summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2008-04-10 21:46:30 +0000
committerbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2008-04-10 21:46:30 +0000
commitaac846ef91b64164922311997cf3bb9a6878a14d (patch)
tree65c9122b7bb699736decaecab1ed7db25592f5f7 /src
parent548883a392f7c6c3e0271f619374241404a2c6dc (diff)
Calculate hosts on connect so theres no way around a ban on your cloak, even if you never cloak yourself even once
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@9451 e03df62e-2008-0410-955e-edbf42e46eb7
Diffstat (limited to 'src')
-rw-r--r--src/modules/m_cloaking.cpp155
1 files changed, 77 insertions, 78 deletions
diff --git a/src/modules/m_cloaking.cpp b/src/modules/m_cloaking.cpp
index a0853b78b..a0318df86 100644
--- a/src/modules/m_cloaking.cpp
+++ b/src/modules/m_cloaking.cpp
@@ -6,7 +6,7 @@
* See: http://www.inspircd.org/wiki/index.php/Credits
*
* This program is free but copyrighted software; see
- * the file COPYING for details.
+ * the file COPYING for details.
*
* ---------------------------------------------------
*/
@@ -22,6 +22,7 @@
*/
class CloakUser : public ModeHandler
{
+ public:
std::string prefix;
unsigned int key1;
unsigned int key2;
@@ -62,9 +63,8 @@ class CloakUser : public ModeHandler
else
return host.substr(splitdot);
}
-
- public:
- CloakUser(InspIRCd* Instance, Module* Source, Module* Hash) : ModeHandler(Instance, 'x', 0, 0, false, MODETYPE_USER, false), Sender(Source), HashProvider(Hash)
+
+ CloakUser(InspIRCd* Instance, Module* source, Module* Hash) : ModeHandler(Instance, 'x', 0, 0, false, MODETYPE_USER, false), Sender(source), HashProvider(Hash)
{
}
@@ -108,78 +108,6 @@ class CloakUser : public ModeHandler
dest->SetMode('x',true);
return MODEACTION_ALLOW;
}
-
- char* n1 = strchr(dest->host,'.');
- char* n2 = strchr(dest->host,':');
-
- if (n1 || n2)
- {
- unsigned int iv[] = { key1, key2, key3, key4 };
- std::string a = LastTwoDomainParts(dest->host);
- std::string b;
-
- /* InspIRCd users have two hostnames; A displayed
- * hostname which can be modified by modules (e.g.
- * to create vhosts, implement chghost, etc) and a
- * 'real' hostname which you shouldnt write to.
- */
-
- /* 2008/08/18: add <cloak:ipalways> which always cloaks
- * the IP, for anonymity. --nenolod
- */
- if (!ipalways)
- {
- /** Reset the Hash module, and send it our IV and hex table */
- HashResetRequest(Sender, HashProvider).Send();
- HashKeyRequest(Sender, HashProvider, iv).Send();
- HashHexRequest(Sender, HashProvider, xtab[(*dest->host) % 4]);
-
- /* Generate a cloak using specialized Hash */
- std::string hostcloak = prefix + "-" + std::string(HashSumRequest(Sender, HashProvider, dest->host).Send()).substr(0,8) + a;
-
- /* Fix by brain - if the cloaked host is > the max length of a host (64 bytes
- * according to the DNS RFC) then tough titty, they get cloaked as an IP.
- * Their ISP shouldnt go to town on subdomains, or they shouldnt have a kiddie
- * vhost.
