/** Find a matching Z-line for a user.
* @param[in] cptr Client to compare against.
* @param[in] flags Bitwise combination of ZLINE_GLOBAL and/or
* ZLINE_LASTMOD to limit matches.
* @return Matching Z-line, or NULL if none are found.
*/
struct Zline *
zline_lookup(struct Client *cptr, unsigned int flags)
{
struct Zline *zline;
struct Zline *szline;
if (find_except_conf(cptr, EFLAG_ZLINE))
return 0;
zliter(GlobalZlineList, zline, szline) {
if ((flags & ZLINE_GLOBAL && zline->zl_flags & ZLINE_LOCAL) ||
(flags & ZLINE_LASTMOD && !zline->zl_lastmod))
continue;
if (ZlineIsIpMask(zline)) {
if (!irc_in_addr_type_cmp(&cli_ip(cptr), &zline->zl_addr) && zline->zl_bits)
continue;
if (!ipmask_check(&cli_ip(cptr), &zline->zl_addr, zline->zl_bits))
continue;
}
else {
if (match(zline->zl_mask, cli_sock_ip(cptr)) != 0)
continue;
}
if (ZlineIsActive(zline))
return zline;
}
/*
* No Zlines matched
*/
return 0;
}
/** Check local clients against a new Z-line.
* If the Z-line is inactive, return immediately.
* Otherwise, if any users match it, disconnect them.
* @param[in] cptr Peer connect that sent the Z-line.
* @param[in] sptr Client that originated the Z-line.
* @param[in] zline New Z-line to check.
* @return Zero, unless \a sptr Z-lined himself, in which case CPTR_KILLED.
*/
static int
do_zline(struct Client *cptr, struct Client *sptr, struct Zline *zline)
{
struct Client *acptr;
int fd, retval = 0, tval;
if (feature_bool(FEAT_DISABLE_ZLINES))
return 0; /* Z-lines are disabled */
if (!ZlineIsActive(zline)) /* no action taken on inactive zlines */
return 0;
for (fd = HighestFd; fd >= 0; --fd) {
/*
* get the users!
*/
if ((acptr = LocalClientArray[fd])) {
if (!cli_user(acptr))
continue;
if (find_except_conf(acptr, EFLAG_ZLINE))
continue;
/* IP zline */
if (ZlineIsIpMask(zline)) {
if (!irc_in_addr_type_cmp(&cli_ip(acptr), &zline->zl_addr) && zline->zl_bits)
continue;
if (!ipmask_check(&cli_ip(acptr), &zline->zl_addr, zline->zl_bits))
continue;
}
else {
if (match(zline->zl_mask, cli_sock_ip(acptr)) != 0)
continue;
}
/* ok, here's one that got Z-lined */
send_reply(acptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, ":%s",
zline->zl_reason);
/* let the ops know about it */
sendto_opmask_butone_global(&me, SNO_GLINE, "Z-line active for %s",
get_client_name(acptr, SHOW_IP));
/* and get rid of him */
if ((tval = exit_client_msg(cptr, acptr, &me, "Z-lined%s%s%s",
(!feature_bool(FEAT_HIS_ZLINE_REASON) ? " (" : ""),
(!feature_bool(FEAT_HIS_ZLINE_REASON) ? zline->zl_reason : ""),
(!feature_bool(FEAT_HIS_ZLINE_REASON) ? ")" : ""))))
retval = tval; /* retain killed status */
}
}
return retval;
}
/*
* m_nick - message handler for local clients
* parv[0] = sender prefix
* parv[1] = nickname
*/
int m_nick(struct Client* cptr, struct Client* sptr, int parc, char* parv[])
{
struct Client* acptr;
char nick[NICKLEN + 2];
char* arg;
char* s;
assert(0 != cptr);
assert(cptr == sptr);
if (IsServerPort(cptr))
return exit_client(cptr, cptr, &me, "Use a different port");
if (*(cli_name(sptr)))
if ((*parv[0] != '\0') && shun_lookup(sptr, 0))
return 0;
if (parc < 2) {
send_reply(sptr, ERR_NONICKNAMEGIVEN);
return 0;
}
/*
* Don't let them send make us send back a really long string of
* garbage
*/
arg = parv[1];
if (strlen(arg) > IRCD_MIN(NICKLEN, feature_int(FEAT_NICKLEN)))
arg[IRCD_MIN(NICKLEN, feature_int(FEAT_NICKLEN))] = '\0';
if ((s = strchr(arg, '~')))
*s = '\0';
strcpy(nick, arg);
/*
* If do_nick_name() returns a null name then reject it.
