/[cvs]/eggdrop1.8/src/dcc.c
ViewVC logotype

Annotation of /eggdrop1.8/src/dcc.c

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.15 - (hide annotations) (download) (as text)
Fri Mar 21 21:42:41 2014 UTC (5 years, 4 months ago) by thommey
Branch: MAIN
CVS Tags: HEAD
Changes since 1.14: +3 -3 lines
File MIME type: text/x-chdr
Fix a potentially endless loop when looking up bot hostnames.

1 simple 1.1 /*
2     * dcc.c -- handles:
3     * activity on a dcc socket
4     * disconnect on a dcc socket
5     * ...and that's it! (but it's a LOT)
6     *
7 thommey 1.15 * $Id: dcc.c,v 1.14 2013/07/31 00:20:05 thommey Exp $
8 simple 1.1 */
9     /*
10     * Copyright (C) 1997 Robey Pointer
11     * Copyright (C) 1999 - 2010 Eggheads Development Team
12     *
13     * This program is free software; you can redistribute it and/or
14     * modify it under the terms of the GNU General Public License
15     * as published by the Free Software Foundation; either version 2
16     * of the License, or (at your option) any later version.
17     *
18     * This program is distributed in the hope that it will be useful,
19     * but WITHOUT ANY WARRANTY; without even the implied warranty of
20     * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21     * GNU General Public License for more details.
22     *
23     * You should have received a copy of the GNU General Public License
24     * along with this program; if not, write to the Free Software
25     * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
26     */
27    
28     #include "main.h"
29     #include <ctype.h>
30     #include <errno.h>
31     #include "modules.h"
32     #include "tandem.h"
33    
34     /* Includes for botnet md5 challenge/response code <cybah> */
35     #include "md5/md5.h"
36    
37     extern struct userrec *userlist;
38     extern struct chanset_t *chanset;
39     extern Tcl_Interp *interp;
40     extern time_t now;
41     extern char botnetnick[], ver[], origbotname[], notify_new[];
42     extern int egg_numver, connect_timeout, conmask, backgrd, max_dcc,
43     make_userfile, default_flags, raw_log, ignore_time,
44     par_telnet_flood;
45    
46 pseudo 1.4 #ifdef TLS
47 pseudo 1.7 extern int tls_vfybots;
48    
49     int tls_vfyclients = 0; /* Certificate validation mode for clients */
50 pseudo 1.4 int tls_vfydcc = 0; /* Verify DCC chat/send user certificates */
51     int tls_auth = 0; /* Allow certificate authentication */
52     #endif
53 pseudo 1.7
54     struct dcc_t *dcc = NULL; /* DCC list */
55 pseudo 1.4 int dcc_total = 0; /* Total dcc's */
56 simple 1.1 int require_p = 0; /* Require 'p' access to get on the
57 pseudo 1.4 * party line? */
58 simple 1.1 int allow_new_telnets = 0; /* Allow people to introduce themselves
59 pseudo 1.4 * via telnet */
60     int stealth_telnets = 0; /* Be paranoid? <cybah> */
61     int use_telnet_banner = 0; /* Display telnet banner? */
62     int password_timeout = 180; /* Time to wait for a password from a user */
63     int bot_timeout = 60; /* Bot timeout value */
64     int identtimeout = 5; /* Timeout value for ident lookups */
65     int dupwait_timeout = 5; /* Timeout for rejecting duplicate entries */
66     int protect_telnet = 1; /* Even bother with ident lookups :) */
67 simple 1.1 int flood_telnet_thr = 5; /* Number of telnet connections to be
68 pseudo 1.4 * considered a flood */
69     int flood_telnet_time = 60; /* In how many seconds? */
70     char tempdir[121] = ""; /* Temporary directory (default: current dir) */
71     char network[41] = "unknown-net"; /* Name of the IRC network you're on */
72     char bannerfile[121] = "text/banner"; /* File displayed on telnet login */
73 simple 1.1
74     static void dcc_telnet_hostresolved(int);
75     static void dcc_telnet_got_ident(int, char *);
76     static void dcc_telnet_pass(int, int);
77    
78    
79     /* This is not a universal telnet detector. You need to send WILL STATUS to the
80     * other side and pass the reply to this function. A telnet client will respond
81     * to this with either DO or DONT STATUS.
82     */
83     static int detect_telnet(unsigned char *buf)
84     {
85     if (!buf || !buf[0] || !buf[1])
86     return 0;
87     while (buf[2]) {
88     if (buf[0] == TLN_IAC && (buf[1] == TLN_DO || buf[1] == TLN_DONT) &&
89     buf[2] == TLN_STATUS)
90     return 1;
91     buf++;
92     }
93     return 0;
94     }
95    
96     /* Escape telnet IAC and prepend CR to LF */
97     static char *escape_telnet(char *s)
98     {
99     static char buf[1024];
100     char *p;
101    
102     for (p = buf; *s && (p < (buf + sizeof(buf) - 2)); *p++ = *s++)
103     if ((unsigned char) *s == TLN_IAC)
104     *p++ = *s;
105     else if (*s == '\n')
106     *p++ = '\r';
107     *p = 0;
108    
109     return buf;
110     }
111    
112     static void strip_telnet(int sock, char *buf, int *len)
113     {
114     unsigned char *p = (unsigned char *) buf, *o = (unsigned char *) buf;
115     int mark;
116    
117     while (*p != 0) {
118     while ((*p != TLN_IAC) && (*p != 0))
119     *o++ = *p++;
120     if (*p == TLN_IAC) {
121     p++;
122     mark = 2;
123     if (!*p)
124     mark = 1; /* bogus */
125     if ((*p >= TLN_WILL) && (*p <= TLN_DONT)) {
126     mark = 3;
127     if (!*(p + 1))
128     mark = 2; /* bogus */
129     } else if (*p == TLN_WILL) {
130     /* WILL X -> response: DONT X */
131     /* except WILL ECHO which we just smile and ignore */
132     if (*(p + 1) != TLN_ECHO) {
133     write(sock, TLN_IAC_C TLN_DONT_C, 2);
134     write(sock, p + 1, 1);
135     }
136     } else if (*p == TLN_DO) {
137     /* DO X -> response: WONT X */
138     /* except DO ECHO which we just smile and ignore */
139     if (*(p + 1) != TLN_ECHO) {
140     write(sock, TLN_IAC_C TLN_WONT_C, 2);
141     write(sock, p + 1, 1);
142     }
143     } else if (*p == TLN_AYT) {
144     /* "Are You There?" */
145     /* response is: "Hell, yes!" */
146     write(sock, "\r\nHell, yes!\r\n", 14);
147     } else if (*p == TLN_IAC) {
148     /* IAC character in data, escaped with another IAC */
149     *o++ = *p++;
150     mark = 1;
151     }
152     /* Anything else can probably be ignored */
153     p += mark - 1;
154     *len = *len - mark;
155     }
156     }
157     *o = *p;
158     }
159    
160     static void greet_new_bot(int idx)
161     {
162     int bfl = bot_flags(dcc[idx].user);
163     int i;
164    
165     dcc[idx].timeval = now;
166     dcc[idx].u.bot->version[0] = 0;
167     dcc[idx].u.bot->numver = 0;
168     if (bfl & BOT_REJECT) {
169     putlog(LOG_BOTS, "*", DCC_REJECT, dcc[idx].nick);
170     dprintf(idx, "bye %s\n", "rejected");
171     killsock(dcc[idx].sock);
172     lostdcc(idx);
173     return;
174     }
175     if (bfl & BOT_LEAF)
176     dcc[idx].status |= STAT_LEAF;
177     dcc[idx].status |= STAT_LINKING;
178     #ifndef NO_OLD_BOTNET
179     dprintf(idx, "version %d %d %s <%s>\n", egg_numver, HANDLEN, ver, network);
180     #else
181     dprintf(idx, "v %d %d %s <%s>\n", egg_numver, HANDLEN, ver, network);
182     #endif
183     for (i = 0; i < dcc_total; i++)
184     if (dcc[i].type == &DCC_FORK_BOT) {
185     killsock(dcc[i].sock);
186     lostdcc(i);
187     }
188     }
189    
190     static void bot_version(int idx, char *par)
191     {
192     char x[1024];
193     int l;
194    
195     dcc[idx].timeval = now;
196     if (in_chain(dcc[idx].nick)) {
197     dprintf(idx, "error Sorry, already connected.\n");
