diff -ruN ircd-ratbox-2.0.2/doc/example.conf ircd-ratbox-2.0.2-moderename/doc/example.conf --- ircd-ratbox-2.0.2/doc/example.conf Tue Aug 31 00:36:50 2004 +++ ircd-ratbox-2.0.2-moderename/doc/example.conf Fri Oct 1 11:19:59 2004 @@ -854,19 +854,19 @@ * +b - bots - See bot and drone flooding notices * +c - cconn - Client connection/quit notices * +C - cconnext - Extended client connection/quit notices - * +d - debug - See debugging notices + * +D - debug - See debugging notices * +f - full - See I: line full notices * +g - callerid - Server Side Ignore * +i - invisible - Not shown in NAMES or WHO unless you share a * a channel - * +k - skill - See server generated KILL messages + * +K - skill - See server generated KILL messages * +l - locops - See LOCOPS messages * +n - nchange - See client nick changes * +r - rej - See rejected client notices * +s - servnotice - See general server notices * +u - unauth - See unauthorised client notices * +w - wallop - See server generated WALLOPS - * +x - external - See remote server connection and split notices + * +X - external - See remote server connection and split notices * +y - spy - See LINKS, STATS, TRACE notices etc. * +z - operwall - See oper generated WALLOPS * +Z - operspy - See operspy notices diff -ruN ircd-ratbox-2.0.2/doc/example.conf.orig ircd-ratbox-2.0.2-moderename/doc/example.conf.orig --- ircd-ratbox-2.0.2/doc/example.conf.orig Thu Jan 1 01:00:00 1970 +++ ircd-ratbox-2.0.2-moderename/doc/example.conf.orig Tue Aug 31 00:36:50 2004 @@ -0,0 +1,944 @@ +/* doc/example.conf - ircd-ratbox Example configuration file + * + * Copyright (C) 2000-2002 Hybrid Development Team + * Copyright (C) 2002-2003 ircd-ratbox development team + * + * Written by ejb, wcampbel, db, leeh and others + * + * $Id: example.conf,v 7.243.2.3 2004/08/30 22:36:50 leeh Exp $ + */ + +/* IMPORTANT NOTES: + * + * class {} blocks MUST be specified before anything that uses them. That + * means they must be defined before auth {} and before connect {}. + * + * auth {} blocks MUST be specified in order of precedence. The first one + * that matches a user will be used. So place spoofs first, then specials, + * then general access, then restricted. + * + * Both shell style (#) and C style comments are supported. + * + * Files may be included by either: + * .include "filename" + * .include + * + * Times/durations are written as: + * 12 hours 30 minutes 1 second + * + * Valid units of time: + * month, week, day, hour, minute, second + * + * Valid units of size: + * megabyte/mbyte/mb, kilobyte/kbyte/kb, byte + * + * Sizes and times may be singular or plural. + */ + +/* EFNET NOTE: + * + * This config file is NOT suitable for EFNet. EFNet admins should use + * example.efnet.conf + */ + + /* serverinfo {}: Contains information about the server. (OLD M:) */ +serverinfo { + /* name: the name of our server */ + name = "hades.arpa"; + + /* use ts6: whether we want to use the TS6 protocol to other servers + * or not. Note you should avoid mixing TS6 with older TS versions + * as you can get ban desyncs. + */ + use_ts6 = yes; + + /* sid: the unique server id of our server. This must be three + * characters long. The first character must be a digit [0-9], the + * remaining two chars may be letters [A-Z] or digits [0-9]. + * + * This must be specified even if use_ts6 is set to no. + */ + sid = "42X"; + + /* description: the description of our server. '[' and ']' may not + * be used here for compatibility with older servers. + */ + description = "ircd-ratbox test server"; + + /* network info: the name and description of the network this server + * is on. Shown in the 005 reply and used with serverhiding. + */ + network_name = "MyNet"; + network_desc = "This is My Network"; + + /* hub: allow this server to act as a hub and have multiple servers + * connected to it. + */ + hub = no; + + /* vhost: the IP to bind to when we connect outward to ipv4 servers. + * This should be an ipv4 IP only. + */ + #vhost = "192.169.0.1"; + + /* vhost6: the IP to bind to when we connect outward to ipv6 servers. + * This should be an ipv6 IP only. + */ + #vhost6 = "3ffe:80e8:546::2"; +}; + +/* admin {}: contains admin information about the server. (OLD A:) */ +admin { + name = "Smurf target"; + description = "Main Server Administrator"; + email = ""; +}; + +/* log {}: contains information about logfiles. */ +log { + /* logfiles: the logfiles to use for specific activity. if these + * paths are defined, then ircd will log to them, otherwise it wont. + * + * The confs are, in order: + * - userlog: user exits + * - fuserlog: failed user connections + * - operlog: /oper usage + * - foperlog: failed /oper usage + * - serverlog: server connects/disconnects + * - glinelog: glines + * - klinelog: klines, etc + * - killlog: kills + * - operspylog: operspy usage + * - ioerrorlog: IO errors + */ + fname_userlog = "logs/userlog"; + #fname_fuserlog = "logs/fuserlog"; + fname_operlog = "logs/operlog"; + #fname_foperlog = "logs/foperlog"; + fname_serverlog = "logs/serverlog"; + fname_glinelog = "logs/glinelog"; + #fname_klinelog = "logs/klinelog"; + fname_killlog = "logs/killlog"; + fname_operspylog = "logs/operspylog"; + #fname_ioerrorlog = "logs/ioerror"; +}; + +/* class {}: contain information about classes for users (OLD Y:) */ +class "users" { + /* class name must go above */ + + /* ping time: how often a client must reply to a PING from the + * server before they are dropped. + */ + ping_time = 2 minutes; + + /* number per ident: the number of users per user@host networkwide + * allowed to connect. Unidented connections are classified as + * the same ident. + */ + number_per_ident = 2; + + /* number per ip: the number of local users per host allowed */ + number_per_ip = 3; + + /* number per ip global: the number of network wide connections + * per host allowed for a user, including connections to the + * local server. + */ + number_per_ip_global = 5; + + /* cidr_bitlen: Limits numbers of connections from a subnet size + * the following example makes the subnet /64 this is useful + * for IPv6 connections in particular + * Also note that the way ircd-ratbox is written if you have + * compiled support for IPv6, IPv4 cidr bitlens need to be modified + * Basically to get the approriate length add 96 to the IPv4 length + * For example for a /24 do 96+24 = 120 + * + */ + cidr_bitlen = 64; + + /* number_per_cidr: Number of connections to allow from a subnet of the + * size given in cidr_bitlen. 4 seems to be a good default to me. + */ + number_per_cidr = 4; + + /* max number: the maximum number of users allowed in this class */ + max_number = 100; + + /* sendq: the amount of data allowed in a clients queue before + * they are dropped. + */ + sendq = 100 kbytes; +}; + +class "restricted" { + ping_time = 1 minute 30 seconds; + number_per_ip = 1; + max_number = 100; + sendq = 60kb; +}; + +class "opers" { + ping_time = 5 minutes; + number_per_ip = 10; + max_number = 100; + sendq = 100kbytes; +}; + +class "server" { + ping_time = 5 minutes; + + /* connectfreq: only used in server classes. specifies the delay + * between autoconnecting to servers. + */ + connectfreq = 5 minutes; + + /* max number: the amount of servers to autoconnect to */ + max_number = 1; + + /* sendq: servers need a higher sendq as they send more data */ + sendq=2 megabytes; + + /* sendq eob: servers sendq after the end of burst. */ + sendq_eob = 500 kbytes; +}; + +/* listen {}: contain information about the ports ircd listens on (OLD P:) */ +listen { + /* port: the specific port to listen on. if no host is specified + * before, it will listen on all available IPs. + * + * ports are seperated via a comma, a range may be specified using ".." + */ + + /* port: listen on all available IPs, ports 5000 and 6665 to 6669 */ + port = 5000, 6665 .. 