2 * ngIRCd -- The Next Generation IRC Daemon
3 * Copyright (c)2001-2013 Alexander Barton (alex@barton.de) and Contributors.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 * Please read the file COPYING, README and AUTHORS for more information.
16 * IRC command parser and validator.
27 #include "conn-func.h"
37 #include "irc-channel.h"
38 #include "irc-encoding.h"
40 #include "irc-login.h"
41 #include "irc-metadata.h"
45 #include "irc-server.h"
46 #include "irc-write.h"
53 bool (*function) PARAMS(( CLIENT *Client, REQUEST *Request ));
57 static COMMAND My_Commands[] =
59 #define _CMD(name, func, type, min, max, penalty) \
60 { (name), (func), (type), (min), (max), (penalty), 0, 0, 0 }
61 _CMD("ADMIN", IRC_ADMIN, CLIENT_USER|CLIENT_SERVER, 0, 1, 1),
62 _CMD("AWAY", IRC_AWAY, CLIENT_USER, 0, 1, 0),
63 _CMD("CAP", IRC_CAP, CLIENT_ANY, 1, 2, 0),
64 _CMD("CONNECT", IRC_CONNECT, CLIENT_USER|CLIENT_SERVER, 0, -1, 0),
66 _CMD("DIE", IRC_DIE, CLIENT_USER, 0, 0, 0),
68 _CMD("DIE", IRC_DIE, CLIENT_USER, 0, 1, 0),
70 _CMD("DISCONNECT", IRC_DISCONNECT, CLIENT_USER, 1, 1, 0),
71 _CMD("ERROR", IRC_ERROR, CLIENT_ANY, 0, -1, 0),
72 _CMD("GLINE", IRC_xLINE, CLIENT_USER|CLIENT_SERVER, 0, -1, 0),
73 _CMD("HELP", IRC_HELP, CLIENT_USER, 0, 1, 2),
74 _CMD("INFO", IRC_INFO, CLIENT_USER|CLIENT_SERVER, 0, 1, 2),
75 _CMD("INVITE", IRC_INVITE, CLIENT_USER|CLIENT_SERVER, 2, 2, 0),
76 _CMD("ISON", IRC_ISON, CLIENT_USER, 1, -1, 0),
77 _CMD("JOIN", IRC_JOIN, CLIENT_USER|CLIENT_SERVER, 1, 2, 0),
78 _CMD("KICK", IRC_KICK, CLIENT_USER|CLIENT_SERVER, 2, 3, 0),
79 _CMD("KILL", IRC_KILL, CLIENT_USER|CLIENT_SERVER, 2, 2, 0),
80 _CMD("KLINE", IRC_xLINE, CLIENT_USER|CLIENT_SERVER, 0, -1, 0),
81 _CMD("LINKS", IRC_LINKS, CLIENT_USER|CLIENT_SERVER, 0, 2, 1),
82 _CMD("LIST", IRC_LIST, CLIENT_USER|CLIENT_SERVER, 0, 2, 2),
83 _CMD("LUSERS", IRC_LUSERS, CLIENT_USER|CLIENT_SERVER, 0, 2, 1),
84 _CMD("METADATA", IRC_METADATA, CLIENT_SERVER, 3, 3, 0),
85 _CMD("MODE", IRC_MODE, CLIENT_USER|CLIENT_SERVER, 1, -1, 1),
86 _CMD("MOTD", IRC_MOTD, CLIENT_USER|CLIENT_SERVER, 0, 1, 3),
87 _CMD("NAMES", IRC_NAMES, CLIENT_USER|CLIENT_SERVER, 0, 2, 1),
88 _CMD("NICK", IRC_NICK, CLIENT_ANY, 0, -1, 0),
89 _CMD("NJOIN", IRC_NJOIN, CLIENT_SERVER, 2, 2, 0),
90 _CMD("NOTICE", IRC_NOTICE, CLIENT_ANY, 0, -1, 0),
91 _CMD("OPER", IRC_OPER, CLIENT_USER, 2, 2, 0),
92 _CMD("PART", IRC_PART, CLIENT_USER|CLIENT_SERVER, 1, 2, 0),
