2008-08-17 13:27:59 +02:00
|
|
|
/*
|
|
|
|
* charybdis: an advanced ircd.
|
|
|
|
* privilege.c: Dynamic privileges API.
|
|
|
|
*
|
|
|
|
* Copyright (c) 2008 William Pitcock <nenolod@dereferenced.org>
|
|
|
|
*
|
|
|
|
* Permission to use, copy, modify, and/or distribute this software for any
|
|
|
|
* purpose with or without fee is hereby granted, provided that the above
|
|
|
|
* copyright notice and this permission notice is present in all copies.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
|
|
|
|
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
|
|
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
|
|
* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
|
|
|
|
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
|
|
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
|
|
|
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
|
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
|
|
|
|
* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
|
|
|
|
* POSSIBILITY OF SUCH DAMAGE.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <stdinc.h>
|
2008-12-14 18:25:15 +01:00
|
|
|
#include "s_conf.h"
|
2008-08-17 13:27:59 +02:00
|
|
|
#include "privilege.h"
|
2009-01-18 01:35:24 +01:00
|
|
|
#include "numeric.h"
|
2013-09-10 07:35:56 +02:00
|
|
|
#include "s_assert.h"
|
|
|
|
#include "logger.h"
|
|
|
|
#include "send.h"
|
2008-08-17 13:27:59 +02:00
|
|
|
|
|
|
|
static rb_dlink_list privilegeset_list = {};
|
|
|
|
|
|
|
|
int
|
|
|
|
privilegeset_in_set(struct PrivilegeSet *set, const char *priv)
|
|
|
|
{
|
|
|
|
s_assert(set != NULL);
|
|
|
|
s_assert(priv != NULL);
|
|
|
|
|
|
|
|
return strstr(set->privs, priv) != NULL;
|
|
|
|
}
|
|
|
|
|
2008-12-14 18:25:15 +01:00
|
|
|
static struct PrivilegeSet *
|
|
|
|
privilegeset_get_any(const char *name)
|
|
|
|
{
|
|
|
|
rb_dlink_node *iter;
|
|
|
|
|
|
|
|
s_assert(name != NULL);
|
|
|
|
|
|
|
|
RB_DLINK_FOREACH(iter, privilegeset_list.head)
|
|
|
|
{
|
|
|
|
struct PrivilegeSet *set = (struct PrivilegeSet *) iter->data;
|
|
|
|
|
|
|
|
if (!strcasecmp(set->name, name))
|
|
|
|
return set;
|
|
|
|
}
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2008-08-17 13:27:59 +02:00
|
|
|
struct PrivilegeSet *
|
|
|
|
privilegeset_set_new(const char *name, const char *privs, PrivilegeFlags flags)
|
|
|
|
{
|
|
|
|
struct PrivilegeSet *set;
|
|
|
|
|
2008-12-14 18:25:15 +01:00
|
|
|
set = privilegeset_get_any(name);
|
|
|
|
if (set != NULL)
|
|
|
|
{
|
|
|
|
if (!(set->status & CONF_ILLEGAL))
|
|
|
|
ilog(L_MAIN, "Duplicate privset %s", name);
|
|
|
|
set->status &= ~CONF_ILLEGAL;
|
|
|
|
rb_free(set->privs);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
set = rb_malloc(sizeof(struct PrivilegeSet));
|
|
|
|
set->status = 0;
|
|
|
|
set->refs = 0;
|
|
|
|
set->name = rb_strdup(name);
|
2008-08-17 13:35:49 +02:00
|
|
|
|
2008-12-14 18:25:15 +01:00
|
|
|
rb_dlinkAdd(set, &set->node, &privilegeset_list);
|
|
|
|
}
|
2008-08-17 13:27:59 +02:00
|
|
|
set->privs = rb_strdup(privs);
|
|
|
|
set->flags = flags;
|
|
|
|
|
|
|
|
return set;
|
|
|
|
}
|
|
|
|
|
2008-08-17 13:35:49 +02:00
|
|
|
struct PrivilegeSet *
|
|
|
|
privilegeset_extend(struct PrivilegeSet *parent, const char *name, const char *privs, PrivilegeFlags flags)
|
|
|
|
{
|
|
|
|
struct PrivilegeSet *set;
|
|
|
|
|
|
|
|
s_assert(parent != NULL);
|
|
|
|
s_assert(name != NULL);
|
|
|
|
s_assert(privs != NULL);
|
|
|
|
|
2008-12-14 18:25:15 +01:00
|
|
|
set = privilegeset_get_any(name);
|
|
|
|
if (set != NULL)
|
|
|
|
{
|
|
|
|
