aboutsummaryrefslogtreecommitdiff
path: root/modules/spanningtree/server.cpp
diff options
context:
space:
mode:
authorGravatar Sadie Powell2024-07-17 00:06:50 +0100
committerGravatar Sadie Powell2024-07-17 00:06:50 +0100
commit889d521e05f2e922683d48c74eb00290e7a2f548 (patch)
treeb4c56bd4cdf0881601c7e4d6ff571e491af10bf4 /modules/spanningtree/server.cpp
parentUse std::endian from C++20 in the sha1 module. (diff)
Shuffle the modules about a bit.
Diffstat (limited to 'modules/spanningtree/server.cpp')
-rw-r--r--modules/spanningtree/server.cpp251
1 files changed, 251 insertions, 0 deletions
diff --git a/modules/spanningtree/server.cpp b/modules/spanningtree/server.cpp
new file mode 100644
index 000000000..2da9e2a00
--- /dev/null
+++ b/modules/spanningtree/server.cpp
@@ -0,0 +1,251 @@
+/*
+ * InspIRCd -- Internet Relay Chat Daemon
+ *
+ * Copyright (C) 2017-2020, 2022-2024 Sadie Powell <sadie@witchery.services>
+ * Copyright (C) 2013-2016 Attila Molnar <attilamolnar@hush.com>
+ * Copyright (C) 2012, 2019 Robby <robby@chatbelgie.be>
+ * Copyright (C) 2009-2010 Daniel De Graaf <danieldg@inspircd.org>
+ * Copyright (C) 2009 Uli Schlachter <psychon@znc.in>
+ * Copyright (C) 2008-2010 Craig Edwards <brain@inspircd.org>
+ * Copyright (C) 2008 Robin Burchell <robin+git@viroteck.net>
+ *
+ * This file is part of InspIRCd. InspIRCd is free software: you can
+ * redistribute it and/or modify it under the terms of the GNU General Public
+ * License as published by the Free Software Foundation, version 2.
+ *
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+
+#include "inspircd.h"
+#include "modules/ssl.h"
+
+#include "main.h"
+#include "utils.h"
+#include "link.h"
+#include "treeserver.h"
+#include "treesocket.h"
+#include "commands.h"
+
+/*
+ * Some server somewhere in the network introducing another server.
+ * -- w
+ */
+CmdResult CommandServer::HandleServer(TreeServer* ParentOfThis, Params& params)
+{
+ const std::string& servername = params[0];
+ const std::string& sid = params[1];
+ const std::string& description = params.back();
+ TreeSocket* socket = ParentOfThis->GetSocket();
+
+ if (!InspIRCd::IsSID(sid))
+ {
+ socket->SendError("Invalid format server ID: "+sid+"!");
+ return CmdResult::FAILURE;
+ }
+ TreeServer* CheckDupe = Utils->FindServer(servername);
+ if (CheckDupe)
+ {
+ socket->SendError("Server "+servername+" already exists!");
+ ServerInstance->SNO.WriteToSnoMask('L', "Server \002"+CheckDupe->GetName()+"\002 being introduced from \002" + ParentOfThis->GetName() + "\002 denied, already exists. Closing link with " + ParentOfThis->GetName());
+ return CmdResult::FAILURE;
+ }
+ CheckDupe = Utils->FindServer(sid);
+ if (CheckDupe)
+ {
+ socket->SendError("Server ID "+sid+" already exists! You may want to specify the server ID for the server manually with <server:id> so they do not conflict.");
+ ServerInstance->SNO.WriteToSnoMask('L', "Server \002"+servername+"\002 being introduced from \002" + ParentOfThis->GetName() + "\002 denied, server ID already exists on the network. Closing link with " + ParentOfThis->GetName());
+ return CmdResult::FAILURE;
+ }
+
+ TreeServer* route = ParentOfThis->GetRoute();
+ std::shared_ptr<Link> lnk = Utils->FindLink(route->GetName());
+ auto* Node = new TreeServer(servername, description, sid, ParentOfThis, ParentOfThis->GetSocket(), lnk ? lnk->Hidden : false);
+
+ HandleExtra(Node, params);
+
+ ServerInstance->SNO.WriteToSnoMask('L', "Server \002"+ParentOfThis->GetName()+"\002 introduced server \002"+servername+"\002 ("+description+")");
+ return CmdResult::SUCCESS;
+}
+
+void CommandServer::HandleExtra(TreeServer* newserver, Params& params)
+{
+ for (CommandBase::Params::const_iterator i = params.begin() + 2; i != params.end() - 1; ++i)
+ {
+ const std::string& prop = *i;
+ std::string::size_type p = prop.find('=');
+
+ std::string key = prop;
+ std::string val;
+ if (p != std::string::npos)
+ {
+ key.erase(p);
+ val.assign(prop, p+1, std::string::npos);
+ }
+
+ if (irc::equals(key, "burst"))
+ newserver->BeginBurst(ConvToNum<uint64_t>(val));
+ else if (irc::equals(key, "hidden"))
+ newserver->Hidden = ConvToNum<bool>(val);
+ }
+}
+
+std::shared_ptr<Link> TreeSocket::AuthRemote(const CommandBase::Params& params)
+{
+ size_t offset = proto_version == PROTO_INSPIRCD_3;
+ if (params.size() < 4+offset)
+ {
+ SendError("Protocol error - Not enough parameters for SERVER command");
+ return nullptr;
+ }
+
+ const std::string& sname = params[0];
+ const std::string& password = params[1];
+ const std::string& sid = params[2+offset];
+ const std::string& description = params.back();
+
+ this->SendCapabilities(2);