*/
if (0 == do_nick_name(nick)) {
send_reply(sptr, ERR_ERRONEUSNICKNAME, arg);
return 0;
}
/*
* Check if this is a LOCAL user trying to use a reserved (Juped)
* nick, if so tell him that it's a nick in use...
*/
if (isNickJuped(nick)) {
send_reply(sptr, ERR_NICKNAMEINUSE, nick);
return 0; /* NICK message ignored */
}
if (!(acptr = SeekClient(nick))) {
/*
* No collisions, all clear...
*/
return set_nick_name(cptr, sptr, nick, parc, parv, 0);
}
if (IsServer(acptr)) {
send_reply(sptr, ERR_NICKNAMEINUSE, nick);
return 0; /* NICK message ignored */
}
/*
* If acptr == sptr, then we have a client doing a nick
* change between *equivalent* nicknames as far as server
* is concerned (user is changing the case of his/her
* nickname or somesuch)
*/
if (acptr == sptr) {
/*
* If acptr == sptr, then we have a client doing a nick
* change between *equivalent* nicknames as far as server
* is concerned (user is changing the case of his/her
* nickname or somesuch)
*/
if (0 != strcmp(cli_name(acptr), nick)) {
/*
* Allows change of case in his/her nick
*/
return set_nick_name(cptr, sptr, nick, parc, parv, 0);
}
/*
* This is just ':old NICK old' type thing.
* Just forget the whole thing here. There is
* no point forwarding it to anywhere,
* especially since servers prior to this
* version would treat it as nick collision.
*/
return 0;
}
/*
* Note: From this point forward it can be assumed that
* acptr != sptr (point to different client structures).
*/
assert(acptr != sptr);
/*
* If the older one is "non-person", the new entry is just
* allowed to overwrite it. Just silently drop non-person,
* and proceed with the nick. This should take care of the
* "dormant nick" way of generating collisions...
*
* XXX - hmmm can this happen after one is registered?
*
* Yes, client 1 connects to IRC and registers, client 2 connects and
* sends "NICK foo" but doesn't send anything more. client 1 now does
* /nick foo, they should succeed and client 2 gets disconnected with
* the message below.
*/
if (IsUnknown(acptr) && MyConnect(acptr)) {
ServerStats->is_ref++;
if (!find_except_conf(acptr, EFLAG_IPCHECK))
IPcheck_connect_fail(acptr, 0);
exit_client(cptr, acptr, &me, "Overridden by other sign on");
return set_nick_name(cptr, sptr, nick, parc, parv, 0);
}
/*
* NICK is coming from local client connection. Just
* send error reply and ignore the command.
