X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_ident.cpp;h=a0d5443d6050ed606cd0568c0283dec73d77fb0c;hb=d71c37e05911d87830987a09128a178c3e402bb4;hp=f3f8e7dd79eec16ada66b03baa1ccf11521eda8f;hpb=09da1499d7bc3a380c2b828eed22e3639d6e5e27;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/m_ident.cpp b/src/modules/m_ident.cpp
index f3f8e7dd7..a0d5443d6 100644
--- a/src/modules/m_ident.cpp
+++ b/src/modules/m_ident.cpp
@@ -1,11 +1,13 @@
 /*
  * InspIRCd -- Internet Relay Chat Daemon
  *
+ *   Copyright (C) 2013, 2018-2020 Sadie Powell <sadie@witchery.services>
+ *   Copyright (C) 2012-2015 Attila Molnar <attilamolnar@hush.com>
+ *   Copyright (C) 2012-2013 Robby <robby@chatbelgie.be>
  *   Copyright (C) 2009-2010 Daniel De Graaf <danieldg@inspircd.org>
- *   Copyright (C) 2007, 2009 John Brooks <john.brooks@dereferenced.net>
- *   Copyright (C) 2006-2008 Robin Burchell <robin+git@viroteck.net>
- *   Copyright (C) 2005-2008 Craig Edwards <craigedwards@brainbox.cc>
- *   Copyright (C) 2008 Thomas Stagner <aquanight@inspircd.org>
+ *   Copyright (C) 2008 Robin Burchell <robin+git@viroteck.net>
+ *   Copyright (C) 2007, 2010 Craig Edwards <brain@inspircd.org>
+ *   Copyright (C) 2007 John Brooks <special@inspircd.org>
  *   Copyright (C) 2007 Dennis Friis <peavey@inspircd.org>
  *
  * This file is part of InspIRCd.  InspIRCd is free software: you can
@@ -24,6 +26,24 @@
 
 #include "inspircd.h"
 
+enum
+{
+	// Either the ident looup has not started yet or the user is registered.
+	IDENT_UNKNOWN = 0,
+
+	// Ident lookups are not enabled and a user has been marked as being skipped.
+	IDENT_SKIPPED,
+
+	// Ident looups are not enabled and a user has been an insecure ident prefix.
+	IDENT_PREFIXED,
+
+	// An ident lookup was done and an ident was found.
+	IDENT_FOUND,
+
+	// An ident lookup was done but no ident was found
+	IDENT_MISSING
+};
+
 /* --------------------------------------------------------------
  * Note that this is the third incarnation of m_ident. The first
  * two attempts were pretty crashy, mainly due to the fact we tried
@@ -41,7 +61,7 @@
  * our ident lookup class that is outside of this module, or out-
  * side of the control of the class. There are no timers, internal
  * events, or such, which will cause the socket to be deleted,
- * queued for deletion, etc. In fact, theres not even any queueing!
+ * queued for deletion, etc. In fact, there's not even any queueing!
  *
  * Using this framework we have a much more stable module.
  *
@@ -93,8 +113,7 @@ class IdentRequestSocket : public EventHandler
 		age = ServerInstance->Time();
 
 		SetFd(socket(user->server_sa.family(), SOCK_STREAM, 0));
-
-		if (GetFd() == -1)
+		if (!HasFd())
 			throw ModuleException("Could not create socket");
 
 		done = false;
@@ -164,10 +183,10 @@ class IdentRequestSocket : public EventHandler
 
 	void Close()
 	{
-		/* Remove ident socket from engine, and close it, but dont detatch it
+		/* Remove ident socket from engine, and close it, but dont detach it
 		 * from its parent user class, or attempt to delete its memory.
 		 */
-		if (GetFd() > -1)
+		if (HasFd())
 		{
 			ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "Close ident socket %d", GetFd());
 			SocketEngine::Close(this);
@@ -257,14 +276,15 @@ class ModuleIdent : public Module
  private:
 	unsigned int timeout;
 	bool prefixunqueried;
-	SimpleExtItem<IdentRequestSocket, stdalgo::culldeleter> ext;
+	SimpleExtItem<IdentRequestSocket, stdalgo::culldeleter> socket;
+	LocalIntExt state;
 
 	static void PrefixIdent(LocalUser* user)
 	{
 		// Check that they haven't been prefixed already.
 		if (user->ident[0] == '~')
 			return;
-		
+
 		// All invalid usernames are prefixed with a tilde.
 		std::string newident(user->ident);
 		newident.insert(newident.begin(), '~');
@@ -279,13 +299,14 @@ class ModuleIdent : public Module
 
  public:
 	ModuleIdent()
-		: ext("ident_socket", ExtensionItem::EXT_USER, this)
+		: socket("ident_socket", ExtensionItem::EXT_USER, this)
+		, state("ident_state", ExtensionItem::EXT_USER, this)
 	{
 	}
 
