-/* +------------------------------------+
- * | Inspire Internet Relay Chat Daemon |
- * +------------------------------------+
+/*
+ * InspIRCd -- Internet Relay Chat Daemon
+ *
+ * Copyright (C) 2009-2010 Daniel De Graaf <danieldg@inspircd.org>
+ * Copyright (C) 2008 Robin Burchell <robin+git@viroteck.net>
*
- * InspIRCd: (C) 2002-2008 InspIRCd Development Team
- * See: http://www.inspircd.org/wiki/index.php/Credits
+ * This file is part of InspIRCd. InspIRCd is free software: you can
+ * redistribute it and/or modify it under the terms of the GNU General Public
+ * License as published by the Free Software Foundation, version 2.
*
- * This program is free but copyrighted software; see
- * the file COPYING for details.
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
*
- * ---------------------------------------------------
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
+
#include "inspircd.h"
-#include "commands/cmd_whois.h"
-#include "commands/cmd_stats.h"
-#include "socket.h"
-#include "wildcard.h"
-#include "xline.h"
-#include "transport.h"
-#include "socketengine.h"
-
-#include "m_spanningtree/main.h"
-#include "m_spanningtree/utils.h"
-#include "m_spanningtree/treeserver.h"
-#include "m_spanningtree/link.h"
-#include "m_spanningtree/treesocket.h"
-#include "m_spanningtree/resolvers.h"
-#include "m_spanningtree/handshaketimer.h"
-
-/* $ModDep: m_spanningtree/timesynctimer.h m_spanningtree/resolvers.h m_spanningtree/main.h m_spanningtree/utils.h m_spanningtree/treeserver.h m_spanningtree/link.h m_spanningtree/treesocket.h */
+#include "modules/ssl.h"
+
+#include "main.h"
+#include "utils.h"
+#include "link.h"
+#include "treeserver.h"
+#include "treesocket.h"
+#include "commands.h"
/*
* Some server somewhere in the network introducing another server.
* -- w
*/
-bool TreeSocket::RemoteServer(const std::string &prefix, std::deque<std::string> ¶ms)
+CmdResult CommandServer::HandleServer(TreeServer* ParentOfThis, Params& params)
{
- if (params.size() < 5)
- {
- SendError("Protocol error - Missing SID");
- return false;
- }
-
- std::string servername = params[0];
- std::string password = params[1];
- // hopcount is not used for a remote server, we calculate this ourselves
- std::string sid = params[3];
- std::string description = params[4];
- TreeServer* ParentOfThis = Utils->FindServer(prefix);
+ const std::string& servername = params[0];
+ const std::string& sid = params[1];
+ const std::string& description = params.back();
+ TreeSocket* socket = ParentOfThis->GetSocket();
- if (!ParentOfThis)
+ if (!InspIRCd::IsSID(sid))
{
- this->SendError("Protocol error - Introduced remote server from unknown server "+ParentOfThis->GetName());
- return false;
+ socket->SendError("Invalid format server ID: "+sid+"!");
+ return CMD_FAILURE;
}
- if (!this->Instance->IsSID(sid))
+ TreeServer* CheckDupe = Utils->FindServer(servername);
+ if (CheckDupe)
{
- this->SendError("Invalid format server ID: "+sid+"!");
- return false;
+ socket->SendError("Server "+servername+" already exists!");
+ ServerInstance->SNO->WriteToSnoMask('L', "Server \2"+CheckDupe->GetName()+"\2 being introduced from \2" + ParentOfThis->GetName() + "\2 denied, already exists. Closing link with " + ParentOfThis->GetName());
+ return CMD_FAILURE;
}
- TreeServer* CheckDupe = Utils->FindServer(servername);
+ CheckDupe = Utils->FindServer(sid);
if (CheckDupe)
{
- this->SendError("Server "+CheckDupe->GetName()+" already exists!");
- this->Instance->SNO->WriteToSnoMask('l',"Server \2"+CheckDupe->GetName()+"\2 being introduced from \2" + ParentOfThis->GetName() + "\2 denied, already exists. Closing link with " + ParentOfThis->GetName());
- return false;
+ socket->SendError("Server ID "+sid+" already exists! You may want to specify the server ID for the server manually with <server:id> so they do not conflict.");
+ ServerInstance->SNO->WriteToSnoMask('L', "Server \2"+servername+"\2 being introduced from \2" + ParentOfThis->GetName() + "\2 denied, server ID already exists on the network. Closing link with " + ParentOfThis->GetName());
+ return CMD_FAILURE;
}
+
Link* lnk = Utils->FindLink(servername);
- TreeServer *Node = new TreeServer(this->Utils, this->Instance, servername, description, sid, ParentOfThis,NULL, lnk ? lnk->Hidden : false);
