#include "socketengine.h"
#include "wildcard.h"
#include "xline.h"
+#include "bancache.h"
#include "commands/cmd_whowas.h"
static unsigned long already_sent[MAX_DESCRIPTORS] = {0};
Visibility = NULL;
ip = NULL;
MyClass = NULL;
+ AllowedOperCommands = NULL;
chans.clear();
invites.clear();
memset(modes,0,sizeof(modes));
this->MyClass->RefCount--;
ServerInstance->Log(DEBUG, "User destructor -- connect refcount now: %u", this->MyClass->RefCount);
}
+ if (this->AllowedOperCommands)
+ {
+ delete AllowedOperCommands;
+ AllowedOperCommands = NULL;
+ }
this->InvalidateCache();
this->DecrementModes();
bool User::HasPermission(const std::string &command)
{
- char* mycmd;
- char* savept;
- char* savept2;
-
/*
* users on remote servers can completely bypass all permissions based checks.
* This prevents desyncs when one server has different type/class tags to another.
return false;
}
- // check their opertype exists (!). This won't affect local users, of course.
- opertype_t::iterator iter_opertype = ServerInstance->Config->opertypes.find(this->oper);
- if (iter_opertype == ServerInstance->Config->opertypes.end())
- {
+ if (!AllowedOperCommands)
return false;
- }
- /* XXX all this strtok/strdup stuff is a bit ick and horrid -- w00t */
- char* Classes = strdup(iter_opertype->second);
- char* myclass = strtok_r(Classes," ",&savept);
- while (myclass)
- {
- operclass_t::iterator iter_operclass = ServerInstance->Config->operclass.find(myclass);
- if (iter_operclass != ServerInstance->Config->operclass.end())
- {
- char* CommandList = strdup(iter_operclass->second);
- mycmd = strtok_r(CommandList," ",&savept2);
- while (mycmd)
- {
- if ((!strcasecmp(mycmd,command.c_str())) || (*mycmd == '*'))
- {
- free(Classes);
- free(CommandList);
- return true;
- }
- mycmd = strtok_r(NULL," ",&savept2);
- }
- free(CommandList);
- }
- myclass = strtok_r(NULL," ",&savept);
- }
- free(Classes);
+ if (AllowedOperCommands->find(command) != AllowedOperCommands->end())
+ return true;
+ else if (AllowedOperCommands->find("*") != AllowedOperCommands->end())
+ return true;
return false;
}
if (a.length())
recvq.append(a);
- if (recvq.length() > (unsigned)this->MyClass->GetRecvqMax())
+ if (this->MyClass && (recvq.length() > this->MyClass->GetRecvqMax()))
{
this->SetWriteError("RecvQ exceeded");
ServerInstance->WriteOpers("*** User %s RecvQ of %d exceeds connect class maximum of %d",this->nick,recvq.length(),this->MyClass->GetRecvqMax());
if (*this->GetWriteError())
return;
- if (sendq.length() + data.length() > (unsigned)this->MyClass->GetSendqMax())
+ if (this->MyClass && (sendq.length() + data.length() > this->MyClass->GetSendqMax()))
{
/*
* Fix by brain - Set the error text BEFORE calling writeopers, because
void User::Oper(const std::string &opertype)
{
+ char* mycmd;
+ char* savept;
+ char* savept2;
+
try
{
this->modes[UM_OPERATOR] = 1;
ServerInstance->Log(DEFAULT,"OPER: %s!%s@%s opered as type: %s", this->nick, this->ident, this->host, opertype.c_str());
strlcpy(this->oper, opertype.c_str(), NICKMAX - 1);
ServerInstance->all_opers.push_back(this);
+
+ opertype_t::iterator iter_opertype = ServerInstance->Config->opertypes.find(this->oper);
+ if (iter_opertype != ServerInstance->Config->opertypes.end())
+ {
+
+ if (AllowedOperCommands)
+ AllowedOperCommands->clear();
+ else
+ AllowedOperCommands = new std::map<std::string, bool>;
+
+ char* Classes = strdup(iter_opertype->second);
+ char* myclass = strtok_r(Classes," ",&savept);
+ while (myclass)
+ {
+ operclass_t::iterator iter_operclass = ServerInstance->Config->operclass.find(myclass);
+ if (iter_operclass != ServerInstance->Config->operclass.end())
+ {
+ char* CommandList = strdup(iter_operclass->second);
+ mycmd = strtok_r(CommandList," ",&savept2);
+ while (mycmd)
+ {
+ this->AllowedOperCommands->insert(std::make_pair(mycmd, true));
+ mycmd = strtok_r(NULL," ",&savept2);
+ }
+ free(CommandList);
+ }
+ myclass = strtok_r(NULL," ",&savept);
+ }
+ free(Classes);
+ }
+
FOREACH_MOD(I_OnPostOper,OnPostOper(this, opertype));
}
// remove the user from the oper list. Will remove multiple entries as a safeguard against bug #404
ServerInstance->all_opers.remove(this);
+
+ if (AllowedOperCommands)
+ {
+ delete AllowedOperCommands;
+ AllowedOperCommands = NULL;
+ }
}
}
return;
}
#endif
+ /*
+ * even with bancache, we still have to keep User::exempt current.
