scan_ports_all(void *data, const char *node, const char *type) { conf_parm_t *args = data; for (; args; args = args->next) { rb_dlink_node *ptr; bool dup = false; if(CF_TYPE(args->type) != CF_INT) { conf_report_error("%s argument is not an integer -- ignoring.", node); continue; } if(args->v.number > 65535 || args->v.number <= 0) { conf_report_error("%s argument is not an integer between 1 and 65535 -- ignoring.", node); continue; } /* Check for duplicates */ RB_DLINK_FOREACH(ptr, yy_opm_scanner_list.head) { struct opm_scanner *scanner = ptr->data; if(scanner->port == args->v.number && strcmp(type, scanner->type) == 0) { conf_report_error("%s argument is duplicate", node); dup = true; break; } } if(!dup) { struct opm_scanner *scanner = rb_malloc(sizeof(struct opm_scanner)); scanner->port = args->v.number; scanner->type = type; rb_dlinkAdd(scanner, &scanner->node, &yy_opm_scanner_list); } } } static void conf_set_opm_scan_ports_socks4(void *data) { conf_set_opm_scan_ports_all(data, "opm::socks4_ports", "socks4"); } static void conf_set_opm_scan_ports_socks5(void *data) { conf_set_opm_scan_ports_all(data, "opm::socks5_ports", "socks5"); } static void conf_set_opm_scan_ports_httpconnect(void *data) { conf_set_opm_scan_ports_all(data, "opm::httpconnect_ports", "httpconnect"); } static void conf_set_opm_scan_ports_httpsconnect(void *data) { conf_set_opm_scan_ports_all(data, "opm::httpsconnect_ports", "httpsconnect"); } /* public functions */ void conf_report_error(const char *fmt, ...) { va_list ap; char msg[BUFSIZE + 1] = { 0 }; va_start(ap, fmt); vsnprintf(msg, sizeof msg, fmt, ap); va_end(ap); if (testing_conf) { fprintf(stderr, "\"%s\", line %d: %s\n", current_file, lineno + 1, msg); return; } ierror("\"%s\", line %d: %s", current_file, lineno + 1, msg); sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "error: \"%s\", line %d: %s", current_file, lineno + 1, msg); } void conf_report_warning(const char *fmt, ...) { va_list ap; char msg[BUFSIZE + 1] = { 0 }; va_start(ap, fmt); vsnprintf(msg, sizeof msg, fmt, ap); va_end(ap); if (testing_conf) { fprintf(stderr, "\"%s\", line %d: %s\n", current_file, lineno + 1, msg); return; } iwarn("\"%s\", line %d: %s", current_file, lineno + 1, msg); sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, "warning: \"%s\", line %d: %s", current_file, lineno + 1, msg); } int conf_start_block(char *block, char *name) { if((conf_cur_block = find_top_conf(block)) == NULL) { conf_report_error("Configuration block '%s' is not defined.", block); return -1; } if(name) conf_cur_block_name = rb_strdup(name); else conf_cur_block_name = NULL; if(conf_cur_block->tc_sfunc) if(conf_cur_block->tc_sfunc(conf_cur_block) < 0) return -1; return 0; } int conf_end_block(struct TopConf *tc) { int ret = 0; if(tc->tc_efunc) ret = tc->tc_efunc(tc); rb_free(conf_cur_block_name); conf_cur_block_name = NULL; return ret; } static void conf_set_generic_int(void *data, void *location) { *((int *) location) = *((unsigned int *) data); } static void conf_set_generic_string(void *data, int len, void *location) { char **loc = location; char *input = data; if(len && strlen(input) > (unsigned