diff -ru ircd-hybrid-6b122/include/client.h ircd-hybrid-6b122+bureq+chevapi/include/client.h --- ircd-hybrid-6b122/include/client.h Sat Sep 4 22:21:07 1999 +++ ircd-hybrid-6b122+bureq+chevapi/include/client.h Mon May 22 22:32:12 2000 @@ -332,6 +332,10 @@ #define FLAGS_OPER 0x4000 /* Operator */ #define FLAGS_LOCOP 0x8000 /* Local operator -- SRB */ +/* stealth and god flags, only usable by global opers -senko */ +#define FLAGS_STEALTH 0x10000 /* stealth flag */ +#define FLAGS_GOD 0x20000 /* God flag */ + /* *sigh* overflow flags */ #define FLAGS2_RESTRICTED 0x0001 /* restricted client */ #define FLAGS2_PING_TIMEOUT 0x0002 @@ -374,14 +378,17 @@ #define SEND_UMODES (FLAGS_INVISIBLE | FLAGS_OPER | FLAGS_WALLOP) + #define ALL_UMODES (SEND_UMODES | FLAGS_SERVNOTICE | FLAGS_CCONN | \ FLAGS_REJ | FLAGS_SKILL | FLAGS_FULL | FLAGS_SPY | \ FLAGS_NCHANGE | FLAGS_OPERWALL | FLAGS_DEBUG | \ - FLAGS_BOTS | FLAGS_EXTERNAL ) + FLAGS_BOTS | FLAGS_EXTERNAL | \ + FLAGS_STEALTH | FLAGS_GOD ) #ifndef OPER_UMODES #define OPER_UMODES (FLAGS_OPER | FLAGS_WALLOP | FLAGS_SERVNOTICE | \ - FLAGS_SPY | FLAGS_OPERWALL | FLAGS_DEBUG | FLAGS_BOTS) + FLAGS_SPY | FLAGS_OPERWALL | FLAGS_DEBUG | FLAGS_BOTS | \ + FLAG_STEALTH | FLAGS_GOD ) #endif /* OPER_UMODES */ #ifndef LOCOP_UMODES @@ -432,6 +439,12 @@ #define SendNickChange(x) ((x)->umodes & FLAGS_NCHANGE) #define SetWallops(x) ((x)->umodes |= FLAGS_WALLOP) +#ifdef STEALTH_OPERS +#define IsStealth(x) (((x)->umodes & FLAGS_STEALTH) && IsOper(x)) +#endif /* STEALTH_OPERS */ +#ifdef IRC_GODS +#define IsGod(x) (((x)->umodes & FLAGS_GOD) && IsOper(x)) +#endif /* IRC_GODS */ #ifdef REJECT_HOLD #define IsRejectHeld(x) ((x)->flags & FLAGS_REJECT_HOLD) diff -ru ircd-hybrid-6b122/include/config.h ircd-hybrid-6b122+bureq+chevapi/include/config.h --- ircd-hybrid-6b122/include/config.h Tue Feb 1 04:25:02 2000 +++ ircd-hybrid-6b122+bureq+chevapi/include/config.h Mon May 22 22:32:12 2000 @@ -51,7 +51,7 @@ * system limits. If you know what you are doing, increase them now */ -#define HARD_FDLIMIT_ 256 +#define HARD_FDLIMIT_ 1024 #define INIT_MAXCLIENTS 200 /* @@ -90,8 +90,8 @@ * */ -#define DPATH "/usr/local/ircd/" -#define SPATH "/usr/local/ircd/ircd" +#define DPATH "/etc/ircd/hybrid/" +#define SPATH "/etc/ircd/hybrid/ircd" #define CPATH "ircd.conf" #define KPATH "kline.conf" #define DLPATH "kline.conf" @@ -114,7 +114,7 @@ * implementation. Once pre-hybrid5.2 servers are eradicated, we can drop this * down to 90 seconds or so. --Rodder */ -#define TS_MAX_DELTA 300 /* seconds */ +#define TS_MAX_DELTA 3000 /* seconds */ #define TS_WARN_DELTA 30 /* seconds */ /* SLAVE_SERVERS - Use this to send LOCOPS and KLINES to servers you define @@ -143,8 +143,8 @@ * * These need to be defined if you want to use SYSLOG logging, too. */ -#define FNAME_USERLOG "/usr/local/ircd/users" /* */ -#define FNAME_OPERLOG "/usr/local/ircd/opers" /* */ +#define FNAME_USERLOG "/etc/ircd/hybrid/users" /* */ +#define FNAME_OPERLOG "/etc/ircd/hybrid/opers" /* */ /* RFC1035_ANAL * Defining this causes ircd to reject