unsigned int key4;
Module* Sender;
Module* HashProvider;
+
+ /** This function takes a domain name string and returns just the last two domain parts,
+ * or the last domain part if only two are available. Failing that it just returns what it was given.
+ *
+ * For example, if it is passed "svn.inspircd.org" it will return ".inspircd.org".
+ * If it is passed "brainbox.winbot.co.uk" it will return ".co.uk",
+ * and if it is passed "localhost.localdomain" it will return ".localdomain".
+ *
+ * This is used to ensure a significant part of the host is always cloaked (see Bug #216)
+ */
+ std::string LastTwoDomainParts(const std::string &host)
+ {
+ int dots = 0;
+ std::string::size_type splitdot = host.length();
+
+ for (std::string::size_type x = host.length() - 1; x; --x)
+ {
+ if (host[x] == '.')
+ {
+ splitdot = x;
+ dots++;
+ }
+ if (dots >= 3)
+ break;
+ }
+
+ if (splitdot == host.length())
+ return host;
+ else
+ return host.substr(splitdot);
+ }
public:
CloakUser(InspIRCd* Instance, Module* Source, Module* Hash) : ModeHandler(Instance, 'x', 0, 0, false, MODETYPE_USER, false), Sender(Source), HashProvider(Hash)
*/
unsigned int iv[] = { key1, key2, key3, key4 };
- std::string a = (n1 ? n1 : n2);
+ std::string a = LastTwoDomainParts(dest->host);
std::string b;
- insp_inaddr testaddr;
/** Reset the Hash module, and send it our IV and hex table */
HashResetRequest(Sender, HashProvider).Send();
*/
#ifdef IPV6
in6_addr testaddr;
- if ((dest->GetProtocolFamily() == AF_INET6) && (insp_pton(AF_INET6,dest->host,&testaddr) < 1) && (hostcloak.length() <= 64))
+ in_addr testaddr2;
+ if ((dest->GetProtocolFamily() == AF_INET6) && (inet_pton(AF_INET6,dest->host,&testaddr) < 1) && (hostcloak.length() <= 64))
/* Invalid ipv6 address, and ipv6 user (resolved host) */
b = hostcloak;
- else if ((dest->GetProtocolFamily() == AF_INET6) && (inet_aton(dest->host,&testaddr) < 1) && (hostcloak.length() <= 64))
+ else if ((dest->GetProtocolFamily() == AF_INET) && (inet_aton(dest->host,&testaddr2) < 1) && (hostcloak.length() <= 64))
/* Invalid ipv4 address, and ipv4 user (resolved host) */
b = hostcloak;
else
/* Valid ipv6 or ipv4 address (not resolved) ipv4 or ipv6 user */
- b = ((b.find(':') == std::string::npos) ? Cloak4(dest->host) : Cloak6(dest->host));
+ b = ((!strchr(dest->host,':')) ? Cloak4(dest->host) : Cloak6(dest->host));
#else
+ in_addr testaddr;
if ((inet_aton(dest->host,&testaddr) < 1) && (hostcloak.length() <= 64))
/* Invalid ipv4 address, and ipv4 user (resolved host) */
b = hostcloak;
std::string Cloak6(const char* ip)
{
+ /* Theyre using 4in6 (YUCK). Translate as ipv4 cloak */
+ if (!strncmp(ip, "0::ffff:", 8))
+ return Cloak4(ip + 8);
+
+ /* If we get here, yes it really is an ipv6 ip */
unsigned int iv[] = { key1, key2, key3, key4 };
std::vector<std::string> hashies;
std::string item = "";