summaryrefslogtreecommitdiff
path: root/xD.c
diff options
context:
space:
mode:
Diffstat (limited to 'xD.c')
-rw-r--r--xD.c4079
1 files changed, 4079 insertions, 0 deletions
diff --git a/xD.c b/xD.c
new file mode 100644
index 0000000..5e8d6a9
--- /dev/null
+++ b/xD.c
@@ -0,0 +1,4079 @@
+/*
+ * xD.c: an IRC daemon
+ *
+ * Copyright (c) 2014 - 2020, Přemysl Eric Janouch <p@janouch.name>
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+ * SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+ * OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+ * CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ *
+ */
+
+#include "config.h"
+#define PROGRAM_NAME "xD"
+
+#define WANT_SYSLOG_LOGGING
+#include "common.c"
+#include "xD-replies.c"
+#include <nl_types.h>
+
+enum { PIPE_READ, PIPE_WRITE };
+
+// FIXME: don't use time_t to compute time deltas
+
+// --- Configuration (application-specific) ------------------------------------
+
+// Just get rid of the crappiest ciphers available by default
+#define DEFAULT_CIPHERS "DEFAULT:!MEDIUM:!LOW"
+
+static struct simple_config_item g_config_table[] =
+{
+ { "pid_file", NULL, "Path or name of the PID file" },
+ { "server_name", NULL, "Server name" },
+ { "server_info", "My server", "Brief server description" },
+ { "motd", NULL, "MOTD filename" },
+ { "catalog", NULL, "catgets localization catalog" },
+
+ { "bind_host", NULL, "Address of the IRC server" },
+ { "bind_port", "6667", "Port of the IRC server" },
+ { "tls_cert", NULL, "Server TLS certificate (PEM)" },
+ { "tls_key", NULL, "Server TLS private key (PEM)" },
+ { "tls_ciphers", DEFAULT_CIPHERS, "OpenSSL cipher list" },
+
+ { "operators", NULL, "IRCop TLS client cert. SHA-1 fingerprints" },
+
+ { "max_connections", "0", "Global connection limit" },
+ { "ping_interval", "180", "Interval between PINGs (sec)" },
+ { NULL, NULL, NULL }
+};
+
+// --- Signals -----------------------------------------------------------------
+
+static int g_signal_pipe[2]; ///< A pipe used to signal... signals
+
+/// Program termination has been requested by a signal
+static volatile sig_atomic_t g_termination_requested;
+
+static void
+sigterm_handler (int signum)
+{
+ (void) signum;
+
+ g_termination_requested = true;
+
+ int original_errno = errno;
+ if (write (g_signal_pipe[1], "t", 1) == -1)
+ soft_assert (errno == EAGAIN);
+ errno = original_errno;
+}
+
+static void
+setup_signal_handlers (void)
+{
+ if (pipe (g_signal_pipe) == -1)
+ exit_fatal ("%s: %s", "pipe", strerror (errno));
+
+ set_cloexec (g_signal_pipe[0]);
+ set_cloexec (g_signal_pipe[1]);
+
+ // So that the pipe cannot overflow; it would make write() block within
+ // the signal handler, which is something we really don't want to happen.
+ // The same holds true for read().
+ set_blocking (g_signal_pipe[0], false);
+ set_blocking (g_signal_pipe[1], false);
+
+ signal (SIGPIPE, SIG_IGN);
+
+ struct sigaction sa;
+ sa.sa_flags = SA_RESTART;
+ sigemptyset (&sa.sa_mask);
+ sa.sa_handler = sigterm_handler;
+ if (sigaction (SIGINT, &sa, NULL) == -1
+ || sigaction (SIGTERM, &sa, NULL) == -1)
+ exit_fatal ("%s: %s", "sigaction", strerror (errno));
+}
+
+// --- Rate limiter ------------------------------------------------------------
+
+struct flood_detector
+{
+ unsigned interval; ///< Interval for the limit
+ unsigned limit; ///< Maximum number of events allowed
+
+ time_t *timestamps; ///< Timestamps of last events
+ unsigned pos; ///< Index of the oldest event
+};
+
+static void
+flood_detector_init (struct flood_detector *self,
+ unsigned interval, unsigned limit)
+{
+ self->interval = interval;
+ self->limit = limit;
+ self->timestamps = xcalloc (limit + 1, sizeof *self->timestamps);
+ self->pos = 0;
+}
+
+static void
+flood_detector_free (struct flood_detector *self)
+{
+ free (self->timestamps);
+}
+
+static bool
+flood_detector_check (struct flood_detector *self)
+{
+ time_t now = time (NULL);
+ self->timestamps[self->pos++] = now;
+ if (self->pos > self->limit)
+ self->pos = 0;
+
+ time_t begin = now - self->interval;
+ size_t count = 0;
+ for (size_t i = 0; i <= self->limit; i++)
+ if (self->timestamps[i] >= begin)
+ count++;
+ return count <= self->limit;
+}
+
+// --- IRC token validation ----------------------------------------------------
+
+// Use the enum only if applicable and a simple boolean isn't sufficient.
+
+enum validation_result
+{
+ VALIDATION_OK,
+ VALIDATION_ERROR_EMPTY,
+ VALIDATION_ERROR_TOO_LONG,
+ VALIDATION_ERROR_INVALID
+};
+
+// Everything as per RFC 2812
+#define IRC_MAX_NICKNAME 9
+#define IRC_MAX_HOSTNAME 63
+#define IRC_MAX_CHANNEL_NAME 50
+#define IRC_MAX_MESSAGE_LENGTH 510
+
+static bool
+irc_regex_match (const char *regex, const char *s)
+{
+ static struct str_map cache;
+ static bool initialized;
+
+ if (!initialized)
+ {
+ cache = regex_cache_make ();
+ initialized = true;
+ }
+
+ struct error *e = NULL;
+ bool result = regex_cache_match (&cache, regex,
+ REG_EXTENDED | REG_NOSUB, s, &e);
+ hard_assert (!e);
+ return result;
+}
+
+static const char *
+irc_validate_to_str (enum validation_result result)
+{
+ switch (result)
+ {
+ case VALIDATION_OK: return "success";
+ case VALIDATION_ERROR_EMPTY: return "the value is empty";
+ case VALIDATION_ERROR_INVALID: return "invalid format";
+ case VALIDATION_ERROR_TOO_LONG: return "the value is too long";
+ default: abort ();
+ }
+}
+
+// Anything to keep it as short as possible
+// "shortname" from RFC 2812 doesn't work how its author thought it would.
+#define SN "[0-9A-Za-z](-*[0-9A-Za-z])*"
+#define N4 "[0-9]{1,3}"
+#define N6 "[0-9ABCDEFabcdef]{1,}"
+
+#define LE "A-Za-z"
+#define SP "][\\\\`_^{|}"
+
+static enum validation_result
+irc_validate_hostname (const char *hostname)
+{
+ if (!*hostname)
+ return VALIDATION_ERROR_EMPTY;
+ if (!irc_regex_match ("^" SN "(\\." SN ")*$", hostname))
+ return VALIDATION_ERROR_INVALID;
+ if (strlen (hostname) > IRC_MAX_HOSTNAME)
+ return VALIDATION_ERROR_TOO_LONG;
+ return VALIDATION_OK;
+}
+
+static bool
+irc_is_valid_hostaddr (const char *hostaddr)
+{
+ if (irc_regex_match ("^" N4 "\\." N4 "\\." N4 "\\." N4 "$", hostaddr)
+ || irc_regex_match ("^" N6 ":" N6 ":" N6 ":" N6 ":"
+ N6 ":" N6 ":" N6 ":" N6 "$", hostaddr)
+ || irc_regex_match ("^0:0:0:0:0:(0|[Ff]{4}):"
+ N4 "\\." N4 "\\." N4 "\\." N4 "$", hostaddr))
+ return true;
+ return false;
+}
+
+// TODO: we should actually use this, though what should we do on failure?
+static bool
+irc_is_valid_host (const char *host)
+{
+ return irc_validate_hostname (host) == VALIDATION_OK
+ || irc_is_valid_hostaddr (host);
+}
+
+// TODO: currently, we are almost encoding-agnostic (strings just need to be
+// ASCII-compatible). We should at least have an option to enforce a specific
+// encoding, such as UTF-8. Note that with Unicode we should not allow all
+// character clasess and exclude the likes of \pM with the goal of enforcing
+// NFC-normalized identifiers--utf8proc is a good candidate library to handle
+// the categorization and validation.
+
+static bool
+irc_is_valid_user (const char *user)
+{
+ return irc_regex_match ("^[^\r\n @]+$", user);
+}
+
+static bool
+irc_validate_nickname (const char *nickname)
+{
+ if (!*nickname)
+ return VALIDATION_ERROR_EMPTY;
+ if (!irc_regex_match ("^[" SP LE "][" SP LE "0-9-]*$", nickname))
+ return VALIDATION_ERROR_INVALID;
+ if (strlen (nickname) > IRC_MAX_NICKNAME)
+ return VALIDATION_ERROR_TOO_LONG;
+ return VALIDATION_OK;
+}
+
+static enum validation_result
+irc_validate_channel_name (const char *channel_name)
+{
+ if (!*channel_name)
+ return VALIDATION_ERROR_EMPTY;
+ if (*channel_name != '#' || strpbrk (channel_name, "\7\r\n ,:"))
+ return VALIDATION_ERROR_INVALID;
+ if (strlen (channel_name) > IRC_MAX_CHANNEL_NAME)
+ return VALIDATION_ERROR_TOO_LONG;
+ return VALIDATION_OK;
+}
+
+static bool
+irc_is_valid_key (const char *key)
+{
+ // XXX: should be 7-bit as well but whatever
+ return irc_regex_match ("^[^\r\n\f\t\v ]{1,23}$", key);
+}
+
+#undef SN
+#undef N4
+#undef N6
+
+#undef LE
+#undef SP
+
+static bool
+irc_is_valid_user_mask (const char *mask)
+{
+ return irc_regex_match ("^[^!@]+![^!@]+@[^@!]+$", mask);
+}
+
+static bool
+irc_is_valid_fingerprint (const char *fp)
+{
+ return irc_regex_match ("^[a-fA-F0-9]{40}$", fp);
+}
+
+// --- Clients (equals users) --------------------------------------------------
+
+#define IRC_SUPPORTED_USER_MODES "aiwros"
+
+enum
+{
+ IRC_USER_MODE_INVISIBLE = (1 << 0),
+ IRC_USER_MODE_RX_WALLOPS = (1 << 1),
+ IRC_USER_MODE_RESTRICTED = (1 << 2),
+ IRC_USER_MODE_OPERATOR = (1 << 3),
+ IRC_USER_MODE_RX_SERVER_NOTICES = (1 << 4)
+};
+
+enum
+{
+ IRC_CAP_MULTI_PREFIX = (1 << 0),
+ IRC_CAP_INVITE_NOTIFY = (1 << 1),
+ IRC_CAP_ECHO_MESSAGE = (1 << 2),
+ IRC_CAP_USERHOST_IN_NAMES = (1 << 3),
+ IRC_CAP_SERVER_TIME = (1 << 4)
+};
+
+struct client
+{
+ LIST_HEADER (struct client)
+ struct server_context *ctx; ///< Server context
+
+ time_t opened; ///< When the connection was opened
+ size_t n_sent_messages; ///< Number of sent messages total
+ size_t sent_bytes; ///< Number of sent bytes total
+ size_t n_received_messages; ///< Number of received messages total
+ size_t received_bytes; ///< Number of received bytes total
+
+ int socket_fd; ///< The TCP socket
+ struct str read_buffer; ///< Unprocessed input
+ struct str write_buffer; ///< Output yet to be sent out
+
+ struct poller_fd socket_event; ///< The socket can be read/written to
+ struct poller_timer ping_timer; ///< We should send a ping
+ struct poller_timer timeout_timer; ///< Connection seems to be dead
+ struct poller_timer kill_timer; ///< Hard kill timeout
+
+ unsigned long cap_version; ///< CAP protocol version
+ unsigned caps_enabled; ///< Enabled capabilities
+
+ unsigned initialized : 1; ///< Has any data been received yet?
+ unsigned cap_negotiating : 1; ///< Negotiating capabilities
+ unsigned registered : 1; ///< The user has registered
+ unsigned closing_link : 1; ///< Closing link
+ unsigned half_closed : 1; ///< Closing link: conn. is half-closed
+
+ unsigned ssl_rx_want_tx : 1; ///< SSL_read() wants to write
+ unsigned ssl_tx_want_rx : 1; ///< SSL_write() wants to read
+ SSL *ssl; ///< SSL connection
+ char *ssl_cert_fingerprint; ///< Client certificate fingerprint
+
+ char *nickname; ///< IRC nickname (main identifier)
+ char *username; ///< IRC username
+ char *realname; ///< IRC realname (e-mail)
+
+ char *hostname; ///< Hostname shown to the network
+ char *port; ///< Port of the peer as a string
+ char *address; ///< Full address
+
+ unsigned mode; ///< User's mode
+ char *away_message; ///< Away message
+ time_t last_active; ///< Last PRIVMSG, to get idle time
+ struct str_map invites; ///< Channel invitations by operators
+ struct flood_detector antiflood; ///< Flood detector
+
+ struct async_getnameinfo *gni; ///< Backwards DNS resolution
+ struct poller_timer gni_timer; ///< Backwards DNS resolution timeout
+};
+
+static struct client *
+client_new (void)
+{
+ struct client *self = xcalloc (1, sizeof *self);
+ self->socket_fd = -1;
+ self->read_buffer = str_make ();
+ self->write_buffer = str_make ();
+ self->cap_version = 301;
+ // TODO: make this configurable and more fine-grained
+ flood_detector_init (&self->antiflood, 10, 20);
+ self->invites = str_map_make (NULL);
+ self->invites.key_xfrm = irc_strxfrm;
+ return self;
+}
+
+static void
+client_destroy (struct client *self)
+{
+ if (!soft_assert (self->socket_fd == -1))
+ xclose (self->socket_fd);
+ if (self->ssl)
+ SSL_free (self->ssl);
+
+ str_free (&self->read_buffer);
+ str_free (&self->write_buffer);
+ free (self->ssl_cert_fingerprint);
+
+ free (self->nickname);
+ free (self->username);
+ free (self->realname);
+
+ free (self->hostname);
+ free (self->port);
+ free (self->address);
+
+ free (self->away_message);
+ flood_detector_free (&self->antiflood);
+ str_map_free (&self->invites);
+
+ if (self->gni)
+ async_cancel (&self->gni->async);
+ free (self);
+}
+
+static void client_close_link (struct client *c, const char *reason);
+static void client_kill (struct client *c, const char *reason);
+static void client_send (struct client *, const char *, ...)
+ ATTRIBUTE_PRINTF (2, 3);
+static void client_cancel_timers (struct client *);
+static void client_set_kill_timer (struct client *);
+static void client_update_poller (struct client *, const struct pollfd *);
+
+// --- Channels ----------------------------------------------------------------
+
+#define IRC_SUPPORTED_CHAN_MODES "ov" "beI" "imnqpst" "kl"
+
+enum
+{
+ IRC_CHAN_MODE_INVITE_ONLY = (1 << 0),
+ IRC_CHAN_MODE_MODERATED = (1 << 1),
+ IRC_CHAN_MODE_NO_OUTSIDE_MSGS = (1 << 2),
+ IRC_CHAN_MODE_QUIET = (1 << 3),
+ IRC_CHAN_MODE_PRIVATE = (1 << 4),
+ IRC_CHAN_MODE_SECRET = (1 << 5),
+ IRC_CHAN_MODE_PROTECTED_TOPIC = (1 << 6),
+
+ IRC_CHAN_MODE_OPERATOR = (1 << 7),
+ IRC_CHAN_MODE_VOICE = (1 << 8)
+};
+
+struct channel_user
+{
+ LIST_HEADER (struct channel_user)
+
+ unsigned modes;
+ struct client *c;
+};
+
+struct channel
+{
+ struct server_context *ctx; ///< Server context
+
+ char *name; ///< Channel name
+ unsigned modes; ///< Channel modes
+ char *key; ///< Channel key
+ long user_limit; ///< User limit or -1
+ time_t created; ///< Creation time
+
+ char *topic; ///< Channel topic
+ char *topic_who; ///< Who set the topic
+ time_t topic_time; ///< When the topic was set
+
+ struct channel_user *users; ///< Channel users
+
+ struct strv ban_list; ///< Ban list
+ struct strv exception_list; ///< Exceptions from bans
+ struct strv invite_list; ///< Exceptions from +I
+};
+
+static struct channel *
+channel_new (void)
+{
+ struct channel *self = xcalloc (1, sizeof *self);
+
+ self->user_limit = -1;
+ self->topic = xstrdup ("");
+
+ self->ban_list = strv_make ();
+ self->exception_list = strv_make ();
+ self->invite_list = strv_make ();
+ return self;
+}
+
+static void
+channel_delete (struct channel *self)
+{
+ free (self->name);
+ free (self->key);
+ free (self->topic);
+ free (self->topic_who);
+
+ struct channel_user *link, *tmp;
+ for (link = self->users; link; link = tmp)
+ {
+ tmp = link->next;
+ free (link);
+ }
+
+ strv_free (&self->ban_list);
+ strv_free (&self->exception_list);
+ strv_free (&self->invite_list);
+
+ free (self);
+}
+
+static char *
+channel_get_mode (struct channel *self, bool disclose_secrets)
+{
+ struct str mode = str_make ();
+ unsigned m = self->modes;
+ if (m & IRC_CHAN_MODE_INVITE_ONLY) str_append_c (&mode, 'i');
+ if (m & IRC_CHAN_MODE_MODERATED) str_append_c (&mode, 'm');
+ if (m & IRC_CHAN_MODE_NO_OUTSIDE_MSGS) str_append_c (&mode, 'n');
+ if (m & IRC_CHAN_MODE_QUIET) str_append_c (&mode, 'q');
+ if (m & IRC_CHAN_MODE_PRIVATE) str_append_c (&mode, 'p');
+ if (m & IRC_CHAN_MODE_SECRET) str_append_c (&mode, 's');
+ if (m & IRC_CHAN_MODE_PROTECTED_TOPIC) str_append_c (&mode, 't');
+
+ if (self->user_limit != -1) str_append_c (&mode, 'l');
+ if (self->key) str_append_c (&mode, 'k');
+
+ // XXX: is it correct to split it? Try it on an existing implementation.