+ TreeServer* Node = new TreeServer(servername, description, sid, ParentOfThis, ParentOfThis->GetSocket(), lnk ? lnk->Hidden : false);
- if (Node->DuplicateID())
- {
- this->SendError("Server ID "+servername+" already exists on the network!");
- this->Instance->SNO->WriteToSnoMask('l',"Server \2"+servername+"\2 being introduced from \2" + ParentOfThis->GetName() + "\2 denied, server ID already exists on the network. Closing link with " + ParentOfThis->GetName());
- return false;
- }
+ HandleExtra(Node, params);
- ParentOfThis->AddChild(Node);
- params[4] = ":" + params[4];
- Utils->DoOneToAllButSender(prefix,"SERVER",params,prefix);
- this->Instance->SNO->WriteToSnoMask('l',"Server \002"+ParentOfThis->GetName()+"\002 introduced server \002"+servername+"\002 ("+description+")");
- return true;
+ ServerInstance->SNO->WriteToSnoMask('L', "Server \002"+ParentOfThis->GetName()+"\002 introduced server \002"+servername+"\002 ("+description+")");
+ return CMD_SUCCESS;
}
-
-/*
- * This is used after the other side of a connection has accepted our credentials.
- * They are then introducing themselves to us, BEFORE either of us burst. -- w
- */
-bool TreeSocket::Outbound_Reply_Server(std::deque<std::string> ¶ms)
+void CommandServer::HandleExtra(TreeServer* newserver, Params& params)
{
- if (params.size() < 5)
+ for (CommandBase::Params::const_iterator i = params.begin() + 2; i != params.end() - 1; ++i)
{
- SendError("Protocol error - Missing SID");
- return false;
- }
-
- irc::string servername = params[0].c_str();
- std::string sname = params[0];
- std::string password = params[1];
- std::string sid = params[3];
- std::string description = params[4];
- int hops = atoi(params[2].c_str());
+ const std::string& prop = *i;
+ std::string::size_type p = prop.find('=');
- this->InboundServerName = sname;
- this->InboundDescription = description;
- this->InboundSID = sid;
+ std::string key = prop;
+ std::string val;
+ if (p != std::string::npos)
+ {
+ key.erase(p);
+ val.assign(prop, p+1, std::string::npos);
+ }
- if (!sentcapab)
- this->SendCapabilities();
+ if (key == "burst")
+ newserver->BeginBurst(ConvToNum<uint64_t>(val));
+ }
+}
- if (hops)
+Link* TreeSocket::AuthRemote(const CommandBase::Params& params)
+{
+ if (params.size() < 5)
{
- this->SendError("Server too far away for authentication");
- this->Instance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, server is too far away for authentication");
- return false;
+ SendError("Protocol error - Not enough parameters for SERVER command");
+ return NULL;
}
- if (!this->Instance->IsSID(sid))
+ const std::string& sname = params[0];
+ const std::string& password = params[1];
+ const std::string& sid = params[3];
+ const std::string& description = params.back();
+
+ this->SendCapabilities(2);
+
+ if (!ServerInstance->IsSID(sid))
{
this->SendError("Invalid format server ID: "+sid+"!");
- return false;
+ return NULL;
}
- for (std::vector<Link>::iterator x = Utils->LinkBlocks.begin(); x < Utils->LinkBlocks.end(); x++)
+ for (std::vector<reference<Link> >::iterator i = Utils->LinkBlocks.begin(); i < Utils->LinkBlocks.end(); i++)
{
- if (x->Name != servername && x->Name != "*") // open link allowance
+ Link* x = *i;
+ if ((!stdalgo::string::equalsci(x->Name, sname)) && (x->Name != "*")) // open link allowance
continue;
- if (!ComparePass(this->MakePass(x->RecvPass, this->GetOurChallenge()), password) &&
- (x->RecvPass != password && this->GetTheirChallenge().empty()))
+ if (!ComparePass(*x, password))
{
- this->Instance->SNO->WriteToSnoMask('l',"Invalid password on link: %s", x->Name.c_str());
+ ServerInstance->SNO->WriteToSnoMask('l',"Invalid password on link: %s", x->Name.c_str());
continue;
}
- TreeServer* CheckDupe = Utils->FindServer(sname);
- if (CheckDupe)
+ if (!CheckDuplicate(sname, sid))
+ return NULL;
+
+ ServerInstance->SNO->WriteToSnoMask('l',"Verified server connection " + linkID + " ("+description+")");
+
+ const SSLIOHook* const ssliohook = SSLIOHook::IsSSL(this);
+ if (ssliohook)
{
- this->SendError("Server "+sname+" already exists on server "+CheckDupe->GetParent()->GetName()+"!");
- this->Instance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, already exists on server "+CheckDupe->GetParent()->GetName());
- return false;