if (!(set->status & CONF_ILLEGAL))
|
|
|
|
ilog(L_MAIN, "Duplicate privset %s", name);
|
|
|
|
set->status &= ~CONF_ILLEGAL;
|
|
|
|
rb_free(set->privs);
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
set = rb_malloc(sizeof(struct PrivilegeSet));
|
|
|
|
set->status = 0;
|
|
|
|
set->refs = 0;
|
|
|
|
set->name = rb_strdup(name);
|
|
|
|
|
|
|
|
rb_dlinkAdd(set, &set->node, &privilegeset_list);
|
|
|
|
}
|
2008-08-17 13:35:49 +02:00
|
|
|
set->flags = flags;
|
|
|
|
set->privs = rb_malloc(strlen(parent->privs) + 1 + strlen(privs) + 1);
|
2008-08-17 14:47:06 +02:00
|
|
|
strcpy(set->privs, parent->privs);
|
2008-08-17 13:35:49 +02:00
|
|
|
strcat(set->privs, " ");
|
|
|
|
strcat(set->privs, privs);
|
|
|
|
|
|
|
|
return set;
|
|
|
|
}
|
|
|
|
|
2008-08-17 13:27:59 +02:00
|
|
|
struct PrivilegeSet *
|
|
|
|
privilegeset_get(const char *name)
|
|
|
|
{
|
2008-12-14 18:25:15 +01:00
|
|
|
struct PrivilegeSet *set;
|
2008-08-17 13:27:59 +02:00
|
|
|
|
2008-12-14 18:25:15 +01:00
|
|
|
set = privilegeset_get_any(name);
|
|
|
|
if (set != NULL && set->status & CONF_ILLEGAL)
|
|
|
|
set = NULL;
|
|
|
|
return set;
|
2008-08-17 13:27:59 +02:00
|
|
|
}
|
|
|
|
|
2008-08-17 15:22:56 +02:00
|
|
|
struct PrivilegeSet *
|
2008-08-17 13:27:59 +02:00
|
|
|
privilegeset_ref(struct PrivilegeSet *set)
|
|
|
|
{
|
|
|
|
s_assert(set != NULL);
|
|
|
|
|
|
|
|
set->refs++;
|
2008-08-17 15:22:56 +02:00
|
|
|
|
|
|
|
return set;
|
2008-08-17 13:27:59 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
privilegeset_unref(struct PrivilegeSet *set)
|
|
|
|
{
|
|
|
|
s_assert(set != NULL);
|
|
|
|
|
2008-12-14 18:25:15 +01:00
|
|
|
if (set->refs > 0)
|
|
|
|
set->refs--;
|
|
|
|
else
|
|
|
|
ilog(L_MAIN, "refs on privset %s is already 0",
|
|
|
|
set->name);
|
|
|
|
if (set->refs == 0 && set->status & CONF_ILLEGAL)
|
2008-08-17 13:27:59 +02:00
|
|
|
{
|
|
|
|
rb_dlinkDelete(&set->node, &privilegeset_list);
|
|
|
|
|
|
|
|
rb_free(set->name);
|
|
|
|
rb_free(set->privs);
|
|
|
|
rb_free(set);
|
|
|
|
}
|
|
|
|
}
|
2008-12-14 18:25:15 +01:00
|
|
|
|
|
|
|
void
|
|
|
|
privilegeset_mark_all_illegal(void)
|
|
|
|
{
|
|
|
|
rb_dlink_node *iter;
|
|
|
|
|
|
|
|
RB_DLINK_FOREACH(iter, privilegeset_list.head)
|
|
|
|
{
|
|
|
|
struct PrivilegeSet *set = (struct PrivilegeSet *) iter->data;
|
|
|
|
|
2008-12-27 23:13:48 +01:00
|
|
|
/* the "default" privset is special and must remain available */
|
|
|
|
if (!strcmp(set->name, "default"))
|
|
|
|
continue;
|
|
|
|
|
2008-12-14 18:25:15 +01:00
|
|
|
set->status |= CONF_ILLEGAL;
|
2009-01-18 01:39:41 +01:00
|
|
|
rb_free(set->privs);
|
|
|
|
set->privs = rb_strdup("");
|
2008-12-14 18:25:15 +01:00
|
|
|
/* but do not free it yet */
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
void
|
|
|
|
privilegeset_delete_all_illegal(void)
|
|
|
|
{
|
|
|
|
rb_dlink_node *iter, *next;
|
|
|
|
|
|
|
|
RB_DLINK_FOREACH_SAFE(iter, next, privilegeset_list.head)
|
|
|
|
{
|
|
|
|
struct PrivilegeSet *set = (struct PrivilegeSet *) iter->data;
|
|
|
|
|
|
|
|
privilegeset_ref(set);
|
|
|
|
privilegeset_unref(set);
|
|
|
|
}
|
|
|
|
}
|
2009-01-18 01:35:24 +01:00
|
|
|
|
|
|
|
void
|
|
|
|
privilegeset_report(struct Client *source_p)
|
|
|
|
{
|
|
|
|
rb_dlink_node *ptr;
|
|
|
|
|
|
|
|
RB_DLINK_FOREACH(ptr, privilegeset_list.head)
|
|
|
|
{
|
|
|
|
struct PrivilegeSet *set = ptr->data;
|
|
|
|
|
|
|
|
/* use RPL_STATSDEBUG for now -- jilles */
|
|
|
|
sendto_one_numeric(source_p, RPL_STATSDEBUG,
|
|
|
|
"O :%s %s",
|
|
|
|
set->name,
|
|
|
|
set->privs);
|
|
|
|
}
|
|
|
|
}
|