+ if (disclose_secrets)
+ {
+ if (self->user_limit != -1)
+ str_append_printf (&mode, " %ld", self->user_limit);
+ if (self->key)
+ str_append_printf (&mode, " %s", self->key);
+ }
+ return str_steal (&mode);
+}
+
+static struct channel_user *
+channel_get_user (const struct channel *chan, const struct client *c)
+{
+ for (struct channel_user *iter = chan->users; iter; iter = iter->next)
+ if (iter->c == c)
+ return iter;
+ return NULL;
+}
+
+static struct channel_user *
+channel_add_user (struct channel *chan, struct client *c)
+{
+ struct channel_user *link = xcalloc (1, sizeof *link);
+ link->c = c;
+ LIST_PREPEND (chan->users, link);
+ return link;
+}
+
+static void
+channel_remove_user (struct channel *chan, struct channel_user *user)
+{
+ LIST_UNLINK (chan->users, user);
+ free (user);
+}
+
+static size_t
+channel_user_count (const struct channel *chan)
+{
+ size_t result = 0;
+ for (struct channel_user *iter = chan->users; iter; iter = iter->next)
+ result++;
+ return result;
+}
+
+// --- IRC server context ------------------------------------------------------
+
+struct whowas_info
+{
+ char *nickname; ///< IRC nickname
+ char *username; ///< IRC username
+ char *realname; ///< IRC realname
+ char *hostname; ///< Hostname shown to the network
+};
+
+struct whowas_info *
+whowas_info_new (struct client *c)
+{
+ struct whowas_info *self = xmalloc (sizeof *self);
+ self->nickname = xstrdup (c->nickname);
+ self->username = xstrdup (c->username);
+ self->realname = xstrdup (c->realname);
+ self->hostname = xstrdup (c->hostname);
+ return self;
+}
+
+static void
+whowas_info_destroy (struct whowas_info *self)
+{
+ free (self->nickname);
+ free (self->username);
+ free (self->realname);
+ free (self->hostname);
+ free (self);
+}
+
+// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+struct irc_command
+{
+ const char *name;
+ bool requires_registration;
+ void (*handler) (const struct irc_message *, struct client *);
+
+ size_t n_received; ///< Number of commands received
+ size_t bytes_received; ///< Number of bytes received total
+};
+
+struct server_context
+{
+ int *listen_fds; ///< Listening socket FD's
+ struct poller_fd *listen_events; ///< New connections available
+ size_t listen_len; ///< Number of listening sockets
+ size_t listen_alloc; ///< How many we've allocated
+
+ time_t started; ///< When has the server been started
+
+ SSL_CTX *ssl_ctx; ///< SSL context
+ struct client *clients; ///< Clients
+ unsigned n_clients; ///< Current number of connections
+
+ struct str_map users; ///< Maps nicknames to clients
+ struct str_map channels; ///< Maps channel names to data
+ struct str_map handlers; ///< Message handlers
+ struct str_map cap_handlers; ///< CAP message handlers
+
+ struct str_map whowas; ///< WHOWAS registry
+
+ struct poller poller; ///< Manages polled description
+ struct poller_timer quit_timer; ///< Quit timeout timer
+ bool quitting; ///< User requested quitting
+ bool polling; ///< The event loop is running
+
+ struct poller_fd signal_event; ///< Got a signal
+
+ struct str_map config; ///< Server configuration
+ char *server_name; ///< Our server name
+ unsigned ping_interval; ///< Ping interval in seconds
+ unsigned max_connections; ///< Max. connections allowed or 0
+ struct strv motd; ///< MOTD (none if empty)
+ nl_catd catalog; ///< Message catalog for server msgs
+ struct str_map operators; ///< TLS cert. fingerprints for IRCops
+};
+
+static void
+on_irc_quit_timeout (void *user_data)
+{
+ struct server_context *ctx = user_data;
+ struct client *iter, *next;
+ for (iter = ctx->clients; iter; iter = next)
+ {
+ next = iter->next;
+ // irc_initiate_quit() has already unregistered the client
+ client_kill (iter, "Shutting down");
+ }
+}
+
+static void
+server_context_init (struct server_context *self)
+{
+ memset (self, 0, sizeof *self);
+
+ self->users = str_map_make (NULL);
+ self->users.key_xfrm = irc_strxfrm;
+ self->channels = str_map_make ((str_map_free_fn) channel_delete);
+ self->channels.key_xfrm = irc_strxfrm;
+ self->handlers = str_map_make (NULL);
+ self->handlers.key_xfrm = irc_strxfrm;
+ self->cap_handlers = str_map_make (NULL);
+ self->cap_handlers.key_xfrm = irc_strxfrm;
+
+ self->whowas = str_map_make ((str_map_free_fn) whowas_info_destroy);
+ self->whowas.key_xfrm = irc_strxfrm;
+
+ poller_init (&self->poller);
+ self->quit_timer = poller_timer_make (&self->poller);
+ self->quit_timer.dispatcher = on_irc_quit_timeout;
+ self->quit_timer.user_data = self;
+
+ self->config = str_map_make (free);
+ simple_config_load_defaults (&self->config, g_config_table);
+
+ self->motd = strv_make ();
+ self->catalog = (nl_catd) -1;
+ self->operators = str_map_make (NULL);
+ // The regular irc_strxfrm() is sufficient for fingerprints
+ self->operators.key_xfrm = irc_strxfrm;
+}
+
+static void
+server_context_free (struct server_context *self)
+{
+ str_map_free (&self->config);
+
+ for (size_t i = 0; i < self->listen_len; i++)
+ {
+ poller_fd_reset (&self->listen_events[i]);
+ xclose (self->listen_fds[i]);
+ }
+ free (self->listen_fds);
+ free (self->listen_events);
+
+ hard_assert (!self->clients);
+ if (self->ssl_ctx)
+ SSL_CTX_free (self->ssl_ctx);
+
+ free (self->server_name);
+ str_map_free (&self->users);
+ str_map_free (&self->channels);
+ str_map_free (&self->handlers);
+ str_map_free (&self->cap_handlers);
+ str_map_free (&self->whowas);
+ poller_free (&self->poller);
+
+ strv_free (&self->motd);
+ if (self->catalog != (nl_catd) -1)
+ catclose (self->catalog);
+ str_map_free (&self->operators);
+}
+
+static const char *
+irc_get_text (struct server_context *ctx, int id, const char *def)
+{
+ if (!soft_assert (def != NULL))
+ def = "";
+ if (ctx->catalog == (nl_catd) -1)
+ return def;
+ return catgets (ctx->catalog, 1, id, def);
+}
+
+static void
+irc_try_finish_quit (struct server_context *ctx)
+{
+ if (!ctx->n_clients && ctx->quitting)
+ {
+ poller_timer_reset (&ctx->quit_timer);
+ ctx->polling = false;
+ }
+}
+
+static void
+irc_initiate_quit (struct server_context *ctx)
+{
+ print_status ("shutting down");
+
+ for (size_t i = 0; i < ctx->listen_len; i++)
+ {
+ poller_fd_reset (&ctx->listen_events[i]);
+ xclose (ctx->listen_fds[i]);
+ }
+ ctx->listen_len = 0;
+
+ for (struct client *iter = ctx->clients; iter; iter = iter->next)
+ if (!iter->closing_link)
+ client_close_link (iter, "Shutting down");
+
+ ctx->quitting = true;
+ poller_timer_set (&ctx->quit_timer, 5000);
+ irc_try_finish_quit (ctx);
+}
+
+static struct channel *
+irc_channel_create (struct server_context *ctx, const char *name)
+{
+ struct channel *chan = channel_new ();
+ chan->ctx = ctx;
+ chan->name = xstrdup (name);
+ chan->created = time (NULL);
+ str_map_set (&ctx->channels, name, chan);
+ return chan;
+}
+
+static void
+irc_channel_destroy_if_empty (struct server_context *ctx, struct channel *chan)
+{
+ if (!chan->users)
+ str_map_set (&ctx->channels, chan->name, NULL);
+}
+
+static void
+irc_send_to_roommates (struct client *c, const char *message)
+{
+ struct str_map targets = str_map_make (NULL);
+ targets.key_xfrm = irc_strxfrm;
+
+ struct str_map_iter iter = str_map_iter_make (&c->ctx->channels);
+ struct channel *chan;
+ while ((chan = str_map_iter_next (&iter)))
+ {
+ if (chan->modes & IRC_CHAN_MODE_QUIET
+ || !channel_get_user (chan, c))
+ continue;
+ for (struct channel_user *iter = chan->users; iter; iter = iter->next)
+ str_map_set (&targets, iter->c->nickname, iter->c);
+ }
+
+ iter = str_map_iter_make (&targets);
+ struct client *target;
+ while ((target = str_map_iter_next (&iter)))
+ if (target != c)
+ client_send (target, "%s", message);
+ str_map_free (&targets);
+}
+
+// --- Clients (continued) -----------------------------------------------------
+
+static void
+client_mode_to_str (unsigned m, struct str *out)
+{
+ if (m & IRC_USER_MODE_INVISIBLE) str_append_c (out, 'i');
+ if (m & IRC_USER_MODE_RX_WALLOPS) str_append_c (out, 'w');
+ if (m & IRC_USER_MODE_RESTRICTED) str_append_c (out, 'r');
+ if (m & IRC_USER_MODE_OPERATOR) str_append_c (out, 'o');
+ if (m & IRC_USER_MODE_RX_SERVER_NOTICES) str_append_c (out, 's');
+}
+
+static char *
+client_get_mode (struct client *self)
+{
+ struct str mode = str_make ();
+ if (self->away_message)
+ str_append_c (&mode, 'a');
+ client_mode_to_str (self->mode, &mode);
+ return str_steal (&mode);
+}
+
+static void
+client_send_str (struct client *c, const struct str *s)
+{
+ hard_assert (!c->closing_link);
+
+ size_t old_sendq = c->write_buffer.len;
+
+ // So far there's only one message tag we use, so we can do it simple;
+ // note that a 1024-character limit applies to messages with tags on
+ if (c->caps_enabled & IRC_CAP_SERVER_TIME)
+ {
+ long milliseconds; char buf[32]; struct tm tm;
+ time_t now = unixtime_msec (&milliseconds);
+ if (soft_assert (strftime (buf, sizeof buf,
+ "%Y-%m-%dT%T", gmtime_r (&now, &tm))))
+ str_append_printf (&c->write_buffer,
+ "@time=%s.%03ldZ ", buf, milliseconds);
+ }
+
+ // TODO: kill the connection above some "SendQ" threshold (careful!)
+ str_append_data (&c->write_buffer, s->str,
+ MIN (s->len, IRC_MAX_MESSAGE_LENGTH));
+ str_append (&c->write_buffer, "\r\n");
+ // XXX: we might want to move this elsewhere, so that it doesn't get called
+ // as often; it's going to cause a lot of syscalls with epoll.
+ client_update_poller (c, NULL);
+
+ // Technically we haven't sent it yet but that's a minor detail
+ c->n_sent_messages++;
+ c->sent_bytes += c->write_buffer.len - old_sendq;
+}
+
+static void
+client_send (struct client *c, const char *format, ...)
+{
+ struct str tmp = str_make ();
+
+ va_list ap;
+ va_start (ap, format);
+ str_append_vprintf (&tmp, format, ap);
+ va_end (ap);
+
+ client_send_str (c, &tmp);
+ str_free (&tmp);
+}
+
+static void
+client_add_to_whowas (struct client *c)
+{
+ // Only keeping one entry for each nickname
+ // TODO: make sure this list doesn't get too long, for example by
+ // putting them in a linked list ordered by time
+ str_map_set (&c->ctx->whowas, c->nickname, whowas_info_new (c));
+}
+
+static void
+client_unregister (struct client *c, const char *reason)
+{
+ if (!c->registered)
+ return;
+
+ char *message = xstrdup_printf (":%s!%s@%s QUIT :%s",
+ c->nickname, c->username, c->hostname, reason);
+ irc_send_to_roommates (c, message);
+ free (message);
+
+ struct str_map_unset_iter iter =
+ str_map_unset_iter_make (&c->ctx->channels);
+ struct channel *chan;
+ while ((chan = str_map_unset_iter_next (&iter)))
+ {
+ struct channel_user *user;
+ if (!(user = channel_get_user (chan, c)))
+ continue;
+ channel_remove_user (chan, user);
+ irc_channel_destroy_if_empty (c->ctx, chan);
+ }
+ str_map_unset_iter_free (&iter);
+
+ client_add_to_whowas (c);
+
+ str_map_set (&c->ctx->users, c->nickname, NULL);
+ cstr_set (&c->nickname, NULL);
+ c->registered = false;
+}
+
+static void
+client_kill (struct client *c, const char *reason)
+{
+ struct server_context *ctx = c->ctx;
+ client_unregister (c, reason ? reason : "Client exited");
+
+ if (c->address)
+ // Only log the event if address resolution has finished
+ print_debug ("closed connection to %s (%s)", c->address,
+ reason ? reason : "");
+
+ if (c->ssl)
+ // Note that we might have already called this once, but that is fine
+ (void) SSL_shutdown (c->ssl);
+
+ xclose (c->socket_fd);
+ c->socket_fd = -1;
+
+ // We don't fork any children, this is okay
+ c->socket_event.closed = true;
+ poller_fd_reset (&c->socket_event);
+ client_cancel_timers (c);
+
+ LIST_UNLINK (ctx->clients, c);
+ ctx->n_clients--;
+ client_destroy (c);
+
+ irc_try_finish_quit (ctx);
+}
+
+static void
+client_close_link (struct client *c, const char *reason)
+{
+ // Let's just cut the connection, the client can try again later.
+ // We also want to avoid accidentally setting poller events before
+ // address resolution has finished.
+ if (!c->initialized)
+ {
+ client_kill (c, reason);
+ return;
+ }
+ if (!soft_assert (!c->closing_link))
+ return;
+
+ // We push an `ERROR' message to the write buffer and let the poller send
+ // it, with some arbitrary timeout. The `closing_link' state makes sure
+ // that a/ we ignore any successive messages, and b/ that the connection
+ // is killed after the write buffer is transferred and emptied.
+ client_send (c, "ERROR :Closing Link: %s[%s] (%s)",
+ c->nickname ? c->nickname : "*",
+ c->hostname /* TODO host IP? */, reason);
+ c->closing_link = true;
+
+ client_unregister (c, reason);
+ client_set_kill_timer (c);
+}
+
+static bool
+client_in_mask_list (const struct client *c, const struct strv *mask)
+{
+ char *client = xstrdup_printf ("%s!%s@%s",
+ c->nickname, c->username, c->hostname);
+ bool result = false;
+ for (size_t i = 0; i < mask->len; i++)
+ if (!irc_fnmatch (mask->vector[i], client))
+ {
+ result = true;
+ break;
+ }
+ free (client);
+ return result;
+}
+
+static char *
+client_get_ssl_cert_fingerprint (struct client *c)
+{
+ if (!c->ssl)
+ return NULL;
+
+ X509 *peer_cert = SSL_get_peer_certificate (c->ssl);
+ if (!peer_cert)
+ return NULL;
+
+ int cert_len = i2d_X509 (peer_cert, NULL);
+ if (cert_len < 0)
+ return NULL;
+
+ unsigned char cert[cert_len], *p = cert;
+ if (i2d_X509 (peer_cert, &p) < 0)
+ return NULL;
+
+ unsigned char hash[SHA_DIGEST_LENGTH];
+ SHA1 (cert, cert_len, hash);
+
+ struct str fingerprint = str_make ();
+ for (size_t i = 0; i < sizeof hash; i++)
+ str_append_printf (&fingerprint, "%02x", hash[i]);
+ return str_steal (&fingerprint);
+}
+
+// --- Timers ------------------------------------------------------------------
+
+static void
+client_cancel_timers (struct client *c)
+{
+ poller_timer_reset (&c->kill_timer);
+ poller_timer_reset (&c->timeout_timer);
+ poller_timer_reset (&c->ping_timer);
+ poller_timer_reset (&c->gni_timer);
+}
+
+static void
+client_set_timer (struct client *c,
+ struct poller_timer *timer, unsigned interval)
+{
+ client_cancel_timers (c);
+ poller_timer_set (timer, interval * 1000);
+}
+
+static void
+on_client_kill_timer (struct client *c)
+{
+ hard_assert (!c->initialized || c->closing_link);
+ client_kill (c, NULL);
+}
+
+static void
+client_set_kill_timer (struct client *c)
+{
+ client_set_timer (c, &c->kill_timer, c->ctx->ping_interval);
+}
+
+static void
+on_client_timeout_timer (struct client *c)
+{
+ char *reason = xstrdup_printf
+ ("Ping timeout: >%u seconds", c->ctx->ping_interval);
+ client_close_link (c, reason);
+ free (reason);
+}
+
+static void
+on_client_ping_timer (struct client *c)
+{
+ hard_assert (!c->closing_link);
+ client_send (c, "PING :%s", c->ctx->server_name);
+ client_set_timer (c, &c->timeout_timer, c->ctx->ping_interval);
+}
+
+static void
+client_set_ping_timer (struct client *c)
+{
+ client_set_timer (c, &c->ping_timer, c->ctx->ping_interval);
+}
+
+// --- IRC command handling ----------------------------------------------------
+
+static void
+irc_make_reply (struct client *c, int id, va_list ap, struct str *output)
+{
+ str_append_printf (output, ":%s %03d %s ",
+ c->ctx->server_name, id, c->nickname ? c->nickname : "*");
+ str_append_vprintf (output,
+ irc_get_text (c->ctx, id, g_default_replies[id]), ap);
+}
+
+// XXX: this way we cannot typecheck the arguments, so we must be careful
+static void
+irc_send_reply (struct client *c, int id, ...)