198     dprintf(idx, "bye\n");
199     killsock(dcc[idx].sock);
200     lostdcc(idx);
201     return;
202     }
203     if ((par[0] >= '0') && (par[0] <= '9')) {
204     char *work;
205    
206     work = newsplit(&par);
207     dcc[idx].u.bot->numver = atoi(work);
208     } else
209     dcc[idx].u.bot->numver = 0;
210    
211     #ifndef NO_OLD_BOTNET
212     if (b_numver(idx) < NEAT_BOTNET) {
213     #if HANDLEN != 9
214     putlog(LOG_BOTS, "*", "Non-matching handle lengths with %s, they use 9 "
215     "characters.", dcc[idx].nick);
216     dprintf(idx, "error Non-matching handle length: mine %d, yours 9\n",
217     HANDLEN);
218     dprintf(idx, "bye %s\n", "bad handlen");
219     killsock(dcc[idx].sock);
220     lostdcc(idx);
221     return;
222     #else
223     dprintf(idx, "thisbot %s\n", botnetnick);
224     #endif
225     } else {
226     #endif
227     dprintf(idx, "tb %s\n", botnetnick);
228     l = atoi(newsplit(&par));
229     if (l != HANDLEN) {
230     putlog(LOG_BOTS, "*", "Non-matching handle lengths with %s, they use %d "
231     "characters.", dcc[idx].nick, l);
232     dprintf(idx, "error Non-matching handle length: mine %d, yours %d\n",
233     HANDLEN, l);
234     dprintf(idx, "bye %s\n", "bad handlen");
235     killsock(dcc[idx].sock);
236     lostdcc(idx);
237     return;
238     }
239     #ifndef NO_OLD_BOTNET
240     }
241     #endif
242     strncpyz(dcc[idx].u.bot->version, par, 120);
243     putlog(LOG_BOTS, "*", DCC_LINKED, dcc[idx].nick);
244     chatout("*** Linked to %s\n", dcc[idx].nick);
245     botnet_send_nlinked(idx, dcc[idx].nick, botnetnick, '!',
246     dcc[idx].u.bot->numver);
247     touch_laston(dcc[idx].user, "linked", now);
248     dump_links(idx);
249     dcc[idx].type = &DCC_BOT;
250     addbot(dcc[idx].nick, dcc[idx].nick, botnetnick, '-', dcc[idx].u.bot->numver);
251     check_tcl_link(dcc[idx].nick, botnetnick);
252     egg_snprintf(x, sizeof x, "v %d", dcc[idx].u.bot->numver);
253     bot_share(idx, x);
254     dprintf(idx, "el\n");
255     }
256    
257     void failed_link(int idx)
258     {
259     char s[81], s1[512];
260    
261     if (dcc[idx].port >= dcc[idx].u.bot->port + 3) {
262     if (dcc[idx].u.bot->linker[0]) {
263     egg_snprintf(s, sizeof s, "Couldn't link to %s.", dcc[idx].nick);
264     strcpy(s1, dcc[idx].u.bot->linker);
265     add_note(s1, botnetnick, s, -2, 0);
266     }
267     if (dcc[idx].u.bot->numver >= -1)
268     putlog(LOG_BOTS, "*", DCC_LINKFAIL, dcc[idx].nick);
269     killsock(dcc[idx].sock);
270     strcpy(s, dcc[idx].nick);
271     lostdcc(idx);
272     autolink_cycle(s); /* Check for more auto-connections */
273     return;
274     }
275    
276 thommey 1.15 /* Try next port, if it makes sense (no AF_UNSPEC, ...) */
277 simple 1.1 killsock(dcc[idx].sock);
278     dcc[idx].timeval = now;
279 thommey 1.15 if (open_telnet(idx, dcc[idx].host, dcc[idx].port + 1) == -1)
280 simple 1.1 failed_link(idx);
281     }
282    
283     static void cont_link(int idx, char *buf, int i)
284     {
285     char x[1024];
286     int atr = bot_flags(dcc[idx].user);
287     int users, bots;
288    
289     if (atr & BOT_HUB) {
290     /* Disconnect all +a bots because we just got a hub */
291     for (i = 0; i < dcc_total; i++) {
292     if ((i != idx) && (bot_flags(dcc[i].user) & BOT_ALT)) {
293     if ((dcc[i].type == &DCC_FORK_BOT) || (dcc[i].type == &DCC_BOT_NEW)) {
294     killsock(dcc[i].sock);
295     lostdcc(i);
296     }
297     }
298     }
299     /* Just those currently in the process of linking */
300     if (in_chain(dcc[idx].nick)) {
301     i = nextbot(dcc[idx].nick);
302     if (i > 0) {
303     bots = bots_in_subtree(findbot(dcc[idx].nick));
304     users = users_in_subtree(findbot(dcc[idx].nick));
305     egg_snprintf(x, sizeof x,
306     "Unlinked %s (restructure) (lost %d bot%s and %d user%s)",
307     dcc[i].nick, bots, (bots != 1) ? "s" : "",
308     users, (users != 1) ? "s" : "");
309     chatout("*** %s\n", x);
310     botnet_send_unlinked(i, dcc[i].nick, x);
311     dprintf(i, "bye %s\n", "restructure");
312     killsock(dcc[i].sock);
313     lostdcc(i);
314     }
315     }
316     }
317     dcc[idx].type = &DCC_BOT_NEW;
318     dcc[idx].u.bot->numver = 0;
319    
320     /* Don't send our password here, just the username. The code later on
321     * will determine if the password needs to be sent in cleartext or if
322     * we can send an MD5 digest. <cybah>
323     */
324     dprintf(idx, "%s\n", botnetnick);
325     return;
326     }
327    
328     /* This function generates a digest by combining 'challenge' with
329     * 'password' and then sends it to the other bot. <Cybah>
330     */
331     static void dcc_bot_digest(int idx, char *challenge, char *password)
332     {
333     MD5_CTX md5context;
334     char digest_string[33]; /* 32 for digest in hex + null */
335     unsigned char digest[16];
336     int i;
337    
338     MD5_Init(&md5context);
339     MD5_Update(&md5context, (unsigned char *) challenge, strlen(challenge));
340     MD5_Update(&md5context, (unsigned char *) password, strlen(password));
341     MD5_Final(digest, &md5context);
342    
343     for (i = 0; i < 16; i++)
344     sprintf(digest_string + (i * 2), "%.2x", digest[i]);
345     dprintf(idx, "digest %s\n", digest_string);
346     putlog(LOG_BOTS, "*", "Received challenge from %s... sending response ...",
347     dcc[idx].nick);
348     }
349    
350     static void dcc_bot_new(int idx, char *buf, int x)
351     {
352     struct userrec *u = get_user_by_handle(userlist, dcc[idx].nick);
353     char *code;
354    
355     code = newsplit(&buf);
356     if (!egg_strcasecmp(code, "*hello!"))
357     greet_new_bot(idx);
358     else if (!egg_strcasecmp(code, "version") || !egg_strcasecmp(code, "v"))
359     bot_version(idx, buf);
360     else if (!egg_strcasecmp(code, "badpass"))
361     /* We entered the wrong password */
362     putlog(LOG_BOTS, "*", DCC_BADPASS, dcc[idx].nick);
363     else if (!egg_strcasecmp(code, "passreq")) {
364     char *pass = get_user(&USERENTRY_PASS, u);
365    
366 pseudo 1.7 #ifdef TLS
367     /* We got a STARTTLS request earlier. Switch to ssl NOW. Doing this
368     * in two steps is necessary in order to synchronize the handshake.
369     */
370     if (dcc[idx].status & STAT_STARTTLS) {
371     dcc[idx].ssl = 1;
372     if (ssl_handshake(dcc[idx].sock, TLS_CONNECT, tls_vfybots, LOG_BOTS,
373     dcc[idx].host, NULL))
374     putlog(LOG_BOTS, "*", "STARTTLS failed while linking to %s",
375     dcc[idx].nick);
376     dcc[idx].status &= ~STAT_STARTTLS;
377     }
378     #endif
379 simple 1.1 if (!pass || !strcmp(pass, "-")) {
380     putlog(LOG_BOTS, "*", DCC_PASSREQ, dcc[idx].nick);
381     dprintf(idx, "-\n");
382     } else {
383     /* Determine if the other end supports an MD5 digest instead of a
384     * cleartext password. <Cybah>
385     */
386     if (buf && buf[0] && strchr(buf, '<') && strchr(buf + 1, '>'))
387     dcc_bot_digest(idx, buf, pass);
388     else
389     dprintf(idx, "%s\n", pass);
390     }
391 pseudo 1.7 #ifdef TLS
392     } else if (!egg_strcasecmp(code, "starttls") && !dcc[idx].ssl) {
393     /* Mark the connection for secure communication, but don't switch yet.
394     * The hub has to send a plaintext passreq right after the starttls command
395     * and if we switch now, we'll break the handshake. Instead, we'll only
396     * send a confirmation to the peer and wait for the passreq.