93 _CMD("PASS", IRC_PASS, CLIENT_ANY, 0, -1, 0),
94 _CMD("PING", IRC_PING, CLIENT_USER|CLIENT_SERVER, 0, -1, 0),
95 _CMD("PONG", IRC_PONG, CLIENT_ANY, 0, -1, 0),
96 _CMD("PRIVMSG", IRC_PRIVMSG, CLIENT_USER|CLIENT_SERVER, 0, 2, 0),
97 _CMD("QUIT", IRC_QUIT, CLIENT_ANY, 0, 1, 0),
98 _CMD("REHASH", IRC_REHASH, CLIENT_USER, 0, 0, 0),
99 _CMD("RESTART", IRC_RESTART, CLIENT_USER, 0, 0, 0),
100 _CMD("SERVER", IRC_SERVER, CLIENT_ANY, 0, -1, 0),
101 _CMD("SERVICE", IRC_SERVICE, CLIENT_ANY, 6, 6, 0),
102 _CMD("SERVLIST", IRC_SERVLIST, CLIENT_USER, 0, 2, 1),
103 _CMD("SQUERY", IRC_SQUERY, CLIENT_USER|CLIENT_SERVER, 0, 2, 0),
104 _CMD("SQUIT", IRC_SQUIT, CLIENT_USER|CLIENT_SERVER, 2, 2, 0),
105 _CMD("STATS", IRC_STATS, CLIENT_USER|CLIENT_SERVER, 0, 2, 2),
106 _CMD("SVSNICK", IRC_SVSNICK, CLIENT_SERVER, 2, 2, 0),
107 _CMD("SUMMON", IRC_SUMMON, CLIENT_USER|CLIENT_SERVER, 0, -1, 0),
108 _CMD("TIME", IRC_TIME, CLIENT_USER|CLIENT_SERVER, 0, 1, 1),
109 _CMD("TOPIC", IRC_TOPIC, CLIENT_USER|CLIENT_SERVER, 1, 2, 1),
110 _CMD("TRACE", IRC_TRACE, CLIENT_USER|CLIENT_SERVER, 0, 1, 3),
111 _CMD("USER", IRC_USER, CLIENT_ANY, 0, -1, 0),
112 _CMD("USERHOST", IRC_USERHOST, CLIENT_USER, 1, -1, 1),
113 _CMD("USERS", IRC_USERS, CLIENT_USER|CLIENT_SERVER, 0, -1, 0),
114 _CMD("VERSION", IRC_VERSION, CLIENT_USER|CLIENT_SERVER, 0, 1, 1),
115 _CMD("WALLOPS", IRC_WALLOPS, CLIENT_USER|CLIENT_SERVER, 1, 1, 0),
116 _CMD("WEBIRC", IRC_WEBIRC, CLIENT_UNKNOWN, 4, 4, 0),
117 _CMD("WHO", IRC_WHO, CLIENT_USER, 0, 2, 1),
118 _CMD("WHOIS", IRC_WHOIS, CLIENT_USER|CLIENT_SERVER, 0, -1, 1),
119 _CMD("WHOWAS", IRC_WHOWAS, CLIENT_USER|CLIENT_SERVER, 0, -1, 0),
122 _CMD("CHANINFO", IRC_CHANINFO, CLIENT_SERVER, 0, -1, 0),
124 _CMD("CHARCONV", IRC_CHARCONV, CLIENT_USER, 1, 1, 0),
129 _CMD("GET", IRC_QUIT_HTTP, CLIENT_UNKNOWN, 0, -1, 0),
130 _CMD("POST", IRC_QUIT_HTTP, CLIENT_UNKNOWN, 0, -1, 0),
132 _CMD(NULL, NULL, 0, 0, 0, 0) /* End-Mark */
136 static void Init_Request PARAMS(( REQUEST *Req ));
138 static bool Validate_Prefix PARAMS(( CONN_ID Idx, REQUEST *Req, bool *Closed ));
139 static bool Validate_Command PARAMS(( CONN_ID Idx, REQUEST *Req, bool *Closed ));
140 static bool Validate_Args PARAMS(( CONN_ID Idx, REQUEST *Req, bool *Closed ));
142 static bool Handle_Request PARAMS(( CONN_ID Idx, REQUEST *Req ));
144 static bool ScrubCTCP PARAMS((char *Request));
147 * Return the pointer to the global "IRC command structure".