+{
+ struct str reply = str_make ();
+
+ va_list ap;
+ va_start (ap, id);
+ irc_make_reply (c, id, ap, &reply);
+ va_end (ap);
+
+ client_send_str (c, &reply);
+ str_free (&reply);
+}
+
+/// Send a space-separated list of words across as many replies as needed
+static void
+irc_send_reply_vector (struct client *c, int id, char **items, ...)
+{
+ struct str common = str_make ();
+
+ va_list ap;
+ va_start (ap, items);
+ irc_make_reply (c, id, ap, &common);
+ va_end (ap);
+
+ // We always send at least one message (there might be a client that
+ // expects us to send this message at least once)
+ do
+ {
+ struct str reply = str_make ();
+ str_append_str (&reply, &common);
+
+ // If not even a single item fits in the limit (which may happen,
+ // in theory) it just gets cropped. We could also skip it.
+ if (*items)
+ str_append (&reply, *items++);
+
+ // Append as many items as fits in a single message
+ while (*items
+ && reply.len + 1 + strlen (*items) <= IRC_MAX_MESSAGE_LENGTH)
+ str_append_printf (&reply, " %s", *items++);
+
+ client_send_str (c, &reply);
+ str_free (&reply);
+ }
+ while (*items);
+ str_free (&common);
+}
+
+#define RETURN_WITH_REPLY(c, ...) \
+ BLOCK_START \
+ irc_send_reply ((c), __VA_ARGS__); \
+ return; \
+ BLOCK_END
+
+static void
+irc_send_motd (struct client *c)
+{
+ struct server_context *ctx = c->ctx;
+ if (!ctx->motd.len)
+ RETURN_WITH_REPLY (c, IRC_ERR_NOMOTD);
+
+ irc_send_reply (c, IRC_RPL_MOTDSTART, ctx->server_name);
+ for (size_t i = 0; i < ctx->motd.len; i++)
+ irc_send_reply (c, IRC_RPL_MOTD, ctx->motd.vector[i]);
+ irc_send_reply (c, IRC_RPL_ENDOFMOTD);
+}
+
+static void
+irc_send_lusers (struct client *c)
+{
+ int n_users = 0, n_services = 0, n_opers = 0, n_unknown = 0;
+ for (struct client *link = c->ctx->clients; link; link = link->next)
+ {
+ if (link->registered)
+ n_users++;
+ else
+ n_unknown++;
+ if (link->mode & IRC_USER_MODE_OPERATOR)
+ n_opers++;
+ }
+
+ int n_channels = 0;
+ struct str_map_iter iter = str_map_iter_make (&c->ctx->channels);
+ struct channel *chan;
+ while ((chan = str_map_iter_next (&iter)))
+ if (!(chan->modes & IRC_CHAN_MODE_SECRET)
+ || channel_get_user (chan, c))
+ n_channels++;
+
+ irc_send_reply (c, IRC_RPL_LUSERCLIENT,
+ n_users, n_services, 1 /* servers total */);
+ if (n_opers)
+ irc_send_reply (c, IRC_RPL_LUSEROP, n_opers);
+ if (n_unknown)
+ irc_send_reply (c, IRC_RPL_LUSERUNKNOWN, n_unknown);
+ if (n_channels)
+ irc_send_reply (c, IRC_RPL_LUSERCHANNELS, n_channels);
+ irc_send_reply (c, IRC_RPL_LUSERME,
+ n_users + n_services + n_unknown, 0 /* peer servers */);
+}
+
+static bool
+irc_is_this_me (struct server_context *ctx, const char *target)
+{
+ // Target servers can also be matched by their users
+ return !irc_fnmatch (target, ctx->server_name)
+ || str_map_find (&ctx->users, target);
+}
+
+static void
+irc_send_isupport (struct client *c)
+{
+ // Only # channels, +e supported, +I supported, unlimited arguments to MODE
+ irc_send_reply (c, IRC_RPL_ISUPPORT, "CHANTYPES=# EXCEPTS INVEX MODES"
+ " TARGMAX=WHOIS:,LIST:,NAMES:,PRIVMSG:1,NOTICE:1,KICK:"
+ " NICKLEN=" XSTRINGIFY (IRC_MAX_NICKNAME)
+ " CHANNELLEN=" XSTRINGIFY (IRC_MAX_CHANNEL_NAME));
+}
+
+static void
+irc_try_finish_registration (struct client *c)
+{
+ struct server_context *ctx = c->ctx;
+ if (!c->nickname || !c->username || !c->realname)
+ return;
+ if (c->registered || c->cap_negotiating)
+ return;
+
+ c->registered = true;
+ irc_send_reply (c, IRC_RPL_WELCOME, c->nickname, c->username, c->hostname);
+
+ irc_send_reply (c, IRC_RPL_YOURHOST, ctx->server_name, PROGRAM_VERSION);
+ // The purpose of this message eludes me
+ irc_send_reply (c, IRC_RPL_CREATED, __DATE__);
+ irc_send_reply (c, IRC_RPL_MYINFO, ctx->server_name, PROGRAM_VERSION,
+ IRC_SUPPORTED_USER_MODES, IRC_SUPPORTED_CHAN_MODES);
+
+ irc_send_isupport (c);
+ irc_send_lusers (c);
+ irc_send_motd (c);
+
+ char *mode = client_get_mode (c);
+ if (*mode)
+ client_send (c, ":%s MODE %s :+%s", c->nickname, c->nickname, mode);
+ free (mode);
+
+ hard_assert (c->ssl_cert_fingerprint == NULL);
+ if ((c->ssl_cert_fingerprint = client_get_ssl_cert_fingerprint (c)))
+ client_send (c, ":%s NOTICE %s :"
+ "Your TLS client certificate fingerprint is %s",
+ ctx->server_name, c->nickname, c->ssl_cert_fingerprint);
+
+ str_map_set (&ctx->whowas, c->nickname, NULL);
+}
+
+// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+// IRCv3 capability negotiation. See http://ircv3.org for details.
+
+struct irc_cap_args
+{
+ const char *subcommand; ///< The subcommand being processed
+ const char *full_params; ///< Whole parameter string
+ struct strv params; ///< Split parameters
+ const char *target; ///< Target parameter for replies
+};
+
+static struct
+{
+ unsigned flag; ///< Flag
+ const char *name; ///< Name of the capability
+}
+irc_cap_table[] =
+{
+ { IRC_CAP_MULTI_PREFIX, "multi-prefix" },
+ { IRC_CAP_INVITE_NOTIFY, "invite-notify" },
+ { IRC_CAP_ECHO_MESSAGE, "echo-message" },
+ { IRC_CAP_USERHOST_IN_NAMES, "userhost-in-names" },
+ { IRC_CAP_SERVER_TIME, "server-time" },
+};
+
+static void
+irc_handle_cap_ls (struct client *c, struct irc_cap_args *a)
+{
+ if (a->params.len == 1
+ && !xstrtoul (&c->cap_version, a->params.vector[0], 10))
+ irc_send_reply (c, IRC_ERR_INVALIDCAPCMD,
+ a->subcommand, "Ignoring invalid protocol version number");
+
+ c->cap_negotiating = true;
+ client_send (c, ":%s CAP %s LS :multi-prefix invite-notify echo-message"
+ " userhost-in-names server-time", c->ctx->server_name, a->target);
+}
+
+static void
+irc_handle_cap_list (struct client *c, struct irc_cap_args *a)
+{
+ struct strv caps = strv_make ();
+ for (size_t i = 0; i < N_ELEMENTS (irc_cap_table); i++)
+ if (c->caps_enabled & irc_cap_table[i].flag)
+ strv_append (&caps, irc_cap_table[i].name);
+
+ char *caps_str = strv_join (&caps, " ");
+ strv_free (&caps);
+ client_send (c, ":%s CAP %s LIST :%s",
+ c->ctx->server_name, a->target, caps_str);
+ free (caps_str);
+}
+
+static unsigned
+irc_decode_capability (const char *name)
+{
+ for (size_t i = 0; i < N_ELEMENTS (irc_cap_table); i++)
+ if (!strcmp (irc_cap_table[i].name, name))
+ return irc_cap_table[i].flag;
+ return 0;
+}
+
+static void
+irc_handle_cap_req (struct client *c, struct irc_cap_args *a)
+{
+ c->cap_negotiating = true;
+
+ unsigned new_caps = c->caps_enabled;
+ bool success = true;
+ for (size_t i = 0; i < a->params.len; i++)
+ {
+ bool removing = false;
+ const char *name = a->params.vector[i];
+ if (*name == '-')
+ {
+ removing = true;
+ name++;
+ }
+
+ unsigned cap;
+ if (!(cap = irc_decode_capability (name)))
+ success = false;
+ else if (removing)
+ new_caps &= ~cap;
+ else
+ new_caps |= cap;
+ }
+
+ if (success)
+ {
+ c->caps_enabled = new_caps;
+ client_send (c, ":%s CAP %s ACK :%s",
+ c->ctx->server_name, a->target, a->full_params);
+ }
+ else
+ client_send (c, ":%s CAP %s NAK :%s",
+ c->ctx->server_name, a->target, a->full_params);
+}
+
+static void
+irc_handle_cap_ack (struct client *c, struct irc_cap_args *a)
+{
+ if (a->params.len)
+ irc_send_reply (c, IRC_ERR_INVALIDCAPCMD,
+ a->subcommand, "No acknowledgable capabilities supported");
+}
+
+static void
+irc_handle_cap_end (struct client *c, struct irc_cap_args *a)
+{
+ (void) a;
+
+ c->cap_negotiating = false;
+ irc_try_finish_registration (c);
+}
+
+// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+struct irc_cap_command
+{
+ const char *name;
+ void (*handler) (struct client *, struct irc_cap_args *);
+};
+
+static void
+irc_register_cap_handlers (struct server_context *ctx)
+{
+ static const struct irc_cap_command cap_handlers[] =
+ {
+ { "LS", irc_handle_cap_ls },
+ { "LIST", irc_handle_cap_list },
+ { "REQ", irc_handle_cap_req },
+ { "ACK", irc_handle_cap_ack },
+ { "END", irc_handle_cap_end },
+ };
+
+ for (size_t i = 0; i < N_ELEMENTS (cap_handlers); i++)
+ {
+ const struct irc_cap_command *cmd = &cap_handlers[i];
+ str_map_set (&ctx->cap_handlers, cmd->name, (void *) cmd);
+ }
+}
+
+static void
+irc_handle_cap (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len < 1)
+ RETURN_WITH_REPLY (c, IRC_ERR_NEEDMOREPARAMS, msg->command);
+
+ struct irc_cap_args args;
+ args.target = c->nickname ? c->nickname : "*";
+ args.subcommand = msg->params.vector[0];
+ args.full_params = "";
+ args.params = strv_make ();
+
+ if (msg->params.len > 1)
+ {
+ args.full_params = msg->params.vector[1];
+ cstr_split (args.full_params, " ", true, &args.params);
+ }
+
+ struct irc_cap_command *cmd =
+ str_map_find (&c->ctx->cap_handlers, args.subcommand);
+ if (!cmd)
+ irc_send_reply (c, IRC_ERR_INVALIDCAPCMD,
+ args.subcommand, "Invalid CAP subcommand");
+ else
+ cmd->handler (c, &args);
+
+ strv_free (&args.params);
+}
+
+static void
+irc_handle_pass (const struct irc_message *msg, struct client *c)
+{
+ if (c->registered)
+ irc_send_reply (c, IRC_ERR_ALREADYREGISTERED);
+ else if (msg->params.len < 1)
+ irc_send_reply (c, IRC_ERR_NEEDMOREPARAMS, msg->command);
+
+ // We have TLS client certificates for this purpose; ignoring
+}
+
+static void
+irc_handle_nick (const struct irc_message *msg, struct client *c)
+{
+ struct server_context *ctx = c->ctx;
+
+ if (msg->params.len < 1)
+ RETURN_WITH_REPLY (c, IRC_ERR_NONICKNAMEGIVEN);
+
+ const char *nickname = msg->params.vector[0];
+ if (irc_validate_nickname (nickname) != VALIDATION_OK)
+ RETURN_WITH_REPLY (c, IRC_ERR_ERRONEOUSNICKNAME, nickname);
+
+ struct client *client = str_map_find (&ctx->users, nickname);
+ if (client && client != c)
+ RETURN_WITH_REPLY (c, IRC_ERR_NICKNAMEINUSE, nickname);
+
+ // Nothing to do here, let's not annoy roommates
+ if (c->nickname && !strcmp (c->nickname, nickname))
+ return;
+
+ if (c->registered)
+ {
+ client_add_to_whowas (c);
+
+ char *message = xstrdup_printf (":%s!%s@%s NICK :%s",
+ c->nickname, c->username, c->hostname, nickname);
+ irc_send_to_roommates (c, message);
+ client_send (c, "%s", message);
+ free (message);
+ }
+
+ // Release the old nickname and allocate a new one
+ if (c->nickname)
+ str_map_set (&ctx->users, c->nickname, NULL);
+
+ cstr_set (&c->nickname, xstrdup (nickname));
+ str_map_set (&ctx->users, nickname, c);
+
+ irc_try_finish_registration (c);
+}
+
+static void
+irc_handle_user (const struct irc_message *msg, struct client *c)
+{
+ if (c->registered)
+ RETURN_WITH_REPLY (c, IRC_ERR_ALREADYREGISTERED);
+ if (msg->params.len < 4)
+ RETURN_WITH_REPLY (c, IRC_ERR_NEEDMOREPARAMS, msg->command);
+
+ const char *username = msg->params.vector[0];
+ const char *mode = msg->params.vector[1];
+ const char *realname = msg->params.vector[3];
+
+ // Unfortunately the protocol doesn't give us any means of rejecting it
+ if (!irc_is_valid_user (username))
+ username = "xxx";
+
+ cstr_set (&c->username, xstrdup (username));
+ cstr_set (&c->realname, xstrdup (realname));
+ c->mode = 0;
+
+ unsigned long m;
+ if (xstrtoul (&m, mode, 10))
+ {
+ if (m & 4) c->mode |= IRC_USER_MODE_RX_WALLOPS;
+ if (m & 8) c->mode |= IRC_USER_MODE_INVISIBLE;
+ }
+
+ irc_try_finish_registration (c);
+}
+
+static void
+irc_handle_userhost (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len < 1)
+ RETURN_WITH_REPLY (c, IRC_ERR_NEEDMOREPARAMS, msg->command);
+
+ struct str reply = str_make ();
+ for (size_t i = 0; i < 5 && i < msg->params.len; i++)
+ {
+ const char *nick = msg->params.vector[i];
+ struct client *target = str_map_find (&c->ctx->users, nick);
+ if (!target)
+ continue;
+
+ if (i)
+ str_append_c (&reply, ' ');
+ str_append (&reply, nick);
+ if (target->mode & IRC_USER_MODE_OPERATOR)
+ str_append_c (&reply, '*');
+ str_append_printf (&reply, "=%c%s@%s",
+ target->away_message ? '-' : '+',
+ target->username, target->hostname);
+ }
+ irc_send_reply (c, IRC_RPL_USERHOST, reply.str);
+ str_free (&reply);
+}
+
+static void
+irc_handle_lusers (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len > 1 && !irc_is_this_me (c->ctx, msg->params.vector[1]))
+ irc_send_reply (c, IRC_ERR_NOSUCHSERVER, msg->params.vector[1]);
+ else
+ irc_send_lusers (c);
+}
+
+static void
+irc_handle_motd (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len > 0 && !irc_is_this_me (c->ctx, msg->params.vector[0]))
+ irc_send_reply (c, IRC_ERR_NOSUCHSERVER, msg->params.vector[0]);
+ else
+ irc_send_motd (c);
+}
+
+static void
+irc_handle_ping (const struct irc_message *msg, struct client *c)
+{
+ // XXX: the RFC is pretty incomprehensible about the exact usage
+ if (msg->params.len > 1 && !irc_is_this_me (c->ctx, msg->params.vector[1]))
+ irc_send_reply (c, IRC_ERR_NOSUCHSERVER, msg->params.vector[1]);
+ else if (msg->params.len < 1)
+ irc_send_reply (c, IRC_ERR_NOORIGIN);
+ else
+ client_send (c, ":%s PONG :%s",
+ c->ctx->server_name, msg->params.vector[0]);
+}
+
+static void
+irc_handle_pong (const struct irc_message *msg, struct client *c)
+{
+ // We are the only server, so we don't have to care too much
+ if (msg->params.len < 1)
+ irc_send_reply (c, IRC_ERR_NOORIGIN);
+ else
+ // Set a new timer to send another PING
+ client_set_ping_timer (c);
+}
+
+static void
+irc_handle_quit (const struct irc_message *msg, struct client *c)
+{
+ char *reason = xstrdup_printf ("Quit: %s",
+ msg->params.len > 0 ? msg->params.vector[0] : c->nickname);
+ client_close_link (c, reason);
+ free (reason);
+}
+
+static void
+irc_handle_time (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len > 0 && !irc_is_this_me (c->ctx, msg->params.vector[0]))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHSERVER, msg->params.vector[0]);
+
+ char buf[32] = "";
+ time_t now = time (NULL);
+ struct tm tm;
+ strftime (buf, sizeof buf, "%a %b %d %Y %T", localtime_r (&now, &tm));
+ irc_send_reply (c, IRC_RPL_TIME, c->ctx->server_name, buf);
+}
+
+static void
+irc_handle_version (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len > 0 && !irc_is_this_me (c->ctx, msg->params.vector[0]))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHSERVER, msg->params.vector[0]);
+
+ irc_send_reply (c, IRC_RPL_VERSION, PROGRAM_VERSION, g_debug_mode,
+ c->ctx->server_name, PROGRAM_NAME " " PROGRAM_VERSION);
+ irc_send_isupport (c);
+}
+
+static void
+irc_channel_multicast (struct channel *chan, const char *message,
+ struct client *except)
+{
+ for (struct channel_user *iter = chan->users; iter; iter = iter->next)
+ if (iter->c != except)
+ client_send (iter->c, "%s", message);
+}
+
+static bool
+irc_modify_mode (unsigned *mask, unsigned mode, bool add)
+{
+ unsigned orig = *mask;
+ if (add)
+ *mask |= mode;
+ else
+ *mask &= ~mode;
+ return *mask != orig;
+}
+
+static void
+irc_update_user_mode (struct client *c, unsigned new_mode)
+{
+ unsigned old_mode = c->mode;
+ c->mode = new_mode;
+
+ unsigned added = new_mode & ~old_mode;
+ unsigned removed = old_mode & ~new_mode;
+
+ struct str diff = str_make ();
+ if (added)
+ {
+ str_append_c (&diff, '+');
+ client_mode_to_str (added, &diff);
+ }
+ if (removed)
+ {
+ str_append_c (&diff, '-');
+ client_mode_to_str (removed, &diff);
+ }
+
+ if (diff.len)
+ client_send (c, ":%s MODE %s :%s",
+ c->nickname, c->nickname, diff.str);
+ str_free (&diff);
+}
+
+static void
+irc_handle_user_mode_change (struct client *c, const char *mode_string)
+{
+ unsigned new_mode = c->mode;
+ bool adding = true;
+
+ while (*mode_string)
+ switch (*mode_string++)
+ {
+ case '+': adding = true; break;
+ case '-': adding = false; break;
+
+ case 'a':
+ // Ignore, the client should use AWAY
+ break;
+ case 'i':
+ irc_modify_mode (&new_mode, IRC_USER_MODE_INVISIBLE, adding);
+ break;
+ case 'w':
+ irc_modify_mode (&new_mode, IRC_USER_MODE_RX_WALLOPS, adding);
+ break;
+ case 'r':
+ // It's not possible to un-restrict yourself
+ if (adding)
+ new_mode |= IRC_USER_MODE_RESTRICTED;
+ break;
+ case 'o':
+ if (!adding)
+ new_mode &= ~IRC_USER_MODE_OPERATOR;
+ else if (c->ssl_cert_fingerprint
+ && str_map_find (&c->ctx->operators, c->ssl_cert_fingerprint))
+ new_mode |= IRC_USER_MODE_OPERATOR;
+ else
+ client_send (c, ":%s NOTICE %s :Either you're not using an TLS"
+ " client certificate, or the fingerprint doesn't match",
+ c->ctx->server_name, c->nickname);
+ break;
+ case 's':
+ irc_modify_mode (&new_mode, IRC_USER_MODE_RX_SERVER_NOTICES, adding);
+ break;
+ default:
+ RETURN_WITH_REPLY (c, IRC_ERR_UMODEUNKNOWNFLAG);
+ }
+ irc_update_user_mode (c, new_mode);
+}
+
+static void
+irc_send_channel_list (struct client *c, const char *channel_name,
+ const struct strv *list, int reply, int end_reply)
+{
+ for (size_t i = 0; i < list->len; i++)
+ irc_send_reply (c, reply, channel_name, list->vector[i]);
+ irc_send_reply (c, end_reply, channel_name);
+}
+
+static char *
+irc_check_expand_user_mask (const char *mask)
+{
+ struct str result = str_make ();
+ str_append (&result, mask);
+
+ // Make sure it is a complete mask
+ if (!strchr (result.str, '!'))
