}
/* don't allow this user to spam modechanges */
- dest->IncreasePenalty(5);
+ IS_LOCAL(dest)->Penalty += 5;
if (adding)
{
std::string* cloak = ext.get(dest);
- if (!cloak)
+ if (!cloak && IS_LOCAL(dest))
{
/* Force creation of missing cloak */
- creator->OnUserConnect(dest);
+ creator->OnUserConnect(IS_LOCAL(dest));
cloak = ext.get(dest);
}
if (cloak)
return irc::stringjoiner(":", hashies, 0, hashies.size() - 1).GetJoined();
}
- std::string ReversePartialIP(const irc::sockets::sockaddrs& ip)
- {
- char rv[50];
- if (ip.sa.sa_family == AF_INET6)
- {
- snprintf(rv, 50, ".%02x%02x.%02x%02x.%02x%02x.IP",
- ip.in6.sin6_addr.s6_addr[4], ip.in6.sin6_addr.s6_addr[5],
- ip.in6.sin6_addr.s6_addr[2], ip.in6.sin6_addr.s6_addr[3],
- ip.in6.sin6_addr.s6_addr[0], ip.in6.sin6_addr.s6_addr[1]);
- }
- else
- {
- const unsigned char* ip4 = (const unsigned char*)&ip.in4.sin_addr;
- snprintf(rv, 50, ".%d.%d.IP", ip4[1], ip4[0]);
- }
- return rv;
- }
-
- std::string SegmentIP(const irc::sockets::sockaddrs& ip)
+ std::string SegmentIP(const irc::sockets::sockaddrs& ip, bool full)
{
std::string bindata;
- int hop1, hop2;
+ int hop1, hop2, hop3;
+ std::string rv;
if (ip.sa.sa_family == AF_INET6)
{
bindata = std::string((const char*)ip.in6.sin6_addr.s6_addr, 16);
hop1 = 8;
hop2 = 6;
+ hop3 = 4;
+ rv.reserve(prefix.length() + 37);
}
else
{
bindata = std::string((const char*)&ip.in4.sin_addr, 4);
hop1 = 3;
- hop2 = 2;
+ hop2 = 0;
+ hop3 = 2;
+ rv.reserve(prefix.length() + 30);
}
- std::string rv;
- rv.reserve(prefix.length() + 30);
rv.append(prefix);
- rv.append(SegmentCloak(bindata, 2));
+ rv.append(SegmentCloak(bindata, 10));
rv.append(1, '.');
bindata.erase(hop1);
- rv.append(SegmentCloak(bindata, 3));
- rv.append(1, '.');
- bindata.erase(hop2);
- rv.append(SegmentCloak(bindata, 4));
- rv.append(".IP");
+ rv.append(SegmentCloak(bindata, 11));
+ if (hop2)
+ {
+ rv.append(1, '.');
+ bindata.erase(hop2);
+ rv.append(SegmentCloak(bindata, 12));
+ }
+
+ if (full)
+ {
+ rv.append(1, '.');
+ bindata.erase(hop3);
+ rv.append(SegmentCloak(bindata, 13));
+ rv.append(".IP");
+ }
+ else
+ {
+ char buf[50];
+ if (ip.sa.sa_family == AF_INET6)
+ {
+ snprintf(buf, 50, ".%02x%02x.%02x%02x.IP",
+ ip.in6.sin6_addr.s6_addr[2], ip.in6.sin6_addr.s6_addr[3],
+ ip.in6.sin6_addr.s6_addr[0], ip.in6.sin6_addr.s6_addr[1]);
+ }
+ else
+ {
+ const unsigned char* ip4 = (const unsigned char*)&ip.in4.sin_addr;
+ snprintf(buf, 50, ".%d.%d.IP", ip4[1], ip4[0]);
+ }
+ rv.append(buf);
+ }
return rv;
}
void CloakExistingUsers()
{
std::string* cloak;
- for (std::vector<User*>::iterator u = ServerInstance->Users->local_users.begin(); u != ServerInstance->Users->local_users.end(); u++)
+ for (std::vector<LocalUser*>::iterator u = ServerInstance->Users->local_users.begin(); u != ServerInstance->Users->local_users.end(); u++)
{
cloak = cu.ext.get(*u);
