X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_spanningtree%2Ftreesocket1.cpp;h=acc6c7fe2f4cf9fa22d3a18b848f1f928cfda414;hb=715074dd10079a3ed846e8815290ba0d13cd4bd8;hp=31564b017d8488c389532d4e8f3faed404e324ab;hpb=594d923190c5af67533c6ee6a8fd9b2715fbc979;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/m_spanningtree/treesocket1.cpp b/src/modules/m_spanningtree/treesocket1.cpp index 31564b017..acc6c7fe2 100644 --- a/src/modules/m_spanningtree/treesocket1.cpp +++ b/src/modules/m_spanningtree/treesocket1.cpp @@ -1,3 +1,16 @@ +/* +------------------------------------+ + * | Inspire Internet Relay Chat Daemon | + * +------------------------------------+ + * + * InspIRCd: (C) 2002-2007 InspIRCd Development Team + * See: http://www.inspircd.org/wiki/index.php/Credits + * + * This program is free but copyrighted software; see + * the file COPYING for details. + * + * --------------------------------------------------- + */ + #include "configreader.h" #include "users.h" #include "channels.h" @@ -9,6 +22,7 @@ #include "wildcard.h" #include "xline.h" #include "transport.h" +#include "m_hash.h" #include "socketengine.h" #include "m_spanningtree/main.h" @@ -19,7 +33,8 @@ #include "m_spanningtree/resolvers.h" #include "m_spanningtree/handshaketimer.h" -/* $ModDep: m_spanningtree/timesynctimer.h m_spanningtree/resolvers.h m_spanningtree/main.h m_spanningtree/utils.h m_spanningtree/treeserver.h m_spanningtree/link.h m_spanningtree/treesocket.h */ +/* $ModDep: m_spanningtree/timesynctimer.h m_spanningtree/resolvers.h m_spanningtree/main.h m_spanningtree/utils.h m_spanningtree/treeserver.h m_spanningtree/link.h m_spanningtree/treesocket.h m_hash.h */ + /** Because most of the I/O gubbins are encapsulated within * InspSocket, we just call the superclass constructor for @@ -31,14 +46,16 @@ TreeSocket::TreeSocket(SpanningTreeUtilities* Util, InspIRCd* SI, std::string ho { myhost = host; this->LinkState = LISTENER; + theirchallenge = ourchallenge = ""; if (listening && Hook) InspSocketHookRequest(this, (Module*)Utils->Creator, Hook).Send(); } -TreeSocket::TreeSocket(SpanningTreeUtilities* Util, InspIRCd* SI, std::string host, int port, bool listening, unsigned long maxtime, std::string ServerName, Module* HookMod) - : InspSocket(SI, host, port, listening, maxtime), Utils(Util), Hook(HookMod) +TreeSocket::TreeSocket(SpanningTreeUtilities* Util, InspIRCd* SI, std::string host, int port, bool listening, unsigned long maxtime, const std::string &ServerName, const std::string &bindto, Module* HookMod) + : InspSocket(SI, host, port, listening, maxtime, bindto), Utils(Util), Hook(HookMod) { myhost = ServerName; + theirchallenge = ourchallenge = ""; this->LinkState = CONNECTING; if (Hook) InspSocketHookRequest(this, (Module*)Utils->Creator, Hook).Send(); @@ -52,21 +69,14 @@ TreeSocket::TreeSocket(SpanningTreeUtilities* Util, InspIRCd* SI, int newfd, cha : InspSocket(SI, newfd, ip), Utils(Util), Hook(HookMod) { this->LinkState = WAIT_AUTH_1; + theirchallenge = ourchallenge = ""; /* If we have a transport module hooked to the parent, hook the same module to this * socket, and set a timer waiting for handshake before we send CAPAB etc. */ if (Hook) - { InspSocketHookRequest(this, (Module*)Utils->Creator, Hook).Send(); - Instance->Timers->AddTimer(new HandshakeTimer(Instance, this, &(Utils->LinkBlocks[0]), this->Utils)); - } - else - { - /* Otherwise, theres no lower layer transport in plain TCP/IP, - * so just send the capabilities right now. - */ - this->SendCapabilities(); - } + + Instance->Timers->AddTimer(new HandshakeTimer(Instance, this, &(Utils->LinkBlocks[0]), this->Utils, 1)); } ServerState TreeSocket::GetLinkState() @@ -85,6 +95,69 @@ TreeSocket::~TreeSocket() InspSocketUnhookRequest(this, (Module*)Utils->Creator, Hook).Send(); } +const