+ str_append (&result, "!*");
+ if (!strchr (result.str, '@'))
+ str_append (&result, "@*");
+
+ // And validate whatever the result is
+ if (!irc_is_valid_user_mask (result.str))
+ {
+ str_free (&result);
+ return NULL;
+ }
+ return str_steal (&result);
+}
+
+// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+// Channel MODE command handling. This is by far the worst command to implement
+// from the whole RFC; don't blame me if it doesn't work exactly as expected.
+
+struct mode_processor
+{
+ // Inputs to set after initialization:
+
+ char **params; ///< Mode string parameters
+
+ struct client *c; ///< Who does the changes
+ struct channel *channel; ///< The channel we're modifying
+ struct channel_user *user; ///< Presence of the client in the chan
+
+ // Internals:
+
+ bool adding; ///< Currently adding modes
+ char mode_char; ///< Currently processed mode char
+
+ struct str added; ///< Added modes
+ struct str removed; ///< Removed modes
+
+ struct strv added_params; ///< Params for added modes
+ struct strv removed_params; ///< Params for removed modes
+
+ struct str *output; ///< "added" or "removed"
+ struct strv *output_params; ///< Similarly for "*_params"
+};
+
+static struct mode_processor
+mode_processor_make (void)
+{
+ return (struct mode_processor)
+ {
+ .added = str_make (), .added_params = strv_make (),
+ .removed = str_make (), .removed_params = strv_make (),
+ };
+}
+
+static void
+mode_processor_free (struct mode_processor *self)
+{
+ str_free (&self->added);
+ str_free (&self->removed);
+
+ strv_free (&self->added_params);
+ strv_free (&self->removed_params);
+}
+
+static const char *
+mode_processor_next_param (struct mode_processor *self)
+{
+ if (!*self->params)
+ return NULL;
+ return *self->params++;
+}
+
+static bool
+mode_processor_check_operator (struct mode_processor *self)
+{
+ if ((self->user && (self->user->modes & IRC_CHAN_MODE_OPERATOR))
+ || (self->c->mode & IRC_USER_MODE_OPERATOR))
+ return true;
+
+ irc_send_reply (self->c, IRC_ERR_CHANOPRIVSNEEDED, self->channel->name);
+ return false;
+}
+
+static void
+mode_processor_do_user (struct mode_processor *self, int mode)
+{
+ const char *target = mode_processor_next_param (self);
+ if (!mode_processor_check_operator (self) || !target)
+ return;
+
+ struct client *client;
+ struct channel_user *target_user;
+ if (!(client = str_map_find (&self->c->ctx->users, target)))
+ irc_send_reply (self->c, IRC_ERR_NOSUCHNICK, target);
+ else if (!(target_user = channel_get_user (self->channel, client)))
+ irc_send_reply (self->c, IRC_ERR_USERNOTINCHANNEL,
+ target, self->channel->name);
+ else if (irc_modify_mode (&target_user->modes, mode, self->adding))
+ {
+ str_append_c (self->output, self->mode_char);
+ strv_append (self->output_params, client->nickname);
+ }
+}
+
+static bool
+mode_processor_do_chan (struct mode_processor *self, int mode)
+{
+ if (!mode_processor_check_operator (self)
+ || !irc_modify_mode (&self->channel->modes, mode, self->adding))
+ return false;
+
+ str_append_c (self->output, self->mode_char);
+ return true;
+}
+
+static void
+mode_processor_do_chan_remove
+ (struct mode_processor *self, char mode_char, int mode)
+{
+ if (self->adding
+ && irc_modify_mode (&self->channel->modes, mode, false))
+ str_append_c (&self->removed, mode_char);
+}
+
+static void
+mode_processor_do_list (struct mode_processor *self,
+ struct strv *list, int list_msg, int end_msg)
+{
+ const char *target = mode_processor_next_param (self);
+ if (!target)
+ {
+ if (self->adding)
+ irc_send_channel_list (self->c, self->channel->name,
+ list, list_msg, end_msg);
+ return;
+ }
+
+ if (!mode_processor_check_operator (self))
+ return;
+
+ char *mask = irc_check_expand_user_mask (target);
+ if (!mask)
+ return;
+
+ size_t i;
+ for (i = 0; i < list->len; i++)
+ if (!irc_strcmp (list->vector[i], mask))
+ break;
+
+ bool found = i != list->len;
+ if (found != self->adding)
+ {
+ if (self->adding)
+ strv_append (list, mask);
+ else
+ strv_remove (list, i);
+
+ str_append_c (self->output, self->mode_char);
+ strv_append (self->output_params, mask);
+ }
+ free (mask);
+}
+
+static void
+mode_processor_do_key (struct mode_processor *self)
+{
+ const char *target = mode_processor_next_param (self);
+ if (!mode_processor_check_operator (self) || !target)
+ return;
+
+ if (!self->adding)
+ {
+ if (!self->channel->key || irc_strcmp (target, self->channel->key))
+ return;
+
+ str_append_c (&self->removed, self->mode_char);
+ strv_append (&self->removed_params, self->channel->key);
+ cstr_set (&self->channel->key, NULL);
+ }
+ else if (!irc_is_valid_key (target))
+ // TODO: we should notify the user somehow
+ return;
+ else if (self->channel->key)
+ irc_send_reply (self->c, IRC_ERR_KEYSET, self->channel->name);
+ else
+ {
+ self->channel->key = xstrdup (target);
+ str_append_c (&self->added, self->mode_char);
+ strv_append (&self->added_params, self->channel->key);
+ }
+}
+
+static void
+mode_processor_do_limit (struct mode_processor *self)
+{
+ if (!mode_processor_check_operator (self))
+ return;
+
+ const char *target;
+ if (!self->adding)
+ {
+ if (self->channel->user_limit == -1)
+ return;
+
+ self->channel->user_limit = -1;
+ str_append_c (&self->removed, self->mode_char);
+ }
+ else if ((target = mode_processor_next_param (self)))
+ {
+ unsigned long x;
+ if (xstrtoul (&x, target, 10) && x > 0 && x <= LONG_MAX)
+ {
+ self->channel->user_limit = x;
+ str_append_c (&self->added, self->mode_char);
+ strv_append (&self->added_params, target);
+ }
+ }
+}
+
+static bool
+mode_processor_step (struct mode_processor *self, char mode_char)
+{
+ switch ((self->mode_char = mode_char))
+ {
+ case '+':
+ self->adding = true;
+ self->output = &self->added;
+ self->output_params = &self->added_params;
+ break;
+ case '-':
+ self->adding = false;
+ self->output = &self->removed;
+ self->output_params = &self->removed_params;
+ break;
+
+#define USER(mode) mode_processor_do_user (self, (mode))
+#define CHAN(mode) mode_processor_do_chan (self, (mode))
+
+ case 'o': USER (IRC_CHAN_MODE_OPERATOR); break;
+ case 'v': USER (IRC_CHAN_MODE_VOICE); break;
+
+ case 'i': CHAN (IRC_CHAN_MODE_INVITE_ONLY); break;
+ case 'm': CHAN (IRC_CHAN_MODE_MODERATED); break;
+ case 'n': CHAN (IRC_CHAN_MODE_NO_OUTSIDE_MSGS); break;
+ case 'q': CHAN (IRC_CHAN_MODE_QUIET); break;
+ case 't': CHAN (IRC_CHAN_MODE_PROTECTED_TOPIC); break;
+
+ case 'p':
+ if (CHAN (IRC_CHAN_MODE_PRIVATE))
+ mode_processor_do_chan_remove (self, 's', IRC_CHAN_MODE_SECRET);
+ break;
+ case 's':
+ if (CHAN (IRC_CHAN_MODE_SECRET))
+ mode_processor_do_chan_remove (self, 'p', IRC_CHAN_MODE_PRIVATE);
+ break;
+
+#undef USER
+#undef CHAN
+
+ case 'b':
+ mode_processor_do_list (self, &self->channel->ban_list,
+ IRC_RPL_BANLIST, IRC_RPL_ENDOFBANLIST);
+ break;
+ case 'e':
+ mode_processor_do_list (self, &self->channel->exception_list,
+ IRC_RPL_EXCEPTLIST, IRC_RPL_ENDOFEXCEPTLIST);
+ break;
+ case 'I':
+ mode_processor_do_list (self, &self->channel->invite_list,
+ IRC_RPL_INVITELIST, IRC_RPL_ENDOFINVITELIST);
+ break;
+
+ case 'k':
+ mode_processor_do_key (self);
+ break;
+ case 'l':
+ mode_processor_do_limit (self);
+ break;
+
+ default:
+ // It's not safe to continue, results could be undesired
+ irc_send_reply (self->c, IRC_ERR_UNKNOWNMODE,
+ mode_char, self->channel->name);
+ return false;
+ }
+ return true;
+}
+
+static void
+irc_handle_chan_mode_change
+ (struct client *c, struct channel *chan, char *params[])
+{
+ struct mode_processor p = mode_processor_make ();
+ p.params = params;
+ p.channel = chan;
+ p.c = c;
+ p.user = channel_get_user (chan, c);
+
+ const char *mode_string;
+ while ((mode_string = mode_processor_next_param (&p)))
+ {
+ mode_processor_step (&p, '+');
+ while (*mode_string)
+ if (!mode_processor_step (&p, *mode_string++))
+ goto done_processing;
+ }
+
+ // TODO: limit to three changes with parameter per command
+done_processing:
+ if (p.added.len || p.removed.len)
+ {
+ struct str message = str_make ();
+ str_append_printf (&message, ":%s!%s@%s MODE %s ",
+ p.c->nickname, p.c->username, p.c->hostname,
+ p.channel->name);
+ if (p.added.len)
+ str_append_printf (&message, "+%s", p.added.str);
+ if (p.removed.len)
+ str_append_printf (&message, "-%s", p.removed.str);
+ for (size_t i = 0; i < p.added_params.len; i++)
+ str_append_printf (&message, " %s", p.added_params.vector[i]);
+ for (size_t i = 0; i < p.removed_params.len; i++)
+ str_append_printf (&message, " %s", p.removed_params.vector[i]);
+ irc_channel_multicast (p.channel, message.str, NULL);
+ str_free (&message);
+ }
+ mode_processor_free (&p);
+}
+
+// - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
+
+static void
+irc_handle_mode (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len < 1)
+ RETURN_WITH_REPLY (c, IRC_ERR_NEEDMOREPARAMS, msg->command);
+
+ const char *target = msg->params.vector[0];
+ struct client *client = str_map_find (&c->ctx->users, target);
+ struct channel *chan = str_map_find (&c->ctx->channels, target);
+
+ if (client)
+ {
+ if (irc_strcmp (target, c->nickname))
+ RETURN_WITH_REPLY (c, IRC_ERR_USERSDONTMATCH);
+
+ if (msg->params.len < 2)
+ {
+ char *mode = client_get_mode (client);
+ irc_send_reply (c, IRC_RPL_UMODEIS, mode);
+ free (mode);
+ }
+ else
+ irc_handle_user_mode_change (c, msg->params.vector[1]);
+ }
+ else if (chan)
+ {
+ if (msg->params.len < 2)
+ {
+ char *mode = channel_get_mode (chan, channel_get_user (chan, c));
+ irc_send_reply (c, IRC_RPL_CHANNELMODEIS, target, mode);
+ irc_send_reply (c, IRC_RPL_CREATIONTIME,
+ target, (long long) chan->created);
+ free (mode);
+ }
+ else
+ irc_handle_chan_mode_change (c, chan, &msg->params.vector[1]);
+ }
+ else
+ irc_send_reply (c, IRC_ERR_NOSUCHNICK, target);
+}
+
+static void
+irc_handle_user_message (const struct irc_message *msg, struct client *c,
+ const char *command, bool allow_away_reply)
+{
+ if (msg->params.len < 1)
+ RETURN_WITH_REPLY (c, IRC_ERR_NORECIPIENT, msg->command);
+ if (msg->params.len < 2 || !*msg->params.vector[1])
+ RETURN_WITH_REPLY (c, IRC_ERR_NOTEXTTOSEND);
+
+ const char *target = msg->params.vector[0];
+ const char *text = msg->params.vector[1];
+ struct client *client = str_map_find (&c->ctx->users, target);
+ if (client)
+ {
+ client_send (client, ":%s!%s@%s %s %s :%s",
+ c->nickname, c->username, c->hostname, command, target, text);
+ if (allow_away_reply && client->away_message)
+ irc_send_reply (c, IRC_RPL_AWAY, target, client->away_message);
+
+ // Acknowledging a message from the client to itself would be silly
+ if (client != c && (c->caps_enabled & IRC_CAP_ECHO_MESSAGE))
+ client_send (c, ":%s!%s@%s %s %s :%s",
+ c->nickname, c->username, c->hostname, command, target, text);
+ return;
+ }
+
+ struct channel *chan = str_map_find (&c->ctx->channels, target);
+ if (chan)
+ {
+ struct channel_user *user = channel_get_user (chan, c);
