3
0
mirror of https://github.com/ergochat/ergo.git synced 2024-11-29 23:49:25 +01:00
ergo/irc/server.go

1055 lines
37 KiB
Go
Raw Normal View History

// Copyright (c) 2012-2014 Jeremy Latt
// Copyright (c) 2014-2015 Edmund Huber
2017-03-27 14:15:02 +02:00
// Copyright (c) 2016-2017 Daniel Oaks <daniel@danieloaks.net>
// released under the MIT license
2012-04-07 20:44:59 +02:00
package irc
import (
"fmt"
2012-04-07 20:44:59 +02:00
"net"
"net/http"
_ "net/http/pprof"
2014-02-12 01:35:32 +01:00
"os"
"os/signal"
"runtime/debug"
"strconv"
"strings"
"sync"
"syscall"
2012-04-18 07:21:41 +02:00
"time"
2019-05-09 20:18:30 +02:00
"unsafe"
2017-06-15 18:14:19 +02:00
"github.com/goshuirc/irc-go/ircfmt"
2020-07-01 10:14:30 +02:00
"github.com/oragono/oragono/irc/caps"
"github.com/oragono/oragono/irc/connection_limits"
"github.com/oragono/oragono/irc/flatip"
"github.com/oragono/oragono/irc/history"
2017-06-14 20:00:53 +02:00
"github.com/oragono/oragono/irc/logger"
"github.com/oragono/oragono/irc/modes"
"github.com/oragono/oragono/irc/mysql"
2017-06-14 20:00:53 +02:00
"github.com/oragono/oragono/irc/sno"
2020-04-30 21:35:17 +02:00
"github.com/oragono/oragono/irc/utils"
2016-08-19 15:21:52 +02:00
"github.com/tidwall/buntdb"
)
const (
alwaysOnExpirationPollPeriod = time.Hour
)
var (
// common error line to sub values into
2019-02-26 03:50:43 +01:00
errorMsg = "ERROR :%s\r\n"
2017-10-30 10:21:47 +01:00
2020-05-28 20:27:41 +02:00
// three final parameters of 004 RPL_MYINFO, enumerating our supported modes
rplMyInfo1, rplMyInfo2, rplMyInfo3 = modes.RplMyInfo()
2018-02-03 12:15:07 +01:00
2020-10-21 03:24:47 +02:00
// CHANMODES isupport token
chanmodesToken = modes.ChanmodesToken()
2019-08-27 06:51:09 +02:00
// whitelist of caps to serve on the STS-only listener. In particular,
// never advertise SASL, to discourage people from sending their passwords:
2020-07-02 09:38:20 +02:00
stsOnlyCaps = caps.NewSet(caps.STS, caps.MessageTags, caps.ServerTime, caps.Batch, caps.LabeledResponse, caps.EchoMessage, caps.Nope)
2019-09-22 21:48:17 +02:00
// we only have standard channels for now. TODO: any updates to this
// will also need to be reflected in CasefoldChannel
chanTypes = "#"
throttleMessage = "You have attempted to connect too many times within a short duration. Wait a while, and you will be able to connect."
2017-09-28 07:30:53 +02:00
)
// Server is the main Oragono server.
2012-04-07 20:44:59 +02:00
type Server struct {
accounts AccountManager
channels ChannelManager
channelRegistry ChannelRegistry
clients ClientManager
config unsafe.Pointer
configFilename string
connectionLimiter connection_limits.Limiter
ctime time.Time
dlines *DLineManager
helpIndexManager HelpIndexManager
klines *KLineManager
2020-05-05 04:29:10 +02:00
listeners map[string]IRCListener
logger *logger.Manager
monitorManager MonitorManager
name string
nameCasefolded string
rehashMutex sync.Mutex // tier 4
rehashSignal chan os.Signal
pprofServer *http.Server
resumeManager ResumeManager
signals chan os.Signal
snomasks SnoManager
store *buntdb.DB
historyDB mysql.MySQL
torLimiter connection_limits.TorLimiter
whoWas WhoWasList
stats Stats
semaphores ServerSemaphores
2020-07-08 11:32:14 +02:00
defcon uint32
}
2016-10-19 13:38:31 +02:00
// NewServer returns a new Oragono server.
2017-09-28 07:30:53 +02:00
func NewServer(config *Config, logger *logger.Manager) (*Server, error) {
// initialize data structures
2012-12-09 21:51:50 +01:00
server := &Server{
2019-05-12 10:30:48 +02:00
ctime: time.Now().UTC(),
2020-05-05 04:29:10 +02:00
listeners: make(map[string]IRCListener),
2019-05-12 10:30:48 +02:00
logger: logger,
rehashSignal: make(chan os.Signal, 1),
signals: make(chan os.Signal, len(ServerExitSignals)),
2020-07-08 11:32:14 +02:00
defcon: 5,
}
2014-02-09 19:07:40 +01:00
2019-03-12 00:24:45 +01:00
server.clients.Initialize()
server.semaphores.Initialize()
server.resumeManager.Initialize(server)
2019-03-12 00:24:45 +01:00
server.whoWas.Initialize(config.Limits.WhowasEntries)
2019-05-12 10:30:48 +02:00
server.monitorManager.Initialize()
server.snomasks.Initialize()
if err := server.applyConfig(config); err != nil {
2017-09-28 07:30:53 +02:00
return nil, err
2016-08-19 15:21:52 +02:00
}
// Attempt to clean up when receiving these signals.
2016-10-23 03:48:57 +02:00
signal.Notify(server.signals, ServerExitSignals...)
2016-10-22 13:20:08 +02:00
signal.Notify(server.rehashSignal, syscall.SIGHUP)
2014-03-02 20:51:29 +01:00
time.AfterFunc(alwaysOnExpirationPollPeriod, server.handleAlwaysOnExpirations)
2017-03-06 06:50:23 +01:00
return server, nil
2016-10-19 13:38:31 +02:00
}
2017-03-06 00:27:08 +01:00
// Shutdown shuts down the server.
func (server *Server) Shutdown() {
//TODO(dan): Make sure we disallow new nicks
2017-11-22 10:41:11 +01:00
for _, client := range server.clients.AllClients() {
2016-06-19 13:59:18 +02:00
client.Notice("Server is shutting down")
2020-06-29 06:30:27 +02:00
if client.AlwaysOn() {
client.Store(IncludeLastSeen)
}
}
if err := server.store.Close(); err != nil {
server.logger.Error("shutdown", fmt.Sprintln("Could not close datastore:", err))
}
server.historyDB.Close()
}
2016-10-23 03:48:57 +02:00
// Run starts the server.