148 * This structure, an array of type "COMMAND" describes all the IRC commands
149 * implemented by ngIRCd and how to handle them.
150 * @return Pointer to the global command structure.
153 Parse_GetCommandStruct( void )
156 } /* Parse_GetCommandStruct */
160 * Parse a command ("request") received from a client.
162 * This function is called after the connection layer received a valid CR+LF
163 * terminated line of text: we assume that this is a valid IRC command and
164 * try to do something useful with it :-)
166 * All errors are reported to the client from which the command has been
167 * received, and if the error is fatal this connection is closed down.
169 * This function is able to parse the syntax as described in RFC 2812,
172 * @param Idx Index of the connection from which the command has been received.
173 * @param Request NULL terminated line of text (the "command").
174 * @return true on success (valid command or "regular" error), false if a
175 * fatal error occurred and the connection has been shut down.
178 Parse_Request( CONN_ID Idx, char *Request )
185 assert( Request != NULL );
188 if( NGIRCd_Sniffer ) Log( LOG_DEBUG, " <- connection %d: '%s'.", Idx, Request );
191 Init_Request( &req );
193 /* remove leading & trailing whitespace */
194 ngt_TrimStr( Request );
196 if (Conf_ScrubCTCP && ScrubCTCP(Request))
199 if (Request[0] == ':') {
201 req.prefix = Request + 1;
202 ptr = strchr( Request, ' ' );
205 LogDebug("Connection %d: Parse error: prefix without command!?", Idx);
206 return Conn_WriteStr(Idx, "ERROR :Prefix without command");
210 /* ignore multiple spaces between prefix and command */
211 while( *(ptr + 1) == ' ' ) ptr++;
215 else start = Request;
217 ptr = strchr( start, ' ' );
222 /* ignore multiple spaces between parameters */
223 while( *(ptr + 1) == ' ' ) ptr++;
228 /* Arguments, Parameters */
234 if( start[0] == ':' )
236 req.argv[req.argc] = start + 1;
241 req.argv[req.argc] = start;
242 ptr = strchr( start, ' ' );
247 while( *(ptr + 1) == ' ' ) ptr++;
254 if( start[0] == ':' ) break;
255 if( req.argc > 14 ) break;
257 if( ptr ) start = ptr + 1;
262 if( ! Validate_Prefix( Idx, &req, &closed )) return ! closed;
263 if( ! Validate_Command( Idx, &req, &closed )) return ! closed;
264 if( ! Validate_Args( Idx, &req, &closed )) return ! closed;
266 return Handle_Request( Idx, &req );
267 } /* Parse_Request */
271 * Initialize request structure.
272 * @param Req Request structure to be initialized.
