mirror of
https://github.com/ergochat/ergo.git
synced 2024-11-27 06:19:23 +01:00
99de53264e
Quit messages aren't supposed to clobber each other under any circumstances, but actually only the default "Connection closed" message was non-clobbering, all others would clobber.
1236 lines
36 KiB
Go
1236 lines
36 KiB
Go
// Copyright (c) 2012-2014 Jeremy Latt
|
|
// Copyright (c) 2014-2015 Edmund Huber
|
|
// Copyright (c) 2016-2017 Daniel Oaks <daniel@danieloaks.net>
|
|
// released under the MIT license
|
|
|
|
package irc
|
|
|
|
import (
|
|
"fmt"
|
|
"net"
|
|
"runtime/debug"
|
|
"strconv"
|
|
"strings"
|
|
"sync"
|
|
"sync/atomic"
|
|
"time"
|
|
|
|
"github.com/goshuirc/irc-go/ircfmt"
|
|
"github.com/goshuirc/irc-go/ircmsg"
|
|
ident "github.com/oragono/go-ident"
|
|
"github.com/oragono/oragono/irc/caps"
|
|
"github.com/oragono/oragono/irc/connection_limits"
|
|
"github.com/oragono/oragono/irc/history"
|
|
"github.com/oragono/oragono/irc/modes"
|
|
"github.com/oragono/oragono/irc/sno"
|
|
"github.com/oragono/oragono/irc/utils"
|
|
)
|
|
|
|
const (
|
|
// IdentTimeoutSeconds is how many seconds before our ident (username) check times out.
|
|
IdentTimeoutSeconds = 1.5
|
|
IRCv3TimestampFormat = "2006-01-02T15:04:05.000Z"
|
|
)
|
|
|
|
// ResumeDetails is a place to stash data at various stages of
|
|
// the resume process: when handling the RESUME command itself,
|
|
// when completing the registration, and when rejoining channels.
|
|
type ResumeDetails struct {
|
|
PresentedToken string
|
|
Timestamp time.Time
|
|
HistoryIncomplete bool
|
|
}
|
|
|
|
// Client is an IRC client.
|
|
type Client struct {
|
|
account string
|
|
accountName string // display name of the account: uncasefolded, '*' if not logged in
|
|
accountSettings AccountSettings
|
|
atime time.Time
|
|
away bool
|
|
awayMessage string
|
|
brbTimer BrbTimer
|
|
certfp string
|
|
channels ChannelSet
|
|
ctime time.Time
|
|
exitedSnomaskSent bool
|
|
flags modes.ModeSet
|
|
hostname string
|
|
invitedTo map[string]bool
|
|
isTor bool
|
|
languages []string
|
|
loginThrottle connection_limits.GenericThrottle
|
|
nick string
|
|
nickCasefolded string
|
|
nickMaskCasefolded string
|
|
nickMaskString string // cache for nickmask string since it's used with lots of replies
|
|
nickTimer NickTimer
|
|
oper *Oper
|
|
preregNick string
|
|
proxiedIP net.IP // actual remote IP if using the PROXY protocol
|
|
rawHostname string
|
|
cloakedHostname string
|
|
realname string
|
|
realIP net.IP
|
|
registered bool
|
|
resumeID string
|
|
saslInProgress bool
|
|
saslMechanism string
|
|
saslValue string
|
|
sentPassCommand bool
|
|
server *Server
|
|
skeleton string
|
|
sessions []*Session
|
|
stateMutex sync.RWMutex // tier 1
|
|
username string
|
|
vhost string
|
|
history history.Buffer
|
|
}
|
|
|
|
// Session is an individual client connection to the server (TCP connection
|
|
// and associated per-connection data, such as capabilities). There is a
|
|
// many-one relationship between sessions and clients.
|
|
type Session struct {
|
|
client *Client
|
|
|
|
ctime time.Time
|
|
atime time.Time
|
|
|
|
socket *Socket
|
|
realIP net.IP
|
|
proxiedIP net.IP
|
|
rawHostname string
|
|
|
|
idletimer IdleTimer
|
|
fakelag Fakelag
|
|
|
|
quitMessage string
|
|
|
|
capabilities caps.Set
|
|
maxlenRest uint32
|
|
capState caps.State
|
|
capVersion caps.Version
|
|
|
|
registrationMessages int
|
|
|
|
resumeID string
|
|
resumeDetails *ResumeDetails
|
|
zncPlaybackTimes *zncPlaybackTimes
|
|
}
|
|
|
|
// sets the session quit message, if there isn't one already
|
|
func (sd *Session) SetQuitMessage(message string) (set bool) {
|
|
if message == "" {
|
|
message = "Connection closed"
|
|
}
|
|
if sd.quitMessage == "" {
|
|
sd.quitMessage = message
|
|
return true
|
|
} else {
|
|
return false
|
|
}
|
|
}
|
|
|
|
// set the negotiated message length based on session capabilities
|
|
func (session *Session) SetMaxlenRest() {
|
|
maxlenRest := 512
|
|
if session.capabilities.Has(caps.MaxLine) {
|
|
maxlenRest = session.client.server.Config().Limits.LineLen.Rest
|
|
}
|
|
atomic.StoreUint32(&session.maxlenRest, uint32(maxlenRest))
|
|
}
|
|
|
|
// allow the negotiated message length limit to be read without locks; this is a convenience
|
|
// so that Session.SendRawMessage doesn't have to acquire any Client locks
|
|
func (session *Session) MaxlenRest() int {
|
|
return int(atomic.LoadUint32(&session.maxlenRest))
|
|
}
|
|
|
|
// WhoWas is the subset of client details needed to answer a WHOWAS query
|
|
type WhoWas struct {
|
|
nick string
|
|
nickCasefolded string
|
|
username string
|
|
hostname string
|
|
realname string
|
|
}
|
|
|
|
// ClientDetails is a standard set of details about a client
|
|
type ClientDetails struct {
|
|
WhoWas
|
|
|
|
nickMask string
|
|
nickMaskCasefolded string
|
|
account string
|
|
accountName string
|
|
}
|
|
|
|
// RunClient sets up a new client and runs its goroutine.
