CloakUser(Module* source)
: ModeHandler(source, "cloak", 'x', PARAM_NONE, MODETYPE_USER),
- ext("cloaked_host", source), debounce_ts(0), debounce_count(0)
+ ext("cloaked_host", ExtensionItem::EXT_USER, source), debounce_ts(0), debounce_count(0)
{
}
if (adding)
{
+ // assume this is more correct
+ if (user->registered != REG_ALL && user->GetRealHost() != user->GetDisplayedHost())
+ return MODEACTION_DENY;
+
std::string* cloak = ext.get(user);
if (!cloak)
* and make it match the displayed one.
*/
user->SetMode(this, false);
- user->ChangeDisplayedHost(user->host.c_str());
+ user->ChangeDisplayedHost(user->GetRealHost().c_str());
return MODEACTION_ALLOW;
}
}
std::string prefix;
std::string suffix;
std::string key;
- const char* xtab[4];
+ unsigned int domainparts;
dynamic_reference<HashProvider> Hash;
ModuleCloaking() : cu(this), mode(MODE_OPAQUE), ck(this), Hash(this, "hash/md5")
*/
std::string LastTwoDomainParts(const std::string &host)
{
- int dots = 0;
+ unsigned int dots = 0;
std::string::size_type splitdot = host.length();
for (std::string::size_type x = host.length() - 1; x; --x)
splitdot = x;
dots++;
}
- if (dots >= 3)
+ if (dots >= domainparts)
break;
}
input.append(1, '\0'); // null does not terminate a C++ string
input.append(item);
- std::string rv = Hash->Generate(input).substr(0,len);
+ std::string rv = Hash->GenerateRaw(input).substr(0,len);
for(int i=0; i < len; i++)
{
// this discards 3 bits per byte. We have an
}
else
{
- char buf[50];
if (ip.sa.sa_family == AF_INET6)
{
- snprintf(buf, 50, ".%02x%02x.%02x%02x%s",
+ rv.append(InspIRCd::Format(".%02x%02x.%02x%02x%s",
ip.in6.sin6_addr.s6_addr[2], ip.in6.sin6_addr.s6_addr[3],
- ip.in6.sin6_addr.s6_addr[0], ip.in6.sin6_addr.s6_addr[1], suffix.c_str());
+ ip.in6.sin6_addr.s6_addr[0], ip.in6.sin6_addr.s6_addr[1], suffix.c_str()));
}
else
{
const unsigned char* ip4 = (const unsigned char*)&ip.in4.sin_addr;
- snprintf(buf, 50, ".%d.%d%s", ip4[1], ip4[0], suffix.c_str());
+ rv.append(InspIRCd::Format(".%d.%d%s", ip4[1], ip4[0], suffix.c_str()));
}
- rv.append(buf);
}
return rv;
}
OnUserConnect(lu);
std::string* cloak = cu.ext.get(user);
/* Check if they have a cloaked host, but are not using it */
- if (cloak && *cloak != user->dhost)
+ if (cloak && *cloak != user->GetDisplayedHost())
{
const std::string cloakMask = user->nick + "!" + user->ident + "@" + *cloak;
if (InspIRCd::Match(cloakMask, mask))
return MOD_RES_PASSTHRU;
}
- void Prioritize()
+ void Prioritize() CXX11_OVERRIDE
{
/* Needs to be after m_banexception etc. */
ServerInstance->Modules->SetPriority(this, I_OnCheckBan, PRIORITY_LAST);
switch (mode)
{
case MODE_HALF_CLOAK:
- testcloak = prefix + SegmentCloak("*", 3, 8) + suffix;
+ // Use old cloaking verification to stay compatible with 2.0
+ // But verify domainparts when use 3.0-only features
+ if (domainparts == 3)
+ testcloak = prefix + SegmentCloak("*", 3, 8) + suffix;
+ else
+ {
+ irc::sockets::sockaddrs sa;
+ testcloak = GenCloak(sa, "", testcloak + ConvToStr(domainparts));
+ }
break;
case MODE_OPAQUE:
testcloak = prefix + SegmentCloak("*", 4, 8) + suffix;
std::string modestr = tag->getString("mode");
if (modestr == "half")
+ {
mode = MODE_HALF_CLOAK;
+ domainparts = tag->getInt("domainparts", 3, 1, 10);
+ }
else if (modestr == "full")
mode = MODE_OPAQUE;
else
{
std::string chost;
+ irc::sockets::sockaddrs hostip;
+ bool host_is_ip = irc::sockets::aptosa(host, ip.port(), hostip) && hostip == ip;
+
switch (mode)
{
case MODE_HALF_CLOAK:
{
- if (ipstr != host)
+ if (!host_is_ip)
chost = prefix + SegmentCloak(host, 1, 6) + LastTwoDomainParts(host);
if (chost.empty() || chost.length() > 50)
chost = SegmentIP(ip, false);
if (cloak)
return;
- cu.ext.set(dest, GenCloak(dest->client_sa, dest->GetIPString(), dest->host));
+ cu.ext.set(dest, GenCloak(dest->client_sa, dest->GetIPString(), dest->GetRealHost()));
}
};