X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_cloaking.cpp;h=105d688337d20d0afb767059815bf10ace8c5671;hb=aec9540601a8ca8632d0a4e0c4cec1484cfef99a;hp=92fac501e98519019e8083e12644e5911f22014c;hpb=e91d5023f3ace4bb80d197621d6dc20b6e293641;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/m_cloaking.cpp b/src/modules/m_cloaking.cpp index 92fac501e..105d68833 100644 --- a/src/modules/m_cloaking.cpp +++ b/src/modules/m_cloaking.cpp @@ -1,479 +1,562 @@ -/* +------------------------------------+ - * | Inspire Internet Relay Chat Daemon | - * +------------------------------------+ +/* + * InspIRCd -- Internet Relay Chat Daemon * - * InspIRCd is copyright (C) 2002-2006 ChatSpike-Dev. - * E-mail: - * - * - * - * Written by Craig Edwards, Craig McLure, and others. - * This program is free but copyrighted software; see - * the file COPYING for details. + * Copyright (C) 2009-2010 Daniel De Graaf + * Copyright (C) 2006-2008 Robin Burchell + * Copyright (C) 2008 Pippijn van Steenhoven + * Copyright (C) 2003-2008 Craig Edwards + * Copyright (C) 2007 John Brooks + * Copyright (C) 2007 Dennis Friis + * Copyright (C) 2006 Oliver Lupton * - * --------------------------------------------------- + * This file is part of InspIRCd. InspIRCd is free software: you can + * redistribute it and/or modify it under the terms of the GNU General Public + * License as published by the Free Software Foundation, version 2. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more + * details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . */ -// Hostname cloaking (+x mode) module for inspircd. -// version 1.0.0.1 by brain (C. J. Edwards) Mar 2004. -// -// When loaded this module will automatically set the -// +x mode on all connecting clients. -// -// Setting +x on a client causes the module to change the -// dhost entry (displayed host) for each user who has the -// mode, cloaking their host. Unlike unreal, the algorithm -// is non-reversible as uncloaked hosts are passed along -// the server->server link, and all encoding of hosts is -// done locally on the server by this module. - -#include -#include -#include -#include -#include "inspircd_config.h" -#ifdef HAS_STDINT -#include -#endif -#include "configreader.h" + #include "inspircd.h" -#include "users.h" -#include "channels.h" -#include "modules.h" +#include "hash.h" /* $ModDesc: Provides masking of user hostnames */ -extern InspIRCd* ServerInstance; +enum CloakMode +{ + /** 1.2-compatible host-based cloak */ + MODE_COMPAT_HOST, + /** 1.2-compatible IP-only cloak */ + MODE_COMPAT_IPONLY, + /** 2.0 cloak of "half" of the hostname plus the full IP hash */ + MODE_HALF_CLOAK, + /** 2.0 cloak of IP hash, split at 2 common CIDR range points */ + MODE_OPAQUE +}; -/* The four core functions - F1 is optimized somewhat */ +// lowercase-only encoding similar to base64, used for hash output +static const char base32[] = "0123456789abcdefghijklmnopqrstuv"; -#define F1(x, y, z) (z ^ (x & (y ^ z))) -#define F2(x, y, z) F1(z, x, y) -#define F3(x, y, z) (x ^ y ^ z) -#define F4(x, y, z) (y ^ (x | ~z)) -#define MD5STEP(f,w,x,y,z,in,s) (w += f(x,y,z) + in, w = (w<>(32-s)) + x) +/** Handles user mode +x + */ +class CloakUser : public ModeHandler +{ + public: + LocalStringExt ext; -#ifndef HAS_STDINT -typedef unsigned int uint32_t; -#endif + std::string debounce_uid; + time_t debounce_ts; + int debounce_count; -typedef uint32_t word32; /* NOT unsigned long. We don't support 16 bit platforms, anyway. */ -typedef unsigned char byte; + CloakUser(Module* source) + : ModeHandler(source, "cloak", 'x', PARAM_NONE, MODETYPE_USER), + ext("cloaked_host", source), debounce_ts(0), debounce_count(0) + { + } -class xMD5Context : public classbase + ModeAction OnModeChange(User* source, User* dest, Channel* channel, std::string ¶meter, bool adding) + { + LocalUser* user = IS_LOCAL(dest); + + /* For remote clients, we don't take any action, we just allow it. + * The local server where they are will set their cloak instead. + * This is fine, as we will receive it later. + */ + if (!user) + { + dest->SetMode('x',adding); + return MODEACTION_ALLOW; + } + + if (user->uuid == debounce_uid && debounce_ts == ServerInstance->Time()) + { + // prevent spamming using /mode user +x-x+x-x+x-x + if (++debounce_count > 2) + return MODEACTION_DENY; + } + else + { + debounce_uid = user->uuid; + debounce_count = 1; + debounce_ts = ServerInstance->Time(); + } + + if (adding == user->IsModeSet('x')) + return MODEACTION_DENY; + + /* don't allow this user to spam modechanges */ + if (source == dest) + user->CommandFloodPenalty += 5000; + + if (adding) + { + std::string* cloak = ext.get(user); + + if (!cloak) + { + /* Force creation of missing cloak */ + creator->OnUserConnect(user); + cloak = ext.get(user); + } + if (cloak) + { + user->ChangeDisplayedHost(cloak->c_str()); + user->SetMode('x',true); + return MODEACTION_ALLOW; + } + else + return MODEACTION_DENY; + } + else + { + /* User is removing the mode, so restore their real host + * and make it match the displayed one. + */ + user->SetMode('x',false); + user->ChangeDisplayedHost(user->host.c_str()); + return MODEACTION_ALLOW; + } + } + +}; + +class CommandCloak : public Command { public: - word32 buf[4]; - word32 bytes[2]; - word32 in[16]; + CommandCloak(Module* Creator) : Command(Creator, "CLOAK", 1) + { + flags_needed = 'o'; + syntax = ""; + } + + CmdResult Handle(const std::vector ¶meters, User *user); }; -class CloakUser : public ModeHandler +class ModuleCloaking : public Module { - Server* Srv; + public: + CloakUser cu; + CloakMode mode; + CommandCloak ck; std::string prefix; - word32 key1; - word32 key2; - word32 key3; - word32 key4; - - void byteSwap(word32 *buf, unsigned words) + std::string suffix; + std::string key; + unsigned int compatkey[4]; + const char* xtab[4]; + dynamic_reference Hash; + + ModuleCloaking() : cu(this), mode(MODE_OPAQUE), ck(this), Hash(this, "hash/md5") { - byte *p = (byte *)buf; - - do - { - *buf++ = (word32)((unsigned)p[3] << 8 | p[2]) << 16 | - ((unsigned)p[1] << 8 | p[0]); - p += 4; - } while (--words); } - void xMD5Init(struct xMD5Context *ctx) + void init() { - ctx->buf[0] = key1; - ctx->buf[1] = key2; - ctx->buf[2] = key3; - ctx->buf[3] = key4; + OnRehash(NULL); + + ServerInstance->Modules->AddService(cu); + ServerInstance->Modules->AddService(ck); + ServerInstance->Modules->AddService(cu.ext); - ctx->bytes[0] = 0; - ctx->bytes[1] = 0; + Implementation eventlist[] = { I_OnRehash, I_OnCheckBan, I_OnUserConnect, I_OnChangeHost }; + ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation)); } - void xMD5Update(struct xMD5Context *ctx, byte const *buf, int len) + /** This function takes a domain name string and returns just the last two domain parts, + * or the last domain part if only two are available. Failing that it just returns what it was given. + * + * For example, if it is passed "svn.inspircd.org" it will return ".inspircd.org". + * If it is