std::string& TreeSocket::GetOurChallenge() +{ + return this->ourchallenge; +} + +void TreeSocket::SetOurChallenge(const std::string &c) +{ + this->ourchallenge = c; +} + +const std::string& TreeSocket::GetTheirChallenge() +{ + return this->theirchallenge; +} + +void TreeSocket::SetTheirChallenge(const std::string &c) +{ + this->theirchallenge = c; +} + +std::string TreeSocket::MakePass(const std::string &password, const std::string &challenge) +{ + /* This is a simple (maybe a bit hacky?) HMAC algorithm, thanks to jilles for + * suggesting the use of HMAC to secure the password against various attacks. + * + * Note: If m_sha256.so is not loaded, we MUST fall back to plaintext with no + * HMAC challenge/response. + */ + Module* sha256 = Instance->FindModule("m_sha256.so"); + if (Utils->ChallengeResponse && sha256 && !challenge.empty()) + { + /* XXX: This is how HMAC is supposed to be done: + * + * sha256( (pass xor 0x5c) + sha256((pass xor 0x36) + m) ) + * + * Note that we are encoding the hex hash, not the binary + * output of the hash which is slightly different to standard. + * + * Don't ask me why its always 0x5c and 0x36... it just is. + */ + std::string hmac1, hmac2; + + for (size_t n = 0; n < password.length(); n++) + { + hmac1 += static_cast(password[n] ^ 0x5C); + hmac2 += static_cast(password[n] ^ 0x36); + } + + HashResetRequest(Utils->Creator, sha256).Send(); + hmac2 = HashSumRequest(Utils->Creator, sha256, hmac2).Send(); + + HashResetRequest(Utils->Creator, sha256).Send(); + std::string hmac = hmac1 + hmac2 + challenge; + hmac = HashSumRequest(Utils->Creator, sha256, hmac).Send(); + + return "HMAC-SHA256:"+ hmac; + } + else if (!challenge.empty() && !sha256) + Instance->Log(DEFAULT,"Not authenticating to server using SHA256/HMAC because we don't have m_sha256 loaded!"); + + return password; +} + /** When an outbound connection finishes connecting, we receive * this event, and must send our SERVER string to the other * side. If the other side is happy, as outlined in the server @@ -106,13 +179,9 @@ bool TreeSocket::OnConnected() InspSocketHookRequest(this, (Module*)Utils->Creator, Hook).Send(); this->Instance->SNO->WriteToSnoMask('l',"Connection to \2"+myhost+"\2["+(x->HiddenFromStats ? "" : this->GetIP())+"] using transport \2"+x->Hook+"\2"); } - else - this->SendCapabilities(); + this->OutboundPass = x->SendPass; /* found who we're supposed to be connecting to, send the neccessary gubbins. */ - if (Hook) - Instance->Timers->AddTimer(new HandshakeTimer(Instance, this, &(*x), this->Utils)); - else - this->WriteLine(std::string("SERVER ")+this->Instance->Config->ServerName+" "+x->SendPass+" 0 :"+this->Instance->Config->ServerDesc); + Instance->Timers->AddTimer(new HandshakeTimer(Instance, this, &(*x), this->Utils, 2)); return true; } } @@ -194,6 +263,30 @@ std::string TreeSocket::MyCapabilities() return capabilities; } +std::string TreeSocket::RandString(unsigned int length) +{ + char* randombuf = new char[length+1]; + std::string out; + int fd = open("/dev/urandom", O_RDONLY, 0); + + if (fd >= 0) + { + read(fd, randombuf, length); + close(fd); + } + else + { + for (unsigned int i = 0; i < length; i++) + randombuf[i] = rand(); + } + + for (unsigned int i = 0; i < length; i++) + out += static_cast((randombuf[i] & 0x7F) | 0x21); + + delete[] randombuf; + return out; +} + void TreeSocket::SendCapabilities() { irc::commasepstream modulelist(MyCapabilities()); @@ -226,7 +319,15 @@ void TreeSocket::SendCapabilities() #ifdef SUPPORT_IP6LINKS ip6support = 1; #endif - this->WriteLine("CAPAB CAPABILITIES :NICKMAX="+ConvToStr(NICKMAX)+" HALFOP="+ConvToStr(this->Instance->Config->AllowHalfop)+" CHANMAX="+ConvToStr(CHANMAX)+" MAXMODES="+ConvToStr(MAXMODES)+" IDENTMAX="+ConvToStr(IDENTMAX)+" MAXQUIT="+ConvToStr(MAXQUIT)+" MAXTOPIC="+ConvToStr(MAXTOPIC)+" MAXKICK="+ConvToStr(MAXKICK)+" MAXGECOS="+ConvToStr(MAXGECOS)+" MAXAWAY="+ConvToStr(MAXAWAY)+" IP6NATIVE="+ConvToStr(ip6)+" IP6SUPPORT="+ConvToStr(ip6support)+" PROTOCOL="+ConvToStr(ProtocolVersion)); + std::string extra; + /* Do we have sha256 available? If so, we send a challenge */ + if (Utils->ChallengeResponse && (Instance->FindModule("m_sha256.so"))) + { + this->SetOurChallenge(RandString(20)); + extra = " CHALLENGE=" + this->GetOurChallenge(); + } + + this->WriteLine("CAPAB CAPABILITIES :NICKMAX="+ConvToStr(NICKMAX)+" HALFOP="+ConvToStr(this->Instance->Config->AllowHalfop)+" CHANMAX="+ConvToStr(CHANMAX)+" MAXMODES="+ConvToStr(MAXMODES)+" IDENTMAX="+ConvToStr(IDENTMAX)+" MAXQUIT="+ConvToStr(MAXQUIT)+" MAXTOPIC="+ConvToStr(MAXTOPIC)+" MAXKICK="+ConvToStr(MAXKICK)+" MAXGECOS="+ConvToStr(MAXGECOS)+" MAXAWAY="+ConvToStr(MAXAWAY)+" IP6NATIVE="+ConvToStr(ip6)+" IP6SUPPORT="+ConvToStr(ip6support)+" PROTOCOL="+ConvToStr(ProtocolVersion)+extra); this->WriteLine("CAPAB END"); } @@ -334,6 +435,25 @@ bool TreeSocket::Capab(const std::deque ¶ms) reason = "Maximum GECOS (fullname) lengths differ or remote GECOS length not specified"; if (((this->CapKeys.find("MAXAWAY") == this->CapKeys.end()) || ((this->CapKeys.find("MAXAWAY") != this->CapKeys.end()) && (this->CapKeys.find("MAXAWAY")->second != ConvToStr(MAXAWAY))))) reason = "Maximum awaymessage lengths differ or remote awaymessage length not specified"; + + /* Challenge response, store their challenge for our password */ + std::map::iterator n = this->CapKeys.find("CHALLENGE"); + if (Utils->ChallengeResponse && (n != this->CapKeys.end()) && (Instance->FindModule("m_sha256.so"))) + { + /* Challenge-response is on now */ + this->SetTheirChallenge(n->second); + if (!this->GetOurChallenge().empty() && (this->LinkState == CONNECTING)) + { + this->WriteLine(std::string("SERVER ")+this->Instance->Config->ServerName+" "+this->MakePass(OutboundPass, this->GetTheirChallenge())+" 0 :"+this->Instance->Config->ServerDesc); + } + } + else + { + /* They didnt specify a challenge or we don't have m_sha256.so, we use plaintext */ + if (this->LinkState == CONNECTING) + this->WriteLine(std::string("SERVER ")+this->Instance->Config->ServerName+" "+OutboundPass+" 0 :"+this->Instance->Config->ServerDesc); + } + if (reason.length()) { this->WriteLine("ERROR :CAPAB negotiation failed: "+reason); @@ -356,8 +476,9 @@ bool TreeSocket::Capab(const std::deque ¶ms) else if ((params[0] == "CAPABILITIES") && (params.size() == 2)) { irc::tokenstream capabs(params[1]); - std::string item = "*"; - while ((item = capabs.GetToken()) != "") + std::string item; + bool more = true; + while ((more = capabs.GetToken(item))) { /* Process each key/value pair */ std::string::size_type equals = item.rfind('='); @@ -500,283 +621,24 @@ bool TreeSocket::ForceMode(const std::string &source, std::deque &p return true; } - /* TS is equal: Merge the mode changes, use voooodoooooo on modes - * with parameters. + /* TS is equal or less: Merge the mode changes into ours and pass on. */ - if (TS == ourTS) - { - ModeHandler* mh = NULL; - unsigned long paramptr = 3; - std::string to_bounce = ""; - std::string to_keep = ""; - std::vector params_to_keep; - std::string params_to_bounce = ""; - bool adding = true; - char cur_change = 1; - char old_change = 0; - char old_bounce_change = 0; - /* Merge modes, basically do special stuff to mode with params */ - for (std::string::iterator x = params[2].begin(); x != params[2].end(); x++) - { - switch (*x) - { - case '-': - adding = false; - break; - case '+': - adding = true; - break; - default: - if (adding) - { - /* We only care about whats