|
|
func (server *Server) RunClient(conn clientConn) {
|
|
var isBanned bool
|
|
var banMsg string
|
|
var realIP net.IP
|
|
if conn.IsTor {
|
|
realIP = utils.IPv4LoopbackAddress
|
|
isBanned, banMsg = server.checkTorLimits()
|
|
} else {
|
|
realIP = utils.AddrToIP(conn.Conn.RemoteAddr())
|
|
isBanned, banMsg = server.checkBans(realIP)
|
|
}
|
|
|
|
if isBanned {
|
|
// this might not show up properly on some clients,
|
|
// but our objective here is just to close the connection out before it has a load impact on us
|
|
conn.Conn.Write([]byte(fmt.Sprintf(errorMsg, banMsg)))
|
|
conn.Conn.Close()
|
|
return
|
|
}
|
|
|
|
server.logger.Info("localconnect-ip", fmt.Sprintf("Client connecting from %v", realIP))
|
|
|
|
now := time.Now().UTC()
|
|
config := server.Config()
|
|
fullLineLenLimit := ircmsg.MaxlenTagsFromClient + config.Limits.LineLen.Rest
|
|
// give them 1k of grace over the limit:
|
|
socket := NewSocket(conn.Conn, fullLineLenLimit+1024, config.Server.MaxSendQBytes)
|
|
client := &Client{
|
|
atime: now,
|
|
channels: make(ChannelSet),
|
|
ctime: now,
|
|
isTor: conn.IsTor,
|
|
languages: server.Languages().Default(),
|
|
loginThrottle: connection_limits.GenericThrottle{
|
|
Duration: config.Accounts.LoginThrottling.Duration,
|
|
Limit: config.Accounts.LoginThrottling.MaxAttempts,
|
|
},
|
|
server: server,
|
|
accountName: "*",
|
|
nick: "*", // * is used until actual nick is given
|
|
nickCasefolded: "*",
|
|
nickMaskString: "*", // * is used until actual nick is given
|
|
}
|
|
client.history.Initialize(config.History.ClientLength)
|
|
client.brbTimer.Initialize(client)
|
|
session := &Session{
|
|
client: client,
|
|
socket: socket,
|
|
capVersion: caps.Cap301,
|
|
capState: caps.NoneState,
|
|
ctime: now,
|
|
atime: now,
|
|
realIP: realIP,
|
|
}
|
|
session.SetMaxlenRest()
|
|
client.sessions = []*Session{session}
|
|
|
|
if conn.IsTLS {
|
|
client.SetMode(modes.TLS, true)
|
|
// error is not useful to us here anyways so we can ignore it
|
|
client.certfp, _ = socket.CertFP()
|
|
}
|
|
|
|
if conn.IsTor {
|
|
client.SetMode(modes.TLS, true)
|
|
// cover up details of the tor proxying infrastructure (not a user privacy concern,
|
|
// but a hardening measure):
|
|
session.proxiedIP = utils.IPv4LoopbackAddress
|
|
session.rawHostname = config.Server.TorListeners.Vhost
|
|
} else {
|
|
// set the hostname for this client (may be overridden later by PROXY or WEBIRC)
|
|
session.rawHostname = utils.LookupHostname(session.realIP.String())
|
|
client.cloakedHostname = config.Server.Cloaks.ComputeCloak(session.realIP)
|
|
remoteAddr := conn.Conn.RemoteAddr()
|
|
if utils.AddrIsLocal(remoteAddr) {
|
|
// treat local connections as secure (may be overridden later by WEBIRC)
|
|
client.SetMode(modes.TLS, true)
|
|
}
|
|
if config.Server.CheckIdent && !utils.AddrIsUnix(remoteAddr) {
|
|
client.doIdentLookup(conn.Conn)
|
|
}
|
|
}
|
|
client.realIP = session.realIP
|
|
client.rawHostname = session.rawHostname
|
|
client.proxiedIP = session.proxiedIP
|
|
|
|
client.run(session)
|
|
}
|
|
|
|
func (client *Client) doIdentLookup(conn net.Conn) {
|
|
_, serverPortString, err := net.SplitHostPort(conn.LocalAddr().String())
|
|
if err != nil {
|
|
client.server.logger.Error("internal", "bad server address", err.Error())
|
|
return
|
|
}
|
|
serverPort, _ := strconv.Atoi(serverPortString)
|
|
clientHost, clientPortString, err := net.SplitHostPort(conn.RemoteAddr().String())
|
|
if err != nil {
|
|
client.server.logger.Error("internal", "bad client address", err.Error())
|
|
return
|
|
}
|
|
clientPort, _ := strconv.Atoi(clientPortString)
|
|
|
|
client.Notice(client.t("*** Looking up your username"))
|
|
resp, err := ident.Query(clientHost, serverPort, clientPort, IdentTimeoutSeconds)
|
|
if err == nil {
|
|
err := client.SetNames(resp.Identifier, "", true)
|
|
if err == nil {
|
|
client.Notice(client.t("*** Found your username"))
|
|
// we don't need to updateNickMask here since nickMask is not used for anything yet
|
|
} else {
|
|
client.Notice(client.t("*** Got a malformed username, ignoring"))
|
|
}
|
|
} else {
|
|
client.Notice(client.t("*** Could not find your username"))
|
|
}
|
|
}
|
|
|
|
type AuthOutcome uint
|
|
|
|
const (
|
|
authSuccess AuthOutcome = iota
|
|
authFailPass
|
|
authFailTorSaslRequired
|
|
authFailSaslRequired
|
|
)
|
|
|
|
func (client *Client) isAuthorized(config *Config) AuthOutcome {
|
|
saslSent := client.account != ""
|
|
// PASS requirement
|
|
if (config.Server.passwordBytes != nil) && !client.sentPassCommand && !(config.Accounts.SkipServerPassword && saslSent) {
|
|
return authFailPass
|
|
}
|
|
// Tor connections may be required to authenticate with SASL
|
|
if client.isTor && config.Server.TorListeners.RequireSasl && !saslSent {
|
|
return authFailTorSaslRequired
|
|
}
|
|
// finally, enforce require-sasl
|
|
if config.Accounts.RequireSasl.Enabled && !saslSent && !utils.IPInNets(client.IP(), config.Accounts.RequireSasl.exemptedNets) {
|
|
return authFailSaslRequired
|
|
}
|
|
return authSuccess
|
|
}
|
|
|
|
func (session *Session) resetFakelag() {
|
|
var flc FakelagConfig = session.client.server.Config().Fakelag
|
|
flc.Enabled = flc.Enabled && !session.client.HasRoleCapabs("nofakelag")
|
|
session.fakelag.Initialize(flc)
|
|
}
|
|
|
|
// IP returns the IP address of this client.