+ std::string ciphersuite;
+ ssliohook->GetCiphersuite(ciphersuite);
+ ServerInstance->SNO->WriteToSnoMask('l', "Negotiated ciphersuite %s on link %s", ciphersuite.c_str(), x->Name.c_str());
}
+ return x;
+ }
+
+ this->SendError("Mismatched server name or password (check the other server's snomask output for details - e.g. umode +s +Ll)");
+ ServerInstance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, invalid link credentials");
+ return NULL;
+}
+
+/*
+ * This is used after the other side of a connection has accepted our credentials.
+ * They are then introducing themselves to us, BEFORE either of us burst. -- w
+ */
+bool TreeSocket::Outbound_Reply_Server(CommandBase::Params& params)
+{
+ const Link* x = AuthRemote(params);
+ if (x)
+ {
/*
* They're in WAIT_AUTH_2 (having accepted our credentials).
* Set our state to CONNECTED (since everything's peachy so far) and send our
* While we're at it, create a treeserver object so we know about them.
* -- w
*/
- this->LinkState = CONNECTED;
-
- TreeServer *Node = new TreeServer(this->Utils, this->Instance, sname, description, sid, Utils->TreeRoot, this, x->Hidden);
-
- if (Node->DuplicateID())
- {
- this->SendError("Server ID "+sid+" already exists on the network!");
- this->Instance->SNO->WriteToSnoMask('l',"Server \2"+assign(servername)+"\2 being introduced denied, server ID already exists on the network. Closing link.");
- return false;
- }
-
- Utils->TreeRoot->AddChild(Node);
- params[4] = ":" + params[4];
-
+ FinishAuth(params[0], params[3], params.back(), x->Hidden);
- /* IMPORTANT: Take password/hmac hash OUT of here before we broadcast the introduction! */
- params[1] = "*";
- Utils->DoOneToAllButSender(Instance->Config->GetSID(),"SERVER",params,sname);
-
- Node->bursting = true;
- this->DoBurst(Node);
return true;
}
- this->SendError("Invalid credentials");
- this->Instance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, invalid link credentials");
return false;
}
-/*
- * Someone else is attempting to connect to us if this is called. Validate their credentials etc.
- * -- w
- */
-bool TreeSocket::Inbound_Server(std::deque<std::string> ¶ms)
+bool TreeSocket::CheckDuplicate(const std::string& sname, const std::string& sid)
{
- if (params.size() < 5)
+ // Check if the server name is not in use by a server that's already fully connected
+ TreeServer* CheckDupe = Utils->FindServer(sname);
+ if (CheckDupe)
{
- SendError("Protocol error - Missing SID");
+ std::string pname = CheckDupe->GetParent() ? CheckDupe->GetParent()->GetName() : "<ourself>";
+ SendError("Server "+sname+" already exists on server "+pname+"!");
+ ServerInstance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, already exists on server "+pname);
return false;
}
- irc::string servername = params[0].c_str();
- std::string sname = params[0];
- std::string password = params[1];
- std::string sid = params[3];
- std::string description = params[4];
- int hops = atoi(params[2].c_str());
-
- this->InboundServerName = sname;
- this->InboundDescription = description;
- this->InboundSID = sid;
-
- if (!sentcapab)
- this->SendCapabilities();
+ // Check if the id is not in use by a server that's already fully connected
+ ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "Looking for dupe SID %s", sid.c_str());
+ CheckDupe = Utils->FindServerID(sid);
- if (hops)
+ if (CheckDupe)
{
- this->SendError("Server too far away for authentication");
- this->Instance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, server is too far away for authentication");
+ this->SendError("Server ID "+CheckDupe->GetID()+" already exists on server "+CheckDupe->GetName()+"! You may want to specify the server ID for the server manually with <server:id> so they do not conflict.");
+ ServerInstance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, server ID '"+CheckDupe->GetID()+
+ "' already exists on server "+CheckDupe->GetName());
return false;
}
- if (!this->Instance->IsSID(sid))
- {
- this->SendError("Invalid format server ID: "+sid+"!");
- return false;
- }
+ return true;
+}
- for (std::vector<Link>::iterator x = Utils->LinkBlocks.begin(); x < Utils->LinkBlocks.end(); x++)
+/*
+ * Someone else is attempting to connect to us if this is called. Validate their credentials etc.
