+/* +------------------------------------+
+ * | Inspire Internet Relay Chat Daemon |
+ * +------------------------------------+
+ *
+ * InspIRCd: (C) 2002-2007 InspIRCd Development Team
+ * See: http://www.inspircd.org/wiki/index.php/Credits
+ *
+ * This program is free but copyrighted software; see
+ * the file COPYING for details.
+ *
+ * ---------------------------------------------------
+ */
+
+#include "inspircd.h"
#include "configreader.h"
#include "users.h"
#include "channels.h"
#include "commands/cmd_whois.h"
#include "commands/cmd_stats.h"
#include "socket.h"
-#include "inspircd.h"
#include "wildcard.h"
#include "xline.h"
#include "transport.h"
+#include "m_hash.h"
#include "socketengine.h"
#include "m_spanningtree/main.h"
#include "m_spanningtree/resolvers.h"
#include "m_spanningtree/handshaketimer.h"
-/* $ModDep: m_spanningtree/timesynctimer.h m_spanningtree/resolvers.h m_spanningtree/main.h m_spanningtree/utils.h m_spanningtree/treeserver.h m_spanningtree/link.h m_spanningtree/treesocket.h */
+/* $ModDep: m_spanningtree/timesynctimer.h m_spanningtree/resolvers.h m_spanningtree/main.h m_spanningtree/utils.h m_spanningtree/treeserver.h m_spanningtree/link.h m_spanningtree/treesocket.h m_hash.h */
+
/** Because most of the I/O gubbins are encapsulated within
* InspSocket, we just call the superclass constructor for
{
myhost = host;
this->LinkState = LISTENER;
+ theirchallenge.clear();
+ ourchallenge.clear();
if (listening && Hook)
InspSocketHookRequest(this, (Module*)Utils->Creator, Hook).Send();
}
: InspSocket(SI, host, port, listening, maxtime, bindto), Utils(Util), Hook(HookMod)
{
myhost = ServerName;
+ theirchallenge.clear();
+ ourchallenge.clear();
this->LinkState = CONNECTING;
if (Hook)
InspSocketHookRequest(this, (Module*)Utils->Creator, Hook).Send();
: InspSocket(SI, newfd, ip), Utils(Util), Hook(HookMod)
{
this->LinkState = WAIT_AUTH_1;
+ theirchallenge.clear();
+ ourchallenge.clear();
+ sentcapab = false;
/* If we have a transport module hooked to the parent, hook the same module to this
* socket, and set a timer waiting for handshake before we send CAPAB etc.
*/
if (Hook)
- {
InspSocketHookRequest(this, (Module*)Utils->Creator, Hook).Send();
- Instance->Timers->AddTimer(new HandshakeTimer(Instance, this, &(Utils->LinkBlocks[0]), this->Utils));
- }
- else
- {
- /* Otherwise, theres no lower layer transport in plain TCP/IP,
- * so just send the capabilities right now.
- */
- this->SendCapabilities();
- }
+
+ Instance->Timers->AddTimer(new HandshakeTimer(Instance, this, &(Utils->LinkBlocks[0]), this->Utils, 1));
}
ServerState TreeSocket::GetLinkState()
{
if (Hook)
InspSocketUnhookRequest(this, (Module*)Utils->Creator, Hook).Send();
+
+ Utils->DelBurstingServer(this);
+}
+
+const std::string& TreeSocket::GetOurChallenge()
+{
+ return this->ourchallenge;
+}
+
+void TreeSocket::SetOurChallenge(const std::string &c)
+{
+ this->ourchallenge = c;
+}
+
+const std::string& TreeSocket::GetTheirChallenge()
+{
+ return this->theirchallenge;
+}
+
+void TreeSocket::SetTheirChallenge(const std::string &c)
+{
+ this->theirchallenge = c;
+}
+
+std::string TreeSocket::MakePass(const std::string &password, const std::string &challenge)
+{
+ /* This is a simple (maybe a bit hacky?) HMAC algorithm, thanks to jilles for
+ * suggesting the use of HMAC to secure the password against various attacks.
+ *
+ * Note: If m_sha256.so is not loaded, we MUST fall back to plaintext with no
+ * HMAC challenge/response.
+ */
+ Module* sha256 = Instance->FindModule("m_sha256.so");
+ if (Utils->ChallengeResponse && sha256 && !challenge.empty())
+ {
+ /* XXX: This is how HMAC is supposed to be done:
+ *
+ * sha256( (pass xor 0x5c) + sha256((pass xor 0x36) + m) )
+ *
+ * Note that we are encoding the hex hash, not the binary
+ * output of the hash which is slightly different to standard.
+ *
+ * Don't ask me why its always 0x5c and 0x36... it just is.