- */
-#ifdef IPV6
- in6_addr testaddr;
- in_addr testaddr2;
- if ((dest->GetProtocolFamily() == AF_INET6) && (inet_pton(AF_INET6,dest->host,&testaddr) < 1) && (hostcloak.length() <= 64))
- /* Invalid ipv6 address, and ipv6 user (resolved host) */
- b = hostcloak;
- else if ((dest->GetProtocolFamily() == AF_INET) && (inet_aton(dest->host,&testaddr2) < 1) && (hostcloak.length() <= 64))
- /* Invalid ipv4 address, and ipv4 user (resolved host) */
- b = hostcloak;
- else
- /* Valid ipv6 or ipv4 address (not resolved) ipv4 or ipv6 user */
- b = ((!strchr(dest->host,':')) ? Cloak4(dest->host) : Cloak6(dest->host));
-#else
- in_addr testaddr;
- if ((inet_aton(dest->host,&testaddr) < 1) && (hostcloak.length() <= 64))
- /* Invalid ipv4 address, and ipv4 user (resolved host) */
- b = hostcloak;
- else
- /* Valid ipv4 address (not resolved) ipv4 user */
- b = Cloak4(dest->host);
-#endif
- }
- else
- {
-#ifdef IPV6
- if (dest->GetProtocolFamily() == AF_INET6)
- b = Cloak6(dest->GetIPString());
-#endif
- if (dest->GetProtocolFamily() == AF_INET)
- b = Cloak4(dest->GetIPString());
- }
-
- dest->ChangeDisplayedHost(b.c_str());
- dest->Extend("cloaked_host", new std::string(b));
- }
-
- dest->SetMode('x',true);
- return MODEACTION_ALLOW;
}
}
else
@@ -361,8 +289,8 @@ class ModuleCloaking : public Module
ServerInstance->Modules->UseInterface("HashRequest");
- Implementation eventlist[] = { I_OnRehash, I_OnUserDisconnect, I_OnCleanup, I_OnCheckBan };
- ServerInstance->Modules->Attach(eventlist, this, 4);
+ Implementation eventlist[] = { I_OnRehash, I_OnUserDisconnect, I_OnCleanup, I_OnCheckBan, I_OnUserConnect };
+ ServerInstance->Modules->Attach(eventlist, this, 5);
}
virtual int OnCheckBan(User* user, Channel* chan)
@@ -420,6 +348,77 @@ class ModuleCloaking : public Module
cu->DoRehash();
}
+ virtual void OnUserConnect(User* dest)
+ {
+ char* n1 = strchr(dest->host,'.');
+ char* n2 = strchr(dest->host,':');
+
+ if (n1 || n2)
+ {
+ unsigned int iv[] = { cu->key1, cu->key2, cu->key3, cu->key4 };
+ std::string a = cu->LastTwoDomainParts(dest->host);
+ std::string b;
+
+ /* InspIRCd users have two hostnames; A displayed
+ * hostname which can be modified by modules (e.g.
+ * to create vhosts, implement chghost, etc) and a
+ * 'real' hostname which you shouldnt write to.
+ */
+
+ /* 2008/08/18: add <cloak:ipalways> which always cloaks
+ * the IP, for anonymity. --nenolod
+ */
+ if (!cu->ipalways)
+ {
+ /** Reset the Hash module, and send it our IV and hex table */
+ HashResetRequest(this, cu->HashProvider).Send();
+ HashKeyRequest(this, cu->HashProvider, iv).Send();
+ HashHexRequest(this, cu->HashProvider, cu->xtab[(*dest->host) % 4]);
+
+ /* Generate a cloak using specialized Hash */
+ std::string hostcloak = cu->prefix + "-" + std::string(HashSumRequest(this, cu->HashProvider, dest->host).Send()).substr(0,8) + a;
+
+ /* Fix by brain - if the cloaked host is > the max length of a host (64 bytes
+ * according to the DNS RFC) then tough titty, they get cloaked as an IP.
+ * Their ISP shouldnt go to town on subdomains, or they shouldnt have a kiddie
+ * vhost.
+ */
+#ifdef IPV6
+ in6_addr testaddr;
+ in_addr testaddr2;
+ if ((dest->GetProtocolFamily() == AF_INET6) && (inet_pton(AF_INET6,dest->host,&testaddr) < 1) && (hostcloak.length() <= 64))
+ /* Invalid ipv6 address, and ipv6 user (resolved host) */
+ b = hostcloak;
+ else if ((dest->GetProtocolFamily() == AF_INET) && (inet_aton(dest->host,&testaddr2) < 1) && (hostcloak.length() <= 64))
+ /* Invalid ipv4 address, and ipv4 user (resolved host) */
+ b = hostcloak;
+ else
+ /* Valid ipv6 or ipv4 address (not resolved) ipv4 or ipv6 user */
+ b = ((!strchr(dest->host,':')) ? cu->Cloak4(dest->host) : cu->Cloak6(dest->host));
+#else
+ in_addr testaddr;
+ if ((inet_aton(dest->host,&testaddr) < 1) && (hostcloak.length() <= 64))
+ /* Invalid ipv4 address, and ipv4 user (resolved host) */
+ b = hostcloak;
+ else
+ /* Valid ipv4 address (not resolved) ipv4 user */
+ b = cu->Cloak4(dest->host);
+#endif
+ }
+ else
+ {
+#ifdef IPV6
+ if (dest->GetProtocolFamily() == AF_INET6)
+ b = cu->Cloak6(dest->GetIPString());
+#endif
+ if (dest->GetProtocolFamily() == AF_INET)
+ b = cu->Cloak4(dest->GetIPString());
+ }
+
+ dest->Extend("cloaked_host", new std::string(b));
+ }
+ }
+
};
MODULE_INIT(ModuleCloaking)