2014-02-24 04:13:45 +01:00
func (server *Server) Run() {
// defer closing db/store
defer server.store.Close()
2017-12-11 03:18:16 +01:00
for {
select {
case <-server.signals:
server.Shutdown()
2017-12-11 03:18:16 +01:00
return
2016-10-22 13:20:08 +02:00
case <-server.rehashSignal:
go func() {
server.logger.Info("server", "Rehashing due to SIGHUP")
server.rehash()
}()
2017-12-11 03:18:16 +01:00
}
}
}
2016-10-22 13:20:08 +02:00
func (server *Server) checkBans(config *Config, ipaddr net.IP, checkScripts bool) (banned bool, requireSASL bool, message string) {
2021-01-19 14:49:45 +01:00
// #671: do not enforce bans against loopback, as a failsafe
// note that this function is not used for Tor connections (checkTorLimits is used instead)
if ipaddr.IsLoopback() {
return
}
2020-07-08 11:32:14 +02:00
if server.Defcon() == 1 {
2021-01-19 14:49:45 +01:00
if !utils.IPInNets(ipaddr, server.Config().Server.secureNets) {
return true, false, "New connections to this server are temporarily restricted"
2020-07-08 11:32:14 +02:00
}
}
flat := flatip.FromNetIP(ipaddr)
2017-09-28 20:19:39 +02:00
// check DLINEs
isBanned, info := server.dlines.CheckIP(flat)
2017-09-28 20:19:39 +02:00
if isBanned {
2021-01-22 15:38:40 +01:00
if info.RequireSASL {
server.logger.Info("connect-ip", "Requiring SASL from client due to d-line", ipaddr.String())
return false, true, info.BanMessage("You must authenticate with SASL to connect from this IP (%s)")
} else {
server.logger.Info("connect-ip", "Client rejected by d-line", ipaddr.String())
return true, false, info.BanMessage("You are banned from this server (%s)")
}
2017-09-28 20:19:39 +02:00
}
// check connection limits
err := server.connectionLimiter.AddClient(flat)
if err == connection_limits.ErrLimitExceeded {
2017-09-28 20:19:39 +02:00
// too many connections from one client, tell the client and close the connection
server.logger.Info("connect-ip", "Client rejected for connection limit", ipaddr.String())
return true, false, "Too many clients from your network"
} else if err == connection_limits.ErrThrottleExceeded {
server.logger.Info("connect-ip", "Client exceeded connection throttle", ipaddr.String())
return true, false, throttleMessage
} else if err != nil {
server.logger.Warning("internal", "unexpected ban result", err.Error())
2017-09-28 20:19:39 +02:00
}
if checkScripts && config.Server.IPCheckScript.Enabled {
output, err := CheckIPBan(server.semaphores.IPCheckScript, config.Server.IPCheckScript, ipaddr)
if err != nil {
server.logger.Error("internal", "couldn't check IP ban script", ipaddr.String(), err.Error())
return false, false, ""
}
2021-01-22 15:38:40 +01:00
// TODO: currently no way to cache IPAccepted
if (output.Result == IPBanned || output.Result == IPRequireSASL) && output.CacheSeconds != 0 {
2021-01-19 14:49:45 +01:00
network, err := flatip.ParseToNormalizedNet(output.CacheNet)
if err != nil {
server.logger.Error("internal", "invalid dline net from IP ban script", ipaddr.String(), output.CacheNet)
} else {
dlineDuration := time.Duration(output.CacheSeconds) * time.Second
2021-01-22 15:38:40 +01:00
err := server.dlines.AddNetwork(network, dlineDuration, output.Result == IPRequireSASL, output.BanMessage, "", "")
if err != nil {
server.logger.Error("internal", "couldn't set dline from IP ban script", ipaddr.String(), err.Error())
}
}
}
if output.Result == IPBanned {
// XXX roll back IP connection/throttling addition for the IP
server.connectionLimiter.RemoveClient(flat)
server.logger.Info("connect-ip", "Rejected client due to ip-check-script", ipaddr.String())
return true, false, output.BanMessage
} else if output.Result == IPRequireSASL {
server.logger.Info("connect-ip", "Requiring SASL from client due to ip-check-script", ipaddr.String())
return false, true, output.BanMessage
}
}
return false, false, ""
2017-09-28 20:19:39 +02:00
}
2019-02-26 03:50:43 +01:00
func (server *Server) checkTorLimits() (banned bool, message string) {
switch server.torLimiter.AddClient() {
case connection_limits.ErrLimitExceeded:
return true, "Too many clients from the Tor network"
case connection_limits.ErrThrottleExceeded:
return true, "Exceeded connection throttle for the Tor network"
default:
return false, ""
}
}
func (server *Server) handleAlwaysOnExpirations() {
defer func() {
if r := recover(); r != nil {
server.logger.Error("internal",
fmt.Sprintf("Panic in always-on cleanup: %v\n%s", r, debug.Stack()))
}
// either way, reschedule
time.AfterFunc(alwaysOnExpirationPollPeriod, server.handleAlwaysOnExpirations)
}()
config := server.Config()
deadline := time.Duration(config.Accounts.Multiclient.AlwaysOnExpiration)
if deadline == 0 {
return
}
server.logger.Info("accounts", "Checking always-on clients for expiration")
for _, client := range server.clients.AllClients() {
if client.IsExpiredAlwaysOn(config) {
// TODO save the channels list, use it for autojoin if/when they return?