+ * -- w
+ */
+bool TreeSocket::Inbound_Server(CommandBase::Params& params)
+{
+ const Link* x = AuthRemote(params);
+ if (x)
{
- if (x->Name != servername && x->Name != "*") // open link allowance
- continue;
-
- if (!ComparePass(this->MakePass(x->RecvPass, this->GetOurChallenge()), password) &&
- (x->RecvPass != password && this->GetTheirChallenge().empty()))
- {
- this->Instance->SNO->WriteToSnoMask('l',"Invalid password on link: %s", x->Name.c_str());
- continue;
- }
-
- /* Check for fully initialized instances of the server by id */
- Instance->Logs->Log("m_spanningtree",DEBUG,"Looking for dupe SID %s", sid.c_str());
- TreeServer* CheckDupeSID = Utils->FindServerID(sid);
+ // Save these for later, so when they accept our credentials (indicated by BURST) we remember them
+ this->capab->hidden = x->Hidden;
+ this->capab->sid = params[3];
+ this->capab->description = params.back();
+ this->capab->name = params[0];
- if (CheckDupeSID)
- {
- this->SendError("Server ID "+CheckDupeSID->GetID()+" already exists on server "+CheckDupeSID->GetName()+"!");
- this->Instance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, server ID '"+CheckDupeSID->GetID()+
- "' already exists on server "+CheckDupeSID->GetName());
- return false;
- }
-
- /* Now check for fully initialized instances of the server by name */
- TreeServer* CheckDupe = Utils->FindServer(sname);
- if (CheckDupe)
- {
- this->SendError("Server "+sname+" already exists on server "+CheckDupe->GetParent()->GetName()+"!");
- this->Instance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, already exists on server "+CheckDupe->GetParent()->GetName());
- return false;
- }
-
- this->Instance->SNO->WriteToSnoMask('l',"Verified incoming server connection from \002"+sname+"\002["+(x->HiddenFromStats ? "<hidden>" : this->GetIP())+"] ("+description+")");
- if (this->Hook)
- {
- std::string name = BufferedSocketNameRequest((Module*)Utils->Creator, this->Hook).Send();
- this->Instance->SNO->WriteToSnoMask('l',"Connection from \2"+sname+"\2["+(x->HiddenFromStats ? "<hidden>" : this->GetIP())+"] using transport \2"+name+"\2");
- }
-
- // this is good. Send our details: Our server name and description and hopcount of 0,
+ // Send our details: Our server name and description and hopcount of 0,
// along with the sendpass from this block.
- this->SendCapabilities();
- this->WriteLine(std::string("SERVER ")+this->Instance->Config->ServerName+" "+this->MakePass(x->SendPass, this->GetTheirChallenge())+" 0 "+Instance->Config->GetSID()+" :"+this->Instance->Config->ServerDesc);
+ this->WriteLine("SERVER "+ServerInstance->Config->ServerName+" "+this->MakePass(x->SendPass, this->GetTheirChallenge())+" 0 "+ServerInstance->Config->GetSID()+" :"+ServerInstance->Config->ServerDesc);
+
// move to the next state, we are now waiting for THEM.
this->LinkState = WAIT_AUTH_2;
return true;
}
- this->SendError("Invalid credentials");
- this->Instance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, invalid link credentials");
return false;
}
+CommandServer::Builder::Builder(TreeServer* server)
+ : CmdBuilder(server->GetParent()->GetID(), "SERVER")
+{
+ push(server->GetName());
+ push(server->GetID());
+ if (server->IsBursting())
+ push_property("burst", ConvToStr(server->StartBurst));
+ push_last(server->GetDesc());
+}
projects / user / henk / code / inspircd.git / blobdiff