|
|
func (client *Client) IP() net.IP {
|
|
client.stateMutex.RLock()
|
|
defer client.stateMutex.RUnlock()
|
|
|
|
if client.proxiedIP != nil {
|
|
return client.proxiedIP
|
|
}
|
|
return client.realIP
|
|
}
|
|
|
|
// IPString returns the IP address of this client as a string.
|
|
func (client *Client) IPString() string {
|
|
ip := client.IP().String()
|
|
if 0 < len(ip) && ip[0] == ':' {
|
|
ip = "0" + ip
|
|
}
|
|
return ip
|
|
}
|
|
|
|
//
|
|
// command goroutine
|
|
//
|
|
|
|
func (client *Client) run(session *Session) {
|
|
|
|
defer func() {
|
|
if r := recover(); r != nil {
|
|
client.server.logger.Error("internal",
|
|
fmt.Sprintf("Client caused panic: %v\n%s", r, debug.Stack()))
|
|
if client.server.Config().Debug.recoverFromErrors {
|
|
client.server.logger.Error("internal", "Disconnecting client and attempting to recover")
|
|
} else {
|
|
panic(r)
|
|
}
|
|
}
|
|
// ensure client connection gets closed
|
|
client.destroy(session)
|
|
}()
|
|
|
|
session.idletimer.Initialize(session)
|
|
session.resetFakelag()
|
|
|
|
isReattach := client.Registered()
|
|
if isReattach {
|
|
if session.resumeDetails != nil {
|
|
session.playResume()
|
|
session.resumeDetails = nil
|
|
client.brbTimer.Disable()
|
|
} else {
|
|
client.playReattachMessages(session)
|
|
}
|
|
} else {
|
|
// don't reset the nick timer during a reattach
|
|
client.nickTimer.Initialize(client)
|
|
}
|
|
|
|
firstLine := true
|
|
|
|
for {
|
|
maxlenRest := session.MaxlenRest()
|
|
|
|
line, err := session.socket.Read()
|
|
if err != nil {
|
|
quitMessage := "connection closed"
|
|
if err == errReadQ {
|
|
quitMessage = "readQ exceeded"
|
|
}
|
|
client.Quit(quitMessage, session)
|
|
// since the client did not actually send us a QUIT,
|
|
// give them a chance to resume or reattach if applicable:
|
|
client.brbTimer.Enable()
|
|
break
|
|
}
|
|
|
|
if client.server.logger.IsLoggingRawIO() {
|
|
client.server.logger.Debug("userinput", client.nick, "<- ", line)
|
|
}
|
|
|
|
// special-cased handling of PROXY protocol, see `handleProxyCommand` for details:
|
|
if !isReattach && firstLine {
|
|
firstLine = false
|
|
if strings.HasPrefix(line, "PROXY") {
|
|
err = handleProxyCommand(client.server, client, session, line)
|
|
if err != nil {
|
|
break
|
|
} else {
|
|
continue
|
|
}
|
|
}
|
|
}
|
|
|
|
if client.registered {
|
|
session.fakelag.Touch()
|
|
} else {
|
|
// DoS hardening, #505
|
|
session.registrationMessages++
|
|
if client.server.Config().Limits.RegistrationMessages < session.registrationMessages {
|
|
client.Send(nil, client.server.name, ERR_UNKNOWNERROR, "*", client.t("You have sent too many registration messages"))
|
|
break
|
|
}
|
|
}
|
|
|
|
msg, err := ircmsg.ParseLineStrict(line, true, maxlenRest)
|
|
if err == ircmsg.ErrorLineIsEmpty {
|
|
continue
|
|
} else if err == ircmsg.ErrorLineTooLong {
|
|
session.Send(nil, client.server.name, ERR_INPUTTOOLONG, client.Nick(), client.t("Input line too long"))
|
|
continue
|
|
} else if err != nil {
|
|
client.Quit(client.t("Received malformed line"), session)
|
|
break
|
|
}
|
|
|
|
cmd, exists := Commands[msg.Command]
|
|
if !exists {
|
|
if len(msg.Command) > 0 {
|
|
session.Send(nil, client.server.name, ERR_UNKNOWNCOMMAND, client.Nick(), msg.Command, client.t("Unknown command"))
|
|
} else {
|
|
session.Send(nil, client.server.name, ERR_UNKNOWNCOMMAND, client.Nick(), "lastcmd", client.t("No command given"))
|
|
}
|
|
continue
|
|
}
|
|
|
|
isExiting := cmd.Run(client.server, client, session, msg)
|
|
if isExiting {
|
|
break
|
|
} else if session.client != client {
|
|
// bouncer reattach
|
|
go session.client.run(session)
|
|
break
|
|
}
|
|
}
|
|
}
|
|
|
|
func (client *Client) playReattachMessages(session *Session) {
|
|
client.server.playRegistrationBurst(session)
|
|
for _, channel := range session.client.Channels() {
|
|
channel.playJoinForSession(session)
|
|
}
|
|
}
|
|
|
|
//
|
|
// idle, quit, timers and timeouts
|
|
//
|
|
|
|
// Active updates when the client was last 'active' (i.e. the user should be sitting in front of their client).
|
|
func (client *Client) Active(session *Session) {
|
|
now := time.Now().UTC()
|
|
client.stateMutex.Lock()
|
|
defer client.stateMutex.Unlock()
|
|
session.atime = now
|
|
client.atime = now
|
|
}
|
|
|
|
// Ping sends the client a PING message.
|
|
func (session *Session) Ping() {
|
|
session.Send(nil, "", "PING", session.client.Nick())
|
|
}
|
|
|
|
// tryResume tries to resume if the client asked us to.
