[srvx-commits] CVS: services/src common.h,1.88,1.89 hash.h,1.105,1.106 messages.h,1.36,1.37 mod-snoo
Brought to you by:
entrope
Menu
▾
▴
[srvx-commits] CVS: services/src common.h,1.88,1.89 hash.h,1.105,1.106 messages.h,1.36,1.37 mod-snoop.c,1.14,1.15 nickserv.c,1.246,1.247 opserv.c,1.331,1.332 proto-bahamut.c,1.42,1.43 proto-common.c,1.32,1.33 proto-p10.c,1.71,1.72 sockcheck.c,1.91,1.92 tools.c,1.124,1.125
|
From: Adrian D. <sai...@us...> - 2003-08-02 23:13:26
|
Update of /cvsroot/srvx/services/src
In directory sc8-pr-cvs1:/tmp/cvs-serv2369/src
Modified Files:
common.h hash.h messages.h mod-snoop.c nickserv.c opserv.c
proto-bahamut.c proto-common.c proto-p10.c sockcheck.c tools.c
Log Message:
Make struct userNode -> ip into a struct in_addr instead of unsigned long
This means that it is stored in network byte order instead of host byte order.
- Use inet_ntoa for all ip -> string operations
OpServ: Trusts now work based on ip, not hostname
Index: common.h
===================================================================
RCS file: /cvsroot/srvx/services/src/common.h,v
retrieving revision 1.88
retrieving revision 1.89
diff -C2 -r1.88 -r1.89
*** common.h 22 Jul 2003 16:32:07 -0000 1.88
--- common.h 2 Aug 2003 23:13:22 -0000 1.89
***************
*** 43,46 ****
--- 43,49 ----
#define INADDR_NONE 0xffffffffL
#endif
+ #ifndef INADDR_LOOPBACK
+ #define INADDR_LOOPBACK 0x7f000001L
+ #endif
#define ArrayLength(x) (sizeof(x)/sizeof(x[0]))
***************
*** 112,117 ****
unsigned long ParseInterval(const unsigned char *interval);
unsigned long ParseVolume(const unsigned char *volume);
! int parse_ipmask(const unsigned char *str, unsigned long *addr, unsigned long *mask);
! #define MATCH_IPMASK(test, addr, mask) (((test & mask) ^ (addr & mask)) == 0)
#define MD5_CRYPT_LENGTH 42
--- 115,120 ----
unsigned long ParseInterval(const unsigned char *interval);
unsigned long ParseVolume(const unsigned char *volume);
! int parse_ipmask(const unsigned char *str, struct in_addr *addr, unsigned long *mask);
! #define MATCH_IPMASK(test, addr, mask) (((ntohl(test.s_addr) & mask) ^ (ntohl(addr.s_addr) & mask)) == 0)
#define MD5_CRYPT_LENGTH 42
Index: hash.h
===================================================================
RCS file: /cvsroot/srvx/services/src/hash.h,v
retrieving revision 1.105
retrieving revision 1.106
diff -C2 -r1.105 -r1.106
*** hash.h 2 Aug 2003 22:03:19 -0000 1.105
--- hash.h 2 Aug 2003 23:13:22 -0000 1.106
***************
*** 103,107 ****
#endif
unsigned int dead : 1;
! unsigned long ip;
long modes; /* user flags +isw etc... */
--- 103,107 ----
#endif
unsigned int dead : 1;
! struct in_addr ip;
long modes; /* user flags +isw etc... */
Index: messages.h
===================================================================
RCS file: /cvsroot/srvx/services/src/messages.h,v
retrieving revision 1.36
retrieving revision 1.37
diff -C2 -r1.36 -r1.37
*** messages.h 7 Jul 2003 16:29:33 -0000 1.36
--- messages.h 2 Aug 2003 23:13:22 -0000 1.37
***************
*** 82,87 ****
#define MSG_INVALID_BINARY "$b%s$b is an invalid binary value."
! #define IDENT_FORMAT "%s [%s@%s/%ld.%ld.%ld.%ld]"
! #define IDENT_DATA(user) user->nick, user->ident, user->hostname, (user->ip >> 24) & 255, (user->ip >> 16) & 255, (user->ip >> 8) & 255, user->ip & 255
#endif /* ifdef _MESSAGES_H_ */
--- 82,87 ----
#define MSG_INVALID_BINARY "$b%s$b is an invalid binary value."