+ */
+ std::string hmac1, hmac2;
+
+ for (size_t n = 0; n < password.length(); n++)
+ {
+ hmac1 += static_cast<char>(password[n] ^ 0x5C);
+ hmac2 += static_cast<char>(password[n] ^ 0x36);
+ }
+
+ hmac2 += challenge;
+ HashResetRequest(Utils->Creator, sha256).Send();
+ hmac2 = HashSumRequest(Utils->Creator, sha256, hmac2).Send();
+
+ HashResetRequest(Utils->Creator, sha256).Send();
+ std::string hmac = hmac1 + hmac2;
+ hmac = HashSumRequest(Utils->Creator, sha256, hmac).Send();
+
+ return "HMAC-SHA256:"+ hmac;
+ }
+ else if (!challenge.empty() && !sha256)
+ Instance->Log(DEFAULT,"Not authenticating to server using SHA256/HMAC because we don't have m_sha256 loaded!");
+
+ return password;
}
/** When an outbound connection finishes connecting, we receive
InspSocketHookRequest(this, (Module*)Utils->Creator, Hook).Send();
this->Instance->SNO->WriteToSnoMask('l',"Connection to \2"+myhost+"\2["+(x->HiddenFromStats ? "<hidden>" : this->GetIP())+"] using transport \2"+x->Hook+"\2");
}
- else
- this->SendCapabilities();
+ this->OutboundPass = x->SendPass;
+ sentcapab = false;
+
/* found who we're supposed to be connecting to, send the neccessary gubbins. */
- if (Hook)
- Instance->Timers->AddTimer(new HandshakeTimer(Instance, this, &(*x), this->Utils));
+ if (this->GetHook())
+ Instance->Timers->AddTimer(new HandshakeTimer(Instance, this, &(*x), this->Utils, 1));
else
- this->WriteLine(std::string("SERVER ")+this->Instance->Config->ServerName+" "+x->SendPass+" 0 :"+this->Instance->Config->ServerDesc);
+ this->SendCapabilities();
+
return true;
}
}
void TreeSocket::OnError(InspSocketError e)
{
- /* We don't handle this method, because all our
- * dirty work is done in OnClose() (see below)
- * which is still called on error conditions too.
- */
- if (e == I_ERR_CONNECT)
+ Link* MyLink;
+
+ if (this->LinkState == LISTENER)
+ return;
+
+ switch (e)
{
- this->Instance->SNO->WriteToSnoMask('l',"Connection failed: Connection to \002"+myhost+"\002 refused");
- Link* MyLink = Utils->FindLink(myhost);
- if (MyLink)
- Utils->DoFailOver(MyLink);
+ case I_ERR_CONNECT:
+ this->Instance->SNO->WriteToSnoMask('l',"Connection failed: Connection to \002"+myhost+"\002 refused");
+ MyLink = Utils->FindLink(myhost);
+ if (MyLink)
+ Utils->DoFailOver(MyLink);
+ break;
+ case I_ERR_SOCKET:
+ this->Instance->SNO->WriteToSnoMask('l',"Connection failed: Could not create socket");
+ break;
+ case I_ERR_BIND:
+ this->Instance->SNO->WriteToSnoMask('l',"Connection failed: Error binding socket to address or port");
+ break;
+ case I_ERR_WRITE:
+ this->Instance->SNO->WriteToSnoMask('l',"Connection failed: I/O error on connection");
+ break;
+ case I_ERR_NOMOREFDS:
+ this->Instance->SNO->WriteToSnoMask('l',"Connection failed: Operating system is out of file descriptors!");
+ break;
+ default:
+ if ((errno) && (errno != EINPROGRESS) && (errno != EAGAIN))
+ {
+ std::string errstr = strerror(errno);
+ this->Instance->SNO->WriteToSnoMask('l',"Connection to \002"+myhost+"\002 failed with OS error: " + errstr);
+ }
+ break;
}
}
std::string TreeSocket::MyCapabilities()
{
std::vector<std::string> modlist;
- std::string capabilities = "";
+ std::string capabilities;
for (int i = 0; i <= this->Instance->GetModuleCount(); i++)
{
if (this->Instance->modules[i]->GetVersion().Flags & VF_COMMON)
return capabilities;
}
+std::string TreeSocket::RandString(unsigned int length)
+{
+ char* randombuf = new char[length+1];
+ std::string out;
+#ifdef WINDOWS
+ int fd = -1;
+#else
+ int fd = open("/dev/urandom", O_RDONLY, 0);
+#endif
+
+ if (fd >= 0)
+ {
+#ifndef WINDOWS
+ read(fd, randombuf, length);
+ close(fd);
+#endif
+ }
+ else
+ {
+ for (unsigned int i = 0; i < length; i++)
+ randombuf[i] = rand();
+ }
+
+ for (unsigned int i = 0; i < length; i++)
+ {
+ char randchar = static_cast<char>((randombuf[i] & 0x7F) | 0x21);
+ out += (randchar == '=' ? '_' : randchar);
+ }
+
+ delete[] randombuf;
+ return out;
+}
+
void TreeSocket::SendCapabilities()
{
+ if (sentcapab)
+ return;
+
+ sentcapab = true;
irc::commasepstream modulelist(MyCapabilities());
this->WriteLine("CAPAB START");
#ifdef SUPPORT_IP6LINKS
ip6support = 1;
#endif
- this->WriteLine("CAPAB CAPABILITIES :NICKMAX="+ConvToStr(NICKMAX)+" HALFOP="+ConvToStr(this->Instance->Config->AllowHalfop)+" CHANMAX="+ConvToStr(CHANMAX)+" MAXMODES="+ConvToStr(MAXMODES)+" IDENTMAX="+ConvToStr(IDENTMAX)+" MAXQUIT="+ConvToStr(MAXQUIT)+" MAXTOPIC="+ConvToStr(MAXTOPIC)+" MAXKICK="+ConvToStr(MAXKICK)+" MAXGECOS="+ConvToStr(MAXGECOS)+" MAXAWAY="+ConvToStr(MAXAWAY)+" IP6NATIVE="+ConvToStr(ip6)+" IP6SUPPORT="+ConvToStr(ip6support)+" PROTOCOL="+ConvToStr(ProtocolVersion));
+ std::string extra;
+ /* Do we have sha256 available? If so, we send a challenge */
+ if (Utils->ChallengeResponse && (Instance->FindModule("m_sha256.so")))
+ {
+ this->SetOurChallenge(RandString(20));
+ extra = " CHALLENGE=" + this->GetOurChallenge();
+ }
+