being set, - * not whats being unset - */ - mh = this->Instance->Modes->FindMode(*x, chan ? MODETYPE_CHANNEL : MODETYPE_USER); - if ((mh) && (mh->GetNumParams(adding) > 0) && (!mh->IsListMode())) - { - /* We only want to do special things to - * modes with parameters, we are going to rewrite - * those parameters - */ - ModePair ret; - adding ? cur_change = '+' : cur_change = '-'; - ret = mh->ModeSet(smode ? NULL : who, dst, chan, params[paramptr]); - /* The mode is set here, check which we should keep */ - if (ret.first) - { - bool which_to_keep = mh->CheckTimeStamp(TS, ourTS, params[paramptr], ret.second, chan); - if (which_to_keep == true) - { - /* Keep ours, bounce theirs: - * Send back ours to them and - * drop their mode changs - */ - adding ? cur_change = '+' : cur_change = '-'; - if (cur_change != old_bounce_change) - to_bounce += cur_change; - to_bounce += *x; - old_bounce_change = cur_change; - if ((mh->GetNumParams(adding) > 0) && (paramptr < params.size())) - params_to_bounce.append(" ").append(ret.second); - } - else - { - /* Keep theirs: Accept their mode change, - * do nothing else - */ - adding ? cur_change = '+' : cur_change = '-'; - if (cur_change != old_change) - to_keep += cur_change; - to_keep += *x; - old_change = cur_change; - if ((mh->GetNumParams(adding) > 0) && (paramptr < params.size())) - params_to_keep.push_back(params[paramptr]); - } - } - else - { - /* Mode isnt set here, we want it */ - adding ? cur_change = '+' : cur_change = '-'; - if (cur_change != old_change) - to_keep += cur_change; - to_keep += *x; - old_change = cur_change; - if ((mh->GetNumParams(adding) > 0) && (paramptr < params.size())) - params_to_keep.push_back(params[paramptr]); - } - paramptr++; - } - else - { - mh = this->Instance->Modes->FindMode(*x, chan ? MODETYPE_CHANNEL : MODETYPE_USER); - if (mh) - { - adding ? cur_change = '+' : cur_change = '-'; - - /* Just keep this, safe to merge with no checks - * it has no parameters - */ - - if (cur_change != old_change) - to_keep += cur_change; - to_keep += *x; - old_change = cur_change; - - if ((mh->GetNumParams(adding) > 0) && (paramptr < params.size())) - { - params_to_keep.push_back(params[paramptr++]); - } - } - } - } - else - { - mh = this->Instance->Modes->FindMode(*x, chan ? MODETYPE_CHANNEL : MODETYPE_USER); - if (mh) - { - /* Taking a mode away */ - adding ? cur_change = '+' : cur_change = '-'; - if (cur_change != old_change) - to_keep += cur_change; - to_keep += *x; - old_change = cur_change; - if ((mh->GetNumParams(adding) > 0) && (paramptr < params.size())) - params_to_keep.push_back(params[paramptr++]); - } - } - break; - } - } - if (to_bounce.length()) - { - std::deque newparams; - newparams.push_back(params[0]); - newparams.push_back(ConvToStr(ourTS)); - newparams.push_back(to_bounce+params_to_bounce); - Utils->DoOneToOne(this->Instance->Config->ServerName,"FMODE",newparams,sourceserv); - } - if (to_keep.length()) - { - unsigned int n = 2; - unsigned int q = 0; - modelist[0] = params[0].c_str(); - modelist[1] = to_keep.c_str(); - if (params_to_keep.size() > 0) - { - for (q = 0; (q < params_to_keep.size()) && (q < 64); q++) - { - modelist[n++] = params_to_keep[q].c_str(); - } - } - if (smode) - { - this->Instance->SendMode(modelist, n, who); - } - else - { - this->Instance->CallCommandHandler("MODE", modelist, n, who); - } - /* HOT POTATO! PASS IT ON! */ - Utils->DoOneToAllButSender(source,"FMODE",params,sourceserv); - } - } - else - /* U-lined servers always win regardless of their TS */ - if ((TS > ourTS) && (!this->Instance->ULine(source.c_str()))) + if (TS <= ourTS) { - /* Bounce the mode back to its sender.