server.logger.Info("accounts", "Expiring always-on client", client.AccountName())
client.destroy(nil)
}
}
}
2014-02-15 03:28:36 +01:00
//
// server functionality
2014-02-15 03:28:36 +01:00
//
2019-05-23 02:25:57 +02:00
func (server *Server) tryRegister(c *Client, session *Session) (exiting bool) {
2019-05-22 03:40:25 +02:00
// if the session just sent us a RESUME line, try to resume
if session.resumeDetails != nil {
session.tryResume()
return // whether we succeeded or failed, either way `c` is not getting registered
}
2018-02-27 03:44:03 +01:00
// XXX PROXY or WEBIRC MUST be sent as the first line of the session;
// if we are here at all that means we have the final value of the IP
if session.rawHostname == "" {
session.client.lookupHostname(session, false)
}
2019-05-22 03:40:25 +02:00
// try to complete registration normally
2020-05-26 16:56:24 +02:00
// XXX(#1057) username can be filled in by an ident query without the client
// having sent USER: check for both username and realname to ensure they did
if c.preregNick == "" || c.username == "" || c.realname == "" || session.capState == caps.NegotiatingState {
2019-05-22 03:40:25 +02:00
return
}
2018-02-27 03:44:03 +01:00
2019-08-27 06:51:09 +02:00
if c.isSTSOnly {
2020-07-02 09:38:20 +02:00
server.playSTSBurst(session)
2019-08-27 06:51:09 +02:00
return true
}
2019-05-22 03:40:25 +02:00
// client MUST send PASS if necessary, or authenticate with SASL if necessary,
// before completing the other registration commands
2020-07-08 11:32:14 +02:00
config := server.Config()
authOutcome := c.isAuthorized(server, config, session, c.requireSASL)
2019-05-23 02:25:57 +02:00
var quitMessage string
switch authOutcome {
case authFailPass:
quitMessage = c.t("Password incorrect")
c.Send(nil, server.name, ERR_PASSWDMISMATCH, "*", quitMessage)
case authFailSaslRequired, authFailTorSaslRequired:
quitMessage = c.requireSASLMessage
if quitMessage == "" {
quitMessage = c.t("You must log in with SASL to join this server")
}
2019-05-23 02:25:57 +02:00
c.Send(nil, c.server.name, "FAIL", "*", "ACCOUNT_REQUIRED", quitMessage)
}
if authOutcome != authSuccess {
c.Quit(quitMessage, nil)
return true
2019-05-22 03:40:25 +02:00
}
c.requireSASLMessage = ""
2018-02-27 03:44:03 +01:00
2019-05-22 03:40:25 +02:00
rb := NewResponseBuffer(session)
2020-04-23 07:38:12 +02:00
nickError := performNickChange(server, c, c, session, c.preregNick, rb)
2019-05-22 03:40:25 +02:00
rb.Send(true)
2020-04-23 07:38:12 +02:00
if nickError == errInsecureReattach {
c.Quit(c.t("You can't mix secure and insecure connections to this account"), nil)
return true
} else if nickError != nil {
2019-05-22 03:40:25 +02:00
c.preregNick = ""
2020-04-23 07:38:12 +02:00
return false
2019-05-22 03:40:25 +02:00
}
2019-05-09 00:14:49 +02:00
if session.client != c {
// reattached, bail out.
// we'll play the reg burst later, on the new goroutine associated with
// (thisSession, otherClient). This is to avoid having to transfer state
// like nickname, hostname, etc. to show the correct values in the reg burst.
2020-04-23 07:38:12 +02:00
return false
2019-05-09 00:14:49 +02:00
}
2017-01-11 13:38:16 +01:00
2020-10-15 19:03:44 +02:00
// Apply default user modes (without updating the invisible counter)
// The number of invisible users will be updated by server.stats.Register
// if we're using default user mode +i.
for _, defaultMode := range config.Accounts.defaultUserModes {
c.SetMode(defaultMode, true)
}
2020-10-05 12:28:19 +02:00
// count new user in statistics (before checking KLINEs, see #1303)
server.stats.Register(c.HasMode(modes.Invisible))
2021-01-19 14:49:45 +01:00
// check KLINEs (#671: ignore KLINEs for loopback connections)
if !session.IP().IsLoopback() || session.isTor {
isBanned, info := server.klines.CheckMasks(c.AllNickmasks()...)
if isBanned {
c.Quit(info.BanMessage(c.t("You are banned from this server (%s)")), nil)
return true
}
2019-12-17 21:10:23 +01:00
}
2019-05-09 00:14:49 +02:00
server.playRegistrationBurst(session)
2019-05-23 02:25:57 +02:00
return false
2019-05-09 00:14:49 +02:00
}
2020-07-02 09:38:20 +02:00
func (server *Server) playSTSBurst(session *Session) {
nick := utils.SafeErrorParam(session.client.preregNick)
session.Send(nil, server.name, RPL_WELCOME, nick, fmt.Sprintf("Welcome to the Internet Relay Network %s", nick))
session.Send(nil, server.name, RPL_YOURHOST, nick, fmt.Sprintf("Your host is %[1]s, running version %[2]s", server.name, "oragono"))
session.Send(nil, server.name, RPL_CREATED, nick, fmt.Sprintf("This server was created %s", time.Time{}.Format(time.RFC1123)))
session.Send(nil, server.name, RPL_MYINFO, nick, server.name, "oragono", "o", "o", "o")
session.Send(nil, server.name, RPL_ISUPPORT, nick, "CASEMAPPING=ascii", "are supported by this server")
2020-07-02 09:38:20 +02:00
session.Send(nil, server.name, ERR_NOMOTD, nick, "MOTD is unavailable")
for _, line := range server.Config().Server.STS.bannerLines {
session.Send(nil, server.name, "NOTICE", nick, line)
}
}
2019-05-09 00:14:49 +02:00
func (server *Server) playRegistrationBurst(session *Session) {
c := session.client
2017-01-11 13:38:16 +01:00
// continue registration
d := c.Details()
2020-04-12 19:58:35 +02:00
server.logger.Info("connect", fmt.Sprintf("Client connected [%s] [u:%s] [r:%s]", d.nick, d.username, d.realname))
server.snomasks.Send(sno.LocalConnects, fmt.Sprintf("Client connected [%s] [u:%s] [h:%s] [ip:%s] [r:%s]", d.nick, d.username, session.rawHostname, session.IP().String(), d.realname))
if d.account != "" {
server.sendLoginSnomask(d.nickMask, d.accountName)
}
2016-06-19 13:59:18 +02:00
// send welcome text
//NOTE(dan): we specifically use the NICK here instead of the nickmask
// see http://modern.ircdocs.horse/#rplwelcome-001 for details on why we avoid using the nickmask
2020-11-29 22:34:36 +01:00
config := server.Config()
session.Send(nil, server.name, RPL_WELCOME, d.nick, fmt.Sprintf(c.t("Welcome to the %s IRC Network %s"), config.Network.Name, d.nick))
2019-05-09 00:14:49 +02:00
session.Send(nil, server.name, RPL_YOURHOST, d.nick, fmt.Sprintf(c.t("Your host is %[1]s, running version %[2]s"), server.name, Ver))
session.Send(nil, server.name, RPL_CREATED, d.nick, fmt.Sprintf(c.t("This server was created %s"), server.ctime.Format(time.RFC1123)))
2020-05-28 20:27:41 +02:00
session.Send(nil, server.name, RPL_MYINFO, d.nick, server.name, Ver, rplMyInfo1, rplMyInfo2, rplMyInfo3)
2018-02-05 15:21:08 +01:00
rb := NewResponseBuffer(session)
2019-07-01 15:21:38 +02:00
server.RplISupport(c, rb)
server.Lusers(c, rb)
2018-02-05 15:21:08 +01:00
server.MOTD(c, rb)
2018-12-28 19:45:55 +01:00
rb.Send(true)
2018-02-05 15:21:08 +01:00
modestring := c.ModeString()
if modestring != "+" {
session.Send(nil, server.name, RPL_UMODEIS, d.nick, modestring)
}
c.attemptAutoOper(session)
2017-10-04 19:41:19 +02:00
if server.logger.IsLoggingRawIO() {
2019-05-09 00:14:49 +02:00
session.Send(nil, c.server.name, "NOTICE", d.nick, c.t("This server is in debug mode and is logging all user I/O. If you do not wish for everything you send to be readable by the server owner(s), please disconnect."))