*/
send_reply(sptr, ERR_NICKNAMEINUSE, nick);
return 0; /* NICK message ignored */
}
/*
* ms_nick - server message handler for nicks
* parv[0] = sender prefix
* parv[1] = nickname
*
* If from server, source is client:
* parv[2] = timestamp
*
* Source is server:
* parv[2] = hopcount
* parv[3] = timestamp
* parv[4] = username
* parv[5] = hostname
* parv[6] = umode (optional)
* parv[parc-3] = IP# <- Only Protocol >= 10
* parv[parc-2] = YXX, numeric nick <- Only Protocol >= 10
* parv[parc-1] = info
* parv[0] = server
*/
int ms_nick(struct Client* cptr, struct Client* sptr, int parc, char* parv[])
{
struct Client *acptr;
char nick[NICKLEN + 2];
time_t lastnick = 0;
int differ = 1;
const char *type;
assert(0 != cptr);
assert(0 != sptr);
assert(IsServer(cptr));
if ((IsServer(sptr) && parc < 8) || parc < 3)
{
sendto_opmask_butone(0, SNO_OLDSNO, "bad NICK param count for %s from %C",
parv[1], cptr);
return need_more_params(sptr, "NICK");
}
ircd_strncpy(nick, parv[1], NICKLEN);
nick[NICKLEN] = '\0';
if (IsServer(sptr))
{
lastnick = atoi(parv[3]);
if (lastnick > OLDEST_TS && !IsBurstOrBurstAck(sptr))
cli_serv(sptr)->lag = TStime() - lastnick;
}
else
{
lastnick = atoi(parv[2]);
if (lastnick > OLDEST_TS && !IsBurstOrBurstAck(sptr))
cli_serv(cli_user(sptr)->server)->lag = TStime() - lastnick;
}
/*
* If do_nick_name() returns a null name OR if the server sent a nick
* name and do_nick_name() changed it in some way (due to rules of nick
* creation) then reject it. If from a server and we reject it,
* and KILL it. -avalon 4/4/92
*/
if (!do_nick_name(nick) || strcmp(nick, parv[1]))
{
send_reply(sptr, ERR_ERRONEUSNICKNAME, parv[1]);
++ServerStats->is_kill;
sendto_opmask_butone(0, SNO_OLDSNO, "Bad Nick: %s From: %s %C", parv[1],
parv[0], cptr);
sendcmdto_one(&me, CMD_KILL, cptr, "%s :%s (%s <- %s[%s])",
IsServer(sptr) ? parv[parc - 2] : parv[0], cli_name(&me), parv[1],
nick, cli_name(cptr));
if (!IsServer(sptr))
{
/*
* bad nick _change_
*/
sendcmdto_serv_butone(&me, CMD_KILL, 0, "%s :%s (%s <- %s!%s@%s)",
parv[0], cli_name(&me), cli_name(cptr), parv[0],
cli_user(sptr) ? cli_username(sptr) : "",
cli_user(sptr) ? cli_name(cli_user(sptr)->server) :
cli_name(cptr));
}
return 0;
}
/* Check against nick name collisions. */
if ((acptr = SeekClient(nick)) == NULL)
/* No collisions, all clear... */
return set_nick_name(cptr, sptr, nick, parc, parv, 0);
/*
* If acptr == sptr, then we have a client doing a nick
* change between *equivalent* nicknames as far as server
* is concerned (user is changing the case of his/her
* nickname or somesuch)
*/
if (acptr == sptr)
{
if (strcmp(cli_name(acptr), nick) != 0)
/* Allows change of case in his/her nick */
return set_nick_name(cptr, sptr, nick, parc, parv, 0);
else
/* Setting their nick to what it already is? Ignore it. */
return 0;
}
/* now we know we have a real collision. */
/*
* Note: From this point forward it can be assumed that
* acptr != sptr (point to different client structures).
*/
assert(acptr != sptr);
/*
* If the older one is "non-person", the new entry is just
* allowed to overwrite it. Just silently drop non-person,
* and proceed with the nick. This should take care of the
* "dormant nick" way of generating collisions...
*/
if (IsUnknown(acptr) && MyConnect(acptr))
{
ServerStats->is_ref++;
if (!find_except_conf(acptr, EFLAG_IPCHECK))
IPcheck_connect_fail(acptr, 0);
exit_client(cptr, acptr, &me, "Overridden by other sign on");
return set_nick_name(cptr, sptr, nick, parc, parv, 0);
}
/*
* Decide, we really have a nick collision and deal with it
*/
/*
* NICK was coming from a server connection.