|
|
func (session *Session) tryResume() (success bool) {
|
|
var oldResumeID string
|
|
|
|
defer func() {
|
|
if success {
|
|
// "On a successful request, the server [...] terminates the old client's connection"
|
|
oldSession := session.client.GetSessionByResumeID(oldResumeID)
|
|
if oldSession != nil {
|
|
session.client.destroy(oldSession)
|
|
}
|
|
} else {
|
|
session.resumeDetails = nil
|
|
}
|
|
}()
|
|
|
|
client := session.client
|
|
server := client.server
|
|
config := server.Config()
|
|
|
|
oldClient, oldResumeID := server.resumeManager.VerifyToken(client, session.resumeDetails.PresentedToken)
|
|
if oldClient == nil {
|
|
session.Send(nil, server.name, "FAIL", "RESUME", "INVALID_TOKEN", client.t("Cannot resume connection, token is not valid"))
|
|
return
|
|
}
|
|
|
|
resumeAllowed := config.Server.AllowPlaintextResume || (oldClient.HasMode(modes.TLS) && client.HasMode(modes.TLS))
|
|
if !resumeAllowed {
|
|
session.Send(nil, server.name, "FAIL", "RESUME", "INSECURE_SESSION", client.t("Cannot resume connection, old and new clients must have TLS"))
|
|
return
|
|
}
|
|
|
|
if oldClient.isTor != client.isTor {
|
|
session.Send(nil, server.name, "FAIL", "RESUME", "INSECURE_SESSION", client.t("Cannot resume connection from Tor to non-Tor or vice versa"))
|
|
return
|
|
}
|
|
|
|
err := server.clients.Resume(oldClient, session)
|
|
if err != nil {
|
|
session.Send(nil, server.name, "FAIL", "RESUME", "CANNOT_RESUME", client.t("Cannot resume connection"))
|
|
return
|
|
}
|
|
|
|
success = true
|
|
client.server.logger.Debug("quit", fmt.Sprintf("%s is being resumed", oldClient.Nick()))
|
|
|
|
return
|
|
}
|
|
|
|
// playResume is called from the session's fresh goroutine after a resume;
|
|
// it sends notifications to friends, then plays the registration burst and replays
|
|
// stored history to the session
|
|
func (session *Session) playResume() {
|
|
client := session.client
|
|
server := client.server
|
|
|
|
friends := make(ClientSet)
|
|
oldestLostMessage := time.Now().UTC()
|
|
|
|
// work out how much time, if any, is not covered by history buffers
|
|
for _, channel := range client.Channels() {
|
|
for _, member := range channel.Members() {
|
|
friends.Add(member)
|
|
lastDiscarded := channel.history.LastDiscarded()
|
|
if lastDiscarded.Before(oldestLostMessage) {
|
|
oldestLostMessage = lastDiscarded
|
|
}
|
|
}
|
|
}
|
|
privmsgMatcher := func(item history.Item) bool {
|
|
return item.Type == history.Privmsg || item.Type == history.Notice || item.Type == history.Tagmsg
|
|
}
|
|
privmsgHistory := client.history.Match(privmsgMatcher, false, 0)
|
|
lastDiscarded := client.history.LastDiscarded()
|
|
if lastDiscarded.Before(oldestLostMessage) {
|
|
oldestLostMessage = lastDiscarded
|
|
}
|
|
for _, item := range privmsgHistory {
|
|
sender := server.clients.Get(stripMaskFromNick(item.Nick))
|
|
if sender != nil {
|
|
friends.Add(sender)
|
|
}
|
|
}
|
|
|
|
timestamp := session.resumeDetails.Timestamp
|
|
gap := lastDiscarded.Sub(timestamp)
|
|
session.resumeDetails.HistoryIncomplete = gap > 0
|
|
gapSeconds := int(gap.Seconds()) + 1 // round up to avoid confusion
|
|
|
|
details := client.Details()
|
|
oldNickmask := details.nickMask
|
|
client.SetRawHostname(session.rawHostname)
|
|
hostname := client.Hostname() // may be a vhost
|
|
timestampString := session.resumeDetails.Timestamp.Format(IRCv3TimestampFormat)
|
|
|
|
// send quit/resume messages to friends
|
|
for friend := range friends {
|
|
if friend == client {
|
|
continue
|
|
}
|
|
for _, fSession := range friend.Sessions() {
|
|
if fSession.capabilities.Has(caps.Resume) {
|
|
if timestamp.IsZero() {
|
|
fSession.Send(nil, oldNickmask, "RESUMED", hostname)
|
|
} else {
|
|
fSession.Send(nil, oldNickmask, "RESUMED", hostname, timestampString)
|
|
}
|
|
} else {
|
|
if session.resumeDetails.HistoryIncomplete {
|
|
fSession.Send(nil, oldNickmask, "QUIT", fmt.Sprintf(friend.t("Client reconnected (up to %d seconds of history lost)"), gapSeconds))
|
|
} else {
|
|
fSession.Send(nil, oldNickmask, "QUIT", fmt.Sprintf(friend.t("Client reconnected")))
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
if session.resumeDetails.HistoryIncomplete {
|
|
session.Send(nil, client.server.name, "WARN", "RESUME", "HISTORY_LOST", fmt.Sprintf(client.t("Resume may have lost up to %d seconds of history"), gapSeconds))
|
|
}
|
|
|
|
session.Send(nil, client.server.name, "RESUME", "SUCCESS", details.nick)
|
|
|
|
server.playRegistrationBurst(session)
|
|
|
|
for _, channel := range client.Channels() {
|
|
channel.Resume(session, timestamp)
|
|
}
|
|
|
|
// replay direct PRIVSMG history
|
|
if !timestamp.IsZero() {
|
|
now := time.Now().UTC()
|
|
items, complete := client.history.Between(timestamp, now, false, 0)
|
|
rb := NewResponseBuffer(client.Sessions()[0])
|
|
client.replayPrivmsgHistory(rb, items, complete)
|
|
rb.Send(true)
|
|
}
|
|
|
|
session.resumeDetails = nil
|
|
}
|
|
|
|
func (client *Client) replayPrivmsgHistory(rb *ResponseBuffer, items []history.Item, complete bool) {
|
|
var batchID string
|
|
details := client.Details()
|
|
nick := details.nick
|
|
if 0 < len(items) {
|
|
batchID = rb.StartNestedHistoryBatch(nick)
|
|
}
|
|
|
|
allowTags := rb.session.capabilities.Has(caps.MessageTags)
|
|
for _, item := range items {
|
|
var command string
|
|
switch item.Type {
|
|
case history.Privmsg:
|
|
command = "PRIVMSG"
|
|
case history.Notice:
|
|
command = "NOTICE"
|
|
case history.Tagmsg:
|
|
if allowTags {
|
|
command = "TAGMSG"
|
|
} else {
|
|
continue
|
|
}
|
|
default:
|
|
continue
|
|
}
|
|
var tags map[string]string
|
|
if allowTags {
|
|
tags = item.Tags
|
|
}
|
|
if item.Params[0] == "" {
|
|
// this message was sent *to* the client from another nick
|
|
rb.AddSplitMessageFromClient(item.Nick, item.AccountName, tags, command, nick, item.Message)
|
|
} else {
|
|
// this message was sent *from* the client to another nick; the target is item.Params[0]
|
|
// substitute the client's current nickmask in case they changed nick
|
|
rb.AddSplitMessageFromClient(details.nickMask, item.AccountName, tags, command, item.Params[0], item.Message)
|
|
}
|
|
}
|
|
|
|
rb.EndNestedBatch(batchID)
|
|
if !complete {
|
|
rb.Add(nil, "HistServ", "NOTICE", nick, client.t("Some additional message history may have been lost"))
|
|
}
|
|
}
|
|
|
|
// IdleTime returns how long this client's been idle.
