/*
* InspIRCd -- Internet Relay Chat Daemon
*
- * Copyright (C) 2009-2010 Daniel De Graaf <danieldg@inspircd.org>
- * Copyright (C) 2006-2009 Robin Burchell <robin+git@viroteck.net>
- * Copyright (C) 2006-2007, 2009 Dennis Friis <peavey@inspircd.org>
- * Copyright (C) 2008 John Brooks <john.brooks@dereferenced.net>
+ * Copyright (C) 2019 linuxdaemon <linuxdaemon.irc@gmail.com>
+ * Copyright (C) 2018 systocrat <systocrat@outlook.com>
+ * Copyright (C) 2018 Dylan Frank <b00mx0r@aureus.pw>
+ * Copyright (C) 2013, 2016-2021 Sadie Powell <sadie@witchery.services>
+ * Copyright (C) 2013 Daniel Vassdal <shutter@canternet.org>
+ * Copyright (C) 2013 ChrisTX <xpipe@hotmail.de>
+ * Copyright (C) 2013 Adam <Adam@anope.org>
+ * Copyright (C) 2012-2016, 2018 Attila Molnar <attilamolnar@hush.com>
+ * Copyright (C) 2012, 2019 Robby <robby@chatbelgie.be>
+ * Copyright (C) 2012 DjSlash <djslash@djslash.org>
+ * Copyright (C) 2011 jackmcbarn <jackmcbarn@inspircd.org>
+ * Copyright (C) 2009-2011 Daniel De Graaf <danieldg@inspircd.org>
+ * Copyright (C) 2009 Uli Schlachter <psychon@inspircd.org>
* Copyright (C) 2008 Thomas Stagner <aquanight@inspircd.org>
- * Copyright (C) 2008 Oliver Lupton <oliverlupton@gmail.com>
- * Copyright (C) 2003-2008 Craig Edwards <craigedwards@brainbox.cc>
+ * Copyright (C) 2008 John Brooks <special@inspircd.org>
+ * Copyright (C) 2007, 2009 Dennis Friis <peavey@inspircd.org>
+ * Copyright (C) 2006-2009 Robin Burchell <robin+git@viroteck.net>
+ * Copyright (C) 2004, 2006-2009 Craig Edwards <brain@inspircd.org>
*
* This file is part of InspIRCd. InspIRCd is free software: you can
* redistribute it and/or modify it under the terms of the GNU General Public
ServerInstance->Logs->Log("USERS", LOG_DEBUG, "New UUID for user: %s", uuid.c_str());
+ if (srv->IsULine())
+ ServerInstance->Users.all_ulines.push_back(this);
+
// Do not insert FakeUsers into the uuidlist so FindUUID() won't return them which is the desired behavior
if (type != USERTYPE_SERVER)
{
ChangeRealHost(GetIPString(), true);
}
+LocalUser::LocalUser(int myfd, const std::string& uid, Serializable::Data& data)
+ : User(uid, ServerInstance->FakeClient->server, USERTYPE_LOCAL)
+ , eh(this)
+ , already_sent(0)
+{
+ eh.SetFd(myfd);
+ Deserialize(data);
+}
+
User::~User()
{
}
return oper->AllowedPrivs.Contains(privstr);
}
+bool User::HasSnomaskPermission(char chr) const
+{
+ return true;
+}
+
+bool LocalUser::HasSnomaskPermission(char chr) const
+{
+ if (!this->IsOper() || !ModeParser::IsModeChar(chr))
+ return false;
+
+ return this->oper->AllowedSnomasks[chr - 'A'];
+}
+
void UserIOHandler::OnDataReady()
{
if (user->quitting)
return !user->quitting;
}
-void UserIOHandler::OnError(BufferedSocketError error)
+void UserIOHandler::OnError(BufferedSocketError sockerr)
{
ModResult res;
- FIRST_MOD_RESULT(OnConnectionFail, res, (user, error));
+ FIRST_MOD_RESULT(OnConnectionFail, res, (user, sockerr));
if (res != MOD_RES_ALLOW)
ServerInstance->Users->QuitUser(user, getError());
}
if (client_sa.family() != AF_UNSPEC)
ServerInstance->Users->RemoveCloneCounts(this);
+ if (server->IsULine())
+ stdalgo::erase(ServerInstance->Users->all_ulines, this);
+
return Extensible::cull();
}
FOREACH_MOD(OnPostOper, (this, oper->name, opername));
}
+namespace
+{
+ bool ParseModeList(std::bitset<64>& modeset, ConfigTag* tag, const std::string& field)
+ {
+ std::string modes;
+ bool hasmodes = tag->readString(field, modes);
+ for (std::string::const_iterator iter = modes.begin(); iter != modes.end(); ++iter)
+ {
+ const char& chr = *iter;
+ if (chr == '*')
+ modeset.set();
+ else if (ModeParser::IsModeChar(chr))
+ modeset.set(chr - 'A');
+ else