passed "brainbox.winbot.co.uk" it will return ".co.uk", + * and if it is passed "localhost.localdomain" it will return ".localdomain". + * + * This is used to ensure a significant part of the host is always cloaked (see Bug #216) + */ + std::string LastTwoDomainParts(const std::string &host) { - word32 t; - - /* Update byte count */ - - t = ctx->bytes[0]; - if ((ctx->bytes[0] = t + len) < t) - ctx->bytes[1]++; /* Carry from low to high */ + int dots = 0; + std::string::size_type splitdot = host.length(); - t = 64 - (t & 0x3f); /* Space available in ctx->in (at least 1) */ - if ((unsigned)t > (unsigned)len) + for (std::string::size_type x = host.length() - 1; x; --x) { - memcpy((byte *)ctx->in + 64 - (unsigned)t, buf, len); - return; - } - /* First chunk is an odd size */ - memcpy((byte *)ctx->in + 64 - (unsigned)t, buf, (unsigned)t); - byteSwap(ctx->in, 16); - xMD5Transform(ctx->buf, ctx->in); - buf += (unsigned)t; - len -= (unsigned)t; - - /* Process data in 64-byte chunks */ - while (len >= 64) - { - memcpy(ctx->in, buf, 64); - byteSwap(ctx->in, 16); - xMD5Transform(ctx->buf, ctx->in); - buf += 64; - len -= 64; + if (host[x] == '.') + { + splitdot = x; + dots++; + } + if (dots >= 3) + break; } - /* Handle any remaining bytes of data. */ - memcpy(ctx->in, buf, len); + if (splitdot == host.length()) + return ""; + else + return host.substr(splitdot); } - void xMD5Final(byte digest[16], struct xMD5Context *ctx) + /** + * 2.0-style cloaking function + * @param item The item to cloak (part of an IP or hostname) + * @param id A unique ID for this type of item (to make it unique if the item matches) + * @param len The length of the output. Maximum for MD5 is 16 characters. + */ + std::string SegmentCloak(const std::string& item, char id, int len) { - int count = (int)(ctx->bytes[0] & 0x3f); /* Bytes in ctx->in */ - byte *p = (byte *)ctx->in + count; /* First unused byte */ - - /* Set the first char of padding to 0x80. There is always room. */ - *p++ = 0x80; - - /* Bytes of padding needed to make 56 bytes (-8..55) */ - count = 56 - 1 - count; - - if (count < 0) - { /* Padding forces an extra block */ - memset(p, 0, count+8); - byteSwap(ctx->in, 16); - xMD5Transform(ctx->buf, ctx->in); - p = (byte *)ctx->in; - count = 56; + std::string input; + input.reserve(key.length() + 3 + item.length()); + input.append(1, id); + input.append(key); + input.append(1, '\0'); // null does not terminate a C++ string + input.append(item); + + std::string rv = Hash->sum(input).substr(0,len); + for(int i=0; i < len; i++) + { + // this discards 3 bits per byte. We have an + // overabundance of bits in the hash output, doesn't + // matter which ones we are discarding. + rv[i] = base32[rv[i] & 0x1F]; } - memset(p, 0, count+8); - byteSwap(ctx->in, 14); - - /* Append length in bits and transform */ - ctx->in[14] = ctx->bytes[0] << 3; - ctx->in[15] = ctx->bytes[1] << 3 | ctx->bytes[0] >> 29; - xMD5Transform(ctx->buf, ctx->in); - - byteSwap(ctx->buf, 4); - memcpy(digest, ctx->buf, 16); - memset(ctx, 0, sizeof(ctx)); + return rv; } - void xMD5Transform(word32 buf[4], word32 const in[16]) + std::string CompatCloak4(const char* ip) { - register word32 a, b, c, d; - - a = buf[0]; - b = buf[1]; - c = buf[2]; - d = buf[3]; - - MD5STEP(F1, a, b, c, d, in[0] + 0xd76aa478, 7); - MD5STEP(F1, d, a, b, c, in[1] + 0xe8c7b756, 12); - MD5STEP(F1, c, d, a, b, in[2] + 0x242070db, 17); - MD5STEP(F1, b, c, d, a, in[3] + 0xc1bdceee, 22); - MD5STEP(F1, a, b, c, d, in[4] + 