search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Restore stats_spy hook that was removed in commit 401f2454671ca233e35b0e6e4f3fa4c43cd...
[seven-1.x.git] / src / hostmask.c
blobf5a6f30119a645b989c69fd1839714d93367459a
1 /*
2 * charybdis: an advanced internet relay chat daemon (ircd).
3 * hostmask.c: Code to efficiently find IP & hostmask based configs.
4 *
5 * Copyright (C) 1990 Jarkko Oikarinen and University of Oulu, Co Center
6 * Copyright (C) 1996-2002 Hybrid Development Team
7 * Copyright (C) 2002-2005 ircd-ratbox development team
8 * Copyright (C) 2005-2006 charybdis development team
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License
21 * along with this program; if not, write to the Free Software
22 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
23 * USA
24 */
25
26 #include "stdinc.h"
27 #include "memory.h"
28 #include "ircd_defs.h"
29 #include "s_conf.h"
30 #include "hostmask.h"
31 #include "numeric.h"
32 #include "send.h"
33 #include "irc_string.h"
34
35 #ifdef IPV6
36 static unsigned long hash_ipv6(struct sockaddr *, int);
37 #endif
38 static unsigned long hash_ipv4(struct sockaddr *, int);
39
40
41 /* int parse_netmask(const char *, struct irc_sockaddr_storage *, int *);
42 * Input: A hostmask, or an IPV4/6 address.
43 * Output: An integer describing whether it is an IPV4, IPV6 address or a
44 * hostmask, an address(if it is an IP mask),
45 * a bitlength(if it is IP mask).
46 * Side effects: None
47 */
48 int
49 parse_netmask(const char *text, struct sockaddr *naddr, int *nb)
50 {
51 char *ip = LOCAL_COPY(text);
52 char *ptr;
53 struct irc_sockaddr_storage *addr, xaddr;
54 int *b, xb;
55 if(nb == NULL)
56 b = &xb;
57 else
58 b = nb;
59
60 if(naddr == NULL)
61 addr = (struct irc_sockaddr_storage *)&xaddr;
62 else
63 addr = (struct irc_sockaddr_storage *)naddr;
64
65 #ifdef IPV6
66 if(strchr(ip, ':'))
67 {
68 if((ptr = strchr(ip, '/')))
69 {
70 *ptr = '\0';
71 ptr++;
72 *b = atoi(ptr);
73 if(*b > 128)
74 *b = 128;
75 } else
76 *b = 128;
77 if(inetpton_sock(ip, (struct sockaddr *)addr) > 0)
78 return HM_IPV6;
79 else
80 return HM_HOST;
81 } else
82 #endif
83 if(strchr(text, '.'))
84 {
85 if((ptr = strchr(ip, '/')))
86 {
87 *ptr = '\0';
88 ptr++;
89 *b = atoi(ptr);
90 if(*b > 32)
91 *b = 32;
92 } else
93 *b = 32;
94 if(inetpton_sock(ip, (struct sockaddr *)addr) > 0)
95 return HM_IPV4;
96 else
97 return HM_HOST;
98 }
99 return HM_HOST;
100 }
101
102 /* Hashtable stuff...now external as its used in m_stats.c */
103 struct AddressRec *atable[ATABLE_SIZE];
104
105 void
106 init_host_hash(void)
107 {
108 memset(&atable, 0, sizeof(atable));
109 }
110
111 /* unsigned long hash_ipv4(struct irc_sockaddr_storage*)
112 * Input: An IP address.
113 * Output: A hash value of the IP address.
114 * Side effects: None
115 */
116 static unsigned long
117 hash_ipv4(struct sockaddr *saddr, int bits)
118 {
119 struct sockaddr_in *addr = (struct sockaddr_in *) saddr;
120
121 if(bits != 0)
122 {
123 unsigned long av = ntohl(addr->sin_addr.s_addr) & ~((1 << (32 - bits)) - 1);
124 return (av ^ (av >> 12) ^ (av >> 24)) & (ATABLE_SIZE - 1);
125 }
126
127 return 0;
128 }
129
130 /* unsigned long hash_ipv6(struct irc_sockaddr_storage*)
131 * Input: An IP address.
132 * Output: A hash value of the IP address.