}
}
2019-07-01 15:21:38 +02:00
// RplISupport outputs our ISUPPORT lines to the client. This is used on connection and in VERSION responses.
func (server *Server) RplISupport(client *Client, rb *ResponseBuffer) {
translatedISupport := client.t("are supported by this server")
nick := client.Nick()
config := server.Config()
for _, cachedTokenLine := range config.Server.isupport.CachedReply {
length := len(cachedTokenLine) + 2
tokenline := make([]string, length)
tokenline[0] = nick
copy(tokenline[1:], cachedTokenLine)
tokenline[length-1] = translatedISupport
rb.Add(nil, server.name, RPL_ISUPPORT, tokenline...)
}
}
func (server *Server) Lusers(client *Client, rb *ResponseBuffer) {
nick := client.Nick()
stats := server.stats.GetValues()
rb.Add(nil, server.name, RPL_LUSERCLIENT, nick, fmt.Sprintf(client.t("There are %[1]d users and %[2]d invisible on %[3]d server(s)"), stats.Total-stats.Invisible, stats.Invisible, 1))
rb.Add(nil, server.name, RPL_LUSEROP, nick, strconv.Itoa(stats.Operators), client.t("IRC Operators online"))
rb.Add(nil, server.name, RPL_LUSERUNKNOWN, nick, strconv.Itoa(stats.Unknown), client.t("unregistered connections"))
rb.Add(nil, server.name, RPL_LUSERCHANNELS, nick, strconv.Itoa(server.channels.Len()), client.t("channels formed"))
2020-03-18 10:36:48 +01:00
rb.Add(nil, server.name, RPL_LUSERME, nick, fmt.Sprintf(client.t("I have %[1]d clients and %[2]d servers"), stats.Total, 0))
2019-07-01 15:21:38 +02:00
total := strconv.Itoa(stats.Total)
max := strconv.Itoa(stats.Max)
rb.Add(nil, server.name, RPL_LOCALUSERS, nick, total, max, fmt.Sprintf(client.t("Current local users %[1]s, max %[2]s"), total, max))
rb.Add(nil, server.name, RPL_GLOBALUSERS, nick, total, max, fmt.Sprintf(client.t("Current global users %[1]s, max %[2]s"), total, max))
}
2017-03-06 00:27:08 +01:00
// MOTD serves the Message of the Day.
2018-02-05 15:21:08 +01:00
func (server *Server) MOTD(client *Client, rb *ResponseBuffer) {
motdLines := server.Config().Server.motdLines
2017-09-28 07:30:53 +02:00
if len(motdLines) < 1 {
2018-02-05 15:21:08 +01:00
rb.Add(nil, server.name, ERR_NOMOTD, client.nick, client.t("MOTD File is missing"))
2014-02-12 01:35:32 +01:00
return
}
2018-02-05 15:21:08 +01:00
rb.Add(nil, server.name, RPL_MOTDSTART, client.nick, fmt.Sprintf(client.t("- %s Message of the day - "), server.name))
for _, line := range motdLines {
2018-02-05 15:21:08 +01:00
rb.Add(nil, server.name, RPL_MOTD, client.nick, line)
2014-02-12 01:35:32 +01:00
}
2018-02-05 15:21:08 +01:00
rb.Add(nil, server.name, RPL_ENDOFMOTD, client.nick, client.t("End of MOTD command"))
2014-02-12 00:33:02 +01:00
}
func (client *Client) whoisChannelsNames(target *Client, multiPrefix bool, hasPrivs bool) []string {
var chstrs []string
targetInvis := target.HasMode(modes.Invisible)
2018-04-17 17:11:12 +02:00
for _, channel := range target.Channels() {
if !hasPrivs && (targetInvis || channel.flags.HasMode(modes.Secret)) && !channel.hasClient(client) {
// client can't see *this* channel membership
continue
}
chstrs = append(chstrs, channel.ClientPrefixes(target, multiPrefix)+channel.name)
}
return chstrs
}
2020-10-09 14:03:26 +02:00
func (client *Client) getWhoisOf(target *Client, hasPrivs bool, rb *ResponseBuffer) {
oper := client.Oper()
cnick := client.Nick()
targetInfo := target.Details()
rb.Add(nil, client.server.name, RPL_WHOISUSER, cnick, targetInfo.nick, targetInfo.username, targetInfo.hostname, "*", targetInfo.realname)
tnick := targetInfo.nick
2017-01-13 02:05:58 +01:00
whoischannels := client.whoisChannelsNames(target, rb.session.capabilities.Has(caps.MultiPrefix), oper.HasRoleCapab("sajoin"))
2017-01-13 02:05:58 +01:00
if whoischannels != nil {
rb.Add(nil, client.server.name, RPL_WHOISCHANNELS, cnick, tnick, strings.Join(whoischannels, " "))
2016-09-05 06:23:57 +02:00
}
if target.HasMode(modes.Operator) && operStatusVisible(client, target, oper != nil) {
tOper := target.Oper()
if tOper != nil {
rb.Add(nil, client.server.name, RPL_WHOISOPERATOR, cnick, tnick, tOper.WhoisLine)
}
2016-06-19 13:59:18 +02:00
}
if client == target || oper.HasRoleCapab("ban") {
2019-02-26 03:50:43 +01:00
rb.Add(nil, client.server.name, RPL_WHOISACTUALLY, cnick, tnick, fmt.Sprintf("%s@%s", targetInfo.username, target.RawHostname()), target.IPString(), client.t("Actual user@host, Actual IP"))
}
if client == target || oper.HasRoleCapab("samode") {
2020-10-27 23:54:45 +01:00
rb.Add(nil, client.server.name, RPL_WHOISMODES, cnick, tnick, fmt.Sprintf(client.t("is using modes +%s"), target.modes.String()))
}
2018-04-23 00:47:10 +02:00
if target.HasMode(modes.TLS) {
rb.Add(nil, client.server.name, RPL_WHOISSECURE, cnick, tnick, client.t("is using a secure connection"))
}
if targetInfo.accountName != "*" {
rb.Add(nil, client.server.name, RPL_WHOISACCOUNT, cnick, tnick, targetInfo.accountName, client.t("is logged in as"))
2018-01-21 03:23:47 +01:00