0xf57c0faf, 7); - MD5STEP(F1, d, a, b, c, in[5] + 0x4787c62a, 12); - MD5STEP(F1, c, d, a, b, in[6] + 0xa8304613, 17); - MD5STEP(F1, b, c, d, a, in[7] + 0xfd469501, 22); - MD5STEP(F1, a, b, c, d, in[8] + 0x698098d8, 7); - MD5STEP(F1, d, a, b, c, in[9] + 0x8b44f7af, 12); - MD5STEP(F1, c, d, a, b, in[10] + 0xffff5bb1, 17); - MD5STEP(F1, b, c, d, a, in[11] + 0x895cd7be, 22); - MD5STEP(F1, a, b, c, d, in[12] + 0x6b901122, 7); - MD5STEP(F1, d, a, b, c, in[13] + 0xfd987193, 12); - MD5STEP(F1, c, d, a, b, in[14] + 0xa679438e, 17); - MD5STEP(F1, b, c, d, a, in[15] + 0x49b40821, 22); - - MD5STEP(F2, a, b, c, d, in[1] + 0xf61e2562, 5); - MD5STEP(F2, d, a, b, c, in[6] + 0xc040b340, 9); - MD5STEP(F2, c, d, a, b, in[11] + 0x265e5a51, 14); - MD5STEP(F2, b, c, d, a, in[0] + 0xe9b6c7aa, 20); - MD5STEP(F2, a, b, c, d, in[5] + 0xd62f105d, 5); - MD5STEP(F2, d, a, b, c, in[10] + 0x02441453, 9); - MD5STEP(F2, c, d, a, b, in[15] + 0xd8a1e681, 14); - MD5STEP(F2, b, c, d, a, in[4] + 0xe7d3fbc8, 20); - MD5STEP(F2, a, b, c, d, in[9] + 0x21e1cde6, 5); - MD5STEP(F2, d, a, b, c, in[14] + 0xc33707d6, 9); - MD5STEP(F2, c, d, a, b, in[3] + 0xf4d50d87, 14); - MD5STEP(F2, b, c, d, a, in[8] + 0x455a14ed, 20); - MD5STEP(F2, a, b, c, d, in[13] + 0xa9e3e905, 5); - MD5STEP(F2, d, a, b, c, in[2] + 0xfcefa3f8, 9); - MD5STEP(F2, c, d, a, b, in[7] + 0x676f02d9, 14); - MD5STEP(F2, b, c, d, a, in[12] + 0x8d2a4c8a, 20); - - MD5STEP(F3, a, b, c, d, in[5] + 0xfffa3942, 4); - MD5STEP(F3, d, a, b, c, in[8] + 0x8771f681, 11); - MD5STEP(F3, c, d, a, b, in[11] + 0x6d9d6122, 16); - MD5STEP(F3, b, c, d, a, in[14] + 0xfde5380c, 23); - MD5STEP(F3, a, b, c, d, in[1] + 0xa4beea44, 4); - MD5STEP(F3, d, a, b, c, in[4] + 0x4bdecfa9, 11); - MD5STEP(F3, c, d, a, b, in[7] + 0xf6bb4b60, 16); - MD5STEP(F3, b, c, d, a, in[10] + 0xbebfbc70, 23); - MD5STEP(F3, a, b, c, d, in[13] + 0x289b7ec6, 4); - MD5STEP(F3, d, a, b, c, in[0] + 0xeaa127fa, 11); - MD5STEP(F3, c, d, a, b, in[3] + 0xd4ef3085, 16); - MD5STEP(F3, b, c, d, a, in[6] + 0x04881d05, 23); - MD5STEP(F3, a, b, c, d, in[9] + 0xd9d4d039, 4); - MD5STEP(F3, d, a, b, c, in[12] + 0xe6db99e5, 11); - MD5STEP(F3, c, d, a, b, in[15] + 0x1fa27cf8, 16); - MD5STEP(F3, b, c, d, a, in[2] + 0xc4ac5665, 23); - - MD5STEP(F4, a, b, c, d, in[0] + 0xf4292244, 6); - MD5STEP(F4, d, a, b, c, in[7] + 0x432aff97, 10); - MD5STEP(F4, c, d, a, b, in[14] + 0xab9423a7, 15); - MD5STEP(F4, b, c, d, a, in[5] + 0xfc93a039, 21); - MD5STEP(F4, a, b, c, d, in[12] + 0x655b59c3, 6); - MD5STEP(F4, d, a, b, c, in[3] + 0x8f0ccc92, 10); - MD5STEP(F4, c, d, a, b, in[10] + 0xffeff47d, 15); - MD5STEP(F4, b, c, d, a, in[1] + 0x85845dd1, 21); - MD5STEP(F4, a, b, c, d, in[8] + 0x6fa87e4f, 6); - MD5STEP(F4, d, a, b, c, in[15] + 0xfe2ce6e0, 10); - MD5STEP(F4, c, d, a, b, in[6] + 0xa3014314, 15); - MD5STEP(F4, b, c, d, a, in[13] + 0x4e0811a1, 21); - MD5STEP(F4, a, b, c, d, in[4] + 0xf7537e82, 6); - MD5STEP(F4, d, a, b, c, in[11] + 0xbd3af235, 10); - MD5STEP(F4, c, d, a, b, in[2] + 0x2ad7d2bb, 15); - MD5STEP(F4, b, c, d, a, in[9] + 0xeb86d391, 21); - - buf[0] += a; - buf[1] += b; - buf[2] += c; - buf[3] += d; - } + irc::sepstream seps(ip, '.'); + std::string octet[4]; + int i[4]; + for (int j = 0; j < 4; j++) + { + seps.GetToken(octet[j]); + i[j] = atoi(octet[j].c_str()); + } - void MyMD5(void *dest, void *orig, int len) - { - struct xMD5Context context; - - xMD5Init(&context); - xMD5Update(&context, (const unsigned char*)orig, len); - xMD5Final((unsigned