int)len) input[len] = '\0'; rb_free(*loc); *loc = rb_strdup(input); } int conf_call_set(struct TopConf *tc, char *item, conf_parm_t * value) { struct ConfEntry *cf; conf_parm_t *cp; if(!tc) return -1; if((cf = find_conf_item(tc, item)) == NULL) { conf_report_error ("Non-existent configuration setting %s::%s.", tc->tc_name, (char *) item); return -1; } /* if it takes one thing, make sure they only passed one thing, and handle as needed. */ if((value->v.list->type & CF_FLIST) && !(cf->cf_type & CF_FLIST)) { conf_report_error ("Option %s::%s does not take a list of values.", tc->tc_name, item); return -1; } cp = value->v.list; if(CF_TYPE(value->v.list->type) != CF_TYPE(cf->cf_type)) { /* if it expects a string value, but we got a yesno, * convert it back */ if((CF_TYPE(value->v.list->type) == CF_YESNO) && (CF_TYPE(cf->cf_type) == CF_STRING)) { value->v.list->type = CF_STRING; if(cp->v.number == 1) cp->v.string = rb_strdup("yes"); else cp->v.string = rb_strdup("no"); } /* maybe it's a CF_TIME and they passed CF_INT -- should still be valid */ else if(!((CF_TYPE(value->v.list->type) == CF_INT) && (CF_TYPE(cf->cf_type) == CF_TIME))) { conf_report_error ("Wrong type for %s::%s (expected %s, got %s)", tc->tc_name, (char *) item, conf_strtype(cf->cf_type), conf_strtype(value->v.list->type)); return -1; } } if(cf->cf_type & CF_FLIST) { #if 0 if(cf->cf_arg) conf_set_generic_list(value->v.list, cf->cf_arg); else #endif /* just pass it the extended argument list */ cf->cf_func(value->v.list); } else { /* it's old-style, needs only one arg */ switch (cf->cf_type) { case CF_INT: case CF_TIME: case CF_YESNO: if(cf->cf_arg) conf_set_generic_int(&cp->v.number, cf->cf_arg); else cf->cf_func(&cp->v.number); break; case CF_STRING: case CF_QSTRING: if(EmptyString(cp->v.string)) conf_report_error("Ignoring %s::%s -- empty field", tc->tc_name, item); else if(cf->cf_arg) conf_set_generic_string(cp->v.string, cf->cf_len, cf->cf_arg); else cf->cf_func(cp->v.string); break; } } return 0; } int add_conf_item(const char *topconf, const char *name, int type, void (*func) (void *)) { struct TopConf *tc; struct ConfEntry *cf; if((tc = find_top_conf(topconf)) == NULL) return -1; if(find_conf_item(tc, name) != NULL) return -1; cf = rb_malloc(sizeof(struct ConfEntry)); cf->cf_name = name; cf->cf_type = type; cf->cf_func = func; cf->cf_arg = NULL; rb_dlinkAddAlloc(cf, &tc->tc_items); return 0; } int remove_conf_item(const char *topconf, const char *name) { struct TopConf *tc; struct ConfEntry *cf; rb_dlink_node *ptr; if((tc = find_top_conf(topconf)) == NULL) return -1; if((cf = find_conf_item(tc, name)) == NULL) return -1; if((ptr = rb_dlinkFind(cf, &tc->tc_items)) == NULL) return -1; rb_dlinkDestroy(ptr, &tc->tc_items); rb_free(cf); return 0; } /* *INDENT-OFF* */ static struct ConfEntry conf_serverinfo_table[] = { { "description", CF_QSTRING, NULL, 0, &ServerInfo.description }, { "network_name", CF_QSTRING, conf_set_serverinfo_network_name, 0, NULL }, { "name", CF_QSTRING, conf_set_serverinfo_name, 0, NULL }, { "sid", CF_QSTRING, conf_set_serverinfo_sid, 0, NULL }, { "vhost", CF_QSTRING, conf_set_serverinfo_vhost, 0, NULL }, { "vhost6", CF_QSTRING, conf_set_serverinfo_vhost6, 0, NULL }, { "ssl_private_key", CF_QSTRING, NULL, 0, &ServerInfo.ssl_private_key }, { "ssl_ca_cert", CF_QSTRING, NULL, 0, &ServerInfo.ssl_ca_cert }, { "ssl_cert", CF_QSTRING, NULL, 0, &ServerInfo.ssl_cert }, { "ssl_dh_params", CF_QSTRING, NULL, 0, &ServerInfo.ssl_dh_params }, { "ssl_cipher_list", CF_QSTRING, NULL, 0, &ServerInfo.ssl_cipher_list }, { "ssld_count", CF_INT, NULL, 0, &ServerInfo.ssld_count }, { "default_max_clients",CF_INT, NULL, 0, &ServerInfo.default_max_clients }, { "nicklen", CF_INT, conf_set_serverinfo_nicklen, 0, NULL }, { "\0", 0, NULL, 0, NULL } }; static struct ConfEntry conf_admin_table[] = { { "name", CF_QSTRING, NULL, 200, &AdminInfo.name }, { "description",CF_QSTRING, NULL, 200, &AdminInfo.description }, { "email", CF_QSTRING, NULL, 200, &AdminInfo.email }, { "\0", 0, NULL, 0, NULL } }; static struct ConfEntry conf_log_table[] = { { "fname_userlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_userlog }, { "fname_fuserlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_fuserlog }, { "fname_operlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_operlog }, { "fname_foperlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_foperlog }, { "fname_serverlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_serverlog }, { "fname_killlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_killlog }, { "fname_klinelog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_klinelog }, { "fname_operspylog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_operspylog }, { "fname_ioerrorlog", CF_QSTRING, NULL, PATH_MAX, &ConfigFileEntry.fname_ioerrorlog }, { "\0", 0, NULL, 0, NULL } }; static struct ConfEntry conf_operator_table[] = { { "rsa_public_key_file", CF_QSTRING, conf_set_oper_rsa_public_key_file, 0, NULL }, { "flags", CF_STRING | CF_FLIST, conf_set_oper_flags, 0, NULL }, { "umodes", CF_STRING | CF_FLIST, conf_set_oper_umodes, 0, NULL }, { "privset", CF_QSTRING, conf_set_oper_privset, 0, NULL }, { "snomask", CF_QSTRING, conf_set_oper_snomask, 0, NULL }, { "user", CF_QSTRING, conf_set_oper_user, 0, NULL }, { "password", CF_QSTRING, conf_set_oper_password, 0, NULL }, { "fingerprint", CF_QSTRING, conf_set_oper_fingerprint, 0, NULL }, { "\0", 0, NULL, 0, NULL } }; static struct ConfEntry conf_privset_table[] = { { "extends", CF_QSTRING, conf_set_privset_extends, 0, NULL }, { "privs", CF_STRING | CF_FLIST, conf_set_privset_privs, 0, NULL }, { "\0", 0, NULL, 0, NULL } }; static struct ConfEntry conf_class_table[] = { { "ping_time", CF_TIME, conf_set_class_ping_time, 0, NULL }, { "cidr_ipv4_bitlen", CF_INT, conf_set_class_cidr_ipv4_bitlen, 0, NULL }, { "cidr_ipv6_bitlen", CF_INT, conf_set_class_cidr_ipv6_bitlen, 0, NULL }, { "number_per_cidr", CF_INT, conf_set_class_number_per_cidr, 0, NULL }, { "number_per_ip", CF_INT, conf_set_class_number_per_ip, 0, NULL }, { "number_per_ip_global", CF_INT,conf_set_class_number_per_ip_global, 0, NULL }, { "number_per_ident", CF_INT, conf_set_class_number_per_ident, 0, NULL }, { "connectfreq", CF_TIME, conf_set_class_connectfreq, 0, NULL }, { "max_number", CF_INT, conf_set_class_max_number, 