+ ServerInstance->Logs->Log("CONFIG", LOG_DEFAULT, "'%c' is not a valid value for <class:%s>, ignoring...", chr, field.c_str());
+ }
+ return hasmodes;
+ }
+}
+
void OperInfo::init()
{
AllowedOperCommands.Clear();
AllowedPrivs.Clear();
AllowedUserModes.reset();
AllowedChanModes.reset();
+ AllowedSnomasks.reset();
AllowedUserModes['o' - 'A'] = true; // Call me paranoid if you want.
+ bool defaultsnomasks = true;
for(std::vector<reference<ConfigTag> >::iterator iter = class_blocks.begin(); iter != class_blocks.end(); ++iter)
{
ConfigTag* tag = *iter;
AllowedOperCommands.AddList(tag->getString("commands"));
AllowedPrivs.AddList(tag->getString("privs"));
- std::string modes = tag->getString("usermodes");
- for (std::string::const_iterator c = modes.begin(); c != modes.end(); ++c)
- {
- if (*c == '*')
- {
- this->AllowedUserModes.set();
- }
- else if (*c >= 'A' && *c <= 'z')
- {
- this->AllowedUserModes[*c - 'A'] = true;
- }
- }
-
- modes = tag->getString("chanmodes");
- for (std::string::const_iterator c = modes.begin(); c != modes.end(); ++c)
- {
- if (*c == '*')
- {
- this->AllowedChanModes.set();
- }
- else if (*c >= 'A' && *c <= 'z')
- {
- this->AllowedChanModes[*c - 'A'] = true;
- }
- }
+ ParseModeList(AllowedChanModes, tag, "chanmodes");
+ ParseModeList(AllowedUserModes, tag, "usermodes");
+ if (ParseModeList(AllowedSnomasks, tag, "snomasks"))
+ defaultsnomasks = false;
}
+
+ // Compatibility for older configs that don't have the snomasks field.
+ if (defaultsnomasks)
+ AllowedSnomasks.set();
}
void User::UnOper()
*/
oper = NULL;
+ // Remove the user from the oper list
+ stdalgo::vector::swaperase(ServerInstance->Users->all_opers, this);
+
+ // If the user is quitting we shouldn't remove any modes as it results in
+ // mode messages being broadcast across the network.
+ if (quitting)
+ return;
/* Remove all oper only modes from the user when the deoper - Bug #466*/
Modes::ChangeList changelist;
ServerInstance->Modes->Process(this, NULL, this, changelist);
- // Remove the user from the oper list
- stdalgo::vector::swaperase(ServerInstance->Users->all_opers, this);
-
ModeHandler* opermh = ServerInstance->Modes->FindMode('o', MODETYPE_USER);
if (opermh)
this->SetMode(opermh, false);
}
else if (a->type == CC_DENY)
{
- ServerInstance->Users->QuitUser(this, a->config->getString("reason", "Unauthorised connection"));
+ ServerInstance->Users->QuitUser(this, a->config->getString("reason", "Unauthorised connection", 1));
return;
}
else if (clone_count)
{
ServerInstance->Users->QuitUser(this, "No more connections allowed from your host via this connect class (local)");
if (a->maxconnwarn)
- ServerInstance->SNO->WriteToSnoMask('a', "WARNING: maximum LOCAL connections (%ld) exceeded for IP %s", a->GetMaxLocal(), this->GetIPString().c_str());
+ {
+ ServerInstance->SNO->WriteToSnoMask('a', "WARNING: maximum local connections for the %s class (%ld) exceeded by %s",
+ a->name.c_str(), a->GetMaxLocal(), this->GetIPString().c_str());
+ }
return;
}
else if ((a->GetMaxGlobal()) && (clonecounts.global > a->GetMaxGlobal()))
{
ServerInstance->Users->QuitUser(this, "No more connections allowed from your host via this connect class (global)");
if (a->maxconnwarn)
- ServerInstance->SNO->WriteToSnoMask('a', "WARNING: maximum GLOBAL connections (%ld) exceeded for IP %s", a->GetMaxGlobal(), this->GetIPString().c_str());
+ {
+ ServerInstance->SNO->WriteToSnoMask('a', "WARNING: maximum global connections for the %s class (%ld) exceeded by %s",
+ a->name.c_str(), a->GetMaxGlobal(), this->GetIPString().c_str());
+ }
return;
}
}
/*
* You may be thinking "wtf, we checked this in User::AddClient!" - and yes, we did, BUT.