397     */
398     putlog(LOG_BOTS, "*", "Got STARTTLS from %s. Replying...", dcc[idx].nick);
399     dcc[idx].status |= STAT_STARTTLS;
400     /* needs to have space to be distinguished from a plaintext password */
401     dprintf(idx, "starttls -\n");
402     #endif
403 simple 1.1 } else if (!egg_strcasecmp(code, "error"))
404     putlog(LOG_BOTS, "*", DCC_LINKERROR, dcc[idx].nick, buf);
405     /* Ignore otherwise */
406     }
407    
408     static void eof_dcc_bot_new(int idx)
409     {
410     putlog(LOG_BOTS, "*", DCC_LOSTBOT, dcc[idx].nick, dcc[idx].port);
411     killsock(dcc[idx].sock);
412     lostdcc(idx);
413     }
414    
415     static void timeout_dcc_bot_new(int idx)
416     {
417     putlog(LOG_BOTS, "*", DCC_TIMEOUT, dcc[idx].nick,
418     dcc[idx].host, dcc[idx].port);
419     killsock(dcc[idx].sock);
420     lostdcc(idx);
421     }
422    
423     static void display_dcc_bot_new(int idx, char *buf)
424     {
425     long tv;
426    
427     tv = now - dcc[idx].timeval;
428     sprintf(buf, "bot* waited %lis", tv);
429     }
430    
431     static int expmem_dcc_bot_(void *x)
432     {
433     return sizeof(struct bot_info);
434     }
435    
436     static void free_dcc_bot_(int n, void *x)
437     {
438     if (dcc[n].type == &DCC_BOT) {
439     unvia(n, findbot(dcc[n].nick));
440     rembot(dcc[n].nick);
441     }
442     nfree(x);
443     }
444    
445     struct dcc_table DCC_BOT_NEW = {
446     "BOT_NEW",
447     0,
448     eof_dcc_bot_new,
449     dcc_bot_new,
450     &bot_timeout,
451     timeout_dcc_bot_new,
452     display_dcc_bot_new,
453     expmem_dcc_bot_,
454     free_dcc_bot_,
455     NULL
456     };
457    
458     /* Hash function for tandem bot commands */
459     extern botcmd_t C_bot[];
460    
461     static void dcc_bot(int idx, char *code, int i)
462     {
463     char *msg;
464     int f;
465    
466     if (raw_log) {
467 pseudo 1.4 if (!strcmp(code, "s"))
468 simple 1.1 putlog(LOG_BOTSHARE, "*", "{%s} %s", dcc[idx].nick, code + 2);
469     else
470     putlog(LOG_BOTNET, "*", "[%s] %s", dcc[idx].nick, code);
471     }
472     msg = strchr(code, ' ');
473     if (msg) {
474     *msg = 0;
475     msg++;
476     } else
477     msg = "";
478     for (f = i = 0; C_bot[i].name && !f; i++) {
479     int y = egg_strcasecmp(code, C_bot[i].name);
480    
481     if (!y) {
482     /* Found a match */
483     (C_bot[i].func) (idx, msg);
484     f = 1;
485     } else if (y < 0)
486     return;
487     }
488     }
489    
490     static void eof_dcc_bot(int idx)
491     {
492     char x[1024];
493     int bots, users;
494    
495     bots = bots_in_subtree(findbot(dcc[idx].nick));
496     users = users_in_subtree(findbot(dcc[idx].nick));
497     egg_snprintf(x, sizeof x,
498     "Lost bot: %s (lost %d bot%s and %d user%s)",
499     dcc[idx].nick, bots, (bots != 1) ? "s" : "", users,
500     (users != 1) ? "s" : "");
501     putlog(LOG_BOTS, "*", "%s.", x);
502     chatout("*** %s\n", x);
503     botnet_send_unlinked(idx, dcc[idx].nick, x);
504     killsock(dcc[idx].sock);
505     lostdcc(idx);
506     }
507    
508     static void display_dcc_bot(int idx, char *buf)
509     {
510     int i = simple_sprintf(buf, "bot flags: ");
511    
512     buf[i++] = b_status(idx) & STAT_PINGED ? 'P' : 'p';
513     buf[i++] = b_status(idx) & STAT_SHARE ? 'U' : 'u';
514     buf[i++] = b_status(idx) & STAT_CALLED ? 'C' : 'c';
515     buf[i++] = b_status(idx) & STAT_OFFERED ? 'O' : 'o';
516     buf[i++] = b_status(idx) & STAT_SENDING ? 'S' : 's';
517     buf[i++] = b_status(idx) & STAT_GETTING ? 'G' : 'g';
518     buf[i++] = b_status(idx) & STAT_WARNED ? 'W' : 'w';
519     buf[i++] = b_status(idx) & STAT_LEAF ? 'L' : 'l';
520     buf[i++] = b_status(idx) & STAT_LINKING ? 'I' : 'i';
521     buf[i++] = b_status(idx) & STAT_AGGRESSIVE ? 'a' : 'A';
522     buf[i++] = 0;
523     }
524    
525     static void display_dcc_fork_bot(int idx, char *buf)
526     {
527     sprintf(buf, "conn bot");
528     }
529    
530     struct dcc_table DCC_BOT = {
531     "BOT",
532     DCT_BOT | DCT_VALIDIDX,
533     eof_dcc_bot,
534     dcc_bot,
535     NULL,
536     NULL,
537     display_dcc_bot,
538     expmem_dcc_bot_,
539     free_dcc_bot_,
540     NULL
541     };
542    
543     struct dcc_table DCC_FORK_BOT = {
544     "FORK_BOT",
545     0,
546     failed_link,
547     cont_link,
548     &connect_timeout,
549     failed_link,
550     display_dcc_fork_bot,
551     expmem_dcc_bot_,
552     free_dcc_bot_,
553     NULL
554     };
555    
556     /* This function generates a digest by combining a challenge consisting
557     * of our process id + connection time + botnetnick. The digest is then
558     * compared to the one given by the remote bot.
559     *
560     * Returns 1 if the digest matches, otherwise returns 0.
561     * <Cybah>
562     */
563     static int dcc_bot_check_digest(int idx, char *remote_digest)
564     {
565     MD5_CTX md5context;
566     char digest_string[33]; /* 32 for digest in hex + null */
567     unsigned char digest[16];
568     int i;
569     char *password = get_user(&USERENTRY_PASS, dcc[idx].user);
570    
571     if (!password)
572     return 1;
573    
574     MD5_Init(&md5context);
575    
576     egg_snprintf(digest_string, 33, "<%x%x@", getpid(),
577     (unsigned int) dcc[idx].timeval);
578     MD5_Update(&md5context, (unsigned char *) digest_string,
579     strlen(digest_string));
580     MD5_Update(&md5context, (unsigned char *) botnetnick, strlen(botnetnick));
581     MD5_Update(&md5context, (unsigned char *) ">", 1);
582     MD5_Update(&md5context, (unsigned char *) password, strlen(password));
583    
584     MD5_Final(digest, &md5context);
585    
586     for (i = 0; i < 16; i++)
587     sprintf(digest_string + (i * 2), "%.2x", digest[i]);
588    
589     if (!strcmp(digest_string, remote_digest))
590     return 1;
591    
592     putlog(LOG_BOTS, "*", "Response (password hash) from %s incorrect",
593     dcc[idx].nick);
594     return 0;
595     }
596    
597     static void dcc_chat_pass(int idx, char *buf, int atr)
598     {
599     if (!atr)
600     return;
601     if (dcc[idx].status & STAT_TELNET)
602     strip_telnet(dcc[idx].sock, buf, &atr);
603     else if (detect_telnet((unsigned char *) buf))
604     buf += 3; /* 'IAC','DO(DONT)','STATUS' */
605     atr = dcc[idx].user ? dcc[idx].user->flags : 0;
606    
607 pseudo 1.7 #ifdef TLS
608 pseudo 1.8 if (atr & USER_BOT) {
609     if (!egg_strncasecmp(buf, "starttls ", 9)) {
610     dcc[idx].ssl = 1;
611     if (ssl_handshake(dcc[idx].sock, TLS_LISTEN, tls_vfybots, LOG_BOTS,
612     dcc[idx].host, NULL)) {
613     killsock(dcc[idx].sock);
614     lostdcc(idx);
615     }
616     return;
617     }
618     /* No password set? */
619     if (u_pass_match(dcc[idx].user, "-")) {
620     char ps[20];
621    
622     makepass(ps);
623     set_user(&USERENTRY_PASS, dcc[idx].user, ps);
624     changeover_dcc(idx, &DCC_BOT_NEW, sizeof(struct bot_info));
625    
626     dcc[idx].status = STAT_CALLED;
627     dprintf(idx, "*hello!\n");
628     greet_new_bot(idx);
629     #ifdef NO_OLD_BOTNET
630     dprintf(idx, "h %s\n", ps);
631     #else
632     dprintf(idx, "handshake %s\n", ps);
633     #endif
634     return;
635 pseudo 1.7 }
636     }
637     #endif
638 pseudo 1.8 /* Check for MD5 digest from remote _bot_. <cybah> */
639 simple 1.1 if ((atr & USER_BOT) && !egg_strncasecmp(buf, "digest ", 7)) {
640     if (dcc_bot_check_digest(idx, buf + 7)) {
641     nfree(dcc[idx].u.chat);
642     dcc[idx].type = &DCC_BOT_NEW;
643     dcc[idx].u.bot = get_data_ptr(sizeof(struct bot_info));
644     dcc[idx].status = STAT_CALLED;
645     dprintf(idx, "*hello!\n");
646     greet_new_bot(idx);
647     return;
648     } else {
649     /* Invalid password/digest */
650     dprintf(idx, "badpass\n");
651     putlog(LOG_MISC, "*", DCC_BADLOGIN, dcc[idx].nick, dcc[idx].host,
652     dcc[idx].port);
653     killsock(dcc[idx].sock);
654     lostdcc(idx);
655     return;
656     }
657     }
658    
659 pseudo 1.4 #ifdef TLS
660     /* Skip checking the password if the user is already identified by
661     * fingerprint.