+ this->WriteLine("CAPAB CAPABILITIES :NICKMAX="+ConvToStr(NICKMAX)+" HALFOP="+ConvToStr(this->Instance->Config->AllowHalfop)+" CHANMAX="+ConvToStr(CHANMAX)+" MAXMODES="+ConvToStr(MAXMODES)+" IDENTMAX="+ConvToStr(IDENTMAX)+" MAXQUIT="+ConvToStr(MAXQUIT)+" MAXTOPIC="+ConvToStr(MAXTOPIC)+" MAXKICK="+ConvToStr(MAXKICK)+" MAXGECOS="+ConvToStr(MAXGECOS)+" MAXAWAY="+ConvToStr(MAXAWAY)+" IP6NATIVE="+ConvToStr(ip6)+" IP6SUPPORT="+ConvToStr(ip6support)+" PROTOCOL="+ConvToStr(ProtocolVersion)+extra+" PREFIX="+Instance->Modes->BuildPrefixes()+" CHANMODES="+Instance->Modes->ChanModes());
this->WriteLine("CAPAB END");
}
{
irc::commasepstream list_one(one);
std::string item = "*";
- std::string result = "";
+ std::string result;
while ((item = list_one.GetToken()) != "")
{
if (!HasItem(two, item))
return result;
}
+void TreeSocket::SendError(const std::string &errormessage)
+{
+ /* Display the error locally as well as sending it remotely */
+ this->WriteLine("ERROR :"+errormessage);
+ this->Instance->SNO->WriteToSnoMask('l',"Sent \2ERROR\2 to "+ (this->InboundServerName.empty() ? "<unknown>" : this->InboundServerName) +": "+errormessage);
+ /* One last attempt to make sure the error reaches its target */
+ this->FlushWriteBuffer();
+}
+
bool TreeSocket::Capab(const std::deque<std::string> ¶ms)
{
if (params.size() < 1)
{
- this->WriteLine("ERROR :Invalid number of parameters for CAPAB - Mismatched version");
+ this->SendError("Invalid number of parameters for CAPAB - Mismatched version");
return false;
}
if (params[0] == "START")
{
- this->ModuleList = "";
+ this->ModuleList.clear();
this->CapKeys.clear();
}
else if (params[0] == "END")
{
- std::string reason = "";
+ std::string reason;
int ip6support = 0;
#ifdef SUPPORT_IP6LINKS
ip6support = 1;
else
reason = "Modules loaded on these servers are not correctly matched, these modules are not loaded on " + diff;
}
+
+ cap_validation valid_capab[] = {
+ {"Maximum nickname lengths differ or remote nickname length not specified", "NICKMAX", NICKMAX},
+ {"Maximum ident lengths differ or remote ident length not specified", "IDENTMAX", IDENTMAX},
+ {"Maximum channel lengths differ or remote channel length not specified", "CHANMAX", CHANMAX},
+ {"Maximum modes per line differ or remote modes per line not specified", "MAXMODES", MAXMODES},
+ {"Maximum quit lengths differ or remote quit length not specified", "MAXQUIT", MAXQUIT},
+ {"Maximum topic lengths differ or remote topic length not specified", "MAXTOPIC", MAXTOPIC},
+ {"Maximum kick lengths differ or remote kick length not specified", "MAXKICK", MAXKICK},
+ {"Maximum GECOS (fullname) lengths differ or remote GECOS length not specified", "MAXGECOS", MAXGECOS},
+ {"Maximum awaymessage lengths differ or remote awaymessage length not specified", "MAXAWAY", MAXAWAY},
+ {"", "", 0}
+ };
+
if (((this->CapKeys.find("IP6SUPPORT") == this->CapKeys.end()) && (ip6support)) || ((this->CapKeys.find("IP6SUPPORT") != this->CapKeys.end()) && (this->CapKeys.find("IP6SUPPORT")->second != ConvToStr(ip6support))))
reason = "We don't both support linking to IPV6 servers";
if (((this->CapKeys.find("IP6NATIVE") != this->CapKeys.end()) && (this->CapKeys.find("IP6NATIVE")->second == "1")) && (!ip6support))
reason = "The remote server is IPV6 native, and we don't support linking to IPV6 servers";
- if (((this->CapKeys.find("NICKMAX") == this->CapKeys.end()) || ((this->CapKeys.find("NICKMAX") != this->CapKeys.end()) && (this->CapKeys.find("NICKMAX")->second != ConvToStr(NICKMAX)))))
- reason = "Maximum nickname lengths differ or remote nickname length not specified";
if (((this->CapKeys.find("PROTOCOL") == this->CapKeys.end()) || ((this->CapKeys.find("PROTOCOL") != this->CapKeys.end()) && (this->CapKeys.find("PROTOCOL")->second != ConvToStr(ProtocolVersion)))))
{
if (this->CapKeys.find("PROTOCOL") != this->CapKeys.end())
- {
reason = "Mismatched protocol versions "+this->CapKeys.find("PROTOCOL")->second+" and "+ConvToStr(ProtocolVersion);
- }
else
- {
reason = "Protocol version not specified";
- }
}
+
+ if(this->CapKeys.find("PREFIX") != this->CapKeys.end() && this->CapKeys.find("PREFIX")->second != this->Instance->Modes->BuildPrefixes())
+ reason = "One or more of the prefixes on the remote server are invalid on this server.";
+
if (((this->CapKeys.find("HALFOP") == this->CapKeys.end()) && (Instance->Config->AllowHalfop)) || ((this->CapKeys.find("HALFOP") != this->CapKeys.end()) && (this->CapKeys.find("HALFOP")->second != ConvToStr(Instance->Config->AllowHalfop))))
reason = "We don't both have halfop support enabled/disabled identically";
- if (((this->CapKeys.find("IDENTMAX") == this->CapKeys.end()) || ((this->CapKeys.find("IDENTMAX") != this->CapKeys.end()) && (this->CapKeys.find("IDENTMAX")->second != ConvToStr(IDENTMAX)))))
- reason = "Maximum ident lengths differ or remote ident length not specified";
- if (((this->CapKeys.find("CHANMAX") == this->CapKeys.end()) || ((this->CapKeys.find("CHANMAX") != this->CapKeys.end()) && (this->CapKeys.find("CHANMAX")->second != ConvToStr(CHANMAX)))))