133 * Side effects: None
134 */
135 #ifdef IPV6
136 static unsigned long
137 hash_ipv6(struct sockaddr *saddr, int bits)
138 {
139 struct sockaddr_in6 *addr = (struct sockaddr_in6 *) saddr;
140 unsigned long v = 0, n;
141 for (n = 0; n < 16; n++)
142 {
143 if(bits >= 8)
144 {
145 v ^= addr->sin6_addr.s6_addr[n];
146 bits -= 8;
147 }
148 else if(bits)
149 {
150 v ^= addr->sin6_addr.s6_addr[n] & ~((1 << (8 - bits)) - 1);
151 return v & (ATABLE_SIZE - 1);
152 }
153 else
154 return v & (ATABLE_SIZE - 1);
155 }
156 return v & (ATABLE_SIZE - 1);
157 }
158 #endif
159
160 /* int hash_text(const char *start)
161 * Input: The start of the text to hash.
162 * Output: The hash of the string between 1 and (TH_MAX-1)
163 * Side-effects: None.
164 */
165 static int
166 hash_text(const char *start)
167 {
168 const char *p = start;
169 unsigned long h = 0;
170
171 while(*p)
172 {
173 h = (h << 4) - (h + (unsigned char) ToLower(*p++));
174 }
175
176 return (h & (ATABLE_SIZE - 1));
177 }
178
179 /* unsigned long get_hash_mask(const char *)
180 * Input: The text to hash.
181 * Output: The hash of the string right of the first '.' past the last
182 * wildcard in the string.
183 * Side-effects: None.
184 */
185 static unsigned long
186 get_mask_hash(const char *text)
187 {
188 const char *hp = "", *p;
189
190 for (p = text + strlen(text) - 1; p >= text; p--)
191 if(*p == '*' || *p == '?')
192 return hash_text(hp);
193 else if(*p == '.')
194 hp = p + 1;
195 return hash_text(text);
196 }
197
198 /* struct ConfItem* find_conf_by_address(const char*, struct irc_sockaddr_storage*,
199 * int type, int fam, const char *username)
200 * Input: The hostname, the address, the type of mask to find, the address
201 * family, the username.
202 * Output: The matching value with the highest precedence.
203 * Side-effects: None
204 * Note: Setting bit 0 of the type means that the username is ignored.
205 */
206 struct ConfItem *
207 find_conf_by_address(const char *name, const char *sockhost,
208 const char *orighost,
209 struct sockaddr *addr, int type, int fam,
210 const char *username)
211 {
212 unsigned long hprecv = 0;
213 struct ConfItem *hprec = NULL;
214 struct AddressRec *arec;
215 int b;
216
217 if(username == NULL)
218 username = "";
219
220 if(addr)
221 {
222 /* Check for IPV6 matches... */
223 #ifdef IPV6
224 if(fam == AF_INET6)
225 {
226
227 for (b = 128; b >= 0; b -= 16)
228 {
229 for (arec = atable[hash_ipv6(addr, b)]; arec; arec = arec->next)
230 if(arec->type == (type & ~0x1) &&
231 arec->masktype == HM_IPV6 &&
232 comp_with_mask_sock(addr, (struct sockaddr *)&arec->Mask.ipa.addr,
233 arec->Mask.ipa.bits) && (type & 0x1
234 ||
235 match(arec->
236 username,
237 username))
238 && arec->precedence > hprecv)
239 {
240 hprecv = arec->precedence;
241 hprec = arec->aconf;
242 }
243 }
244 }
245 else
246 #endif
247 if(fam == AF_INET)
248 {
249 for (b = 32; b >= 0; b -= 8)
250 {
251 for (arec = atable[hash_ipv4(addr, b)]; arec; arec = arec->next)
252 if(arec->type == (type & ~0x1) &&
253 arec->masktype == HM_IPV4 &&
254 arec->precedence > hprecv &&
255 comp_with_mask_sock(addr, (struct sockaddr *)&arec->Mask.ipa.addr,
256 arec->Mask.ipa.bits) &&
257 (type & 0x1 || match(arec->username, username)))
258 {
259 hprecv = arec->precedence;
260 hprec = arec->aconf;
261 }
262 }
263 }
264 }
265
266 if(orighost != NULL)
267 {
268 const char *p;
269
270 for (p = orighost; p != NULL;)
271 {
272 for (arec = atable[hash_text(p)]; arec; arec = arec->next)
273
274 if((arec->type == (type & ~0x1)) &&
275 (arec->masktype == HM_HOST) &&
276 arec->precedence > hprecv &&
277 match(arec->Mask.hostname, orighost) &&
278 (type & 0x1 || match(arec->username, username)))
279 {
280 hprecv = arec->precedence;