275 Init_Request( REQUEST *Req )
279 assert( Req != NULL );
283 for( i = 0; i < 15; Req->argv[i++] = NULL );
289 Validate_Prefix( CONN_ID Idx, REQUEST *Req, bool *Closed )
294 assert( Req != NULL );
298 client = Conn_GetClient( Idx );
299 assert( client != NULL );
301 if (!Req->prefix && Client_Type(client) == CLIENT_SERVER
302 && !(Conn_Options(Idx) & CONN_RFC1459)
303 && strcasecmp(Req->command, "ERROR") != 0
304 && strcasecmp(Req->command, "PING") != 0)
307 "Received command without prefix (connection %d, command \"%s\")!?",
309 if (!Conn_WriteStr(Idx, "ERROR :Prefix missing"))
317 /* only validate if this connection is already registered */
318 if (Client_Type(client) != CLIENT_USER
319 && Client_Type(client) != CLIENT_SERVER
320 && Client_Type(client) != CLIENT_SERVICE) {
321 /* not registered, ignore prefix */
326 /* check if client in prefix is known */
327 c = Client_Search(Req->prefix);
329 if (Client_Type(client) != CLIENT_SERVER) {
331 "Ignoring command with invalid prefix \"%s\" from \"%s\" (connection %d, command \"%s\")!",
332 Req->prefix, Client_ID(client), Idx, Req->command);
333 if (!Conn_WriteStr(Idx,
334 "ERROR :Invalid prefix \"%s\"",
337 IRC_SetPenalty(client, 2);
339 LogDebug("Ignoring command with invalid prefix \"%s\" from \"%s\" (connection %d, command \"%s\")!",
340 Req->prefix, Client_ID(client), Idx, Req->command);
344 /* check if the client named in the prefix is expected
345 * to come from that direction */
346 if (Client_NextHop(c) != client) {
347 if (Client_Type(c) != CLIENT_SERVER) {
349 "Spoofed prefix \"%s\" from \"%s\" (connection %d, command \"%s\"), closing connection!",
350 Req->prefix, Client_ID(client), Idx, Req->command);
351 Conn_Close(Idx, NULL, "Spoofed prefix", true);
355 "Ignoring command with spoofed prefix \"%s\" from \"%s\" (connection %d, command \"%s\")!",
356 Req->prefix, Client_ID(client), Idx, Req->command);
362 } /* Validate_Prefix */
366 Validate_Command( UNUSED CONN_ID Idx, UNUSED REQUEST *Req, bool *Closed )
369 assert( Req != NULL );
373 } /* Validate_Command */
378 Validate_Args(CONN_ID Idx, REQUEST *Req, bool *Closed)
380 Validate_Args(UNUSED CONN_ID Idx, UNUSED REQUEST *Req, bool *Closed)
391 assert( Req != NULL );
393 /* CR and LF are never allowed in command parameters.
394 * But since we do accept lines terminated only with CR or LF in
395 * "non-RFC-compliant mode" (besides the correct CR+LF combination),
396 * this check can only trigger in "strict RFC" mode; therefore we
397 * optimize it away otherwise ... */
398 for (i = 0; i < Req->argc; i++) {
399 if (strchr(Req->argv[i], '\r') || strchr(Req->argv[i], '\n')) {
401 "Invalid character(s) in parameter (connection %d, command %s)!?",
403 if (!Conn_WriteStr(Idx,
404 "ERROR :Invalid character(s) in parameter!"))
412 } /* Validate_Args */
415 /* Command is a status code ("numeric") from another server */
417 Handle_Numeric(CLIENT *client, REQUEST *Req)
419 static const struct _NUMERIC Numerics[] = {
420 { 5, IRC_Num_ISUPPORT },
422 { 376, IRC_Num_ENDOFMOTD }
425 char str[COMMAND_LEN];
426 CLIENT *prefix, *target = NULL;
428 /* Determine target */
430 if (strcmp(Req->argv[0], "*") != 0)
431 target = Client_Search(Req->argv[0]);
433 target = Client_ThisServer();
437 /* Status code without target!? */
440 "Unknown target for status code %s: \"%s\"",
441 Req->command, Req->argv[0]);
444 "Unknown target for status code %s!",
448 if (target == Client_ThisServer()) {