- reason = "Maximum channel lengths differ or remote channel length not specified";
- if (((this->CapKeys.find("MAXMODES") == this->CapKeys.end()) || ((this->CapKeys.find("MAXMODES") != this->CapKeys.end()) && (this->CapKeys.find("MAXMODES")->second != ConvToStr(MAXMODES)))))
- reason = "Maximum modes per line differ or remote modes per line not specified";
- if (((this->CapKeys.find("MAXQUIT") == this->CapKeys.end()) || ((this->CapKeys.find("MAXQUIT") != this->CapKeys.end()) && (this->CapKeys.find("MAXQUIT")->second != ConvToStr(MAXQUIT)))))
- reason = "Maximum quit lengths differ or remote quit length not specified";
- if (((this->CapKeys.find("MAXTOPIC") == this->CapKeys.end()) || ((this->CapKeys.find("MAXTOPIC") != this->CapKeys.end()) && (this->CapKeys.find("MAXTOPIC")->second != ConvToStr(MAXTOPIC)))))
- reason = "Maximum topic lengths differ or remote topic length not specified";
- if (((this->CapKeys.find("MAXKICK") == this->CapKeys.end()) || ((this->CapKeys.find("MAXKICK") != this->CapKeys.end()) && (this->CapKeys.find("MAXKICK")->second != ConvToStr(MAXKICK)))))
- reason = "Maximum kick lengths differ or remote kick length not specified";
- if (((this->CapKeys.find("MAXGECOS") == this->CapKeys.end()) || ((this->CapKeys.find("MAXGECOS") != this->CapKeys.end()) && (this->CapKeys.find("MAXGECOS")->second != ConvToStr(MAXGECOS)))))
- reason = "Maximum GECOS (fullname) lengths differ or remote GECOS length not specified";
- if (((this->CapKeys.find("MAXAWAY") == this->CapKeys.end()) || ((this->CapKeys.find("MAXAWAY") != this->CapKeys.end()) && (this->CapKeys.find("MAXAWAY")->second != ConvToStr(MAXAWAY)))))
- reason = "Maximum awaymessage lengths differ or remote awaymessage length not specified";
+
+ for (int x = 0; valid_capab[x].size; ++x)
+ {
+ if (((this->CapKeys.find(valid_capab[x].key) == this->CapKeys.end()) || ((this->CapKeys.find(valid_capab[x].key) != this->CapKeys.end()) &&
+ (this->CapKeys.find(valid_capab[x].key)->second != ConvToStr(valid_capab[x].size)))))
+ reason = valid_capab[x].reason;
+ }
+
+ /* Challenge response, store their challenge for our password */
+ std::map<std::string,std::string>::iterator n = this->CapKeys.find("CHALLENGE");
+ if (Utils->ChallengeResponse && (n != this->CapKeys.end()) && (Instance->FindModule("m_sha256.so")))
+ {
+ /* Challenge-response is on now */
+ this->SetTheirChallenge(n->second);
+ if (!this->GetTheirChallenge().empty() && (this->LinkState == CONNECTING))
+ {
+ this->WriteLine(std::string("SERVER ")+this->Instance->Config->ServerName+" "+this->MakePass(OutboundPass, this->GetTheirChallenge())+" 0 :"+this->Instance->Config->ServerDesc);
+ }
+ }
+ else
+ {
+ /* They didnt specify a challenge or we don't have m_sha256.so, we use plaintext */
+ if (this->LinkState == CONNECTING)
+ this->WriteLine(std::string("SERVER ")+this->Instance->Config->ServerName+" "+OutboundPass+" 0 :"+this->Instance->Config->ServerDesc);
+ }
+
if (reason.length())
{
- this->WriteLine("ERROR :CAPAB negotiation failed: "+reason);
+ this->SendError("CAPAB negotiation failed: "+reason);
return false;
}
}
else if ((params[0] == "CAPABILITIES") && (params.size() == 2))
{
irc::tokenstream capabs(params[1]);
- std::string item = "*";
- while ((item = capabs.GetToken()) != "")
+ std::string item;
+ bool more = true;
+ while ((more = capabs.GetToken(item)))
{
/* Process each key/value pair */
std::string::size_type equals = item.rfind('=');
Utils->DoOneToAllButSender(Current->GetParent()->GetName(),"SQUIT",params,Current->GetName());
if (Current->GetParent() == Utils->TreeRoot)
{
- this->Instance->WriteOpers("Server \002"+Current->GetName()+"\002 split: "+reason);
+ this->Instance->SNO->WriteToSnoMask('l',"Server \002"+Current->GetName()+"\002 split: "+reason);
}
else
{
- this->Instance->WriteOpers("Server \002"+Current->GetName()+"\002 split from server \002"+Current->GetParent()->GetName()+"\002 with reason: "+reason);
+ this->Instance->SNO->WriteToSnoMask('l',"Server \002"+Current->GetName()+"\002 split from server \002"+Current->GetParent()->GetName()+"\002 with reason: "+reason);
}
num_lost_servers = 0;
num_lost_users = 0;
Current->Tidy();
Current->GetParent()->DelChild(Current);
DELETE(Current);
- this->Instance->WriteOpers("Netsplit complete, lost \002%d\002 users on \002%d\002 servers.", num_lost_users, num_lost_servers);
+ this->Instance->SNO->WriteToSnoMask('l',"Netsplit complete, lost \002%d\002 users on \002%d\002 servers.", num_lost_users, num_lost_servers);
}
else
- {
Instance->Log(DEFAULT,"Squit from unknown server");
- }
}
/** FMODE command - server mode with timestamp checks */
return true;
}
+ if (!TS)
+ {
+ Instance->Log(DEFAULT,"*** BUG? *** TS of 0 sent to FMODE. Are some services authors smoking craq, or is it 1970 again?. Dropped.");
+ Instance->SNO->WriteToSnoMask('d', "WARNING: The server %s is sending FMODE with a TS of zero. Total craq. Mode was dropped.", sourceserv.c_str());
+ return true;
+ }
+
/* TS is equal or less: Merge the mode changes into ours and pass on.