+ * besides that, if we get a positive bancache hit, we still won't fuck
+ * them over if they are exempt. -- w00t
+ */
+ New->exempt = (Instance->XLines->MatchesLine("E",New) != NULL);
- New->exempt = (Instance->XLines->matches_exception(New) != NULL);
- if (!New->exempt)
+ if (BanCacheHit *b = Instance->BanCache->GetHit(New->GetIPString()))
{
- ZLine* r = Instance->XLines->matches_zline(ipaddr);
- if (r)
+ if (!b->Type.empty() && !New->exempt)
{
- char reason[MAXBUF];
+ /* user banned */
+ Instance->Log(DEBUG, std::string("BanCache: Positive hit for ") + New->GetIPString());
if (*Instance->Config->MoronBanner)
New->WriteServ("NOTICE %s :*** %s", New->nick, Instance->Config->MoronBanner);
- snprintf(reason,MAXBUF,"Z-Lined: %s",r->reason);
- User::QuitUser(Instance, New, reason);
+ User::QuitUser(Instance, New, b->Reason);
return;
}
+ else
+ {
+ Instance->Log(DEBUG, std::string("BanCache: Negative hit for ") + New->GetIPString());
+ }
+ }
+ else
+ {
+ if (!New->exempt)
+ {
+ XLine* r = Instance->XLines->MatchesLine("Z",New);
+
+ if (r)
+ {
+ r->Apply(New);
+ return;
+ }
+ }
}
if (socket > -1)
/* Check the password, if one is required by the user's connect class.
* This CANNOT be in CheckClass(), because that is called prior to PASS as well!
*/
- if ((!this->MyClass->GetPass().empty()) && (!this->haspassed))
+ if (this->MyClass && !this->MyClass->GetPass().empty() && !this->haspassed)
{
User::QuitUser(ServerInstance, this, "Invalid password");
return;
}
-
+
if (!this->exempt)
{
- GLine* r = ServerInstance->XLines->matches_gline(this);
+ GLine *r = (GLine *)ServerInstance->XLines->MatchesLine("G", this);
if (r)
{
this->muted = true;
- char reason[MAXBUF];
- if (*ServerInstance->Config->MoronBanner)
- this->WriteServ("NOTICE %s :*** %s", this->nick, ServerInstance->Config->MoronBanner);
- snprintf(reason,MAXBUF,"G-Lined: %s",r->reason);
- User::QuitUser(ServerInstance, this, reason);
+ r->Apply(this);
return;
}
- KLine* n = ServerInstance->XLines->matches_kline(this);
+ KLine *n = (KLine *)ServerInstance->XLines->MatchesLine("K", this);
if (n)
{
this->muted = true;
- char reason[MAXBUF];
- if (*ServerInstance->Config->MoronBanner)
- this->WriteServ("NOTICE %s :*** %s", this, ServerInstance->Config->MoronBanner);
- snprintf(reason,MAXBUF,"K-Lined: %s",n->reason);
- User::QuitUser(ServerInstance, this, reason);
+ n->Apply(this);
return;
}
}
FOREACH_MOD(I_OnPostConnect,OnPostConnect(this));
ServerInstance->SNO->WriteToSnoMask('c',"Client connecting on port %d: %s!%s@%s [%s] [%s]", this->GetPort(), this->nick, this->ident, this->host, this->GetIPString(), this->fullname);
+
+ ServerInstance->Log(DEBUG, "BanCache: Adding NEGATIVE hit for %s", this->GetIPString());
+ ServerInstance->BanCache->AddHit(this->GetIPString(), "", "");
}
/** User::UpdateNick()
return false;
}
- if (ServerInstance->XLines->matches_qline(newnick))
+ if (ServerInstance->XLines->MatchesLine("Q",newnick))
{
ServerInstance->stats->statsCollisions++;
return false;
if (found)
{
/* deny change if change will take class over the limit */
- if (found->RefCount + 1 >= found->limit)
+ if (found->limit && (found->RefCount + 1 >= found->limit))
{
ServerInstance->Log(DEBUG, "OOPS: Connect class limit (%u) hit, denying", found->limit);
return this->MyClass;
if (i2 != ServerInstance->chanlist->end())
{
FOREACH_MOD(I_OnChannelDelete,OnChannelDelete(i2->second));
- DELETE(i2->second);
+ delete i2->second;
ServerInstance->chanlist->erase(i2);
this->chans.erase(*n);
}
projects / user / henk / code / inspircd.git / blobdiff