! #define IDENT_FORMAT "%s [%s@%s/%s]"
! #define IDENT_DATA(user) user->nick, user->ident, user->hostname, inet_ntoa(user->ip)
#endif /* ifdef _MESSAGES_H_ */
Index: mod-snoop.c
===================================================================
RCS file: /cvsroot/srvx/services/src/mod-snoop.c,v
retrieving revision 1.14
retrieving revision 1.15
diff -C2 -r1.14 -r1.15
*** mod-snoop.c 29 Jul 2003 01:51:24 -0000 1.14
--- mod-snoop.c 2 Aug 2003 23:13:22 -0000 1.15
***************
*** 91,97 ****
if (user->uplink->burst && !snoop_cfg.show_bursts) return 0;
UPDATE_TIMESTAMP();
! SNOOP("$bNICK$b %s %s@%s [%ld.%ld.%ld.%ld] on %s", user->nick, user->ident, user->hostname,
! (user->ip >> 24) & 255, (user->ip >> 16) & 255, (user->ip >> 8) & 255, user->ip & 255,
! user->uplink->name);
return 0;
}
--- 91,95 ----
if (user->uplink->burst && !snoop_cfg.show_bursts) return 0;
UPDATE_TIMESTAMP();
! SNOOP("$bNICK$b %s %s@%s [%s] on %s", user->nick, user->ident, user->hostname, inet_ntoa(user->ip), user->uplink->name);
return 0;
}
Index: nickserv.c
===================================================================
RCS file: /cvsroot/srvx/services/src/nickserv.c,v
retrieving revision 1.246
retrieving revision 1.247
diff -C2 -r1.246 -r1.247
*** nickserv.c 31 Jul 2003 02:08:40 -0000 1.246
--- nickserv.c 2 Aug 2003 23:13:22 -0000 1.247
***************
*** 1086,1090 ****
} else {
string_list_append(hi->masks, generate_hostmask(user, GENMASK_OMITNICK|GENMASK_NO_HIDING|GENMASK_ANY_IDENT));
! if (user->ip != 0) {
string_list_append(hi->masks, generate_hostmask(user, GENMASK_OMITNICK|GENMASK_BYIP|GENMASK_NO_HIDING|GENMASK_ANY_IDENT));
}
--- 1086,1090 ----
} else {
string_list_append(hi->masks, generate_hostmask(user, GENMASK_OMITNICK|GENMASK_NO_HIDING|GENMASK_ANY_IDENT));
! if (user->ip.s_addr) {
string_list_append(hi->masks, generate_hostmask(user, GENMASK_OMITNICK|GENMASK_BYIP|GENMASK_NO_HIDING|GENMASK_ANY_IDENT));
}
Index: opserv.c
===================================================================
RCS file: /cvsroot/srvx/services/src/opserv.c,v
retrieving revision 1.331
retrieving revision 1.332
diff -C2 -r1.331 -r1.332
*** opserv.c 2 Aug 2003 22:03:18 -0000 1.331
--- opserv.c 2 Aug 2003 23:13:22 -0000 1.332
***************
*** 32,35 ****
--- 32,41 ----
#include <sys/times.h>
#endif
+ #ifdef HAVE_NETINET_IN_H
+ #include <netinet/in.h>
+ #endif
+ #ifdef HAVE_ARPA_INET_H
+ #include <arpa/inet.h>
+ #endif
#define OPSERV_CONF_NAME "services/opserv"
***************
*** 113,117 ****
#define OSMSG_WHOIS_NICK "Nick : %s"
#define OSMSG_WHOIS_HOST "Host : %s@%s"
! #define OSMSG_WHOIS_IP "Real IP : %ld.%ld.%ld.%ld"
#define OSMSG_WHOIS_INFO "Info : %s"
#define OSMSG_WHOIS_NUMERIC "Numeric : %s"
--- 119,123 ----
#define OSMSG_WHOIS_NICK "Nick : %s"
#define OSMSG_WHOIS_HOST "Host : %s@%s"
! #define OSMSG_WHOIS_IP "Real IP : %s"
#define OSMSG_WHOIS_INFO "Info : %s"
#define OSMSG_WHOIS_NUMERIC "Numeric : %s"
***************
*** 281,285 ****
struct trusted_host {
! char *hostname;
char *issuer;
char *reason;
--- 287,291 ----
struct trusted_host {
! char *ipaddr;
char *issuer;
char *reason;
***************
*** 315,319 ****
struct chanNode *channel;
char *mask_nick, *mask_ident, *mask_host, *mask_info, *server, *ip_mask_str, *reason;
! unsigned long limit, ip_addr, ip_mask;
unsigned int min_level, max_level, domain_depth, duration, min_clones, min_channels, max_channels;
unsigned int match_opers : 1, option_log : 1;
--- 321,326 ----
struct chanNode *channel;
char *mask_nick, *mask_ident, *mask_host, *mask_info, *server, *ip_mask_str, *reason;
! unsigned long limit, ip_mask;
! struct in_addr ip_addr;
unsigned int min_level, max_level, domain_depth, duration, min_clones, min_channels, max_channels;
unsigned int match_opers : 1, option_log : 1;
***************
*** 1159,1163 ****
{
struct userNode *target;
- unsigned long ip;
char buffer[128], buffer2[INTERVALLEN];
int bpos, herelen;
--- 1166,1169 ----
***************
*** 1173,1183 ****
#endif
if (!target) {
! opserv_notice(user, MSG_NICK_UNKNOWN, argv[1]);
! return 0;
}
- ip = target->ip;
opserv_notice(user, OSMSG_WHOIS_NICK, target->nick);
opserv_notice(user, OSMSG_WHOIS_HOST, target->ident, target->hostname);
! opserv_notice(user, OSMSG_WHOIS_IP, (ip >> 24) & 255, (ip >> 16) & 255, (ip >> 8) & 255, ip & 255);
if (target->modes) {
bpos = 0;
--- 1179,1188 ----
#endif
if (!target) {
! opserv_notice(user, MSG_NICK_UNKNOWN, argv[1]);
! return 0;
}
opserv_notice(user, OSMSG_WHOIS_NICK, target->nick);
opserv_notice(user, OSMSG_WHOIS_HOST, target->ident, target->hostname);