*/
if (TS <= ourTS)
{
+ if ((TS < ourTS) && (!dst))
+ Instance->Log(DEFAULT,"*** BUG *** Channel TS sent in FMODE to %s is %lu which is not equal to %lu!", params[0].c_str(), TS, ourTS);
+
if (smode)
{
this->Instance->SendMode(modelist, n, who);
userrec* user = this->Instance->FindNick(source);
if (!user)
{
- c->WriteChannelWithServ(source.c_str(), "TOPIC %s :%s", c->name, c->topic);
+ c->WriteChannelWithServ(Instance->Config->ServerName, "TOPIC %s :%s", c->name, c->topic);
}
else
{
* and users, as in InspIRCd 1.0 and ircd2.8. The channels have not been
* re-created during a split, this is safe to do.
*
- *
- * If the timestamps are NOT equal, the losing side removes all privilage
- * modes from all of its users that currently exist in the channel, before
- * introducing new users into the channel which are listed in the FJOIN
- * command's parameters. This means, all modes +ohv, and privilages added
- * by modules, such as +qa. The losing side then LOWERS its timestamp value
- * of the channel to match that of the winning side, and the modes of the
- * users of the winning side are merged in with the losing side. The loser
- * then sends out a set of FMODE commands which 'confirm' that it just
- * removed all privilage modes from its existing users, which allows for
- * services packages to still work correctly without needing to know the
- * timestamping rules which InspIRCd follows. In TS6 servers this is always
- * a problem, and services packages must contain code which explicitly
- * behaves as TS6 does, removing ops from the losing side of a split where
- * neccessary within its internal records, as this state information is
- * not explicitly echoed out in that protocol.
+ * If the timestamps are NOT equal, the losing side removes all of its
+ * modes from the channel, before introducing new users into the channel
+ * which are listed in the FJOIN command's parameters. The losing side then
+ * LOWERS its timestamp value of the channel to match that of the winning
+ * side, and the modes of the users of the winning side are merged in with
+ * the losing side.
*
* The winning side on the other hand will ignore all user modes from the
* losing side, so only its own modes get applied. Life is simple for those
if (params.size() < 3)
return true;
- char first[MAXBUF]; /* The first parameter of the mode command */
- char modestring[MAXBUF]; /* The mode sequence (2nd parameter) of the mode command */
- char* mode_users[127]; /* The values used by the mode command */
- memset(&mode_users,0,sizeof(mode_users)); /* Initialize mode parameters */
- mode_users[0] = first; /* Set this up to be our on-stack value */
- mode_users[1] = modestring; /* Same here as above */
- strcpy(modestring,"+"); /* Initialize the mode sequence to just '+' */
- unsigned int modectr = 2; /* Pointer to the third mode parameter (e.g. the one after the +-sequence) */
-
- userrec* who = NULL; /* User we are currently checking */
- std::string channel = params[0]; /* Channel name, as a string */
- time_t TS = atoi(params[1].c_str()); /* Timestamp given to us for remote side */
- std::string nicklist = params[2];
- bool created = false;
-
- /* Try and find the channel */
- chanrec* chan = this->Instance->FindChan(channel);
-
- /* Initialize channel name in the mode parameters */
- strlcpy(mode_users[0],channel.c_str(),MAXBUF);
-
- /* default TS is a high value, which if we dont have this
- * channel will let the other side apply their modes.
- */
- time_t ourTS = Instance->Time(true)+600;
- /* Does this channel exist? if it does, get its REAL timestamp */
- if (chan)
- ourTS = chan->age;
- else
- created = true; /* don't perform deops, and set TS to correct time after processing. */
+ irc::modestacker modestack(true); /* Modes to apply from the users in the user list */
+ userrec* who = NULL; /* User we are currently checking */
+ std::string channel = params[0]; /* Channel name, as a string */
+ time_t TS = atoi(params[1].c_str()); /* Timestamp given to us for remote side */
+ irc::tokenstream users(params[2]); /* Users from the user list */
+ bool apply_other_sides_modes = true; /* True if we are accepting the other side's modes */
+ chanrec* chan = this->Instance->FindChan(channel); /* The channel we're sending joins to */
+ time_t ourTS = chan ? chan->age : Instance->Time(true)+600; /* The TS of our side of the link */
+ bool created = !chan; /* True if the channel doesnt exist here yet */
+ std::string item; /* One item in the list of nicks */
- /* do this first, so our mode reversals are correctly received by other servers
- * if there is a TS collision.
- */
params[2] = ":" + params[2];
Utils->DoOneToAllButSender(source,"FJOIN",params,source);
- /* In 1.1, if they have the newer channel, we immediately clear
- * all status modes from our users. We then accept their modes.
- * If WE have the newer channel its the other side's job to do this.
- * Note that this causes the losing server to send out confirming
- * FMODE lines.
