summaryrefslogtreecommitdiff
path: root/src/modules/m_cloaking.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/modules/m_cloaking.cpp')
-rw-r--r--src/modules/m_cloaking.cpp72
1 files changed, 30 insertions, 42 deletions
diff --git a/src/modules/m_cloaking.cpp b/src/modules/m_cloaking.cpp
index b4cb90aa2..95b54b522 100644
--- a/src/modules/m_cloaking.cpp
+++ b/src/modules/m_cloaking.cpp
@@ -26,6 +26,7 @@
/* $ModDesc: Provides masking of user hostnames */
/* $ModDep: m_md5.h */
+/* Used to vary the output a little more depending on the cloak keys */
static const char* xtab[] = {"F92E45D871BCA630", "A1B9D80C72E653F4", "1ABC078934DEF562", "ABCDEF5678901234"};
/** Handles user mode +x
@@ -79,6 +80,7 @@ class CloakUser : public ModeHandler
* 'real' hostname which you shouldnt write to.
*/
+ unsigned int iv[] = { key1, key2, key3, key4 };
char* n = strstr(dest->host,".");
if (!n)
n = strstr(dest->host,":");
@@ -87,8 +89,15 @@ class CloakUser : public ModeHandler
std::string b;
insp_inaddr testaddr;
+
+ /** Reset the MD5 module, and send it our IV and hex table */
+ MD5ResetRequest(Sender, MD5Provider).Send();
+ MD5KeyRequest(Sender, MD5Provider, iv).Send();
+ MD5HexRequest(Sender, MD5Provider, xtab[0]);
+
+ /* Generate a cloak using specialized MD5 */
std::string hostcloak = prefix + "-" + MD5SumRequest(Sender, MD5Provider, dest->host).Send() + a;
-
+
/* Fix by brain - if the cloaked host is > the max length of a host (64 bytes
* according to the DNS RFC) then tough titty, they get cloaked as an IP.
* Their ISP shouldnt go to town on subdomains, or they shouldnt have a kiddie
@@ -104,7 +113,6 @@ class CloakUser : public ModeHandler
{
b = ((b.find(':') == std::string::npos) ? Cloak4(dest->host) : Cloak6(dest->host));
}
- ServerInstance->Log(DEBUG,"cloak: allocated "+b);
dest->ChangeDisplayedHost(b.c_str());
}
@@ -133,22 +141,24 @@ class CloakUser : public ModeHandler
unsigned int iv[] = { key1, key2, key3, key4 };
irc::sepstream seps(ip, '.');
std::string ra1, ra2, ra3, ra4;
- int i1, i2, i3, i4;
std::string octet1 = seps.GetToken();
std::string octet2 = seps.GetToken();
std::string octet3 = seps.GetToken();
std::string octet4 = seps.GetToken();
- i1 = atoi(octet1.c_str());
- i2 = atoi(octet2.c_str());
- i3 = atoi(octet3.c_str());
- i4 = atoi(octet4.c_str());
+ int i1 = atoi(octet1.c_str());
+ int i2 = atoi(octet2.c_str());
+ int i3 = atoi(octet3.c_str());
+ int i4 = atoi(octet4.c_str());
+
octet4 = octet1 + "." + octet2 + "." + octet3 + "." + octet4;
octet3 = octet1 + "." + octet2 + "." + octet3;
octet2 = octet1 + "." + octet2;
+ /* Reset the MD5 module and send it our IV */
MD5ResetRequest(Sender, MD5Provider).Send();
MD5KeyRequest(Sender, MD5Provider, iv).Send();
+ /* Send the MD5 module a different hex table for each octet group's MD5 sum */
MD5HexRequest(Sender, MD5Provider, xtab[(key1+i1) % 4]).Send();
