X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_cloaking.cpp;h=458d833dfab28258c9f992d802765860a6166089;hb=f25c4b7a2263f5f3ce9bb41ba56b43c0d3a6d124;hp=2cbd8fb99268f501b7d99b0153434df84852ba37;hpb=12427e75fe175fe7a62f388281dd7ab5100c9dda;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/m_cloaking.cpp b/src/modules/m_cloaking.cpp index 2cbd8fb99..458d833df 100644 --- a/src/modules/m_cloaking.cpp +++ b/src/modules/m_cloaking.cpp @@ -2,8 +2,8 @@ * | Inspire Internet Relay Chat Daemon | * +------------------------------------+ * - * InspIRCd: (C) 2002-2008 InspIRCd Development Team - * See: http://www.inspircd.org/wiki/index.php/Credits + * InspIRCd: (C) 2002-2009 InspIRCd Development Team + * See: http://wiki.inspircd.org/Credits * * This program is free but copyrighted software; see * the file COPYING for details. @@ -12,7 +12,6 @@ */ #include "inspircd.h" -#include "wildcard.h" #include "m_hash.h" /* $ModDesc: Provides masking of user hostnames */ @@ -39,7 +38,7 @@ class CloakUser : public ModeHandler * For example, if it is passed "svn.inspircd.org" it will return ".inspircd.org". * If it is passed "brainbox.winbot.co.uk" it will return ".co.uk", * and if it is passed "localhost.localdomain" it will return ".localdomain". - * + * * This is used to ensure a significant part of the host is always cloaked (see Bug #216) */ std::string LastTwoDomainParts(const std::string &host) @@ -70,9 +69,6 @@ class CloakUser : public ModeHandler ModeAction OnModeChange(User* source, User* dest, Channel* channel, std::string ¶meter, bool adding, bool) { - if (source != dest) - return MODEACTION_DENY; - /* For remote clients, we dont take any action, we just allow it. * The local server where they are will set their cloak instead. * This is fine, as we will recieve it later. @@ -101,9 +97,13 @@ class CloakUser : public ModeHandler std::string* cloak; + if (!dest->GetExt("cloaked_host", cloak)) + { + /* Force creation of missing cloak */ + Sender->OnUserConnect(dest); + } if (dest->GetExt("cloaked_host", cloak)) { - /* Cloaked host has been set before on this user, don't bother to recalculate and waste cpu */ dest->ChangeDisplayedHost(cloak->c_str()); dest->SetMode('x',true); return MODEACTION_ALLOW; @@ -111,11 +111,11 @@ class CloakUser : public ModeHandler } } else - { + { if (dest->IsModeSet('x')) { - /* User is removing the mode, so just restore their real host - * and make it match the displayed one. + /* User is removing the mode, so just restore their real host + * and make it match the displayed one. */ dest->ChangeDisplayedHost(dest->host.c_str()); dest->SetMode('x',false); @@ -160,11 +160,6 @@ class CloakUser : public ModeHandler std::string Cloak6(const char* ip) { - /* Theyre using 4in6 (YUCK). Translate as ipv4 cloak */ - if (!strncmp(ip, "0::ffff:", 8)) - return Cloak4(ip + 8); - - /* If we get here, yes it really is an ipv6 ip */ unsigned int iv[] = { key1, key2, key3, key4 }; std::vector hashies; std::string item; @@ -196,13 +191,13 @@ class CloakUser : public ModeHandler /* Stick them all together */ return irc::stringjoiner(":", hashies, 0, hashies.size() - 1).GetJoined(); } - + void DoRehash() { ConfigReader Conf(ServerInstance); bool lowercase; - - /* These are *not* using the need_positive parameter of ReadInteger - + + /* These are *not* using the need_positive parameter of ReadInteger - * that will limit the valid values to only the positive values in a * signed int. Instead, accept any value that fits into an int and * cast it to an unsigned int. That will, a bit oddly, give us the full @@ -215,7 +210,7 @@ class CloakUser : public ModeHandler prefix = Conf.ReadValue("cloak","prefix",0); ipalways = Conf.ReadFlag("cloak", "ipalways", 0); lowercase = Conf.ReadFlag("cloak", "lowercase", 0); - + if (!lowercase) { xtab[0] = "F92E45D871BCA630"; @@ -255,16 +250,14 @@ class CloakUser : public ModeHandler class ModuleCloaking : public Module { private: - CloakUser* cu; - Module* HashModule; public: ModuleCloaking(InspIRCd* Me) : Module(Me) { /* Attempt to locate the md5 service provider, bail if we can't find it */ - HashModule = ServerInstance->Modules->Find("m_md5.so"); + Module* HashModule = ServerInstance->Modules->Find("m_md5.so"); if (!HashModule) throw ModuleException("Can't find m_md5.so. Please load m_md5.so before m_cloaking.so."); @@ -272,7 +265,7 @@ class ModuleCloaking : public Module try { - OnRehash(NULL,""); + OnRehash(NULL); } catch (ModuleException &e) { @@ -289,21 +282,31 @@ class ModuleCloaking : public Module ServerInstance->Modules->UseInterface("HashRequest"); - Implementation eventlist[] = { I_OnRehash, I_OnUserDisconnect, I_OnCleanup, I_OnCheckBan, I_OnUserConnect, I_OnSyncUserMetaData }; + Implementation eventlist[] = { I_OnRehash, I_OnUserDisconnect, I_OnCleanup, I_OnCheckBan, I_OnUserConnect, I_OnSyncUser, I_OnCleanup }; ServerInstance->Modules->Attach(eventlist, this, 6); + + CloakExistingUsers(); } - void OnSyncUserMetaData(User* user, Module* proto,void* opaque, const std::string &extname, bool displayable) + void OnSyncUser(User* user, Module* proto,void* opaque) { - if ((displayable) && (extname == "cloaked_host")) + std::string* cloak; + if (user->GetExt("cloaked_host", cloak) && proto->ProtoTranslate(NULL) == "?") + proto->ProtoSendMetaData(opaque, user, "cloaked_host", *cloak); + } + + void CloakExistingUsers() + { + std::string* cloak; + for (std::vector::iterator u = ServerInstance->Users->local_users.begin(); u != ServerInstance->Users->local_users.end(); u++) { - std::string* cloak; - if (user->GetExt("cloaked_host", cloak)) - proto->ProtoSendMetaData(opaque, TYPE_USER, user, extname, *cloak); + if (!(*u)->GetExt("cloaked_host", cloak)) + { + OnUserConnect(*u); + } } } - virtual int OnCheckBan(User* user, Channel* chan) { char mask[MAXBUF]; @@ -314,7 +317,7 @@ class ModuleCloaking : public Module snprintf(mask, MAXBUF, "%s!%s@%s", user->nick.c_str(), user->ident.c_str(), tofree->c_str()); for (BanList::iterator i = chan->bans.begin(); i != chan->bans.end(); i++) { - if (match(mask,i->data)) + if (InspIRCd::Match(mask,i->data)) return -1; } } @@ -324,14 +327,21 @@ class ModuleCloaking : public Module void Prioritize() { /* Needs to be after m_banexception etc. */ - ServerInstance->Modules->SetPriority(this, I_OnCheckBan, PRIO_LAST); + ServerInstance->Modules->SetPriority(this, I_OnCheckBan, PRIORITY_LAST); + + /* but before m_conn_umodes, so host is generated ready to apply */ + Module *um = ServerInstance->Modules->Find("m_conn_umodes.so"); + ServerInstance->Modules->SetPriority(this, I_OnUserConnect, PRIORITY_AFTER, &um); } virtual void OnUserDisconnect(User* user) { std::string* tofree; if (user->GetExt("cloaked_host", tofree)) + { delete tofree; + user->Shrink("cloaked_host"); + } } virtual void OnCleanup(int target_type, void* item) @@ -339,28 +349,32 @@ class ModuleCloaking : public Module if (target_type == TYPE_USER) OnUserDisconnect((User*)item); } - + virtual ~ModuleCloaking() { ServerInstance->Modes->DelMode(cu); delete cu; ServerInstance->Modules->DoneWithInterface("HashRequest"); } - + virtual Version GetVersion() { // returns the version number of the module to be // listed in /MODULES - return Version(1,2,0,2,VF_COMMON|VF_VENDOR,API_VERSION); + return Version("$Id$", VF_COMMON|VF_VENDOR,API_VERSION); } - virtual void OnRehash(User* user, const std::string ¶meter) + virtual void OnRehash(User* user) { cu->DoRehash(); } virtual void OnUserConnect(User* dest) { + std::string* tofree; + if (dest->GetExt("cloaked_host", tofree)) + return; + if (dest->host.find('.') != std::string::npos || dest->host.find(':') != std::string::npos) { unsigned int iv[] = { cu->key1, cu->key2, cu->key3, cu->key4 }; @@ -387,39 +401,25 @@ class ModuleCloaking : public Module std::string hostcloak = cu->prefix + "-" + std::string(HashSumRequest(this, cu->HashProvider, dest->host.c_str()).Send()).substr(0,8) + a; /* Fix by brain - if the cloaked host is > the max length of a host (64 bytes - * according to the DNS RFC) then tough titty, they get cloaked as an IP. + * according to the DNS RFC) then tough titty, they get cloaked as an IP. * Their ISP shouldnt go to town on subdomains, or they shouldnt have a kiddie * vhost. */ -#ifdef IPV6 - in6_addr testaddr; - in_addr testaddr2; - if ((dest->GetProtocolFamily() == AF_INET6) && (inet_pton(AF_INET6,dest->host,&testaddr) < 1) && (hostcloak.length() <= 64)) - /* Invalid ipv6 address, and ipv6 user (resolved host) */ - b = hostcloak; - else if ((dest->GetProtocolFamily() == AF_INET) && (inet_aton(dest->host,&testaddr2) < 1) && (hostcloak.length() <= 64)) - /* Invalid ipv4 address, and ipv4 user (resolved host) */ - b = hostcloak; - else - /* Valid ipv6 or ipv4 address (not resolved) ipv4 or ipv6 user */ - b = ((!strchr(dest->host,':')) ? cu->Cloak4(dest->host) : cu->Cloak6(dest->host)); -#else - in_addr testaddr; - if ((inet_aton(dest->host.c_str(),&testaddr) < 1) && (hostcloak.length() <= 64)) - /* Invalid ipv4 address, and ipv4 user (resolved host) */ + std::string testaddr; + int testport; + if (!irc::sockets::satoap(&dest->client_sa, testaddr, testport) && (hostcloak.length() <= 64)) + /* not a valid address, must have been a host, so cloak as a host */ b = hostcloak; + else if (dest->client_sa.sa.sa_family == AF_INET6) + b = cu->Cloak6(dest->GetIPString()); else - /* Valid ipv4 address (not resolved) ipv4 user */ - b = cu->Cloak4(dest->host.c_str()); -#endif + b = cu->Cloak4(dest->GetIPString()); } else { -#ifdef IPV6 - if (dest->GetProtocolFamily() == AF_INET6) + if (dest->client_sa.sa.sa_family == AF_INET6) b = cu->Cloak6(dest->GetIPString()); -#endif - if (dest->GetProtocolFamily() == AF_INET) + else b = cu->Cloak4(dest->GetIPString()); }