|
|
func (client *Client) IdleTime() time.Duration {
|
|
client.stateMutex.RLock()
|
|
defer client.stateMutex.RUnlock()
|
|
return time.Since(client.atime)
|
|
}
|
|
|
|
// SignonTime returns this client's signon time as a unix timestamp.
|
|
func (client *Client) SignonTime() int64 {
|
|
return client.ctime.Unix()
|
|
}
|
|
|
|
// IdleSeconds returns the number of seconds this client's been idle.
|
|
func (client *Client) IdleSeconds() uint64 {
|
|
return uint64(client.IdleTime().Seconds())
|
|
}
|
|
|
|
// HasNick returns true if the client's nickname is set (used in registration).
|
|
func (client *Client) HasNick() bool {
|
|
client.stateMutex.RLock()
|
|
defer client.stateMutex.RUnlock()
|
|
return client.nick != "" && client.nick != "*"
|
|
}
|
|
|
|
// HasUsername returns true if the client's username is set (used in registration).
|
|
func (client *Client) HasUsername() bool {
|
|
client.stateMutex.RLock()
|
|
defer client.stateMutex.RUnlock()
|
|
return client.username != "" && client.username != "*"
|
|
}
|
|
|
|
// SetNames sets the client's ident and realname.
|
|
func (client *Client) SetNames(username, realname string, fromIdent bool) error {
|
|
limit := client.server.Config().Limits.IdentLen
|
|
if !fromIdent {
|
|
limit -= 1 // leave room for the prepended ~
|
|
}
|
|
if limit < len(username) {
|
|
username = username[:limit]
|
|
}
|
|
|
|
if !isIdent(username) {
|
|
return errInvalidUsername
|
|
}
|
|
|
|
if !fromIdent {
|
|
username = "~" + username
|
|
}
|
|
|
|
client.stateMutex.Lock()
|
|
defer client.stateMutex.Unlock()
|
|
|
|
if client.username == "" {
|
|
client.username = username
|
|
}
|
|
|
|
if client.realname == "" {
|
|
client.realname = realname
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// HasRoleCapabs returns true if client has the given (role) capabilities.
|
|
func (client *Client) HasRoleCapabs(capabs ...string) bool {
|
|
oper := client.Oper()
|
|
if oper == nil {
|
|
return false
|
|
}
|
|
|
|
for _, capab := range capabs {
|
|
if !oper.Class.Capabilities[capab] {
|
|
return false
|
|
}
|
|
}
|
|
|
|
return true
|
|
}
|
|
|
|
// ModeString returns the mode string for this client.
|
|
func (client *Client) ModeString() (str string) {
|
|
return "+" + client.flags.String()
|
|
}
|
|
|
|
// Friends refers to clients that share a channel with this client.
|
|
func (client *Client) Friends(capabs ...caps.Capability) (result map[*Session]bool) {
|
|
result = make(map[*Session]bool)
|
|
|
|
// look at the client's own sessions
|
|
for _, session := range client.Sessions() {
|
|
if session.capabilities.HasAll(capabs...) {
|
|
result[session] = true
|
|
}
|
|
}
|
|
|
|
for _, channel := range client.Channels() {
|
|
for _, member := range channel.Members() {
|
|
for _, session := range member.Sessions() {
|
|
if session.capabilities.HasAll(capabs...) {
|
|
result[session] = true
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
func (client *Client) SetOper(oper *Oper) {
|
|
client.stateMutex.Lock()
|
|
defer client.stateMutex.Unlock()
|
|
client.oper = oper
|
|
// operators typically get a vhost, update the nickmask
|
|
client.updateNickMaskNoMutex()
|
|
}
|
|
|
|
// XXX: CHGHOST requires prefix nickmask to have original hostname,
|
|
// this is annoying to do correctly
|
|
func (client *Client) sendChghost(oldNickMask string, vhost string) {
|
|
username := client.Username()
|
|
for fClient := range client.Friends(caps.ChgHost) {
|
|
fClient.sendFromClientInternal(false, time.Time{}, "", oldNickMask, client.AccountName(), nil, "CHGHOST", username, vhost)
|
|
}
|
|
}
|
|
|
|
// choose the correct vhost to display
|
|
func (client *Client) getVHostNoMutex() string {
|
|
// hostserv vhost OR operclass vhost OR nothing (i.e., normal rdns hostmask)
|
|
if client.vhost != "" {
|
|
return client.vhost
|
|
} else if client.oper != nil {
|
|
return client.oper.Vhost
|
|
} else {
|
|
return ""
|
|
}
|
|
}
|
|
|
|
// SetVHost updates the client's hostserv-based vhost
|
|
func (client *Client) SetVHost(vhost string) (updated bool) {
|
|
client.stateMutex.Lock()
|
|
defer client.stateMutex.Unlock()
|
|
updated = (client.vhost != vhost)
|
|
client.vhost = vhost
|
|
if updated {
|
|
client.updateNickMaskNoMutex()
|
|
}
|
|
return
|
|
}
|
|
|
|
// updateNick updates `nick` and `nickCasefolded`.