0, NULL }, { "max_autoconn", CF_INT, conf_set_class_max_autoconn, 0, NULL }, { "sendq", CF_TIME, conf_set_class_sendq, 0, NULL }, { "\0", 0, NULL, 0, NULL } }; static struct ConfEntry conf_auth_table[] = { { "user", CF_QSTRING, conf_set_auth_user, 0, NULL }, { "auth_user", CF_QSTRING, conf_set_auth_auth_user, 0, NULL }, { "password", CF_QSTRING, conf_set_auth_passwd, 0, NULL }, { "class", CF_QSTRING, conf_set_auth_class, 0, NULL }, { "spoof", CF_QSTRING, conf_set_auth_spoof, 0, NULL }, { "redirserv", CF_QSTRING, conf_set_auth_redir_serv, 0, NULL }, { "redirport", CF_INT, conf_set_auth_redir_port, 0, NULL }, { "flags", CF_STRING | CF_FLIST, conf_set_auth_flags, 0, NULL }, { "umodes", CF_QSTRING, conf_set_auth_umodes, 0, NULL}, { "description",CF_QSTRING, conf_set_auth_desc, 0, NULL}, { "\0", 0, NULL, 0, NULL } }; static struct ConfEntry conf_connect_table[] = { { "send_password", CF_QSTRING, conf_set_connect_send_password, 0, NULL }, { "accept_password", CF_QSTRING, conf_set_connect_accept_password, 0, NULL }, { "fingerprint", CF_QSTRING, conf_set_connect_fingerprint, 0, NULL }, { "flags", CF_STRING | CF_FLIST, conf_set_connect_flags, 0, NULL }, { "host", CF_QSTRING, conf_set_connect_host, 0, NULL }, { "vhost", CF_QSTRING, conf_set_connect_vhost, 0, NULL }, { "port", CF_INT, conf_set_connect_port, 0, NULL }, { "aftype", CF_STRING, conf_set_connect_aftype, 0, NULL }, { "class", CF_QSTRING, conf_set_connect_class, 0, NULL }, { "\0", 0, NULL, 0, NULL } }; static struct ConfEntry conf_general_table[] = { { "oper_only_umodes", CF_STRING | CF_FLIST, conf_set_general_oper_only_umodes, 0, NULL }, { "oper_umodes", CF_STRING | CF_FLIST, conf_set_general_oper_umodes, 0, NULL }, { "oper_snomask", CF_QSTRING, conf_set_general_oper_snomask, 0, NULL }, { "havent_read_conf", CF_YESNO, conf_set_general_havent_read_conf, 0, NULL }, { "hide_error_messages",CF_STRING, conf_set_general_hide_error_messages,0, NULL }, { "stats_i_oper_only", CF_STRING, conf_set_general_stats_i_oper_only, 0, NULL }, { "stats_k_oper_only", CF_STRING, conf_set_general_stats_k_oper_only, 0, NULL }, { "stats_l_oper_only", CF_STRING, conf_set_general_stats_l_oper_only, 0, NULL }, { "default_umodes", CF_QSTRING, conf_set_general_default_umodes, 0, NULL }, { "default_operstring", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.default_operstring }, { "default_adminstring",CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.default_adminstring }, { "servicestring", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.servicestring }, { "kline_reason", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.kline_reason }, { "identify_service", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.identifyservice }, { "identify_command", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.identifycommand }, { "sasl_service", CF_QSTRING, NULL, REALLEN, &ConfigFileEntry.sasl_service }, { "anti_spam_exit_message_time", CF_TIME, NULL, 0, &ConfigFileEntry.anti_spam_exit_message_time }, { "disable_fake_channels", CF_YESNO, NULL, 0, &ConfigFileEntry.disable_fake_channels }, { "min_nonwildcard_simple", CF_INT, NULL, 0, &ConfigFileEntry.min_nonwildcard_simple }, { "non_redundant_klines", CF_YESNO, NULL, 0, &ConfigFileEntry.non_redundant_klines }, { "tkline_expire_notices", CF_YESNO, NULL, 0, &ConfigFileEntry.tkline_expire_notices }, { "hidden_caps", CF_QSTRING | CF_FLIST, conf_set_general_hidden_caps, 0, NULL }, { "anti_nick_flood", CF_YESNO, NULL, 0, &ConfigFileEntry.anti_nick_flood }, { "burst_away", CF_YESNO, NULL, 0, &ConfigFileEntry.burst_away }, { "caller_id_wait", CF_TIME, NULL, 0, &ConfigFileEntry.caller_id_wait }, { "client_exit", CF_YESNO, NULL, 0, &ConfigFileEntry.client_exit }, { "collision_fnc", CF_YESNO, NULL, 0, &ConfigFileEntry.collision_fnc }, { "resv_fnc", CF_YESNO, NULL, 0, &ConfigFileEntry.resv_fnc }, { "post_registration_delay", CF_TIME, NULL, 0, &ConfigFileEntry.post_registration_delay }, { "connect_timeout", CF_TIME, NULL, 0, &ConfigFileEntry.connect_timeout }, { "default_floodcount", CF_INT, NULL, 0, &ConfigFileEntry.default_floodcount }, { "default_ident_timeout", CF_INT, NULL, 0, &ConfigFileEntry.default_ident_timeout }, { "disable_auth", CF_YESNO, NULL, 0, &ConfigFileEntry.disable_auth }, { "dots_in_ident", CF_INT, NULL, 0, &ConfigFileEntry.dots_in_ident }, { "failed_oper_notice", CF_YESNO, NULL, 0, &ConfigFileEntry.failed_oper_notice }, { "global_snotices", CF_YESNO, NULL, 0, &ConfigFileEntry.global_snotices }, { "hide_spoof_ips", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_spoof_ips }, { "dline_with_reason", CF_YESNO, NULL, 0, &ConfigFileEntry.dline_with_reason }, { "kline_with_reason", CF_YESNO, NULL, 0, &ConfigFileEntry.kline_with_reason }, { "hide_tkdline_duration", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_tkdline_duration }, { "map_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.map_oper_only }, { "max_accept", CF_INT, NULL, 0, &ConfigFileEntry.max_accept }, { "max_monitor", CF_INT, NULL, 0, &ConfigFileEntry.max_monitor }, { "max_nick_time", CF_TIME, NULL, 0, &ConfigFileEntry.max_nick_time }, { "max_nick_changes", CF_INT, NULL, 0, &ConfigFileEntry.max_nick_changes }, { "max_targets", CF_INT, NULL, 0, &ConfigFileEntry.max_targets }, { "min_nonwildcard", CF_INT, NULL, 0, &ConfigFileEntry.min_nonwildcard }, { "nick_delay", CF_TIME, NULL, 0, &ConfigFileEntry.nick_delay }, { "no_oper_flood", CF_YESNO, NULL, 0, &ConfigFileEntry.no_oper_flood }, { "operspy_admin_only", CF_YESNO, NULL, 0, &ConfigFileEntry.operspy_admin_only }, { "operspy_dont_care_user_info", CF_YESNO, NULL, 0, &ConfigFileEntry.operspy_dont_care_user_info }, { "pace_wait", CF_TIME, NULL, 0, &ConfigFileEntry.pace_wait }, { "pace_wait_simple", CF_TIME, NULL, 0, &ConfigFileEntry.pace_wait_simple }, { "ping_cookie", CF_YESNO, NULL, 0, &ConfigFileEntry.ping_cookie }, { "ping_warn_time", CF_TIME, NULL, 0, &ConfigFileEntry.ping_warn_time }, { "reject_after_count", CF_INT, NULL, 0, &ConfigFileEntry.reject_after_count }, { "reject_ban_time", CF_TIME, NULL, 0, &ConfigFileEntry.reject_ban_time }, { "reject_duration", CF_TIME, NULL, 0, &ConfigFileEntry.reject_duration }, { "throttle_count", CF_INT, NULL, 0, &ConfigFileEntry.throttle_count }, { "throttle_duration", CF_TIME, NULL, 0, &ConfigFileEntry.throttle_duration }, { "short_motd", CF_YESNO, NULL, 