X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fusers.cpp;h=1955c90295bea651cdce870dcda06ec8e93a5c8e;hb=9bc8b2602426e187c4c5ba6ff0fad0641155357a;hp=eacbe2779169e4306fee87151e0e44d16a55c7a4;hpb=cbb888a47064a8b70254047fd305bea73c2395ad;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/users.cpp b/src/users.cpp index eacbe2779..1955c9029 100644 --- a/src/users.cpp +++ b/src/users.cpp @@ -900,13 +900,12 @@ void userrec::AddClient(InspIRCd* Instance, int socket, int port, bool iscached, Instance->AddLocalClone(New); Instance->AddGlobalClone(New); + /* + * First class check. We do this again in FullConnect after DNS is done, and NICK/USER is recieved. + * See my note down there for why this is required. DO NOT REMOVE. :) -- w00t + */ ConnectClass* i = New->GetClass(); - - if ((!i) || (i->GetType() == CC_DENY)) - { - userrec::QuitUser(Instance, New,"Unauthorised connection"); - return; - } + New->CheckClass(); New->pingmax = i->GetPingTime(); New->nping = Instance->Time() + i->GetPingTime() + Instance->Config->dns_timeout; @@ -987,41 +986,57 @@ unsigned long userrec::LocalCloneCount() return 0; } -void userrec::FullConnect() +/* + * Check class restrictions + */ +void userrec::CheckClass() { - ServerInstance->stats->statsConnects++; - this->idle_lastmsg = ServerInstance->Time(); - ConnectClass* a = this->GetClass(); if ((!a) || (a->GetType() == CC_DENY)) { - this->muted = true; - ServerInstance->GlobalCulls.AddItem(this,"Unauthorised connection"); + userrec::QuitUser(ServerInstance, this, "Unauthorised connection"); return; } if ((!a->GetPass().empty()) && (!this->haspassed)) { - this->muted = true; - ServerInstance->GlobalCulls.AddItem(this,"Invalid password"); + userrec::QuitUser(ServerInstance, this, "Invalid password"); + return; + } + + if ((!a) || (a->GetType() == CC_DENY)) + { + userrec::QuitUser(ServerInstance, this,"Unauthorised connection"); return; } if ((a->GetMaxLocal()) && (this->LocalCloneCount() > a->GetMaxLocal())) { - this->muted = true; - ServerInstance->GlobalCulls.AddItem(this, "No more connections allowed from your host via this connect class (local)"); + userrec::QuitUser(ServerInstance, this, "No more connections allowed from your host via this connect class (local)"); ServerInstance->WriteOpers("*** WARNING: maximum LOCAL connections (%ld) exceeded for IP %s", a->GetMaxLocal(), this->GetIPString()); return; } else if ((a->GetMaxGlobal()) && (this->GlobalCloneCount() > a->GetMaxGlobal())) { - this->muted = true; - ServerInstance->GlobalCulls.AddItem(this, "No more connections allowed from your host via this connect class (global)"); - ServerInstance->WriteOpers("*** WARNING: maximum GLOBAL connections (%ld) exceeded for IP %s",a->GetMaxGlobal(), this->GetIPString()); + userrec::QuitUser(ServerInstance, this, "No more connections allowed from your host via this connect class (global)"); + ServerInstance->WriteOpers("*** WARNING: maximum GLOBAL connections (%ld) exceeded for IP %s", a->GetMaxGlobal(), this->GetIPString()); return; } +} + +void userrec::FullConnect() +{ + ServerInstance->stats->statsConnects++; + this->idle_lastmsg = ServerInstance->Time(); + + /* + * You may be thinking "wtf, we checked this in userrec::AddClient!" - and yes, we did, BUT. + * At the time AddClient is called, we don't have a resolved host, by here we probably do - which + * may put the user into a totally seperate class with different restrictions! so we *must* check again. + * Don't remove this! -- w00t + */ + this->CheckClass(); if (!this->exempt) {