char*)dest, &context); - } + octet[3] = octet[0] + "." + octet[1] + "." + octet[2] + "." + octet[3]; + octet[2] = octet[0] + "." + octet[1] + "." + octet[2]; + octet[1] = octet[0] + "." + octet[1]; + /* Reset the Hash module and send it our IV */ - void GenHash(char* src, char* dest) - { - // purposefully lossy md5 - only gives them the most significant 4 bits - // of every md5 output byte. - int i = 0; - unsigned char bytes[16]; - char hash[MAXBUF]; - *hash = 0; - MyMD5((char*)bytes,src,strlen(src)); - for (i = 0; i < 16; i++) + std::string rv; + + /* Send the Hash module a different hex table for each octet group's Hash sum */ + for (int k = 0; k < 4; k++) { - const char* xtab = "F92E45D871BCA630"; - unsigned char hi = xtab[bytes[i] / 16]; - char hx[2]; - hx[0] = hi; - hx[1] = '\0'; - strlcat(hash,hx,MAXBUF); + rv.append(Hash->sumIV(compatkey, xtab[(compatkey[k]+i[k]) % 4], octet[k]).substr(0,6)); + if (k < 3) + rv.append("."); } - strlcpy(dest,hash,MAXBUF); + /* Stick them all together */ + return rv; } - - public: - CloakUser(Server* Me) : ModeHandler('x', 0, 0, false, MODETYPE_USER, false), Srv(Me) { } - ModeAction OnModeChange(userrec* source, userrec* dest, chanrec* channel, std::string ¶meter, bool adding) + std::string CompatCloak6(const char* ip) { - /* Only opers can change other users modes */ - if ((source != dest) && (!*source->oper)) - return MODEACTION_DENY; + std::vector hashies; + std::string item; + int rounds = 0; - /* For remote clients, we dont take any action, we just allow it. - * The local server where they are will set their cloak instead. - */ - if (!IS_LOCAL(dest)) - return MODEACTION_ALLOW; + /* Reset the Hash module and send it our IV */ - if (adding) + for (const char* input = ip; *input; input++) { - if(!dest->IsModeSet('x')) + item += *input; + if (item.length() > 7) { - /* The mode is being turned on - so attempt to - * allocate the user a cloaked host using a non-reversible - * algorithm (its simple, but its non-reversible so the - * simplicity doesnt really matter). This algorithm - * will not work if the user has only one level of domain - * naming in their hostname (e.g. if they are on a lan or - * are connecting via localhost) -- this doesnt matter much. - */ - - if (strchr(dest->host,'.') || strchr(dest->host,':')) - { - /* InspIRCd users have two hostnames; A displayed - * hostname which can be modified by modules (e.g. - * to create vhosts, implement chghost, etc) and a - * 'real' hostname which you shouldnt write to. - */ - - char* n = strstr(dest->host,"."); - if (!n) - n = strstr(dest->host,":"); - - std::string a = n; - - char ra[64]; - this->GenHash(dest->host,ra); - std::string b = ""; - insp_inaddr testaddr; - std::string hostcloak = prefix + "-" + std::string(ra) + a; - - /* Fix by brain - if the cloaked host is > the max length of a host (64 bytes - * according to the DNS RFC) then tough titty, they get cloaked as an IP. - * Their ISP shouldnt go to town on subdomains, or they shouldnt have a kiddie - * vhost. - */ - - if ((insp_aton(dest->host,&testaddr) < 1) && (hostcloak.length() < 64)) - { - // if they have a hostname, make something appropriate - b = hostcloak; - } - else - { - // else, they have an ip - b = std::string(ra) + "." + prefix + ".cloak"; - } - log(DEBUG,"cloak: allocated "+b); - dest->ChangeDisplayedHost(b.c_str()); - } - - dest->SetMode('x',true); - return MODEACTION_ALLOW; + hashies.push_back(Hash->sumIV(compatkey, xtab[(compatkey[0]+rounds) % 