! opserv_notice(user, OSMSG_WHOIS_IP, inet_ntoa(target->ip));
if (target->modes) {
bpos = 0;
***************
*** 1687,1700 ****
/* Gag them if appropriate. */
for (gag = gagList; gag; gag = gag->next) {
! if (user_matches_glob(user, gag->mask, 1)) {
! gag_helper_func(user, NULL);
! break;
! }
}
/* Add to host info struct */
! if (!(ohi = dict_find(opserv_hostinfo_dict, user->hostname, NULL))) {
! ohi = calloc(1, sizeof(*ohi));
! dict_insert(opserv_hostinfo_dict, strdup(user->hostname), ohi);
userList_init(&ohi->clients);
}
--- 1692,1705 ----
/* Gag them if appropriate. */
for (gag = gagList; gag; gag = gag->next) {
! if (user_matches_glob(user, gag->mask, 1)) {
! gag_helper_func(user, NULL);
! break;
! }
}
/* Add to host info struct */
! if (!(ohi = dict_find(opserv_hostinfo_dict, inet_ntoa(user->ip), NULL))) {
! ohi = calloc(1, sizeof(*ohi));
! dict_insert(opserv_hostinfo_dict, strdup(inet_ntoa(user->ip)), ohi);
userList_init(&ohi->clients);
}
***************
*** 1702,1706 ****
/* If they have a bum IP, don't proxy-check or G-line them. */
! if ((user->ip == 0) || (user->ip == htonl(0x7f000001))) return 0;
/* Only proxy check or warn of new user floods outside of bursts. */
--- 1707,1711 ----
/* If they have a bum IP, don't proxy-check or G-line them. */
! if ((user->ip.s_addr == 0) || (ntohl(user->ip.s_addr) == INADDR_LOOPBACK)) return 0;
/* Only proxy check or warn of new user floods outside of bursts. */
***************
*** 1718,1722 ****
/* And only warn or G-line if there's an untrusted max. */
if (opserv_conf.untrusted_max) {
! struct trusted_host *th = dict_find(opserv_trusted_hosts, user->hostname, NULL);
unsigned int limit = th ? th->limit : opserv_conf.untrusted_max;
if (!limit) {
--- 1723,1727 ----
/* And only warn or G-line if there's an untrusted max. */
if (opserv_conf.untrusted_max) {
! struct trusted_host *th = dict_find(opserv_trusted_hosts, inet_ntoa(user->ip), NULL);
unsigned int limit = th ? th->limit : opserv_conf.untrusted_max;
if (!limit) {
***************
*** 1728,1733 ****
}
} else if (limit && (ohi->clients.used > limit)) {
! char *target = alloca(3+strlen(user->hostname));
! sprintf(target, "*@%s", user->hostname);
gline_add(opserv->nick, target, opserv_conf.clone_gline_duration, OSMSG_TOO_MANY_CLONES, now, 1);
}
--- 1733,1738 ----
}
} else if (limit && (ohi->clients.used > limit)) {
! char target[18];
! sprintf(target, "*@%s", inet_ntoa(user->ip));
gline_add(opserv->nick, target, opserv_conf.clone_gline_duration, OSMSG_TOO_MANY_CLONES, now, 1);
}
***************
*** 1743,1755 ****
if (IsLocal(user)) {
! /* Try to remove it from the reserved nick dict without
* calling free_reserve, because that would call DelUser(),
* and we'd loop back to here. */
! dict_remove(opserv_reserved_nick_dict, user->nick);
! return;
}
! if ((ohi = dict_find(opserv_hostinfo_dict, user->hostname, NULL))) {
userList_remove(&ohi->clients, user);
! if (ohi->clients.used == 0) dict_remove(opserv_hostinfo_dict, user->hostname);
}
}
--- 1748,1760 ----
if (IsLocal(user)) {
! /* Try to remove it from the reserved nick dict without
* calling free_reserve, because that would call DelUser(),
* and we'd loop back to here. */
! dict_remove(opserv_reserved_nick_dict, user->nick);
! return;
}
! if ((ohi = dict_find(opserv_hostinfo_dict, inet_ntoa(user->ip), NULL))) {
userList_remove(&ohi->clients, user);
! if (ohi->clients.used == 0) dict_remove(opserv_hostinfo_dict, inet_ntoa(user->ip));
}
}
***************
*** 2005,2018 ****
{
struct trusted_host *th = data;
! dict_remove(opserv_trusted_hosts, th->hostname);
}
static void
! opserv_add_trusted_host(const char *hostname, unsigned int limit, const char *issuer, time_t issued, time_t expires, const char *reason)
{
struct trusted_host *th;
th = calloc(1, sizeof(*th));
if (!th) return;
! th->hostname = strdup(hostname);
th->reason = reason ? strdup(reason) : NULL;
th->issuer = issuer ? strdup(issuer) : NULL;
--- 2010,2023 ----
{
struct trusted_host *th = data;
! dict_remove(opserv_trusted_hosts, th->ipaddr);
}
static void
! opserv_add_trusted_host(const char *ipaddr, unsigned int limit, const char *issuer, time_t issued, time_t expires, const char *reason)
{
struct trusted_host *th;
th = calloc(1, sizeof(*th));
if (!th) return;
! th->ipaddr = strdup(ipaddr);
th->reason = reason ? strdup(reason) : NULL;
th->issuer = issuer ? strdup(issuer) : NULL;
***************
*** 2020,2024 ****
th->limit = limit;
th->expires = expires;
! dict_insert(opserv_trusted_hosts, th->hostname, th);
if (th->expires) timeq_add(th->expires, opserv_expire_trusted_host, th);
