if (adding)
{
// assume this is more correct
- if (user->registered != REG_ALL && user->host != user->dhost)
+ if (user->registered != REG_ALL && user->GetRealHost() != user->GetDisplayedHost())
return MODEACTION_DENY;
std::string* cloak = ext.get(user);
* and make it match the displayed one.
*/
user->SetMode(this, false);
- user->ChangeDisplayedHost(user->host.c_str());
+ user->ChangeDisplayedHost(user->GetRealHost().c_str());
return MODEACTION_ALLOW;
}
}
std::string prefix;
std::string suffix;
std::string key;
+ unsigned int domainparts;
dynamic_reference<HashProvider> Hash;
ModuleCloaking() : cu(this), mode(MODE_OPAQUE), ck(this), Hash(this, "hash/md5")
*/
std::string LastTwoDomainParts(const std::string &host)
{
- int dots = 0;
+ unsigned int dots = 0;
std::string::size_type splitdot = host.length();
for (std::string::size_type x = host.length() - 1; x; --x)
splitdot = x;
dots++;
}
- if (dots >= 3)
+ if (dots >= domainparts)
break;
}
* @param id A unique ID for this type of item (to make it unique if the item matches)
* @param len The length of the output. Maximum for MD5 is 16 characters.
*/
- std::string SegmentCloak(const std::string& item, char id, int len)
+ std::string SegmentCloak(const std::string& item, char id, size_t len)
{
std::string input;
input.reserve(key.length() + 3 + item.length());
input.append(item);
std::string rv = Hash->GenerateRaw(input).substr(0,len);
- for(int i=0; i < len; i++)
+ for(size_t i = 0; i < len; i++)
{
// this discards 3 bits per byte. We have an
// overabundance of bits in the hash output, doesn't
std::string SegmentIP(const irc::sockets::sockaddrs& ip, bool full)
{
std::string bindata;
- int hop1, hop2, hop3;
- int len1, len2;
+ size_t hop1, hop2, hop3;
+ size_t len1, len2;
std::string rv;
if (ip.sa.sa_family == AF_INET6)
{
OnUserConnect(lu);
std::string* cloak = cu.ext.get(user);
/* Check if they have a cloaked host, but are not using it */
- if (cloak && *cloak != user->dhost)
+ if (cloak && *cloak != user->GetDisplayedHost())
{
const std::string cloakMask = user->nick + "!" + user->ident + "@" + *cloak;
if (InspIRCd::Match(cloakMask, mask))
switch (mode)
{
case MODE_HALF_CLOAK:
- testcloak = prefix + SegmentCloak("*", 3, 8) + suffix;
+ // Use old cloaking verification to stay compatible with 2.0
+ // But verify domainparts when use 3.0-only features
+ if (domainparts == 3)
+ testcloak = prefix + SegmentCloak("*", 3, 8) + suffix;
+ else
+ {
+ irc::sockets::sockaddrs sa;
+ testcloak = GenCloak(sa, "", testcloak + ConvToStr(domainparts));
+ }
break;
case MODE_OPAQUE:
testcloak = prefix + SegmentCloak("*", 4, 8) + suffix;
std::string modestr = tag->getString("mode");
if (modestr == "half")
+ {
mode = MODE_HALF_CLOAK;
+ domainparts = tag->getInt("domainparts", 3, 1, 10);
+ }
else if (modestr == "full")
mode = MODE_OPAQUE;
else
if (cloak)
return;
- cu.ext.set(dest, GenCloak(dest->client_sa, dest->GetIPString(), dest->host));
+ cu.ext.set(dest, GenCloak(dest->client_sa, dest->GetIPString(), dest->GetRealHost()));
}
};