* This means we have a race condition (two users signing on
* at the same time), or two net fragments reconnecting with the same nick.
* The latter can happen because two different users connected
* or because one and the same user switched server during a net break.
* If the TimeStamps are equal, we kill both (or only 'new'
* if it was a ":server NICK new ...").
* Otherwise we kill the youngest when user@host differ,
* or the oldest when they are the same.
* We treat user and ~user as different, because if it wasn't
* a faked ~user the AUTH wouldn't have added the '~'.
* --Run
*
*/
if (IsServer(sptr))
{
struct irc_in_addr ip;
/*
* A new NICK being introduced by a neighbouring
* server (e.g. message type ":server NICK new ..." received)
*
* compare IP address and username
*/
base64toip(parv[parc - 3], &ip);
differ = (0 != memcmp(&cli_ip(acptr), &ip, sizeof(cli_ip(acptr)))) ||
(0 != ircd_strcmp(cli_user(acptr)->username, parv[4]));
sendto_opmask_butone(0, SNO_OLDSNO, "Nick collision on %C (%C %Tu <- "
"%C %Tu (%s user@host))", acptr, cli_from(acptr),
cli_lastnick(acptr), cptr, lastnick,
differ ? "Different" : "Same");
}
else
{
/*
* A NICK change has collided (e.g. message type ":old NICK new").
*
* compare IP address and username
*/
differ = (0 != memcmp(&cli_ip(acptr), &cli_ip(sptr), sizeof(cli_ip(acptr)))) ||
(0 != ircd_strcmp(cli_user(acptr)->username, cli_user(sptr)->username));
sendto_opmask_butone(0, SNO_OLDSNO, "Nick change collision from %C to "
"%C (%C %Tu <- %C %Tu)", sptr, acptr, cli_from(acptr),
cli_lastnick(acptr), cptr, lastnick);
}
type = differ ? "overruled by older nick" : "nick collision from same user@host";
/*
* Now remove (kill) the nick on our side if it is the youngest.
* If no timestamp was received, we ignore the incoming nick
* (and expect a KILL for our legit nick soon ):
* When the timestamps are equal we kill both nicks. --Run
* acptr->from != cptr should *always* be true (?).
*
* This exits the client sending the NICK message
*/
if ((differ && lastnick >= cli_lastnick(acptr)) ||
(!differ && lastnick <= cli_lastnick(acptr)))
{
ServerStats->is_kill++;
if (!IsServer(sptr))
{
/* If this was a nick change and not a nick introduction, we
* need to ensure that we remove our record of the client, and
* send a KILL to the whole network.
*/
assert(!MyConnect(sptr));
/* Inform the rest of the net... */
sendcmdto_serv_butone(&me, CMD_KILL, 0, "%C :%s (%s)",
sptr, cli_name(&me), type);
/* Don't go sending off a QUIT message... */
SetFlag(sptr, FLAG_KILLED);
/* Remove them locally. */
exit_client_msg(cptr, sptr, &me,
"Killed (%s (%s))",
feature_str(FEAT_HIS_SERVERNAME), type);
}
else
{
/* If the origin is a server, this was a new client, so we only
* send the KILL in the direction it came from. We have no
* client record that we would have to clean up.
*/
sendcmdto_one(&me, CMD_KILL, cptr, "%s :%s (%s)",
parv[parc - 2], cli_name(&me), type);
}
/* If the timestamps differ and we just killed sptr, we don't need to kill
* acptr as well.
