1 /* +------------------------------------+
2 * | Inspire Internet Relay Chat Daemon |
3 * +------------------------------------+
5 * InspIRCd is copyright (C) 2002-2006 ChatSpike-Dev.
7 * <brain@chatspike.net>
8 * <Craig@chatspike.net>
10 * Written by Craig Edwards, Craig McLure, and others.
11 * This program is free but copyrighted software; see
12 * the file COPYING for details.
14 * ---------------------------------------------------
18 #include "configreader.h"
21 #include "inspstring.h"
22 #include "helperfuncs.h"
23 #include "socketengine.h"
27 extern InspIRCd* ServerInstance;
28 extern ServerConfig* Config;
31 /* Used when comparing CIDR masks for the modulus bits left over.
32 * A lot of ircd's seem to do this:
33 * ((-1) << (8 - (mask % 8)))
34 * But imho, it sucks in comparison to a nice neat lookup table.
36 const char inverted_bits[8] = { 0x00, /* 00000000 - 0 bits - never actually used */
37 0x80, /* 10000000 - 1 bits */
38 0xC0, /* 11000000 - 2 bits */
39 0xE0, /* 11100000 - 3 bits */
40 0xF0, /* 11110000 - 4 bits */
41 0xF8, /* 11111000 - 5 bits */
42 0xFC, /* 11111100 - 6 bits */
43 0xFE /* 11111110 - 7 bits */
46 /* Match raw bytes using CIDR bit matching, used by higher level MatchCIDR() */
47 bool MatchCIDRBits(unsigned char* address, unsigned char* mask, unsigned int mask_bits)
49 unsigned int modulus = mask_bits % 8; /* Number of whole bytes in the mask */
50 unsigned int divisor = mask_bits / 8; /* Remaining bits in the mask after whole bytes are dealt with */
52 /* We shouldnt match anything, /0 is always valid */
56 /* First compare the whole bytes, if they dont match, return false */
57 if (memcmp(address, mask, divisor))
60 /* Now if there are any remainder bits, we compare them with logic AND */
62 if ((address[divisor] & inverted_bits[modulus]) != (mask[divisor] & inverted_bits[modulus]))
63 /* If they dont match, return false */
66 /* The address matches the mask, to mask_bits bits of mask */
70 /* Match CIDR, but dont attempt to match() against leading *!*@ sections */
71 bool MatchCIDR(const char* address, const char* cidr_mask)
73 return MatchCIDR(address, cidr_mask, false);
76 /* Match CIDR strings, e.g. 127.0.0.1 to 127.0.0.0/8 or 3ffe:1:5:6::8 to 3ffe:1::0/32
77 * If you have a lot of hosts to match, youre probably better off building your mask once
78 * and then using the lower level MatchCIDRBits directly.
80 * This will also attempt to match any leading usernames or nicknames on the mask, using
81 * match(), when match_with_username is true.
83 bool MatchCIDR(const char* address, const char* cidr_mask, bool match_with_username)
85 unsigned char addr_raw[16];
86 unsigned char mask_raw[16];
87 unsigned int bits = 0;
90 /* The caller is trying to match ident@<mask>/bits.
91 * Chop off the ident@ portion, use match() on it
94 if (match_with_username)
96 /* Duplicate the strings, and try to find the position
97 * of the @ symbol in each */
98 char* address_dupe = strdup(address);
99 char* cidr_dupe = strdup(cidr_mask);
101 char* username_mask_pos = strchr(cidr_dupe, '@');
102 char* username_addr_pos = strchr(address_dupe, '@');
104 /* Both strings have an @ symbol in them */
105 if (username_mask_pos && username_addr_pos)
107 /* Zero out the location of the @ symbol */
108 *username_mask_pos = *username_addr_pos = 0;
110 /* Try and match() the strings before the @
111 * symbols, and recursively call MatchCIDR without
112 * username matching enabled to match the host part.