hostnames with non-compliant chars. @@ -297,7 +297,7 @@ * no point forcing MOTD on connecting clients IMO. Give them a short * NOTICE telling them they should read the motd, and leave it at that. */ -#undef SHORT_MOTD +#define SHORT_MOTD /* NO_OPER_FLOOD - disable flood control for opers * define this to remove flood control for opers @@ -325,7 +325,7 @@ * Above 4 will only give a rather marginal increase in compression for a * large increase in CPU usage. */ -#define ZIP_LEVEL 2 +#define ZIP_LEVEL 6 /* * OPER_UMODES LOCOP_UMODES - set these to be the initial umodes when OPER'ing @@ -398,7 +398,7 @@ * this option is used unless you tell the system administrator beforehand * and obtain their permission to send messages to the system log files. */ -#define USE_SYSLOG +#undef USE_SYSLOG #if defined(__CYGWIN__) #undef USE_SYSLOG @@ -908,6 +908,31 @@ * As configured here, a GLINE will last 12 hours */ #define GLINE_TIME (12*3600) + +/* ----------------- CARNet patches section --------------------------- */ +/* This uses KLINE/DLINE propagation, with UNKLINE propagation, as well. + * For remote *LINE it should say `remote request' as reason -kre */ +#define KLINE_PROPAGATION + +/* STEALTH_OPERS - Global opers can set +S (stealth) mode and make + * themselves invisible even on whois/userhost, except from other + * opers. -senko */ +#define STEALTH_OPERS + +/* IRC_GODS - Global opers can set +G (God) mode and make themselves + * all-mighty. Oper with +G mode can't be kicked, can set chanmodes and + * topic and kick people without being chanop, and can enter and speak + * in any channel regardles of +b, +i, +l, +m and +k channel modes. Still, + * god can't enter juped channel (who know what kind of bugs that could + * trigger) and can't op himself. -senko */ +#define IRC_GODS + +/* IP_MASK_PREFIX - used for masking (not spoofing!) IP addresses, useful + * to protect dialin users by hiding their real IP. Fake IP is generated + * from real IP by 16bit crc-like algorithm and encoded with a-z + * letters. Prefix is prepended to the encoded value, and domain + * name is appended, just like in normal spoofing I line. -senko */ +#define IP_MASK_PREFIX "dialin-" /* ----------------- archaic and/or broken section -------------------- */ #undef DNS_DEBUG diff -ru ircd-hybrid-6b122/include/patchlevel.h ircd-hybrid-6b122+bureq+chevapi/include/patchlevel.h --- ircd-hybrid-6b122/include/patchlevel.h Sun Apr 2 15:59:00 2000 +++ ircd-hybrid-6b122+bureq+chevapi/include/patchlevel.h Mon May 22 22:32:12 2000 @@ -17,5 +17,5 @@ */ #ifndef PATCHLEVEL -#define PATCHLEVEL "2.8/hybrid-6b122" +#define PATCHLEVEL "2.8/hybrid-6b122/bureq+chevapi" #endif diff -ru ircd-hybrid-6b122/include/s_conf.h ircd-hybrid-6b122+bureq+chevapi/include/s_conf.h --- ircd-hybrid-6b122/include/s_conf.h Tue Aug 10 05:32:14 1999 +++ ircd-hybrid-6b122+bureq+chevapi/include/s_conf.h Mon May 22 22:32:12 2000 @@ -281,6 +281,7 @@ #define CONF_FLAGS_ALLOW_AUTO_CONN 0x0400 #define CONF_FLAGS_ZIP_LINK 0x0800 #define CONF_FLAGS_SPOOF_IP 0x1000 +#define