}
--- 2025,2029 ----
th->limit = limit;
th->expires = expires;
! dict_insert(opserv_trusted_hosts, th->ipaddr, th);
if (th->expires) timeq_add(th->expires, opserv_expire_trusted_host, th);
}
***************
*** 2028,2032 ****
{
struct trusted_host *th = data;
! free(th->hostname);
if (th->reason) free(th->reason);
if (th->issuer) free(th->issuer);
--- 2033,2037 ----
{
struct trusted_host *th = data;
! free(th->ipaddr);
if (th->reason) free(th->reason);
if (th->issuer) free(th->issuer);
***************
*** 2060,2064 ****
if (!th) continue;
if (th->expires) timeq_del(th->expires, opserv_expire_trusted_host, th, 0);
! dict_remove(opserv_trusted_hosts, argv[n]);
}
return opserv_notice(user, OSMSG_REMOVED_TRUSTED);
--- 2065,2069 ----
if (!th) continue;
if (th->expires) timeq_del(th->expires, opserv_expire_trusted_host, th, 0);
! dict_remove(opserv_trusted_hosts, argv[n]);
}
return opserv_notice(user, OSMSG_REMOVED_TRUSTED);
***************
*** 2931,2935 ****
{
unsigned int access;
- char ipbuf[16];
if ((user->timestamp < discrim->min_ts)
--- 2936,2939 ----
***************
*** 2937,2947 ****
|| (user->channels.used < discrim->min_channels)
|| (user->channels.used > discrim->max_channels)
! || (discrim->mask_nick && !match_ircglob(user->nick, discrim->mask_nick))
! || (discrim->mask_ident && !match_ircglob(user->ident, discrim->mask_ident))
! || (discrim->mask_host && !match_ircglob(user->hostname, discrim->mask_host))
! || (discrim->mask_info && !match_ircglob(user->info, discrim->mask_info))
! || (discrim->server && !match_ircglob(user->uplink->name, discrim->server))
! || (discrim->ip_mask && !MATCH_IPMASK(user->ip, discrim->ip_addr, discrim->ip_mask))) {
! return 0;
}
if (discrim->channel && !GetUserMode(discrim->channel, user)) return 0;
--- 2941,2951 ----
|| (user->channels.used < discrim->min_channels)
|| (user->channels.used > discrim->max_channels)
! || (discrim->mask_nick && !match_ircglob(user->nick, discrim->mask_nick))
! || (discrim->mask_ident && !match_ircglob(user->ident, discrim->mask_ident))
! || (discrim->mask_host && !match_ircglob(user->hostname, discrim->mask_host))
! || (discrim->mask_info && !match_ircglob(user->info, discrim->mask_info))
! || (discrim->server && !match_ircglob(user->uplink->name, discrim->server))
! || (discrim->ip_mask && !MATCH_IPMASK(user->ip, discrim->ip_addr, discrim->ip_mask))) {
! return 0;
}
if (discrim->channel && !GetUserMode(discrim->channel, user)) return 0;
***************
*** 2952,2960 ****
}
if (discrim->ip_mask_str) {
! snprintf(ipbuf, sizeof(ipbuf), "%lu.%lu.%lu.%lu", (user->ip>>24)&0xff, (user->ip>>16)&0xff, (user->ip>>8)&0xff, user->ip&0xff);
! if (!match_ircglob(ipbuf, discrim->ip_mask_str)) return 0;
}
if (discrim->min_clones > 1) {
! struct opserv_hostinfo *ohi = dict_find(opserv_hostinfo_dict, user->hostname, NULL);
if (!ohi || (ohi->clients.used < discrim->min_clones)) return 0;
}
--- 2956,2963 ----
}
if (discrim->ip_mask_str) {
! if (!match_ircglob(inet_ntoa(user->ip), discrim->ip_mask_str)) return 0;
}
if (discrim->min_clones > 1) {
! struct opserv_hostinfo *ohi = dict_find(opserv_hostinfo_dict, inet_ntoa(user->ip), NULL);
if (!ohi || (ohi->clients.used < discrim->min_clones)) return 0;
}
***************
*** 2971,2989 ****
/* Try most optimized search methods first */
if (discrim->channel) {
! for (nn=0;
! (nn < discrim->channel->members.used)
! && (matched.used < discrim->limit);
! nn++) {
! struct modeNode *mn = discrim->channel->members.list[nn];
if (((mn->modes & discrim->chan_req_modes) != discrim->chan_req_modes)
! || ((mn->modes & discrim->chan_no_modes) != 0)) {
continue;
}
! if (discrim_match(discrim, mn->user)) {
userList_append(&matched, mn->user);
! }
! }
! } else if (discrim->mask_host && !discrim->mask_host[strcspn(discrim->mask_host, "?*")]) {
! struct opserv_hostinfo *ohi = dict_find(opserv_hostinfo_dict, discrim->mask_host, NULL);
if (!ohi) {
userList_clean(&matched);
--- 2974,2992 ----
/* Try most optimized search methods first */
if (discrim->channel) {
! for (nn=0;
! (nn < discrim->channel->members.used)
! && (matched.used < discrim->limit);
! nn++) {
! struct modeNode *mn = discrim->channel->members.list[nn];
if (((mn->modes & discrim->chan_req_modes) != discrim->chan_req_modes)
! || ((mn->modes & discrim->chan_no_modes) != 0)) {
continue;
}
! if (discrim_match(discrim, mn->user)) {
userList_append(&matched, mn->user);
! }
! }
! } else if (discrim->ip_mask_str && !discrim->ip_mask_str[strcspn(discrim->ip_mask_str, "?*")]) {
! struct opserv_hostinfo *ohi = dict_find(opserv_hostinfo_dict, discrim->ip_mask_str, NULL);