+ if ((chan->modes & IRC_CHAN_MODE_NO_OUTSIDE_MSGS) && !user)
+ RETURN_WITH_REPLY (c, IRC_ERR_CANNOTSENDTOCHAN, target);
+ if ((chan->modes & IRC_CHAN_MODE_MODERATED) && (!user ||
+ !(user->modes & (IRC_CHAN_MODE_VOICE | IRC_CHAN_MODE_OPERATOR))))
+ RETURN_WITH_REPLY (c, IRC_ERR_CANNOTSENDTOCHAN, target);
+ if (client_in_mask_list (c, &chan->ban_list)
+ && !client_in_mask_list (c, &chan->exception_list))
+ RETURN_WITH_REPLY (c, IRC_ERR_CANNOTSENDTOCHAN, target);
+
+ char *message = xstrdup_printf (":%s!%s@%s %s %s :%s",
+ c->nickname, c->username, c->hostname, command, target, text);
+ irc_channel_multicast (chan, message,
+ (c->caps_enabled & IRC_CAP_ECHO_MESSAGE) ? NULL : c);
+ free (message);
+ return;
+ }
+
+ irc_send_reply (c, IRC_ERR_NOSUCHNICK, target);
+}
+
+static void
+irc_handle_privmsg (const struct irc_message *msg, struct client *c)
+{
+ irc_handle_user_message (msg, c, "PRIVMSG", true);
+ // Let's not care too much about success or failure
+ c->last_active = time (NULL);
+}
+
+static void
+irc_handle_notice (const struct irc_message *msg, struct client *c)
+{
+ irc_handle_user_message (msg, c, "NOTICE", false);
+}
+
+static void
+irc_send_rpl_list (struct client *c, const struct channel *chan)
+{
+ int visible = 0;
+ for (struct channel_user *user = chan->users;
+ user; user = user->next)
+ // XXX: maybe we should skip IRC_USER_MODE_INVISIBLE
+ visible++;
+
+ irc_send_reply (c, IRC_RPL_LIST, chan->name, visible, chan->topic);
+}
+
+static void
+irc_handle_list (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len > 1 && !irc_is_this_me (c->ctx, msg->params.vector[1]))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHSERVER, msg->params.vector[1]);
+
+ struct channel *chan;
+ if (msg->params.len == 0)
+ {
+ struct str_map_iter iter = str_map_iter_make (&c->ctx->channels);
+ while ((chan = str_map_iter_next (&iter)))
+ if (!(chan->modes & (IRC_CHAN_MODE_PRIVATE | IRC_CHAN_MODE_SECRET))
+ || channel_get_user (chan, c))
+ irc_send_rpl_list (c, chan);
+ }
+ else
+ {
+ struct strv channels = strv_make ();
+ cstr_split (msg->params.vector[0], ",", true, &channels);
+ for (size_t i = 0; i < channels.len; i++)
+ if ((chan = str_map_find (&c->ctx->channels, channels.vector[i]))
+ && (!(chan->modes & IRC_CHAN_MODE_SECRET)
+ || channel_get_user (chan, c)))
+ irc_send_rpl_list (c, chan);
+ strv_free (&channels);
+ }
+ irc_send_reply (c, IRC_RPL_LISTEND);
+}
+
+static void
+irc_append_prefixes (struct client *c, struct channel_user *user,
+ struct str *output)
+{
+ struct str prefixes = str_make ();
+ if (user->modes & IRC_CHAN_MODE_OPERATOR) str_append_c (&prefixes, '@');
+ if (user->modes & IRC_CHAN_MODE_VOICE) str_append_c (&prefixes, '+');
+
+ if (prefixes.len)
+ {
+ if (c->caps_enabled & IRC_CAP_MULTI_PREFIX)
+ str_append (output, prefixes.str);
+ else
+ str_append_c (output, prefixes.str[0]);
+ }
+ str_free (&prefixes);
+}
+
+static char *
+irc_make_rpl_namreply_item
+ (struct client *c, struct client *target, struct channel_user *user)
+{
+ struct str result = str_make ();
+
+ if (user)
+ irc_append_prefixes (c, user, &result);
+
+ str_append (&result, target->nickname);
+ if (c->caps_enabled & IRC_CAP_USERHOST_IN_NAMES)
+ str_append_printf (&result,
+ "!%s@%s", target->username, target->hostname);
+ return str_steal (&result);
+}
+
+static void
+irc_send_rpl_namreply (struct client *c, const struct channel *chan,
+ struct str_map *used_nicks)
+{
+ char type = '=';
+ if (chan->modes & IRC_CHAN_MODE_SECRET)
+ type = '@';
+ else if (chan->modes & IRC_CHAN_MODE_PRIVATE)
+ type = '*';
+
+ bool on_channel = channel_get_user (chan, c);
+ struct strv nicks = strv_make ();
+ for (struct channel_user *iter = chan->users; iter; iter = iter->next)
+ {
+ if (!on_channel && (iter->c->mode & IRC_USER_MODE_INVISIBLE))
+ continue;
+ if (used_nicks)
+ str_map_set (used_nicks, iter->c->nickname, (void *) 1);
+ strv_append_owned (&nicks,
+ irc_make_rpl_namreply_item (c, iter->c, iter));
+ }
+
+ irc_send_reply_vector (c, IRC_RPL_NAMREPLY,
+ nicks.vector, type, chan->name, "");
+ strv_free (&nicks);
+}
+
+static void
+irc_send_disassociated_names (struct client *c, struct str_map *used)
+{
+ struct strv nicks = strv_make ();
+ struct str_map_iter iter = str_map_iter_make (&c->ctx->users);
+ struct client *target;
+ while ((target = str_map_iter_next (&iter)))
+ {
+ if ((target->mode & IRC_USER_MODE_INVISIBLE)
+ || str_map_find (used, target->nickname))
+ continue;
+ strv_append_owned (&nicks,
+ irc_make_rpl_namreply_item (c, target, NULL));
+ }
+
+ if (nicks.len)
+ irc_send_reply_vector (c, IRC_RPL_NAMREPLY,
+ nicks.vector, '*', "*", "");
+ strv_free (&nicks);
+}
+
+static void
+irc_handle_names (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len > 1 && !irc_is_this_me (c->ctx, msg->params.vector[1]))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHSERVER, msg->params.vector[1]);
+
+ struct channel *chan;
+ if (msg->params.len == 0)
+ {
+ struct str_map used = str_map_make (NULL);
+ used.key_xfrm = irc_strxfrm;
+
+ struct str_map_iter iter = str_map_iter_make (&c->ctx->channels);
+ while ((chan = str_map_iter_next (&iter)))
+ if (!(chan->modes & (IRC_CHAN_MODE_PRIVATE | IRC_CHAN_MODE_SECRET))
+ || channel_get_user (chan, c))
+ irc_send_rpl_namreply (c, chan, &used);
+
+ // Also send all visible users we haven't listed yet
+ irc_send_disassociated_names (c, &used);
+ str_map_free (&used);
+
+ irc_send_reply (c, IRC_RPL_ENDOFNAMES, "*");
+ }
+ else
+ {
+ struct strv channels = strv_make ();
+ cstr_split (msg->params.vector[0], ",", true, &channels);
+ for (size_t i = 0; i < channels.len; i++)
+ if ((chan = str_map_find (&c->ctx->channels, channels.vector[i]))
+ && (!(chan->modes & IRC_CHAN_MODE_SECRET)
+ || channel_get_user (chan, c)))
+ {
+ irc_send_rpl_namreply (c, chan, NULL);
+ irc_send_reply (c, IRC_RPL_ENDOFNAMES, channels.vector[i]);
+ }
+ strv_free (&channels);
+ }
+}
+
+static void
+irc_send_rpl_whoreply (struct client *c, const struct channel *chan,
+ const struct client *target)
+{
+ struct str chars = str_make ();
+ str_append_c (&chars, target->away_message ? 'G' : 'H');
+ if (target->mode & IRC_USER_MODE_OPERATOR)
+ str_append_c (&chars, '*');
+
+ struct channel_user *user;
+ if (chan && (user = channel_get_user (chan, target)))
+ irc_append_prefixes (c, user, &chars);
+
+ irc_send_reply (c, IRC_RPL_WHOREPLY, chan ? chan->name : "*",
+ target->username, target->hostname, target->ctx->server_name,
+ target->nickname, chars.str, 0 /* hop count */, target->realname);
+ str_free (&chars);
+}
+
+static void
+irc_match_send_rpl_whoreply (struct client *c, struct client *target,
+ const char *mask)
+{
+ bool is_roommate = false;
+ struct str_map_iter iter = str_map_iter_make (&c->ctx->channels);
+ struct channel *chan;
+ while ((chan = str_map_iter_next (&iter)))
+ if (channel_get_user (chan, target) && channel_get_user (chan, c))
+ {
+ is_roommate = true;
+ break;
+ }
+ if ((target->mode & IRC_USER_MODE_INVISIBLE) && !is_roommate)
+ return;
+
+ if (irc_fnmatch (mask, target->hostname)
+ && irc_fnmatch (mask, target->nickname)
+ && irc_fnmatch (mask, target->realname)
+ && irc_fnmatch (mask, c->ctx->server_name))
+ return;
+
+ // Try to find a channel they're on that's visible to us
+ struct channel *user_chan = NULL;
+ iter = str_map_iter_make (&c->ctx->channels);
+ while ((chan = str_map_iter_next (&iter)))
+ if (channel_get_user (chan, target)
+ && (!(chan->modes & (IRC_CHAN_MODE_PRIVATE | IRC_CHAN_MODE_SECRET))
+ || channel_get_user (chan, c)))
+ {
+ user_chan = chan;
+ break;
+ }
+ irc_send_rpl_whoreply (c, user_chan, target);
+}
+
+static void
+irc_handle_who (const struct irc_message *msg, struct client *c)
+{
+ bool only_ops = msg->params.len > 1 && !strcmp (msg->params.vector[1], "o");
+
+ const char *shown_mask = msg->params.vector[0], *used_mask;
+ if (!shown_mask)
+ used_mask = shown_mask = "*";
+ else if (!strcmp (shown_mask, "0"))
+ used_mask = "*";
+ else
+ used_mask = shown_mask;
+
+ struct channel *chan;
+ if ((chan = str_map_find (&c->ctx->channels, used_mask)))
+ {
+ bool on_chan = !!channel_get_user (chan, c);
+ if (on_chan || !(chan->modes & IRC_CHAN_MODE_SECRET))
+ for (struct channel_user *iter = chan->users;
+ iter; iter = iter->next)
+ {
+ if ((on_chan || !(iter->c->mode & IRC_USER_MODE_INVISIBLE))
+ && (!only_ops || (iter->c->mode & IRC_USER_MODE_OPERATOR)))
+ irc_send_rpl_whoreply (c, chan, iter->c);
+ }
+ }
+ else
+ {
+ struct str_map_iter iter = str_map_iter_make (&c->ctx->users);
+ struct client *target;
+ while ((target = str_map_iter_next (&iter)))
+ if (!only_ops || (target->mode & IRC_USER_MODE_OPERATOR))
+ irc_match_send_rpl_whoreply (c, target, used_mask);
+ }
+ irc_send_reply (c, IRC_RPL_ENDOFWHO, shown_mask);
+}
+
+static void
+irc_send_whois_reply (struct client *c, const struct client *target)
+{
+ const char *nick = target->nickname;
+ irc_send_reply (c, IRC_RPL_WHOISUSER, nick,
+ target->username, target->hostname, target->realname);
+ irc_send_reply (c, IRC_RPL_WHOISSERVER, nick, target->ctx->server_name,
+ str_map_find (&c->ctx->config, "server_info"));
+ if (target->mode & IRC_USER_MODE_OPERATOR)
+ irc_send_reply (c, IRC_RPL_WHOISOPERATOR, nick);
+ irc_send_reply (c, IRC_RPL_WHOISIDLE, nick,
+ (int) (time (NULL) - target->last_active));
+ if (target->away_message)
+ irc_send_reply (c, IRC_RPL_AWAY, nick, target->away_message);
+
+ struct strv channels = strv_make ();
+
+ struct str_map_iter iter = str_map_iter_make (&c->ctx->channels);
+ struct channel *chan;
+ struct channel_user *channel_user;
+ while ((chan = str_map_iter_next (&iter)))
+ if ((channel_user = channel_get_user (chan, target))
+ && (!(chan->modes & (IRC_CHAN_MODE_PRIVATE | IRC_CHAN_MODE_SECRET))
+ || channel_get_user (chan, c)))
+ {
+ struct str item = str_make ();
+ if (channel_user->modes & IRC_CHAN_MODE_OPERATOR)
+ str_append_c (&item, '@');
+ else if (channel_user->modes & IRC_CHAN_MODE_VOICE)
+ str_append_c (&item, '+');
+ str_append (&item, chan->name);
+ strv_append_owned (&channels, str_steal (&item));
+ }
+
+ irc_send_reply_vector (c, IRC_RPL_WHOISCHANNELS, channels.vector, nick, "");
+ strv_free (&channels);
+
+ irc_send_reply (c, IRC_RPL_ENDOFWHOIS, nick);
+}
+
+static void
+irc_handle_whois (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len < 1)
+ RETURN_WITH_REPLY (c, IRC_ERR_NEEDMOREPARAMS, msg->command);
+ if (msg->params.len > 1 && !irc_is_this_me (c->ctx, msg->params.vector[0]))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHSERVER, msg->params.vector[0]);
+
+ struct strv masks = strv_make ();
+ const char *masks_str = msg->params.vector[msg->params.len > 1];
+ cstr_split (masks_str, ",", true, &masks);
+ for (size_t i = 0; i < masks.len; i++)
+ {
+ const char *mask = masks.vector[i];
+ struct client *target;
+ if (!strpbrk (mask, "*?"))