281 hprec = arec->aconf;
282 }
283 p = strchr(p, '.');
284 if(p != NULL)
285 p++;
286 else
287 break;
288 }
289 for (arec = atable[0]; arec; arec = arec->next)
290 {
291 if(arec->type == (type & ~0x1) &&
292 arec->masktype == HM_HOST &&
293 arec->precedence > hprecv &&
294 (match(arec->Mask.hostname, orighost) ||
295 (sockhost && match(arec->Mask.hostname, sockhost))) &&
296 (type & 0x1 || match(arec->username, username)))
297 {
298 hprecv = arec->precedence;
299 hprec = arec->aconf;
300 }
301 }
302 }
303
304 if(name != NULL)
305 {
306 const char *p;
307 /* And yes - we have to check p after strchr and p after increment for
308 * NULL -kre */
309 for (p = name; p != NULL;)
310 {
311 for (arec = atable[hash_text(p)]; arec; arec = arec->next)
312 if((arec->type == (type & ~0x1)) &&
313 (arec->masktype == HM_HOST) &&
314 arec->precedence > hprecv &&
315 match(arec->Mask.hostname, name) &&
316 (type & 0x1 || match(arec->username, username)))
317 {
318 hprecv = arec->precedence;
319 hprec = arec->aconf;
320 }
321 p = strchr(p, '.');
322 if(p != NULL)
323 p++;
324 else
325 break;
326 }
327 for (arec = atable[0]; arec; arec = arec->next)
328 {
329 if(arec->type == (type & ~0x1) &&
330 arec->masktype == HM_HOST &&
331 arec->precedence > hprecv &&
332 (match(arec->Mask.hostname, name) ||
333 (sockhost && match(arec->Mask.hostname, sockhost))) &&
334 (type & 0x1 || match(arec->username, username)))
335 {
336 hprecv = arec->precedence;
337 hprec = arec->aconf;
338 }
339 }
340 }
341 return hprec;
342 }
343
344 /* struct ConfItem* find_address_conf(const char*, const char*,
345 * struct irc_sockaddr_storage*, int);
346 * Input: The hostname, username, address, address family.
347 * Output: The applicable ConfItem.
348 * Side-effects: None
349 */
350 struct ConfItem *
351 find_address_conf(const char *host, const char *sockhost, const char *user,
352 struct sockaddr *ip, int aftype)
353 {
354 struct ConfItem *iconf, *kconf;
355
356 /* Find the best I-line... If none, return NULL -A1kmm */
357 if(!(iconf = find_conf_by_address(host, sockhost, NULL, ip, CONF_CLIENT, aftype, user)))
358 return NULL;
359
360 /* If they are exempt from K-lines, return the best I-line. -A1kmm */
361 if(IsConfExemptKline(iconf))
362 return iconf;
363
364 /* Find the best K-line... -A1kmm */
365 kconf = find_conf_by_address(host, sockhost, NULL, ip, CONF_KILL, aftype, user);
366
367 /* If they are K-lined, return the K-line */
368 if(kconf)
369 return kconf;
370
371 /* if theres a spoof, check it against klines.. */
372 if(IsConfDoSpoofIp(iconf))
373 {
374 char *p = strchr(iconf->name, '@');
375
376 /* note, we dont need to pass sockhost here, as its
377 * guaranteed to not match by whats above.. --anfl
378 */
379 if(p)
380 {
381 *p = '\0';
382 kconf = find_conf_by_address(p+1, NULL, NULL, ip, CONF_KILL, aftype, iconf->name);
383 *p = '@';
384 }
385 else
386 kconf = find_conf_by_address(iconf->name, NULL, NULL, ip, CONF_KILL, aftype, user);
387
388 if(kconf)
389 return kconf;
390 }
391
392 return iconf;
393 }
394
395 /* struct ConfItem* find_dline(struct irc_sockaddr_storage*, int)
396 * Input: An address, an address family.
397 * Output: The best matching D-line or exempt line.
398 * Side effects: None.
399 */
400 struct ConfItem *
401 find_dline(struct sockaddr *addr, int aftype)
402 {
403 struct ConfItem *eline;
404 eline = find_conf_by_address(NULL, NULL, NULL, addr, CONF_EXEMPTDLINE | 1, aftype, NULL);
405 if(eline)
406 return eline;
407 return find_conf_by_address(NULL, NULL, NULL, addr, CONF_DLINE | 1, aftype, NULL);
408 }
409
410 /* void add_conf_by_address(const char*, int, const char *,
411 * struct ConfItem *aconf)
412 * Input:
413 * Output: None
414 * Side-effects: Adds this entry to the hash table.
