+#include "wildcard.h"
+
+using namespace irc::sockets;
+
+/* Used when comparing CIDR masks for the modulus bits left over.
+ * A lot of ircd's seem to do this:
+ * ((-1) << (8 - (mask % 8)))
+ * But imho, it sucks in comparison to a nice neat lookup table.
+ */
+const unsigned char inverted_bits[8] = { 0x00, /* 00000000 - 0 bits - never actually used */
+ 0x80, /* 10000000 - 1 bits */
+ 0xC0, /* 11000000 - 2 bits */
+ 0xE0, /* 11100000 - 3 bits */
+ 0xF0, /* 11110000 - 4 bits */
+ 0xF8, /* 11111000 - 5 bits */
+ 0xFC, /* 11111100 - 6 bits */
+ 0xFE /* 11111110 - 7 bits */
+};
+
+
+ListenSocket::ListenSocket(InspIRCd* Instance, int port, char* addr) : ServerInstance(Instance), desc("plaintext"), bind_addr(addr), bind_port(port)
+{
+ this->SetFd(OpenTCPSocket(addr));
+ if (this->GetFd() > -1)
+ {
+ if (!Instance->BindSocket(this->fd,port,addr))
+ this->fd = -1;
+#ifdef IPV6
+ if ((!*addr) || (strchr(addr,':')))
+ this->family = AF_INET6;
+ else
+#endif
+ this->family = AF_INET;
+ Instance->SE->AddFd(this);
+ }
+}
+
+ListenSocket::~ListenSocket()
+{
+ if (this->GetFd() > -1)
+ {
+ ServerInstance->SE->DelFd(this);
+ ServerInstance->Log(DEBUG,"Shut down listener on fd %d", this->fd);
+ if (shutdown(this->fd, 2) || close(this->fd))
+ ServerInstance->Log(DEBUG,"Failed to cancel listener: %s", strerror(errno));
+ this->fd = -1;
+ }
+}
+
+void ListenSocket::HandleEvent(EventType et, int errornum)
+{
+ sockaddr* sock_us = new sockaddr[2]; // our port number
+ sockaddr* client = new sockaddr[2];
+ socklen_t uslen, length; // length of our port number
+ int incomingSockfd, in_port;
+
+#ifdef IPV6
+ if (this->family == AF_INET6)
+ {
+ uslen = sizeof(sockaddr_in6);
+ length = sizeof(sockaddr_in6);
+ }
+ else
+#endif
+ {
+ uslen = sizeof(sockaddr_in);
+ length = sizeof(sockaddr_in);
+ }
+
+ void* m_acceptEvent = NULL;
+ GetExt("windows_acceptevent", m_acceptEvent);
+ incomingSockfd = _accept (this->GetFd(), (sockaddr*)client, &length);
+
+ if ((incomingSockfd > -1) && (!_getsockname(incomingSockfd, sock_us, &uslen)))
+ {
+ char buf[MAXBUF];
+#ifdef IPV6
+ if (this->family == AF_INET6)
+ {
+ inet_ntop(AF_INET6, &((const sockaddr_in6*)client)->sin6_addr, buf, sizeof(buf));
+ in_port = ntohs(((sockaddr_in6*)sock_us)->sin6_port);
+ }
+ else
+#endif
+ {
+ inet_ntop(AF_INET, &((const sockaddr_in*)client)->sin_addr, buf, sizeof(buf));
+ in_port = ntohs(((sockaddr_in*)sock_us)->sin_port);
+ }
+
+ NonBlocking(incomingSockfd);
+ if (ServerInstance->Config->GetIOHook(in_port))
+ {
+ try
+ {
+ ServerInstance->Config->GetIOHook(in_port)->OnRawSocketAccept(incomingSockfd, buf, in_port);
+ }
+ catch (CoreException& modexcept)
+ {
+ ServerInstance->Log(DEBUG,"%s threw an exception: %s", modexcept.GetSource(), modexcept.GetReason());
+ }
+ }
+ ServerInstance->stats->statsAccept++;
+ userrec::AddClient(ServerInstance, incomingSockfd, in_port, false, this->family, client);
+ }
+ else
+ {
+ shutdown(incomingSockfd,2);
+ close(incomingSockfd);
+ ServerInstance->stats->statsRefused++;
+ }
+ delete[] client;
+ delete[] sock_us;
+}
