X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_spanningtree%2Fserver.cpp;h=538479ca4b40b2f0e685ab43bed1bb35e0e68f15;hb=HEAD;hp=30931b90ea3ed59f4d047c200dd22d8545cf4340;hpb=a6433b37967e22e19658967ae4e798febea86356;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/m_spanningtree/server.cpp b/src/modules/m_spanningtree/server.cpp
index 30931b90e..538479ca4 100644
--- a/src/modules/m_spanningtree/server.cpp
+++ b/src/modules/m_spanningtree/server.cpp
@@ -1,7 +1,12 @@
 /*
  * InspIRCd -- Internet Relay Chat Daemon
  *
+ *   Copyright (C) 2013, 2017-2020 Sadie Powell <sadie@witchery.services>
+ *   Copyright (C) 2012-2016 Attila Molnar <attilamolnar@hush.com>
+ *   Copyright (C) 2012, 2019 Robby <robby@chatbelgie.be>
  *   Copyright (C) 2009-2010 Daniel De Graaf <danieldg@inspircd.org>
+ *   Copyright (C) 2009 Uli Schlachter <psychon@inspircd.org>
+ *   Copyright (C) 2008-2010 Craig Edwards <brain@inspircd.org>
  *   Copyright (C) 2008 Robin Burchell <robin+git@viroteck.net>
  *
  * This file is part of InspIRCd.  InspIRCd is free software: you can
@@ -19,6 +24,7 @@
 
 
 #include "inspircd.h"
+#include "modules/ssl.h"
 
 #include "main.h"
 #include "utils.h"
@@ -31,7 +37,7 @@
  * Some server somewhere in the network introducing another server.
  *	-- w
  */
-CmdResult CommandServer::HandleServer(TreeServer* ParentOfThis, std::vector<std::string>& params)
+CmdResult CommandServer::HandleServer(TreeServer* ParentOfThis, Params& params)
 {
 	const std::string& servername = params[0];
 	const std::string& sid = params[1];
@@ -47,20 +53,19 @@ CmdResult CommandServer::HandleServer(TreeServer* ParentOfThis, std::vector<std:
 	if (CheckDupe)
 	{
 		socket->SendError("Server "+servername+" already exists!");
-		ServerInstance->SNO->WriteToSnoMask('L', "Server \2"+CheckDupe->GetName()+"\2 being introduced from \2" + ParentOfThis->GetName() + "\2 denied, already exists. Closing link with " + ParentOfThis->GetName());
+		ServerInstance->SNO->WriteToSnoMask('L', "Server \002"+CheckDupe->GetName()+"\002 being introduced from \002" + ParentOfThis->GetName() + "\002 denied, already exists. Closing link with " + ParentOfThis->GetName());
 		return CMD_FAILURE;
 	}
 	CheckDupe = Utils->FindServer(sid);
 	if (CheckDupe)
 	{
 		socket->SendError("Server ID "+sid+" already exists! You may want to specify the server ID for the server manually with <server:id> so they do not conflict.");
-		ServerInstance->SNO->WriteToSnoMask('L', "Server \2"+servername+"\2 being introduced from \2" + ParentOfThis->GetName() + "\2 denied, server ID already exists on the network. Closing link with " + ParentOfThis->GetName());
+		ServerInstance->SNO->WriteToSnoMask('L', "Server \002"+servername+"\002 being introduced from \002" + ParentOfThis->GetName() + "\002 denied, server ID already exists on the network. Closing link with " + ParentOfThis->GetName());
 		return CMD_FAILURE;
 	}
 
-
-	Link* lnk = Utils->FindLink(servername);
-
+	TreeServer* route = ParentOfThis->GetRoute();
+	Link* lnk = Utils->FindLink(route->GetName());
 	TreeServer* Node = new TreeServer(servername, description, sid, ParentOfThis, ParentOfThis->GetSocket(), lnk ? lnk->Hidden : false);
 
 	HandleExtra(Node, params);
@@ -69,9 +74,9 @@ CmdResult CommandServer::HandleServer(TreeServer* ParentOfThis, std::vector<std:
 	return CMD_SUCCESS;
 }
 
-void CommandServer::HandleExtra(TreeServer* newserver, const std::vector<std::string>& params)
+void CommandServer::HandleExtra(TreeServer* newserver, Params& params)
 {
-	for (std::vector<std::string>::const_iterator i = params.begin() + 2; i != params.end() - 1; ++i)
+	for (CommandBase::Params::const_iterator i = params.begin() + 2; i != params.end() - 1; ++i)
 	{
 		const std::string& prop = *i;
 		std::string::size_type p = prop.find('=');
@@ -84,12 +89,14 @@ void CommandServer::HandleExtra(TreeServer* newserver, const std::vector<std::st
 			val.assign(prop, p+1, std::string::npos);
 		}
 
-		if (key == "burst")
-			newserver->BeginBurst(ConvToInt(val));
+		if (irc::equals(key, "burst"))
+			newserver->BeginBurst(ConvToNum<uint64_t>(val));
+		else if (irc::equals(key, "hidden"))
+			newserver->Hidden = ConvToNum<bool>(val);
 	}
 }
 
-Link* TreeSocket::AuthRemote(const parameterlist& params)
+Link* TreeSocket::AuthRemote(const CommandBase::Params& params)
 {
 	if (params.size() < 5)
 	{
@@ -97,7 +104,6 @@ Link* TreeSocket::AuthRemote(const parameterlist& params)
 		return NULL;
 	}
 