if (!ohi) {
userList_clean(&matched);
***************
*** 3132,3145 ****
if (!match->hostname[strspn(match->hostname, "0123456789.")]) {
char ipmask[16];
/* raw IP address.. use up to first three octets of IP */
switch (das->discrim->domain_depth) {
default:
! snprintf(ipmask, sizeof(ipmask), "%lu.%lu.%lu.*", (match->ip>>24)&255, (match->ip>>16)&255, (match->ip>>8)&255);
break;
case 2:
! snprintf(ipmask, sizeof(ipmask), "%lu.%lu.*", (match->ip>>24)&255, (match->ip>>16)&255);
break;
case 1:
! snprintf(ipmask, sizeof(ipmask), "%lu.*", (match->ip>>24)&255);
break;
}
--- 3135,3149 ----
if (!match->hostname[strspn(match->hostname, "0123456789.")]) {
char ipmask[16];
+ unsigned long matchip = ntohl(match->ip.s_addr);
/* raw IP address.. use up to first three octets of IP */
switch (das->discrim->domain_depth) {
default:
! snprintf(ipmask, sizeof(ipmask), "%lu.%lu.%lu.*", (matchip>>24)&255, (matchip>>16)&255, (matchip>>8)&255);
break;
case 2:
! snprintf(ipmask, sizeof(ipmask), "%lu.%lu.*", (matchip>>24)&255, (matchip>>16)&255);
break;
case 1:
! snprintf(ipmask, sizeof(ipmask), "%lu.*", (matchip>>24)&255);
break;
}
***************
*** 3588,3592 ****
else return;
! if (user->ip) {
send_channel_notice(opserv_conf.staff_auth_channel, opserv,
IDENT_FORMAT" authed to %s account %s", IDENT_DATA(user), type, user->handle_info->handle);
--- 3592,3596 ----
else return;
! if (user->ip.s_addr) {
send_channel_notice(opserv_conf.staff_auth_channel, opserv,
IDENT_FORMAT" authed to %s account %s", IDENT_DATA(user), type, user->handle_info->handle);
Index: proto-bahamut.c
===================================================================
RCS file: /cvsroot/srvx/services/src/proto-bahamut.c,v
retrieving revision 1.42
retrieving revision 1.43
diff -C2 -r1.42 -r1.43
*** proto-bahamut.c 29 Jul 2003 02:19:41 -0000 1.42
--- proto-bahamut.c 2 Aug 2003 23:13:22 -0000 1.43
***************
*** 148,152 ****
safestrncpy(uNode->info, userinfo, sizeof(uNode->info));
safestrncpy(uNode->hostname, hostname, sizeof(uNode->hostname));
! uNode->ip = realip;
uNode->timestamp = timestamp;
modeList_init(&uNode->channels);
--- 148,152 ----
safestrncpy(uNode->info, userinfo, sizeof(uNode->info));
safestrncpy(uNode->hostname, hostname, sizeof(uNode->hostname));
! uNode->ip.s_addr = htonl(realip);
uNode->timestamp = timestamp;
modeList_init(&uNode->channels);
***************
*** 178,183 ****
time_t timestamp = now;
struct userNode *old_user = GetUserH(nick);
if (old_user) timestamp = old_user->timestamp - 1;
! return AddUser(self, nick, nick, self->name, "+oikr", desc, timestamp, (127<<24)|1, 0);
}
--- 178,184 ----
time_t timestamp = now;
struct userNode *old_user = GetUserH(nick);
+ struct in_addr ipaddr = { INADDR_LOOPBACK };
if (old_user) timestamp = old_user->timestamp - 1;
! return AddUser(self, nick, nick, self->name, "+oikr", desc, timestamp, ipaddr, 0);
}
***************
*** 186,191 ****
time_t timestamp = now;
struct userNode *old_user = GetUserH(nick);
if (old_user) timestamp = old_user->timestamp - 1;
! return AddUser(self, nick, ident, hostname, "+ir", desc, timestamp, (127<<24)|1, 0);
}
--- 187,193 ----
time_t timestamp = now;
struct userNode *old_user = GetUserH(nick);
+ struct in_addr ipaddr = { INADDR_LOOPBACK };
if (old_user) timestamp = old_user->timestamp - 1;
! return AddUser(self, nick, ident, hostname, "+ir", desc, timestamp, ipaddr, 0);
}
***************
*** 251,255 ****
putsock("NICK %s %d "FMT_TIME_T" +%s %s %s %s %lu %lu :%s",
user->nick, user->uplink->hops+2, user->timestamp, modes,
! user->ident, user->hostname, user->uplink->name, (unsigned long)0, user->ip, user->info);
}
--- 253,257 ----
putsock("NICK %s %d "FMT_TIME_T" +%s %s %s %s %lu %lu :%s",
user->nick, user->uplink->hops+2, user->timestamp, modes,
! user->ident, user->hostname, user->uplink->name, (unsigned long)0, ntohl(user->ip.s_addr), user->info);
}
Index: proto-common.c
===================================================================
RCS file: /cvsroot/srvx/services/src/proto-common.c,v
retrieving revision 1.32
retrieving revision 1.33
diff -C2 -r1.32 -r1.33
*** proto-common.c 22 Jul 2003 18:32:20 -0000 1.32
--- proto-common.c 2 Aug 2003 23:13:22 -0000 1.33
***************
*** 29,32 ****
--- 29,38 ----
#include <sys/socket.h>
#endif
+ #ifdef HAVE_NETINET_IN_H
+ #include <netinet/in.h>
+ #endif
+ #ifdef HAVE_ARPA_INET_H
+ #include <arpa/inet.h>
+ #endif
unsigned int lines_processed;
***************
*** 541,546 ****
} else if (options & GENMASK_STRICT_HOST) {
if (options & GENMASK_BYIP) {