449 /* This server is the target of the numeric */
450 num = atoi(Req->command);
452 for (i = 0; i < (int) C_ARRAY_SIZE(Numerics); i++) {
453 if (num == Numerics[i].numeric) {
454 if (!Numerics[i].function)
456 return Numerics[i].function(client, Req);
460 LogDebug("Ignored status code %s from \"%s\".",
461 Req->command, Client_ID(client));
465 /* Determine source */
466 if (! Req->prefix[0]) {
467 /* Oops, no prefix!? */
468 Log(LOG_WARNING, "Got status code %s from \"%s\" without prefix!?",
469 Req->command, Client_ID(client));
473 prefix = Client_Search(Req->prefix);
474 if (! prefix) { /* Oops, unknown prefix!? */
475 Log(LOG_WARNING, "Got status code %s from unknown source: \"%s\"", Req->command, Req->prefix);
479 /* Forward status code */
480 strlcpy(str, Req->command, sizeof(str));
481 for (i = 0; i < Req->argc; i++) {
482 if (i < Req->argc - 1)
483 strlcat(str, " ", sizeof(str));
485 strlcat(str, " :", sizeof(str));
486 strlcat(str, Req->argv[i], sizeof(str));
488 return IRC_WriteStrClientPrefix(target, prefix, "%s", str);
492 Handle_Request( CONN_ID Idx, REQUEST *Req )
500 assert( Req != NULL );
501 assert( Req->command != NULL );
503 client = Conn_GetClient( Idx );
504 assert( client != NULL );
507 client_type = Client_Type(client);
508 if ((client_type == CLIENT_SERVER ||
509 client_type == CLIENT_UNKNOWNSERVER)
510 && strlen(Req->command) == 3 && atoi(Req->command) > 1)
511 return Handle_Numeric(client, Req);
515 if (strcasecmp(Req->command, cmd->name) != 0) {
520 if (!(client_type & cmd->type)) {
521 if (client_type == CLIENT_USER
522 && cmd->type & CLIENT_SERVER)
523 return IRC_WriteErrClient(client,
524 ERR_NOTREGISTEREDSERVER_MSG,
527 return IRC_WriteErrClient(client,
528 ERR_NOTREGISTERED_MSG,
533 IRC_SetPenalty(client, cmd->penalty);
535 if (Req->argc < cmd->min_argc ||
536 (cmd->max_argc != -1 && Req->argc > cmd->max_argc))
537 return IRC_WriteErrClient(client, ERR_NEEDMOREPARAMS_MSG,
538 Client_ID(client), Req->command);
540 /* Command is allowed for this client: call it and count
541 * generated bytes in output */
542 Conn_ResetWCounter();
543 result = (cmd->function)(client, Req);
544 cmd->bytes += Conn_WCounter();
546 /* Adjust counters */
547 if (client_type != CLIENT_SERVER)
554 if (client_type != CLIENT_USER &&
555 client_type != CLIENT_SERVER &&
556 client_type != CLIENT_SERVICE )
559 /* Unknown command and registered connection: generate error: */
560 LogDebug("Connection %d: Unknown command \"%s\", %d %s,%s prefix.",
561 Client_Conn( client ), Req->command, Req->argc,
562 Req->argc == 1 ? "parameter" : "parameters",
563 Req->prefix ? "" : " no" );
565 if (Client_Type(client) != CLIENT_SERVER)
566 result = IRC_WriteErrClient(client, ERR_UNKNOWNCOMMAND_MSG,
567 Client_ID(client), Req->command);
570 } /* Handle_Request */
574 * Check if incoming messages contains CTCP commands and should be dropped.
576 * @param Request NULL terminated incoming command.
577 * @returns true, when the message should be dropped.
580 ScrubCTCP(char *Request)
582 static const char me_cmd[] = "ACTION ";
583 static const char ctcp_char = 0x1;
584 bool dropCommand = false;
586 char *ptrEnd = strchr(Request, '\0');
588 if (Request[0] == ':' && ptrEnd > ptr)
591 while (ptr != ptrEnd && *ptr != ':')
594 if ((ptrEnd - ptr) > 1) {
596 if (*ptr == ctcp_char) {
599 /* allow /me commands */
600 if ((size_t)(ptrEnd - ptr) >= strlen(me_cmd)
601 && !strncmp(ptr, me_cmd, strlen(me_cmd)))