* We use our lower TS, so the other end - * SHOULD accept it, if its clock is right. - * - * NOTE: We should check that we arent bouncing anything thats already set at this end. - * If we are, bounce +ourmode to 'reinforce' it. This prevents desyncs. - * e.g. They send +l 50, we have +l 10 set. rather than bounce -l 50, we bounce +l 10. - * - * Thanks to jilles for pointing out this one-hell-of-an-issue before i even finished - * writing the code. It took me a while to come up with this solution. - * - * XXX: BE SURE YOU UNDERSTAND THIS CODE FULLY BEFORE YOU MESS WITH IT. - */ - std::deque newparams; /* New parameter list we send back */ - newparams.push_back(params[0]); /* Target, user or channel */ - newparams.push_back(ConvToStr(ourTS)); /* Timestamp value of the target */ - newparams.push_back(""); /* This contains the mode string. For now - * it's empty, we fill it below. - */ - /* Intelligent mode bouncing. Don't just invert, reinforce any modes which are already - * set to avoid a desync here. - */ - std::string modebounce = ""; - bool adding = true; - unsigned int t = 3; - ModeHandler* mh = NULL; - char cur_change = 1; - char old_change = 0; - for (std::string::iterator x = params[2].begin(); x != params[2].end(); x++) - { - /* Iterate over all mode chars in the sent set */ - switch (*x) - { - /* Adding or subtracting modes? */ - case '-': - adding = false; - break; - case '+': - adding = true; - break; - default: - /* Find the mode handler for this mode */ - mh = this->Instance->Modes->FindMode(*x, chan ? MODETYPE_CHANNEL : MODETYPE_USER); - /* Got a mode handler? - * This also prevents us bouncing modes we have no handler for. - */ - if (mh) - { - ModePair ret; - std::string p = ""; - /* Does the mode require a parameter right now? - * If it does, fetch it if we can - */ - if ((mh->GetNumParams(adding) > 0) && (t < params.size())) - p = params[t++]; - /* Call the ModeSet method to determine if its set with the - * given parameter here or not. - */ - ret = mh->ModeSet(smode ? NULL : who, dst, chan, p); - /* XXX: Really. Dont ask. - * Determine from if its set combined with what the current - * 'state' is (adding or not) as to wether we should 'invert' - * or 'reinforce' the mode change - */ - (!ret.first ? (adding ? cur_change = '-' : cur_change = '+') : (!adding ? cur_change = '-' : cur_change = '+')); - /* Quickly determine if we have 'flipped' from + to -, - * or - to +, to prevent unneccessary +/- chars in the - * output string that waste bandwidth - */ - if (cur_change != old_change) - modebounce += cur_change; - old_change = cur_change; - /* Add the mode character to the output string */ - modebounce += mh->GetModeChar(); - /* We got a parameter back from ModeHandler::ModeSet, - * are we supposed to be sending one out right now? - */ - if (ret.second.length()) - { - if (mh->GetNumParams(cur_change == '+') > 0) - /* Yes we're supposed to be sending out - * the parameter. Make sure it goes - */ - newparams.push_back(ret.second); - } - } - break; - } - } - - /* Update the parameters for FMODE with the new 'bounced' string */ - newparams[2] = modebounce; - /* Only send it back the way it came, no need to send it anywhere else */ - Utils->DoOneToOne(this->Instance->Config->ServerName,"FMODE",newparams,sourceserv); - } - else - { - /* The server was ulined, but something iffy is up with the TS. - * Sound the alarm bells! - */ - if ((this->Instance->ULine(sourceserv.c_str())) && (TS > ourTS)) + if (smode) { - this->Instance->WriteOpers("\2WARNING!