|
|
func (client *Client) updateNick(nick, nickCasefolded, skeleton string) {
|
|
client.stateMutex.Lock()
|
|
defer client.stateMutex.Unlock()
|
|
client.nick = nick
|
|
client.nickCasefolded = nickCasefolded
|
|
client.skeleton = skeleton
|
|
client.updateNickMaskNoMutex()
|
|
}
|
|
|
|
// updateNickMaskNoMutex updates the casefolded nickname and nickmask, not acquiring any mutexes.
|
|
func (client *Client) updateNickMaskNoMutex() {
|
|
client.hostname = client.getVHostNoMutex()
|
|
if client.hostname == "" {
|
|
client.hostname = client.cloakedHostname
|
|
if client.hostname == "" {
|
|
client.hostname = client.rawHostname
|
|
}
|
|
}
|
|
|
|
cfhostname, err := Casefold(client.hostname)
|
|
if err != nil {
|
|
client.server.logger.Error("internal", "hostname couldn't be casefolded", client.hostname, err.Error())
|
|
cfhostname = client.hostname // YOLO
|
|
}
|
|
|
|
client.nickMaskString = fmt.Sprintf("%s!%s@%s", client.nick, client.username, client.hostname)
|
|
client.nickMaskCasefolded = fmt.Sprintf("%s!%s@%s", client.nickCasefolded, strings.ToLower(client.username), cfhostname)
|
|
}
|
|
|
|
// AllNickmasks returns all the possible nickmasks for the client.
|
|
func (client *Client) AllNickmasks() (masks []string) {
|
|
client.stateMutex.RLock()
|
|
nick := client.nickCasefolded
|
|
username := client.username
|
|
rawHostname := client.rawHostname
|
|
cloakedHostname := client.cloakedHostname
|
|
vhost := client.getVHostNoMutex()
|
|
client.stateMutex.RUnlock()
|
|
username = strings.ToLower(username)
|
|
|
|
if len(vhost) > 0 {
|
|
cfvhost, err := Casefold(vhost)
|
|
if err == nil {
|
|
masks = append(masks, fmt.Sprintf("%s!%s@%s", nick, username, cfvhost))
|
|
}
|
|
}
|
|
|
|
var rawhostmask string
|
|
cfrawhost, err := Casefold(rawHostname)
|
|
if err == nil {
|
|
rawhostmask = fmt.Sprintf("%s!%s@%s", nick, username, cfrawhost)
|
|
masks = append(masks, rawhostmask)
|
|
}
|
|
|
|
if cloakedHostname != "" {
|
|
masks = append(masks, fmt.Sprintf("%s!%s@%s", nick, username, cloakedHostname))
|
|
}
|
|
|
|
ipmask := fmt.Sprintf("%s!%s@%s", nick, username, client.IPString())
|
|
if ipmask != rawhostmask {
|
|
masks = append(masks, ipmask)
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
// LoggedIntoAccount returns true if this client is logged into an account.
|
|
func (client *Client) LoggedIntoAccount() bool {
|
|
return client.Account() != ""
|
|
}
|
|
|
|
// RplISupport outputs our ISUPPORT lines to the client. This is used on connection and in VERSION responses.
|
|
func (client *Client) RplISupport(rb *ResponseBuffer) {
|
|
translatedISupport := client.t("are supported by this server")
|
|
nick := client.Nick()
|
|
config := client.server.Config()
|
|
for _, cachedTokenLine := range config.Server.isupport.CachedReply {
|
|
length := len(cachedTokenLine) + 2
|
|
tokenline := make([]string, length)
|
|
tokenline[0] = nick
|
|
copy(tokenline[1:], cachedTokenLine)
|
|
tokenline[length-1] = translatedISupport
|
|
rb.Add(nil, client.server.name, RPL_ISUPPORT, tokenline...)
|
|
}
|
|
}
|
|
|
|
// Quit sets the given quit message for the client.
|
|
// (You must ensure separately that destroy() is called, e.g., by returning `true` from
|
|
// the command handler or calling it yourself.)
|
|
func (client *Client) Quit(message string, session *Session) {
|
|
setFinalData := func(sess *Session) {
|
|
message := sess.quitMessage
|
|
var finalData []byte
|
|
// #364: don't send QUIT lines to unregistered clients
|
|
if client.registered {
|
|
quitMsg := ircmsg.MakeMessage(nil, client.nickMaskString, "QUIT", message)
|
|
finalData, _ = quitMsg.LineBytesStrict(false, 512)
|
|
}
|
|
|
|
errorMsg := ircmsg.MakeMessage(nil, "", "ERROR", message)
|
|
errorMsgBytes, _ := errorMsg.LineBytesStrict(false, 512)
|
|
finalData = append(finalData, errorMsgBytes...)
|
|
|
|
sess.socket.SetFinalData(finalData)
|
|
}
|
|
|
|
client.stateMutex.Lock()
|
|
defer client.stateMutex.Unlock()
|
|
|
|
var sessions []*Session
|
|
if session != nil {
|
|
sessions = []*Session{session}
|
|
} else {
|
|
sessions = client.sessions
|
|
}
|
|
|
|
for _, session := range sessions {
|
|
if session.SetQuitMessage(message) {
|
|
setFinalData(session)
|
|
}
|
|
}
|
|
}
|
|
|
|
// destroy gets rid of a client, removes them from server lists etc.
|
|
// if `session` is nil, destroys the client unconditionally, removing all sessions;
|
|
// otherwise, destroys one specific session, only destroying the client if it
|
|
// has no more sessions.
