void ReadConfig() { ConfigTag* conf = ServerInstance->Config->ConfValue("repeat"); ms.MaxLines = conf->getUInt("maxlines", 20); ms.MaxBacklog = conf->getUInt("maxbacklog", 20); ms.MaxSecs = conf->getDuration("maxtime", 0); ms.MaxDiff = conf->getUInt("maxdistance", 50); if (ms.MaxDiff > 100) ms.MaxDiff = 100; unsigned int newsize = conf->getUInt("size", 512); if (newsize > ServerInstance->Config->Limits.MaxLine) newsize = ServerInstance->Config->Limits.MaxLine; Resize(newsize); }
void ReadConfig(ConfigStatus& status) override { AllowList newallows; ConfigTagList tags = ServerInstance->Config->ConfTags("securehost"); for (ConfigIter i = tags.first; i != tags.second; ++i) { std::string host = i->second->getString("exception"); if (host.empty()) throw ModuleException("<securehost:exception> is a required field at " + i->second->getTagLocation()); newallows.push_back(host); } ConfigTag* tag = ServerInstance->Config->ConfValue("securelist"); exemptregistered = tag->getBool("exemptregistered"); WaitTime = tag->getDuration("waittime", 60, 1); allowlist.swap(newallows); }
void ReadConfig(ConfigStatus& status) override { // TODO: Multiple SNI profiles ConfigTag* tag = ServerInstance->Config->ConfValue("sts"); if (tag == ServerInstance->Config->EmptyTag) throw ModuleException("You must define a STS policy!"); const std::string host = tag->getString("host"); if (host.empty()) throw ModuleException("<sts:host> must contain a hostname, at " + tag->getTagLocation()); unsigned int port = tag->getUInt("port", 0, 0, UINT16_MAX); if (!HasValidSSLPort(port)) throw ModuleException("<sts:port> must be a TLS port, at " + tag->getTagLocation()); unsigned long duration = tag->getDuration("duration", 60*60*24*30*2); bool preload = tag->getBool("preload"); cap.SetPolicy(host, duration, port, preload); }
void ServerConfig::CrossCheckConnectBlocks(ServerConfig* current) { typedef std::map<std::string, ConnectClass*> ClassMap; ClassMap oldBlocksByMask; if (current) { for(ClassVector::iterator i = current->Classes.begin(); i != current->Classes.end(); ++i) { ConnectClass* c = *i; if (c->name.compare(0, 8, "unnamed-", 8)) { oldBlocksByMask["n" + c->name] = c; } else if (c->type == CC_ALLOW || c->type == CC_DENY) { std::string typeMask = (c->type == CC_ALLOW) ? "a" : "d"; typeMask += c->host; oldBlocksByMask[typeMask] = c; } } } size_t blk_count = config_data.count("connect"); if (blk_count == 0) { // No connect blocks found; make a trivial default block ConfigItems* items; ConfigTag* tag = ConfigTag::create("connect", "<auto>", 0, items); (*items)["allow"] = "*"; config_data.insert(std::make_pair("connect", tag)); blk_count = 1; } Classes.resize(blk_count); std::map<std::string, size_t> names; bool try_again = true; for(size_t tries = 0; try_again; tries++) { try_again = false; ConfigTagList tags = ConfTags("connect"); size_t i = 0; for(ConfigIter it = tags.first; it != tags.second; ++it, ++i) { ConfigTag* tag = it->second; if (Classes[i]) continue; ConnectClass* parent = NULL; std::string parentName = tag->getString("parent"); if (!parentName.empty()) { std::map<std::string, size_t>::const_iterator parentIter = names.find(parentName); if (parentIter == names.end()) { try_again = true; // couldn't find parent this time. If it's the last time, we'll never find it. if (tries >= blk_count) throw CoreException("Could not find parent connect class \"" + parentName + "\" for connect block at " + tag->getTagLocation()); continue; } parent = Classes[parentIter->second]; } std::string name = tag->getString("name"); std::string mask, typeMask; char type; if (tag->readString("allow", mask, false)) { type = CC_ALLOW; typeMask = 'a' + mask; } else if (tag->readString("deny", mask, false)) { type = CC_DENY; typeMask = 'd' + mask; } else if (!name.empty()) { type = CC_NAMED; mask = name; typeMask = 'n' + mask; } else { throw CoreException("Connect class must have allow, deny, or name specified at " + tag->getTagLocation()); } if (name.empty()) { name = "unnamed-" + ConvToStr(i); } else { typeMask = 'n' + name; } if (names.find(name) != names.end()) throw CoreException("Two connect classes with name \"" + name + "\" defined!"); names[name] = i; ConnectClass* me = parent ? new ConnectClass(tag, type, mask, *parent) : new ConnectClass(tag, type, mask); me->name = name; me->registration_timeout = tag->getDuration("timeout", me->registration_timeout); me->pingtime = tag->getDuration("pingfreq", me->pingtime); std::string sendq; if (tag->readString("sendq", sendq)) { // attempt to guess a good hard/soft sendq from a single value unsigned long value = strtoul(sendq.c_str(), NULL, 10); if (value > 16384) me->softsendqmax = value / 16; else me->softsendqmax = value; me->hardsendqmax = value * 8; } me->softsendqmax = tag->getUInt("softsendq", me->softsendqmax); me->hardsendqmax = tag->getUInt("hardsendq", me->hardsendqmax); me->recvqmax = tag->getUInt("recvq", me->recvqmax); me->penaltythreshold = tag->getUInt("threshold", me->penaltythreshold); me->commandrate = tag->getUInt("commandrate", me->commandrate); me->fakelag = tag->getBool("fakelag", me->fakelag); me->maxlocal = tag->getUInt("localmax", me->maxlocal); me->maxglobal = tag->getUInt("globalmax", me->maxglobal); me->maxchans = tag->getUInt("maxchans", me->maxchans); me->maxconnwarn = tag->getBool("maxconnwarn", me->maxconnwarn); me->limit = tag->getUInt("limit", me->limit); me->resolvehostnames = tag->getBool("resolvehostnames", me->resolvehostnames); std::string ports = tag->getString("port"); if (!ports.empty()) { irc::portparser portrange(ports, false); while (int port = portrange.GetToken()) me->ports.insert(port); } ClassMap::iterator oldMask = oldBlocksByMask.find(typeMask); if (oldMask != oldBlocksByMask.end()) { ConnectClass* old = oldMask->second; oldBlocksByMask.erase(oldMask); old->Update(me); delete me; me = old; } Classes[i] = me; } } }
/** Fill our conf vector with data */ void ReadConf() { DNSBLConfEntries.clear(); ConfigTagList dnsbls = ServerInstance->Config->ConfTags("dnsbl"); for(ConfigIter i = dnsbls.first; i != dnsbls.second; ++i) { ConfigTag* tag = i->second; reference<DNSBLConfEntry> e = new DNSBLConfEntry(); e->name = tag->getString("name"); e->ident = tag->getString("ident"); e->host = tag->getString("host"); e->reason = tag->getString("reason"); e->domain = tag->getString("domain"); if (tag->getString("type") == "bitmask") { e->type = DNSBLConfEntry::A_BITMASK; e->bitmask = tag->getInt("bitmask"); } else { memset(e->records, 0, sizeof(e->records)); e->type = DNSBLConfEntry::A_RECORD; irc::portparser portrange(tag->getString("records"), false); long item = -1; while ((item = portrange.GetToken())) e->records[item] = 1; } e->banaction = str2banaction(tag->getString("action")); e->duration = tag->getDuration("duration", 60, 1); /* Use portparser for record replies */ /* yeah, logic here is a little messy */ if ((e->bitmask <= 0) && (DNSBLConfEntry::A_BITMASK == e->type)) { std::string location = tag->getTagLocation(); ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): invalid bitmask", location.c_str()); } else if (e->name.empty()) { std::string location = tag->getTagLocation(); ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): Invalid name", location.c_str()); } else if (e->domain.empty()) { std::string location = tag->getTagLocation(); ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): Invalid domain", location.c_str()); } else if (e->banaction == DNSBLConfEntry::I_UNKNOWN) { std::string location = tag->getTagLocation(); ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): Invalid banaction", location.c_str()); } else { if (e->reason.empty()) { std::string location = tag->getTagLocation(); ServerInstance->SNO->WriteGlobalSno('a', "DNSBL(%s): empty reason, using defaults", location.c_str()); e->reason = "Your IP has been blacklisted."; } /* add it, all is ok */ DNSBLConfEntries.push_back(e); } } }
