/*! \brief OPER command handler * * \param source_p Pointer to allocated Client struct from which the message * originally comes from. This can be a local or remote client. * \param parc Integer holding the number of supplied arguments. * \param parv Argument vector where parv[0] .. parv[parc-1] are non-NULL * pointers. * \note Valid arguments for this command are: * - parv[0] = command * - parv[1] = oper name * - parv[2] = oper password */ static int m_oper(struct Client *source_p, int parc, char *parv[]) { const char *const opername = parv[1]; const char *const password = parv[2]; if (EmptyString(password)) { sendto_one_numeric(source_p, &me, ERR_NEEDMOREPARAMS, "OPER"); return 0; } struct MaskItem *conf; if ((conf = operator_find(source_p, opername)) == NULL) { sendto_one_numeric(source_p, &me, ERR_NOOPERHOST); conf = operator_find(NULL, opername); failed_oper_notice(source_p, opername, conf ? "host mismatch" : "no operator {} block"); return 0; } if (IsConfSSL(conf) && !HasUMode(source_p, UMODE_SSL)) { sendto_one_numeric(source_p, &me, ERR_NOOPERHOST); failed_oper_notice(source_p, opername, "requires SSL/TLS"); return 0; } if (!EmptyString(conf->certfp)) { if (EmptyString(source_p->certfp) || strcasecmp(source_p->certfp, conf->certfp)) { sendto_one_numeric(source_p, &me, ERR_NOOPERHOST); failed_oper_notice(source_p, opername, "client certificate fingerprint mismatch"); return 0; } } if (match_conf_password(password, conf) == true) { if (conf_attach(source_p, conf)) { sendto_one_notice(source_p, &me, ":Can't attach conf!"); failed_oper_notice(source_p, opername, "can't attach conf!"); return 0; } oper_up(source_p, conf); } else { sendto_one_numeric(source_p, &me, ERR_PASSWDMISMATCH); failed_oper_notice(source_p, opername, "password mismatch"); } return 0; }
/* ** m_oper ** parv[0] = sender prefix ** parv[1] = oper name ** parv[2] = oper password */ static void m_oper(struct Client *client_p, struct Client *source_p, int parc, char *parv[]) { struct ConfItem *conf; struct AccessItem *aconf = NULL; const char *name = parv[1]; const char *password = parv[2]; if (EmptyString(password) && EmptyString(source_p->certfp)) { sendto_one(source_p, form_str(ERR_NEEDMOREPARAMS), me.name, source_p->name, "OPER"); return; } /* end the grace period */ if (!IsFloodDone(source_p)) flood_endgrace(source_p); if ((conf = find_exact_name_conf(OPER_TYPE, source_p, name, NULL, NULL)) == NULL) { sendto_one(source_p, form_str(ERR_NOOPERHOST), me.name, source_p->name); conf = find_exact_name_conf(OPER_TYPE, NULL, name, NULL, NULL); failed_oper_notice(source_p, name, (conf != NULL) ? "host mismatch" : "no oper {} block"); return; } aconf = (struct AccessItem *)map_to_conf(conf); if (match_conf_password(password, source_p->certfp, aconf)) { if (attach_conf(source_p, conf) != 0) { sendto_one(source_p, ":%s NOTICE %s :Can't attach conf!", me.name, source_p->name); failed_oper_notice(source_p, name, "can't attach conf!"); return; } oper_up(source_p); ilog(LOG_TYPE_OPER, "OPER %s by %s!%s@%s", name, source_p->name, source_p->username, source_p->host); } else { sendto_one(source_p, form_str(ERR_PASSWDMISMATCH), me.name, source_p->name); failed_oper_notice(source_p, name, "password mismatch"); } }
/*! \brief WEBIRC command handler * * \param source_p Pointer to allocated Client struct from which the message * originally comes from. This can be a local or remote client. * \param parc Integer holding the number of supplied arguments. * \param parv Argument vector where parv[0] .. parv[parc-1] are non-NULL * pointers. * \note Valid arguments for this command are: * - parv[0] = command * - parv[1] = password * - parv[2] = fake username (we ignore this) * - parv[3] = fake hostname * - parv[4] = fake ip */ static int mr_webirc(struct Client *source_p, int parc, char *parv[]) { struct MaskItem *conf = NULL; struct addrinfo hints, *res; assert(MyConnect(source_p)); if (!valid_hostname(parv[3])) { sendto_one_notice(source_p, &me, ":WEBIRC: Invalid hostname"); return 0; } conf = find_address_conf(source_p->host, IsGotId(source_p) ? source_p->username : "******", &source_p->connection->ip, source_p->connection->aftype, parv[1]); if (conf == NULL || !IsConfClient(conf)) return 0; if (!IsConfWebIRC(conf)) { sendto_one_notice(source_p, &me, ":Not a WEBIRC auth {} block"); return 0; } if (EmptyString(conf->passwd)) { sendto_one_notice(source_p, &me, ":WEBIRC auth {} blocks must have a password"); return 0; } if (!match_conf_password(parv[1], conf)) { sendto_one_notice(source_p, &me, ":WEBIRC password incorrect"); return 0; } memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_STREAM; hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST; if (getaddrinfo(parv[4], NULL, &hints, &res)) { sendto_one_notice(source_p, &me, ":Invalid WEBIRC IP %s", parv[4]); return 0; } assert(res); memcpy(&source_p->connection->ip, res->ai_addr, res->ai_addrlen); source_p->connection->ip.ss_len = res->ai_addrlen; source_p->connection->ip.ss.ss_family = res->ai_family; source_p->connection->aftype = res->ai_family; freeaddrinfo(res); strlcpy(source_p->sockhost, parv[4], sizeof(source_p->sockhost)); strlcpy(source_p->host, parv[3], sizeof(source_p->host)); /* Check dlines now, k-lines will be checked on registration */ if ((conf = find_dline_conf(&source_p->connection->ip, source_p->connection->aftype))) { if (!(conf->type == CONF_EXEMPT)) { exit_client(source_p, "D-lined"); return 0; } } AddUMode(source_p, UMODE_WEBIRC); sendto_one_notice(source_p, &me, ":WEBIRC host/IP set to %s %s", parv[3], parv[4]); return 0; }
/* * mr_webirc * parv[0] = sender prefix * parv[1] = password * parv[2] = fake username (we ignore this) * parv[3] = fake hostname * parv[4] = fake ip */ static void mr_webirc(struct Client *client_p, struct Client *source_p, int parc, char *parv[]) { struct AccessItem *aconf = NULL; struct ConfItem *conf = NULL; char original_sockhost[HOSTIPLEN + 1]; assert(source_p == client_p); if (invalid_hostname(parv[4])) return; aconf = find_address_conf(source_p->host, IsGotId(source_p) ? source_p->username : "******", &source_p->ip, source_p->ip.ss_family, parv[1], source_p->certfp); if (aconf == NULL || !IsConfClient(aconf)) return; conf = unmap_conf_item(aconf); if (!IsConfDoSpoofIp(aconf) || irccmp(conf->name, "webirc.")) { sendto_realops_flags(UMODE_UNAUTH, L_ALL, "Not a CGI:IRC auth block: %s", source_p->sockhost); return; } if (EmptyString(aconf->passwd)) { sendto_realops_flags(UMODE_UNAUTH, L_ALL, "CGI:IRC auth blocks must have a password"); return; } if (!match_conf_password(parv[1], NULL, aconf)) { sendto_realops_flags(UMODE_UNAUTH, L_ALL, "CGI:IRC password incorrect"); return; } string_to_ip(parv[4], 0, &source_p->ip); strlcpy(original_sockhost, source_p->sockhost, sizeof(original_sockhost)); strlcpy(source_p->sockhost, parv[4], sizeof(source_p->sockhost)); if (strlen(parv[3]) <= HOSTLEN) strlcpy(source_p->host, parv[3], sizeof(source_p->host)); else strlcpy(source_p->host, source_p->sockhost, sizeof(source_p->host)); /* Check dlines now, klines will be checked on registration */ if ((aconf = find_dline_conf(&client_p->ip, client_p->ip.ss_family))) { if (!(aconf->status & CONF_EXEMPTDLINE)) { exit_client(client_p, &me, "D-lined"); return; } } sendto_realops_flags(UMODE_CCONN, L_ALL, "CGI:IRC host/IP set %s to %s (%s)", original_sockhost, parv[3], parv[4]); }