-	irc::string servername = params[0].c_str();
 	const std::string& sname = params[0];
 	const std::string& password = params[1];
 	const std::string& sid = params[3];
@@ -114,24 +120,37 @@ Link* TreeSocket::AuthRemote(const parameterlist& params)
 	for (std::vector<reference<Link> >::iterator i = Utils->LinkBlocks.begin(); i < Utils->LinkBlocks.end(); i++)
 	{
 		Link* x = *i;
-		if (x->Name != servername && x->Name != "*") // open link allowance
+		if (!InspIRCd::Match(sname, x->Name))
 			continue;
 
 		if (!ComparePass(*x, password))
 		{
-			ServerInstance->SNO->WriteToSnoMask('l',"Invalid password on link: %s", x->Name.c_str());
+			ServerInstance->SNO->WriteToSnoMask('l', "Invalid password on link: %s", x->Name.c_str());
 			continue;
 		}
 
 		if (!CheckDuplicate(sname, sid))
 			return NULL;
 
-		ServerInstance->SNO->WriteToSnoMask('l',"Verified server connection " + linkID + " ("+description+")");
+		ServerInstance->SNO->WriteToSnoMask('l', "Verified server connection " + linkID + " ("+description+")");
+
+		const SSLIOHook* const ssliohook = SSLIOHook::IsSSL(this);
+		if (ssliohook)
+		{
+			std::string ciphersuite;
+			ssliohook->GetCiphersuite(ciphersuite);
+			ServerInstance->SNO->WriteToSnoMask('l', "Negotiated ciphersuite %s on link %s", ciphersuite.c_str(), x->Name.c_str());
+		}
+		else if (!irc::sockets::cidr_mask("127.0.0.0/8").match(capab->remotesa) && !irc::sockets::cidr_mask("::1/128").match(capab->remotesa))
+		{
+			ServerInstance->SNO->WriteGlobalSno('l', "Server connection to %s is not using SSL (TLS). This is VERY INSECURE and will not be allowed in the next major version of InspIRCd.", x->Name.c_str());
+		}
+
 		return x;
 	}
 
-	this->SendError("Mismatched server name or password (check the other server's snomask output for details - e.g. umode +s +Ll)");
-	ServerInstance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, invalid link credentials");
+	this->SendError("Mismatched server name or password (check the other server's snomask output for details - e.g. user mode +s +Ll)");
+	ServerInstance->SNO->WriteToSnoMask('l', "Server connection from \002"+sname+"\002 denied, invalid link credentials");
 	return NULL;
 }
 
@@ -139,7 +158,7 @@ Link* TreeSocket::AuthRemote(const parameterlist& params)
  * This is used after the other side of a connection has accepted our credentials.
  * They are then introducing themselves to us, BEFORE either of us burst. -- w
  */
-bool TreeSocket::Outbound_Reply_Server(parameterlist &params)
+bool TreeSocket::Outbound_Reply_Server(CommandBase::Params& params)
 {
 	const Link* x = AuthRemote(params);
 	if (x)
@@ -168,7 +187,7 @@ bool TreeSocket::CheckDuplicate(const std::string& sname, const std::string& sid
 	{
 		std::string pname = CheckDupe->GetParent() ? CheckDupe->GetParent()->GetName() : "<ourself>";
 		SendError("Server "+sname+" already exists on server "+pname+"!");
-		ServerInstance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, already exists on server "+pname);
+		ServerInstance->SNO->WriteToSnoMask('l', "Server connection from \002"+sname+"\002 denied, already exists on server "+pname);
 		return false;
 	}
 
@@ -178,8 +197,8 @@ bool TreeSocket::CheckDuplicate(const std::string& sname, const std::string& sid
 
 	if (CheckDupe)
 	{
-		this->SendError("Server ID "+CheckDupe->GetID()+" already exists on server "+CheckDupe->GetName()+"! You may want to specify the server ID for the server manually with <server:id> so they do not conflict.");
-		ServerInstance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, server ID '"+CheckDupe->GetID()+
+		this->SendError("Server ID "+CheckDupe->GetId()+" already exists on server "+CheckDupe->GetName()+"! You may want to specify the server ID for the server manually with <server:id> so they do not conflict.");
+		ServerInstance->SNO->WriteToSnoMask('l', "Server connection from \002"+sname+"\002 denied, server ID '"+CheckDupe->GetId()+
 				"' already exists on server "+CheckDupe->GetName());
 		return false;
 	}
@@ -191,7 +210,7 @@ bool TreeSocket::CheckDuplicate(const std::string& sname, const std::string& sid
  * Someone else is attempting to connect to us if this is called. Validate their credentials etc.
  *		-- w
  */
-bool TreeSocket::Inbound_Server(parameterlist &params)
+bool TreeSocket::Inbound_Server(CommandBase::Params& params)
 {
 	const Link* x = AuthRemote(params);
 	if (x)
@@ -215,11 +234,12 @@ bool TreeSocket::Inbound_Server(parameterlist &params)
 }
 
 CommandServer::Builder::Builder(TreeServer* server)
-	: CmdBuilder(server->GetParent()->GetID(), "SERVER")
+	: CmdBuilder(server->GetParent(), "SERVER")
 {
 	push(server->GetName());
-	push(server->GetID());
+	push(server->GetId());
 	if (server->IsBursting())
 		push_property("burst", ConvToStr(server->StartBurst));
+	push_property("hidden", ConvToStr(server->Hidden));
 	push_last(server->GetDesc());
 }