}
2018-04-23 00:47:10 +02:00
if target.HasMode(modes.Bot) {
2020-12-28 02:17:24 +01:00
rb.Add(nil, client.server.name, RPL_WHOISBOT, cnick, tnick, fmt.Sprintf(ircfmt.Unescape(client.t("is a $bBot$b on %s")), client.server.Config().Network.Name))
2018-01-07 03:56:51 +01:00
}
2018-01-22 08:30:31 +01:00
if client == target || oper.HasRoleCapab("ban") {
for _, session := range target.Sessions() {
if session.certfp != "" {
rb.Add(nil, client.server.name, RPL_WHOISCERTFP, cnick, tnick, fmt.Sprintf(client.t("has client certificate fingerprint %s"), session.certfp))
}
}
2016-06-19 13:59:18 +02:00
}
rb.Add(nil, client.server.name, RPL_WHOISIDLE, cnick, tnick, strconv.FormatUint(target.IdleSeconds(), 10), strconv.FormatInt(target.SignonTime(), 10), client.t("seconds idle, signon time"))
2020-07-17 07:55:13 +02:00
if away, awayMessage := target.Away(); away {
rb.Add(nil, client.server.name, RPL_AWAY, cnick, tnick, awayMessage)
2020-03-20 20:14:27 +01:00
}
2016-06-19 13:59:18 +02:00
}
2016-10-22 13:20:08 +02:00
// rehash reloads the config and applies the changes from the config file.
func (server *Server) rehash() error {
2020-05-18 18:33:26 +02:00
server.logger.Info("server", "Attempting rehash")
// only let one REHASH go on at a time
server.rehashMutex.Lock()
defer server.rehashMutex.Unlock()
server.logger.Debug("server", "Got rehash lock")
2016-10-19 13:38:31 +02:00
config, err := LoadConfig(server.configFilename)
2017-09-28 07:30:53 +02:00
if err != nil {
server.logger.Error("server", "failed to load config file", err.Error())
return err
2017-09-28 07:30:53 +02:00
}
err = server.applyConfig(config)
2017-09-28 07:30:53 +02:00
if err != nil {
server.logger.Error("server", "Failed to rehash", err.Error())
return err
2017-09-28 07:30:53 +02:00
}
server.logger.Info("server", "Rehash completed successfully")
2017-09-28 07:30:53 +02:00
return nil
}
func (server *Server) applyConfig(config *Config) (err error) {
oldConfig := server.Config()
initial := oldConfig == nil
2017-09-28 07:30:53 +02:00
if initial {
server.configFilename = config.Filename
server.name = config.Server.Name
server.nameCasefolded = config.Server.nameCasefolded
2019-12-18 13:06:04 +01:00
globalCasemappingSetting = config.Server.Casemapping
2020-06-22 20:54:43 +02:00
globalUtf8EnforcementSetting = config.Server.EnforceUtf8
2017-09-28 08:58:09 +02:00
} else {
// enforce configs that can't be changed after launch:
2020-01-19 05:47:05 +01:00
if server.name != config.Server.Name {
2017-09-28 08:58:09 +02:00
return fmt.Errorf("Server name cannot be changed after launching the server, rehash aborted")
} else if oldConfig.Datastore.Path != config.Datastore.Path {
2018-02-19 03:52:39 +01:00
return fmt.Errorf("Datastore path cannot be changed after launching the server, rehash aborted")
2019-12-18 13:06:04 +01:00
} else if globalCasemappingSetting != config.Server.Casemapping {
return fmt.Errorf("Casemapping cannot be changed after launching the server, rehash aborted")
2020-06-22 20:54:43 +02:00
} else if globalUtf8EnforcementSetting != config.Server.EnforceUtf8 {
return fmt.Errorf("UTF-8 enforcement cannot be changed after launching the server, rehash aborted")
2020-02-26 07:44:05 +01:00
} else if oldConfig.Accounts.Multiclient.AlwaysOn != config.Accounts.Multiclient.AlwaysOn {
return fmt.Errorf("Default always-on setting cannot be changed after launching the server, rehash aborted")
2020-09-09 10:01:46 +02:00
} else if oldConfig.Server.Relaymsg.Enabled != config.Server.Relaymsg.Enabled {
2020-06-08 07:17:45 +02:00
return fmt.Errorf("Cannot enable or disable relaying after launching the server, rehash aborted")
2020-09-09 10:01:46 +02:00
} else if oldConfig.Server.Relaymsg.Separators != config.Server.Relaymsg.Separators {
2020-06-08 07:17:45 +02:00
return fmt.Errorf("Cannot change relaying separators after launching the server, rehash aborted")
} else if oldConfig.Server.IPCheckScript.MaxConcurrency != config.Server.IPCheckScript.MaxConcurrency ||
oldConfig.Accounts.AuthScript.MaxConcurrency != config.Accounts.AuthScript.MaxConcurrency {
return fmt.Errorf("Cannot change max-concurrency for scripts after launching the server, rehash aborted")
} else if oldConfig.Server.OverrideServicesHostname != config.Server.OverrideServicesHostname {
return fmt.Errorf("Cannot change override-services-hostname after launching the server, rehash aborted")
2020-12-14 21:31:55 +01:00
} else if !oldConfig.Datastore.MySQL.Enabled && config.Datastore.MySQL.Enabled {
return fmt.Errorf("Cannot enable MySQL after launching the server, rehash aborted")
2017-09-28 08:58:09 +02:00
}
2017-09-28 07:30:53 +02:00
}
2016-10-19 13:38:31 +02:00
server.logger.Info("server", "Using config file", server.configFilename)
2018-02-19 03:52:39 +01:00
// first, reload config sections for functionality implemented in subpackages:
wasLoggingRawIO := !initial && server.logger.IsLoggingRawIO()