662     */
663     if (dcc[idx].status & STAT_FPRINT || u_pass_match(dcc[idx].user, buf)) {
664     #else
665 simple 1.1 if (u_pass_match(dcc[idx].user, buf)) {
666 pseudo 1.4 #endif
667 simple 1.1 if (atr & USER_BOT) {
668     nfree(dcc[idx].u.chat);
669     dcc[idx].type = &DCC_BOT_NEW;
670     dcc[idx].u.bot = get_data_ptr(sizeof(struct bot_info));
671    
672     dcc[idx].status = STAT_CALLED;
673     dprintf(idx, "*hello!\n");
674     greet_new_bot(idx);
675     } else {
676     /* Log entry for successful login -slennox 3/28/1999 */
677     putlog(LOG_MISC, "*", DCC_LOGGEDIN, dcc[idx].nick,
678     dcc[idx].host, dcc[idx].port);
679     if (dcc[idx].u.chat->away) {
680     nfree(dcc[idx].u.chat->away);
681     dcc[idx].u.chat->away = NULL;
682     }
683     dcc[idx].type = &DCC_CHAT;
684     dcc[idx].status &= ~STAT_CHAT;
685     dcc[idx].u.chat->con_flags = (atr & USER_MASTER) ? conmask : 0;
686     dcc[idx].u.chat->channel = -2;
687     /* Turn echo back on for telnet sessions (send IAC WON'T ECHO). */
688     if (dcc[idx].status & STAT_TELNET)
689     tputs(dcc[idx].sock, TLN_IAC_C TLN_WONT_C TLN_ECHO_C "\n", 4);
690     dcc_chatter(idx);
691     }
692     } else {
693     if (atr & USER_BOT)
694     dprintf(idx, "badpass\n");
695     else
696     dprintf(idx, DCC_HOUSTON);
697     putlog(LOG_MISC, "*", DCC_BADLOGIN, dcc[idx].nick,
698     dcc[idx].host, dcc[idx].port);
699     if (dcc[idx].u.chat->away) { /* su from a dumb user */
700     /* Turn echo back on for telnet sessions (send IAC WON'T ECHO). */
701     if (dcc[idx].status & STAT_TELNET)
702     tputs(dcc[idx].sock, TLN_IAC_C TLN_WONT_C TLN_ECHO_C "\n", 4);
703     dcc[idx].user = get_user_by_handle(userlist, dcc[idx].u.chat->away);
704     strcpy(dcc[idx].nick, dcc[idx].u.chat->away);
705     nfree(dcc[idx].u.chat->away);
706     nfree(dcc[idx].u.chat->su_nick);
707     dcc[idx].u.chat->away = NULL;
708     dcc[idx].u.chat->su_nick = NULL;
709     dcc[idx].type = &DCC_CHAT;
710     if (dcc[idx].u.chat->channel < GLOBAL_CHANS)
711     botnet_send_join_idx(idx, -1);
712     chanout_but(-1, dcc[idx].u.chat->channel, DCC_JOIN, dcc[idx].nick);
713     } else {
714     killsock(dcc[idx].sock);
715     lostdcc(idx);
716     }
717     }
718     }
719    
720     static void eof_dcc_general(int idx)
721     {
722     putlog(LOG_MISC, "*", DCC_LOSTDCC, dcc[idx].nick,
723     dcc[idx].host, dcc[idx].port);
724     killsock(dcc[idx].sock);
725     lostdcc(idx);
726     }
727    
728     static void tout_dcc_chat_pass(int idx)
729     {
730     dprintf(idx, "Timeout.\n");
731     putlog(LOG_MISC, "*", DCC_PWDTIMEOUT, dcc[idx].nick, dcc[idx].host);
732     killsock(dcc[idx].sock);
733     lostdcc(idx);
734     }
735    
736     static void display_dcc_chat_pass(int idx, char *buf)
737     {
738     long tv;
739    
740     tv = now - dcc[idx].timeval;
741     sprintf(buf, "pass waited %lis", tv);
742     }
743    
744     static int expmem_dcc_general(void *x)
745     {
746     register struct chat_info *p = (struct chat_info *) x;
747     int tot = sizeof(struct chat_info);
748    
749     if (p->away)
750     tot += strlen(p->away) + 1;
751     if (p->buffer) {
752     struct msgq *q = p->buffer;
753    
754     while (q) {
755     tot += sizeof(struct list_type);
756    
757     tot += q->len + 1;
758     q = q->next;
759     }
760     }
761     if (p->su_nick)
762     tot += strlen(p->su_nick) + 1;
763     return tot;
764     }
765    
766     static void kill_dcc_general(int idx, void *x)
767     {
768     register struct chat_info *p = (struct chat_info *) x;
769    
770     if (p) {
771     if (p->buffer) {
772     struct msgq *r, *q;
773    
774     for (r = dcc[idx].u.chat->buffer; r; r = q) {
775     q = r->next;
776     nfree(r->msg);
777     nfree(r);
778     }
779     }
780     if (p->away) {
781     nfree(p->away);
782     }
783     nfree(p);
784     }
785     }
786    
787     /* Remove the color control codes that mIRC,pIRCh etc use to make
788     * their client seem so fecking cool! (Sorry, Khaled, you are a nice
789     * guy, but when you added this feature you forced people to either
790     * use your *SHAREWARE* client or face screenfulls of crap!)
791     */
792     void strip_mirc_codes(int flags, char *text)
793     {
794     char *dd = text;
795    
796     while (*text) {
797     switch (*text) {
798     case 3: /* mIRC colors? */
799     if (flags & STRIP_COLOR) {
800     if (egg_isdigit(text[1])) { /* Is the first char a number? */
801     text += 2; /* Skip over the ^C and the first digit */
802     if (egg_isdigit(*text))
803     text++; /* Is this a double digit number? */
804     if (*text == ',') { /* Do we have a background color next? */
805     if (egg_isdigit(text[1]))
806     text += 2; /* Skip over the first background digit */
807     if (egg_isdigit(*text))
808     text++; /* Is it a double digit? */
809     }
810     } else
811     text++;
812     continue;
813     }
814     break;
815 thommey 1.14 case 2: /* Bold text */
816     if (flags & STRIP_BOLD) {
817 thommey 1.12 text++;
818     continue;
819     }
820     break;
821 simple 1.1 case 0x16: /* Reverse video */
822 thommey 1.13 if (flags & STRIP_REVERSE) {
823     text++;
824     continue;
825     }
826     break;
827 simple 1.1 case 0x1f: /* Underlined text */
828 thommey 1.13 if (flags & STRIP_UNDERLINE) {
829 simple 1.1 text++;
830     continue;
831     }
832     break;
833     case 033:
834     if (flags & STRIP_ANSI) {
835     text++;
836     if (*text == '[') {
837     text++;
838     while ((*text == ';') || egg_isdigit(*text))
839     text++;
840     if (*text)
841     text++; /* also kill the following char */
842     }
843     continue;
844     }
845     break;
846 thommey 1.14 case 7:
847     if (flags & STRIP_BELLS) {
848     text++;
849     continue;
850     }
851     break;
852     case 017: /* Ordinary (mIRC ctrl+o) */
853     if (flags & STRIP_ORDINARY) {
854     text++;
855     continue;
856     }
857     break;
858     case 29: /* Italics */
859     if (flags & STRIP_ITALICS) {
860     text++;
861     continue;
862     }
863     break;
864 simple 1.1 }
865     *dd++ = *text++; /* Move on to the next char */
866     }
867     *dd = 0;
868     }
869    
870     static void append_line(int idx, char *line)
871     {
872     int l = strlen(line);
873     struct msgq *p, *q;
874     struct chat_info *c = (dcc[idx].type == &DCC_CHAT) ? dcc[idx].u.chat :
875     dcc[idx].u.file->chat;
876    
877     if (c->current_lines > 1000) {
878     /* They're probably trying to fill up the bot nuke the sods :) */
879     for (p = c->buffer; p; p = q) {
880     q = p->next;
881     nfree(p->msg);
882     nfree(p);
883     }
884     c->buffer = 0;
885     dcc[idx].status &= ~STAT_PAGE;
886     do_boot(idx, botnetnick, "too many pages - sendq full");
887     return;
888     }
889     if ((c->line_count < c->max_line) && (c->buffer == NULL)) {
890     c->line_count++;
891     tputs(dcc[idx].sock, line, l);
892     } else {
893     c->current_lines++;
894     if (c->buffer == NULL)
895     q = NULL;
896     else
897     for (q = c->buffer; q->next; q = q->next);
898    
899     p = get_data_ptr(sizeof(struct msgq));
900    
901     p->len = l;
902     p->msg = get_data_ptr(l + 1);
903     p->next = NULL;
904     strcpy(p->msg, line);
905     if (q == NULL)
906     c->buffer = p;
907     else
908     q->next = p;
909     }
910     }
911    
912    
913     static void out_dcc_general(int idx, char *buf, void *x)
914     {
915     register struct chat_info *p = (struct chat_info *) x;
916     char *y = buf;
917    
918     strip_mirc_codes(p->strip_flags, buf);
919     if (dcc[idx].status & STAT_TELNET)
920     y = escape_telnet(buf);
921     if (dcc[idx].status & STAT_PAGE)
922     append_line(idx, y);
923     else
924     tputs(dcc[idx].sock, y, strlen(y));
925     }
926    
927     struct dcc_table DCC_CHAT_PASS = {
928     "CHAT_PASS",
929     0,
930     eof_dcc_general,
931     dcc_chat_pass,
932     &password_timeout,
933     tout_dcc_chat_pass,
934     display_dcc_chat_pass,
935     expmem_dcc_general,
936     kill_dcc_general,
937     out_dcc_general
938     };
939    
940     /* Make sure ANSI code is just for color-changing */
941     int check_ansi(char *v)
942     {
943     int count = 2;
944    
945     if (*v++ != '\033')
946     return 1;
947     if (*v++ != '[')
948     return 1;
949     while (*v) {
950     if (*v == 'm')
951     return 0;
952     if ((*v != ';') && ((*v < '0') || (*v > '9')))
953     return count;
954     v++;
955     count++;
956     }
957     return count;
958     }
959    
960     static void eof_dcc_chat(int idx)
961     {
962     putlog(LOG_MISC, "*", DCC_LOSTDCC, dcc[idx].nick,
963     dcc[idx].host, dcc[idx].port);
964     if (dcc[idx].u.chat->channel >= 0) {
965     chanout_but(idx, dcc[idx].u.chat->channel, "*** %s lost dcc link.\n",
966     dcc[idx].nick);
967     if (dcc[idx].u.chat->channel < GLOBAL_CHANS)
968     botnet_send_part_idx(idx, "lost dcc link");
969     check_tcl_chpt(botnetnick, dcc[idx].nick, dcc[idx].sock,
970     dcc[idx].u.chat->channel);
971     }
972     check_tcl_chof(dcc[idx].nick, dcc[idx].sock);
973     killsock(dcc[idx].sock);
974     lostdcc(idx);
975     }
976    
977     static void dcc_chat(int idx, char *buf, int i)
978     {
979     int nathan = 0, doron = 0, fixed = 0;
980     char *v, *d, filtbuf[2048];
981    
982     if (dcc[idx].status & STAT_TELNET)
983     strip_telnet(dcc[idx].sock, buf, &i);
984     if (buf[0] && (buf[0] != '.') &&
985     detect_dcc_flood(&dcc[idx].timeval, dcc[idx].u.chat, idx))
986     return;
987     dcc[idx].timeval = now;
988     if (buf[0]) {
989     const char *filt = check_tcl_filt(idx, buf);
990     if (filt != buf) {
991     strncpyz(filtbuf, filt, sizeof(filtbuf));
992     buf = filtbuf;
993     }
994     }
995     if (buf[0]) {
996     /* Check for beeps and cancel annoying ones */
997     v = buf;
998     d = buf;
999     while (*v)
1000     switch (*v) {
1001     case 7: /* Beep - no more than 3 */
1002     nathan++;
1003     if (nathan > 3)
1004     v++;
1005     else
1006     *d++ = *v++;
1007     break;
1008     case 8: /* Backspace - for lame telnet's :) */
1009     if (d > buf) {
1010     d--;
1011     }
1012     v++;
1013     break;
1014     case 27: /* ESC - ansi code? */
1015     doron = check_ansi(v);
1016     /* If it's valid, append a return-to-normal code at the end */
1017     if (!doron) {
1018     *d++ = *v++;
1019     fixed = 1;
1020     } else
1021     v += doron;
1022     break;
1023     case '\r': /* Weird pseudo-linefeed */
1024     v++;
1025     break;
1026     default:
1027     *d++ = *v++;
1028     }
1029     if (fixed)
1030     strcpy(d, "\033[0m");
1031     else
1032     *d = 0;
1033     if (buf[0]) { /* Nothing to say - maybe paging... */
1034     if ((buf[0] == '.') || (dcc[idx].u.chat->channel < 0)) {
1035     if (buf[0] == '.')