* At the time AddClient is called, we don't have a resolved host, by here we probably do - which
- * may put the user into a totally seperate class with different restrictions! so we *must* check again.
+ * may put the user into a totally separate class with different restrictions! so we *must* check again.
* Don't remove this! -- w00t
*/
MyClass = NULL;
return;
ServerInstance->Users->RemoveCloneCounts(this);
-
User::SetClientIP(sa);
-
- FOREACH_MOD(OnSetUserIP, (this));
-
ServerInstance->Users->AddClone(this);
// Recheck the connect class.
this->MyClass = NULL;
this->SetClass();
this->CheckClass();
+
+ if (!quitting)
+ FOREACH_MOD(OnSetUserIP, (this));
}
void LocalUser::Write(const ClientProtocol::SerializedMessage& text)
void User::WriteRemoteNotice(const std::string& text)
{
- ServerInstance->PI->SendUserNotice(this, text);
+ ServerInstance->PI->SendMessage(this, text, MSG_NOTICE);
}
void LocalUser::WriteRemoteNotice(const std::string& text)
FIRST_MOD_RESULT(OnPreChangeRealName, MOD_RESULT, (IS_LOCAL(this), real));
if (MOD_RESULT == MOD_RES_DENY)
return false;
- FOREACH_MOD(OnChangeRealName, (this, real));
}
+ FOREACH_MOD(OnChangeRealName, (this, real));
this->realname.assign(real, 0, ServerInstance->Config->Limits.MaxReal);
return true;
if (!changehost)
return;
+ // Don't call the OnChangeRealHost event when initialising a user.
+ if (!realhost.empty())
+ FOREACH_MOD(OnChangeRealHost, (this, host));
+
realhost = host;
this->InvalidateCache();
}
*/
void LocalUser::SetClass(const std::string &explicit_name)
{
- ConnectClass *found = NULL;
-
- ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "Setting connect class for UID %s", this->uuid.c_str());
+ ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "Setting connect class for %s (%s) ...",
+ this->uuid.c_str(), this->GetFullRealHost().c_str());
+ ConnectClass *found = NULL;
if (!explicit_name.empty())
{
for (ServerConfig::ClassVector::const_iterator i = ServerInstance->Config->Classes.begin(); i != ServerInstance->Config->Classes.end(); ++i)
if (explicit_name == c->name)
{
- ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "Explicitly set to %s", explicit_name.c_str());
+ ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "Connect class explicitly set to %s",
+ explicit_name.c_str());
found = c;
}
}
for (ServerConfig::ClassVector::const_iterator i = ServerInstance->Config->Classes.begin(); i != ServerInstance->Config->Classes.end(); ++i)
{
ConnectClass* c = *i;
- ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "Checking %s", c->GetName().c_str());
+ ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "Checking the %s connect class ...",
+ c->GetName().c_str());
ModResult MOD_RESULT;
FIRST_MOD_RESULT(OnSetConnectClass, MOD_RESULT, (this,c));
if (MOD_RESULT == MOD_RES_DENY)
continue;
+
if (MOD_RESULT == MOD_RES_ALLOW)
{
- ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "Class forced by module to %s", c->GetName().c_str());
+ ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "The %s connect class was explicitly chosen by a module",
+ c->GetName().c_str());
found = c;
break;
}
if (c->type == CC_NAMED)
+ {
+ ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "The %s connect class is not suitable as neither <connect:allow> nor <connect:deny> are set",
+ c->GetName().c_str());
continue;
+ }
bool regdone = (registered != REG_NONE);
if (c->config->getBool("registered", regdone) != regdone)
+ {
+ ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "The %s connect class is not suitable as it requires that the user is %s",