err = server.logger.ApplyConfig(config.Logging)
2017-10-09 07:47:04 +02:00
if err != nil {
return err
}
nowLoggingRawIO := server.logger.IsLoggingRawIO()
// notify existing clients if raw i/o logging was enabled by a rehash
sendRawOutputNotice := !wasLoggingRawIO && nowLoggingRawIO
server.connectionLimiter.ApplyConfig(&config.Server.IPLimits)
tlConf := &config.Server.TorListeners
server.torLimiter.Configure(tlConf.MaxConnections, tlConf.ThrottleDuration, tlConf.MaxConnectionsPerDuration)
2018-01-22 08:30:31 +01:00
// Translations
2019-02-19 08:54:57 +01:00
server.logger.Debug("server", "Regenerating HELP indexes for new languages")
server.helpIndexManager.GenerateIndices(config.languageManager)
2018-01-22 08:30:31 +01:00
if initial {
maxIPConc := int(config.Server.IPCheckScript.MaxConcurrency)
if maxIPConc != 0 {
server.semaphores.IPCheckScript.Initialize(maxIPConc)
}
maxAuthConc := int(config.Accounts.AuthScript.MaxConcurrency)
if maxAuthConc != 0 {
server.semaphores.AuthScript.Initialize(maxAuthConc)
}
if err := overrideServicePrefixes(config.Server.OverrideServicesHostname); err != nil {
return err
}
}
2019-08-27 06:51:09 +02:00
if oldConfig != nil {
// if certain features were enabled by rehash, we need to load the corresponding data
// from the store
if !oldConfig.Accounts.NickReservation.Enabled {
server.accounts.buildNickToAccountIndex(config)
}
if !oldConfig.Channels.Registration.Enabled {
server.channels.loadRegisteredChannels(config)
}
// resize history buffers as needed
2020-07-10 00:36:45 +02:00
if config.historyChangedFrom(oldConfig) {
for _, channel := range server.channels.Channels() {
channel.resizeHistory(config)
}
for _, client := range server.clients.AllClients() {
client.resizeHistory(config)
}
}
2020-03-27 22:52:37 +01:00
if oldConfig.Accounts.Registration.Throttling != config.Accounts.Registration.Throttling {
server.accounts.resetRegisterThrottle(config)
}
}
2020-05-08 07:16:49 +02:00
server.logger.Info("server", "Using datastore", config.Datastore.Path)
if initial {
if err := server.loadDatastore(config); err != nil {
return err
}
} else {
if config.Datastore.MySQL.Enabled && config.Datastore.MySQL != oldConfig.Datastore.MySQL {
server.historyDB.SetConfig(config.Datastore.MySQL)
}
}
// now that the datastore is initialized, we can load the cloak secret from it
// XXX this modifies config after the initial load, which is naughty,
// but there's no data race because we haven't done SetConfig yet
2020-10-08 22:33:27 +02:00
config.Server.Cloaks.SetSecret(LoadCloakSecret(server.store))
2020-05-08 07:16:49 +02:00
2019-09-01 04:42:51 +02:00
// activate the new config
server.SetConfig(config)
2020-05-08 07:16:49 +02:00
// load [dk]-lines, registered users and channels, etc.
if initial {
if err := server.loadFromDatastore(config); err != nil {
return err
}
}
// burst new and removed caps
2019-12-23 21:26:37 +01:00
addedCaps, removedCaps := config.Diff(oldConfig)
var capBurstSessions []*Session
2019-08-27 06:51:09 +02:00
added := make(map[caps.Version][]string)
var removed []string
if !addedCaps.Empty() || !removedCaps.Empty() {
capBurstSessions = server.clients.AllWithCapsNotify()
added[caps.Cap301] = addedCaps.Strings(caps.Cap301, config.Server.capValues, 0)
added[caps.Cap302] = addedCaps.Strings(caps.Cap302, config.Server.capValues, 0)
// removed never has values, so we leave it as Cap301
removed = removedCaps.Strings(caps.Cap301, config.Server.capValues, 0)
}
for _, sSession := range capBurstSessions {
// DEL caps and then send NEW ones so that updated caps get removed/added correctly
if !removedCaps.Empty() {
2019-08-27 06:51:09 +02:00
for _, capStr := range removed {
sSession.Send(nil, server.name, "CAP", sSession.client.Nick(), "DEL", capStr)
}
}
if !addedCaps.Empty() {
2019-08-27 06:51:09 +02:00
for _, capStr := range added[sSession.capVersion] {
sSession.Send(nil, server.name, "CAP", sSession.client.Nick(), "NEW", capStr)
}
}
}
2016-10-19 13:38:31 +02:00
server.setupPprofListener(config)
2018-03-22 16:04:21 +01:00
// set RPL_ISUPPORT
var newISupportReplies [][]string
if oldConfig != nil {
newISupportReplies = oldConfig.Server.isupport.GetDifference(&config.Server.isupport)
2018-03-22 16:04:21 +01:00
}
2020-05-07 04:50:23 +02:00
if len(config.Server.ProxyAllowedFrom) != 0 {
server.logger.Info("server", "Proxied IPs will be accepted from", strings.Join(config.Server.ProxyAllowedFrom, ", "))
}
2017-09-28 07:30:53 +02:00
// we are now open for business
err = server.setupListeners(config)
2017-09-28 07:30:53 +02:00
2017-10-02 05:31:40 +02:00
if !initial {
// push new info to all of our clients
2017-11-22 10:41:11 +01:00
for _, sClient := range server.clients.AllClients() {
2017-10-02 05:31:40 +02:00
for _, tokenline := range newISupportReplies {
sClient.Send(nil, server.name, RPL_ISUPPORT, append([]string{sClient.nick}, tokenline...)...)