1036     buf++;
1037     v = newsplit(&buf);
1038     rmspace(buf);
1039     if (check_tcl_dcc(v, idx, buf)) {
1040     if (dcc[idx].u.chat->channel >= 0)
1041     check_tcl_chpt(botnetnick, dcc[idx].nick, dcc[idx].sock,
1042     dcc[idx].u.chat->channel);
1043     check_tcl_chof(dcc[idx].nick, dcc[idx].sock);
1044     dprintf(idx, "*** Ja mata!\n");
1045     flush_lines(idx, dcc[idx].u.chat);
1046     putlog(LOG_MISC, "*", DCC_CLOSED, dcc[idx].nick, dcc[idx].host);
1047     if (dcc[idx].u.chat->channel >= 0) {
1048     chanout_but(-1, dcc[idx].u.chat->channel,
1049     "*** %s left the party line%s%s\n",
1050     dcc[idx].nick, buf[0] ? ": " : ".", buf);
1051     if (dcc[idx].u.chat->channel < GLOBAL_CHANS)
1052     botnet_send_part_idx(idx, buf);
1053     }
1054     if (dcc[idx].u.chat->su_nick) {
1055     dcc[idx].user = get_user_by_handle(userlist,
1056     dcc[idx].u.chat->su_nick);
1057     strcpy(dcc[idx].nick, dcc[idx].u.chat->su_nick);
1058     dcc[idx].type = &DCC_CHAT;
1059     dprintf(idx, "Returning to real nick %s!\n",
1060     dcc[idx].u.chat->su_nick);
1061     nfree(dcc[idx].u.chat->su_nick);
1062     dcc[idx].u.chat->su_nick = NULL;
1063     dcc_chatter(idx);
1064     if (dcc[idx].u.chat->channel < GLOBAL_CHANS &&
1065     dcc[idx].u.chat->channel >= 0)
1066     botnet_send_join_idx(idx, -1);
1067     return;
1068     } else if ((dcc[idx].sock != STDOUT) || backgrd) {
1069     killsock(dcc[idx].sock);
1070     lostdcc(idx);
1071     return;
1072     } else {
1073     dprintf(DP_STDOUT, "\n### SIMULATION RESET\n\n");
1074     dcc_chatter(idx);
1075     return;
1076     }
1077     }
1078     } else if (buf[0] == ',') {
1079     int me = 0;
1080    
1081     if ((buf[1] == 'm') && (buf[2] == 'e') && buf[3] == ' ')
1082     me = 1;
1083     for (i = 0; i < dcc_total; i++) {
1084     int ok = 0;
1085    
1086     if ((dcc[i].type->flags & DCT_MASTER) &&
1087     ((dcc[i].type != &DCC_CHAT) || (dcc[i].u.chat->channel >= 0)) &&
1088     ((i != idx) || (dcc[idx].status & STAT_ECHO)))
1089     ok = 1;
1090     if (ok) {
1091     struct userrec *u = get_user_by_handle(userlist, dcc[i].nick);
1092    
1093     if (u && (u->flags & USER_MASTER)) {
1094     if (me)
1095     dprintf(i, "-> %s%s\n", dcc[idx].nick, buf + 3);
1096     else
1097     dprintf(i, "-%s-> %s\n", dcc[idx].nick, buf + 1);
1098     }
1099     }
1100     }
1101     } else if (buf[0] == '\'') {
1102     int me = 0;
1103    
1104     if ((buf[1] == 'm') && (buf[2] == 'e') &&
1105     ((buf[3] == ' ') || (buf[3] == '\'') || (buf[3] == ',')))
1106     me = 1;
1107     for (i = 0; i < dcc_total; i++) {
1108     if (dcc[i].type->flags & DCT_CHAT) {
1109     if (me)
1110     dprintf(i, "=> %s%s\n", dcc[idx].nick, buf + 3);
1111     else
1112     dprintf(i, "=%s=> %s\n", dcc[idx].nick, buf + 1);
1113     }
1114     }
1115     } else {
1116     if (dcc[idx].u.chat->away != NULL)
1117     not_away(idx);
1118     if (dcc[idx].status & STAT_ECHO)
1119     chanout_but(-1, dcc[idx].u.chat->channel,
1120     "<%s> %s\n", dcc[idx].nick, buf);
1121     else
1122     chanout_but(idx, dcc[idx].u.chat->channel, "<%s> %s\n",
1123     dcc[idx].nick, buf);
1124     botnet_send_chan(-1, botnetnick, dcc[idx].nick,
1125     dcc[idx].u.chat->channel, buf);
1126     check_tcl_chat(dcc[idx].nick, dcc[idx].u.chat->channel, buf);
1127     }
1128     }
1129     }
1130     if (dcc[idx].type == &DCC_CHAT) /* Could have change to files */
1131     if (dcc[idx].status & STAT_PAGE)
1132     flush_lines(idx, dcc[idx].u.chat);
1133     }
1134    
1135     static void display_dcc_chat(int idx, char *buf)
1136     {
1137     int i = simple_sprintf(buf, "chat flags: ");
1138    
1139     buf[i++] = dcc[idx].status & STAT_CHAT ? 'C' : 'c';
1140     buf[i++] = dcc[idx].status & STAT_PARTY ? 'P' : 'p';
1141     buf[i++] = dcc[idx].status & STAT_TELNET ? 'T' : 't';
1142     buf[i++] = dcc[idx].status & STAT_ECHO ? 'E' : 'e';
1143     buf[i++] = dcc[idx].status & STAT_PAGE ? 'P' : 'p';
1144     simple_sprintf(buf + i, "/%d", dcc[idx].u.chat->channel);
1145     }
1146    
1147     struct dcc_table DCC_CHAT = {
1148     "CHAT",
1149     DCT_CHAT | DCT_MASTER | DCT_SHOWWHO | DCT_VALIDIDX | DCT_SIMUL |
1150     DCT_CANBOOT | DCT_REMOTEWHO,
1151     eof_dcc_chat,
1152     dcc_chat,
1153     NULL,
1154     NULL,
1155     display_dcc_chat,
1156     expmem_dcc_general,
1157     kill_dcc_general,
1158     out_dcc_general
1159     };
1160    
1161     static int lasttelnets;
1162     static char lasttelnethost[81];
1163     static time_t lasttelnettime;
1164    
1165     /* A modified detect_flood for incoming telnet flood protection.