+ {
+ if (!(target = str_map_find (&c->ctx->users, mask)))
+ irc_send_reply (c, IRC_ERR_NOSUCHNICK, mask);
+ else
+ irc_send_whois_reply (c, target);
+ }
+ else
+ {
+ struct str_map_iter iter = str_map_iter_make (&c->ctx->users);
+ bool found = false;
+ while ((target = str_map_iter_next (&iter)))
+ if (!irc_fnmatch (mask, target->nickname))
+ {
+ irc_send_whois_reply (c, target);
+ found = true;
+ }
+ if (!found)
+ irc_send_reply (c, IRC_ERR_NOSUCHNICK, mask);
+ }
+ }
+ strv_free (&masks);
+}
+
+static void
+irc_handle_whowas (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len < 1)
+ RETURN_WITH_REPLY (c, IRC_ERR_NEEDMOREPARAMS, msg->command);
+ if (msg->params.len > 2 && !irc_is_this_me (c->ctx, msg->params.vector[2]))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHSERVER, msg->params.vector[2]);
+ // The "count" parameter is ignored, we only store one entry for a nick
+
+ struct strv nicks = strv_make ();
+ cstr_split (msg->params.vector[0], ",", true, &nicks);
+
+ for (size_t i = 0; i < nicks.len; i++)
+ {
+ const char *nick = nicks.vector[i];
+ struct whowas_info *info = str_map_find (&c->ctx->whowas, nick);
+ if (!info)
+ irc_send_reply (c, IRC_ERR_WASNOSUCHNICK, nick);
+ else
+ {
+ irc_send_reply (c, IRC_RPL_WHOWASUSER, nick,
+ info->username, info->hostname, info->realname);
+ irc_send_reply (c, IRC_RPL_WHOISSERVER, nick, c->ctx->server_name,
+ str_map_find (&c->ctx->config, "server_info"));
+ }
+ irc_send_reply (c, IRC_RPL_ENDOFWHOWAS, nick);
+ }
+ strv_free (&nicks);
+}
+
+static void
+irc_send_rpl_topic (struct client *c, struct channel *chan)
+{
+ if (!*chan->topic)
+ irc_send_reply (c, IRC_RPL_NOTOPIC, chan->name);
+ else
+ {
+ irc_send_reply (c, IRC_RPL_TOPIC, chan->name, chan->topic);
+ irc_send_reply (c, IRC_RPL_TOPICWHOTIME,
+ chan->name, chan->topic_who, (long long) chan->topic_time);
+ }
+}
+
+static void
+irc_handle_topic (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len < 1)
+ RETURN_WITH_REPLY (c, IRC_ERR_NEEDMOREPARAMS, msg->command);
+
+ const char *target = msg->params.vector[0];
+ struct channel *chan = str_map_find (&c->ctx->channels, target);
+ if (!chan)
+ RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHCHANNEL, target);
+
+ if (msg->params.len < 2)
+ {
+ irc_send_rpl_topic (c, chan);
+ return;
+ }
+
+ struct channel_user *user = channel_get_user (chan, c);
+ if (!user)
+ RETURN_WITH_REPLY (c, IRC_ERR_NOTONCHANNEL, target);
+
+ if ((chan->modes & IRC_CHAN_MODE_PROTECTED_TOPIC)
+ && !(user->modes & IRC_CHAN_MODE_OPERATOR))
+ RETURN_WITH_REPLY (c, IRC_ERR_CHANOPRIVSNEEDED, target);
+
+ cstr_set (&chan->topic, xstrdup (msg->params.vector[1]));
+ cstr_set (&chan->topic_who, xstrdup_printf
+ ("%s!%s@%s", c->nickname, c->username, c->hostname));
+ chan->topic_time = time (NULL);
+
+ char *message = xstrdup_printf (":%s!%s@%s TOPIC %s :%s",
+ c->nickname, c->username, c->hostname, target, chan->topic);
+ irc_channel_multicast (chan, message, NULL);
+ free (message);
+}
+
+static void
+irc_try_part (struct client *c, const char *channel_name, const char *reason)
+{
+ if (!reason)
+ reason = c->nickname;
+
+ struct channel *chan;
+ if (!(chan = str_map_find (&c->ctx->channels, channel_name)))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHCHANNEL, channel_name);
+
+ struct channel_user *user;
+ if (!(user = channel_get_user (chan, c)))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOTONCHANNEL, channel_name);
+
+ char *message = xstrdup_printf (":%s!%s@%s PART %s :%s",
+ c->nickname, c->username, c->hostname, channel_name, reason);
+ if (!(chan->modes & IRC_CHAN_MODE_QUIET))
+ irc_channel_multicast (chan, message, NULL);
+ else
+ client_send (c, "%s", message);
+ free (message);
+
+ channel_remove_user (chan, user);
+ irc_channel_destroy_if_empty (c->ctx, chan);
+}
+
+static void
+irc_part_all_channels (struct client *c)
+{
+ // We have to be careful here, the channel might get destroyed
+ struct str_map_unset_iter iter =
+ str_map_unset_iter_make (&c->ctx->channels);
+
+ struct channel *chan;
+ while ((chan = str_map_unset_iter_next (&iter)))
+ if (channel_get_user (chan, c))
+ irc_try_part (c, chan->name, NULL);
+ str_map_unset_iter_free (&iter);
+}
+
+static void
+irc_handle_part (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len < 1)
+ RETURN_WITH_REPLY (c, IRC_ERR_NEEDMOREPARAMS, msg->command);
+
+ const char *reason = msg->params.len > 1 ? msg->params.vector[1] : NULL;
+ struct strv channels = strv_make ();
+ cstr_split (msg->params.vector[0], ",", true, &channels);
+ for (size_t i = 0; i < channels.len; i++)
+ irc_try_part (c, channels.vector[i], reason);
+ strv_free (&channels);
+}
+
+static void
+irc_try_kick (struct client *c, const char *channel_name, const char *nick,
+ const char *reason)
+{
+ struct channel *chan;
+ if (!(chan = str_map_find (&c->ctx->channels, channel_name)))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHCHANNEL, channel_name);
+
+ struct channel_user *user;
+ if (!(user = channel_get_user (chan, c)))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOTONCHANNEL, channel_name);
+ if (!(user->modes & IRC_CHAN_MODE_OPERATOR))
+ RETURN_WITH_REPLY (c, IRC_ERR_CHANOPRIVSNEEDED, channel_name);
+
+ struct client *client;
+ if (!(client = str_map_find (&c->ctx->users, nick))
+ || !(user = channel_get_user (chan, client)))
+ RETURN_WITH_REPLY (c, IRC_ERR_USERNOTINCHANNEL, nick, channel_name);
+
+ char *message = xstrdup_printf (":%s!%s@%s KICK %s %s :%s",
+ c->nickname, c->username, c->hostname, channel_name, nick, reason);
+ if (!(chan->modes & IRC_CHAN_MODE_QUIET))
+ irc_channel_multicast (chan, message, NULL);
+ else
+ client_send (c, "%s", message);
+ free (message);
+
+ channel_remove_user (chan, user);
+ irc_channel_destroy_if_empty (c->ctx, chan);
+}
+
+static void
+irc_handle_kick (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len < 2)
+ RETURN_WITH_REPLY (c, IRC_ERR_NEEDMOREPARAMS, msg->command);
+
+ const char *reason = c->nickname;
+ if (msg->params.len > 2)
+ reason = msg->params.vector[2];
+
+ struct strv channels = strv_make ();
+ cstr_split (msg->params.vector[0], ",", true, &channels);
+ struct strv users = strv_make ();
+ cstr_split (msg->params.vector[1], ",", true, &users);
+
+ if (channels.len == 1)
+ for (size_t i = 0; i < users.len; i++)
+ irc_try_kick (c, channels.vector[0], users.vector[i], reason);
+ else
+ for (size_t i = 0; i < channels.len && i < users.len; i++)
+ irc_try_kick (c, channels.vector[i], users.vector[i], reason);
+
+ strv_free (&channels);
+ strv_free (&users);
+}
+
+static void
+irc_send_invite_notifications
+ (struct channel *chan, struct client *c, struct client *target)
+{
+ for (struct channel_user *iter = chan->users; iter; iter = iter->next)
+ if (iter->c != target && iter->c->caps_enabled & IRC_CAP_INVITE_NOTIFY)
+ client_send (iter->c, ":%s!%s@%s INVITE %s %s",
+ c->nickname, c->username, c->hostname,
+ target->nickname, chan->name);
+}
+
+static void
+irc_handle_invite (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len < 2)
+ RETURN_WITH_REPLY (c, IRC_ERR_NEEDMOREPARAMS, msg->command);
+
+ const char *target = msg->params.vector[0];
+ const char *channel_name = msg->params.vector[1];
+
+ struct client *client = str_map_find (&c->ctx->users, target);
+ if (!client)
+ RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHNICK, target);
+
+ struct channel *chan = str_map_find (&c->ctx->channels, channel_name);
+ if (chan)
+ {
+ struct channel_user *inviting_user;
+ if (!(inviting_user = channel_get_user (chan, c)))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOTONCHANNEL, channel_name);
+ if (channel_get_user (chan, client))
+ RETURN_WITH_REPLY (c, IRC_ERR_USERONCHANNEL, target, channel_name);
+
+ if ((inviting_user->modes & IRC_CHAN_MODE_OPERATOR))
+ str_map_set (&client->invites, channel_name, (void *) 1);
+ else if ((chan->modes & IRC_CHAN_MODE_INVITE_ONLY))
+ RETURN_WITH_REPLY (c, IRC_ERR_CHANOPRIVSNEEDED, channel_name);
+
+ // It's not specified when and how we should send out invite-notify
+ if (chan->modes & IRC_CHAN_MODE_INVITE_ONLY)
+ irc_send_invite_notifications (chan, c, client);
+ }
+
+ client_send (client, ":%s!%s@%s INVITE %s %s",
+ c->nickname, c->username, c->hostname, client->nickname, channel_name);
+ if (client->away_message)
+ irc_send_reply (c, IRC_RPL_AWAY,
+ client->nickname, client->away_message);
+ irc_send_reply (c, IRC_RPL_INVITING, client->nickname, channel_name);
+}
+
+static void
+irc_try_join (struct client *c, const char *channel_name, const char *key)
+{
+ struct channel *chan = str_map_find (&c->ctx->channels, channel_name);
+ unsigned user_mode = 0;
+ if (!chan)
+ {
+ if (irc_validate_channel_name (channel_name) != VALIDATION_OK)
+ RETURN_WITH_REPLY (c, IRC_ERR_BADCHANMASK, channel_name);
+ chan = irc_channel_create (c->ctx, channel_name);
+ user_mode = IRC_CHAN_MODE_OPERATOR;
+ }
+ else if (channel_get_user (chan, c))
+ return;
+
+ bool invited_by_chanop = !!str_map_find (&c->invites, channel_name);
+ if ((chan->modes & IRC_CHAN_MODE_INVITE_ONLY)
+ && !client_in_mask_list (c, &chan->invite_list)
+ && !invited_by_chanop)
+ RETURN_WITH_REPLY (c, IRC_ERR_INVITEONLYCHAN, channel_name);
+ if (chan->key && (!key || strcmp (key, chan->key)))
+ RETURN_WITH_REPLY (c, IRC_ERR_BADCHANNELKEY, channel_name);
+ if (chan->user_limit != -1
+ && channel_user_count (chan) >= (size_t) chan->user_limit)
+ RETURN_WITH_REPLY (c, IRC_ERR_CHANNELISFULL, channel_name);
+ if (client_in_mask_list (c, &chan->ban_list)
+ && !client_in_mask_list (c, &chan->exception_list)
+ && !invited_by_chanop)
+ RETURN_WITH_REPLY (c, IRC_ERR_BANNEDFROMCHAN, channel_name);
+
+ // Destroy any invitation as there's no other way to get rid of it
+ str_map_set (&c->invites, channel_name, NULL);
+
+ channel_add_user (chan, c)->modes = user_mode;
+
+ char *message = xstrdup_printf (":%s!%s@%s JOIN %s",
+ c->nickname, c->username, c->hostname, channel_name);
+ if (!(chan->modes & IRC_CHAN_MODE_QUIET))
+ irc_channel_multicast (chan, message, NULL);
+ else
+ client_send (c, "%s", message);
+ free (message);
+
+ irc_send_rpl_topic (c, chan);
+ irc_send_rpl_namreply (c, chan, NULL);
+ irc_send_reply (c, IRC_RPL_ENDOFNAMES, chan->name);
+}
+
+static void
+irc_handle_join (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len < 1)
+ RETURN_WITH_REPLY (c, IRC_ERR_NEEDMOREPARAMS, msg->command);
+
+ if (!strcmp (msg->params.vector[0], "0"))
+ {
+ irc_part_all_channels (c);
+ return;
+ }
+
+ struct strv channels = strv_make ();
+ cstr_split (msg->params.vector[0], ",", true, &channels);
+ struct strv keys = strv_make ();
+ if (msg->params.len > 1)
+ cstr_split (msg->params.vector[1], ",", true, &keys);
+
+ for (size_t i = 0; i < channels.len; i++)
+ irc_try_join (c, channels.vector[i],
+ i < keys.len ? keys.vector[i] : NULL);
+
+ strv_free (&channels);
+ strv_free (&keys);
+}
+
+static void
+irc_handle_summon (const struct irc_message *msg, struct client *c)
+{
+ (void) msg;
+ irc_send_reply (c, IRC_ERR_SUMMONDISABLED);
+}
+
+static void
+irc_handle_users (const struct irc_message *msg, struct client *c)
+{
+ (void) msg;
+ irc_send_reply (c, IRC_ERR_USERSDISABLED);
+}
+
+static void
+irc_handle_away (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len < 1)
+ {
+ cstr_set (&c->away_message, NULL);
+ irc_send_reply (c, IRC_RPL_UNAWAY);
+ }
+ else
+ {
+ cstr_set (&c->away_message, xstrdup (msg->params.vector[0]));
+ irc_send_reply (c, IRC_RPL_NOWAWAY);
+ }
+}
+
+static void
+irc_handle_ison (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len < 1)
+ RETURN_WITH_REPLY (c, IRC_ERR_NEEDMOREPARAMS, msg->command);
+
+ struct str result = str_make ();
+ const char *nick;
+ if (str_map_find (&c->ctx->users, (nick = msg->params.vector[0])))
+ str_append (&result, nick);
+ for (size_t i = 1; i < msg->params.len; i++)
+ if (str_map_find (&c->ctx->users, (nick = msg->params.vector[i])))
+ str_append_printf (&result, " %s", nick);
+
+ irc_send_reply (c, IRC_RPL_ISON, result.str);
+ str_free (&result);
+}
+
+static void
+irc_handle_admin (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len > 0 && !irc_is_this_me (c->ctx, msg->params.vector[0]))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHSERVER, msg->params.vector[0]);
+ irc_send_reply (c, IRC_ERR_NOADMININFO, c->ctx->server_name);
+}
+
+static void
+irc_handle_stats_links (struct client *c, const struct irc_message *msg)
+{
+ // There is only an "l" query in RFC 2812 but we cannot link,
+ // so instead we provide the "L" query giving information for all users
+ const char *filter = NULL;
+ if (msg->params.len > 1)
+ filter = msg->params.vector[1];
+
+ for (struct client *iter = c->ctx->clients; iter; iter = iter->next)
+ {
+ if (filter && irc_strcmp (iter->nickname, filter))
+ continue;
+ irc_send_reply (c, IRC_RPL_STATSLINKINFO,
+ iter->address, // linkname
+ iter->write_buffer.len, // sendq
+ iter->n_sent_messages, iter->sent_bytes / 1024,
+ iter->n_received_messages, iter->received_bytes / 1024,
+ (long long) (time (NULL) - iter->opened));
+ }
+}
+
+static void
+irc_handle_stats_commands (struct client *c)
+{
+ struct str_map_iter iter = str_map_iter_make (&c->ctx->handlers);
+ struct irc_command *handler;
+ while ((handler = str_map_iter_next (&iter)))
+ {
+ if (!handler->n_received)
+ continue;
+ irc_send_reply (c, IRC_RPL_STATSCOMMANDS, handler->name,
+ handler->n_received, handler->bytes_received, (size_t) 0);
+ }
+}
+
+static void
+irc_handle_stats_uptime (struct client *c)
+{
+ time_t uptime = time (NULL) - c->ctx->started;
+
+ int days = uptime / 60 / 60 / 24;
+ int hours = (uptime % (60 * 60 * 24)) / 60 / 60;
+ int mins = (uptime % (60 * 60)) / 60;
+ int secs = uptime % 60;
+
+ irc_send_reply (c, IRC_RPL_STATSUPTIME, days, hours, mins, secs);
+}
+
+static void
+irc_handle_stats (const struct irc_message *msg, struct client *c)
+{
+ char query = 0;
+ if (msg->params.len > 0)
+ query = *msg->params.vector[0];
+ if (msg->params.len > 1 && !irc_is_this_me (c->ctx, msg->params.vector[1]))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHSERVER, msg->params.vector[1]);
+ if (!(c->mode & IRC_USER_MODE_OPERATOR))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOPRIVILEGES);
+
+ switch (query)
+ {
+ case 'L': irc_handle_stats_links (c, msg); break;
+ case 'm': irc_handle_stats_commands (c); break;
+ case 'u': irc_handle_stats_uptime (c); break;
+ }
+
+ irc_send_reply (c, IRC_RPL_ENDOFSTATS, query ? query : '*');
+}
+
+static void
+irc_handle_links (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len > 1 && !irc_is_this_me (c->ctx, msg->params.vector[0]))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHSERVER, msg->params.vector[0]);
+
+ const char *mask = "*";
+ if (msg->params.len > 0)
+ mask = msg->params.vector[msg->params.len > 1];
+
+ if (!irc_fnmatch (mask, c->ctx->server_name))
+ irc_send_reply (c, IRC_RPL_LINKS, mask,
+ c->ctx->server_name, 0 /* hop count */,
+ str_map_find (&c->ctx->config, "server_info"));
+ irc_send_reply (c, IRC_RPL_ENDOFLINKS, mask);
+}
+
+static void
+irc_handle_kill (const struct irc_message *msg, struct client *c)
+{
+ if (msg->params.len < 2)
+ RETURN_WITH_REPLY (c, IRC_ERR_NEEDMOREPARAMS, msg->command);
+ if (!(c->mode & IRC_USER_MODE_OPERATOR))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOPRIVILEGES);
+
+ struct client *target;
+ if (!(target = str_map_find (&c->ctx->users, msg->params.vector[0])))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHNICK, msg->params.vector[0]);
+
+ client_send (target, ":%s!%s@%s KILL %s :%s",
+ c->nickname, c->username, c->hostname,
+ target->nickname, msg->params.vector[1]);
+
+ char *reason = xstrdup_printf ("Killed by %s: %s",
+ c->nickname, msg->params.vector[1]);
+ client_close_link (target, reason);
+ free (reason);
+}
+
+static void
+irc_handle_die (const struct irc_message *msg, struct client *c)
+{
+ (void) msg;
+
+ if (!(c->mode & IRC_USER_MODE_OPERATOR))
+ RETURN_WITH_REPLY (c, IRC_ERR_NOPRIVILEGES);
+ if (!c->ctx->quitting)
+ irc_initiate_quit (c->ctx);
+}
+
+// -----------------------------------------------------------------------------
+
+static void
+irc_register_handlers (struct server_context *ctx)
+{
+ // TODO: add an index for IRC_ERR_NOSUCHSERVER validation?
+ // TODO: add a minimal parameter count?
+ // TODO: add a field for oper-only commands?