}
2017-10-04 19:41:19 +02:00
if sendRawOutputNotice {
sClient.Notice(sClient.t("This server is in debug mode and is logging all user I/O. If you do not wish for everything you send to be readable by the server owner(s), please disconnect."))
2017-10-02 05:31:40 +02:00
}
}
}
return err
2017-09-28 07:30:53 +02:00
}
func (server *Server) setupPprofListener(config *Config) {
pprofListener := ""
if config.Debug.PprofListener != nil {
pprofListener = *config.Debug.PprofListener
}
if server.pprofServer != nil {
if pprofListener == "" || (pprofListener != server.pprofServer.Addr) {
server.logger.Info("server", "Stopping pprof listener", server.pprofServer.Addr)
server.pprofServer.Close()
server.pprofServer = nil
}
}
if pprofListener != "" && server.pprofServer == nil {
ps := http.Server{
Addr: pprofListener,
}
go func() {
if err := ps.ListenAndServe(); err != nil {
server.logger.Error("server", "pprof listener failed", err.Error())
}
}()
server.pprofServer = &ps
server.logger.Info("server", "Started pprof listener", server.pprofServer.Addr)
}
}
func (server *Server) loadDatastore(config *Config) error {
2017-09-28 07:30:53 +02:00
// open the datastore and load server state for which it (rather than config)
// is the source of truth
_, err := os.Stat(config.Datastore.Path)
if os.IsNotExist(err) {
server.logger.Warning("server", "database does not exist, creating it", config.Datastore.Path)
err = initializeDB(config.Datastore.Path)
if err != nil {
return err
}
}
db, err := OpenDatabase(config)
2017-09-28 07:30:53 +02:00
if err == nil {
server.store = db
2020-05-08 07:16:49 +02:00
return nil
2017-09-28 07:30:53 +02:00
} else {
return fmt.Errorf("Failed to open datastore: %s", err.Error())
}
2020-05-08 07:16:49 +02:00
}
2017-09-28 07:30:53 +02:00
2020-05-08 07:16:49 +02:00
func (server *Server) loadFromDatastore(config *Config) (err error) {
2017-09-28 07:30:53 +02:00
// load *lines (from the datastores)
server.logger.Debug("server", "Loading D/Klines")
2017-09-28 07:30:53 +02:00
server.loadDLines()
server.loadKLines()
2019-03-12 00:24:45 +01:00
server.channelRegistry.Initialize(server)
server.channels.Initialize(server)
server.accounts.Initialize(server)
if config.Datastore.MySQL.Enabled {
2020-02-21 00:33:48 +01:00
server.historyDB.Initialize(server.logger, config.Datastore.MySQL)
err = server.historyDB.Open()
if err != nil {
server.logger.Error("internal", "could not connect to mysql", err.Error())
return err
}
}
2017-09-28 07:30:53 +02:00
return nil
}
func (server *Server) setupListeners(config *Config) (err error) {
2020-05-05 04:29:10 +02:00
logListener := func(addr string, config utils.ListenerConfig) {
2018-02-01 21:40:20 +01:00
server.logger.Info("listeners",
fmt.Sprintf("now listening on %s, tls=%t, proxy=%t, tor=%t, websocket=%t.", addr, (config.TLSConfig != nil), config.RequireProxy, config.Tor, config.WebSocket),
2018-02-01 21:40:20 +01:00
)
}
// update or destroy all existing listeners
for addr := range server.listeners {
currentListener := server.listeners[addr]
2019-06-28 16:45:34 +02:00
newConfig, stillConfigured := config.Server.trueListeners[addr]
if stillConfigured {
2020-05-07 12:42:50 +02:00
if reloadErr := currentListener.Reload(newConfig); reloadErr == nil {
logListener(addr, newConfig)
} else {
// stop the listener; we will attempt to replace it below
2020-05-05 04:29:10 +02:00
currentListener.Stop()
2020-05-07 12:42:50 +02:00
delete(server.listeners, addr)
2020-05-05 04:29:10 +02:00
}
} else {
2020-05-05 04:29:10 +02:00
currentListener.Stop()
delete(server.listeners, addr)
2017-09-28 07:30:53 +02:00
server.logger.Info("listeners", fmt.Sprintf("stopped listening on %s.", addr))
}
}
2019-08-27 06:51:09 +02:00
publicPlaintextListener := ""
2020-05-07 12:42:50 +02:00
// create new listeners that were not previously configured,
// or that couldn't be reloaded above:
2019-06-28 16:45:34 +02:00
for newAddr, newConfig := range config.Server.trueListeners {
2019-11-20 23:43:40 +01:00
if strings.HasPrefix(newAddr, ":") && !newConfig.Tor && !newConfig.STSOnly && newConfig.TLSConfig == nil {
2019-08-27 06:51:09 +02:00
publicPlaintextListener = newAddr
2019-06-28 16:45:34 +02:00
}
2019-06-18 04:21:37 +02:00
_, exists := server.listeners[newAddr]
if !exists {
2020-05-05 04:29:10 +02:00
// make a new listener
newListener, newErr := NewListener(server, newAddr, newConfig, config.Server.UnixBindMode)
if newErr == nil {
2020-05-05 04:29:10 +02:00
server.listeners[newAddr] = newListener
logListener(newAddr, newConfig)
} else {
server.logger.Error("server", "couldn't listen on", newAddr, newErr.Error())
err = newErr
}
}
}
2019-08-27 06:51:09 +02:00
if publicPlaintextListener != "" {
server.logger.Warning("listeners", fmt.Sprintf("Your server is configured with public plaintext listener %s. Consider disabling it for improved security and privacy.", publicPlaintextListener))
2017-09-28 07:30:53 +02:00
}
return
2017-09-28 07:30:53 +02:00
}
// Gets the abstract sequence from which we're going to query history;
// we may already know the channel we're querying, or we may have
2020-02-28 11:41:08 +01:00
// to look it up via a string query. This function is responsible for
// privilege checking.
