/* $ModDesc: Provides handling of DNS blacklists */
/* Class holding data for a single entry */
-class DNSBLConfEntry
+class DNSBLConfEntry : public refcountbase
{
public:
enum EnumBanaction { I_UNKNOWN, I_KILL, I_ZLINE, I_KLINE, I_GLINE, I_MARK };
std::string theiruid;
LocalStringExt& nameExt;
LocalIntExt& countExt;
- DNSBLConfEntry *ConfEntry;
+ reference<DNSBLConfEntry> ConfEntry;
public:
- DNSBLResolver(Module *me, LocalStringExt& match, LocalIntExt& ctr, const std::string &hostname, LocalUser* u, DNSBLConfEntry *conf, bool &cached)
+ DNSBLResolver(Module *me, LocalStringExt& match, LocalIntExt& ctr, const std::string &hostname, LocalUser* u, reference<DNSBLConfEntry> conf, bool &cached)
: Resolver(hostname, DNS_QUERY_A, cached, me), theiruid(u->uuid), nameExt(match), countExt(ctr), ConfEntry(conf)
{
}
int i = countExt.get(them);
if (i)
countExt.set(them, i - 1);
- // Now we calculate the bitmask: 256*(256*(256*a+b)+c)+d
- if(result.length())
+ // All replies should be in 127.0.0.0/8
+ if (result.compare(0, 4, "127.") == 0)
{
unsigned int bitmask = 0, record = 0;
bool match = false;
switch (ConfEntry->type)
{
case DNSBLConfEntry::A_BITMASK:
+ // Now we calculate the bitmask: 256*(256*(256*a+b)+c)+d
bitmask = resultip.s_addr >> 24; /* Last octet (network byte order) */
bitmask &= ConfEntry->bitmask;
match = (bitmask != 0);
ServerInstance->XLines->ApplyLines();
}
else
+ {
delete kl;
+ return;
+ }
break;
}
case DNSBLConfEntry::I_GLINE:
ServerInstance->XLines->ApplyLines();
}
else
+ {
delete gl;
+ return;
+ }
break;
}
case DNSBLConfEntry::I_ZLINE:
ServerInstance->XLines->ApplyLines();
}
else
+ {
delete zl;
+ return;
+ }
break;
}
case DNSBLConfEntry::I_UNKNOWN:
ConfEntry->stats_misses++;
}
else
+ {
+ if (!result.empty())
+ ServerInstance->SNO->WriteGlobalSno('a', "DNSBL: %s returned address outside of acceptable subnet 127.0.0.0/8: %s", ConfEntry->domain.c_str(), result.c_str());
ConfEntry->stats_misses++;
+ }
}
}
class ModuleDNSBL : public Module
{
- std::vector<DNSBLConfEntry *> DNSBLConfEntries;
+ std::vector<reference<DNSBLConfEntry> > DNSBLConfEntries;
LocalStringExt nameExt;
LocalIntExt countExt;
ServerInstance->Modules->AddService(nameExt);
ServerInstance->Modules->AddService(countExt);
Implementation eventlist[] = { I_OnRehash, I_OnSetUserIP, I_OnStats, I_OnSetConnectClass, I_OnCheckReady };
- ServerInstance->Modules->Attach(eventlist, this, 5);
- }
-
- virtual ~ModuleDNSBL()
- {
- ClearEntries();
+ ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation));
}
Version GetVersion()
return Version("Provides handling of DNS blacklists", VF_VENDOR);
}
- /** Clear entries and free the mem it was using
- */
- void ClearEntries()
- {
- for (std::vector<DNSBLConfEntry *>::iterator i = DNSBLConfEntries.begin(); i != DNSBLConfEntries.end(); i++)
- delete *i;
- DNSBLConfEntries.clear();
- }
-
/** Fill our conf vector with data
*/
void ReadConf()
{
- ClearEntries();
+ DNSBLConfEntries.clear();
ConfigTagList dnsbls = ServerInstance->Config->ConfTags("dnsbl");
for(ConfigIter i = dnsbls.first; i != dnsbls.second; ++i)
{
ConfigTag* tag = i->second;
- DNSBLConfEntry *e = new DNSBLConfEntry();
+ reference<DNSBLConfEntry> e = new DNSBLConfEntry();
e->name = tag->getString("name");
e->ident = tag->getString("ident");
/* add it, all is ok */
DNSBLConfEntries.push_back(e);
- continue;
}
-
- /* delete and drop it, error somewhere */
- delete e;
}
}
snprintf(reversedipbuf, 128, "%d.%d.%d.%d", d, c, b, a);
reversedip = std::string(reversedipbuf);
+ countExt.set(user, DNSBLConfEntries.size());
+
// For each DNSBL, we will run through this lookup
unsigned int i = 0;
while (i < DNSBLConfEntries.size())
bool cached;
DNSBLResolver *r = new DNSBLResolver(this, nameExt, countExt, hostname, user, DNSBLConfEntries[i], cached);
ServerInstance->AddResolver(r, cached);
+ if (user->quitting)
+ break;
i++;
}
- countExt.set(user, i);
}
ModResult OnSetConnectClass(LocalUser* user, ConnectClass* myclass)
unsigned long total_hits = 0, total_misses = 0;
- for (std::vector<DNSBLConfEntry*>::iterator i = DNSBLConfEntries.begin(); i != DNSBLConfEntries.end(); i++)
+ for (std::vector<reference<DNSBLConfEntry> >::const_iterator i = DNSBLConfEntries.begin(); i != DNSBLConfEntries.end(); ++i)
{
total_hits += (*i)->stats_hits;
total_misses += (*i)->stats_misses;
projects / user / henk / code / inspircd.git / blobdiff