summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2006-11-12 22:17:39 +0000
committerbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2006-11-12 22:17:39 +0000
commit786f36abc4401dc8887761ce57ddb2c9b979c9bd (patch)
tree91c688037b8292ec59993c70d2bef4665051c3eb
parentea59b0338c1abc4eb0cf3ebc1cf127e36df33161 (diff)
Better cloaking for unresolved IP addresses.
Now hashes each octet and joins them with '.' so you easier ban unresolved ip's. git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@5725 e03df62e-2008-0410-955e-edbf42e46eb7
-rw-r--r--src/modules/m_cloaking.cpp44
1 files changed, 32 insertions, 12 deletions
diff --git a/src/modules/m_cloaking.cpp b/src/modules/m_cloaking.cpp
index 37adc3488..bc2873842 100644
--- a/src/modules/m_cloaking.cpp
+++ b/src/modules/m_cloaking.cpp
@@ -257,7 +257,7 @@ class CloakUser : public ModeHandler
}
- void MyMD5(void *dest, void *orig, int len)
+ void MyMD5(void *dest, const void *orig, int len)
{
struct xMD5Context context;
@@ -267,7 +267,7 @@ class CloakUser : public ModeHandler
}
- void GenHash(char* src, char* dest)
+ void GenHash(const char* src, char* dest, int xtable = 0)
{
// purposefully lossy md5 - only gives them the most significant 4 bits
// of every md5 output byte.
@@ -275,14 +275,11 @@ class CloakUser : public ModeHandler
unsigned char bytes[16];
char hash[MAXBUF];
*hash = 0;
- MyMD5((char*)bytes,src,strlen(src));
+ MyMD5(bytes, src, strlen(src));
for (i = 0; i < 16; i++)
{
- const char* xtab = "F92E45D871BCA630";
- unsigned char hi = xtab[bytes[i] / 16];
- char hx[2];
- hx[0] = hi;
- hx[1] = '\0';
+ const char* xtab[] = {"F92E45D871BCA630", "A1B9D80C72E653F4", "1ABC078934DEF562", "ABCDEF5678901234"};
+ char hx[2] = { xtab[xtable][bytes[i] / 16], 0};
strlcat(hash,hx,MAXBUF);
}
strlcpy(dest,hash,MAXBUF);
@@ -332,9 +329,9 @@ class CloakUser : public ModeHandler
char ra[64];
this->GenHash(dest->host,ra);
- std::string b = "";
+ std::string b;
insp_inaddr testaddr;
- std::string hostcloak = prefix + "-" + std::string(ra) + a;
+ std::string hostcloak = prefix + "-" + ra + a;
/* Fix by brain - if the cloaked host is > the max length of a host (64 bytes
* according to the DNS RFC) then tough titty, they get cloaked as an IP.
@@ -349,8 +346,31 @@ class CloakUser : public ModeHandler
}
else
{
- // else, they have an ip
- b = std::string(ra) + "." + prefix + ".cloak";
+ if (b.find(':') == std::string::npos)
+ {
+ /* IP4 ip */
+ irc::sepstream seps(dest->host, '.');
+ char ra1[64], ra2[64], ra3[64], ra4[64];
+ std::string octet1 = seps.GetToken();
+ std::string octet2 = seps.GetToken();
+ std::string octet3 = seps.GetToken();
+ std::string octet4 = seps.GetToken();
+ ServerInstance->Log(DEBUG,"oct1=%s, oct2=%s, oct3=%s, oct4=%s", octet1.c_str(), octet2.c_str(), octet3.c_str(), octet4.c_str());
+ this->GenHash(octet1.c_str(),ra1, key1 % 4);
+ this->GenHash(octet2.c_str(),ra2, key2 % 4);
+ this->GenHash(octet3.c_str(),ra3, key3 % 4);
+ this->GenHash(octet4.c_str(),ra4, key4 % 4);
+ ServerInstance->Log(DEBUG,"ra1=%s, ra2=%s, ra3=%s, ra4=%s", ra1, ra2, ra3, ra4);
+ /* This is safe as we know the length generated by our genhash is always 16 */
+ ra1[8] = ra2[8] = ra3[8] = ra4[8] = 0;
+ b.append(ra1).append(".").append(ra2).append(".").append(ra3).append(".").append(ra4);
+ }
+ else
+ {
+ /* IP6 ip */
+ b.append(ra).append(".").append(prefix).append(".cloak");
+
+ }
}
ServerInstance->Log(DEBUG,"cloak: allocated "+b);
dest->ChangeDisplayedHost(b.c_str());