+
+ if (!InspIRCd::IsSID(sid))
+ {
+ this->SendError("Invalid format server ID: "+sid+"!");
+ return nullptr;
+ }
+
+ for (const auto& x : Utils->LinkBlocks)
+ {
+ if (!InspIRCd::Match(sname, x->Name))
+ continue;
+
+ if (!ComparePass(*x, password))
+ {
+ ServerInstance->SNO.WriteToSnoMask('l', "Invalid password on link: {}", x->Name);
+ continue;
+ }
+
+ if (!CheckDuplicate(sname, sid))
+ return nullptr;
+
+ const SSLIOHook* const ssliohook = SSLIOHook::IsSSL(this);
+ if (ssliohook)
+ {
+ std::string ciphersuite;
+ ssliohook->GetCiphersuite(ciphersuite);
+ ServerInstance->SNO.WriteToSnoMask('l', "Negotiated ciphersuite {} on link {}", ciphersuite, x->Name);
+ }
+ else if (!capab->remotesa.is_local())
+ {
+ this->SendError("Non-local server connections MUST be linked with SSL!");
+ return nullptr;
+ }
+
+ ServerInstance->SNO.WriteToSnoMask('l', "Verified server connection " + linkID + " ("+description+")");
+ return x;
+ }
+
+ this->SendError("Mismatched server name or password (check the other server's snomask output for details - e.g. user mode +s +Ll)");
+ ServerInstance->SNO.WriteToSnoMask('l', "Server connection from \002"+sname+"\002 denied, invalid link credentials");
+ return nullptr;
+}
+
+/*
+ * This is used after the other side of a connection has accepted our credentials.
+ * They are then introducing themselves to us, BEFORE either of us burst. -- w
+ */
+bool TreeSocket::Outbound_Reply_Server(CommandBase::Params& params)
+{
+ const std::shared_ptr<Link> x = AuthRemote(params);
+ if (x)
+ {
+ /*
+ * They're in WAIT_AUTH_2 (having accepted our credentials).
+ * Set our state to CONNECTED (since everything's peachy so far) and send our
+ * netburst to them, which will trigger their CONNECTED state, and BURST in reply.
+ *
+ * While we're at it, create a treeserver object so we know about them.
+ * -- w
+ */
+ FinishAuth(params[0], params[proto_version == PROTO_INSPIRCD_3 ? 3 : 2], params.back(), x->Hidden);
+
+ return true;
+ }
+
+ return false;
+}
+
+bool TreeSocket::CheckDuplicate(const std::string& sname, const std::string& sid)
+{
+ // Check if the server name is not in use by a server that's already fully connected
+ TreeServer* CheckDupe = Utils->FindServer(sname);
+ if (CheckDupe)
+ {
+ std::string pname = CheckDupe->GetParent() ? CheckDupe->GetParent()->GetName() : "<ourself>";
+ SendError("Server "+sname+" already exists on server "+pname+"!");
+ ServerInstance->SNO.WriteToSnoMask('l', "Server connection from \002"+sname+"\002 denied, already exists on server "+pname);
+ return false;
+ }
+
+ // Check if the id is not in use by a server that's already fully connected
+ ServerInstance->Logs.Debug(MODNAME, "Looking for dupe SID {}", sid);
+ CheckDupe = Utils->FindServerID(sid);
+
+ if (CheckDupe)
+ {
+ this->SendError("Server ID "+CheckDupe->GetId()+" already exists on server "+CheckDupe->GetName()+"! You may want to specify the server ID for the server manually with <server:id> so they do not conflict.");
+ ServerInstance->SNO.WriteToSnoMask('l', "Server connection from \002"+sname+"\002 denied, server ID '"+CheckDupe->GetId()+
+ "' already exists on server "+CheckDupe->GetName());
+ return false;
+ }
+
+ return true;
+}
+
+/*
+ * Someone else is attempting to connect to us if this is called. Validate their credentials etc.
+ * -- w
+ */
+bool TreeSocket::Inbound_Server(CommandBase::Params& params)
+{
+ const std::shared_ptr<Link> x = AuthRemote(params);
+ if (x)
+ {
+ // Save these for later, so when they accept our credentials (indicated by BURST) we remember them
+ this->capab->hidden = x->Hidden;
+ this->capab->sid = params[proto_version == PROTO_INSPIRCD_3 ? 3 : 2];
+ this->capab->description = params.back();
+ this->capab->name = params[0];
+
+ // Send our details: Our server name and description and hopcount of 0,
+ // along with the sendpass from this block.
+ this->WriteLine(fmt::format("SERVER {} {} {}{} :{}",
+ ServerInstance->Config->ServerName,
+ TreeSocket::MakePass(x->SendPass, this->GetTheirChallenge()),
+ proto_version == PROTO_INSPIRCD_3 ? "0 " : "",
+ ServerInstance->Config->ServerId,
+ ServerInstance->Config->ServerDesc
+ ));
+
+ // move to the next state, we are now waiting for THEM.
+ this->LinkState = WAIT_AUTH_2;
+ return true;
+ }
+
+ return false;
+}
+
+CommandServer::Builder::Builder(TreeServer* server)
+ : CmdBuilder(server->GetParent(), "SERVER")
+{
+ push(server->GetName());
+ push(server->GetId());
+ if (server->IsBursting())
+ push_property("burst", ConvToStr(server->StartBurst));
+ push_property("hidden", ConvToStr(server->Hidden));
+ push_last(server->GetDesc());
+}