void SpanningTreeUtilities::ReadConfiguration() { ConfigTag* security = ServerInstance->Config->ConfValue("security"); ConfigTag* options = ServerInstance->Config->ConfValue("options"); FlatLinks = security->getBool("flatlinks"); HideULines = security->getBool("hideulines"); AnnounceTSChange = options->getBool("announcets"); AllowOptCommon = options->getBool("allowmismatch"); ChallengeResponse = !security->getBool("disablehmac"); quiet_bursts = ServerInstance->Config->ConfValue("performance")->getBool("quietbursts"); PingWarnTime = options->getInt("pingwarning"); PingFreq = options->getInt("serverpingfreq"); if (PingFreq == 0) PingFreq = 60; if (PingWarnTime < 0 || PingWarnTime > PingFreq - 1) PingWarnTime = 0; AutoconnectBlocks.clear(); LinkBlocks.clear(); ConfigTagList tags = ServerInstance->Config->ConfTags("link"); for(ConfigIter i = tags.first; i != tags.second; ++i) { ConfigTag* tag = i->second; reference<Link> L = new Link(tag); std::string linkname = tag->getString("name"); L->Name = linkname.c_str(); irc::spacesepstream sep = tag->getString("allowmask"); for (std::string s; sep.GetToken(s);) L->AllowMasks.push_back(s); L->IPAddr = tag->getString("ipaddr"); L->Port = tag->getInt("port"); L->SendPass = tag->getString("sendpass", tag->getString("password")); L->RecvPass = tag->getString("recvpass", tag->getString("password")); L->Fingerprint = tag->getString("fingerprint"); L->HiddenFromStats = tag->getBool("statshidden"); L->Timeout = tag->getDuration("timeout", 30); L->Hook = tag->getString("ssl"); L->Bind = tag->getString("bind"); L->Hidden = tag->getBool("hidden"); if (L->Name.empty()) throw ModuleException("Invalid configuration, found a link tag without a name!" + (!L->IPAddr.empty() ? " IP address: "+L->IPAddr : "")); if (L->Name.find('.') == std::string::npos) throw ModuleException("The link name '"+assign(L->Name)+"' is invalid as it must contain at least one '.' character"); if (L->Name.length() > 64) throw ModuleException("The link name '"+assign(L->Name)+"' is invalid as it is longer than 64 characters"); if (L->RecvPass.empty()) throw ModuleException("Invalid configuration for server '"+assign(L->Name)+"', recvpass not defined"); if (L->SendPass.empty()) throw ModuleException("Invalid configuration for server '"+assign(L->Name)+"', sendpass not defined"); if ((L->SendPass.find(' ') != std::string::npos) || (L->RecvPass.find(' ') != std::string::npos)) throw ModuleException("Link block '" + assign(L->Name) + "' has a password set that contains a space character which is invalid"); if ((L->SendPass[0] == ':') || (L->RecvPass[0] == ':')) throw ModuleException("Link block '" + assign(L->Name) + "' has a password set that begins with a colon (:) which is invalid"); if (L->IPAddr.empty()) { L->IPAddr = "*"; ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Configuration warning: Link block '" + assign(L->Name) + "' has no IP defined! This will allow any IP to connect as this server, and MAY not be what you want."); } if (!L->Port) ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Configuration warning: Link block '" + assign(L->Name) + "' has no port defined, you will not be able to /connect it."); L->Fingerprint.erase(std::remove(L->Fingerprint.begin(), L->Fingerprint.end(), ':'), L->Fingerprint.end()); LinkBlocks.push_back(L); } tags = ServerInstance->Config->ConfTags("autoconnect"); for(ConfigIter i = tags.first; i != tags.second; ++i) { ConfigTag* tag = i->second; reference<Autoconnect> A = new Autoconnect(tag); A->Period = tag->getDuration("period", 60, 1); A->NextConnectTime = ServerInstance->Time() + A->Period; A->position = -1; irc::spacesepstream ss(tag->getString("server")); std::string server; while (ss.GetToken(server)) { A->servers.push_back(server); } if (A->servers.empty()) { throw ModuleException("Invalid configuration for autoconnect, server cannot be empty!"); } AutoconnectBlocks.push_back(A); } for (server_hash::const_iterator i = serverlist.begin(); i != serverlist.end(); ++i) i->second->CheckULine(); RefreshIPCache(); }