\2 U-Lined server '%s' has bad TS for '%s' (accepted change): \2SYNC YOUR CLOCKS\2 to avoid this notice",sourceserv.c_str(),params[0].c_str()); + this->Instance->SendMode(modelist, n, who); } - /* Allow the mode, route it to either server or user command handling */ - if (smode) - this->Instance->SendMode(modelist,n,who); else + { this->Instance->CallCommandHandler("MODE", modelist, n, who); + } /* HOT POTATO! PASS IT ON! */ Utils->DoOneToAllButSender(source,"FMODE",params,sourceserv); } - /* Are we supposed to free the userrec? */ + /* If the TS is greater than ours, we drop the mode and dont pass it anywhere. + */ + if (smode) DELETE(who); @@ -797,7 +659,7 @@ bool TreeSocket::ForceTopic(const std::string &source, std::deque & { std::string oldtopic = c->topic; strlcpy(c->topic,params[3].c_str(),MAXTOPIC); - strlcpy(c->setby,params[2].c_str(),NICKMAX-1); + strlcpy(c->setby,params[2].c_str(),127); c->topicset = ts; /* if the topic text is the same as the current topic, * dont bother to send the TOPIC command out, just silently @@ -887,6 +749,7 @@ bool TreeSocket::ForceJoin(const std::string &source, std::deque &p userrec* who = NULL; /* User we are currently checking */ std::string channel = params[0]; /* Channel name, as a string */ time_t TS = atoi(params[1].c_str()); /* Timestamp given to us for remote side */ + std::string nicklist = params[2]; bool created = false; /* Try and find the channel */ @@ -904,6 +767,13 @@ bool TreeSocket::ForceJoin(const std::string &source, std::deque &p ourTS = chan->age; else created = true; /* don't perform deops, and set TS to correct time after processing. */ + + /* do this first, so our mode reversals are correctly received by other servers + * if there is a TS collision. + */ + params[2] = ":" + params[2]; + Utils->DoOneToAllButSender(source,"FJOIN",params,source); + /* In 1.1, if they have the newer channel, we immediately clear * all status modes from our users. We then accept their modes. * If WE have the newer channel its the other side's job to do this. @@ -928,18 +798,13 @@ bool TreeSocket::ForceJoin(const std::string &source, std::deque &p } } /* Put the final parameter of the FJOIN into a tokenstream ready to split it */ - irc::tokenstream users(params[2]); - std::string item = "*"; - /* do this first, so our mode reversals are correctly received by other servers - * if there is a TS collision. - */ - params[2] = ":" + params[2]; - Utils->DoOneToAllButSender(source,"FJOIN",params,source); + irc::tokenstream users(nicklist); + std::string item; + /* Now, process every 'prefixes,nick' pair */ - while (item != "") + while (users.GetToken(item)) { /* Find next user */ - item = users.GetToken(); const char* usr = item.c_str(); /* Safety check just to make sure someones not sent us an FJOIN full of spaces * (is this even possible?) */ @@ -981,12 +846,6 @@ bool TreeSocket::ForceJoin(const std::string &source, std::deque &p who = this->Instance->FindNick(usr); if (who) { - /* Did they get any modes? How many times? */ - strlcat(modestring, nm, MAXBUF); - for (int k = 0; k < ntimes; k++) - mode_users[modectr++] = strdup(usr); - /* Free temporary buffer used for mode sequence */ - delete[] nm; /* Check that the user's 'direction' is correct * based on the server sending the FJOIN. We must * check each nickname in turn, because the origin of @@ -997,12 +856,30 @@ bool TreeSocket::ForceJoin(const std::string &source, std::deque &p if ((!route_back_again) || (route_back_again->GetSocket() != this)) { /* Oh dear oh dear. */ + delete[] nm; continue; } + + /* NOTE: Moved this below the fake direction check, so that modes + * arent put into the mode list for users that were collided, and + * may reconnect from the other side or our side before the split + * is completed! + */ + + /* Did they get any modes? How many times? */ + strlcat(modestring, nm, MAXBUF); + for (int k = 0; k < ntimes; k++) + mode_users[modectr++] = strdup(usr); + /* Free temporary buffer used for mode sequence */ + delete[] nm; + /* Finally, we can actually place the user into the channel. * We're sure its right. Final