1166     */
1167     static int detect_telnet_flood(char *floodhost)
1168     {
1169     struct flag_record fr = { FR_GLOBAL | FR_CHAN | FR_ANYWH, 0, 0, 0, 0, 0 };
1170    
1171     get_user_flagrec(get_user_by_host(floodhost), &fr, NULL);
1172     if (!flood_telnet_thr || (glob_friend(fr) && !par_telnet_flood))
1173     return 0; /* No flood protection */
1174     if (egg_strcasecmp(lasttelnethost, floodhost)) { /* New... */
1175     strcpy(lasttelnethost, floodhost);
1176     lasttelnettime = now;
1177     lasttelnets = 0;
1178     return 0;
1179     }
1180     if (lasttelnettime < now - flood_telnet_time) {
1181     /* Flood timer expired, reset it */
1182     lasttelnettime = now;
1183     lasttelnets = 0;
1184     return 0;
1185     }
1186     lasttelnets++;
1187     if (lasttelnets >= flood_telnet_thr) { /* FLOOD! */
1188     /* Reset counters */
1189     lasttelnets = 0;
1190     lasttelnettime = 0;
1191     lasttelnethost[0] = 0;
1192     putlog(LOG_MISC, "*", IRC_TELNETFLOOD, floodhost);
1193     addignore(floodhost, origbotname, "Telnet connection flood",
1194     now + (60 * ignore_time));
1195     return 1;
1196     }
1197     return 0;
1198     }
1199    
1200     static void dcc_telnet(int idx, char *buf, int i)
1201     {
1202     unsigned short port;
1203     int j = 0, sock;
1204    
1205     if (dcc_total + 1 > max_dcc && increase_socks_max()) {
1206 pseudo 1.2 sockname_t name;
1207     j = answer(dcc[idx].sock, &name, &port, 0);
1208 simple 1.1 if (j != -1) {
1209     dprintf(-j, "Sorry, too many connections already.\r\n");
1210     killsock(j);
1211     }
1212     return;
1213     }
1214 pseudo 1.2 i = new_dcc(&DCC_DNSWAIT, sizeof(struct dns_info));
1215     sock = answer(dcc[idx].sock, &dcc[i].sockname, &port, 0);
1216 simple 1.1 while ((sock == -1) && (errno == EAGAIN))
1217 pseudo 1.2 sock = answer(dcc[idx].sock, &dcc[i].sockname, &port, 0);
1218 simple 1.1 if (sock < 0) {
1219 pseudo 1.2 putlog(LOG_MISC, "*", DCC_FAILED, strerror(errno));
1220 simple 1.1 return;
1221     }
1222     /* Buffer data received on this socket. */
1223     sockoptions(sock, EGG_OPTION_SET, SOCK_BUFFER);
1224    
1225     #if (SIZEOF_SHORT == 2)
1226     if (port < 1024) {
1227     #else
1228     if (port < 1024 || port > 65535) {
1229     #endif
1230 pseudo 1.2 putlog(LOG_BOTS, "*", DCC_BADSRC, iptostr(&dcc[i].sockname.addr.sa), port);
1231 simple 1.1 killsock(sock);
1232 pseudo 1.2 lostdcc(i);
1233 simple 1.1 return;
1234     }
1235    
1236 pseudo 1.2 dcc[i].u.dns->ip = &dcc[i].sockname;
1237 simple 1.1 dcc[i].sock = sock;
1238     dcc[i].port = port;
1239 pseudo 1.4 #ifdef TLS
1240     if (dcc[idx].ssl && ssl_handshake(sock, TLS_LISTEN, tls_vfyclients,
1241     LOG_MISC, NULL, NULL)) {
1242     killsock(sock);
1243     lostdcc(i);
1244     return;
1245     }
1246     dcc[i].ssl = dcc[idx].ssl;
1247     #endif
1248 simple 1.1 dcc[i].timeval = now;
1249     strcpy(dcc[i].nick, "*");
1250     dcc[i].u.dns->dns_success = dcc_telnet_hostresolved;
1251     dcc[i].u.dns->dns_failure = dcc_telnet_hostresolved;
1252     dcc[i].u.dns->dns_type = RES_HOSTBYIP;
1253     dcc[i].u.dns->ibuf = dcc[idx].sock;
1254     dcc[i].u.dns->type = &DCC_IDENTWAIT;
1255 pseudo 1.2 dcc_dnshostbyip(&dcc[i].sockname);
1256 simple 1.1 }
1257    
1258     static void dcc_telnet_hostresolved(int i)
1259     {
1260     int idx;
1261     int j = 0, sock;
1262 thommey 1.10 char s[UHOSTLEN + 20], *userhost;
1263 simple 1.1
1264     strncpyz(dcc[i].host, dcc[i].u.dns->host, UHOSTLEN);
1265    
1266     for (idx = 0; idx < dcc_total; idx++)
1267     if ((dcc[idx].type == &DCC_TELNET) &&
1268     (dcc[idx].sock == dcc[i].u.dns->ibuf)) {
1269     break;
1270     }
1271     if (dcc_total == idx) {
1272     putlog(LOG_BOTS, "*", "Lost listening socket while resolving %s",
1273     dcc[i].host);
1274     killsock(dcc[i].sock);
1275     lostdcc(i);
1276     return;
1277     }
1278     if (dcc[idx].host[0] == '@') {
1279     /* Restrict by hostname */
1280     if (!wild_match(dcc[idx].host + 1, dcc[i].host)) {
1281     putlog(LOG_BOTS, "*", DCC_BADHOST, dcc[i].host);
1282     killsock(dcc[i].sock);
1283     lostdcc(i);
1284     return;
1285     }
1286     }
1287 pseudo 1.2 sprintf(s, "-telnet!telnet@%s", dcc[i].host);
1288 thommey 1.10 userhost = s + strlen("-telnet!");
1289 pseudo 1.2 if (match_ignore(s) || detect_telnet_flood(s)) {
1290 simple 1.1 killsock(dcc[i].sock);
1291     lostdcc(i);
1292     return;
1293     }
1294    
1295 pseudo 1.9 putlog(LOG_MISC, "*", DCC_TELCONN, dcc[i].host, dcc[i].port);
1296 thommey 1.10
1297     /* Skip ident lookup for public script listeners */
1298     if ((dcc[idx].status & LSTN_PUBLIC) && !strcmp(dcc[idx].nick, "(script)")) {
1299     changeover_dcc(i, &DCC_SOCKET, 0);
1300     dcc[i].u.other = NULL;
1301     strcpy(dcc[i].nick, "*");
1302     strncpyz(dcc[i].host, userhost, UHOSTLEN);
1303     check_tcl_listen(dcc[idx].host, dcc[i].sock);
1304     return;
1305     }
1306    
1307 simple 1.1 changeover_dcc(i, &DCC_IDENTWAIT, 0);
1308     dcc[i].timeval = now;
1309     dcc[i].u.ident_sock = dcc[idx].sock;
1310 pseudo 1.2 sock = -1;
1311     j = new_dcc(&DCC_IDENT, 0);
1312     if (j < 0)
1313     putlog(LOG_MISC, "*", DCC_IDENTFAIL, dcc[i].host, strerror(errno));
1314     else {
1315     egg_memcpy(&dcc[j].sockname, &dcc[i].sockname, sizeof(sockname_t));
1316     dcc[j].sock = getsock(dcc[j].sockname.family, 0);
1317     if (dcc[j].sock >= 0) {
1318     sockname_t name;
1319     name.addrlen = sizeof(name.addr);
1320     getsockname(dcc[i].sock, &name.addr.sa, &name.addrlen);
1321     bind(dcc[j].sock, &name.addr.sa, name.addrlen);
1322     setsnport(dcc[j].sockname, 113);
1323     if (connect(dcc[j].sock, &dcc[j].sockname.addr.sa,
1324     dcc[j].sockname.addrlen) < 0 && (errno != EINPROGRESS)) {
1325     killsock(dcc[j].sock);
1326     lostdcc(j);
1327     putlog(LOG_MISC, "*", DCC_IDENTFAIL, dcc[i].host, strerror(errno));
1328     j = 0;
1329     }
1330     sock = dcc[j].sock;
1331 simple 1.1 }
1332     }
1333 pseudo 1.2 if (j < 0) {
1334 thommey 1.10 dcc_telnet_got_ident(i, userhost);
1335 simple 1.1 return;
1336     }
1337     dcc[j].sock = sock;
1338     dcc[j].port = 113;
1339     dcc[j].addr = dcc[i].addr;
1340     strcpy(dcc[j].host, dcc[i].host);
1341     strcpy(dcc[j].nick, "*");
1342     dcc[j].u.ident_sock = dcc[i].sock;
1343     dcc[j].timeval = now;
1344     dprintf(j, "%d, %d\n", dcc[i].port, dcc[idx].port);
1345     }
1346    
1347     static void eof_dcc_telnet(int idx)
1348     {
1349     putlog(LOG_MISC, "*", DCC_PORTDIE, dcc[idx].port);
1350     killsock(dcc[idx].sock);
1351     lostdcc(idx);
1352     }
1353    
1354     static void display_telnet(int idx, char *buf)
1355     {
1356     sprintf(buf, "lstn %d%s", dcc[idx].port,
1357     (dcc[idx].status & LSTN_PUBLIC) ? " pub" : "");
1358     }
1359    
1360     struct dcc_table DCC_TELNET = {
1361     "TELNET",
1362     DCT_LISTEN,
1363     eof_dcc_telnet,
1364     dcc_telnet,
1365     NULL,
1366     NULL,
1367     display_telnet,
1368     NULL,
1369     NULL,
1370     NULL
1371     };
1372    
1373     static void eof_dcc_dupwait(int idx)
1374     {
1375     putlog(LOG_BOTS, "*", DCC_LOSTDUP, dcc[idx].host);
1376     killsock(dcc[idx].sock);
1377     lostdcc(idx);
1378     }
1379    
1380     static void dcc_dupwait(int idx, char *buf, int i)
1381     {
1382     /* We just ignore any data at this point. */
1383     return;
1384     }
1385    
1386     /* We now check again. If the bot is still marked as duplicate, there is no
1387     * botnet lag we could push it on, so we just drop the connection.
1388     */
1389     static void timeout_dupwait(int idx)
1390     {
1391     char x[100];
1392    
1393     /* Still duplicate? */
1394     if (in_chain(dcc[idx].nick)) {
1395     egg_snprintf(x, sizeof x, "%s!%s", dcc[idx].nick, dcc[idx].host);
1396     dprintf(idx, "error Already connected.\n");
1397     putlog(LOG_BOTS, "*", DCC_DUPLICATE, x);
1398     killsock(dcc[idx].sock);
1399     lostdcc(idx);
1400     } else {
1401     /* Ha! Now it's gone and we can grant this bot access. */
1402     dcc_telnet_pass(idx, dcc[idx].u.dupwait->atr);
1403     }
1404     }
1405    
1406     static void display_dupwait(int idx, char *buf)
1407     {
1408     sprintf(buf, "wait duplicate?");
1409     }
1410    
1411     static int expmem_dupwait(void *x)
1412     {
1413     register struct dupwait_info *p = (struct dupwait_info *) x;
1414     int tot = sizeof(struct dupwait_info);
1415    
1416     if (p && p->chat && DCC_CHAT.expmem)
1417     tot += DCC_CHAT.expmem(p->chat);
1418     return tot;
1419     }
1420    
1421     static void kill_dupwait(int idx, void *x)
1422     {
1423     register struct dupwait_info *p = (struct dupwait_info *) x;
1424    
1425     if (p) {
1426     if (p->chat && DCC_CHAT.kill)
1427     DCC_CHAT.kill(idx, p->chat);
1428     nfree(p);
1429     }
1430     }
1431    
1432     struct dcc_table DCC_DUPWAIT = {
1433     "DUPWAIT",
1434     DCT_VALIDIDX,
1435     eof_dcc_dupwait,
1436     dcc_dupwait,
1437     &dupwait_timeout,
1438     timeout_dupwait,
1439     display_dupwait,
1440     expmem_dupwait,
1441     kill_dupwait,
1442     NULL
1443     };
1444    
1445     /* This function is called if a bot gets removed from the list. It checks
1446     * wether we have a pending duplicate connection for that bot and continues
1447     * with the login in that case.