6669; + + /* host: set a specific IP/host the ports after the line will listen + * on. This may be ipv4 or ipv6. + */ + host = "1.2.3.4"; + port = 7000, 7001; + + host = "3ffe:1234:a:b:c::d"; + port = 7002; +}; + +/* auth {}: allow users to connect to the ircd (OLD I:) */ +auth { + /* user: the user@host allowed to connect. multiple IPv4/IPv6 user + * lines are permitted per auth block. + */ + user = "*@172.16.0.0/12"; + user = "*test@123D:B567:*"; + + /* encrypted: specifies whether the password below is encrypted + * or not. MD5 is supported, default is not encrypted + */ + #encrypted = yes; + + /* password: an optional password that is required to use this block. */ + password = "letmein"; + + /* spoof: fake the users user@host to be be this. You may either + * specify a host or a user@host to spoof to. This is free-form, + * just do everyone a favour and dont abuse it. (OLD I: = flag) + */ + spoof = "I.still.hate.packets"; + + /* Possible flags in auth: + * + * spoof_notice | give a notice when spoofing hosts + * exceed_limit (old > flag) | allow user to exceed class user limits + * kline_exempt (old ^ flag) | exempt this user from k/g/xlines + * gline_exempt (old _ flag) | exempt this user from glines + * spambot_exempt | exempt this user from spambot checks + * shide_exempt | exempt this user from serverhiding + * flood_exempt | exempt this user from flood limits + * USE WITH CAUTION. + * no_tilde (old - flag) | don't prefix ~ to username if no ident + * need_ident (old + flag) | require ident for user in this class + */ + flags = kline_exempt, exceed_limit; + + /* class: the class the user is placed in */ + class = "opers"; +}; + +auth { + /* redirect: the server and port to redirect a user to. A user does + * not have to obey the redirection, the ircd just suggests to them + * an alternative server. + */ + redirserv = "irc.fi"; + redirport = 6667; + + user = "*.fi"; + + /* class: a class is required even though it is not used */ + class = "users"; +}; + +auth { + user = "*@*"; + class = "users"; + + flags = need_ident; +}; + +/* operator {}: defines ircd operators. (OLD O:) + * ircd-ratbox no longer supports local operators, privileges are + * controlled via flags. + */ +operator "god" { + /* name: the name of the oper must go above */ + + /* user: the user@host required for this operator. CIDR *is* + * supported now. + * multiple user="" lines are supported. + */ + user = "*god@*"; + user = "*@127.0.0.1"; + + /* encrypted: specifies whether the password below is encrypted + * or not. default is encrypted. + */ + #encrypted = no; + + /* password: the password required to oper. Unless encrypted=no; + * this will need to be encrypted using mkpasswd, MD5 is + * supported + */ + password = "etcnjl8juSU1E"; + + /* rsa key: the public key for this oper when using Challenge. + * A password should not be defined when this is used, see + * doc/challenge.txt for more information. + */ + #rsa_public_key_file = "/usr/local/ircd/etc/oper.pub"; + + /* umodes: the specific umodes this oper gets when they oper. + * If this is specified an oper will not be given oper_umodes + * These are described above oper_only_umodes in general {}; + */ + #umodes = locops, servnotice, operwall, wallop; + + /* privileges: controls the activities and commands an oper is + * allowed to do on the server. All options default to no. + * Available options: + * + * local_kill: allows local users to be /KILL'd + * global_kill: allows local and remote users to be + * /KILL'd (OLD 'O' flag) + * remote: allows remote SQUIT and CONNECT (OLD 'R' flag) + * kline: allows KILL, KLINE and DLINE (OLD 'K' flag) + * unkline: allows UNKLINE and UNDLINE (OLD 'U' flag) + * gline: allows GLINE (OLD 'G' flag) + * nick_changes: allows oper to see nickchanges (OLD 'N' flag) + * via usermode +n + * rehash: allows oper to REHASH config (OLD 'H' flag) + * die: allows DIE and RESTART (OLD 'D' flag) + * admin: gives admin privileges. admins + * may (un)load modules and see the + * real IPs of servers. + * hidden_admin: gives admin privileges except + * will not have the admin lines in + * stats p and whois. + * xline: allows use of /quote xline/unxline + * operwall: allows the oper to send operwalls + * oper_spy: allows 'operspy' features to see through +s + * channels etc. see /quote help operspy + * hidden_oper: hides the oper from /stats p (OLD UMODE +p) + */ + flags = global_kill, remote, kline, unkline, gline, + die, rehash, admin, xline, operwall; +}; + +/* connect {}: controls servers we connect to (OLD C:, N:, H:, L:) */ +connect "irc.uplink.com" { + /* the name must go above */ + + /* host: the host or IP to connect to. If a hostname is used it + * must match the reverse dns of the server. + */ + host = "192.168.0.1"; + + /* vhost: the host or IP to bind to for this connection. If this + * is not specified, the default vhost (in serverinfo {}) is used. + */ + #vhost = "192.168.0.50"; + + /* passwords: the passwords we send (OLD C:) and accept (OLD N:). + * The remote server will have these passwords reversed. + */ + send_password = "password"; + accept_password = "anotherpassword"; + + /* port: the port to connect to this server on */ + port = 6666; + + /* hub mask: the mask of servers that this server may hub. Multiple + * entries are permitted + */ + hub_mask = "*"; + + /* leaf mask: the mask of servers this server may not hub. Multiple + * entries are permitted. Useful for forbidding EU -> US -> EU routes. + */ + #leaf_mask = "*.uk"; + + /* class: the class this server is in */ + class = "server"; + + /* flags: controls special options for this server + * encrypted - marks the accept_password as being crypt()'d + * autoconn - automatically connect to this server + * compressed - compress traffic via ziplinks + * topicburst - burst topics between servers + */ + flags = compressed, topicburst; +}; + +connect "ipv6.some.server" { + host = "3ffd:dead:beef::1"; + send_password = "password"; + accept_password = "password"; + port = 6666; + + /* aftype: controls whether the connection uses "ipv4" or "ipv6". + * Default is ipv4. + */ + aftype = ipv6; + class = "server"; +}; + +/* cluster {}; servers that we propagate things to automatically. + * NOTE: This does NOT grant them privileges to apply anything locally, + * you must add a seperate shared block for that. + */ +cluster { + /* name: the server to share with, this can be a wildcard */ + /* NOTE: clustering is only done for actions by LOCAL opers, so the + * action will only be clustered to the servers that the originating + * server has set as such. + */ + name = "*.lan"; + + /* type: list of what to share, options: + * kline - share perm klines + * tkline - share temp klines + * unkline - share unklines + * locops - share locops + * xline - share perm xlines + * txline - share temp xlines + * unxline - share unxlines + * resv - share perm resvs + * tresv - share temp resvs + * unresv - share unresvs + * all - share all of the above + */ + type = kline, unkline, locops; +}; + +/* shared {}: users that are allowed to place remote bans on our server. + * NOTE: These are ordered top down. The first one the user@host and server + * matches will be used. Their access will then be decided on that + * block and will not fall