114 bool result = (match(address_dupe, cidr_dupe) && MatchCIDR(username_addr_pos + 1, username_mask_pos + 1, false));
116 /* Free the stuff we created */
120 /* Return a result */
125 /* One or both didnt have an @ in,
130 mask = strdup(cidr_mask);
135 /* Make a copy of the cidr mask string,
136 * we're going to change it
138 mask = strdup(cidr_mask);
145 char* bits_chars = strchr(mask,'/');
149 bits = atoi(bits_chars + 1);
154 /* No 'number of bits' field! */
158 #ifdef SUPPORT_IP6LINKS
159 in6_addr address_in6;
162 if (inet_pton(AF_INET6, address, &address_in6) > 0)
164 if (inet_pton(AF_INET6, mask, &mask_in6) > 0)
166 memcpy(&addr_raw, &address_in6.s6_addr, 16);
167 memcpy(&mask_raw, &mask_in6.s6_addr, 16);
174 /* The address was valid ipv6, but the mask
175 * that goes with it wasnt.
183 if (inet_pton(AF_INET, address, &address_in4) > 0)
185 if (inet_pton(AF_INET, mask, &mask_in4) > 0)
187 memcpy(&addr_raw, &address_in4.s_addr, 4);
188 memcpy(&mask_raw, &mask_in4.s_addr, 4);
195 /* The address was valid ipv4,
196 * but the mask that went with it wasnt.
204 /* The address was neither ipv4 or ipv6 */
209 /* Low-level-match the bits in the raw data */
211 return MatchCIDRBits(addr_raw, mask_raw, bits);
214 /** This will bind a socket to a port. It works for UDP/TCP.
215 * It can only bind to IP addresses, if you wish to bind to hostnames
216 * you should first resolve them using class 'Resolver'.
218 bool BindSocket(int sockfd, insp_sockaddr client, insp_sockaddr server, int port, char* addr)
220 memset(&server,0,sizeof(server));
226 if ((*addr) && (insp_aton(addr,&addy) < 1))
228 log(DEBUG,"Invalid IP '%s' given to BindSocket()", addr);
233 server.sin6_family = AF_FAMILY;
235 server.sin_family = AF_FAMILY;
240 memcpy(&addy, &server.sin6_addr, sizeof(in6_addr));
242 server.sin_addr.s_addr = htonl(INADDR_ANY);
248 memcpy(&addy, &server.sin6_addr, sizeof(in6_addr));
250 server.sin_addr = addy;
254 server.sin6_port = htons(port);
256 server.sin_port = htons(port);
258 if (bind(sockfd,(struct sockaddr*)&server,sizeof(server)) < 0)
264 log(DEBUG,"Bound port %s:%d",*addr ? addr : "*",port);
265 if (listen(sockfd, Config->MaxConn) == -1)
267 log(DEFAULT,"ERROR in listen(): %s",strerror(errno));
284 struct linger linger = { 0 };
286 if ((sockfd = socket (AF_FAMILY, SOCK_STREAM, 0)) < 0)
288 log(DEFAULT,"Error creating TCP socket: %s",strerror(errno));
293 setsockopt(sockfd, SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on));
294 /* This is BSD compatible, setting l_onoff to 0 is *NOT* http://web.irc.org/mla/ircd-dev/msg02259.html */
297 setsockopt(sockfd, SOL_SOCKET, SO_LINGER, &linger,sizeof(linger));
302 bool HasPort(int port, char* addr)
304 for (unsigned long count = 0; count < ServerInstance->stats->BoundPortCount; count++)
306 if ((port == Config->ports[count]) && (!strcasecmp(Config->addrs[count],addr)))
314 int BindPorts(bool bail)
316 char configToken[MAXBUF], Addr[MAXBUF], Type[MAXBUF];
317 insp_sockaddr client, server;
318 int clientportcount = 0;
319 int BoundPortCount = 0;
323 int InitialPortCount = ServerInstance->stats->BoundPortCount;
324 log(DEBUG,"Initial port count: %d",InitialPortCount);
326 for (int count = 0; count < Config->ConfValueEnum(Config->config_data, "bind"); count++)
