void ReadConfig()
{
ConfigTag* conf = ServerInstance->Config->ConfValue("repeat");
ms.MaxLines = conf->getUInt("maxlines", 20);
ms.MaxBacklog = conf->getUInt("maxbacklog", 20);
ms.MaxSecs = conf->getDuration("maxtime", 0);
ms.MaxDiff = conf->getUInt("maxdistance", 50);
if (ms.MaxDiff > 100)
ms.MaxDiff = 100;
unsigned int newsize = conf->getUInt("size", 512);
if (newsize > ServerInstance->Config->Limits.MaxLine)
newsize = ServerInstance->Config->Limits.MaxLine;
Resize(newsize);
}
void ReadConfig(ConfigStatus& status) override
{
AllowList newallows;
ConfigTagList tags = ServerInstance->Config->ConfTags("securehost");
for (ConfigIter i = tags.first; i != tags.second; ++i)
{
std::string host = i->second->getString("exception");
if (host.empty())
throw ModuleException("<securehost:exception> is a required field at " + i->second->getTagLocation());
newallows.push_back(host);
}
ConfigTag* tag = ServerInstance->Config->ConfValue("securelist");
exemptregistered = tag->getBool("exemptregistered");
WaitTime = tag->getDuration("waittime", 60, 1);
allowlist.swap(newallows);
}
void ReadConfig(ConfigStatus& status) override
{
// TODO: Multiple SNI profiles
ConfigTag* tag = ServerInstance->Config->ConfValue("sts");
if (tag == ServerInstance->Config->EmptyTag)
throw ModuleException("You must define a STS policy!");
const std::string host = tag->getString("host");
if (host.empty())
throw ModuleException("<sts:host> must contain a hostname, at " + tag->getTagLocation());
unsigned int port = tag->getUInt("port", 0, 0, UINT16_MAX);
if (!HasValidSSLPort(port))
throw ModuleException("<sts:port> must be a TLS port, at " + tag->getTagLocation());
unsigned long duration = tag->getDuration("duration", 60*60*24*30*2);
bool preload = tag->getBool("preload");
cap.SetPolicy(host, duration, port, preload);
}
void ServerConfig::CrossCheckConnectBlocks(ServerConfig* current)
{
typedef std::map<std::string, ConnectClass*> ClassMap;
ClassMap oldBlocksByMask;
if (current)
{
for(ClassVector::iterator i = current->Classes.begin(); i != current->Classes.end(); ++i)
{
ConnectClass* c = *i;
if (c->name.compare(0, 8, "unnamed-", 8))
{
oldBlocksByMask["n" + c->name] = c;
}
else if (c->type == CC_ALLOW || c->type == CC_DENY)
{
std::string typeMask = (c->type == CC_ALLOW) ? "a" : "d";
typeMask += c->host;
oldBlocksByMask[typeMask] = c;
}
}
}
size_t blk_count = config_data.count("connect");
if (blk_count == 0)
{
// No connect blocks found; make a trivial default block
ConfigItems* items;
ConfigTag* tag = ConfigTag::create("connect", "<auto>", 0, items);
(*items)["allow"] = "*";
config_data.insert(std::make_pair("connect", tag));
blk_count = 1;
}
Classes.resize(blk_count);
std::map<std::string, size_t> names;
bool try_again = true;
for(size_t tries = 0; try_again; tries++)
{
try_again = false;
ConfigTagList tags = ConfTags("connect");
size_t i = 0;
for(ConfigIter it = tags.first; it != tags.second; ++it, ++i)
{
ConfigTag* tag = it->second;
if (Classes[i])
continue;
ConnectClass* parent = NULL;
std::string parentName = tag->getString("parent");
if (!parentName.empty())
{
std::map<std::string, size_t>::const_iterator parentIter = names.find(parentName);
if (parentIter == names.end())
{
try_again = true;
// couldn't find parent this time. If it's the last time, we'll never find it.
if (tries >= blk_count)
throw CoreException("Could not find parent connect class \"" + parentName + "\" for connect block at " + tag->getTagLocation());
continue;
}
parent = Classes[parentIter->second];
}
std::string name = tag->getString("name");
std::string mask, typeMask;
char type;
if (tag->readString("allow", mask, false))
{
type = CC_ALLOW;
typeMask = 'a' + mask;
}
else if (tag->readString("deny", mask, false))
{
type = CC_DENY;
typeMask = 'd' + mask;
}
else if (!name.empty())
{
type = CC_NAMED;
mask = name;
typeMask = 'n' + mask;
}
else
{
throw CoreException("Connect class must have allow, deny, or name specified at " + tag->getTagLocation());
}
if (name.empty())
{
name = "unnamed-" + ConvToStr(i);
}
else
{
typeMask = 'n' + name;
}
if (names.find(name) != names.end())
throw CoreException("Two connect classes with name \"" + name + "\" defined!");
names[name] = i;
ConnectClass* me = parent ?