|
|
func (client *Client) destroy(session *Session) {
|
|
var sessionsToDestroy []*Session
|
|
|
|
// allow destroy() to execute at most once
|
|
client.stateMutex.Lock()
|
|
details := client.detailsNoMutex()
|
|
brbState := client.brbTimer.state
|
|
wasReattach := session != nil && session.client != client
|
|
sessionRemoved := false
|
|
var remainingSessions int
|
|
if session == nil {
|
|
sessionsToDestroy = client.sessions
|
|
client.sessions = nil
|
|
remainingSessions = 0
|
|
} else {
|
|
sessionRemoved, remainingSessions = client.removeSession(session)
|
|
if sessionRemoved {
|
|
sessionsToDestroy = []*Session{session}
|
|
}
|
|
}
|
|
client.stateMutex.Unlock()
|
|
|
|
// destroy all applicable sessions:
|
|
var quitMessage string
|
|
for _, session := range sessionsToDestroy {
|
|
if session.client != client {
|
|
// session has been attached to a new client; do not destroy it
|
|
continue
|
|
}
|
|
session.idletimer.Stop()
|
|
// send quit/error message to client if they haven't been sent already
|
|
client.Quit("", session)
|
|
quitMessage = session.quitMessage
|
|
session.socket.Close()
|
|
|
|
// remove from connection limits
|
|
var source string
|
|
if client.isTor {
|
|
client.server.torLimiter.RemoveClient()
|
|
source = "tor"
|
|
} else {
|
|
ip := session.realIP
|
|
if session.proxiedIP != nil {
|
|
ip = session.proxiedIP
|
|
}
|
|
client.server.connectionLimiter.RemoveClient(ip)
|
|
source = ip.String()
|
|
}
|
|
client.server.logger.Info("localconnect-ip", fmt.Sprintf("disconnecting session of %s from %s", details.nick, source))
|
|
}
|
|
|
|
// do not destroy the client if it has either remaining sessions, or is BRB'ed
|
|
if remainingSessions != 0 || brbState == BrbEnabled || brbState == BrbSticky {
|
|
return
|
|
}
|
|
|
|
// see #235: deduplicating the list of PART recipients uses (comparatively speaking)
|
|
// a lot of RAM, so limit concurrency to avoid thrashing
|
|
client.server.semaphores.ClientDestroy.Acquire()
|
|
defer client.server.semaphores.ClientDestroy.Release()
|
|
|
|
if !wasReattach {
|
|
client.server.logger.Debug("quit", fmt.Sprintf("%s is no longer on the server", details.nick))
|
|
}
|
|
|
|
registered := client.Registered()
|
|
if registered {
|
|
client.server.whoWas.Append(client.WhoWas())
|
|
}
|
|
|
|
client.server.resumeManager.Delete(client)
|
|
|
|
// alert monitors
|
|
if registered {
|
|
client.server.monitorManager.AlertAbout(client, false)
|
|
}
|
|
// clean up monitor state
|
|
client.server.monitorManager.RemoveAll(client)
|
|
|
|
splitQuitMessage := utils.MakeSplitMessage(quitMessage, true)
|
|
// clean up channels
|
|
// (note that if this is a reattach, client has no channels and therefore no friends)
|
|
friends := make(ClientSet)
|
|
for _, channel := range client.Channels() {
|
|
channel.Quit(client)
|
|
channel.history.Add(history.Item{
|
|
Type: history.Quit,
|
|
Nick: details.nickMask,
|
|
AccountName: details.accountName,
|
|
Message: splitQuitMessage,
|
|
})
|
|
for _, member := range channel.Members() {
|
|
friends.Add(member)
|
|
}
|
|
}
|
|
friends.Remove(client)
|
|
|
|
// clean up server
|
|
client.server.clients.Remove(client)
|
|
|
|
// clean up self
|
|
client.nickTimer.Stop()
|
|
client.brbTimer.Disable()
|
|
|
|
client.server.accounts.Logout(client)
|
|
|
|
// send quit messages to friends
|
|
if registered {
|
|
client.server.stats.ChangeTotal(-1)
|
|
}
|
|
if client.HasMode(modes.Invisible) {
|
|
client.server.stats.ChangeInvisible(-1)
|
|
}
|
|
if client.HasMode(modes.Operator) || client.HasMode(modes.LocalOperator) {
|
|
client.server.stats.ChangeOperators(-1)
|
|
}
|
|
|
|
for friend := range friends {
|
|
if quitMessage == "" {
|
|
quitMessage = "Exited"
|
|
}
|
|
friend.sendFromClientInternal(false, splitQuitMessage.Time, splitQuitMessage.Msgid, details.nickMask, details.accountName, nil, "QUIT", quitMessage)
|
|
}
|
|
|
|
if !client.exitedSnomaskSent && registered {
|
|
client.server.snomasks.Send(sno.LocalQuits, fmt.Sprintf(ircfmt.Unescape("%s$r exited the network"), details.nick))
|
|
}
|
|
}
|
|
|
|
// SendSplitMsgFromClient sends an IRC PRIVMSG/NOTICE coming from a specific client.
|
|
// Adds account-tag to the line as well.
|
|
func (session *Session) sendSplitMsgFromClientInternal(blocking bool, nickmask, accountName string, tags map[string]string, command, target string, message utils.SplitMessage) {
|
|
if session.capabilities.Has(caps.MaxLine) || message.Wrapped == nil {
|
|
session.sendFromClientInternal(blocking, message.Time, message.Msgid, nickmask, accountName, tags, command, target, message.Message)
|
|
} else {
|
|
for _, messagePair := range message.Wrapped {
|
|
session.sendFromClientInternal(blocking, message.Time, messagePair.Msgid, nickmask, accountName, tags, command, target, messagePair.Message)
|
|
}
|
|
}
|
|
}
|
|
|
|
// Sends a line with `nickmask` as the prefix, adding `time` and `account` tags if supported
|
|
func (client *Client) sendFromClientInternal(blocking bool, serverTime time.Time, msgid string, nickmask, accountName string, tags map[string]string, command string, params ...string) (err error) {
|
|
for _, session := range client.Sessions() {
|
|
err_ := session.sendFromClientInternal(blocking, serverTime, msgid, nickmask, accountName, tags, command, params...)
