diff options
author | brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> | 2006-11-12 22:17:39 +0000 |
---|---|---|
committer | brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> | 2006-11-12 22:17:39 +0000 |
commit | 786f36abc4401dc8887761ce57ddb2c9b979c9bd (patch) | |
tree | 91c688037b8292ec59993c70d2bef4665051c3eb | |
parent | ea59b0338c1abc4eb0cf3ebc1cf127e36df33161 (diff) |
Better cloaking for unresolved IP addresses.
Now hashes each octet and joins them with '.' so you easier ban unresolved ip's.
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@5725 e03df62e-2008-0410-955e-edbf42e46eb7
-rw-r--r-- | src/modules/m_cloaking.cpp | 44 |
1 files changed, 32 insertions, 12 deletions
diff --git a/src/modules/m_cloaking.cpp b/src/modules/m_cloaking.cpp index 37adc3488..bc2873842 100644 --- a/src/modules/m_cloaking.cpp +++ b/src/modules/m_cloaking.cpp @@ -257,7 +257,7 @@ class CloakUser : public ModeHandler } - void MyMD5(void *dest, void *orig, int len) + void MyMD5(void *dest, const void *orig, int len) { struct xMD5Context context; @@ -267,7 +267,7 @@ class CloakUser : public ModeHandler } - void GenHash(char* src, char* dest) + void GenHash(const char* src, char* dest, int xtable = 0) { // purposefully lossy md5 - only gives them the most significant 4 bits // of every md5 output byte. @@ -275,14 +275,11 @@ class CloakUser : public ModeHandler unsigned char bytes[16]; char hash[MAXBUF]; *hash = 0; - MyMD5((char*)bytes,src,strlen(src)); + MyMD5(bytes, src, strlen(src)); for (i = 0; i < 16; i++) { - const char* xtab = "F92E45D871BCA630"; - unsigned char hi = xtab[bytes[i] / 16]; - char hx[2]; - hx[0] = hi; - hx[1] = '\0'; + const char* xtab[] = {"F92E45D871BCA630", "A1B9D80C72E653F4", "1ABC078934DEF562", "ABCDEF5678901234"}; + char hx[2] = { xtab[xtable][bytes[i] / 16], 0}; strlcat(hash,hx,MAXBUF); } strlcpy(dest,hash,MAXBUF); @@ -332,9 +329,9 @@ class CloakUser : public ModeHandler char ra[64]; this->GenHash(dest->host,ra); - std::string b = ""; + std::string b; insp_inaddr testaddr; - std::string hostcloak = prefix + "-" + std::string(ra) + a; + std::string hostcloak = prefix + "-" + ra + a; /* Fix by brain - if the cloaked host is > the max length of a host (64 bytes * according to the DNS RFC) then tough titty, they get cloaked as an IP. @@ -349,8 +346,31 @@ class CloakUser : public ModeHandler } else { - // else, they have an ip - b = std::string(ra) + "." + prefix + ".cloak"; + if (b.find(':') == std::string::npos) + { + /* IP4 ip */ + irc::sepstream seps(dest->host, '.'); + char ra1[64], ra2[64], ra3[64], ra4[64]; + std::string octet1 = seps.GetToken(); + std::string octet2 = seps.GetToken(); + std::string octet3 = seps.GetToken(); + std::string octet4 = seps.GetToken(); + ServerInstance->Log(DEBUG,"oct1=%s, oct2=%s, oct3=%s, oct4=%s", octet1.c_str(), octet2.c_str(), octet3.c_str(), octet4.c_str()); + this->GenHash(octet1.c_str(),ra1, key1 % 4); + this->GenHash(octet2.c_str(),ra2, key2 % 4); + this->GenHash(octet3.c_str(),ra3, key3 % 4); + this->GenHash(octet4.c_str(),ra4, key4 % 4); + ServerInstance->Log(DEBUG,"ra1=%s, ra2=%s, ra3=%s, ra4=%s", ra1, ra2, ra3, ra4); + /* This is safe as we know the length generated by our genhash is always 16 */ + ra1[8] = ra2[8] = ra3[8] = ra4[8] = 0; + b.append(ra1).append(".").append(ra2).append(".").append(ra3).append(".").append(ra4); + } + else + { + /* IP6 ip */ + b.append(ra).append(".").append(prefix).append(".cloak"); + + } } ServerInstance->Log(DEBUG,"cloak: allocated "+b); dest->ChangeDisplayedHost(b.c_str()); |