- */
+ if (!TS)
+ {
+ Instance->Log(DEFAULT,"*** BUG? *** TS of 0 sent to FJOIN. Are some services authors smoking craq, or is it 1970 again?. Dropped.");
+ Instance->SNO->WriteToSnoMask('d', "WARNING: The server %s is sending FJOIN with a TS of zero. Total craq. Command was dropped.", source.c_str());
+ return true;
+ }
+
+ /* If our TS is less than theirs, we dont accept their modes */
+ if (ourTS < TS)
+ apply_other_sides_modes = false;
+
+ /* Our TS greater than theirs, clear all our modes from the channel, accept theirs. */
if (ourTS > TS)
{
std::deque<std::string> param_list;
- /* Lower the TS here */
if (Utils->AnnounceTSChange && chan)
- chan->WriteChannelWithServ(Instance->Config->ServerName,
- "NOTICE %s :TS for %s changed from %lu to %lu", chan->name, chan->name, ourTS, TS);
+ chan->WriteChannelWithServ(Instance->Config->ServerName, "NOTICE %s :TS for %s changed from %lu to %lu", chan->name, chan->name, ourTS, TS);
ourTS = TS;
- /* Zap all the privilage modes on our side, if the channel exists here */
if (!created)
{
- param_list.push_back(channel);
- /* Do this first! */
chan->age = TS;
+ param_list.push_back(channel);
this->RemoveStatus(Instance->Config->ServerName, param_list);
}
}
- /* Put the final parameter of the FJOIN into a tokenstream ready to split it */
- irc::tokenstream users(nicklist);
- std::string item = "*";
/* Now, process every 'prefixes,nick' pair */
- while (item != "")
+ while (users.GetToken(item))
{
- /* Find next user */
- item = users.GetToken();
const char* usr = item.c_str();
- /* Safety check just to make sure someones not sent us an FJOIN full of spaces
- * (is this even possible?) */
if (usr && *usr)
{
const char* permissions = usr;
- int ntimes = 0;
- char* nm = new char[MAXBUF];
- char* tnm = nm;
- /* Iterate through all the prefix values, convert them from prefixes
- * to mode letters, and append them to the mode sequence
- */
- while ((*permissions) && (*permissions != ',') && (ntimes < MAXBUF))
+ /* Iterate through all the prefix values, convert them from prefixes to mode letters */
+ std::string modes;
+ while ((*permissions) && (*permissions != ','))
{
ModeHandler* mh = Instance->Modes->FindPrefix(*permissions);
if (mh)
- {
- /* This is a valid prefix */
- ntimes++;
- *tnm++ = mh->GetModeChar();
- }
+ modes = modes + mh->GetModeChar();
else
{
- /* Not a valid prefix...
- * danger bill bobbertson! (that's will robinsons older brother ;-) ...)
- */
- this->Instance->WriteOpers("ERROR: We received a user with an unknown prefix '%c'. Closed connection to avoid a desync.",*permissions);
- this->WriteLine(std::string("ERROR :Invalid prefix '")+(*permissions)+"' in FJOIN");
+ this->SendError(std::string("Invalid prefix '")+(*permissions)+"' in FJOIN");
return false;
}
usr++;
permissions++;
}
- /* Null terminate modes */
- *tnm = 0;
/* Advance past the comma, to the nick */
usr++;
+
/* Check the user actually exists */
who = this->Instance->FindNick(usr);
if (who)
{
- /* Check that the user's 'direction' is correct
- * based on the server sending the FJOIN. We must
- * check each nickname in turn, because the origin of
- * the FJOIN may be different to the origin of the nicks
- * in the command itself.
- */
+ /* Check that the user's 'direction' is correct */
TreeServer* route_back_again = Utils->BestRouteTo(who->server);
if ((!route_back_again) || (route_back_again->GetSocket() != this))
- {
- /* Oh dear oh dear. */
- delete[] nm;
continue;
- }
- /* NOTE: Moved this below the fake direction check, so that modes
- * arent put into the mode list for users that were collided, and
- * may reconnect from the other side or our side before the split
- * is completed!
- */
-
- /* Did they get any modes? How many times? */
- strlcat(modestring, nm, MAXBUF);
- for (int k = 0; k < ntimes; k++)
- mode_users[modectr++] = strdup(usr);
- /* Free temporary buffer used for mode sequence */
- delete[] nm;
-
- /* Finally, we can actually place the user into the channel.
- * We're sure its right. Final answer, phone a friend.
- */
- if (created)
- chanrec::JoinUser(this->Instance, who, channel.c_str(), true, "", TS);
- else
- chanrec::JoinUser(this->Instance, who, channel.c_str(), true, "");
- /* Have we already queued up MAXMODES modes with parameters
- * (+qaohv) ready to be sent to the server?
- */
- if (modectr >= (MAXMODES-1))
- {
- /* Only actually give the users any status if we lost
- * the FJOIN or drew (equal timestamps).
- * It isn't actually possible for ourTS to be > TS here,
- * only possible to actually have ourTS == TS, or
- * ourTS < TS, because if we lost, we already lowered
- * our TS above before we entered this loop. We only
- * check >= as a safety measure, in case someone stuffed
- * up. If someone DID stuff up, it was most likely me.
- * Note: I do not like baseball bats in the face...
- */
- if (ourTS >= TS)
- {
- this->Instance->SendMode((const char**)mode_users,modectr,who);
-
- /* Something stuffed up, and for some reason, the timestamp is
- * NOT lowered right now and should be. Lower it. Usually this
- * code won't be executed, doubtless someone will remove it some
- * day soon.
- */
- if (ourTS > TS)
- {
- Instance->Log(DEFAULT,"Channel TS for %s changed from %lu to %lu",chan->name,ourTS,TS);
- chan->age = TS;
- ourTS = TS;
- }
- }
-
- /* Reset all this back to defaults, and
- * free any ram we have left allocated.