1448     */
1449     void dupwait_notify(char *who)
1450     {
1451     register int idx;
1452    
1453     Assert(who);
1454     for (idx = 0; idx < dcc_total; idx++)
1455     if ((dcc[idx].type == &DCC_DUPWAIT) &&
1456     !egg_strcasecmp(dcc[idx].nick, who)) {
1457     dcc_telnet_pass(idx, dcc[idx].u.dupwait->atr);
1458     break;
1459     }
1460     }
1461    
1462     static void dcc_telnet_id(int idx, char *buf, int atr)
1463     {
1464     int ok = 0;
1465     struct flag_record fr = { FR_GLOBAL | FR_CHAN | FR_ANYWH, 0, 0, 0, 0, 0 };
1466    
1467     if (detect_telnet((unsigned char *) buf)) {
1468     dcc[idx].status |= STAT_TELNET;
1469     strip_telnet(dcc[idx].sock, buf, &atr);
1470     } else
1471     dcc[idx].status &= ~STAT_TELNET;
1472     buf[HANDLEN] = 0;
1473     /* Toss out bad nicknames */
1474     if (dcc[idx].nick[0] != '@' && !wild_match(dcc[idx].nick, buf)) {
1475     dprintf(idx, "Sorry, that nickname format is invalid.\n");
1476     putlog(LOG_BOTS, "*", DCC_BADNICK, dcc[idx].host);
1477     killsock(dcc[idx].sock);
1478     lostdcc(idx);
1479     return;
1480     }
1481     dcc[idx].user = get_user_by_handle(userlist, buf);
1482     get_user_flagrec(dcc[idx].user, &fr, NULL);
1483 pseudo 1.4 #ifdef TLS
1484     if (dcc[idx].ssl && (tls_auth == 2)) {
1485     char *uid = ssl_getuid(dcc[idx].sock);
1486    
1487     if (!uid || strcasecmp(uid, buf)) {
1488     if (glob_bot(fr))
1489     dprintf(idx, "error Certificate UID doesn't match handle\n");
1490     else
1491     dprintf(idx, "Your certificate UID doesn't match your handle.\n");
1492     killsock(dcc[idx].sock);
1493     lostdcc(idx);
1494     return;
1495     }
1496     }
1497     #endif
1498 simple 1.1 /* Make sure users-only/bots-only connects are honored */
1499     if ((dcc[idx].status & STAT_BOTONLY) && !glob_bot(fr)) {
1500     dprintf(idx, "This telnet port is for bots only.\n");
1501     putlog(LOG_BOTS, "*", DCC_NONBOT, dcc[idx].host);
1502     killsock(dcc[idx].sock);
1503     lostdcc(idx);
1504     return;
1505     }
1506     if ((dcc[idx].status & STAT_USRONLY) && glob_bot(fr)) {
1507     dprintf(idx, "error Only users may connect at this port.\n");
1508     putlog(LOG_BOTS, "*", DCC_NONUSER, dcc[idx].host);
1509     killsock(dcc[idx].sock);
1510     lostdcc(idx);
1511     return;
1512     }
1513     dcc[idx].status &= ~(STAT_BOTONLY | STAT_USRONLY);
1514     if (!egg_strcasecmp(buf, "NEW") && (allow_new_telnets || make_userfile)) {
1515     dcc[idx].type = &DCC_TELNET_NEW;
1516     dcc[idx].timeval = now;
1517     dprintf(idx, "\n");
1518     dprintf(idx, IRC_TELNET, botnetnick);
1519     dprintf(idx, IRC_TELNET1);
1520     dprintf(idx, "\nEnter the nickname you would like to use.\n");
1521     return;
1522     }
1523     if (chan_op(fr)) {
1524     if (!require_p)
1525     ok = 1;
1526     }
1527     if (!ok && (glob_party(fr) || glob_bot(fr)))
1528     ok = 1;
1529    
1530     if (!ok) {
1531     dprintf(idx, "You don't have access.\n");
1532     putlog(LOG_BOTS, "*", DCC_INVHANDLE, dcc[idx].host, buf);
1533     killsock(dcc[idx].sock);
1534     lostdcc(idx);
1535     return;
1536     }
1537     correct_handle(buf);
1538     strcpy(dcc[idx].nick, buf);
1539     if (glob_bot(fr)) {
1540     if (!egg_strcasecmp(botnetnick, dcc[idx].nick)) {
1541     dprintf(idx, "error You cannot link using my botnetnick.\n");
1542     putlog(LOG_BOTS, "*", DCC_MYBOTNETNICK, dcc[idx].host);
1543     killsock(dcc[idx].sock);
1544     lostdcc(idx);
1545     return;
1546     } else if (in_chain(dcc[idx].nick)) {
1547     struct chat_info *ci;
1548    
1549     ci = dcc[idx].u.chat;
1550     dcc[idx].type = &DCC_DUPWAIT;
1551     dcc[idx].u.dupwait = get_data_ptr(sizeof(struct dupwait_info));
1552     dcc[idx].u.dupwait->chat = ci;
1553     dcc[idx].u.dupwait->atr = atr;
1554     return;
1555     }
1556     }
1557     dcc_telnet_pass(idx, atr);
1558     }
1559    
1560 pseudo 1.4 #ifdef TLS
1561     int dcc_fingerprint(idx)
1562     {
1563     char *cf, *uf;
1564     struct flag_record fr = { FR_GLOBAL | FR_CHAN | FR_ANYWH, 0, 0, 0, 0, 0 };
1565    
1566     get_user_flagrec(dcc[idx].user, &fr, NULL);
1567     /* Check if fingerprint authentication is allowed or required. */
1568     if (dcc[idx].ssl && tls_auth) {
1569     /* Get the fingerprint of the current certificate */
1570     cf = ssl_getfp(dcc[idx].sock);
1571     /* Get the fingerprint of the user, if set */
1572     uf = get_user(&USERENTRY_FPRINT, dcc[idx].user);
1573     if (cf && uf && !strcasecmp(cf, uf)) {
1574     if (!glob_bot(fr))
1575     dprintf(idx, "Used your fingerprint for automatic authentication.\n");
1576     dcc[idx].status |= STAT_FPRINT;
1577     dcc_chat_pass(idx, "+", 1);
1578     /* Required? */
1579     } else if (tls_auth == 2) {
1580     if (glob_bot(fr))
1581     dprintf(idx, "error fingerprint required\n");
1582     else
1583     dprintf(idx, "Certificate authentication required. "
1584     "You need to set your fingerprint.\n");
1585     killsock(dcc[idx].sock);
1586     lostdcc(idx);
1587     }
1588     return 0;
1589     }
1590     return 1;
1591     }
1592     #endif
1593    
1594 simple 1.1 static void dcc_telnet_pass(int idx, int atr)
1595     {
1596     int ok = 0;
1597     struct flag_record fr = { FR_GLOBAL | FR_CHAN | FR_ANYWH, 0, 0, 0, 0, 0 };
1598    
1599     get_user_flagrec(dcc[idx].user, &fr, NULL);
1600 pseudo 1.4 #ifdef TLS
1601     /* Check if fingerprint authentication is allowed or required. */
1602     if (dcc[idx].ssl && tls_auth) {
1603     char *cf, *uf;
1604    
1605     /* Get the fingerprint of the current certificate */
1606     cf = ssl_getfp(dcc[idx].sock);
1607     /* Get the fingerprint of the user, if set */
1608     uf = get_user(&USERENTRY_FPRINT, dcc[idx].user);
1609     if (cf && uf && !strcasecmp(cf, uf)) {
1610 pseudo 1.6 char fakepass[2] = "+";
1611    
1612 pseudo 1.4 if (!glob_bot(fr))
1613     dprintf(idx, "Used your fingerprint for automatic authentication.\n");
1614     dcc[idx].status |= STAT_FPRINT;
1615 pseudo 1.6 dcc_chat_pass(idx, fakepass, 1);
1616 pseudo 1.4 return;
1617     /* Required? */
1618     } else if (tls_auth == 2) {
1619     if (glob_bot(fr))
1620     dprintf(idx, "error fingerprint required\n");
1621     else
1622     dprintf(idx, "Certificate authentication required. "
1623     "You need to set your fingerprint.\n");
1624     killsock(dcc[idx].sock);
1625     lostdcc(idx);
1626     return;
1627     }
1628     }
1629     #endif
1630 simple 1.1 /* No password set? */
1631 pseudo 1.8 if (!glob_bot(fr) && u_pass_match(dcc[idx].user, "-")) {
1632 simple 1.1 dprintf(idx, "Can't telnet until you have a password set.\n");
1633     putlog(LOG_MISC, "*", DCC_NOPASS, dcc[idx].nick, dcc[idx].host);
1634     killsock(dcc[idx].sock);
1635     lostdcc(idx);
1636     return;
1637     }
1638     ok = 0;
1639     if (dcc[idx].type == &DCC_DUPWAIT) {
1640     struct chat_info *ci;
1641    
1642     ci = dcc[idx].u.dupwait->chat;
1643     nfree(dcc[idx].u.dupwait);
1644     dcc[idx].u.chat = ci;
1645     }
1646     dcc[idx].type = &DCC_CHAT_PASS;
1647     dcc[idx].timeval = now;
1648     if (glob_botmast(fr))
1649     ok = 1;
1650     else if (chan_op(fr)) {
1651     if (!require_p)
1652     ok = 1;
1653     else if (glob_party(fr))
1654     ok = 1;
1655     } else if (glob_party(fr)) {
1656     ok = 1;
1657     dcc[idx].status |= STAT_PARTY;
1658     }
1659     if (glob_bot(fr))
1660     ok = 1;
1661     if (!ok) {
1662     struct chat_info *ci;
1663    
1664     ci = dcc[idx].u.chat;
1665     dcc[idx].u.file = get_data_ptr(sizeof(struct file_info));
1666     dcc[idx].u.file->chat = ci;
1667     }
1668    
1669     if (glob_bot(fr)) {
1670 pseudo 1.7 #ifdef TLS
1671     /* Ask the peer to switch to ssl communication. We'll continue using plain
1672     * text, until it replies with starttls itself. Bots which don't support ssl
1673     * will simply ignore the request and everything will go on as usual.