4], item).substr(0,8)); + item.clear(); } + rounds++; } - else - { - if (dest->IsModeSet('x')) - { - /* User is removing the mode, so just restore their real host - * and make it match the displayed one. - */ - dest->ChangeDisplayedHost(dest->host); - dest->SetMode('x',false); - return MODEACTION_ALLOW; - } + if (!item.empty()) + { + hashies.push_back(Hash->sumIV(compatkey, xtab[(compatkey[0]+rounds) % 4], item).substr(0,8)); } - - return MODEACTION_DENY; + /* Stick them all together */ + return irc::stringjoiner(":", hashies, 0, hashies.size() - 1).GetJoined(); } - - void DoRehash() + + std::string SegmentIP(const irc::sockets::sockaddrs& ip, bool full) { - ConfigReader Conf; - key1 = key2 = key3 = key4 = 0; - key1 = Conf.ReadInteger("cloak","key1",0,false); - key2 = Conf.ReadInteger("cloak","key2",0,false); - key3 = Conf.ReadInteger("cloak","key3",0,false); - key4 = Conf.ReadInteger("cloak","key4",0,false); - - prefix = Conf.ReadValue("cloak","prefix",0); - if (prefix == "") + std::string bindata; + int hop1, hop2, hop3; + int len1, len2; + std::string rv; + if (ip.sa.sa_family == AF_INET6) { - prefix = ServerInstance->Config->Network; + bindata = std::string((const char*)ip.in6.sin6_addr.s6_addr, 16); + hop1 = 8; + hop2 = 6; + hop3 = 4; + len1 = 6; + len2 = 4; + // pfx s1.s2.s3. (xxxx.xxxx or s4) sfx + // 6 4 4 9/6 + rv.reserve(prefix.length() + 26 + suffix.length()); } - if (!key1 && !key2 && !key3 && !key4) + else { - ModuleException ex("You have not defined cloak keys for m_cloaking!!! THIS IS INSECURE AND SHOULD BE CHECKED!"); - throw (ex); + bindata = std::string((const char*)&ip.in4.sin_addr, 4); + hop1 = 3; + hop2 = 0; + hop3 = 2; + len1 = len2 = 3; + // pfx s1.s2. (xxx.xxx or s3) sfx + rv.reserve(prefix.length() + 15 + suffix.length()); } - } -}; + rv.append(prefix); + rv.append(SegmentCloak(bindata, 10, len1)); + rv.append(1, '.'); + bindata.erase(hop1); + rv.append(SegmentCloak(bindata, 11, len2)); + if (hop2) + { + rv.append(1, '.'); + bindata.erase(hop2); + rv.append(SegmentCloak(bindata, 12, len2)); + } -class ModuleCloaking : public Module -{ - private: - Server *Srv; - CloakUser* cu; + if (full) + { + rv.append(1, '.'); + bindata.erase(hop3); + rv.append(SegmentCloak(bindata, 13, 6)); + rv.append(suffix); + } + else + { + char buf[50]; + if (ip.sa.sa_family == AF_INET6) + { + snprintf(buf, 50, ".%02x%02x.%02x%02x%s", + ip.in6.sin6_addr.s6_addr[2], ip.in6.sin6_addr.s6_addr[3], + ip.in6.sin6_addr.s6_addr[0], ip.in6.sin6_addr.s6_addr[1], suffix.c_str()); + } + else + { + const unsigned char* ip4 = (const unsigned char*)&ip.in4.sin_addr; + snprintf(buf, 50, ".%d.%d%s", ip4[1], ip4[0], suffix.c_str()); + } + rv.append(buf); + } + return rv; + } - public: - ModuleCloaking(Server* Me) - : Module::Module(Me), Srv(Me) + ModResult OnCheckBan(User* user, Channel* chan, const std::string& mask) { - /* Create new mode handler object */ - cu = new CloakUser(Srv); - - /* Register it with the core */ - Srv->AddMode(cu, 'x'); - - OnRehash(""); + LocalUser* lu = IS_LOCAL(user); + if (!lu) + return MOD_RES_PASSTHRU; + + OnUserConnect(lu); + std::string* cloak = cu.ext.get(user); + /* Check if they have a cloaked host, but are not using it */ + if (cloak && *cloak != user->dhost) + { + char cmask[MAXBUF]; + snprintf(cmask, MAXBUF, "%s!