if (!cloak)
* We must limit the keys or else we get different results on
* amd64/x86 boxes. - psychon */
const unsigned int limit = 0x80000000;
- compatkey[1] = (unsigned int) Conf.ReadInteger("cloak","key1",0,false);
- compatkey[2] = (unsigned int) Conf.ReadInteger("cloak","key2",0,false);
- compatkey[3] = (unsigned int) Conf.ReadInteger("cloak","key3",0,false);
- compatkey[4] = (unsigned int) Conf.ReadInteger("cloak","key4",0,false);
+ compatkey[0] = (unsigned int) Conf.ReadInteger("cloak","key1",0,false);
+ compatkey[1] = (unsigned int) Conf.ReadInteger("cloak","key2",0,false);
+ compatkey[2] = (unsigned int) Conf.ReadInteger("cloak","key3",0,false);
+ compatkey[3] = (unsigned int) Conf.ReadInteger("cloak","key4",0,false);
if (!lowercase)
{
if (prefix.empty())
prefix = ServerInstance->Config->Network;
- if (!compatkey[1] || !compatkey[2] || !compatkey[3] || !compatkey[4] ||
- compatkey[1] >= limit || compatkey[2] >= limit || compatkey[3] >= limit || compatkey[4] >= limit)
+ if (!compatkey[0] || !compatkey[1] || !compatkey[2] || !compatkey[3] ||
+ compatkey[0] >= limit || compatkey[1] >= limit || compatkey[2] >= limit || compatkey[3] >= limit)
{
std::string detail;
- if (!compatkey[1] || compatkey[1] >= limit)
+ if (!compatkey[0] || compatkey[0] >= limit)
detail = "<cloak:key1> is not valid, it may be set to a too high/low value, or it may not exist.";
- else if (!compatkey[2] || compatkey[2] >= limit)
+ else if (!compatkey[1] || compatkey[1] >= limit)
detail = "<cloak:key2> is not valid, it may be set to a too high/low value, or it may not exist.";
- else if (!compatkey[3] || compatkey[3] >= limit)
+ else if (!compatkey[2] || compatkey[2] >= limit)
detail = "<cloak:key3> is not valid, it may be set to a too high/low value, or it may not exist.";
- else if (!compatkey[4] || compatkey[4] >= limit)
+ else if (!compatkey[3] || compatkey[3] >= limit)
detail = "<cloak:key4> is not valid, it may be set to a too high/low value, or it may not exist.";
throw ModuleException("You have not defined cloak keys for m_cloaking!!! THIS IS INSECURE AND SHOULD BE CHECKED! - " + detail);
}
}
- void OnUserConnect(User* dest)
+ void OnUserConnect(LocalUser* dest)
{
std::string* cloak = cu.ext.get(dest);
if (cloak)
break;
case MODE_HALF_CLOAK:
{
- std::string tail;
if (ipstr != dest->host)
- tail = LastTwoDomainParts(dest->host);
- if (tail.empty() || tail.length() > 50)
- tail = ReversePartialIP(dest->client_sa);
- chost = prefix + SegmentCloak(dest->host, 1) + tail;
+ chost = prefix + SegmentCloak(dest->host, 1) + LastTwoDomainParts(dest->host);
+ if (chost.empty() || chost.length() > 50)
+ chost = SegmentIP(dest->client_sa, false);
break;
}
case MODE_OPAQUE:
default:
- chost = prefix + SegmentIP(dest->client_sa);
+ chost = SegmentIP(dest->client_sa, true);
}
cu.ext.set(dest,chost);
}