new ConnectClass(tag, type, mask, *parent) :
new ConnectClass(tag, type, mask);
me->name = name;
me->registration_timeout = tag->getDuration("timeout", me->registration_timeout);
me->pingtime = tag->getDuration("pingfreq", me->pingtime);
std::string sendq;
if (tag->readString("sendq", sendq))
{
// attempt to guess a good hard/soft sendq from a single value
unsigned long value = strtoul(sendq.c_str(), NULL, 10);
if (value > 16384)
me->softsendqmax = value / 16;
else
me->softsendqmax = value;
me->hardsendqmax = value * 8;
}
me->softsendqmax = tag->getUInt("softsendq", me->softsendqmax);
me->hardsendqmax = tag->getUInt("hardsendq", me->hardsendqmax);
me->recvqmax = tag->getUInt("recvq", me->recvqmax);
me->penaltythreshold = tag->getUInt("threshold", me->penaltythreshold);
me->commandrate = tag->getUInt("commandrate", me->commandrate);
me->fakelag = tag->getBool("fakelag", me->fakelag);
me->maxlocal = tag->getUInt("localmax", me->maxlocal);
me->maxglobal = tag->getUInt("globalmax", me->maxglobal);
me->maxchans = tag->getUInt("maxchans", me->maxchans);
me->maxconnwarn = tag->getBool("maxconnwarn", me->maxconnwarn);
me->limit = tag->getUInt("limit", me->limit);
me->resolvehostnames = tag->getBool("resolvehostnames", me->resolvehostnames);
std::string ports = tag->getString("port");
if (!ports.empty())
{
irc::portparser portrange(ports, false);
while (int port = portrange.GetToken())
me->ports.insert(port);
}
ClassMap::iterator oldMask = oldBlocksByMask.find(typeMask);
if (oldMask != oldBlocksByMask.end())
{
ConnectClass* old = oldMask->second;
oldBlocksByMask.erase(oldMask);
old->Update(me);
delete me;
me = old;
}
Classes[i] = me;
}
}
}
/** Fill our conf vector with data
*/
void ReadConf()
{
DNSBLConfEntries.clear();
ConfigTagList dnsbls = ServerInstance->Config->ConfTags("dnsbl");
for(ConfigIter i = dnsbls.first; i != dnsbls.second; ++i)
{
ConfigTag* tag = i->second;
reference<DNSBLConfEntry> e = new DNSBLConfEntry();
e->name = tag->getString("name");
e->ident = tag->getString("ident");
e->host = tag->getString("host");
e->reason = tag->getString("reason");
e->domain = tag->getString("domain");
if (tag->getString("type") == "bitmask")
{
e->type = DNSBLConfEntry::A_BITMASK;
e->bitmask = tag->getInt("bitmask");
}
else
{
memset(e->records, 0, sizeof(e->records));
e->type = DNSBLConfEntry::A_RECORD;
irc::portparser portrange(tag->getString("records"), false);
long item = -1;
while ((item = portrange.GetToken()))
e->records[item] = 1;
}
e->banaction = str2banaction(tag->getString("action"));
e->duration = tag->getDuration("duration", 60, 1);
/* Use portparser for record replies */
/* yeah, logic here is a little messy */
if ((e->bitmask <= 0) && (DNSBLConfEntry::A_BITMASK == e->type))
{
std::string location = tag->getTagLocation();
ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): invalid bitmask", location.c_str());
}
else if (e->name.empty())
{
std::string location = tag->getTagLocation();
ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): Invalid name", location.c_str());
}
else if (e->domain.empty())
{
std::string location = tag->getTagLocation();
ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): Invalid domain", location.c_str());
}
else if (e->banaction == DNSBLConfEntry::I_UNKNOWN)
{
std::string location = tag->getTagLocation();
ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): Invalid banaction", location.c_str());
}
else
{
if (e->reason.empty())
{
std::string location = tag->getTagLocation();
ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): empty reason, using defaults", location.c_str());
e->reason = "Your IP has been blacklisted.";
}
/* add it, all is ok */
DNSBLConfEntries.push_back(e);
}
}
}
void SpanningTreeUtilities::ReadConfiguration()
{
ConfigTag* security = ServerInstance->Config->ConfValue("security");
ConfigTag* options = ServerInstance->Config->ConfValue("options");