+ static struct irc_command message_handlers[] =
+ {
+ { "CAP", false, irc_handle_cap, 0, 0 },
+ { "PASS", false, irc_handle_pass, 0, 0 },
+ { "NICK", false, irc_handle_nick, 0, 0 },
+ { "USER", false, irc_handle_user, 0, 0 },
+
+ { "USERHOST", true, irc_handle_userhost, 0, 0 },
+ { "LUSERS", true, irc_handle_lusers, 0, 0 },
+ { "MOTD", true, irc_handle_motd, 0, 0 },
+ { "PING", true, irc_handle_ping, 0, 0 },
+ { "PONG", false, irc_handle_pong, 0, 0 },
+ { "QUIT", false, irc_handle_quit, 0, 0 },
+ { "TIME", true, irc_handle_time, 0, 0 },
+ { "VERSION", true, irc_handle_version, 0, 0 },
+ { "USERS", true, irc_handle_users, 0, 0 },
+ { "SUMMON", true, irc_handle_summon, 0, 0 },
+ { "AWAY", true, irc_handle_away, 0, 0 },
+ { "ADMIN", true, irc_handle_admin, 0, 0 },
+ { "STATS", true, irc_handle_stats, 0, 0 },
+ { "LINKS", true, irc_handle_links, 0, 0 },
+
+ { "MODE", true, irc_handle_mode, 0, 0 },
+ { "PRIVMSG", true, irc_handle_privmsg, 0, 0 },
+ { "NOTICE", true, irc_handle_notice, 0, 0 },
+ { "JOIN", true, irc_handle_join, 0, 0 },
+ { "PART", true, irc_handle_part, 0, 0 },
+ { "KICK", true, irc_handle_kick, 0, 0 },
+ { "INVITE", true, irc_handle_invite, 0, 0 },
+ { "TOPIC", true, irc_handle_topic, 0, 0 },
+ { "LIST", true, irc_handle_list, 0, 0 },
+ { "NAMES", true, irc_handle_names, 0, 0 },
+ { "WHO", true, irc_handle_who, 0, 0 },
+ { "WHOIS", true, irc_handle_whois, 0, 0 },
+ { "WHOWAS", true, irc_handle_whowas, 0, 0 },
+ { "ISON", true, irc_handle_ison, 0, 0 },
+
+ { "KILL", true, irc_handle_kill, 0, 0 },
+ { "DIE", true, irc_handle_die, 0, 0 },
+ };
+
+ for (size_t i = 0; i < N_ELEMENTS (message_handlers); i++)
+ {
+ const struct irc_command *cmd = &message_handlers[i];
+ str_map_set (&ctx->handlers, cmd->name, (void *) cmd);
+ }
+}
+
+static void
+irc_process_message (const struct irc_message *msg,
+ const char *raw, void *user_data)
+{
+ struct client *c = user_data;
+ if (c->closing_link)
+ return;
+
+ c->n_received_messages++;
+ c->received_bytes += strlen (raw) + 2;
+
+ if (!flood_detector_check (&c->antiflood))
+ {
+ client_close_link (c, "Excess flood");
+ return;
+ }
+
+ struct irc_command *cmd = str_map_find (&c->ctx->handlers, msg->command);
+ if (!cmd)
+ irc_send_reply (c, IRC_ERR_UNKNOWNCOMMAND, msg->command);
+ else
+ {
+ cmd->n_received++;
+ cmd->bytes_received += strlen (raw) + 2;
+
+ if (cmd->requires_registration && !c->registered)
+ irc_send_reply (c, IRC_ERR_NOTREGISTERED);
+ else
+ cmd->handler (msg, c);
+ }
+}
+
+// --- Network I/O -------------------------------------------------------------
+
+static bool
+irc_try_read (struct client *c)
+{
+ struct str *buf = &c->read_buffer;
+ ssize_t n_read;
+
+ while (true)
+ {
+ str_reserve (buf, 512);
+ n_read = read (c->socket_fd, buf->str + buf->len,
+ buf->alloc - buf->len - 1 /* null byte */);
+
+ if (n_read > 0)
+ {
+ buf->str[buf->len += n_read] = '\0';
+ // TODO: discard characters above the 512 character limit
+ irc_process_buffer (buf, irc_process_message, c);
+ continue;
+ }
+ if (n_read == 0)
+ {
+ client_kill (c, NULL);
+ return false;
+ }
+
+ if (errno == EAGAIN)
+ return true;
+ if (errno == EINTR)
+ continue;
+
+ print_debug ("%s: %s: %s", __func__, "read", strerror (errno));
+ client_kill (c, strerror (errno));
+ return false;
+ }
+}
+
+static bool
+irc_try_read_tls (struct client *c)
+{
+ if (c->ssl_tx_want_rx)
+ return true;
+
+ struct str *buf = &c->read_buffer;
+ c->ssl_rx_want_tx = false;
+ while (true)
+ {
+ str_reserve (buf, 512);
+ ERR_clear_error ();
+ int n_read = SSL_read (c->ssl, buf->str + buf->len,
+ buf->alloc - buf->len - 1 /* null byte */);
+
+ const char *error_info = NULL;
+ switch (xssl_get_error (c->ssl, n_read, &error_info))
+ {
+ case SSL_ERROR_NONE:
+ buf->str[buf->len += n_read] = '\0';
+ // TODO: discard characters above the 512 character limit
+ irc_process_buffer (buf, irc_process_message, c);
+ continue;
+ case SSL_ERROR_ZERO_RETURN:
+ client_kill (c, NULL);
+ return false;
+ case SSL_ERROR_WANT_READ:
+ return true;
+ case SSL_ERROR_WANT_WRITE:
+ c->ssl_rx_want_tx = true;
+ return true;
+ case XSSL_ERROR_TRY_AGAIN:
+ continue;
+ default:
+ print_debug ("%s: %s: %s", __func__, "SSL_read", error_info);
+ client_kill (c, error_info);
+ return false;
+ }
+ }
+}
+
+static bool
+irc_try_write (struct client *c)
+{
+ struct str *buf = &c->write_buffer;
+ ssize_t n_written;
+
+ while (buf->len)
+ {
+ n_written = write (c->socket_fd, buf->str, buf->len);
+ if (n_written >= 0)
+ {
+ str_remove_slice (buf, 0, n_written);
+ continue;
+ }
+
+ if (errno == EAGAIN)
+ return true;
+ if (errno == EINTR)
+ continue;
+
+ print_debug ("%s: %s: %s", __func__, "write", strerror (errno));
+ client_kill (c, strerror (errno));
+ return false;
+ }
+ return true;
+}
+
+static bool
+irc_try_write_tls (struct client *c)
+{
+ if (c->ssl_rx_want_tx)
+ return true;
+
+ struct str *buf = &c->write_buffer;
+ c->ssl_tx_want_rx = false;
+ while (buf->len)
+ {
+ ERR_clear_error ();
+ int n_written = SSL_write (c->ssl, buf->str, buf->len);
+
+ const char *error_info = NULL;
+ switch (xssl_get_error (c->ssl, n_written, &error_info))
+ {
+ case SSL_ERROR_NONE:
+ str_remove_slice (buf, 0, n_written);
+ continue;
+ case SSL_ERROR_ZERO_RETURN:
+ client_kill (c, NULL);
+ return false;
+ case SSL_ERROR_WANT_WRITE:
+ return true;
+ case SSL_ERROR_WANT_READ:
+ c->ssl_tx_want_rx = true;
+ return true;
+ case XSSL_ERROR_TRY_AGAIN:
+ continue;
+ default:
+ print_debug ("%s: %s: %s", __func__, "SSL_write", error_info);
+ client_kill (c, error_info);
+ return false;
+ }
+ }
+ return true;
+}
+
+// -----------------------------------------------------------------------------
+
+static bool
+irc_autodetect_tls (struct client *c)
+{
+ // Trivial SSL/TLS autodetection. The first block of data returned by
+ // recv() must be at least three bytes long for this to work reliably,
+ // but that should not pose a problem in practice.
+ //
+ // SSL2: 1xxx xxxx | xxxx xxxx | <1>
+ // (message length) (client hello)
+ // SSL3/TLS: <22> | <3> | xxxx xxxx
+ // (handshake)| (protocol version)
+ //
+ // Such byte sequences should never occur at the beginning of regular IRC
+ // communication, which usually begins with USER/NICK/PASS/SERVICE.
+
+ char buf[3];
+start:
+ switch (recv (c->socket_fd, buf, sizeof buf, MSG_PEEK))
+ {
+ case 3:
+ if ((buf[0] & 0x80) && buf[2] == 1)
+ return true;
+ // Fall-through
+ case 2:
+ if (buf[0] == 22 && buf[1] == 3)
+ return true;
+ break;
+ case 1:
+ if (buf[0] == 22)
+ return true;
+ break;
+ case 0:
+ break;
+ default:
+ if (errno == EINTR)
+ goto start;
+ }
+ return false;
+}
+
+static bool
+client_initialize_tls (struct client *c)
+{
+ const char *error_info = NULL;
+ if (!c->ctx->ssl_ctx)
+ {
+ error_info = "TLS support disabled";
+ goto error_ssl_1;
+ }
+
+ ERR_clear_error ();
+
+ c->ssl = SSL_new (c->ctx->ssl_ctx);
+ if (!c->ssl)
+ goto error_ssl_2;
+ if (!SSL_set_fd (c->ssl, c->socket_fd))
+ goto error_ssl_3;
+
+ SSL_set_accept_state (c->ssl);
+ return true;
+
+error_ssl_3:
+ SSL_free (c->ssl);
+ c->ssl = NULL;
+error_ssl_2:
+ error_info = xerr_describe_error ();
+error_ssl_1:
+ print_debug ("could not initialize TLS for %s: %s", c->address, error_info);
+ return false;
+}
+
+// -----------------------------------------------------------------------------
+
+static void
+on_client_ready (const struct pollfd *pfd, void *user_data)
+{
+ struct client *c = user_data;
+ if (!c->initialized)
+ {
+ hard_assert (pfd->events == POLLIN);
+ if (irc_autodetect_tls (c) && !client_initialize_tls (c))
+ {
+ client_kill (c, NULL);
+ return;
+ }
+ c->initialized = true;
+ client_set_ping_timer (c);
+ }
+
+ if (c->ssl)
+ {
+ // Reads may want to write, writes may want to read, poll() may
+ // return unexpected things in `revents'... let's try both
+ if (!irc_try_read_tls (c) || !irc_try_write_tls (c))
+ return;
+ }
+ else if (!irc_try_read (c) || !irc_try_write (c))
+ return;
+
+ client_update_poller (c, pfd);
+
+ // The purpose of the `closing_link' state is to transfer the `ERROR'
+ if (c->closing_link && !c->half_closed && !c->write_buffer.len)
+ {
+ // To make sure the client has received our ERROR message, we must
+ // first half-close the connection, otherwise it could happen that they
+ // receive a RST from our TCP stack first when we receive further data
+
+ // We only send the "close notify" alert if libssl can write to the
+ // socket at this moment. All the other data has been already written,
+ // though, and the client will receive a TCP half-close as usual, so
+ // it's not that important if the alert actually gets through.
+ if (c->ssl)
+ (void) SSL_shutdown (c->ssl);
+
+ // Either the shutdown succeeds, in which case we set a flag so that
+ // we don't retry this action and wait until we get an EOF, or it fails
+ // and we just kill the client straight away
+ if (!shutdown (c->socket_fd, SHUT_WR))
+ c->half_closed = true;
+ else
+ client_kill (c, NULL);
+ }
+}
+
+static void
+client_update_poller (struct client *c, const struct pollfd *pfd)
+{
+ // We must not poll for writing when the connection hasn't been initialized
+ int new_events = POLLIN;
+ if (c->ssl)
+ {
+ if (c->write_buffer.len || c->ssl_rx_want_tx)
+ new_events |= POLLOUT;
+
+ // While we're waiting for an opposite event, we ignore the original
+ if (c->ssl_rx_want_tx) new_events &= ~POLLIN;
+ if (c->ssl_tx_want_rx) new_events &= ~POLLOUT;
+ }
+ else if (c->initialized && c->write_buffer.len)
+ new_events |= POLLOUT;
+
+ hard_assert (new_events != 0);
+ if (!pfd || pfd->events != new_events)
+ poller_fd_set (&c->socket_event, new_events);
+}
+
+static void
+client_finish_connection (struct client *c)
+{
+ c->gni = NULL;
+
+ c->address = format_host_port_pair (c->hostname, c->port);
+ print_debug ("accepted connection from %s", c->address);
+
+ client_update_poller (c, NULL);
+ client_set_kill_timer (c);
+}
+
+static void
+on_client_gni_resolved (int result, char *host, char *port, void *user_data)
+{
+ struct client *c = user_data;
+
+ if (result)
+ print_debug ("%s: %s", "getnameinfo", gai_strerror (result));
+ else
+ {
+ cstr_set (&c->hostname, xstrdup (host));
+ (void) port;
+ }
+
+ poller_timer_reset (&c->gni_timer);
+ client_finish_connection (c);
+}
+
+static void
+on_client_gni_timer (struct client *c)
+{
+ async_cancel (&c->gni->async);
+ client_finish_connection (c);
+}
+
+static bool
+irc_try_fetch_client (struct server_context *ctx, int listen_fd)
+{
+ // XXX: `struct sockaddr_storage' is not the most portable thing
+ struct sockaddr_storage peer;
+ socklen_t peer_len = sizeof peer;
+
+ int fd = accept (listen_fd, (struct sockaddr *) &peer, &peer_len);
+ if (fd == -1)
+ {
+ if (errno == EAGAIN || errno == EWOULDBLOCK)
+ return false;
+ if (errno == EINTR)
+ return true;
+
+ if (errno == EBADF
+ || errno == EINVAL
+ || errno == ENOTSOCK
+ || errno == EOPNOTSUPP)
+ print_fatal ("%s: %s", "accept", strerror (errno));
+
+ // OS kernels may return a wide range of unforeseeable errors.
+ // Assuming that they're either transient or caused by
+ // a connection that we've just extracted from the queue.
+ print_warning ("%s: %s", "accept", strerror (errno));
+ return true;
+ }
+
+ hard_assert (peer_len <= sizeof peer);
+ set_blocking (fd, false);
+
+ // A little bit questionable once the traffic gets high enough (IMO),
+ // but it reduces silly latencies that we don't need because we already
+ // do buffer our output
+ int yes = 1;
+ soft_assert (setsockopt (fd, IPPROTO_TCP, TCP_NODELAY,
+ &yes, sizeof yes) != -1);
+
+ if (ctx->max_connections != 0 && ctx->n_clients >= ctx->max_connections)
+ {
+ print_debug ("connection limit reached, refusing connection");
+ close (fd);
+ return true;
+ }
+
+ char host[NI_MAXHOST] = "unknown", port[NI_MAXSERV] = "unknown";
+ int err = getnameinfo ((struct sockaddr *) &peer, peer_len,
+ host, sizeof host, port, sizeof port, NI_NUMERICHOST | NI_NUMERICSERV);
+ if (err)
+ print_debug ("%s: %s", "getnameinfo", gai_strerror (err));
+
+ struct client *c = client_new ();
+ c->ctx = ctx;
+ c->opened = time (NULL);
+ c->socket_fd = fd;
+ c->hostname = xstrdup (host);
+ c->port = xstrdup (port);
+ c->last_active = time (NULL);
+ LIST_PREPEND (ctx->clients, c);
+ ctx->n_clients++;
+
+ c->socket_event = poller_fd_make (&c->ctx->poller, c->socket_fd);
+ c->socket_event.dispatcher = (poller_fd_fn) on_client_ready;
+ c->socket_event.user_data = c;
+
+ c->kill_timer = poller_timer_make (&c->ctx->poller);
+ c->kill_timer.dispatcher = (poller_timer_fn) on_client_kill_timer;
+ c->kill_timer.user_data = c;
+
+ c->timeout_timer = poller_timer_make (&c->ctx->poller);
+ c->timeout_timer.dispatcher = (poller_timer_fn) on_client_timeout_timer;
+ c->timeout_timer.user_data = c;
+
+ c->ping_timer = poller_timer_make (&c->ctx->poller);
+ c->ping_timer.dispatcher = (poller_timer_fn) on_client_ping_timer;
+ c->ping_timer.user_data = c;
+
+ // Resolve the client's hostname first; this is a blocking operation that
+ // depends on the network, so run it asynchronously with some timeout
+ c->gni = async_getnameinfo (&ctx->poller.common.async,
+ (const struct sockaddr *) &peer, peer_len, NI_NUMERICSERV);
+ c->gni->dispatcher = on_client_gni_resolved;
+ c->gni->user_data = c;
+
+ c->gni_timer = poller_timer_make (&c->ctx->poller);
+ c->gni_timer.dispatcher = (poller_timer_fn) on_client_gni_timer;
+ c->gni_timer.user_data = c;
+
+ poller_timer_set (&c->gni_timer, 5000);
+ return true;
+}
+
+static void
+on_irc_client_available (const struct pollfd *pfd, void *user_data)
+{
+ struct server_context *ctx = user_data;
+ while (irc_try_fetch_client (ctx, pfd->fd))
+ ;
+}
+
+// --- Application setup -------------------------------------------------------
+
+static int
+irc_ssl_verify_callback (int verify_ok, X509_STORE_CTX *ctx)
+{
+ (void) verify_ok;
+ (void) ctx;
+
+ // RFC 5246: "If the client has sent a certificate with signing ability,
+ // a digitally-signed CertificateVerify message is sent to explicitly
+ // verify possession of the private key in the certificate."
+ //
+ // The handshake will fail if the client doesn't have a matching private
+ // key, see OpenSSL's tls_process_cert_verify(), and the CertificateVerify
+ // message cannot be skipped (except for a case where it doesn't matter).
+ // Thus we're fine checking just the cryptographic hash of the certificate.
+
+ // We only want to provide additional privileges based on the client's
+ // certificate, so let's not terminate the connection because of a failure
+ // (especially since self-signed certificates are likely to be used).
+ return 1;
+}
+
+static void
+irc_ssl_info_callback (const SSL *ssl, int where, int ret)
+{
+ // For debugging only; provides us with the most important information
+
+ struct str s = str_make ();
+ if (where & SSL_CB_LOOP)
+ str_append_printf (&s, "loop (%s) ",
+ SSL_state_string_long (ssl));
+ if (where & SSL_CB_EXIT)
+ str_append_printf (&s, "exit (%d in %s) ", ret,
+ SSL_state_string_long (ssl));
+
+ if (where & SSL_CB_READ) str_append (&s, "read ");
+ if (where & SSL_CB_WRITE) str_append (&s, "write ");
+
+ if (where & SSL_CB_ALERT)
+ str_append_printf (&s, "alert (%s: %s) ",
+ SSL_alert_type_string_long (ret),
+ SSL_alert_desc_string_long (ret));
+
+ if (where & SSL_CB_HANDSHAKE_START) str_append (&s, "handshake start ");
+ if (where & SSL_CB_HANDSHAKE_DONE) str_append (&s, "handshake done ");
+
+ print_debug ("ssl <%p> %s", ssl, s.str);
+ str_free (&s);
+}
+
+static bool
+irc_initialize_ssl_ctx (struct server_context *ctx,
+ const char *cert_path, const char *key_path, struct error **e)
+{
+ ERR_clear_error ();
+
+ ctx->ssl_ctx = SSL_CTX_new (SSLv23_server_method ());
+ if (!ctx->ssl_ctx)
+ {
+ error_set (e, "%s: %s", "could not initialize TLS",
+ xerr_describe_error ());
+ return false;
+ }
+ SSL_CTX_set_verify (ctx->ssl_ctx,
+ SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, irc_ssl_verify_callback);
+
+ if (g_debug_mode)
+ SSL_CTX_set_info_callback (ctx->ssl_ctx, irc_ssl_info_callback);
+
+ const unsigned char session_id_context[SSL_MAX_SSL_SESSION_ID_LENGTH]
+ = PROGRAM_NAME;
+ (void) SSL_CTX_set_session_id_context (ctx->ssl_ctx,
+ session_id_context, sizeof session_id_context);
+
+ // IRC is not particularly reconnect-heavy, prefer forward secrecy
+ SSL_CTX_set_session_cache_mode (ctx->ssl_ctx, SSL_SESS_CACHE_OFF);
+
+ // Gah, spare me your awkward semantics, I just want to push data!