- */
- strcpy(mode_users[1],"+");
- for (unsigned int f = 2; f < modectr; f++)
- free(mode_users[f]);
- modectr = 2;
- }
+ /* Add any permissions this user had to the mode stack */
+ for (std::string::iterator x = modes.begin(); x != modes.end(); ++x)
+ modestack.Push(*x, who->nick);
+
+ chanrec::JoinUser(this->Instance, who, channel.c_str(), true, "", TS);
}
else
{
- /* Remember to free this */
- delete[] nm;
- /* If we got here, there's a nick in FJOIN which doesnt exist on this server.
- * We don't try to process the nickname here (that WOULD cause a segfault because
- * we'd be playing with null pointers) however, we DO pass the nickname on, just
- * in case somehow we're desynched, so that other users which might be able to see
- * the nickname get their fair chance to process it.
- */
Instance->Log(SPARSE,"Warning! Invalid user %s in FJOIN to channel %s IGNORED", usr, channel.c_str());
continue;
}
}
}
- /* there werent enough modes built up to flush it during FJOIN,
- * or, there are a number left over. flush them out.
- */
- if ((modectr > 2) && (who) && (chan))
+ /* Flush mode stacker if we lost the FJOIN or had equal TS */
+ if (apply_other_sides_modes)
{
- if (ourTS >= TS)
+ std::deque<std::string> stackresult;
+ const char* mode_junk[MAXMODES+2];
+ userrec* n = new userrec(Instance);
+ n->SetFd(FD_MAGIC_NUMBER);
+ mode_junk[0] = channel.c_str();
+
+ while (modestack.GetStackedLine(stackresult))
{
- /* Our channel is newer than theirs. Evil deeds must be afoot. */
- this->Instance->SendMode((const char**)mode_users,modectr,who);
- /* Yet again, we can't actually get a true value here, if everything else
- * is working as it should.
- */
- if (ourTS > TS)
+ for (size_t j = 0; j < stackresult.size(); j++)
{
- Instance->Log(DEFAULT,"Channel TS for %s changed from %lu to %lu",chan->name,ourTS,TS);
- chan->age = TS;
- ourTS = TS;
+ mode_junk[j+1] = stackresult[j].c_str();
}
+ Instance->SendMode(mode_junk, stackresult.size() + 1, n);
}
- /* Free anything we have left to free */
- for (unsigned int f = 2; f < modectr; f++)
- free(mode_users[f]);
+ delete n;
}
- /* All done. That wasnt so bad was it, you can wipe
- * the sweat from your forehead now. :-)
- */
+
return true;
}
/** NICK command */
bool TreeSocket::IntroduceClient(const std::string &source, std::deque<std::string> ¶ms)
{
- if (params.size() < 8)
- return true;
- if (params.size() > 8)
+ /** Do we have enough parameters:
+ * NICK age nick host dhost ident +modes ip :gecos
+ */
+ if (params.size() != 8)
{
this->WriteLine(std::string(":")+this->Instance->Config->ServerName+" KILL "+params[1]+" :Invalid client introduction ("+params[1]+"?)");
return true;
}
- // NICK age nick host dhost ident +modes ip :gecos
- // 0 1 2 3 4 5 6 7
- time_t age = atoi(params[0].c_str());
+ time_t age = ConvToInt(params[0]);
const char* tempnick = params[1].c_str();
- Instance->Log(DEBUG,"New remote client %s",tempnick);
+ std::string empty;
+
+ cmd_validation valid[] = { {"Nickname", 1, NICKMAX}, {"Hostname", 2, 64}, {"Displayed hostname", 3, 64}, {"Ident", 4, IDENTMAX}, {"GECOS", 7, MAXGECOS}, {"", 0, 0} };
+
+ TreeServer* remoteserver = Utils->FindServer(source);
+ if (!remoteserver)
+ {
+ this->WriteLine(std::string(":")+this->Instance->Config->ServerName+" KILL "+params[1]+" :Invalid client introduction (Unknown server "+source+")");
+ return true;
+ }
+
+ /* Check parameters for validity before introducing the client, discovered by dmb */
+ if (!age)
+ {
+ this->WriteLine(std::string(":")+this->Instance->Config->ServerName+" KILL "+params[1]+" :Invalid client introduction (Invalid TS?)");
+ return true;
+ }
+ for (size_t x = 0; valid[x].length; ++x)
+ {
+ if (params[valid[x].param].length() > valid[x].length)
+ {
+ this->WriteLine(std::string(":")+this->Instance->Config->ServerName+" KILL "+params[1]+" :Invalid client introduction (" + valid[x].item + " > " + ConvToStr(valid[x].length) + ")");
+ return true;
+ }
+ }
+ /** Our client looks ok, lets introduce it now
+ */
+ Instance->Log(DEBUG,"New remote client %s",tempnick);
user_hash::iterator iter = this->Instance->clientlist->find(tempnick);
if (iter != this->Instance->clientlist->end())
{
- // nick collision
+ /* nick collision */
this->WriteLine(std::string(":")+this->Instance->Config->ServerName+" KILL "+tempnick+" :Nickname collision");
userrec::QuitUser(this->Instance, iter->second, "Nickname collision");
return true;
(*(this->Instance->clientlist))[tempnick] = _new;
_new->SetFd(FD_MAGIC_NUMBER);
strlcpy(_new->nick, tempnick,NICKMAX-1);
- strlcpy(_new->host, params[2].c_str(),63);
- strlcpy(_new->dhost, params[3].c_str(),63);
+ strlcpy(_new->host, params[2].c_str(),64);
+ strlcpy(_new->dhost, params[3].c_str(),64);
_new->server = this->Instance->FindServerNamePtr(source.c_str());
strlcpy(_new->ident, params[4].c_str(),IDENTMAX);
strlcpy(_new->fullname, params[7].c_str(),MAXGECOS);