CONF_FLAGS_MASK_IP 0x2000 #ifdef LITTLE_I_LINES #define CONF_FLAGS_LITTLE_I_LINE 0x8000 @@ -305,6 +306,7 @@ #define IsConfDoIdentd(x) ((x)->flags & CONF_FLAGS_DO_IDENTD) #define IsConfDoSpoofIp(x) ((x)->flags & CONF_FLAGS_SPOOF_IP) +#define IsConfDoMaskIp(x) ((x)->flags & CONF_FLAGS_MASK_IP) #ifdef LITTLE_I_LINES #define IsConfLittleI(x) ((x)->flags & CONF_FLAGS_LITTLE_I_LINE) #endif diff -ru ircd-hybrid-6b122/src/channel.c ircd-hybrid-6b122+bureq+chevapi/src/channel.c --- ircd-hybrid-6b122/src/channel.c Sun Jan 2 23:41:00 2000 +++ ircd-hybrid-6b122+bureq+chevapi/src/channel.c Mon May 22 22:32:12 2000 @@ -771,6 +771,13 @@ } #endif +/* IsGod checking is done before find_user_link so gods can always send + * to channel without even being there. -senko + */ +#ifdef IRC_GODS + if (IsGod(cptr)) return 0; +#endif /* IRC_GODS */ + lp = find_user_link(chptr->members, cptr); if (chptr->mode.mode & MODE_MODERATED && @@ -1168,9 +1175,16 @@ user_mode = user_channel_mode(sptr, chptr); chan_op = (user_mode & CHFL_CHANOP); +#ifdef IRC_GODS + /* has ops or is a server, OR is a God. interesting thing is that + * even God can't op himself (sanity check, performed below), but + * thats not needed anyway. -senko */ + ischop = IsServer(sptr) || chan_op || IsGod(sptr); +#else /* IRC_GODS */ /* has ops or is a server */ ischop = IsServer(sptr) || chan_op; - +#endif /* IRC_GODS */ + /* is client marked as deopped */ isdeop = !ischop && !IsServer(sptr) && (user_mode & CHFL_DEOPPED); @@ -2284,6 +2298,10 @@ } #endif +#ifdef IRC_GODS + if (IsGod(sptr)) return 0; +#endif /* IRC_GODS */ + if ( (ban_or_exception = is_banned(sptr, chptr)) == CHFL_BAN) return (ERR_BANNEDFROMCHAN); else @@ -3477,7 +3495,12 @@ * -Dianora */ + /* Some admins aren't so nice to their users. So here it goes... -senko */ +#ifdef IRC_GODS + if (!IsServer(sptr) && !is_chan_op(sptr, chptr) && !IsGod(sptr) ) +#else /* IRC_GODS */ if (!IsServer(sptr) && !is_chan_op(sptr, chptr) ) +#endif /* IRC_GODS */ { /* was a user, not a server, and user isn't seen as a chanop here */ @@ -3547,7 +3570,11 @@ return(0); } +#ifdef IRC_GODS + if (IsMember(who, chptr) && !IsGod(who)) +#else /* IRC_GODS */ if (IsMember(who, chptr)) +#endif /* IRC_GODS */ { sendto_channel_butserv(chptr, sptr, ":%s KICK %s %s :%s", parv[0], @@ -3774,7 +3801,11 @@ if(topic) /* a little extra paranoia never hurt */ { if ((chptr->mode.mode & MODE_TOPICLIMIT) == 0 || +#ifdef IRC_GODS + is_chan_op(sptr, chptr) || IsGod(sptr)) +#else /* IRC_GODS */ is_chan_op(sptr, chptr)) +#endif /* IRC_GODS */ { /* setting a topic */ /* diff -ru ircd-hybrid-6b122/src/m_kline.c ircd-hybrid-6b122+bureq+chevapi/src/m_kline.c --- ircd-hybrid-6b122/src/m_kline.c Tue Dec 14 03:41:48 1999 +++ ircd-hybrid-6b122+bureq+chevapi/src/m_kline.c Mon May 22 22:32:12 2000 @@ -423,7 +423,12 @@ else #endif { +/* If recieved message is from server, allow it! -kre */ +#ifdef KLINE_PROPAGATION + if (!IsOper(sptr) && !IsServer(sptr)) +#else if (!MyClient(sptr) || !IsAnOper(sptr)) +#endif { sendto_one(sptr, form_str(ERR_NOPRIVILEGES), me.name, parv[0]); return 