! hostname = alloca(32);
! sprintf(hostname, "%lu.%lu.%lu.%lu", (user->ip>>24)&0xFF, (user->ip>>16)&0xFF, (user->ip>>8)&0xFF, user->ip&0xFF);
} else {
/* leave hostname as is */
--- 547,551 ----
} else if (options & GENMASK_STRICT_HOST) {
if (options & GENMASK_BYIP) {
! hostname = inet_ntoa(user->ip);
} else {
/* leave hostname as is */
***************
*** 552,556 ****
masklen = 16;
mask = ~0 << masklen;
! masked_ip = user->ip & mask;
hostname = alloca(32);
if (options & GENMASK_SRVXMASK) {
--- 557,561 ----
masklen = 16;
mask = ~0 << masklen;
! masked_ip = ntohl(user->ip.s_addr) & mask;
hostname = alloca(32);
if (options & GENMASK_SRVXMASK) {
***************
*** 572,596 ****
} else {
int cnt;
! /* This heuristic could be made smarter. Is it worth the effort? */
! for (ii=cnt=0; hostname[ii]; ii++) {
! if (hostname[ii] == '.') cnt++;
}
! if (cnt == 1) {
! /* only a two-level domain name; leave hostname */
! } else if (cnt == 2) {
! for (ii=0; user->hostname[ii] != '.'; ii++) ;
! /* Add 3 to account for the *. and \0. */
hostname = alloca(strlen(user->hostname+ii)+3);
sprintf(hostname, "*.%s", user->hostname+ii+1);
! } else {
! for (cnt=3, ii--; cnt; ii--) {
! if (user->hostname[ii] == '.') cnt--;
! }
! /* The loop above will overshoot the dot one character;
! we skip forward two (the one character and the dot)
! when printing, so we only add one for the \0. */
! hostname = alloca(strlen(user->hostname+ii)+1);
! sprintf(hostname, "*.%s", user->hostname+ii+2);
! }
}
/* Emit hostmask */
--- 577,601 ----
} else {
int cnt;
! /* This heuristic could be made smarter. Is it worth the effort? */
! for (ii=cnt=0; hostname[ii]; ii++) {
! if (hostname[ii] == '.') cnt++;
}
! if (cnt == 1) {
! /* only a two-level domain name; leave hostname */
! } else if (cnt == 2) {
! for (ii=0; user->hostname[ii] != '.'; ii++) ;
! /* Add 3 to account for the *. and \0. */
hostname = alloca(strlen(user->hostname+ii)+3);
sprintf(hostname, "*.%s", user->hostname+ii+1);
! } else {
! for (cnt=3, ii--; cnt; ii--) {
! if (user->hostname[ii] == '.') cnt--;
! }
! /* The loop above will overshoot the dot one character;
! we skip forward two (the one character and the dot)
! when printing, so we only add one for the \0. */
! hostname = alloca(strlen(user->hostname+ii)+1);
! sprintf(hostname, "*.%s", user->hostname+ii+2);
! }
}
/* Emit hostmask */
Index: proto-p10.c
===================================================================
RCS file: /cvsroot/srvx/services/src/proto-p10.c,v
retrieving revision 1.71
retrieving revision 1.72
diff -C2 -r1.71 -r1.72
*** proto-p10.c 2 Aug 2003 22:03:19 -0000 1.71
--- proto-p10.c 2 Aug 2003 23:13:22 -0000 1.72
***************
*** 379,383 ****
char b64ip[7];
if (!user) return;
! inttobase64(b64ip, user->ip, 6);
if (user->modes) {
int modelen;
--- 379,383 ----
char b64ip[7];
if (!user) return;
! inttobase64(b64ip, ntohl(user->ip.s_addr), 6);
if (user->modes) {
int modelen;
***************
*** 1798,1802 ****
safestrncpy(uNode->hostname, hostname, sizeof(uNode->hostname));
safestrncpy(uNode->numeric, numeric, sizeof(uNode->numeric));
! uNode->ip = base64toint(realip, 6);
uNode->timestamp = timestamp;
modeList_init(&uNode->channels);
--- 1798,1802 ----
safestrncpy(uNode->hostname, hostname, sizeof(uNode->hostname));
safestrncpy(uNode->numeric, numeric, sizeof(uNode->numeric));
! uNode->ip.s_addr = htonl(base64toint(realip, 6));
uNode->timestamp = timestamp;
modeList_init(&uNode->channels);
Index: sockcheck.c
===================================================================
RCS file: /cvsroot/srvx/services/src/sockcheck.c,v
retrieving revision 1.91
retrieving revision 1.92
diff -C2 -r1.91 -r1.92
*** sockcheck.c 31 Jul 2003 02:08:40 -0000 1.91
--- sockcheck.c 2 Aug 2003 23:13:23 -0000 1.92
***************
*** 29,32 ****
--- 29,38 ----
#include <sys/socket.h>
#endif
+ #ifdef HAVE_NETINET_IN_H
+ #include <netinet/in.h>
+ #endif
+ #ifdef HAVE_ARPA_INET_H
+ #include <arpa/inet.h>
+ #endif
/* TODO, 1.2 or later: allow rules like "27374:" "reject:Subseven detected";
***************
*** 52,57 ****
time_t last_touched;
const char *reason;
! unsigned long addr;
! unsigned char hostname[1];
} *sockcheck_cache_info;
--- 58,63 ----
time_t last_touched;
const char *reason;
! struct in_addr addr;
! unsigned char hostname[16];
} *sockcheck_cache_info;
***************
*** 184,188 ****
strcpy(target, "*@");
strcpy(target+2, sci->hostname);
! log_module(PC_LOG, LOG_INFO, "Issuing gline for client at IP %08lx hostname %s: %s", sci->addr, sci->hostname, sci->reason);