+ SSL_CTX_set_mode (ctx->ssl_ctx,
+ SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_ENABLE_PARTIAL_WRITE);
+
+ // Disable deprecated protocols (see RFC 7568)
+ SSL_CTX_set_options (ctx->ssl_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
+
+ // XXX: perhaps we should read the files ourselves for better messages
+ const char *ciphers = str_map_find (&ctx->config, "tls_ciphers");
+ if (!SSL_CTX_set_cipher_list (ctx->ssl_ctx, ciphers))
+ error_set (e, "failed to select any cipher from the cipher list");
+ else if (!SSL_CTX_use_certificate_chain_file (ctx->ssl_ctx, cert_path))
+ error_set (e, "%s: %s", "setting the TLS certificate failed",
+ xerr_describe_error ());
+ else if (!SSL_CTX_use_PrivateKey_file
+ (ctx->ssl_ctx, key_path, SSL_FILETYPE_PEM))
+ error_set (e, "%s: %s", "setting the TLS private key failed",
+ xerr_describe_error ());
+ else
+ // TODO: SSL_CTX_check_private_key()? It has probably already been
+ // checked by SSL_CTX_use_PrivateKey_file() above.
+ return true;
+
+ SSL_CTX_free (ctx->ssl_ctx);
+ ctx->ssl_ctx = NULL;
+ return false;
+}
+
+static bool
+irc_initialize_tls (struct server_context *ctx, struct error **e)
+{
+ const char *tls_cert = str_map_find (&ctx->config, "tls_cert");
+ const char *tls_key = str_map_find (&ctx->config, "tls_key");
+
+ // Only try to enable SSL support if the user configures it; it is not
+ // a failure if no one has requested it.
+ if (!tls_cert && !tls_key)
+ return true;
+
+ if (!tls_cert)
+ error_set (e, "no TLS certificate set");
+ else if (!tls_key)
+ error_set (e, "no TLS private key set");
+ if (!tls_cert || !tls_key)
+ return false;
+
+ bool result = false;
+
+ char *cert_path = resolve_filename
+ (tls_cert, resolve_relative_config_filename);
+ char *key_path = resolve_filename
+ (tls_key, resolve_relative_config_filename);
+ if (!cert_path)
+ error_set (e, "%s: %s", "cannot open file", tls_cert);
+ else if (!key_path)
+ error_set (e, "%s: %s", "cannot open file", tls_key);
+ else
+ result = irc_initialize_ssl_ctx (ctx, cert_path, key_path, e);
+
+ free (cert_path);
+ free (key_path);
+ return result;
+}
+
+static bool
+irc_initialize_catalog (struct server_context *ctx, struct error **e)
+{
+ hard_assert (ctx->catalog == (nl_catd) -1);
+ const char *catalog = str_map_find (&ctx->config, "catalog");
+ if (!catalog)
+ return true;
+
+ char *path = resolve_filename (catalog, resolve_relative_config_filename);
+ if (!path)
+ {
+ error_set (e, "%s: %s", "cannot open file", catalog);
+ return false;
+ }
+ ctx->catalog = catopen (path, NL_CAT_LOCALE);
+ free (path);
+
+ if (ctx->catalog == (nl_catd) -1)
+ {
+ error_set (e, "%s: %s",
+ "failed reading the message catalog file", strerror (errno));
+ return false;
+ }
+ return true;
+}
+
+static bool
+irc_initialize_motd (struct server_context *ctx, struct error **e)
+{
+ hard_assert (ctx->motd.len == 0);
+ const char *motd = str_map_find (&ctx->config, "motd");
+ if (!motd)
+ return true;
+
+ char *path = resolve_filename (motd, resolve_relative_config_filename);
+ if (!path)
+ {
+ error_set (e, "%s: %s", "cannot open file", motd);
+ return false;
+ }
+ FILE *fp = fopen (path, "r");
+ free (path);
+
+ if (!fp)
+ {
+ error_set (e, "%s: %s",
+ "failed reading the MOTD file", strerror (errno));
+ return false;
+ }
+
+ struct str line = str_make ();
+ while (read_line (fp, &line))
+ strv_append_owned (&ctx->motd, str_steal (&line));
+ str_free (&line);
+
+ fclose (fp);
+ return true;
+}
+
+static bool
+irc_parse_config_unsigned (const char *name, const char *value, unsigned *out,
+ unsigned long min, unsigned long max, struct error **e)
+{
+ unsigned long ul;
+ hard_assert (value != NULL);
+ if (!xstrtoul (&ul, value, 10) || ul > max || ul < min)
+ {
+ error_set (e, "invalid configuration value for `%s': %s",
+ name, "the number is invalid or out of range");
+ return false;
+ }
+ *out = ul;
+ return true;
+}
+
+/// This function handles values that require validation before their first use,
+/// or some kind of a transformation (such as conversion to an integer) needs
+/// to be done before they can be used directly.
+static bool
+irc_parse_config (struct server_context *ctx, struct error **e)
+{
+#define PARSE_UNSIGNED(name, min, max) \
+ irc_parse_config_unsigned (#name, str_map_find (&ctx->config, #name), \
+ &ctx->name, min, max, e)
+
+ if (!PARSE_UNSIGNED (ping_interval, 1, UINT_MAX)
+ || !PARSE_UNSIGNED (max_connections, 0, UINT_MAX))
+ return false;
+
+ bool result = true;
+ struct strv fingerprints = strv_make ();
+ const char *operators = str_map_find (&ctx->config, "operators");
+ if (operators)
+ cstr_split (operators, ",", true, &fingerprints);
+ for (size_t i = 0; i < fingerprints.len; i++)
+ {
+ const char *key = fingerprints.vector[i];
+ if (!irc_is_valid_fingerprint (key))
+ {
+ error_set (e, "invalid configuration value for `%s': %s",
+ "operators", "invalid fingerprint value");
+ result = false;
+ break;
+ }
+ str_map_set (&ctx->operators, key, (void *) 1);
+ }
+ strv_free (&fingerprints);
+ return result;
+}
+
+static bool
+irc_initialize_server_name (struct server_context *ctx, struct error **e)
+{
+ enum validation_result res;
+ const char *server_name = str_map_find (&ctx->config, "server_name");
+ if (server_name)
+ {
+ res = irc_validate_hostname (server_name);
+ if (res != VALIDATION_OK)
+ {
+ error_set (e, "invalid configuration value for `%s': %s",
+ "server_name", irc_validate_to_str (res));
+ return false;
+ }
+ ctx->server_name = xstrdup (server_name);
+ }
+ else
+ {
+ long host_name_max = sysconf (_SC_HOST_NAME_MAX);
+ if (host_name_max <= 0)
+ host_name_max = _POSIX_HOST_NAME_MAX;
+
+ char hostname[host_name_max + 1];
+ if (gethostname (hostname, sizeof hostname))
+ {
+ error_set (e, "%s: %s",
+ "getting the hostname failed", strerror (errno));
+ return false;
+ }
+ res = irc_validate_hostname (hostname);
+ if (res != VALIDATION_OK)
+ {
+ error_set (e,
+ "`%s' is not set and the hostname (`%s') cannot be used: %s",
+ "server_name", hostname, irc_validate_to_str (res));
+ return false;
+ }
+ ctx->server_name = xstrdup (hostname);
+ }
+ return true;
+}
+
+static bool
+irc_lock_pid_file (struct server_context *ctx, struct error **e)
+{
+ const char *path = str_map_find (&ctx->config, "pid_file");
+ if (!path)
+ return true;
+
+ char *resolved = resolve_filename (path, resolve_relative_runtime_filename);
+ bool result = lock_pid_file (resolved, e) != -1;
+ free (resolved);
+ return result;
+}
+
+static int
+irc_listen (struct addrinfo *gai_iter)
+{
+ int fd = socket (gai_iter->ai_family,
+ gai_iter->ai_socktype, gai_iter->ai_protocol);
+ if (fd == -1)
+ return -1;
+ set_cloexec (fd);
+
+ int yes = 1;
+ soft_assert (setsockopt (fd, SOL_SOCKET, SO_KEEPALIVE,
+ &yes, sizeof yes) != -1);
+ soft_assert (setsockopt (fd, SOL_SOCKET, SO_REUSEADDR,
+ &yes, sizeof yes) != -1);
+
+#if defined SOL_IPV6 && defined IPV6_V6ONLY
+ // Make NULL always bind to both IPv4 and IPv6, irrespectively of the order
+ // of results; only INADDR6_ANY seems to be affected by this
+ if (gai_iter->ai_family == AF_INET6)
+ soft_assert (setsockopt (fd, SOL_IPV6, IPV6_V6ONLY,
+ &yes, sizeof yes) != -1);
+#endif
+
+ char host[NI_MAXHOST], port[NI_MAXSERV];
+ host[0] = port[0] = '\0';
+ int err = getnameinfo (gai_iter->ai_addr, gai_iter->ai_addrlen,
+ host, sizeof host, port, sizeof port,
+ NI_NUMERICHOST | NI_NUMERICSERV);
+ if (err)
+ print_debug ("%s: %s", "getnameinfo", gai_strerror (err));
+
+ char *address = format_host_port_pair (host, port);
+ if (bind (fd, gai_iter->ai_addr, gai_iter->ai_addrlen))
+ print_error ("bind to %s failed: %s", address, strerror (errno));
+ else if (listen (fd, 16 /* arbitrary number */))
+ print_error ("listen on %s failed: %s", address, strerror (errno));
+ else
+ {
+ print_status ("listening on %s", address);
+ free (address);
+ return fd;
+ }
+
+ free (address);
+ xclose (fd);
+ return -1;
+}
+
+static void
+irc_listen_resolve (struct server_context *ctx,
+ const char *host, const char *port, struct addrinfo *gai_hints)
+{
+ struct addrinfo *gai_result, *gai_iter;
+ int err = getaddrinfo (host, port, gai_hints, &gai_result);
+ if (err)
+ {
+ char *address = format_host_port_pair (host, port);
+ print_error ("bind to %s failed: %s: %s",
+ address, "getaddrinfo", gai_strerror (err));
+ free (address);
+ return;
+ }
+
+ int fd;
+ for (gai_iter = gai_result; gai_iter; gai_iter = gai_iter->ai_next)
+ {
+ if (ctx->listen_len == ctx->listen_alloc)
+ break;
+
+ if ((fd = irc_listen (gai_iter)) == -1)
+ continue;
+ set_blocking (fd, false);
+
+ struct poller_fd *event = &ctx->listen_events[ctx->listen_len];
+ *event = poller_fd_make (&ctx->poller, fd);
+ event->dispatcher = (poller_fd_fn) on_irc_client_available;
+ event->user_data = ctx;
+
+ ctx->listen_fds[ctx->listen_len++] = fd;
+ poller_fd_set (event, POLLIN);
+ }
+ freeaddrinfo (gai_result);
+}
+
+static bool
+irc_setup_listen_fds (struct server_context *ctx, struct error **e)
+{
+ const char *bind_host = str_map_find (&ctx->config, "bind_host");
+ const char *bind_port = str_map_find (&ctx->config, "bind_port");
+ hard_assert (bind_port != NULL); // We have a default value for this
+
+ struct addrinfo gai_hints;
+ memset (&gai_hints, 0, sizeof gai_hints);
+
+ gai_hints.ai_socktype = SOCK_STREAM;
+ gai_hints.ai_flags = AI_PASSIVE;
+
+ struct strv ports = strv_make ();
+ cstr_split (bind_port, ",", true, &ports);
+
+ // For C and simplicity's sake let's assume that the host will resolve
+ // to at most two different addresses: IPv4 and IPv6 in case it is NULL
+ ctx->listen_alloc = ports.len * 2;
+
+ ctx->listen_fds =
+ xcalloc (ctx->listen_alloc, sizeof *ctx->listen_fds);
+ ctx->listen_events =
+ xcalloc (ctx->listen_alloc, sizeof *ctx->listen_events);
+ for (size_t i = 0; i < ports.len; i++)
+ irc_listen_resolve (ctx, bind_host, ports.vector[i], &gai_hints);
+ strv_free (&ports);
+
+ if (!ctx->listen_len)
+ {
+ error_set (e, "%s: %s",
+ "network setup failed", "no ports to listen on");
+ return false;
+ }
+ return true;
+}
+
+// --- Main --------------------------------------------------------------------
+
+static void
+on_signal_pipe_readable (const struct pollfd *fd, struct server_context *ctx)
+{
+ char dummy;
+ (void) read (fd->fd, &dummy, 1);
+
+ if (g_termination_requested && !ctx->quitting)
+ irc_initiate_quit (ctx);
+}
+
+static void
+daemonize (struct server_context *ctx)
+{
+ print_status ("daemonizing...");
+
+ if (chdir ("/"))
+ exit_fatal ("%s: %s", "chdir", strerror (errno));
+
+ // Because of systemd, we need to exit the parent process _after_ writing
+ // a PID file, otherwise our grandchild would receive a SIGTERM
+ int sync_pipe[2];
+ if (pipe (sync_pipe))
+ exit_fatal ("%s: %s", "pipe", strerror (errno));
+
+ pid_t pid;
+ if ((pid = fork ()) < 0)
+ exit_fatal ("%s: %s", "fork", strerror (errno));
+ else if (pid)
+ {
+ // Wait until all write ends of the pipe are closed, which can mean
+ // either success or failure, we don't need to care
+ xclose (sync_pipe[PIPE_WRITE]);
+
+ char dummy;
+ if (read (sync_pipe[PIPE_READ], &dummy, 1) < 0)
+ exit_fatal ("%s: %s", "read", strerror (errno));
+
+ exit (EXIT_SUCCESS);
+ }
+
+ setsid ();
+ signal (SIGHUP, SIG_IGN);
+
+ if ((pid = fork ()) < 0)
+ exit_fatal ("%s: %s", "fork", strerror (errno));
+ else if (pid)
+ exit (EXIT_SUCCESS);
+
+ openlog (PROGRAM_NAME, LOG_NDELAY | LOG_NOWAIT | LOG_PID, 0);
+ g_log_message_real = log_message_syslog;
+
+ // Write the PID file (if so configured) and get rid of the pipe, so that
+ // the read() in our grandparent finally returns zero (no write ends)
+ struct error *e = NULL;
+ if (!irc_lock_pid_file (ctx, &e))
+ exit_fatal ("%s", e->message);
+
+ xclose (sync_pipe[PIPE_READ]);
+ xclose (sync_pipe[PIPE_WRITE]);
+
+ // XXX: we may close our own descriptors this way, crippling ourselves;
+ // there is no real guarantee that we will start with all three
+ // descriptors open. In theory we could try to enumerate the descriptors
+ // at the start of main().
+ for (int i = 0; i < 3; i++)
+ xclose (i);
+
+ int tty = open ("/dev/null", O_RDWR);
+ if (tty != 0 || dup (0) != 1 || dup (0) != 2)
+ exit_fatal ("failed to reopen FD's: %s", strerror (errno));
+
+ poller_post_fork (&ctx->poller);
+}
+
+int
+main (int argc, char *argv[])
+{
+ // Need to call this first as all string maps depend on it
+ siphash_wrapper_randomize ();
+
+ static const struct opt opts[] =
+ {
+ { 'd', "debug", NULL, 0, "run in debug mode (do not daemonize)" },
+ { 'h', "help", NULL, 0, "display this help and exit" },
+ { 'V', "version", NULL, 0, "output version information and exit" },
+ { 'w', "write-default-cfg", "FILENAME",
+ OPT_OPTIONAL_ARG | OPT_LONG_ONLY,
+ "write a default configuration file and exit" },
+ { 0, NULL, NULL, 0, NULL }
+ };
+
+ struct opt_handler oh =
+ opt_handler_make (argc, argv, opts, NULL, "IRC daemon.");
+
+ int c;
+ while ((c = opt_handler_get (&oh)) != -1)
+ switch (c)
+ {
+ case 'd':
+ g_debug_mode = true;
+ break;
+ case 'h':
+ opt_handler_usage (&oh, stdout);
+ exit (EXIT_SUCCESS);
+ case 'V':
+ printf (PROGRAM_NAME " " PROGRAM_VERSION "\n");
+ exit (EXIT_SUCCESS);
+ case 'w':
+ call_simple_config_write_default (optarg, g_config_table);
+ exit (EXIT_SUCCESS);
+ default:
+ print_error ("wrong options");
+ opt_handler_usage (&oh, stderr);
+ exit (EXIT_FAILURE);
+ }
+
+ opt_handler_free (&oh);
+
+ print_status (PROGRAM_NAME " " PROGRAM_VERSION " starting");
+ setup_signal_handlers ();
+ init_openssl ();
+
+ struct server_context ctx;
+ server_context_init (&ctx);
+ ctx.started = time (NULL);
+ irc_register_handlers (&ctx);
+ irc_register_cap_handlers (&ctx);
+
+ struct error *e = NULL;
+ if (!simple_config_update_from_file (&ctx.config, &e))
+ {
+ print_error ("error loading configuration: %s", e->message);
+ error_free (e);
+ exit (EXIT_FAILURE);
+ }
+
+ ctx.signal_event = poller_fd_make (&ctx.poller, g_signal_pipe[0]);
+ ctx.signal_event.dispatcher = (poller_fd_fn) on_signal_pipe_readable;
+ ctx.signal_event.user_data = &ctx;
+ poller_fd_set (&ctx.signal_event, POLLIN);
+
+ if (!irc_initialize_tls (&ctx, &e)
+ || !irc_initialize_server_name (&ctx, &e)
+ || !irc_initialize_motd (&ctx, &e)
+ || !irc_initialize_catalog (&ctx, &e)
+ || !irc_parse_config (&ctx, &e)
+ || !irc_setup_listen_fds (&ctx, &e))
+ exit_fatal ("%s", e->message);
+
+ if (!g_debug_mode)
+ daemonize (&ctx);
+ else if (!irc_lock_pid_file (&ctx, &e))
+ exit_fatal ("%s", e->message);
+
+#if OpenBSD >= 201605
+ // This won't be as simple once we decide to implement REHASH
+ if (pledge ("stdio inet dns", NULL))
+ exit_fatal ("%s: %s", "pledge", strerror (errno));
+#endif
+
+ ctx.polling = true;
+ while (ctx.polling)
+ poller_run (&ctx.poller);
+
+ server_context_free (&ctx);
+ return EXIT_SUCCESS;
+}