0, &ConfigFileEntry.short_motd }, { "stats_c_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_c_oper_only }, { "stats_e_disabled", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_e_disabled }, { "stats_o_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_o_oper_only }, { "stats_P_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_P_oper_only }, { "stats_y_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.stats_y_oper_only }, { "target_change", CF_YESNO, NULL, 0, &ConfigFileEntry.target_change }, { "ts_max_delta", CF_TIME, NULL, 0, &ConfigFileEntry.ts_max_delta }, { "ts_warn_delta", CF_TIME, NULL, 0, &ConfigFileEntry.ts_warn_delta }, { "use_whois_actually", CF_YESNO, NULL, 0, &ConfigFileEntry.use_whois_actually }, { "warn_no_nline", CF_YESNO, NULL, 0, &ConfigFileEntry.warn_no_nline }, { "use_propagated_bans",CF_YESNO, NULL, 0, &ConfigFileEntry.use_propagated_bans }, { "client_flood_max_lines", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_max_lines }, { "client_flood_burst_rate", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_burst_rate }, { "client_flood_burst_max", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_burst_max }, { "client_flood_message_num", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_message_num }, { "client_flood_message_time", CF_INT, NULL, 0, &ConfigFileEntry.client_flood_message_time }, { "max_ratelimit_tokens", CF_INT, NULL, 0, &ConfigFileEntry.max_ratelimit_tokens }, { "away_interval", CF_INT, NULL, 0, &ConfigFileEntry.away_interval }, { "hide_opers_in_whois", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_opers_in_whois }, { "hide_opers", CF_YESNO, NULL, 0, &ConfigFileEntry.hide_opers }, { "certfp_method", CF_STRING, conf_set_general_certfp_method, 0, NULL }, { "drain_reason", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.drain_reason }, { "sasl_only_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.sasl_only_client_message }, { "identd_only_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.identd_only_client_message }, { "sctp_forbidden_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.sctp_forbidden_client_message }, { "ssltls_only_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.ssltls_only_client_message }, { "not_authorised_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.not_authorised_client_message }, { "illegal_hostname_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.not_authorised_client_message }, { "server_full_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.server_full_client_message }, { "illegal_name_long_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.illegal_name_long_client_message }, { "illegal_name_short_client_message", CF_QSTRING, NULL, BUFSIZE, &ConfigFileEntry.illegal_name_short_client_message }, { "tls_ciphers_oper_only", CF_YESNO, NULL, 0, &ConfigFileEntry.tls_ciphers_oper_only }, { "oper_secure_only", CF_YESNO, NULL, 0, &ConfigFileEntry.oper_secure_only }, { "\0", 0, NULL, 0, NULL } }; static struct ConfEntry conf_channel_table[] = { { "default_split_user_count", CF_INT, NULL, 0, &ConfigChannel.default_split_user_count }, { "default_split_server_count", CF_INT, NULL, 0, &ConfigChannel.default_split_server_count }, { "burst_topicwho", CF_YESNO, NULL, 0, &ConfigChannel.burst_topicwho }, { "kick_on_split_riding", CF_YESNO, NULL, 0, &ConfigChannel.kick_on_split_riding }, { "knock_delay", CF_TIME, NULL, 0, &ConfigChannel.knock_delay }, { "knock_delay_channel",CF_TIME, NULL, 0, &ConfigChannel.knock_delay_channel }, { "max_bans", CF_INT, NULL, 0, &ConfigChannel.max_bans }, { "max_bans_large", CF_INT, NULL, 0, &ConfigChannel.max_bans_large }, { "max_chans_per_user", CF_INT, NULL, 0, &ConfigChannel.max_chans_per_user }, { "max_chans_per_user_large", CF_INT, NULL, 0, &ConfigChannel.max_chans_per_user_large }, { "no_create_on_split", CF_YESNO, NULL, 0, &ConfigChannel.no_create_on_split }, { "no_join_on_split", CF_YESNO, NULL, 0, &ConfigChannel.no_join_on_split }, { "only_ascii_channels", CF_YESNO, NULL, 0, &ConfigChannel.only_ascii_channels }, { "use_except", CF_YESNO, NULL, 0, &ConfigChannel.use_except }, { "use_invex", CF_YESNO, NULL, 0, &ConfigChannel.use_invex }, { "use_forward", CF_YESNO, NULL, 0, &ConfigChannel.use_forward }, { "use_knock", CF_YESNO, NULL, 0, &ConfigChannel.use_knock }, { "resv_forcepart", CF_YESNO, NULL, 0, &ConfigChannel.resv_forcepart }, { "channel_target_change", CF_YESNO, NULL, 0, &ConfigChannel.channel_target_change }, { "disable_local_channels", CF_YESNO, NULL, 0, &ConfigChannel.disable_local_channels }, { "autochanmodes", CF_QSTRING, conf_set_channel_autochanmodes, 0, NULL }, { "displayed_usercount", CF_INT, NULL, 0, &ConfigChannel.displayed_usercount }, { "strip_topic_colors", CF_YESNO, NULL, 0, &ConfigChannel.strip_topic_colors }, { "opmod_send_statusmsg", CF_YESNO, NULL, 0, &ConfigChannel.opmod_send_statusmsg }, { "ip_bans_through_vhost", CF_YESNO, NULL, 0, &ConfigChannel.ip_bans_through_vhost }, { "invite_notify_notice", CF_YESNO, NULL, 0, &ConfigChannel.invite_notify_notice }, { "\0", 0, NULL, 0, NULL } }; static struct ConfEntry conf_serverhide_table[] = { { "disable_hidden", CF_YESNO, NULL, 0, &ConfigServerHide.disable_hidden }, { "flatten_links", CF_YESNO, NULL, 0, &ConfigServerHide.flatten_links }, { "hidden", CF_YESNO, NULL, 0, &ConfigServerHide.hidden }, { "links_delay", CF_TIME, conf_set_serverhide_links_delay, 0, NULL }, { "\0", 0, NULL, 0, NULL } }; /* *INDENT-ON* */ void newconf_init() { add_top_conf("modules", NULL, NULL, NULL); add_conf_item("modules", "path", CF_QSTRING, conf_set_modules_path); add_conf_item("modules", "module", CF_QSTRING, conf_set_modules_module); add_top_conf("serverinfo", NULL, NULL, conf_serverinfo_table); add_top_conf("admin", NULL, NULL, conf_admin_table); add_top_conf("log", NULL, NULL, conf_log_table); add_top_conf("operator", conf_begin_oper, conf_end_oper, conf_operator_table); add_top_conf("class", conf_begin_class, conf_end_class, conf_class_table); add_top_conf("privset", NULL, NULL, conf_privset_table); add_top_conf("listen", conf_begin_listen, conf_end_listen, NULL); add_conf_item("listen", "defer_accept", CF_YESNO, conf_set_listen_defer_accept); add_conf_item("listen", "wsock", CF_YESNO, conf_set_listen_wsock); add_conf_item("listen", "port", CF_INT | CF_FLIST, conf_set_listen_port); add_conf_item("listen", "sslport", CF_INT | CF_FLIST, conf_set_listen_sslport); add_conf_item("listen", "sctp_port", CF_INT | CF_FLIST, conf_set_listen_sctp_port); add_conf_item("listen", "sctp_sslport", CF_INT | CF_FLIST, conf_set_listen_sctp_sslport); add_conf_item("listen", "ip", CF_QSTRING, conf_set_listen_address); add_conf_item("listen", "host", CF_QSTRING, conf_set_listen_address); add_top_conf("auth", conf_begin_auth, conf_end_auth, conf_auth_table); add_top_conf("connect", conf_begin_connect, conf_end_connect, conf_connect_table); add_top_conf("exempt", NULL, NULL, NULL); add_conf_item("exempt", "ip", CF_QSTRING, conf_set_exempt_ip); add_top_conf("secure", NULL, NULL, NULL); add_conf_item("secure", "ip", CF_QSTRING, conf_set_secure_ip); add_top_conf("cluster", conf_cleanup_cluster, conf_cleanup_cluster, NULL); add_conf_item("cluster", "name", CF_QSTRING, conf_set_cluster_name); add_conf_item("cluster", "flags", CF_STRING | CF_FLIST, conf_set_cluster_flags); add_top_conf("general", NULL, NULL, conf_general_table); add_top_conf("channel", NULL, NULL, conf_channel_table); add_top_conf("serverhide", NULL, NULL, conf_serverhide_table); add_top_conf("service", NULL, NULL, NULL); add_conf_item("service", "name", CF_QSTRING, conf_set_service_name); add_top_conf("alias", conf_begin_alias, conf_end_alias, NULL); add_conf_item("alias", "name", CF_QSTRING, conf_set_alias_name); add_conf_item("alias", "target", CF_QSTRING, conf_set_alias_target); add_top_conf("dnsbl", NULL, NULL, NULL); add_conf_item("dnsbl", "host", CF_QSTRING, conf_set_dnsbl_entry_host); add_conf_item("dnsbl", "type", CF_STRING | CF_FLIST, conf_set_dnsbl_entry_type); add_conf_item("dnsbl", "matches", CF_QSTRING | CF_FLIST, conf_set_dnsbl_entry_matches); add_conf_item("dnsbl", "reject_reason", CF_QSTRING, conf_set_dnsbl_entry_reason); add_top_conf("blacklist", conf_warn_blacklist_deprecation, NULL, NULL); add_conf_item("blacklist", "host", CF_QSTRING, conf_set_dnsbl_entry_host); add_conf_item("blacklist", "type", CF_STRING | CF_FLIST, conf_set_dnsbl_entry_type); add_conf_item("blacklist", "matches", CF_QSTRING | CF_FLIST, conf_set_dnsbl_entry_matches); add_conf_item("blacklist", "reject_reason", CF_QSTRING, conf_set_dnsbl_entry_reason); add_top_conf("opm", conf_begin_opm, conf_end_opm, NULL); add_conf_item("opm", "timeout", CF_INT, conf_set_opm_timeout); add_conf_item("opm", "listen_ipv4", CF_QSTRING, conf_set_opm_listen_address_ipv4); add_conf_item("opm", "listen_ipv6", CF_QSTRING, conf_set_opm_listen_address_ipv6); add_conf_item("opm", "port_v4", CF_INT, conf_set_opm_listen_port_ipv4); add_conf_item("opm", "port_v6", CF_INT, conf_set_opm_listen_port_ipv6); add_conf_item("opm", "listen_port", CF_INT, conf_set_opm_listen_port); add_conf_item("opm", "socks4_ports", CF_INT | CF_FLIST, conf_set_opm_scan_ports_socks4); add_conf_item("opm", "socks5_ports", CF_INT | CF_FLIST, conf_set_opm_scan_ports_socks5); add_conf_item("opm", "httpconnect_ports", CF_INT | CF_FLIST, conf_set_opm_scan_ports_httpconnect); add_conf_item("opm", "httpsconnect_ports", CF_INT | CF_FLIST, conf_set_opm_scan_ports_httpsconnect); }