_new->registered = REG_ALL;
_new->signon = age;
- /*
- * we need to remove the + from the modestring, so we can do our stuff
- */
+ /* we need to remove the + from the modestring, so we can do our stuff */
std::string::size_type pos_after_plus = params[5].find_first_not_of('+');
if (pos_after_plus != std::string::npos)
params[5] = params[5].substr(pos_after_plus);
for (std::string::iterator v = params[5].begin(); v != params[5].end(); v++)
{
- _new->modes[(*v)-65] = 1;
/* For each mode thats set, increase counter */
ModeHandler* mh = Instance->Modes->FindMode(*v, MODETYPE_USER);
if (mh)
+ {
+ mh->OnModeChange(_new, _new, NULL, empty, true);
+ _new->SetMode(*v, true);
mh->ChangeCount(1);
+ }
}
/* now we've done with modes processing, put the + back for remote servers */
_new->SetSockAddr(AF_INET, params[6].c_str(), 0);
Instance->AddGlobalClone(_new);
- this->Instance->SNO->WriteToSnoMask('C',"Client connecting at %s: %s!%s@%s [%s]",_new->server,_new->nick,_new->ident,_new->host, _new->GetIPString());
+
+ bool dosend = !(((this->Utils->quiet_bursts) && (this->bursting || Utils->FindRemoteBurstServer(remoteserver))) || (this->Instance->SilentULine(_new->server)));
+
+ if (dosend)
+ this->Instance->SNO->WriteToSnoMask('C',"Client connecting at %s: %s!%s@%s [%s] [%s]",_new->server,_new->nick,_new->ident,_new->host, _new->GetIPString(), _new->fullname);
params[7] = ":" + params[7];
Utils->DoOneToAllButSender(source,"NICK", params, source);
char* ptr = list + dlen;
CUList *ulist = c->GetUsers();
- std::string modes = "";
- std::string params = "";
+ std::string modes;
+ std::string params;
for (CUList::iterator i = ulist->begin(); i != ulist->end(); i++)
{
// The first parameter gets a : before it
- size_t ptrlen = snprintf(ptr, MAXBUF, " %s%s,%s", !numusers ? ":" : "", c->GetAllPrefixChars(i->second), i->second->nick);
+ size_t ptrlen = snprintf(ptr, MAXBUF, " %s%s,%s", !numusers ? ":" : "", c->GetAllPrefixChars(i->first), i->first->nick);
curlen += ptrlen;
ptr += ptrlen;
if (numusers)
buffer.append(list).append("\r\n");
- /* Sorry for the hax. Because newly created channels assume +nt,
- * if this channel doesnt have +nt, explicitly send -n and -t for the missing modes.
- */
- bool inverted = false;
- if (!c->IsModeSet('n'))
- {
- modes.append("-n");
- inverted = true;
- }
- if (!c->IsModeSet('t'))
- {
- modes.append("-t");
- inverted = true;
- }
- if (inverted)
- {
- modes.append("+");
- }
-
buffer.append(":").append(this->Instance->Config->ServerName).append(" FMODE ").append(c->name).append(" ").append(ConvToStr(c->age)).append(" +").append(c->ChanModes(true)).append("\r\n");
int linesize = 1;
{
/* Wrap at MAXMODES */
buffer.append(":").append(this->Instance->Config->ServerName).append(" FMODE ").append(c->name).append(" ").append(ConvToStr(c->age)).append(" +").append(modes).append(params).append("\r\n");
- modes = "";
- params = "";
+ modes.clear();
+ params.clear();
linesize = 1;
}
}
std::deque<std::string> list;
std::string n = this->Instance->Config->ServerName;
const char* sn = n.c_str();
+ Instance->Log(DEBUG,"Sending channels and modes, %d to send", this->Instance->chanlist->size());
for (chan_hash::iterator c = this->Instance->chanlist->begin(); c != this->Instance->chanlist->end(); c++)
{
SendFJoins(Current, c->second);
snprintf(data,MAXBUF,":%s AWAY :%s", u->second->nick, u->second->awaymsg);
this->WriteLine(data);
}
- FOREACH_MOD_I(this->Instance,I_OnSyncUser,OnSyncUser(u->second,(Module*)Utils->Creator,(void*)this));
- list.clear();
- u->second->GetExtList(list);
-
- for (unsigned int j = 0; j < list.size(); j++)
- {
- FOREACH_MOD_I(this->Instance,I_OnSyncUserMetaData,OnSyncUserMetaData(u->second,(Module*)Utils->Creator,(void*)this,list[j]));
- }
+ }
+ }
+ for (user_hash::iterator u = this->Instance->clientlist->begin(); u != this->Instance->clientlist->end(); u++)
+ {
+ FOREACH_MOD_I(this->Instance,I_OnSyncUser,OnSyncUser(u->second,(Module*)Utils->Creator,(void*)this));
+ list.clear();
+ u->second->GetExtList(list);
+ for (unsigned int j = 0; j < list.size(); j++)
+ {
+ FOREACH_MOD_I(this->Instance,I_OnSyncUserMetaData,OnSyncUserMetaData(u->second,(Module*)Utils->Creator,(void*)this,list[j]));
}
}
}
*/
void TreeSocket::DoBurst(TreeServer* s)
{
+ std::string name = s->GetName();
std::string burst = "BURST "+ConvToStr(Instance->Time(true));
std::string endburst = "ENDBURST";
- // Because by the end of the netburst, it could be gone!
- std::string name = s->GetName();
- this->Instance->SNO->WriteToSnoMask('l',"Bursting to \2"+name+"\2.");
+ this->Instance->SNO->WriteToSnoMask('l',"Bursting to \2%s\2 (Authentication: %s).", name.c_str(), this->GetTheirChallenge().empty() ? "plaintext password" : "SHA256-HMAC challenge-response");
this->WriteLine(burst);
/* send our version string */
this->WriteLine(std::string(":")+this->Instance->Config->ServerName+" VERSION :"+this->Instance->GetVersionString());