diff options
author | brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> | 2006-08-02 11:50:01 +0000 |
---|---|---|
committer | brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> | 2006-08-02 11:50:01 +0000 |
commit | 1d6b72a5ba80b7f56f20b67b92677ffba3994991 (patch) | |
tree | e95436fe6d69af332f46cb45170c01e60be92842 /src/modules/m_spanningtree.cpp | |
parent | 5b0b077e2a9a051b93b7837da79351ede361bcd6 (diff) |
(1) remove CleanAndResolve.
(2) remove feature of being able to bind hostnames in <bind> tags (it used CleanAndResolve) :p
(3) Fix the stuff in SpanningTree that used CleanAndResolve to validate connecting ip addresses - it now builds an 'allowed ip cache' on rehash/startup instead
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@4637 e03df62e-2008-0410-955e-edbf42e46eb7
Diffstat (limited to 'src/modules/m_spanningtree.cpp')
-rw-r--r-- | src/modules/m_spanningtree.cpp | 54 |
1 files changed, 34 insertions, 20 deletions
diff --git a/src/modules/m_spanningtree.cpp b/src/modules/m_spanningtree.cpp index d4bc5360e..3a811d1fa 100644 --- a/src/modules/m_spanningtree.cpp +++ b/src/modules/m_spanningtree.cpp @@ -139,6 +139,8 @@ extern std::vector<ZLine> pzlines; extern std::vector<QLine> pqlines; extern std::vector<ELine> pelines; +std::vector<std::string> ValidIPs; + class UserManager : public classbase { uid_hash uids; @@ -3032,27 +3034,8 @@ class TreeSocket : public InspSocket * IPs for which we don't have a link block. */ bool found = false; - char resolved_host[MAXBUF]; vector<Link>::iterator i; - for (i = LinkBlocks.begin(); i != LinkBlocks.end(); i++) - { - if (i->IPAddr == ip) - { - found = true; - break; - } - /* XXX: Fixme: blocks for a very short amount of time, - * we should cache these on rehash/startup - */ - if (CleanAndResolve(resolved_host,i->IPAddr.c_str(),true,1)) - { - if (std::string(resolved_host) == ip) - { - found = true; - break; - } - } - } + found = (std::find(ValidIPs.begin(), ValidIPs.end(), ip) != ValidIPs.end()); if (!found) { WriteOpers("Server connection from %s denied (no link blocks with that IP address)", ip); @@ -3116,6 +3099,26 @@ class ServernameResolver : public Resolver } }; +class SecurityIPResolver : public Resolver +{ + private: + Link MyLink; + public: + SecurityIPResolver(const std::string &hostname, Link x) : Resolver(hostname, true), MyLink(x) + { + } + + void OnLookupComplete(const std::string &result) + { + log(DEBUG,"Security IP cache: Adding IP address '%s' for Link '%s'",result.c_str(),MyLink.Name.c_str()); + ValidIPs.push_back(result); + } + + void OnError(ResolverError e) + { + log(DEBUG,"Could not resolve IP associated with Link '%s'!",MyLink.Name.c_str()); + } +}; void AddThisServer(TreeServer* server, std::deque<TreeServer*> &list) { @@ -3322,6 +3325,7 @@ void ReadConfiguration(bool rebind) FlatLinks = Conf->ReadFlag("options","flatlinks",0); HideULines = Conf->ReadFlag("options","hideulines",0); LinkBlocks.clear(); + ValidIPs.clear(); for (int j =0; j < Conf->Enumerate("link"); j++) { Link L; @@ -3337,6 +3341,16 @@ void ReadConfiguration(bool rebind) /* Bugfix by brain, do not allow people to enter bad configurations */ if ((L.IPAddr != "") && (L.RecvPass != "") && (L.SendPass != "") && (L.Name != "") && (L.Port)) { + ValidIPs.push_back(L.IPAddr); + + /* Needs resolving */ + insp_inaddr binip; + if (insp_aton(L.IPAddr.c_str(), &binip) < 1) + { + SecurityIPResolver* sr = new SecurityIPResolver(L.IPAddr, L); + Srv->AddResolver(sr); + } + LinkBlocks.push_back(L); log(DEBUG,"m_spanningtree: Read server %s with host %s:%d",L.Name.c_str(),L.IPAddr.c_str(),L.Port); } |