/* * mr_webirc * parv[0] = sender prefix * parv[1] = password * parv[2] = fake username (we ignore this) * parv[3] = fake hostname * parv[4] = fake ip */ static void mr_webirc(struct Client *client_p, struct Client *source_p, int parc, char *parv[]) { struct AccessItem *aconf = NULL; struct ConfItem *conf = NULL; struct addrinfo hints, *res; char original_sockhost[HOSTIPLEN + 1]; assert(source_p == client_p); if (invalid_hostname(parv[4])) return; aconf = find_address_conf(source_p->host, IsGotId(source_p) ? source_p->username : "******", &source_p->ip, source_p->aftype, parv[1], source_p->certfp); if (aconf == NULL || !IsConfClient(aconf)) return; conf = unmap_conf_item(aconf); if (!IsConfDoSpoofIp(aconf) || irccmp(conf->name, "webirc.")) { sendto_gnotice_flags(UMODE_UNAUTH, L_ALL, me.name, &me, NULL, "Not a CGI:IRC auth block: %s", source_p->sockhost); return; } if (EmptyString(aconf->passwd)) { sendto_gnotice_flags(UMODE_UNAUTH, L_ALL, me.name, &me, NULL, "CGI:IRC auth blocks must have a password"); return; } if (!match_conf_password(parv[1], aconf)) { sendto_gnotice_flags(UMODE_UNAUTH, L_ALL, me.name, &me, NULL, "CGI:IRC password incorrect"); return; } memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_UNSPEC; hints.ai_socktype = SOCK_STREAM; hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST; if (getaddrinfo(parv[4], NULL, &hints, &res)) { sendto_gnotice_flags(UMODE_UNAUTH, L_ALL, me.name, &me, NULL, "Inavlid CGI:IRC IP %s", parv[4]); return; } assert(res != NULL); memcpy(&source_p->ip, res->ai_addr, res->ai_addrlen); source_p->ip.ss_len = res->ai_addrlen; source_p->ip.ss.ss_family = res->ai_family; source_p->aftype = res->ai_family; freeaddrinfo(res); strlcpy(original_sockhost, source_p->sockhost, sizeof(original_sockhost)); strlcpy(source_p->sockhost, parv[4], sizeof(source_p->sockhost)); if (strlen(parv[3]) <= HOSTLEN) strlcpy(source_p->host, parv[3], sizeof(source_p->host)); else strlcpy(source_p->host, source_p->sockhost, sizeof(source_p->host)); /* Check dlines now, k/glines will be checked on registration */ if ((aconf = find_dline_conf(&client_p->ip, client_p->aftype))) { if (!(aconf->status & CONF_EXEMPTDLINE)) { exit_client(client_p, &me, "D-lined"); return; } } sendto_gnotice_flags(UMODE_CCONN, L_ALL, me.name, &me, NULL, "CGI:IRC host/IP set %s to %s (%s)", original_sockhost, parv[3], parv[4]); }
/*! \brief OPER command handler * * \param source_p Pointer to allocated Client struct from which the message * originally comes from. This can be a local or remote client. * \param parc Integer holding the number of supplied arguments. * \param parv Argument vector where parv[0] .. parv[parc-1] are non-NULL * pointers. * \note Valid arguments for this command are: * - parv[0] = command * - parv[1] = oper name * - parv[2] = oper password */ static int m_oper(struct Client *source_p, int parc, char *parv[]) { struct MaskItem *conf = NULL; const char *const opername = parv[1]; const char *const password = parv[2]; if (EmptyString(password)) { sendto_one_numeric(source_p, &me, ERR_NEEDMOREPARAMS, "OPER"); return 0; } /* end the grace period */ if (!IsFloodDone(source_p)) flood_endgrace(source_p); if ((conf = find_exact_name_conf(CONF_OPER, source_p, opername, NULL, NULL)) == NULL) { sendto_one_numeric(source_p, &me, ERR_NOOPERHOST); conf = find_exact_name_conf(CONF_OPER, NULL, opername, NULL, NULL); failed_oper_notice(source_p, opername, (conf != NULL) ? "host mismatch" : "no operator {} block"); return 0; } if (IsConfSSL(conf) && !HasUMode(source_p, UMODE_SSL)) { sendto_one_numeric(source_p, &me, ERR_NOOPERHOST); failed_oper_notice(source_p, opername, "requires SSL/TLS"); return 0; } if (!EmptyString(conf->certfp)) { if (EmptyString(source_p->certfp) || strcasecmp(source_p->certfp, conf->certfp)) { sendto_one_numeric(source_p, &me, ERR_NOOPERHOST); failed_oper_notice(source_p, opername, "client certificate fingerprint mismatch"); return 0; } } if (match_conf_password(password, conf)) { if (attach_conf(source_p, conf)) { sendto_one_notice(source_p, &me, ":Can't attach conf!"); failed_oper_notice(source_p, opername, "can't attach conf!"); return 0; } user_oper_up(source_p); ilog(LOG_TYPE_OPER, "OPER %s by %s!%s@%s", opername, source_p->name, source_p->username, source_p->host); } else { sendto_one_numeric(source_p, &me, ERR_PASSWDMISMATCH); failed_oper_notice(source_p, opername, "password mismatch"); } return 0; }