%s@%s", user->nick.c_str(), user->ident.c_str(), cloak->c_str()); + if (InspIRCd::Match(cmask,mask)) + return MOD_RES_DENY; + } + return MOD_RES_PASSTHRU; } - - virtual ~ModuleCloaking() + + void Prioritize() { - DELETE(cu); + /* Needs to be after m_banexception etc. */ + ServerInstance->Modules->SetPriority(this, I_OnCheckBan, PRIORITY_LAST); } - - virtual Version GetVersion() + + // this unsets umode +x on every host change. If we are actually doing a +x + // mode change, we will call SetMode back to true AFTER the host change is done. + void OnChangeHost(User* u, const std::string& host) { - // returns the version number of the module to be - // listed in /MODULES - return Version(1,0,0,2,VF_STATIC|VF_VENDOR); + if(u->IsModeSet('x')) + { + u->SetMode('x', false); + u->WriteServ("MODE %s -x", u->nick.c_str()); + } } - virtual void OnRehash(const std::string ¶meter) + ~ModuleCloaking() { - cu->DoRehash(); } - void Implements(char* List) + Version GetVersion() { - List[I_OnRehash] = List[I_OnUserConnect] = 1; + std::string testcloak = "broken"; + if (Hash) + { + switch (mode) + { + case MODE_COMPAT_HOST: + testcloak = prefix + "-" + Hash->sumIV(compatkey, xtab[0], "*").substr(0,10); + break; + case MODE_COMPAT_IPONLY: + testcloak = Hash->sumIV(compatkey, xtab[0], "*").substr(0,10); + break; + case MODE_HALF_CLOAK: + testcloak = prefix + SegmentCloak("*", 3, 8) + suffix; + break; + case MODE_OPAQUE: + testcloak = prefix + SegmentCloak("*", 4, 8) + suffix; + } + } + return Version("Provides masking of user hostnames", VF_COMMON|VF_VENDOR, testcloak); } - virtual void OnUserConnect(userrec* user) + void OnRehash(User* user) { - // Heres the weird bit. When a user connects we must set +x on them, so - // we're going to use the SendMode method of the Server class to send - // the mode to the client. This is basically the same as sending an - // SAMODE in unreal. Note that to the user it will appear as if they set - // the mode on themselves. - - const char* modes[2]; // only two parameters - modes[0] = user->nick; // first parameter is the nick - modes[1] = "+x"; // second parameter is the mode - Srv->SendMode(modes,2,user); // send these, forming the command "MODE +x" - } + ConfigTag* tag = ServerInstance->Config->ConfValue("cloak"); + prefix = tag->getString("prefix"); + suffix = tag->getString("suffix", ".IP"); + + std::string modestr = tag->getString("mode"); + if (modestr == "compat-host") + mode = MODE_COMPAT_HOST; + else if (modestr == "compat-ip") + mode = MODE_COMPAT_IPONLY; + else if (modestr == "half") + mode = MODE_HALF_CLOAK; + else if (modestr == "full") + mode = MODE_OPAQUE; + else + throw ModuleException("Bad value for ; must be one of compat-host, compat-ip, half, full"); -}; + if (mode == MODE_COMPAT_HOST || mode == MODE_COMPAT_IPONLY) + { + bool lowercase = tag->getBool("lowercase"); + + /* These are *not* using the need_positive parameter of ReadInteger - + * that will limit the valid values to only the positive values in a + * signed int. Instead, accept any value that fits into an int and + * cast it to an unsigned int. That will, a bit oddly, give us the full + * spectrum of an unsigned integer. - Special + * + * We must limit the keys or else we get different results on + * amd64/x86 boxes. - psychon */ + const unsigned int limit = 0x80000000; + compatkey[0] = (unsigned int) tag->getInt("key1"); + compatkey[1] = (unsigned int) tag->getInt("key2"); + compatkey[2] = (unsigned int) tag->getInt("key3"); + compatkey[3] = (unsigned int) tag->getInt("key4"); + + if (!lowercase) + { + xtab[0] = "F92E45D871BCA630"; + xtab[1] = "A1B9D80C72E653F4"; + xtab[2] = "1ABC078934DEF562"; + xtab[3] = "ABCDEF5678901234"; + } + else + { + xtab[0] = "f92e45d871bca630"; + xtab[1] = "a1b9d80c72e653f4"; + xtab[2] = "1abc078934def562"; + xtab[3] = "abcdef5678901234"; + } -// stuff down here is the module-factory stuff. For basic modules you can ignore this. + if (prefix.empty()) + prefix = ServerInstance->Config->Network; -class ModuleCloakingFactory : public ModuleFactory -{ - public: - ModuleCloakingFactory() - { + if (!compatkey[0] || !compatkey[1] || !compatkey[2] || !compatkey[3] || + compatkey[0] >= limit || compatkey[1] >= limit || compatkey[2] >= limit || compatkey[3] >= limit) + { + std::string detail; + if (!compatkey[0] || compatkey[0] >= limit) + detail = " is not valid, it may be set to a too high/low value, or it may not exist."; + else if (!compatkey[1] || compatkey[1] >= limit) + detail = " is not valid, it may be set to a too high/low value, or it may not exist."; + else if (!compatkey[2] || compatkey[2] >= limit) + detail = " is not valid, it may be set to a too high/low value, or it may not exist."; + else if (!compatkey[3] || compatkey[3] >= limit) + detail = " is not valid, it may be set to a too high/low value, or it may not exist."; + + throw ModuleException("You have not defined cloak keys for m_cloaking!!! THIS IS INSECURE AND SHOULD BE CHECKED! - " + detail); + } + } + else + { + key = tag->getString("key"); + if (key.empty() || key == "secret") + throw ModuleException("You have not defined cloak keys for m_cloaking. Define as a network-wide secret."); + } } - - ~ModuleCloakingFactory() + + std::string GenCloak(const irc::sockets::sockaddrs& ip, const std::string& ipstr, const std::string& host) { + std::string chost; + + switch (mode) + { + case MODE_COMPAT_HOST: + { + if (ipstr != host) + { + std::string tail = LastTwoDomainParts(host); + + // xtab is not used here due to a bug in 1.2 cloaking + chost = prefix + "-" + Hash->sumIV(compatkey, "0123456789abcdef", host).substr(0,8) + tail; + + /* Fix by brain - if the cloaked host is > the max length of a host (64 bytes + * according to the DNS RFC) then they get cloaked as an IP. + */ + if (chost.length() <= 64) + break; + } + // fall through to IP cloak + } + case MODE_COMPAT_IPONLY: + if (ip.sa.sa_family == AF_INET6) + chost = CompatCloak6(ipstr.c_str()); + else + chost = CompatCloak4(ipstr.c_str()); + break; + case MODE_HALF_CLOAK: + { + if (ipstr != host) + chost = prefix + SegmentCloak(host, 1, 6) + LastTwoDomainParts(host); + if (chost.empty() || chost.length() > 50) + chost = SegmentIP(ip, false); + break; + } + case MODE_OPAQUE: + default: + chost = SegmentIP(ip, true); + } + return chost; } - - virtual Module * CreateModule(Server* Me) + + void OnUserConnect(LocalUser* dest) { - return new ModuleCloaking(Me); + std::string* cloak = cu.ext.get(dest); + if (cloak) + return; + + cu.ext.set(dest, GenCloak(dest->client_sa, dest->GetIPString(), dest->host)); } - }; - -extern "C" void * init_module( void ) +CmdResult CommandCloak::Handle(const std::vector ¶meters, User *user) { - return new ModuleCloakingFactory; + ModuleCloaking* mod = (ModuleCloaking*)(Module*)creator; + irc::sockets::sockaddrs sa; + std::string cloak; + + if (irc::sockets::aptosa(parameters[0], 0, sa)) + cloak = mod->GenCloak(sa, parameters[0], parameters[0]); + else + cloak = mod->GenCloak(sa, "", parameters[0]); + + user->WriteServ("NOTICE %s :*** Cloak for %s is %s", user->nick.c_str(), parameters[0].c_str(), cloak.c_str()); + + return CMD_SUCCESS; } + +MODULE_INIT(ModuleCloaking)