back to another block that matches. + */ +shared { + /* name: the server the user must be on to set klines. If this is not + * specified, the user will be allowed to kline from all servers. + */ + name = "irc2.some.server"; + + /* user: the user@host mask that is allowed to set klines. If this is + * not specified, all users on the server above will be allowed to set + * a remote kline. + */ + user = "oper@my.host.is.spoofed"; + + /* type: list of what to share, options: + * kline - allow setting perm/temp klines + * tkline - allow setting temp klines + * unkline - allow removing klines + * xline - allow setting perm/temp xlines + * txline - allow setting temp xlines + * unxline - allow removing xlines + * resv - allow setting perm/temp resvs + * tresv - allow setting temp resvs + * unresv - allow removing xlines + * locops - allow locops - only used for servers who cluster + * all - allow oper/server to do all of above. + */ + type = kline, unkline; +}; + +/* kill {}: users that are not allowed to connect (OLD K:) + * Oper issued klines will be added to the specified kline config + */ +kill { + user = "bad@*.hacked.edu"; + reason = "Obviously hacked account"; +}; + +/* deny {}: IPs that are not allowed to connect (before DNS/ident lookup) + * Oper issued dlines will be added to the specified dline config + */ +deny { + ip = "10.0.1.0/24"; + reason = "Reconnecting vhosted bots"; +}; + +/* exempt {}: IPs that are exempt from deny {} and Dlines. (OLD d:) */ +exempt { + ip = "192.168.0.0/16"; +}; + +/* resv {}: nicks and channels users may not use/join (OLD Q:) */ +resv { + /* reason: the reason for the proceeding resv's */ + reason = "There are no services on this network"; + + /* resv: the nicks and channels users may not join/use */ + nick = "nickserv"; + nick = "chanserv"; + channel = "#services"; + + /* resv: wildcard masks are also supported in nicks only */ + reason = "Clone bots"; + nick = "clone*"; +}; + +/* gecos {}: The X: replacement, used for banning users based on their + * "realname". All clients matching gecos fields are silently rejected. + */ +gecos { + name = "*sex*"; + reason = "Possible spambot"; +}; + +/* The channel block contains options pertaining to channels */ +channel { + /* invex: Enable/disable channel mode +I, a n!u@h list of masks + * that can join a +i channel without an invite. + */ + use_invex = yes; + + /* except: Enable/disable channel mode +e, a n!u@h list of masks + * that can join a channel through a ban (+b). + */ + use_except = yes; + + /* knock: Allows users to request an invite to a channel that + * is locked somehow (+ikl). If the channel is +p or you are banned + * the knock will not be sent. + */ + use_knock = yes; + + /* knock delay: The amount of time a user must wait between issuing + * the knock command. + */ + knock_delay = 5 minutes; + + /* knock channel delay: How often a knock to any specific channel + * is permitted, regardless of the user sending the knock. + */ + knock_delay_channel = 1 minute; + + /* max chans: The maximum number of channels a user can join/be on. */ + max_chans_per_user = 15; + + /* quiet on ban: stop banned people talking in channels. */ + quiet_on_ban = yes; + + /* max bans: maximum number of +b/e/I modes in a channel */ + max_bans = 25; + + /* splitcode: the ircd will check every 10s as to whether splitmode + * should be disabled or not, so there may be a delay between a + * netsplit ending and splitmode ending. + * + * both split users and split servers must be true to enter splitmode + * + * you may force splitmode to be permanent by /quote set splitmode on + */ + + /* split users: when the usercount is lower than this level, consider + * ourselves split. this must be set for automatic splitmode + */ + default_split_user_count = 0; + + /* split servers: when the servercount is lower than this, consider + * ourselves split. this must be set for automatic splitmode + */ + default_split_server_count = 0; + + /* split delay: the amount of time after the netsplit ends to come + * out of splitmode. 0 disables. + */ + default_split_delay = 15 seconds; + + /* split no create: disallow users creating channels on split, works in + * tandem with persistant channels, that have retained their modes. + */ + no_create_on_split = no; + + /* split: no join: disallow users joining channels at all on a split */ + no_join_on_split = no; + + /* no oper resvs: allow opers to join/talk through channel jupes */ + no_oper_resvs = no; + + /* burst topicwho: when bursting topics, also burst the topic setter */ + burst_topicwho = yes; +}; + + +/* The serverhide block contains the options regarding serverhiding */ +serverhide { + /* flatten links: this option will show all servers in /links appear + * that they are linked to this current server + */ + flatten_links = no; + + /* links delay: how often to update the links file when it is + * flattened. + */ + links_delay = 5 minutes; + + /* hidden: hide this server from a /links output on servers that + * support it. this allows hub servers to be hidden etc. + */ + hidden = no; + + /* disable hidden: prevent servers hiding themselves from a + * /links ouput. + */ + disable_hidden = no; +}; + +/* The general block contains many of the options that were once compiled + * in options in config.h. The general block is read at start time. + */ +general { + /* hide error messages: defines whether error messages from + * servers are hidden or not. These can sometimes contain IPs and + * can have an adverse effect on server ip hiding. Set to: + * yes: hide from opers and admin + * opers: hide from opers only + * no: do not hide error messages + */ + hide_error_messages = opers; + + /* default operstring: defines the default oper response + * in /whois queries, eg "is an IRC Operator" + */ + default_operstring = "is an IRC Operator"; + + /* default adminstring: defines the default admin response + * in /whois queries, eg "is a Server Administrator" + */ + default_adminstring = "is a Server Administrator"; + + /* disable fake channels: disable local users joining fake versions + * of channels, eg #foo^B^B. Disables bold, mirc colour, reverse, + * underline and hard space. (ASCII 2, 3, 22, 31, 160 respectively). + */ + disable_fake_channels = no; + + /* tkline_expire_notices: give a notice to opers when a tkline + * expires + */ + tkline_expire_notices = no; + + /* floodcount: the default value of floodcount that is configurable + * via /quote set floodcount. This is the amount of lines a user + * may send to any other user/channel in one second. + */ + default_floodcount = 10; + + /* failed oper notice: send a notice to all opers on the server when + * someone tries to OPER and uses the wrong password, host or ident. + */ + failed_oper_notice = yes; + + /* dots in ident: the amount of '.' characters permitted in an ident + * reply before the user is rejected. + */ + dots_in_ident=2; + + /* dot in ipv6: ircd-hybrid-6.0 and earlier will disallow hosts + * without a '.' in them. this will add one to the end. only needed + * for older servers. + */ + dot_in_ip6_addr = no; + + /* min nonwildcard: the minimum non wildcard characters in k/d/g lines + * placed via the server. klines hand placed are exempt from limits. + * wildcard chars: '.' '*' '?' '@' + */ + min_nonwildcard = 4; + + /* min nonwildcard simple: the minimum non wildcard characters in + * xlines/resvs placed via the server. + * wildcard chars: '*' '?' + */ + min_nonwildcard_simple = 3; + + /* max accept: maximum allowed /accept's for +g usermode */ + max_accept = 20; + + /* nick flood: enable the nickflood control code */ + anti_nick_flood = yes; + + /* nick flood: the nick changes allowed in the specified period */ + max_nick_time = 20 seconds; + max_nick_changes = 5; + + /* anti spam time: the minimum time a user must be connected before + * custom quit messages are allowed. + */ + anti_spam_exit_message_time = 5 minutes; + + /* ts delta: the time delta allowed between server clocks before + * a warning is given, or before the link is dropped. all servers + * should run ntpdate/rdate to keep clocks in sync + */ + ts_warn_delta = 30 seconds; + ts_max_delta = 5 minutes; + + /* client exit: prepend a users quit message with "Client exit: " */ + client_exit = yes; + + /* kline delay: delay the checking of klines until a specified time. + * Useful if large kline lists are applied often to prevent the + * server eating CPU. + */ + kline_delay = 0 seconds; + + /* kline reason: show the user the reason why they are k/d/glined + * on exit. may give away who set k/dline when set via tcm. + */ + kline_with_reason = yes; + + /* kline reason: make the users quit message on channels this + * reason instead of the oper's reason. + */ + kline_reason = "Connection closed"; + + /* non redundant klines: flag and ignore redundant klines */ + non_redundant_klines = yes; + + /* warn no nline: warn opers about servers that try to connect but + * we dont have a connect {} block for. Twits with misconfigured + * servers can get really annoying with this enabled. + */ + warn_no_nline = yes; + + /* stats e disabled: disable stats e. useful if server ips are + * exempted and you dont want them listing on irc. + */ + stats_e_disabled = no; + + /* stats c oper only: make stats c (connect {}) oper only */ + stats_c_oper_only=no; + + /* stats h oper only: make stats h (hub_mask/leaf_mask) oper only */ + stats_h_oper_only=no; + + /* stats y oper only: make stats y (class {}) oper only */ + stats_y_oper_only=no; + + /* stats o oper only: make stats o (opers) oper only */ + stats_o_oper_only=yes; + + /* stats P oper only: make stats P (ports) oper only + * NOTE: users doing stats P will never be given the ips that the + * server listens on, simply the ports. + */ + stats_P_oper_only=no; + + /* stats i oper only: make stats i (auth {}) oper only. set to: + * yes: show users no auth blocks, made oper only. + * masked: show users first matching auth block + * no: show users all auth blocks. + */ + stats_i_oper_only=masked; + + /* stats k/K oper only: make stats k/K (klines) oper only. set to: + * yes: show users no auth blocks, made oper only + * masked: show users first matching auth block + * no: show users all auth blocks. + */ + stats_k_oper_only=masked; + + /* map oper only: make /map oper only */ + map_oper_only = no; + + /* operspy admin only: make operspy notices to +Z admin only */ + operspy_admin_only = no; + + /* caller id wait: time between notifying a +g user that somebody + * is messaging them. + */ + caller_id_wait = 1 minute; + + /* pace wait simple: time between use of less intensive commands + * (HELP, remote WHOIS, WHOWAS) + */ + pace_wait_simple = 1 second; + + /* pace wait: time between more intensive commands + * (ADMIN, INFO, LIST, LUSERS, MOTD, STATS, VERSION) + */ + pace_wait = 10 seconds; + + /* short motd: send clients a notice telling them to read the motd + * instead of forcing a motd to clients who may simply ignore it. + */ + short_motd = no; + + /* ping cookies: require clients to respond exactly to a ping command, + * can help block certain types of drones and FTP PASV mode spoofing. + */ + ping_cookie = no; + + /* connect timeout: sets how long we should wait for a connection + * request to succeed + */ + connect_timeout = 30 seconds; + + /* disable auth: disables identd checking + disable_auth = no; + + /* no oper flood: increase flood limits for opers. */ + no_oper_flood = yes; + + /* glines: enable glines, network wide temp klines */ + glines = yes; + + /* gline time: the amount of time a gline will remain before expiring */ + gline_time = 1 day; + + /* gline_min_cidr: If using a CIDR gline, the minimum length the + * mask must be + */ + gline_min_cidr = 16; + + /* idletime: the maximum amount of time a user may idle before + * they are disconnected + */ + idletime = 0; + + /* REMOVE ME. The following line checks you've been reading. */ + havent_read_conf = yes; + + /* max targets: the maximum amount of targets in a single + * PRIVMSG/NOTICE. set to 999 NOT 0 for unlimited. + */ + max_targets = 4; + + /* client flood: maximum number of lines in a clients queue before + * they are dropped for flooding. + */ + client_flood = 20; + + /* use_whois_actually: send clients requesting a whois a numeric + * giving the real IP of non-spoofed clients to prevent DNS abuse. + */ + use_whois_actually = yes; + + /* usermodes configurable: a list of usermodes for the options below + * + * +b - bots - See bot and drone flooding notices + * +c - cconn - Client connection/quit notices + * +C - cconnext - Extended client connection/quit notices + * +d - debug - See debugging notices + * +f - full - See I: line full notices + * +g - callerid - Server Side Ignore + * +i - invisible - Not shown in NAMES or WHO unless you share a + * a channel + * +k - skill - See server generated KILL messages + * +l - locops - See LOCOPS messages + * +n - nchange - See client nick changes + * +r - rej - See rejected client notices + * +s - servnotice - See general server notices + * +u - unauth - See unauthorised client notices + * +w - wallop - See server generated WALLOPS + * +x - external - See remote server connection and split notices + * +y - spy - See LINKS, STATS, TRACE notices etc. + * +z - operwall - See oper generated WALLOPS + * +Z - operspy - See operspy notices + */ + + /* oper only umodes: usermodes only opers may set */ + oper_only_umodes = bots, cconn, debug, full, skill, nchange, + rej, spy, external, operwall, locops, unauth; + + /* oper umodes: default usermodes opers get when they /oper */ + oper_umodes = locops, servnotice, operwall, wallop; + + /* servlink path: path to 'servlink' program used by ircd to handle + * encrypted/compressed server <-> server links. + * + * only define if servlink is not in same directory as ircd itself. + */ + #servlink_path = "/usr/local/ircd/bin/servlink"; + + /* use egd: if your system does not have *random devices yet you + * want to use OpenSSL and encrypted links, enable this. Beware - + * EGD is *very* CPU intensive when gathering data for its pool + */ + #use_egd = yes; + + /* egdpool path: path to EGD pool. Not necessary for OpenSSL >= 0.9.7 + * which automatically finds the path. + */ + #egdpool_path = "/var/run/egd-pool"; + + + /* compression level: level of compression for compressed links between + * servers. + * + * values are between: 1 (least compression, fastest) + * and: 9 (most compression, slowest). + */ + #compression_level = 6; + + /* fallback_to_ip6_int: This enables falling back to using the + * ip6.int domain for reverse IPv6 lookups if the lookup for + * ip6.arpa failed. This is obviously a feature that should be + * removed upon the completion of the migration to ip6.arpa + */ + fallback_to_ip6_int = yes; + + /* burst_away: This enables bursting away messages to servers. + * With this disabled, we will only propogate AWAY messages + * as users send them, but never burst them. Be warned though + * enabling this could increase the size of a burst significantly + * for a large network, like EFnet. + */ + burst_away = yes; + + /* reject time: the amount of rejections through klines/dlines etc + * allowed in the given time before the rejection is cached and + * a pseudo temp dline is placed + */ + reject_ban_time = 1 minute; + reject_after_count = 3; + + /* reject duration: the amount of time to cache the rejection */ + reject_duration = 5 minutes; +}; + +modules { + /* module path: paths to search for modules specified below and + * in /modload. + */ + path = "/usr/local/ircd/modules"; + path = "/usr/local/ircd/modules/autoload"; + + /* module: the name of a module to load on startup/rehash */ + #module = "some_module.so"; +}; diff -ruN ircd-ratbox-2.0.2/src/s_user.c ircd-ratbox-2.0.2-moderename/src/s_user.c --- ircd-ratbox-2.0.2/src/s_user.c Tue Aug 31 00:10:00 2004 +++ ircd-ratbox-2.0.2-moderename/src/s_user.c Fri Oct 1 11:21:16 2004 @@ -73,11 +73,11 @@ {UMODE_BOTS, 'b'}, {UMODE_CCONN, 'c'}, {UMODE_CCONNEXT, 'C'}, - {UMODE_DEBUG, 'd'}, + {UMODE_DEBUG, 'D'}, {UMODE_FULL, 'f'}, {UMODE_CALLERID, 'g'}, {UMODE_INVISIBLE, 'i'}, - {UMODE_SKILL, 'k'}, + {UMODE_SKILL, 'K'}, {UMODE_LOCOPS, 'l'}, {UMODE_NCHANGE, 'n'}, {UMODE_OPER, 'o'}, @@ -85,7 +85,7 @@ {UMODE_SERVNOTICE, 's'}, {UMODE_UNAUTH, 'u'}, {UMODE_WALLOP, 'w'}, - {UMODE_EXTERNAL, 'x'}, + {UMODE_EXTERNAL, 'X'}, {UMODE_SPY, 'y'}, {UMODE_OPERWALL, 'z'}, {UMODE_OPERSPY, 'Z'}, @@ -102,14 +102,14 @@ 0, /* A */ 0, /* B */ UMODE_CCONNEXT, /* C */ - 0, /* D */ + UMODE_DEBUG, /* D */ 0, /* E */ 0, /* F */ 0, /* G */ 0, /* H */ 0, /* I */ 0, /* J */ - 0, /* K */ + UMODE_SKILL, /* K */ 0, /* L */ 0, /* M */ 0, /* N */ @@ -122,21 +122,21 @@ 0, /* U */ 0, /* V */ 0, /* W */ - 0, /* X */ + UMODE_EXTERNAL, /* X */ 0, /* Y */ UMODE_OPERSPY, /* Z */ /* 0x5B */ 0, 0, 0, 0, 0, 0, /* 0x60 */ UMODE_ADMIN, /* a */ UMODE_BOTS, /* b */ UMODE_CCONN, /* c */ - UMODE_DEBUG, /* d */ + 0, /* d */ 0, /* e */ UMODE_FULL, /* f */ UMODE_CALLERID, /* g */ 0, /* h */ UMODE_INVISIBLE, /* i */ 0, /* j */ - UMODE_SKILL, /* k */ + 0, /* k */ UMODE_LOCOPS, /* l */ 0, /* m */ UMODE_NCHANGE, /* n */ @@ -149,7 +149,7 @@ UMODE_UNAUTH, /* u */ 0, /* v */ UMODE_WALLOP, /* w */ - UMODE_EXTERNAL, /* x */ + 0, /* x */ UMODE_SPY, /* y */ UMODE_OPERWALL, /* z */ /* 0x7B */ 0, 0, 0, 0, 0, /* 0x7F */ diff -ruN ircd-ratbox-2.0.2/src/s_user.c.orig ircd-ratbox-2.0.2-moderename/src/s_user.c.orig --- ircd-ratbox-2.0.2/src/s_user.c.orig Thu Jan 1 01:00:00 1970 +++ ircd-ratbox-2.0.2-moderename/src/s_user.c.orig Tue Aug 31 00:10:00 2004 @@ -0,0 +1,1139 @@ +/* + * ircd-ratbox: A slightly useful ircd. + * s_user.c: User related functions. + * + * Copyright (C) 1990 Jarkko Oikarinen and University of Oulu, Co Center + * Copyright (C) 1996-2002 Hybrid Development Team + * Copyright (C) 2002-2004 ircd-ratbox development team + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 + * USA + * + * $Id: s_user.c,v 7.323.2.3 2004/08/30 22:10:00 leeh Exp $ + */ + +#include "stdinc.h" +#include "tools.h" +#include "s_user.h" +#include "channel.h" +#include "class.h" +#include "client.h" +#include "common.h" +#include "hash.h" +#include "irc_string.h" +#include "sprintf_irc.h" +#include "ircd.h" +#include "listener.h" +#include "msg.h" +#include "numeric.h" +#include "commio.h" +#include "s_conf.h" +#include "s_newconf.h" +#include "s_log.h" +#include "s_serv.h" +#include "s_stats.h" +#include "scache.h" +#include "send.h" +#include "supported.h" +#include "whowas.h" +#include "memory.h" +#include "packet.h" +#include "reject.h" +#include "cache.h" +#include "hook.h" + +static void report_and_set_user_flags(struct Client *, struct ConfItem *); +void user_welcome(struct Client *source_p); + +extern char *crypt(); + +/* table of ascii char letters to corresponding bitmask */ + +struct flag_item +{ + int mode; + char letter; +}; + +/* *INDENT-OFF* */ +static struct flag_item user_modes[] = { + {UMODE_ADMIN, 'a'}, + {UMODE_BOTS, 'b'}, + {UMODE_CCONN, 'c'}, + {UMODE_CCONNEXT, 'C'}, + {UMODE_DEBUG, 'd'}, + {UMODE_FULL, 'f'}, + {UMODE_CALLERID, 'g'}, + {UMODE_INVISIBLE, 'i'}, + {UMODE_SKILL, 'k'}, + {UMODE_LOCOPS, 'l'}, + {UMODE_NCHANGE, 'n'}, + {UMODE_OPER, 'o'}, + {UMODE_REJ, 'r'}, + {UMODE_SERVNOTICE, 's'}, + {UMODE_UNAUTH, 'u'}, + {UMODE_WALLOP, 'w'}, + {UMODE_EXTERNAL, 'x'}, + {UMODE_SPY, 'y'}, + {UMODE_OPERWALL, 'z'}, + {UMODE_OPERSPY, 'Z'}, + {0, 0} +}; + +/* memory is cheap. map 0-255 to equivalent mode */ +int user_modes_from_c_to_bitmask[] = { + /* 0x00 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x0F */ + /* 0x10 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x1F */ + /* 0x20 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x2F */ + /* 0x30 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x3F */ + 0, /* @ */ + 0, /* A */ + 0, /* B */ + UMODE_CCONNEXT, /* C */ + 0, /* D */ + 0, /* E */ + 0, /* F */ + 0, /* G */ + 0, /* H */ + 0, /* I */ + 0, /* J */ + 0, /* K */ + 0, /* L */ + 0, /* M */ + 0, /* N */ + 0, /* O */ + 0, /* P */ + 0, /* Q */ + 0, /* R */ + 0, /* S */ + 0, /* T */ + 0, /* U */ + 0, /* V */ + 0, /* W */ + 0, /* X */ + 0, /* Y */ + UMODE_OPERSPY, /* Z */ + /* 0x5B */ 0, 0, 0, 0, 0, 0, /* 0x60 */ + UMODE_ADMIN, /* a */ + UMODE_BOTS, /* b */ + UMODE_CCONN, /* c */ + UMODE_DEBUG, /* d */ + 0, /* e */ + UMODE_FULL, /* f */ + UMODE_CALLERID, /* g */ + 0, /* h */ + UMODE_INVISIBLE, /* i */ + 0, /* j */ + UMODE_SKILL, /* k */ + UMODE_LOCOPS, /* l */ + 0, /* m */ + UMODE_NCHANGE, /* n */ + UMODE_OPER, /* o */ + 0, /* p */ + 0, /* q */ + UMODE_REJ, /* r */ + UMODE_SERVNOTICE, /* s */ + 0, /* t */ + UMODE_UNAUTH, /* u */ + 0, /* v */ + UMODE_WALLOP, /* w */ + UMODE_EXTERNAL, /* x */ + UMODE_SPY, /* y */ + UMODE_OPERWALL, /* z */ + /* 0x7B */ 0, 0, 0, 0, 0, /* 0x7F */ + /* 0x80 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x9F */ + /* 0x90 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0x9F */ + /* 0xA0 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0xAF */ + /* 0xB0 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0xBF */ + /* 0xC0 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0xCF */ + /* 0xD0 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0xDF */ + /* 0xE0 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, /* 0xEF */ + /* 0xF0 */ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 /* 0xFF */ +}; +/* *INDENT-ON* */ + +/* + * show_lusers - + * + * inputs - pointer to client + * output - + * side effects - display to client user counts etc. + */ +int +show_lusers(struct Client *source_p) +{ + sendto_one_numeric(source_p, RPL_LUSERCLIENT, form_str(RPL_LUSERCLIENT), + (Count.total - Count.invisi), + Count.invisi, dlink_list_length(&global_serv_list)); + + if(Count.oper > 0) + sendto_one_numeric(source_p, RPL_LUSEROP, + form_str(RPL_LUSEROP), Count.oper); + + if(dlink_list_length(&unknown_list) > 0) + sendto_one_numeric(source_p, RPL_LUSERUNKNOWN, + form_str(RPL_LUSERUNKNOWN), + dlink_list_length(&unknown_list)); + + if(dlink_list_length(&global_channel_list) > 0) + sendto_one_numeric(source_p, RPL_LUSERCHANNELS, + form_str(RPL_LUSERCHANNELS), + dlink_list_length(&global_channel_list)); + + sendto_one_numeric(source_p, RPL_LUSERME, form_str(RPL_LUSERME), + dlink_list_length(&lclient_list), + dlink_list_length(&serv_list)); + + sendto_one_numeric(source_p, RPL_LOCALUSERS, + form_str(RPL_LOCALUSERS), + dlink_list_length(&lclient_list), + Count.max_loc); + + sendto_one_numeric(source_p, RPL_GLOBALUSERS, form_str(RPL_GLOBALUSERS), + Count.total, Count.max_tot); + + sendto_one_numeric(source_p, RPL_STATSCONN, + form_str(RPL_STATSCONN), + MaxConnectionCount, MaxClientCount, + Count.totalrestartcount); + + if(dlink_list_length(&lclient_list) > (unsigned