gline_add("ProxyCheck", target, sockcheck_conf.gline_duration, sci->reason, now, 1);
}
--- 190,194 ----
strcpy(target, "*@");
strcpy(target+2, sci->hostname);
! log_module(PC_LOG, LOG_INFO, "Issuing gline for client at IP %s hostname %s: %s", inet_ntoa(sci->addr), sci->hostname, sci->reason);
gline_add("ProxyCheck", target, sockcheck_conf.gline_duration, sci->reason, now, 1);
}
***************
*** 276,280 ****
break;
case 'i':
! exp4 = client->addr->addr;
exp_length = sizeof(exp4);
expansion = (unsigned char*)&exp4;
--- 282,286 ----
break;
case 'i':
! exp4 = client->addr->addr.s_addr;
exp_length = sizeof(exp4);
expansion = (unsigned char*)&exp4;
***************
*** 409,413 ****
/* do nothing */
if (SOCKCHECK_DEBUG) {
! log_module(PC_LOG, LOG_INFO, "Proxy check passed for client at IP %08lx hostname %s.", client->addr->addr, client->addr->hostname);
}
break;
--- 415,419 ----
/* do nothing */
if (SOCKCHECK_DEBUG) {
! log_module(PC_LOG, LOG_INFO, "Proxy check passed for client at IP %s hostname %s.", inet_ntoa(client->addr->addr), client->addr->hostname);
}
break;
***************
*** 417,421 ****
sockcheck_issue_gline(client->addr);
if (SOCKCHECK_DEBUG) {
! log_module(PC_LOG, LOG_INFO, "Proxy check rejects client at IP %08lx hostname %s (%s)", client->addr->addr, client->addr->hostname, client->addr->reason);
}
/* Don't compare test_index != 0 directly, because somebody
--- 423,427 ----
sockcheck_issue_gline(client->addr);
if (SOCKCHECK_DEBUG) {
! log_module(PC_LOG, LOG_INFO, "Proxy check rejects client at IP %s hostname %s (%s)", inet_ntoa(client->addr->addr), client->addr->hostname, client->addr->reason);
}
/* Don't compare test_index != 0 directly, because somebody
***************
*** 670,674 ****
if (!tests) return;
client = client_list[idx] = sockcheck_alloc_client(sci);
! log_module(PC_LOG, LOG_INFO, "Proxy-checking client at %08lx (%s) as client %d (%p) of %d.", sci->addr, sci->hostname, idx, client, sockcheck_num_clients);
client->test_rep = 0;
client->client_index = idx;
--- 676,680 ----
if (!tests) return;
client = client_list[idx] = sockcheck_alloc_client(sci);
! log_module(PC_LOG, LOG_INFO, "Proxy-checking client at %s (%s) as client %d (%p) of %d.", inet_ntoa(sci->addr), sci->hostname, idx, client, sockcheck_num_clients);
client->test_rep = 0;
client->client_index = idx;
***************
*** 677,689 ****
void
! sockcheck_queue_address(unsigned long addr)
{
sockcheck_cache_info sci;
! unsigned char buff[17];
! int namelen;
if (disable_sockcheck) return;
! namelen = snprintf(buff, sizeof(buff), "%ld.%ld.%ld.%ld", (addr >> 0) & 255, (addr >> 8) & 255, (addr >> 16) & 255, (addr >> 24) & 255);
! sci = dict_find(checked_ip_dict, buff, NULL);
if (sci) {
switch (sci->decision) {
--- 683,693 ----
void
! sockcheck_queue_address(struct in_addr addr)
{
sockcheck_cache_info sci;
! char *ipstr=inet_ntoa(addr);
if (disable_sockcheck) return;
! sci = dict_find(checked_ip_dict, ipstr, NULL);
if (sci) {
switch (sci->decision) {
***************
*** 703,712 ****
dict_remove(checked_ip_dict, sci->hostname);
}
! sci = calloc(1, sizeof(*sci) + namelen);
sci->decision = CHECKING;
sci->last_touched = now;
sci->reason = NULL;
sci->addr = addr;
! memcpy(sci->hostname, buff, namelen);
dict_insert(checked_ip_dict, sci->hostname, sci);
sci_list_append(&pending_sci_list, sci);
--- 707,716 ----
dict_remove(checked_ip_dict, sci->hostname);
}
! sci = calloc(1, sizeof(*sci));
sci->decision = CHECKING;
sci->last_touched = now;
sci->reason = NULL;
sci->addr = addr;
! strncpy(sci->hostname, ipstr, sizeof(sci->hostname));
dict_insert(checked_ip_dict, sci->hostname, sci);
sci_list_append(&pending_sci_list, sci);
***************
*** 994,997 ****
--- 998,1002 ----
unsigned int n;
unsigned long addr;
+ struct in_addr ipaddr;
char hnamebuf[64];
***************
*** 1000,1007 ****
if (un) {
! if ((un->ip == 0) || (un->ip == 0x7f000001)) {
send_message(user, cmd->parent->bot, "%s has a spoofed, hidden or localnet IP.", un->nick);
} else {
! sprintf(hnamebuf, "%ld.%ld.%ld.%ld", (un->ip >> 24) & 255, (un->ip >> 16) & 255, (un->ip >> 8) & 255, un->ip & 255);
sockcheck_queue_address(un->ip);
send_message(user, cmd->parent->bot, "$b%s$b is now queued to be proxy-checked.", hnamebuf);
--- 1005,1012 ----
if (un) {
! if ((un->ip.s_addr == 0) || (ntohl(un->ip.s_addr) == INADDR_LOOPBACK)) {
send_message(user, cmd->parent->bot, "%s has a spoofed, hidden or localnet IP.", un->nick);
} else {
! strcpy(hnamebuf, inet_ntoa(un->ip));
sockcheck_queue_address(un->ip);
send_message(user, cmd->parent->bot, "$b%s$b is now queued to be proxy-checked.", hnamebuf);