415 */
416 void
417 add_conf_by_address(const char *address, int type, const char *username, struct ConfItem *aconf)
418 {
419 static unsigned long prec_value = 0xFFFFFFFF;
420 int masktype, bits;
421 unsigned long hv;
422 struct AddressRec *arec;
423
424 if(address == NULL)
425 address = "/NOMATCH!/";
426 arec = MyMalloc(sizeof(struct AddressRec));
427 masktype = parse_netmask(address, (struct sockaddr *)&arec->Mask.ipa.addr, &bits);
428 arec->Mask.ipa.bits = bits;
429 arec->masktype = masktype;
430 #ifdef IPV6
431 if(masktype == HM_IPV6)
432 {
433 /* We have to do this, since we do not re-hash for every bit -A1kmm. */
434 bits -= bits % 16;
435 arec->next = atable[(hv = hash_ipv6((struct sockaddr *)&arec->Mask.ipa.addr, bits))];
436 atable[hv] = arec;
437 }
438 else
439 #endif
440 if(masktype == HM_IPV4)
441 {
442 /* We have to do this, since we do not re-hash for every bit -A1kmm. */
443 bits -= bits % 8;
444 arec->next = atable[(hv = hash_ipv4((struct sockaddr *)&arec->Mask.ipa.addr, bits))];
445 atable[hv] = arec;
446 }
447 else
448 {
449 arec->Mask.hostname = address;
450 arec->next = atable[(hv = get_mask_hash(address))];
451 atable[hv] = arec;
452 }
453 arec->username = username;
454 arec->aconf = aconf;
455 arec->precedence = prec_value--;
456 arec->type = type;
457 }
458
459 /* void delete_one_address(const char*, struct ConfItem*)
460 * Input: An address string, the associated ConfItem.
461 * Output: None
462 * Side effects: Deletes an address record. Frees the ConfItem if there
463 * is nothing referencing it, sets it as illegal otherwise.
464 */
465 void
466 delete_one_address_conf(const char *address, struct ConfItem *aconf)
467 {
468 int masktype, bits;
469 unsigned long hv;
470 struct AddressRec *arec, *arecl = NULL;
471 struct irc_sockaddr_storage addr;
472 masktype = parse_netmask(address, (struct sockaddr *)&addr, &bits);
473 #ifdef IPV6
474 if(masktype == HM_IPV6)
475 {
476 /* We have to do this, since we do not re-hash for every bit -A1kmm. */
477 bits -= bits % 16;
478 hv = hash_ipv6((struct sockaddr *)&addr, bits);
479 }
480 else
481 #endif
482 if(masktype == HM_IPV4)
483 {
484 /* We have to do this, since we do not re-hash for every bit -A1kmm. */
485 bits -= bits % 8;
486 hv = hash_ipv4((struct sockaddr *)&addr, bits);
487 }
488 else
489 hv = get_mask_hash(address);
490 for (arec = atable[hv]; arec; arec = arec->next)
491 {
492 if(arec->aconf == aconf)
493 {
494 if(arecl)
495 arecl->next = arec->next;
496 else
497 atable[hv] = arec->next;
498 aconf->status |= CONF_ILLEGAL;
499 if(!aconf->clients)
500 free_conf(aconf);
501 MyFree(arec);
502 return;
503 }
504 arecl = arec;
505 }
506 }
507
508 /* void clear_out_address_conf(void)
509 * Input: None
510 * Output: None
511 * Side effects: Clears out all address records in the hash table,
512 * frees them, and frees the ConfItems if nothing references
513 * them, otherwise sets them as illegal.