long)MaxClientCount) + MaxClientCount = dlink_list_length(&lclient_list); + + if((dlink_list_length(&lclient_list) + dlink_list_length(&serv_list)) > + (unsigned long)MaxConnectionCount) + MaxConnectionCount = dlink_list_length(&lclient_list) + + dlink_list_length(&serv_list); + + return 0; +} + +/* + * show_isupport + * + * inputs - pointer to client + * output - + * side effects - display to client what we support (for them) + */ +void +show_isupport(struct Client *source_p) +{ + char isupportbuffer[512]; + + ircsprintf(isupportbuffer, FEATURES, FEATURESVALUES); + sendto_one_numeric(source_p, RPL_ISUPPORT, form_str(RPL_ISUPPORT), isupportbuffer); + + ircsprintf(isupportbuffer, FEATURES2, FEATURES2VALUES); + sendto_one_numeric(source_p, RPL_ISUPPORT, form_str(RPL_ISUPPORT), isupportbuffer); + + return; +} + + +/* +** register_local_user +** This function is called when both NICK and USER messages +** have been accepted for the client, in whatever order. Only +** after this, is the USER message propagated. +** +** NICK's must be propagated at once when received, although +** it would be better to delay them too until full info is +** available. Doing it is not so simple though, would have +** to implement the following: +** +** (actually it has been implemented already for a while) -orabidoo +** +** 1) user telnets in and gives only "NICK foobar" and waits +** 2) another user far away logs in normally with the nick +** "foobar" (quite legal, as this server didn't propagate +** it). +** 3) now this server gets nick "foobar" from outside, but +** has alread the same defined locally. Current server +** would just issue "KILL foobar" to clean out dups. But, +** this is not fair. It should actually request another +** nick from local user or kill him/her... +*/ + +int +register_local_user(struct Client *client_p, struct Client *source_p, const char *nick, const char *username) +{ + struct ConfItem *aconf; + struct User *user = source_p->user; + char tmpstr2[IRCD_BUFSIZE]; + char ipaddr[HOSTIPLEN]; + char myusername[USERLEN+1]; + int status; + + s_assert(NULL != source_p); + s_assert(MyConnect(source_p)); + s_assert(source_p->username != username); + + if(source_p == NULL) + return -1; + + if(IsAnyDead(source_p)) + return -1; + + if(ConfigFileEntry.ping_cookie) + { + if(!(source_p->flags & FLAGS_PINGSENT) && source_p->localClient->random_ping == 0) + { + source_p->localClient->random_ping = (unsigned long) (rand() * rand()) << 1; + sendto_one(source_p, "PING :%08lX", + (unsigned long) source_p->localClient->random_ping); + source_p->flags |= FLAGS_PINGSENT; + return -1; + } + if(!(source_p->flags2 & FLAGS2_PING_COOKIE)) + { + return -1; + } + } + + + client_p->localClient->last = CurrentTime; + /* Straight up the maximum rate of flooding... */ + source_p->localClient->allow_read = MAX_FLOOD_BURST; + + /* XXX - fixme. we shouldnt have to build a users buffer twice.. */ + if(!IsGotId(source_p) && (strchr(username, '[') != NULL)) + { + const char *p; + int i = 0; + + p = username; + + while(*p && i < USERLEN) + { + if(*p != '[') + myusername[i++] = *p; + p++; + } + + myusername[i] = '\0'; + username = myusername; + } + + if((status = check_client(client_p, source_p, username)) < 0) + return (CLIENT_EXITED); + + if(!valid_hostname(source_p->host)) + { + sendto_one(source_p, + ":%s NOTICE %s :*** Notice -- You have an illegal character in your hostname", + me.name, source_p->name); + + strlcpy(source_p->host, source_p->sockhost, sizeof(source_p->host)); + +#ifdef IPV6 + if(ConfigFileEntry.dot_in_ip6_addr == 1) + strlcat(source_p->host, ".", sizeof(source_p->host)); +#endif + } + + + aconf = source_p->localClient->att_conf; + + if(aconf == NULL) + { + exit_client(client_p, source_p, &me, "*** Not Authorised"); + return (CLIENT_EXITED); + } + + if(!IsGotId(source_p)) + { + const char *p; + int i = 0; + + if(IsNeedIdentd(aconf)) + { + ServerStats->is_ref++; + sendto_one(source_p, + ":%s NOTICE %s :*** Notice -- You need to install identd to use this server", + me.name, client_p->name); + exit_client(client_p, source_p, &me, "Install identd"); + return (CLIENT_EXITED); + } + + /* dont replace username if its supposed to be spoofed --fl */ + if(!IsConfDoSpoofIp(aconf) || !strchr(aconf->name, '@')) + { + p = username; + + if(!IsNoTilde(aconf)) + source_p->username[i++] = '~'; + + while (*p && i < USERLEN) + { + if(*p != '[') + source_p->username[i++] = *p; + p++; + } + + source_p->username[i] = '\0'; + } + } + + /* password check */ + if(!EmptyString(aconf->passwd)) + { + const char *encr; + + if(EmptyString(source_p->localClient->passwd)) + encr = ""; + else if(IsConfEncrypted(aconf)) + encr = crypt(source_p->localClient->passwd, aconf->passwd); + else + encr = source_p->localClient->passwd; + + if(strcmp(encr, aconf->passwd)) + { + ServerStats->is_ref++; + sendto_one(source_p, form_str(ERR_PASSWDMISMATCH), me.name, source_p->name); + exit_client(client_p, source_p, &me, "Bad Password"); + return (CLIENT_EXITED); + } + } + + if(source_p->localClient->passwd) + { + memset(source_p->localClient->passwd, 0, strlen(source_p->localClient->passwd)); + MyFree(source_p->localClient->passwd); + source_p->localClient->passwd = NULL; + } + + /* report if user has &^>= etc. and set flags as needed in source_p */ + report_and_set_user_flags(source_p, aconf); + + /* Limit clients */ + /* + * We want to be able to have servers and F-line clients + * connect, so save room for "buffer" connections. + * Smaller servers may want to decrease this, and it should + * probably be just a percentage of the MAXCLIENTS... + * -Taner + */ + /* Except "F:" clients */ + if(((dlink_list_length(&lclient_list) + 1) >= + ((unsigned long)GlobalSetOptions.maxclients + MAX_BUFFER) || + (dlink_list_length(&lclient_list) + 1) >= + ((unsigned long)GlobalSetOptions.maxclients - 5)) && !(IsExemptLimits(source_p))) + { + sendto_realops_flags(UMODE_FULL, L_ALL, + "Too many clients, rejecting %s[%s].", nick, source_p->host); + + ServerStats->is_ref++; + exit_client(client_p, source_p, &me, "Sorry, server is full - try later"); + return (CLIENT_EXITED); + } + + /* valid user name check */ + + if(!valid_username(source_p->username)) + { + sendto_realops_flags(UMODE_REJ, L_ALL, + "Invalid username: %s (%s@%s)", + nick, source_p->username, source_p->host); + ServerStats->is_ref++; + ircsprintf(tmpstr2, "Invalid username [%s]", source_p->username); + exit_client(client_p, source_p, &me, tmpstr2); + return (CLIENT_EXITED); + } + + /* end of valid user name check */ + + /* kline exemption extends to xline too */ + if(!IsExemptKline(source_p) && + find_xline(source_p->info, 1) != NULL) + { + ServerStats->is_ref++; + add_reject(source_p); + exit_client(client_p, source_p, &me, "Bad user info"); + return CLIENT_EXITED; + } + + /* Any hooks using this event *must* check for the client being dead + * when its called. If the hook wants to terminate the client, it + * can call exit_client(). --fl + */ + hook_call_event(h_client_auth_id, client_p); + + if(IsAnyDead(client_p)) + return CLIENT_EXITED; + + inetntop_sock((struct sockaddr *)&source_p->localClient->ip, ipaddr, sizeof(ipaddr)); + + sendto_realops_flags(UMODE_CCONN, L_ALL, + "Client connecting: %s (%s@%s) [%s] {%s} [%s]", + nick, source_p->username, source_p->host, +#ifdef HIDE_SPOOF_IPS + IsIPSpoof(source_p) ? "255.255.255.255" : +#endif + ipaddr, get_client_class(source_p), source_p->info); + + sendto_realops_flags(UMODE_CCONNEXT, L_ALL, + "CLICONN %s %s %s %s %s %s 0 %s", + nick, source_p->username, source_p->host, +#ifdef HIDE_SPOOF_IPS + IsIPSpoof(source_p) ? "255.255.255.255" : +#endif + ipaddr, get_client_class(source_p), + source_p->localClient->fullcaps, + source_p->info); + + MyFree(source_p->localClient->fullcaps); + source_p->localClient->fullcaps = 0; + + /* If they have died in send_* don't do anything. */ + if(IsAnyDead(source_p)) + return CLIENT_EXITED; + + add_to_hostname_hash(source_p->host, source_p); + + strcpy(source_p->id, generate_uid()); + add_to_id_hash(source_p->id, source_p); + + source_p->umodes |= UMODE_INVISIBLE; + + Count.invisi++; + + s_assert(!IsClient(source_p)); + dlinkMoveNode(&source_p->localClient->tnode, &unknown_list, &lclient_list); + SetClient(source_p); + + /* XXX source_p->servptr is &me, since local client */ + source_p->servptr = find_server(NULL, user->server); + dlinkAdd(source_p, &source_p->lnode, &source_p->servptr->serv->users); + /* Increment our total user count here */ + if(++Count.total > Count.max_tot) + Count.max_tot = Count.total; + source_p->localClient->allow_read = MAX_FLOOD_BURST; + + Count.totalrestartcount++; + + s_assert(source_p->localClient != NULL); + + if(dlink_list_length(&lclient_list) > (unsigned long)Count.max_loc) + { + Count.max_loc = dlink_list_length(&lclient_list); + if(!(Count.max_loc % 10)) + sendto_realops_flags(UMODE_ALL, L_ALL, + "New Max Local Clients: %d", Count.max_loc); + } + + user_welcome(source_p); + return (introduce_client(client_p, source_p, user, nick)); +} + +/* + * introduce_clients + * + * inputs - + * output - + * side effects - This common function introduces a client to the rest + * of the net, either from a local client connect or + * from a remote connect. + */ +int +introduce_client(struct Client *client_p, struct Client *source_p, struct User *user, const char *nick) +{ + static char ubuf[12]; + + if(MyClient(source_p)) + send_umode(source_p, source_p, 0, SEND_UMODES, ubuf); + else + send_umode(NULL, source_p, 0, SEND_UMODES, ubuf); + + if(!*ubuf) + { + ubuf[0] = '+'; + ubuf[1] = '\0'; + } + + /* if it has an ID, introduce it with its id to TS6 servers, + * otherwise introduce it normally to all. + */ + if(has_id(source_p)) + { + char sockhost[HOSTLEN]; + if(source_p->sockhost[0] == ':') + { + sockhost[0] = '0'; + sockhost[1] = '\0'; + strlcat(sockhost, source_p->sockhost, sizeof(sockhost)); + } else + strcpy(sockhost, source_p->sockhost); + + sendto_server(client_p, NULL, CAP_TS6, NOCAPS, + ":%s UID %s %d %ld %s %s %s %s %s :%s", + source_p->servptr->id, nick, + source_p->hopcount + 1, + (long) source_p->tsinfo, ubuf, + source_p->username, source_p->host, + IsIPSpoof(source_p) ? "0" : sockhost, + source_p->id, source_p->info); + + sendto_server(client_p, NULL, NOCAPS, CAP_TS6, + "NICK %s %d %ld %s %s %s %s :%s", + nick, source_p->hopcount + 1, + (long) source_p->tsinfo, + ubuf, source_p->username, source_p->host, + user->server, source_p->info); + } + else + sendto_server(client_p, NULL, NOCAPS, NOCAPS, + "NICK %s %d %ld %s %s %s %s :%s", + nick, source_p->hopcount + 1, + (long) source_p->tsinfo, + ubuf, source_p->username, source_p->host, + user->server, source_p->info); + + + return 0; +} + +/* + * valid_hostname - check hostname for validity + * + * Inputs - pointer to user + * Output - YES if valid, NO if not + * Side effects - NONE + * + * NOTE: this doesn't allow a hostname to begin with a dot and + * will not allow more dots than chars. + */ +int +valid_hostname(const char *hostname) +{ + const char *p = hostname; + int found_sep = 0; + + s_assert(NULL != p); + + if(hostname == NULL) + return NO; + + if('.' == *p || ':' == *p) + return NO; + + while (*p) + { + if(!IsHostChar(*p)) + return NO; + if(*p == '.' || *p == ':') + found_sep++; + p++; + } + + if(found_sep == 0) + return(NO); + + return (YES); +} + +/* + * valid_username - check username for validity + * + * Inputs - pointer to user + * Output - YES if valid, NO if not + * Side effects - NONE + * + * Absolutely always reject any '*' '!' '?' '@' in an user name + * reject any odd control characters names. + * Allow '.' in username to allow for "first.last" + * style of username + */ +int +valid_username(const char *username) +{ + int dots = 0; + const char *p = username; + + s_assert(NULL != p); + + if(username == NULL) + return NO; + + if('~' == *p) + ++p; + + /* reject usernames that don't start with an alphanum + * i.e. reject jokers who have '-@somehost' or '.@somehost' + * or "-hi-@somehost", "h-----@somehost" would still be accepted. + */ + if(!IsAlNum(*p)) + return NO; + + while (*++p) + { + if((*p == '.') && ConfigFileEntry.dots_in_ident) + { + dots++; + if(dots > ConfigFileEntry.dots_in_ident) + return NO; + if(!IsUserChar(p[1])) + return NO; + } + else if(!IsUserChar(*p)) + return NO; + } + return YES; +} + +/* report_and_set_user_flags + * + * Inputs - pointer to source_p + * - pointer to aconf for this user + * Output - NONE + * Side effects - + * Report to user any special flags they are getting, and set them. + */ + +static void +report_and_set_user_flags(struct Client *source_p, struct ConfItem *aconf) +{ + /* If this user is being spoofed, tell them so */ + if(IsConfDoSpoofIp(aconf)) + { + sendto_one(source_p, + ":%s NOTICE %s :*** Spoofing your IP. congrats.", + me.name, source_p->name); + } + + /* If this user is in the exception class, Set it "E lined" */ + if(IsConfExemptKline(aconf)) + { + SetExemptKline(source_p); + sendto_one(source_p, + ":%s NOTICE %s :*** You are exempt from K/D/G/X lines. congrats.", + me.name, source_p->name); + } + + if(IsConfExemptGline(aconf)) + { + SetExemptGline(source_p); + + /* dont send both a kline and gline exempt notice */ + if(!IsConfExemptKline(aconf)) + sendto_one(source_p, + ":%s NOTICE %s :*** You are exempt from G lines.", + me.name, source_p->name); + } + + /* If this user is exempt from user limits set it F lined" */ + if(IsConfExemptLimits(aconf)) + { + SetExemptLimits(source_p); + sendto_one(source_p, + ":%s NOTICE %s :*** You are exempt from user limits. congrats.", + me.name, source_p->name); + } + + /* If this user is exempt from idle time outs */ + if(IsConfIdlelined(aconf)) + { + SetIdlelined(source_p); + sendto_one(source_p, + ":%s NOTICE %s :*** You are exempt from idle limits. congrats.", + me.name, source_p->name); + } + + if(IsConfExemptFlood(aconf)) + { + SetExemptFlood(source_p); + sendto_one(source_p, + ":%s NOTICE %s :*** You are exempt from flood limits.", + me.name, source_p->name); + } + + if(IsConfExemptSpambot(aconf)) + { + SetExemptSpambot(source_p); + sendto_one(source_p, + ":%s NOTICE %s :*** You are exempt from spambot checks.", + me.name, source_p->name); + } + + if(IsConfExemptShide(aconf)) + { + SetExemptShide(source_p); + sendto_one(source_p, + ":%s NOTICE %s :*** You are exempt from serverhiding.", + me.name, source_p->name); + } +} + +/* + * user_mode - set get current users mode + * + * m_umode() added 15/10/91 By Darren Reed. + * parv[0] - sender + * parv[1] - username to change mode for + * parv[2] - modes to change + */ +int +user_mode(struct Client *client_p, struct Client *source_p, int parc, const char *parv[]) +{ + int flag; + int i; + const char **p; + char *m; + const char *pm; + struct Client *target_p; + int what, setflags; + int badflag = NO; /* Only send one bad flag notice */ + char buf[BUFSIZE]; + + what = MODE_ADD; + + if(parc < 2) + { + sendto_one(source_p, form_str(ERR_NEEDMOREPARAMS), me.name, source_p->name, "MODE"); + return 