*/
if (lastnick != cli_lastnick(acptr))
return 0;
}
/* Tell acptr why we are killing it. */
send_reply(acptr, ERR_NICKCOLLISION, nick);
ServerStats->is_kill++;
SetFlag(acptr, FLAG_KILLED);
/*
* This exits the client we had before getting the NICK message
*/
sendcmdto_serv_butone(&me, CMD_KILL, NULL, "%C :%s (%s)",
acptr, feature_str(FEAT_HIS_SERVERNAME),
type);
exit_client_msg(cptr, acptr, &me, "Killed (%s (%s))",
feature_str(FEAT_HIS_SERVERNAME), type);
if (lastnick == cli_lastnick(acptr))
return 0;
if (sptr == NULL)
return 0;
return set_nick_name(cptr, sptr, nick, parc, parv, 0);
}
/** Searches for a K/G-line for a client. If one is found, notify the
* user and disconnect them.
* @param cptr Client to search for.
* @return 0 if client is accepted; -1 if client was locally denied
* (K-line); -2 if client was globally denied (G-line); -3 if client
* was globally IP denied (Z-line).
*/
int find_kill(struct Client *cptr)
{
const char* host;
const char* name;
const char* realname;
const char* country;
const char* continent;
const char* version;
struct DenyConf* deny;
struct Gline* agline = NULL;
struct Zline* azline = NULL;
assert(0 != cptr);
if (!cli_user(cptr))
return 0;
host = cli_sockhost(cptr);
name = cli_user(cptr)->username;
realname = cli_info(cptr);
country = cli_countrycode(cptr);
continent = cli_continentcode(cptr);
version = cli_version(cptr);
assert(strlen(host) <= HOSTLEN);
assert((name ? strlen(name) : 0) <= HOSTLEN);
assert((realname ? strlen(realname) : 0) <= REALLEN);
assert((country ? strlen(country) : 0) <= 3);
assert((continent ? strlen(continent) : 0) <= 3);
assert((version ? strlen(version) : 0) <= VERSIONLEN);
/* 2000-07-14: Rewrote this loop for massive speed increases.
* -- Isomer
*/
if (!find_except_conf(cptr, EFLAG_KLINE)) {
for (deny = denyConfList; deny; deny = deny->next) {
if (deny->usermask && match(deny->usermask, name))
continue;
if (deny->realmask && match(deny->realmask, realname))
continue;
if (deny->countrymask && country && match(deny->countrymask, country))
continue;
if (deny->continentmask && continent && match(deny->continentmask, continent))
continue;
if (feature_bool(FEAT_CTCP_VERSIONING) && feature_bool(FEAT_CTCP_VERSIONING_KILL)) {
if (deny->version && version && match(deny->version, version))
continue;
}
if (deny->bits > 0) {
if (!ipmask_check(&cli_ip(cptr), &deny->address, deny->bits))
continue;
} else if (deny->hostmask && match(deny->hostmask, host))
continue;
if ((deny->flags & DENY_FLAGS_AUTHEX) && IsAccount(cptr)) {
if (!EmptyString(deny->mark) && EmptyString(cli_killmark(cptr)))
ircd_strncpy(cli_killmark(cptr), deny->mark, BUFSIZE);
continue;
}
if (EmptyString(deny->message))
send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP,
":Connection from your host is refused on this server.");
else {
if (deny->flags & DENY_FLAGS_FILE)
killcomment(cptr, deny->message);
else
send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, ":%s.", deny->message);
}
return -1;
}
}
/* Check Zlines here just in case a spoofed IP matches */
if (!feature_bool(FEAT_DISABLE_ZLINES) && (azline = zline_lookup(cptr, 0))) {
/*
* find active zlines
* added a check against the user's IP address to find_zline()
*/
send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, ":%s.", ZlineReason(azline));
return -3;
}
/* Don't need to do an except lookup here as it's done in gline_lookup() */
if (!feature_bool(FEAT_DISABLE_GLINES) && (agline = gline_lookup(cptr, 0))) {
/*
* find active glines
* added a check against the user's IP address to find_gline() -Kev
*/
send_reply(cptr, SND_EXPLICIT | ERR_YOUREBANNEDCREEP, ":%s.", GlineReason(agline));
return -2;
}
return 0;
}