answer, phone a friend. */ - chanrec::JoinUser(this->Instance, who, channel.c_str(), true, ""); + if (created) + chanrec::JoinUser(this->Instance, who, channel.c_str(), true, "", TS); + else + chanrec::JoinUser(this->Instance, who, channel.c_str(), true, ""); /* Have we already queued up MAXMODES modes with parameters * (+qaohv) ready to be sent to the server? */ @@ -1054,7 +931,7 @@ bool TreeSocket::ForceJoin(const std::string &source, std::deque &p * in case somehow we're desynched, so that other users which might be able to see * the nickname get their fair chance to process it. */ - Instance->Log(SPARSE,"Warning! Invalid user in FJOIN to channel %s IGNORED", channel.c_str()); + Instance->Log(SPARSE,"Warning! Invalid user %s in FJOIN to channel %s IGNORED", usr, channel.c_str()); continue; } } @@ -1084,19 +961,6 @@ bool TreeSocket::ForceJoin(const std::string &source, std::deque &p for (unsigned int f = 2; f < modectr; f++) free(mode_users[f]); } - /* if we newly created the channel, set it's TS properly. */ - if (created) - { - /* find created channel .. */ - chan = this->Instance->FindChan(channel); - if (chan) - /* w00t said this shouldnt be needed but it is. - * This isnt strictly true, as chan can be NULL - * if a nick collision has occured and therefore - * the channel was never created. - */ - chan->age = TS; - } /* All done. That wasnt so bad was it, you can wipe * the sweat from your forehead now. :-) */ @@ -1106,25 +970,60 @@ bool TreeSocket::ForceJoin(const std::string &source, std::deque &p /** NICK command */ bool TreeSocket::IntroduceClient(const std::string &source, std::deque ¶ms) { - if (params.size() < 8) - return true; - if (params.size() > 8) + /** Do we have enough parameters: + * NICK age nick host dhost ident +modes ip :gecos + */ + if (params.size() != 8) { this->WriteLine(std::string(":")+this->Instance->Config->ServerName+" KILL "+params[1]+" :Invalid client introduction ("+params[1]+"?)"); return true; } - // NICK age nick host dhost ident +modes ip :gecos - // 0 1 2 3 4 5 6 7 - time_t age = atoi(params[0].c_str()); + time_t age = atoi(params[0].c_str()); const char* tempnick = params[1].c_str(); - Instance->Log(DEBUG,"New remote client %s",tempnick); + /** Check parameters for validity before introducing the client, discovered by dmb. + * XXX: Can we make this neater? + */ + if (!age) + { + this->WriteLine(std::string(":")+this->Instance->Config->ServerName+" KILL "+params[1]+" :Invalid client introduction (Invalid TS?)"); + return true; + } + else if (params[1].length() > NICKMAX) + { + this->WriteLine(std::string(":")+this->Instance->Config->ServerName+" KILL "+params[1]+" :Invalid client introduction ("+params[1]+" > NICKMAX?)"); + return true; + } + else if (params[2].length() > 64) + { + this->WriteLine(std::string(":")+this->Instance->Config->ServerName+" KILL "+params[1]+" :Invalid client introduction ("+params[2]+" > 64?)"); + return true; + } + else if (params[3].length() > 64) + { + this->WriteLine(std::string(":")+this->Instance->Config->ServerName+" KILL "+params[1]+" :Invalid client introduction ("+params[3]+" > 64?)"); + return true; + } + else if (params[4].length() > IDENTMAX) + { + this->WriteLine(std::string(":")+this->Instance->Config->ServerName+" KILL "+params[1]+" :Invalid client introduction ("+params[4]+" > IDENTMAX?)"); + return true; + } + else if (params[7].length() > MAXGECOS) + { + this->WriteLine(std::string(":")+this->Instance->Config->ServerName+" KILL "+params[1]+" :Invalid client introduction ("+params[7]+" > MAXGECOS?)"); + return true; + } + + /** Our client looks ok, lets introduce it now + */ + Instance->Log(DEBUG,"New remote client %s",tempnick); user_hash::iterator iter = this->Instance->clientlist->find(tempnick); if (iter != this->Instance->clientlist->end()) { - // nick collision + /* nick collision */ this->WriteLine(std::string(":")+this->Instance->Config->ServerName+" KILL "+tempnick+" :Nickname collision"); userrec::QuitUser(this->Instance, iter->second, "Nickname collision"); return true; @@ -1142,9 +1041,7 @@ bool TreeSocket::IntroduceClient(const std::string &source, std::dequeregistered = REG_ALL; _new->signon = age; - /* - * we need to remove the + from the modestring, so we can do our stuff - */ + /* we need to remove the + from the modestring, so we can do our stuff */ std::string::size_type pos_after_plus = params[5].find_first_not_of('+'); if (pos_after_plus != std::string::npos) params[5] = params[5].substr(pos_after_plus); @@ -1169,7 +1066,9 @@ bool TreeSocket::IntroduceClient(const std::string &source, std::dequeSetSockAddr(AF_INET, params[6].c_str(), 0); Instance->AddGlobalClone(_new); - this->Instance->SNO->WriteToSnoMask('C',"Client connecting at %s: %s!%s@%s [%s]",_new->server,_new->nick,_new->ident,_new->host, _new->GetIPString()); + + if (!this->Instance->SilentULine(_new->server)) + this->Instance->SNO->WriteToSnoMask('C',"Client connecting at %s: %s!%s@%s [%s]",_new->server,_new->nick,_new->ident,_new->host, _new->GetIPString()); params[7] = ":" + params[7]; Utils->DoOneToAllButSender(source,"NICK", params, source); @@ -1247,23 +1146,32 @@ void TreeSocket::SendFJoins(TreeServer* Current, chanrec* c) modes.append("+"); } + buffer.append(":").append(this->Instance->Config->ServerName).append(" FMODE ").append(c->name).append(" ").append(ConvToStr(c->age)).append(" +").append(c->ChanModes(true)).append("\r\n"); + + int linesize = 1; for (BanList::iterator b = c->bans.begin(); b != c->bans.end(); b++) { - modes.append("b"); - params.append(" ").append(b->data); - if (params.length() >= MAXMODES) + int size = strlen(b->data) + 2; + int currsize = linesize + size; + if (currsize <= 350) + { + modes.append("b"); + params.append(" ").append(b->data); + linesize += size; + } + if ((params.length() >= MAXMODES) || (currsize > 350)) { /* Wrap at MAXMODES */ buffer.append(":").append(this->Instance->Config->ServerName).append(" FMODE ").append(c->name).append(" ").append(ConvToStr(c->age)).append(" +").append(modes).append(params).append("\r\n"); modes = ""; params = ""; + linesize = 1; } } - buffer.append(":").append(this->Instance->Config->ServerName).append(" FMODE ").append(c->name).append(" ").append(ConvToStr(c->age)).append(" +").append(c->ChanModes(true)); /* Only send these if there are any */ if (!modes.empty()) - buffer.append("\r\n").append(":").append(this->Instance->Config->ServerName).append(" FMODE ").append(c->name).append(" ").append(ConvToStr(c->age)).append(" +").append(modes).append(params); + buffer.append(":").append(this->Instance->Config->ServerName).append(" FMODE ").append(c->name).append(" ").append(ConvToStr(c->age)).append(" +").append(modes).append(params); this->WriteLine(buffer); } @@ -1387,11 +1295,10 @@ void TreeSocket::SendUsers(TreeServer* Current) */ void TreeSocket::DoBurst(TreeServer* s) { + std::string name = s->GetName(); std::string burst = "BURST "+ConvToStr(Instance->Time(true)); std::string endburst = "ENDBURST"; - // Because by the end of the netburst, it could be gone! - std::string name = s->GetName(); - this->Instance->SNO->WriteToSnoMask('l',"Bursting to \2"+name+"\2."); + this->Instance->SNO->WriteToSnoMask('l',"Bursting to \2%s\2 (Authentication: %s).", name.c_str(), this->GetTheirChallenge().empty() ? "plaintext password" : "SHA256-HMAC challenge-response"); this->WriteLine(burst); /* send our version string */ this->WriteLine(std::string(":")+this->Instance->Config->ServerName+" VERSION :"+this->Instance->GetVersionString());