0; + } + + if((target_p = find_person(parv[1])) == NULL) + { + if(MyConnect(source_p)) + sendto_one_numeric(source_p, ERR_NOSUCHCHANNEL, + form_str(ERR_NOSUCHCHANNEL), parv[1]); + return 0; + } + + /* Dont know why these were commented out.. + * put them back using new sendto() funcs + */ + + if(IsServer(source_p)) + { + sendto_realops_flags(UMODE_ALL, L_ADMIN, + "*** Mode for User %s from %s", parv[1], source_p->name); + return 0; + } + + if(source_p != target_p || target_p->from != source_p->from) + { + sendto_one(source_p, form_str(ERR_USERSDONTMATCH), me.name, source_p->name); + return 0; + } + + + if(parc < 3) + { + m = buf; + *m++ = '+'; + + for (i = 0; user_modes[i].letter && (m - buf < BUFSIZE - 4); i++) + if(source_p->umodes & user_modes[i].mode) + *m++ = user_modes[i].letter; + *m = '\0'; + sendto_one(source_p, form_str(RPL_UMODEIS), me.name, source_p->name, buf); + return 0; + } + + /* find flags already set for user */ + setflags = source_p->umodes; + + /* + * parse mode change string(s) + */ + for (p = &parv[2]; p && *p; p++) + for (pm = *p; *pm; pm++) + switch (*pm) + { + case '+': + what = MODE_ADD; + break; + case '-': + what = MODE_DEL; + break; + + case 'o': + if(what == MODE_ADD) + { + if(IsServer(client_p) && !IsOper(source_p)) + { + ++Count.oper; + SetOper(source_p); + } + } + else + { + /* Only decrement the oper counts if an oper to begin with + * found by Pat Szuta, Perly , perly@xnet.com + */ + + if(!IsOper(source_p)) + break; + + ClearOper(source_p); + source_p->umodes &= ~ConfigFileEntry.oper_only_umodes; + + Count.oper--; + + if(MyConnect(source_p)) + { + source_p->flags2 &= ~OPER_FLAGS; + + MyFree(source_p->localClient->opername); + source_p->localClient->opername = NULL; + + dlinkFindDestroy(&oper_list, source_p); + } + } + break; + + /* we may not get these, + * but they shouldnt be in default + */ + case ' ': + case '\n': + case '\r': + case '\t': + break; + + default: + if((flag = user_modes_from_c_to_bitmask[(unsigned char) *pm])) + { + if(MyConnect(source_p) + && !IsOper(source_p) + && (ConfigFileEntry.oper_only_umodes & flag)) + { + badflag = YES; + } + else + { + if(what == MODE_ADD) + source_p->umodes |= flag; + else + source_p->umodes &= ~flag; + } + } + else + { + if(MyConnect(source_p)) + badflag = YES; + } + break; + } + + if(badflag) + sendto_one(source_p, form_str(ERR_UMODEUNKNOWNFLAG), me.name, source_p->name); + + if((source_p->umodes & UMODE_NCHANGE) && !IsOperN(source_p)) + { + sendto_one(source_p, + ":%s NOTICE %s :*** You need oper and N flag for +n", me.name, parv[0]); + source_p->umodes &= ~UMODE_NCHANGE; /* only tcm's really need this */ + } + + if(MyConnect(source_p) && (source_p->umodes & UMODE_ADMIN) && + (!IsOperAdmin(source_p) || IsOperHiddenAdmin(source_p))) + { + sendto_one(source_p, + ":%s NOTICE %s :*** You need oper and A flag for +a", me.name, parv[0]); + source_p->umodes &= ~UMODE_ADMIN; + } + + + if(!(setflags & UMODE_INVISIBLE) && IsInvisible(source_p)) + ++Count.invisi; + if((setflags & UMODE_INVISIBLE) && !IsInvisible(source_p)) + --Count.invisi; + /* + * compare new flags with old flags and send string which + * will cause servers to update correctly. + */ + send_umode_out(client_p, source_p, setflags); + + return (0); +} + +/* + * send the MODE string for user (user) to connection client_p + * -avalon + */ +void +send_umode(struct Client *client_p, struct Client *source_p, int old, int sendmask, char *umode_buf) +{ + int i; + int flag; + char *m; + int what = 0; + + /* + * build a string in umode_buf to represent the change in the user's + * mode between the new (source_p->flag) and 'old'. + */ + m = umode_buf; + *m = '\0'; + + for (i = 0; user_modes[i].letter; i++) + { + flag = user_modes[i].mode; + + if(MyClient(source_p) && !(flag & sendmask)) + continue; + if((flag & old) && !(source_p->umodes & flag)) + { + if(what == MODE_DEL) + *m++ = user_modes[i].letter; + else + { + what = MODE_DEL; + *m++ = '-'; + *m++ = user_modes[i].letter; + } + } + else if(!(flag & old) && (source_p->umodes & flag)) + { + if(what == MODE_ADD) + *m++ = user_modes[i].letter; + else + { + what = MODE_ADD; + *m++ = '+'; + *m++ = user_modes[i].letter; + } + } + } + *m = '\0'; + if(*umode_buf && client_p) + sendto_one(client_p, ":%s MODE %s :%s", source_p->name, source_p->name, umode_buf); +} + +/* + * send_umode_out + * + * inputs - + * output - NONE + * side effects - + */ +void +send_umode_out(struct Client *client_p, struct Client *source_p, int old) +{ + struct Client *target_p; + char buf[BUFSIZE]; + dlink_node *ptr; + + send_umode(NULL, source_p, old, SEND_UMODES, buf); + + DLINK_FOREACH(ptr, serv_list.head) + { + target_p = ptr->data; + + if((target_p != client_p) && (target_p != source_p) && (*buf)) + { + sendto_one(target_p, ":%s MODE %s :%s", + get_id(source_p, target_p), + get_id(source_p, target_p), buf); + } + } + + if(client_p && MyClient(client_p)) + send_umode(client_p, source_p, old, ALL_UMODES, buf); +} + +/* + * user_welcome + * + * inputs - client pointer to client to welcome + * output - NONE + * side effects - + */ +void +user_welcome(struct Client *source_p) +{ + sendto_one(source_p, form_str(RPL_WELCOME), me.name, source_p->name, + ServerInfo.network_name, source_p->name); + sendto_one(source_p, form_str(RPL_YOURHOST), me.name, + source_p->name, + get_listener_name(source_p->localClient->listener), ircd_version); + + sendto_one(source_p, form_str(RPL_CREATED), me.name, source_p->name, creation); + sendto_one(source_p, form_str(RPL_MYINFO), me.name, source_p->name, me.name, ircd_version); + + show_isupport(source_p); + + show_lusers(source_p); + + if(ConfigFileEntry.short_motd) + { + sendto_one(source_p, + "NOTICE %s :*** Notice -- motd was last changed at %s", + source_p->name, user_motd_changed); + + sendto_one(source_p, + "NOTICE %s :*** Notice -- Please read the motd if you haven't read it", + source_p->name); + + sendto_one(source_p, form_str(RPL_MOTDSTART), + me.name, source_p->name, me.name); + + sendto_one(source_p, form_str(RPL_MOTD), + me.name, source_p->name, "*** This is the short motd ***"); + + sendto_one(source_p, form_str(RPL_ENDOFMOTD), me.name, source_p->name); + } + else + send_user_motd(source_p); +} + +/* oper_up() + * + * inputs - pointer to given client to oper + * - pointer to ConfItem to use + * output - none + * side effects - opers up source_p using aconf for reference + */ +int +oper_up(struct Client *source_p, struct oper_conf *oper_p) +{ + int old = (source_p->umodes & ALL_UMODES); + + SetOper(source_p); + + if(oper_p->umodes) + source_p->umodes |= oper_p->umodes & ALL_UMODES; + else if(ConfigFileEntry.oper_umodes) + source_p->umodes |= ConfigFileEntry.oper_umodes & ALL_UMODES; + else + source_p->umodes |= DEFAULT_OPER_UMODES & ALL_UMODES; + + Count.oper++; + + SetExemptKline(source_p); + + source_p->flags2 |= oper_p->flags; + DupString(source_p->localClient->opername, oper_p->name); + + dlinkAddAlloc(source_p, &oper_list); + + if(IsOperAdmin(source_p) && !IsOperHiddenAdmin(source_p)) + source_p->umodes |= UMODE_ADMIN; + if(!IsOperN(source_p)) + source_p->umodes &= ~UMODE_NCHANGE; + + sendto_realops_flags(UMODE_ALL, L_ALL, + "%s (%s@%s) is now an operator", source_p->name, + source_p->username, source_p->host); + send_umode_out(source_p, source_p, old); + sendto_one(source_p, form_str(RPL_YOUREOPER), me.name, source_p->name); + sendto_one(source_p, ":%s NOTICE %s :*** Oper privs are %s", me.name, + source_p->name, get_oper_privs(oper_p->flags)); + send_oper_motd(source_p); + + return (1); +}