514 */
515 void
516 clear_out_address_conf(void)
517 {
518 int i;
519 struct AddressRec **store_next;
520 struct AddressRec *arec, *arecn;
521
522 for (i = 0; i < ATABLE_SIZE; i++)
523 {
524 store_next = &atable[i];
525 for (arec = atable[i]; arec; arec = arecn)
526 {
527 arecn = arec->next;
528 /* We keep the temporary K-lines and destroy the
529 * permanent ones, just to be confusing :) -A1kmm */
530 if(arec->aconf->flags & CONF_FLAGS_TEMPORARY ||
531 (arec->type != CONF_CLIENT && arec->type != CONF_EXEMPTDLINE))
532 {
533 *store_next = arec;
534 store_next = &arec->next;
535 }
536 else
537 {
538 arec->aconf->status |= CONF_ILLEGAL;
539 if(!arec->aconf->clients)
540 free_conf(arec->aconf);
541 MyFree(arec);
542 }
543 }
544 *store_next = NULL;
545 }
546 }
547
548 void
549 clear_out_address_conf_bans(void)
550 {
551 int i;
552 struct AddressRec **store_next;
553 struct AddressRec *arec, *arecn;
554
555 for (i = 0; i < ATABLE_SIZE; i++)
556 {
557 store_next = &atable[i];
558 for (arec = atable[i]; arec; arec = arecn)
559 {
560 arecn = arec->next;
561 /* We keep the temporary K-lines and destroy the
562 * permanent ones, just to be confusing :) -A1kmm */
563 if(arec->aconf->flags & CONF_FLAGS_TEMPORARY ||
564 (arec->type == CONF_CLIENT || arec->type == CONF_EXEMPTDLINE))
565 {
566 *store_next = arec;
567 store_next = &arec->next;
568 }
569 else
570 {
571 arec->aconf->status |= CONF_ILLEGAL;
572 if(!arec->aconf->clients)
573 free_conf(arec->aconf);
574 MyFree(arec);
575 }
576 }
577 *store_next = NULL;
578 }
579 }
580
581
582 /*
583 * show_iline_prefix()
584 *
585 * inputs - pointer to struct Client requesting output
586 * - pointer to struct ConfItem
587 * - name to which iline prefix will be prefixed to
588 * output - pointer to static string with prefixes listed in ascii form
589 * side effects - NONE
590 */
591 char *
592 show_iline_prefix(struct Client *sptr, struct ConfItem *aconf, char *name)
593 {
594 static char prefix_of_host[USERLEN + 15];
595 char *prefix_ptr;
596
597 prefix_ptr = prefix_of_host;
598 if(IsNoTilde(aconf))
599 *prefix_ptr++ = '-';
600 if(IsLimitIp(aconf))
601 *prefix_ptr++ = '!';
602 if(IsNeedIdentd(aconf))
603 *prefix_ptr++ = '+';
604 if(IsPassIdentd(aconf))
605 *prefix_ptr++ = '$';
606 if(IsNoMatchIp(aconf))
607 *prefix_ptr++ = '%';
608 if(IsConfDoSpoofIp(aconf))
609 *prefix_ptr++ = '=';
610 if(MyOper(sptr) && IsConfExemptKline(aconf))
611 *prefix_ptr++ = '^';
612 if(MyOper(sptr) && IsConfExemptLimits(aconf))
613 *prefix_ptr++ = '>';
614 if(MyOper(sptr) && IsConfIdlelined(aconf))
615 *prefix_ptr++ = '<';
616 *prefix_ptr = '\0';
617 strncpy(prefix_ptr, name, USERLEN);
618 return (prefix_of_host);
619 }
620
621 /* report_auth()
622 *
623 * Inputs: pointer to client to report to
624 * Output: None
625 * Side effects: Reports configured auth{} blocks to client_p
626 */
627 void
628 report_auth(struct Client *client_p)
629 {
630 char *name, *host, *pass, *user, *classname;
631 struct AddressRec *arec;
632 struct ConfItem *aconf;
633 int i, port;
634
635 for (i = 0; i < ATABLE_SIZE; i++)
636 for (arec = atable[i]; arec; arec = arec->next)
637 if(arec->type == CONF_CLIENT)
638 {
639 aconf = arec->aconf;
640
641 if(!MyOper(client_p) && IsConfDoSpoofIp(aconf))
642 continue;
643
644 get_printable_conf(aconf, &name, &host, &pass, &user, &port,
645 &classname);
646
647 sendto_one_numeric(client_p, RPL_STATSILINE,
648 form_str(RPL_STATSILINE),
649 name, show_iline_prefix(client_p, aconf, user),
650 show_ip_conf(aconf, client_p) ? host : "255.255.255.255",
651 port, classname);
652 }
653 }
654
655 /* report_Klines()
656 *
657 * inputs - Client to report to, mask
658 * outputs -
659 * side effects - Reports configured K-lines to client_p.
660 */
661 void
662 report_Klines(struct Client *source_p)
663 {
664 char *host, *pass, *user, *oper_reason;
665 struct AddressRec *arec;
666 struct ConfItem *aconf = NULL;
667 int i;
668
669 for (i = 0; i < ATABLE_SIZE; i++)
670 {
671 for (arec = atable[i]; arec; arec = arec->next)
672 {
673 if(arec->type == CONF_KILL)
674 {
675 aconf = arec->aconf;
676
677 /* its a tempkline, theyre reported elsewhere */
678 if(aconf->flags & CONF_FLAGS_TEMPORARY)
679 continue;
680
681 get_printable_kline(source_p, aconf, &host, &pass, &user, &oper_reason);
682 sendto_one_numeric(source_p, RPL_STATSKLINE,
683 form_str(RPL_STATSKLINE),
684 'K', host, user, pass,
685 oper_reason ? "|" : "",
686 oper_reason ? oper_reason : "");
687 }
688 }
689 }
690 }
ircd-seven: Cows like it.