0; @@ -444,6 +449,19 @@ #ifdef SLAVE_SERVERS sendto_slaves(NULL,"KLINE",sptr->name,parc,parv); +#else +#ifdef KLINE_PROPAGATION + /* OK. Send here a KLINE request to other servers -kre + * We will pass on this only when sure there are sufficient + * parameters to make it work. Example: + * KLINE [10] :cool off for 10 minutes */ + sendto_serv_butone(cptr, + ":%s KLINE %s %s :%s", + parv[0], + parv[1], + parv[2]?parv[2]:"", + parv[3]?parv[3]:"Remote server request"); +#endif #endif } @@ -1021,7 +1039,11 @@ const char* current_date; const char *dconf; +#ifdef KLINE_PROPAGATION + if (!IsAnOper(sptr) && !IsServer(sptr)) +#else if (!MyClient(sptr) || !IsAnOper(sptr)) +#endif { sendto_one(sptr, form_str(ERR_NOPRIVILEGES), me.name, parv[0]); return 0; @@ -1039,6 +1061,18 @@ me.name, parv[0], "KLINE"); return 0; } + +#ifdef KLINE_PROPAGATION + /* OK. Send here a DLINE request to other servers -kre + * We will pass on this only when sure there are sufficient + * parameters to make it work. Example: + * DLINE :cool off for 10 minutes */ + sendto_serv_butone(cptr, + ":%s DLINE %s :%s", + parv[0], + parv[1], + parv[2]?parv[2]:"Remote server request"); +#endif host = parv[1]; strncpy_irc(cidr_form_host, host, 32); diff -ru ircd-hybrid-6b122/src/m_unkline.c ircd-hybrid-6b122+bureq+chevapi/src/m_unkline.c --- ircd-hybrid-6b122/src/m_unkline.c Fri Aug 6 20:00:57 1999 +++ ircd-hybrid-6b122+bureq+chevapi/src/m_unkline.c Mon May 22 22:32:12 2000 @@ -106,6 +106,13 @@ me.name, parv[0], "UNKLINE"); return 0; } +/* Send here a UNKLINE request to other servers -kre */ +#ifdef KLINE_PROPAGATION + sendto_serv_butone(cptr, + ":%s UNKLINE %s", + parv[0], + parv[1]); +#endif if ( (host = strchr(parv[1], '@')) || *parv[1] == '*' ) { diff -ru ircd-hybrid-6b122/src/m_userhost.c ircd-hybrid-6b122+bureq+chevapi/src/m_userhost.c --- ircd-hybrid-6b122/src/m_userhost.c Sun Jan 2 23:41:01 2000 +++ ircd-hybrid-6b122+bureq+chevapi/src/m_userhost.c Mon May 22 22:32:12 2000 @@ -134,7 +134,11 @@ if ((acptr = find_person(cn, NULL))) { - ircsprintf(response[i], "%s%s=%c%s@%s", +#ifdef STEALTH_OPERS + /* if oper has stealth status, don't show his info -senko */ + if (!IsAnOper(acptr) || !IsStealth(acptr) || !IsAnOper(sptr)) +#endif /* STEALTH_OPERS */ + ircsprintf(response[i], "%s%s=%c%s@%s", acptr->name, IsAnOper(acptr) ? "*" : "", (acptr->user->away) ? '-' : '+', diff -ru ircd-hybrid-6b122/src/m_whois.c ircd-hybrid-6b122+bureq+chevapi/src/m_whois.c --- ircd-hybrid-6b122/src/m_whois.c Wed Aug 11 01:07:22 1999 +++ ircd-hybrid-6b122+bureq+chevapi/src/m_whois.c Mon May 22 22:32:12 2000 @@ -143,6 +143,7 @@ parv[1] = parv[2]; } + if(!IsAnOper(sptr) && !MyConnect(sptr)) /* pace non local requests */ { if((last_used + WHOIS_WAIT) > CurrentTime) @@ -200,6 +201,18 @@ return 0; /* continue; */ } + +#ifdef STEALTH_OPERS + /* if oper has stealth status, don't show his info, except + * if global oper requests it -senko */ + if (IsAnOper(acptr) && IsStealth(acptr) && !IsAnOper(sptr)) + { + sendto_one(sptr, form_str(ERR_NOSUCHNICK), + me.name, parv[0], nick); + return 