+
+/* Match raw bytes using CIDR bit matching, used by higher level MatchCIDR() */
+bool irc::sockets::MatchCIDRBits(unsigned char* address, unsigned char* mask, unsigned int mask_bits)
+{
+ unsigned int modulus = mask_bits % 8; /* Number of whole bytes in the mask */
+ unsigned int divisor = mask_bits / 8; /* Remaining bits in the mask after whole bytes are dealt with */
+
+ /* First compare the whole bytes, if they dont match, return false */
+ if (memcmp(address, mask, divisor))
+ return false;
+
+ /* Now if there are any remainder bits, we compare them with logic AND */
+ if (modulus)
+ if ((address[divisor] & inverted_bits[modulus]) != (mask[divisor] & inverted_bits[modulus]))
+ /* If they dont match, return false */
+ return false;
+
+ /* The address matches the mask, to mask_bits bits of mask */
+ return true;
+}
+
+/* Match CIDR, but dont attempt to match() against leading *!*@ sections */
+bool irc::sockets::MatchCIDR(const char* address, const char* cidr_mask)
+{
+ return MatchCIDR(address, cidr_mask, false);
+}
+
+/* Match CIDR strings, e.g. 127.0.0.1 to 127.0.0.0/8 or 3ffe:1:5:6::8 to 3ffe:1::0/32
+ * If you have a lot of hosts to match, youre probably better off building your mask once
+ * and then using the lower level MatchCIDRBits directly.
+ *
+ * This will also attempt to match any leading usernames or nicknames on the mask, using
+ * match(), when match_with_username is true.
+ */
+bool irc::sockets::MatchCIDR(const char* address, const char* cidr_mask, bool match_with_username)
+{
+ unsigned char addr_raw[16];
+ unsigned char mask_raw[16];
+ unsigned int bits = 0;
+ char* mask = NULL;
+
+ /* The caller is trying to match ident@<mask>/bits.
+ * Chop off the ident@ portion, use match() on it
+ * seperately.
+ */
+ if (match_with_username)
+ {
+ /* Duplicate the strings, and try to find the position
+ * of the @ symbol in each */
+ char* address_dupe = strdup(address);
+ char* cidr_dupe = strdup(cidr_mask);
+
+ /* Use strchr not strrchr, because its going to be nearer to the left */
+ char* username_mask_pos = strrchr(cidr_dupe, '@');
+ char* username_addr_pos = strrchr(address_dupe, '@');
+
+ /* Both strings have an @ symbol in them */
+ if (username_mask_pos && username_addr_pos)
+ {
+ /* Zero out the location of the @ symbol */
+ *username_mask_pos = *username_addr_pos = 0;
+
+ /* Try and match() the strings before the @
+ * symbols, and recursively call MatchCIDR without
+ * username matching enabled to match the host part.
+ */
+ bool result = (match(address_dupe, cidr_dupe) && MatchCIDR(username_addr_pos + 1, username_mask_pos + 1, false));
+
+ /* Free the stuff we created */
+ free(address_dupe);
+ free(cidr_dupe);
+
+ /* Return a result */
+ return result;
+ }
+ else
+ {
+ /* One or both didnt have an @ in,
+ * just match as CIDR
+ */
+ free(address_dupe);
+ free(cidr_dupe);
+ mask = strdup(cidr_mask);
+ }
+ }
+ else
+ {
+ /* Make a copy of the cidr mask string,
+ * we're going to change it
+ */
+ mask = strdup(cidr_mask);
+ }
+
+ in_addr address_in4;
+ in_addr mask_in4;