***************
*** 1010,1014 ****
char *scanhost = argv[n];
if (getipbyname(scanhost, &addr)) {
! sockcheck_queue_address(addr);
send_message(user, cmd->parent->bot, "$b%s$b is now queued to be proxy-checked.", scanhost);
} else {
--- 1015,1020 ----
char *scanhost = argv[n];
if (getipbyname(scanhost, &addr)) {
! ipaddr.s_addr = htonl(addr);
! sockcheck_queue_address(ipaddr);
send_message(user, cmd->parent->bot, "$b%s$b is now queued to be proxy-checked.", scanhost);
} else {
***************
*** 1030,1034 ****
if (un) {
! sprintf(hnamebuf, "%ld.%ld.%ld.%ld", (un->ip >> 24) & 255, (un->ip >> 16) & 255, (un->ip >> 8) & 255, un->ip & 255);
scanhost = hnamebuf;
} else {
--- 1036,1040 ----
if (un) {
! strcpy(hnamebuf, inet_ntoa(un->ip));
scanhost = hnamebuf;
} else {
***************
*** 1082,1087 ****
sockcheck_new_user(struct userNode *user) {
/* If they have a bum IP, or are bursting in, don't proxy-check or G-line them. */
! if ((user->ip == 0) || (user->ip == htonl(0x7f000001)) || user->uplink->burst) return 0;
! sockcheck_queue_address(htonl(user->ip));
return 0;
}
--- 1088,1093 ----
sockcheck_new_user(struct userNode *user) {
/* If they have a bum IP, or are bursting in, don't proxy-check or G-line them. */
! if ((user->ip.s_addr == 0) || (ntohl(user->ip.s_addr) == INADDR_LOOPBACK) || user->uplink->burst) return 0;
! sockcheck_queue_address(user->ip);
return 0;
}
Index: tools.c
===================================================================
RCS file: /cvsroot/srvx/services/src/tools.c,v
retrieving revision 1.124
retrieving revision 1.125
diff -C2 -r1.124 -r1.125
*** tools.c 11 Jul 2003 03:11:52 -0000 1.124
--- tools.c 2 Aug 2003 23:13:23 -0000 1.125
***************
*** 319,325 ****
if (isdigit(*glob) && !glob[strspn(glob, "0123456789./*?")]) {
/* Looks like an IP-based mask */
! unsigned char userip[20];
! sprintf(userip, "%ld.%ld.%ld.%ld", (user->ip >> 24) & 255, (user->ip >> 16) & 255, (user->ip >> 8) & 255, user->ip & 255);
! return match_ircglob(userip, glob);
} else {
if (hidden_host_suffix && user->handle_info) {
--- 319,323 ----
if (isdigit(*glob) && !glob[strspn(glob, "0123456789./*?")]) {
/* Looks like an IP-based mask */
! return match_ircglob(inet_ntoa(user->ip), glob);
} else {
if (hidden_host_suffix && user->handle_info) {
***************
*** 525,529 ****
int
! parse_ipmask(const unsigned char *str, unsigned long *addr, unsigned long *mask)
{
int accum, pos;
--- 523,527 ----
int
! parse_ipmask(const unsigned char *str, struct in_addr *addr, unsigned long *mask)
{
int accum, pos;
***************
*** 531,586 ****
t_a = t_m = pos = 0;
! if (addr) *addr = t_a;
if (mask) *mask = t_m;
while (*str) {
! if (!isdigit(*str)) return 0;
! accum = 0;
! do {
! accum = (accum * 10) + *str++ - '0';
! } while (isdigit(*str));
! if (accum > 255) return 0;
! t_a = (t_a << 8) | accum;
! t_m = (t_m << 8) | 255;
! pos += 8;
! if (*str == '.') {
! str++;
while (*str == '*') {
str++;
if (*str == '.') {
! t_a <<= 8;
! t_m <<= 8;
! pos += 8;
! str++;
! } else if (*str == 0) {
! t_a <<= 32 - pos;
! t_m <<= 32 - pos;
! pos = 32;
! goto out;
! } else {
! return 0;
! }
! }
! } else if (*str == '/') {
! int start = pos;
! accum = 0;
! do {
! accum = (accum * 10) + *str++ - '0';
! } while (isdigit(*str));
! while (pos < start+accum && pos < 32) {
! t_a = (t_a << 1) | 0;
! t_m = (t_m << 1) | 1;
! pos++;
! }
! if (pos != start+accum) return 0;
! } else if (*str == 0) {
! break;
! } else {
! return 0;
! }
}
! out:
if (pos != 32) return 0;
! *addr = t_a;
! *mask = t_m;
return 1;
}
--- 529,584 ----
t_a = t_m = pos = 0;
! if (addr) addr->s_addr = htonl(t_a);
if (mask) *mask = t_m;
while (*str) {
! if (!isdigit(*str)) return 0;
! accum = 0;
! do {
! accum = (accum * 10) + *str++ - '0';
! } while (isdigit(*str));
! if (accum > 255) return 0;
! t_a = (t_a << 8) | accum;
! t_m = (t_m << 8) | 255;
! pos += 8;
! if (*str == '.') {
! str++;
while (*str == '*') {
str++;
if (*str == '.') {
! t_a <<= 8;
! t_m <<= 8;
! pos += 8;
! str++;
! } else if (*str == 0) {
! t_a <<= 32 - pos;
! t_m <<= 32 - pos;
! pos = 32;
! goto out;
! } else {
! return 0;
! }
! }
! } else if (*str == '/') {
! int start = pos;
! accum = 0;
! do {
! accum = (accum * 10) + *str++ - '0';
! } while (isdigit(*str));
! while (pos < start+accum && pos < 32) {
! t_a = (t_a << 1) | 0;
! t_m = (t_m << 1) | 1;
! pos++;
! }
! if (pos != start+accum) return 0;
! } else if (*str == 0) {
! break;
! } else {
! return 0;
! }
}
! out:
if (pos != 32) return 0;
! if (addr) addr->s_addr = htonl(t_a);
! if (mask) *mask = t_m;
return 1;
}
|