 	Version GetVersion() CXX11_OVERRIDE
 	{
-		return Version("Provides support for RFC1413 ident lookups", VF_VENDOR);
+		return Version("Allows the usernames (idents) of users to be looked up using the RFC 1413 Identification Protocol.", VF_VENDOR);
 	}
 
 	void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE
@@ -297,12 +318,12 @@ class ModuleIdent : public Module
 
 	void OnSetUserIP(LocalUser* user) CXX11_OVERRIDE
 	{
-		IdentRequestSocket* isock = ext.get(user);
+		IdentRequestSocket* isock = socket.get(user);
 		if (isock)
 		{
 			// If an ident lookup request was in progress then cancel it.
 			isock->Close();
-			ext.unset(user);
+			socket.unset(user);
 		}
 
 		// The ident protocol requires that clients are connecting over a protocol with ports.
@@ -310,19 +331,22 @@ class ModuleIdent : public Module
 			return;
 
 		// We don't want to look this up once the user has connected.
-		if (user->registered == REG_ALL)
+		if (user->registered == REG_ALL || user->quitting)
 			return;
 
 		ConfigTag* tag = user->MyClass->config;
 		if (!tag->getBool("useident", true))
+		{
+			state.set(user, IDENT_SKIPPED);
 			return;
+		}
 
 		user->WriteNotice("*** Looking up your ident...");
 
 		try
 		{
 			isock = new IdentRequestSocket(user);
-			ext.set(user, isock);
+			socket.set(user, isock);
 		}
 		catch (ModuleException &e)
 		{
@@ -337,11 +361,14 @@ class ModuleIdent : public Module
 	ModResult OnCheckReady(LocalUser *user) CXX11_OVERRIDE
 	{
 		/* Does user have an ident socket attached at all? */
-		IdentRequestSocket *isock = ext.get(user);
+		IdentRequestSocket* isock = socket.get(user);
 		if (!isock)
 		{
-			if (prefixunqueried)
+			if (prefixunqueried && state.get(user) == IDENT_SKIPPED)
+			{
 				PrefixIdent(user);
+				state.set(user, IDENT_PREFIXED);
+			}
 			return MOD_RES_PASSTHRU;
 		}
 
@@ -351,6 +378,7 @@ class ModuleIdent : public Module
 		if (ServerInstance->Time() >= compare)
 		{
 			/* Ident timeout */
+			state.set(user, IDENT_MISSING);
 			PrefixIdent(user);
 			user->WriteNotice("*** Ident lookup timed out, using " + user->ident + " instead.");
 		}
@@ -363,26 +391,38 @@ class ModuleIdent : public Module
 		/* wooo, got a result (it will be good, or bad) */
 		else if (isock->result.empty())
 		{
+			state.set(user, IDENT_MISSING);
 			PrefixIdent(user);
 			user->WriteNotice("*** Could not find your ident, using " + user->ident + " instead.");
 		}
 		else
 		{
+			state.set(user, IDENT_FOUND);
 			user->ChangeIdent(isock->result);
 			user->WriteNotice("*** Found your ident, '" + user->ident + "'");
 		}
 
 		isock->Close();
-		ext.unset(user);
+		socket.unset(user);
 		return MOD_RES_PASSTHRU;
 	}
 
 	ModResult OnSetConnectClass(LocalUser* user, ConnectClass* myclass) CXX11_OVERRIDE
 	{
-		if (myclass->config->getBool("requireident") && user->ident[0] == '~')
+		if (myclass->config->getBool("requireident") && state.get(user) != IDENT_FOUND)
+		{
+			ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "The %s connect class is not suitable as it requires an identd response",
+				myclass->GetName().c_str());
 			return MOD_RES_DENY;
+		}
 		return MOD_RES_PASSTHRU;
 	}
+
+	void OnUserConnect(LocalUser* user) CXX11_OVERRIDE
+	{
+		// Clear this as it is no longer necessary.
+		state.unset(user);
+	}
 };
 
 MODULE_INIT(ModuleIdent)