0; + } +#endif /* STEALTH_OPERS */ + if(!IsPerson(acptr)) { sendto_one(sptr, form_str(RPL_ENDOFWHOIS), diff -ru ircd-hybrid-6b122/src/messages.tab ircd-hybrid-6b122+bureq+chevapi/src/messages.tab --- ircd-hybrid-6b122/src/messages.tab Thu Dec 23 08:10:54 1999 +++ ircd-hybrid-6b122+bureq+chevapi/src/messages.tab Mon May 22 22:32:12 2000 @@ -27,7 +27,7 @@ /* 001 RPL_WELCOME, */ ":%s 001 %s :Welcome to the Internet Relay Network %s", /* 002 RPL_YOURHOST,*/ ":%s 002 %s :Your host is %s, running version %s", /* 003 RPL_CREATED, */ ":%s 003 %s :This server was created %s", -/* 004 RPL_MYINFO, */ ":%s 004 %s %s %s oiwszcrkfydnxb biklmnopstved", +/* 004 RPL_MYINFO, */ ":%s 004 %s %s %s oiwszcrkfydnxbSG biklmnopstved", /* 005 */ (char *)NULL, /* 006 */ (char *)NULL, /* 007 */ (char *)NULL, diff -ru ircd-hybrid-6b122/src/s_conf.c ircd-hybrid-6b122+bureq+chevapi/src/s_conf.c --- ircd-hybrid-6b122/src/s_conf.c Tue Feb 1 04:25:06 2000 +++ ircd-hybrid-6b122+bureq+chevapi/src/s_conf.c Mon May 22 22:32:12 2000 @@ -452,6 +452,36 @@ SetIPHidden(cptr); } + /* Mask this user's IP + * IP 'checksum' should really be made out of IP, not resolved + * name, but this will work for now... -senko + */ + if(IsConfDoMaskIp(aconf)) + { + /* Re-implementation using CCITT CRC 16 -kre */ + unsigned crc=0, data; + int i; + char *strptr=cptr->host; + do + for (data=*strptr, i=0; i<8; ++i) + { + if ((crc & 0x0001) ^ (data & 0x0001)) + crc=(crc >> 1) ^ 0xa001; + else crc>>=1; + data>>=1; + } + while (*(++strptr)); + /* encode it.. we're using leters a-z encoding -senko */ + crc = crc & 65535; + strcpy(cptr->host, IP_MASK_PREFIX); + for (i = strlen(IP_MASK_PREFIX); crc; i++, crc /= 26) + cptr->host[i] = 'a' + (char) (crc % 26); + /* spoof it */ + strncpy_irc(&cptr->host[i], aconf->name, HOSTLEN - i); + SetIPSpoof(cptr); + SetIPHidden(cptr); + } + #ifdef LIMIT_UH return(attach_iline(cptr, aconf, username)); #else @@ -1736,6 +1762,9 @@ { case '=': aconf->flags |= CONF_FLAGS_SPOOF_IP; + break; + case '_': /* client has masked IP -senko */ + aconf->flags |= CONF_FLAGS_MASK_IP; break; case '!': aconf->flags |= CONF_FLAGS_LIMIT_IP; diff -ru ircd-hybrid-6b122/src/s_user.c ircd-hybrid-6b122+bureq+chevapi/src/s_user.c --- ircd-hybrid-6b122/src/s_user.c Tue Feb 1 04:25:07 2000 +++ ircd-hybrid-6b122+bureq+chevapi/src/s_user.c Mon May 22 22:32:12 2000 @@ -93,6 +93,12 @@ {FLAGS_EXTERNAL, 'x'}, {FLAGS_SPY, 'y'}, {FLAGS_OPERWALL, 'z'}, +#ifdef STEALTH_OPERS + {FLAGS_STEALTH, 'S'}, +#endif /* STEALTH_OPERS */ +#ifdef IRC_GODS + {FLAGS_GOD, 'G'}, +#endif /* IRC_GODS */ {0, 0} }; @@ -111,7 +117,11 @@ 0, /* D */ 0, /* E */ 0, /* F */ - 0, /* G */ +#ifdef IRC_GODS + FLAGS_GOD, /* G */ +#else /* IRC_GODS */ + 0, /* G */ +#endif /* IRC_GODS */ 0, /* H */ 0, /* I */ 0, /* J */ @@ -123,7 +133,11 @@ 0, /* P */ 0, /* Q */ 0, /* R */ - 0, /* S */ +#ifdef STEALTH_OPERS + FLAGS_STEALTH, /* S */ +#else /* STEALTH_OPERS */ + 0, /* S */ +#endif /* STEALTH_OPERS */ 0, /* T */ 0, /* U */ 0, /* V */