+ c->GetName().c_str(), regdone ? "not fully connected" : "fully connected");
continue;
+ }
/* check if host matches.. */
if (!InspIRCd::MatchCIDR(this->GetIPString(), c->GetHost(), NULL) &&
- !InspIRCd::MatchCIDR(this->GetRealHost(), c->GetHost(), NULL))
+ !InspIRCd::MatchCIDR(this->GetRealHost(), c->GetHost(), NULL))
{
- ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "No host match (for %s)", c->GetHost().c_str());
+ ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "The %s connect class is not suitable as neither the host (%s) nor the IP (%s) matches %s",
+ c->GetName().c_str(), this->GetRealHost().c_str(), this->GetIPString().c_str(), c->GetHost().c_str());
continue;
}
*/
if (c->limit && (c->GetReferenceCount() >= c->limit))
{
- ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "OOPS: Connect class limit (%lu) hit, denying", c->limit);
+ ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "The %s connect class is not suitable as it has reached its user limit (%lu)",
+ c->GetName().c_str(), c->limit);
continue;
}
- /* if it requires a port ... */
- if (!c->ports.empty())
+ /* if it requires a port and our port doesn't match, fail */
+ if (!c->ports.empty() && !c->ports.count(this->server_sa.port()))
{
- /* and our port doesn't match, fail. */
- if (!c->ports.count(this->server_sa.port()))
- {
- ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "Requires a different port, skipping");
- continue;
- }
+ ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "The %s connect class is not suitable as the connection port (%d) is not any of %s",
+ c->GetName().c_str(), this->server_sa.port(), stdalgo::string::join(c->ports).c_str());
+ continue;
}
- if (regdone && !c->config->getString("password").empty())
+ if (regdone && !c->password.empty() && !ServerInstance->PassCompare(this, c->password, password, c->passwordhash))
{
- if (!ServerInstance->PassCompare(this, c->config->getString("password"), password, c->config->getString("hash")))
- {
- ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "Bad password, skipping");
- continue;
- }
+ ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "The %s connect class is not suitable as requires a password and %s",
+ c->GetName().c_str(), password.empty() ? "one was not provided" : "the provided password was incorrect");
+ continue;
}
/* we stop at the first class that meets ALL critera. */
+ ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "The %s connect class is suitable for %s (%s)",
+ c->GetName().c_str(), this->uuid.c_str(), this->GetFullRealHost().c_str());
found = c;
break;
}
}
ConnectClass::ConnectClass(ConfigTag* tag, char t, const std::string& mask)
- : config(tag), type(t), fakelag(true), name("unnamed"), registration_timeout(0), host(mask),
- pingtime(0), softsendqmax(0), hardsendqmax(0), recvqmax(0),
- penaltythreshold(0), commandrate(0), maxlocal(0), maxglobal(0), maxconnwarn(true), maxchans(ServerInstance->Config->MaxChans),
- limit(0), resolvehostnames(true)
+ : config(tag)
+ , type(t)
+ , fakelag(true)
+ , name("unnamed")
+ , registration_timeout(0)
+ , host(mask)
+ , pingtime(0)
+ , softsendqmax(0)
+ , hardsendqmax(0)
+ , recvqmax(0)
+ , penaltythreshold(0)
+ , commandrate(0)
+ , maxlocal(0)
+ , maxglobal(0)
+ , maxconnwarn(true)
+ , maxchans(0)
+ , limit(0)
+ , resolvehostnames(true)
{
}
limit = src->limit;
resolvehostnames = src->resolvehostnames;
ports = src->ports;
+ password = src->password;
+ passwordhash = src->passwordhash;
}