FlatLinks = security->getBool("flatlinks");
HideULines = security->getBool("hideulines");
AnnounceTSChange = options->getBool("announcets");
AllowOptCommon = options->getBool("allowmismatch");
ChallengeResponse = !security->getBool("disablehmac");
quiet_bursts = ServerInstance->Config->ConfValue("performance")->getBool("quietbursts");
PingWarnTime = options->getInt("pingwarning");
PingFreq = options->getInt("serverpingfreq");
if (PingFreq == 0)
PingFreq = 60;
if (PingWarnTime < 0 || PingWarnTime > PingFreq - 1)
PingWarnTime = 0;
AutoconnectBlocks.clear();
LinkBlocks.clear();
ConfigTagList tags = ServerInstance->Config->ConfTags("link");
for(ConfigIter i = tags.first; i != tags.second; ++i)
{
ConfigTag* tag = i->second;
reference<Link> L = new Link(tag);
std::string linkname = tag->getString("name");
L->Name = linkname.c_str();
irc::spacesepstream sep = tag->getString("allowmask");
for (std::string s; sep.GetToken(s);)
L->AllowMasks.push_back(s);
L->IPAddr = tag->getString("ipaddr");
L->Port = tag->getInt("port");
L->SendPass = tag->getString("sendpass", tag->getString("password"));
L->RecvPass = tag->getString("recvpass", tag->getString("password"));
L->Fingerprint = tag->getString("fingerprint");
L->HiddenFromStats = tag->getBool("statshidden");
L->Timeout = tag->getDuration("timeout", 30);
L->Hook = tag->getString("ssl");
L->Bind = tag->getString("bind");
L->Hidden = tag->getBool("hidden");
if (L->Name.empty())
throw ModuleException("Invalid configuration, found a link tag without a name!" + (!L->IPAddr.empty() ? " IP address: "+L->IPAddr : ""));
if (L->Name.find('.') == std::string::npos)
throw ModuleException("The link name '"+assign(L->Name)+"' is invalid as it must contain at least one '.' character");
if (L->Name.length() > 64)
throw ModuleException("The link name '"+assign(L->Name)+"' is invalid as it is longer than 64 characters");
if (L->RecvPass.empty())
throw ModuleException("Invalid configuration for server '"+assign(L->Name)+"', recvpass not defined");
if (L->SendPass.empty())
throw ModuleException("Invalid configuration for server '"+assign(L->Name)+"', sendpass not defined");
if ((L->SendPass.find(' ') != std::string::npos) || (L->RecvPass.find(' ') != std::string::npos))
throw ModuleException("Link block '" + assign(L->Name) + "' has a password set that contains a space character which is invalid");
if ((L->SendPass[0] == ':') || (L->RecvPass[0] == ':'))
throw ModuleException("Link block '" + assign(L->Name) + "' has a password set that begins with a colon (:) which is invalid");
if (L->IPAddr.empty())
{
L->IPAddr = "*";
ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Configuration warning: Link block '" + assign(L->Name) + "' has no IP defined! This will allow any IP to connect as this server, and MAY not be what you want.");
}
if (!L->Port)
ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Configuration warning: Link block '" + assign(L->Name) + "' has no port defined, you will not be able to /connect it.");
L->Fingerprint.erase(std::remove(L->Fingerprint.begin(), L->Fingerprint.end(), ':'), L->Fingerprint.end());
LinkBlocks.push_back(L);
}
tags = ServerInstance->Config->ConfTags("autoconnect");
for(ConfigIter i = tags.first; i != tags.second; ++i)
{
ConfigTag* tag = i->second;
reference<Autoconnect> A = new Autoconnect(tag);
A->Period = tag->getDuration("period", 60, 1);
A->NextConnectTime = ServerInstance->Time() + A->Period;
A->position = -1;
irc::spacesepstream ss(tag->getString("server"));
std::string server;
while (ss.GetToken(server))
{
A->servers.push_back(server);
}
if (A->servers.empty())
{
throw ModuleException("Invalid configuration for autoconnect, server cannot be empty!");
}
AutoconnectBlocks.push_back(A);
}
for (server_hash::const_iterator i = serverlist.begin(); i != serverlist.end(); ++i)
i->second->CheckULine();
RefreshIPCache();
}