|
|
if err_ != nil {
|
|
err = err_
|
|
}
|
|
}
|
|
return
|
|
}
|
|
|
|
func (session *Session) sendFromClientInternal(blocking bool, serverTime time.Time, msgid string, nickmask, accountName string, tags map[string]string, command string, params ...string) (err error) {
|
|
msg := ircmsg.MakeMessage(tags, nickmask, command, params...)
|
|
// attach account-tag
|
|
if session.capabilities.Has(caps.AccountTag) && accountName != "*" {
|
|
msg.SetTag("account", accountName)
|
|
}
|
|
// attach message-id
|
|
if msgid != "" && session.capabilities.Has(caps.MessageTags) {
|
|
msg.SetTag("msgid", msgid)
|
|
}
|
|
// attach server-time
|
|
if session.capabilities.Has(caps.ServerTime) {
|
|
if serverTime.IsZero() {
|
|
serverTime = time.Now().UTC()
|
|
}
|
|
msg.SetTag("time", serverTime.Format(IRCv3TimestampFormat))
|
|
}
|
|
|
|
return session.SendRawMessage(msg, blocking)
|
|
}
|
|
|
|
var (
|
|
// these are all the output commands that MUST have their last param be a trailing.
|
|
// this is needed because dumb clients like to treat trailing params separately from the
|
|
// other params in messages.
|
|
commandsThatMustUseTrailing = map[string]bool{
|
|
"PRIVMSG": true,
|
|
"NOTICE": true,
|
|
|
|
RPL_WHOISCHANNELS: true,
|
|
RPL_USERHOST: true,
|
|
}
|
|
)
|
|
|
|
// SendRawMessage sends a raw message to the client.
|
|
func (session *Session) SendRawMessage(message ircmsg.IrcMessage, blocking bool) error {
|
|
// use dumb hack to force the last param to be a trailing param if required
|
|
var usedTrailingHack bool
|
|
config := session.client.server.Config()
|
|
if config.Server.Compatibility.forceTrailing && commandsThatMustUseTrailing[message.Command] && len(message.Params) > 0 {
|
|
lastParam := message.Params[len(message.Params)-1]
|
|
// to force trailing, we ensure the final param contains a space
|
|
if strings.IndexByte(lastParam, ' ') == -1 {
|
|
message.Params[len(message.Params)-1] = lastParam + " "
|
|
usedTrailingHack = true
|
|
}
|
|
}
|
|
|
|
// assemble message
|
|
maxlenRest := session.MaxlenRest()
|
|
line, err := message.LineBytesStrict(false, maxlenRest)
|
|
if err != nil {
|
|
logline := fmt.Sprintf("Error assembling message for sending: %v\n%s", err, debug.Stack())
|
|
session.client.server.logger.Error("internal", logline)
|
|
|
|
message = ircmsg.MakeMessage(nil, session.client.server.name, ERR_UNKNOWNERROR, "*", "Error assembling message for sending")
|
|
line, _ := message.LineBytesStrict(false, 0)
|
|
|
|
if blocking {
|
|
session.socket.BlockingWrite(line)
|
|
} else {
|
|
session.socket.Write(line)
|
|
}
|
|
return err
|
|
}
|
|
|
|
// if we used the trailing hack, we need to strip the final space we appended earlier on
|
|
if usedTrailingHack {
|
|
copy(line[len(line)-3:], "\r\n")
|
|
line = line[:len(line)-1]
|
|
}
|
|
|
|
if session.client.server.logger.IsLoggingRawIO() {
|
|
logline := string(line[:len(line)-2]) // strip "\r\n"
|
|
session.client.server.logger.Debug("useroutput", session.client.Nick(), " ->", logline)
|
|
}
|
|
|
|
if blocking {
|
|
return session.socket.BlockingWrite(line)
|
|
} else {
|
|
return session.socket.Write(line)
|
|
}
|
|
}
|
|
|
|
// Send sends an IRC line to the client.
|
|
func (client *Client) Send(tags map[string]string, prefix string, command string, params ...string) (err error) {
|
|
for _, session := range client.Sessions() {
|
|
err_ := session.Send(tags, prefix, command, params...)
|
|
if err_ != nil {
|
|
err = err_
|
|
}
|
|
}
|
|
return
|
|
}
|
|
|
|
func (session *Session) Send(tags map[string]string, prefix string, command string, params ...string) (err error) {
|
|
msg := ircmsg.MakeMessage(tags, prefix, command, params...)
|
|
if session.capabilities.Has(caps.ServerTime) && !msg.HasTag("time") {
|
|
msg.SetTag("time", time.Now().UTC().Format(IRCv3TimestampFormat))
|
|
}
|
|
return session.SendRawMessage(msg, false)
|
|
}
|
|
|
|
// Notice sends the client a notice from the server.
|
|
func (client *Client) Notice(text string) {
|
|
client.Send(nil, client.server.name, "NOTICE", client.Nick(), text)
|
|
}
|
|
|
|
func (client *Client) addChannel(channel *Channel) {
|
|
client.stateMutex.Lock()
|
|
client.channels[channel] = true
|
|
client.stateMutex.Unlock()
|
|
}
|
|
|
|
func (client *Client) removeChannel(channel *Channel) {
|
|
client.stateMutex.Lock()
|
|
delete(client.channels, channel)
|
|
client.stateMutex.Unlock()
|
|
}
|
|
|
|
// Records that the client has been invited to join an invite-only channel
|
|
func (client *Client) Invite(casefoldedChannel string) {
|
|
client.stateMutex.Lock()
|
|
defer client.stateMutex.Unlock()
|
|
|
|
if client.invitedTo == nil {
|
|
client.invitedTo = make(map[string]bool)
|
|
}
|
|
|
|
client.invitedTo[casefoldedChannel] = true
|
|
}
|
|
|
|
// Checks that the client was invited to join a given channel
|
|
func (client *Client) CheckInvited(casefoldedChannel string) (invited bool) {
|
|
client.stateMutex.Lock()
|
|
defer client.stateMutex.Unlock()
|
|
|
|
invited = client.invitedTo[casefoldedChannel]
|
|
// joining an invited channel "uses up" your invite, so you can't rejoin on kick
|
|
delete(client.invitedTo, casefoldedChannel)
|
|
return
|
|
}
|