328 Config->ConfValue(Config->config_data, "bind", "port", count, configToken, MAXBUF);
329 Config->ConfValue(Config->config_data, "bind", "address", count, Addr, MAXBUF);
330 Config->ConfValue(Config->config_data, "bind", "type", count, Type, MAXBUF);
332 if (((!*Type) || (!strcmp(Type,"clients"))) && (!HasPort(atoi(configToken),Addr)))
334 // modules handle server bind types now
335 Config->ports[clientportcount+InitialPortCount] = atoi(configToken);
339 strlcpy(Config->addrs[clientportcount+InitialPortCount],Addr,256);
341 log(DEBUG,"NEW binding %s:%s [%s] from config",Addr,configToken, Type);
344 int PortCount = clientportcount;
347 for (int count = InitialPortCount; count < InitialPortCount + PortCount; count++)
349 if ((Config->openSockfd[count] = OpenTCPSocket()) == ERROR)
351 log(DEBUG,"Bad fd %d binding port [%s:%d]",Config->openSockfd[count],Config->addrs[count],Config->ports[count]);
354 if (!BindSocket(Config->openSockfd[count],client,server,Config->ports[count],Config->addrs[count]))
356 log(DEFAULT,"Failed to bind port [%s:%d]: %s",Config->addrs[count],Config->ports[count],strerror(errno));
360 /* Associate the new open port with a slot in the socket engine */
361 if (Config->openSockfd[count] > -1)
363 ServerInstance->SE->AddFd(Config->openSockfd[count],true,X_LISTEN);
368 return InitialPortCount + BoundPortCount;
372 log(DEBUG,"There is nothing new to bind!");
374 return InitialPortCount;
377 for (int count = 0; count < Config->ConfValueEnum(Config->config_data, "bind"); count++)
379 Config->ConfValue(Config->config_data, "bind", "port", count, configToken, MAXBUF);
380 Config->ConfValue(Config->config_data, "bind", "address", count, Addr, MAXBUF);
381 Config->ConfValue(Config->config_data, "bind", "type", count, Type, MAXBUF);
383 if ((!*Type) || (!strcmp(Type,"clients")))
385 // modules handle server bind types now
386 Config->ports[clientportcount] = atoi(configToken);
388 // If the client put bind "*", this is an unrealism.
389 // We don't actually support this as documented, but
390 // i got fed up of people trying it, so now it converts
391 // it to an empty string meaning the same 'bind to all'.
395 strlcpy(Config->addrs[clientportcount],Addr,256);
397 log(DEBUG,"Binding %s:%s [%s] from config",Addr,configToken, Type);
401 int PortCount = clientportcount;
403 for (int count = 0; count < PortCount; count++)
405 if ((Config->openSockfd[BoundPortCount] = OpenTCPSocket()) == ERROR)
407 log(DEBUG,"Bad fd %d binding port [%s:%d]",Config->openSockfd[BoundPortCount],Config->addrs[count],Config->ports[count]);
411 if (!BindSocket(Config->openSockfd[BoundPortCount],client,server,Config->ports[count],Config->addrs[count]))
413 log(DEFAULT,"Failed to bind port [%s:%d]: %s",Config->addrs[count],Config->ports[count],strerror(errno));
417 /* well we at least bound to one socket so we'll continue */
422 /* if we didn't bind to anything then abort */
425 log(DEFAULT,"No ports bound, bailing!");
426 printf("\nERROR: Could not bind any of %d ports! Please check your configuration.\n\n", PortCount);
430 return BoundPortCount;
433 const char* insp_ntoa(insp_inaddr n)
435 static char buf[1024];
436 inet_ntop(AF_FAMILY, &n, buf, sizeof(buf));
440 int insp_aton(const char* a, insp_inaddr* n)
442 return inet_pton(AF_FAMILY, a, n);