2020-02-28 11:41:08 +01:00
func (server *Server) GetHistorySequence(providedChannel *Channel, client *Client, query string) (channel *Channel, sequence history.Sequence, err error) {
config := server.Config()
// 4 cases: {persistent, ephemeral} x {normal, conversation}
2020-02-28 11:41:08 +01:00
// with ephemeral history, target is implicit in the choice of `hist`,
// and correspondent is "" if we're retrieving a channel or *, and the correspondent's name
// if we're retrieving a DM conversation ("query buffer"). with persistent history,
2020-02-28 11:41:08 +01:00
// target is always nonempty, and correspondent is either empty or nonempty as before.
var status HistoryStatus
2020-02-28 11:41:08 +01:00
var target, correspondent string
var hist *history.Buffer
restriction := HistoryCutoffNone
channel = providedChannel
if channel == nil {
2020-02-28 11:41:08 +01:00
if strings.HasPrefix(query, "#") {
channel = server.channels.Get(query)
if channel == nil {
return
}
}
}
var joinTimeCutoff time.Time
if channel != nil {
if present, cutoff := channel.joinTimeCutoff(client); present {
joinTimeCutoff = cutoff
} else {
err = errInsufficientPrivs
return
}
status, target, restriction = channel.historyStatus(config)
switch status {
case HistoryEphemeral:
hist = &channel.history
case HistoryPersistent:
2020-02-28 11:41:08 +01:00
// already set `target`
default:
return
}
} else {
2020-02-28 11:41:08 +01:00
status, target = client.historyStatus(config)
if query != "*" {
correspondent, err = CasefoldName(query)
if err != nil {
return
}
}
switch status {
case HistoryEphemeral:
hist = &client.history
case HistoryPersistent:
2020-02-28 11:41:08 +01:00
// already set `target`, and `correspondent` if necessary
default:
return
}
}
var cutoff time.Time
if config.History.Restrictions.ExpireTime != 0 {
cutoff = time.Now().UTC().Add(-time.Duration(config.History.Restrictions.ExpireTime))
}
2020-03-01 09:39:25 +01:00
// #836: registration date cutoff is always enforced for DMs
// either way, take the later of the two cutoffs
if restriction == HistoryCutoffRegistrationTime || channel == nil {
regCutoff := client.historyCutoff()
if regCutoff.After(cutoff) {
cutoff = regCutoff
}
} else if restriction == HistoryCutoffJoinTime {
if joinTimeCutoff.After(cutoff) {
cutoff = joinTimeCutoff
}
}
2020-03-01 09:39:25 +01:00
// #836 again: grace period is never applied to DMs
if !cutoff.IsZero() && channel != nil && restriction != HistoryCutoffJoinTime {
2020-02-24 11:44:55 +01:00
cutoff = cutoff.Add(-time.Duration(config.History.Restrictions.GracePeriod))
}
if hist != nil {
2020-02-28 11:41:08 +01:00
sequence = hist.MakeSequence(correspondent, cutoff)
} else if target != "" {
sequence = server.historyDB.MakeSequence(target, correspondent, cutoff)
}
return
}
2020-05-12 18:05:40 +02:00
func (server *Server) ForgetHistory(accountName string) {
// sanity check
if accountName == "*" {
return
}
config := server.Config()
if !config.History.Enabled {
return
}
if cfAccount, err := CasefoldName(accountName); err == nil {
server.historyDB.Forget(cfAccount)
}
persistent := config.History.Persistent
if persistent.Enabled && persistent.UnregisteredChannels && persistent.RegisteredChannels == PersistentMandatory && persistent.DirectMessages == PersistentMandatory {
return
}
predicate := func(item *history.Item) bool { return item.AccountName == accountName }
for _, channel := range server.channels.Channels() {
channel.history.Delete(predicate)
}
for _, client := range server.clients.AllClients() {
client.history.Delete(predicate)
}
}
// deletes a message. target is a hint about what buffer it's in (not required for
// persistent history, where all the msgids are indexed together). if accountName
// is anything other than "*", it must match the recorded AccountName of the message
func (server *Server) DeleteMessage(target, msgid, accountName string) (err error) {
config := server.Config()
var hist *history.Buffer
if target != "" {
if target[0] == '#' {
channel := server.channels.Get(target)
if channel != nil {
if status, _, _ := channel.historyStatus(config); status == HistoryEphemeral {
2020-05-12 18:05:40 +02:00
hist = &channel.history
}
}
} else {
client := server.clients.Get(target)
if client != nil {
if status, _ := client.historyStatus(config); status == HistoryEphemeral {
hist = &client.history
}
}
}
}
if hist == nil {
err = server.historyDB.DeleteMsgid(msgid, accountName)
} else {
count := hist.Delete(func(item *history.Item) bool {
return item.Message.Msgid == msgid && (accountName == "*" || item.AccountName == accountName)
})
if count == 0 {
err = errNoop
}
}
return
}
// elistMatcher takes and matches ELIST conditions
type elistMatcher struct {
MinClientsActive bool
MinClients int
MaxClientsActive bool
MaxClients int
}
// Matches checks whether the given channel matches our matches.
func (matcher *elistMatcher) Matches(channel *Channel) bool {
if matcher.MinClientsActive {
2017-10-23 01:50:16 +02:00
if len(channel.Members()) < matcher.MinClients {
return false
}
}
if matcher.MaxClientsActive {
2017-10-23 01:50:16 +02:00
if len(channel.Members()) < len(channel.members) {
return false
}
}
return true
}
2017-10-29 08:59:56 +01:00
var (
infoString1 = strings.Split(` ·
·
2017-10-29 08:59:56 +01:00
. .
. ·
https://oragono.io/
https://github.com/oragono/oragono
https://crowdin.com/project/oragono
`, "\n")
infoString2 = strings.Split(` Daniel Oakley, DanielOaks, <daniel@danieloaks.net>
2017-10-29 08:59:56 +01:00
Shivaram Lingamneni, slingamn, <slingamn@cs.stanford.edu>
`, "\n")
2020-02-26 08:39:37 +01:00
infoString3 = strings.Split(` Jeremy Latt, jlatt
Edmund Huber, edmund-huber
2017-10-29 08:59:56 +01:00
`, "\n")
)