1674     */
1675     if (!dcc[idx].ssl) {
1676     dprintf(idx, "starttls\n");
1677     putlog(LOG_BOTS, "*", "Sent STARTTLS to %s...", dcc[idx].nick);
1678     }
1679     #endif
1680 simple 1.1 /* Must generate a string consisting of our process ID and the current
1681     * time. The bot will add it's password to the end and use it to generate
1682     * an MD5 checksum (always 128bit). The checksum is sent back and this
1683     * end does the same. The remote bot is only allowed access if the
1684     * checksums match.
1685     *
1686     * Please don't fuck with 'timeval', or the digest we generate later for
1687     * authentication will not be correct - you've been warned ;)
1688     * <Cybah>
1689     */
1690     putlog(LOG_BOTS, "*", "Challenging %s...", dcc[idx].nick);
1691     dprintf(idx, "passreq <%x%x@%s>\n", getpid(), dcc[idx].timeval, botnetnick);
1692     } else {
1693     /* NOTE: The MD5 digest used above to prevent cleartext passwords being
1694     * sent across the net will _only_ work when we have the cleartext
1695     * password. User passwords are encrypted (with blowfish usually)
1696     * so the same thing cant be done. Botnet passwords are always
1697     * stored in cleartext, or at least something that can be reversed.
1698     * <Cybah>
1699     */
1700    
1701     /* Turn off remote telnet echo (send IAC WILL ECHO). */
1702     if (dcc[idx].status & STAT_TELNET) {
1703     char buf[1030];
1704     snprintf(buf, sizeof buf, "\n%s%s\r\n", escape_telnet(DCC_ENTERPASS),
1705     TLN_IAC_C TLN_WILL_C TLN_ECHO_C);
1706     tputs(dcc[idx].sock, buf, strlen(buf));
1707     } else
1708     dprintf(idx, "\n%s\n", DCC_ENTERPASS);
1709     }
1710     }
1711    
1712     static void eof_dcc_telnet_id(int idx)
1713     {
1714     putlog(LOG_MISC, "*", DCC_LOSTCON, dcc[idx].host, dcc[idx].port);
1715     killsock(dcc[idx].sock);
1716     lostdcc(idx);
1717     }
1718    
1719     static void timeout_dcc_telnet_id(int idx)
1720     {
1721     dprintf(idx, "Timeout.\n");
1722     putlog(LOG_MISC, "*", DCC_TTIMEOUT, dcc[idx].host);
1723     killsock(dcc[idx].sock);
1724     lostdcc(idx);
1725     }
1726    
1727     static void display_dcc_telnet_id(int idx, char *buf)
1728     {
1729     long tv;
1730    
1731     tv = now - dcc[idx].timeval;
1732     sprintf(buf, "t-in waited %lis", tv);
1733     }
1734    
1735     struct dcc_table DCC_TELNET_ID = {
1736     "TELNET_ID",
1737     0,
1738     eof_dcc_telnet_id,
1739     dcc_telnet_id,
1740     &password_timeout,
1741     timeout_dcc_telnet_id,
1742     display_dcc_telnet_id,
1743     expmem_dcc_general,
1744     kill_dcc_general,
1745     out_dcc_general
1746     };
1747    
1748     static void dcc_telnet_new(int idx, char *buf, int x)
1749     {
1750     int ok = 1;
1751     char work[1024], *p, *q, *r;
1752    
1753     buf[HANDLEN] = 0;
1754     if (dcc[idx].status & STAT_TELNET)
1755     strip_telnet(dcc[idx].sock, buf, &x);
1756     dcc[idx].timeval = now;
1757     for (x = 0; x < strlen(buf); x++)
1758 pseudo 1.3 if (buf[x] <= 32)
1759 simple 1.1 ok = 0;
1760     if (!ok) {
1761     dprintf(idx, "\nYou can't use weird symbols in your nick.\n");
1762     dprintf(idx, "Try another one please:\n");
1763     } else if (strchr(BADHANDCHARS, buf[0]) != NULL) {
1764     dprintf(idx, "\nYou can't start your nick with the character '%c'\n",
1765     buf[0]);
1766     dprintf(idx, "Try another one please:\n");
1767     } else if (get_user_by_handle(userlist, buf)) {
1768     dprintf(idx, "\nSorry, that nickname is taken already.\n");
1769     dprintf(idx, "Try another one please:\n");
1770     return;
1771     } else if (!egg_strcasecmp(buf, botnetnick))
1772     dprintf(idx, "Sorry, can't use my name for a nick.\n");
1773     else {
1774     strcpy(dcc[idx].nick, buf);
1775     if (make_userfile)
1776     userlist = adduser(userlist,
1777     buf, "-telnet!*@*", "-", sanity_check(default_flags |
1778     USER_PARTY | USER_MASTER | USER_OWNER));
1779     else {
1780     p = strchr(dcc[idx].host, '@');
1781     if (p) {
1782     q = p;
1783     *q = 0;
1784     p++;
1785     r = strchr(p, '.');
1786     if (!r)
1787     simple_sprintf(work, "-telnet!%s@%s", dcc[idx].host, p);
1788     else
1789     simple_sprintf(work, "-telnet!%s@*%s", dcc[idx].host, r);
1790     *q = '@';
1791     } else
1792     simple_sprintf(work, "-telnet!*@*%s", dcc[idx].host);
1793     userlist = adduser(userlist, buf, work, "-",
1794     sanity_check(USER_PARTY | default_flags));
1795     }
1796     reaffirm_owners();
1797     dcc[idx].status = STAT_ECHO | STAT_TELNET;
1798     dcc[idx].type = &DCC_CHAT; /* Just so next line will work */
1799     dcc[idx].user = get_user_by_handle(userlist, buf);
1800     check_dcc_attrs(dcc[idx].user, USER_PARTY | default_flags);
1801     dcc[idx].type = &DCC_TELNET_PW;
1802     if (make_userfile) {
1803     dprintf(idx, "\nYOU ARE THE MASTER/OWNER ON THIS BOT NOW\n");
1804     dprintf(idx, IRC_LIMBO);
1805     putlog(LOG_MISC, "*", DCC_INSTCOMPL, buf);
1806     make_userfile = 0;
1807     write_userfile(-1);
1808     add_note(buf, botnetnick, "Welcome to eggdrop! :)", -1, 0);
1809     }
1810     dprintf(idx, "\nOkay, now choose and enter a password:\n");
1811     dprintf(idx, "(Only the first 15 letters are significant.)\n");
1812     }
1813     }
1814    
1815     static void dcc_telnet_pw(int idx, char *buf, int x)
1816     {
1817     char *newpass;
1818     int ok;
1819    
1820     if (dcc[idx].status & STAT_TELNET)
1821     strip_telnet(dcc[idx].sock, buf, &x);
1822     buf[16] = 0;
1823     ok = 1;
1824     if (strlen(buf) < 4) {
1825     dprintf(idx, "\nTry to use at least 4 characters in your password.\n");
1826     dprintf(idx, "Choose and enter a password:\n");
1827     return;
1828     }
1829     for (x = 0; x < strlen(buf); x++)
1830     if ((buf[x] <= 32) || (buf[x] == 127))
1831     ok = 0;
1832     if (!ok) {
1833     dprintf(idx, "\nYou can't use weird symbols in your password.\n");
1834     dprintf(idx, "Try another one please:\n");
1835     return;
1836     }
1837     putlog(LOG_MISC, "*", DCC_NEWUSER, dcc[idx].nick, dcc[idx].host,
1838     dcc[idx].port);
1839     if (notify_new[0]) {
1840     char s[121], s1[121], s2[121];
1841    
1842     sprintf(s, "Introduced to %s, %s", dcc[idx].nick, dcc[idx].host);
1843     strcpy(s1, notify_new);
1844     splitc(s2, s1, ',');
1845     while (s2[0]) {
1846     rmspace(s2);
1847     add_note(s2, botnetnick, s, -1, 0);
1848     splitc(s2, s1, ',');
1849     }
1850     rmspace(s1);
1851     add_note(s1, botnetnick, s, -1, 0);
1852     }
1853     newpass = newsplit(&buf);
1854     set_user(&USERENTRY_PASS, dcc[idx].user, newpass);
1855     dprintf(idx, "\nRemember that! You'll need it next time you log in.\n");
1856     dprintf(idx, "You now have an account on %s...\n\n\n", botnetnick);
1857     dcc[idx].type = &DCC_CHAT;
1858     dcc[idx].u.chat->channel = -2;
1859     dcc_chatter(idx);
1860     }
1861    
1862     static void eof_dcc_telnet_new(int idx)
1863     {
1864     putlog(LOG_MISC, "*", DCC_LOSTNEWUSER, dcc[idx].host, dcc[idx].port);
1865     killsock(dcc[idx].sock);
1866     lostdcc(idx);
1867     }
1868    
1869     static void eof_dcc_telnet_pw(int idx)
1870     {
1871     putlog(LOG_MISC, "*", DCC_LOSTNEWUSR2, dcc[idx].nick, dcc[idx].host,
1872     dcc[idx].port);
1873     deluser(dcc[idx].nick);
1874     killsock(dcc[idx].sock);
1875     lostdcc(idx);
1876     }
1877    
1878     static void tout_dcc_telnet_new(int idx)
1879     {
1880     dprintf(idx, "Guess you're not there. Bye.\n");
1881     putlog(LOG_MISC, "*", DCC_TIMEOUTUSER, dcc[idx].host, dcc[idx].port);
1882     killsock(dcc[idx].sock);
1883     lostdcc(idx);
1884     }
1885    
1886     static void tout_dcc_telnet_pw(int idx)
1887     {
1888