ra1 = std::string(MD5SumRequest(Sender, MD5Provider, octet1).Send()).substr(0,6);
@@ -161,7 +171,7 @@ class CloakUser : public ModeHandler
MD5HexRequest(Sender, MD5Provider, xtab[(key4+i4) % 4]).Send();
ra4 = std::string(MD5SumRequest(Sender, MD5Provider, octet4).Send()).substr(0,6);
- /* This is safe as we know the length generated by our genhash is always 16 */
+ /* Stick them all together */
return std::string().append(ra1).append(".").append(ra2).append(".").append(ra3).append(".").append(ra4);
}
@@ -172,6 +182,7 @@ class CloakUser : public ModeHandler
std::string item = "";
int rounds = 0;
+ /* Reset the MD5 module and send it our IV */
MD5ResetRequest(Sender, MD5Provider).Send();
MD5KeyRequest(Sender, MD5Provider, iv).Send();
@@ -180,6 +191,7 @@ class CloakUser : public ModeHandler
item += *input;
if (item.length() > 5)
{
+ /* Send the MD5 module a different hex table for each octet group's MD5 sum */
MD5HexRequest(Sender, MD5Provider, xtab[(key1+rounds) % 4]).Send();
hashies.push_back(std::string(MD5SumRequest(Sender, MD5Provider, item).Send()).substr(0,10));
item = "";
@@ -188,53 +200,28 @@ class CloakUser : public ModeHandler
}
if (!item.empty())
{
+ /* Send the MD5 module a different hex table for each octet group's MD5 sum */
MD5HexRequest(Sender, MD5Provider, xtab[(key1+rounds) % 4]).Send();
hashies.push_back(std::string(MD5SumRequest(Sender, MD5Provider, item).Send()).substr(0,10));
item = "";
}
+ /* Stick them all together */
return irc::stringjoiner(":", hashies, 0, hashies.size() - 1).GetJoined();
}
-
- /* XXX: Uncomment and call to use the test suite
- void TestSuite()
- {
- printf("%s %s\n", "192.168.1.1", Cloak4("192.168.1.1").c_str());
- printf("%s %s\n", "192.168.1.2", Cloak4("192.168.1.2").c_str());
- printf("%s %s\n", "192.168.10.1", Cloak4("192.168.10.1").c_str());
- printf("%s %s\n", "192.168.10.1", Cloak4("192.168.10.2").c_str());
- printf("%s %s\n", "192.169.1.1", Cloak4("192.169.1.1").c_str());
- printf("%s %s\n", "192.169.2.1", Cloak4("192.169.2.1").c_str());
- printf("%s %s\n", "200.168.1.1", Cloak4("200.168.1.1").c_str());
- printf("%s %s\n", "200.168.1.3", Cloak4("200.168.1.3").c_str());
- printf("%s %s\n", "200.168.3.3", Cloak4("200.168.3.3").c_str());
- printf("%s %s\n", "200.169.4.3", Cloak4("200.169.4.3").c_str());
- printf("---\n");
- printf("%s %s\n", "9a05:2f00:3f11::5f12::1", Cloak6("9a05:2f00:3f11::5f12::1").c_str());
- printf("%s %s\n", "9a05:2f00:3f11::5f12::2", Cloak6("9a05:2f00:3f11::5f12::2").c_str());
- printf("%s %s\n", "9a05:2f00:3f11::5a12::1", Cloak6("9a05:2f00:3f11::5a12::1").c_str());
- printf("%s %s\n", "9a05:2f00:3f11::5a12::2", Cloak6("9a05:2f00:3f11::5a12::2").c_str());
- printf("%s %s\n", "9a05:3f01:3f11::5f12::1", Cloak6("9a05:3f01:3f11::5f12::1").c_str());
- printf("%s %s\n", "9a05:4f00:3f11::5f13::2", Cloak6("9a05:4f00:3f11::5f13::2").c_str());
- printf("%s %s\n", "ffff:2f00:3f11::5f12::1", Cloak6("ffff:2f00:3f11::5f12::1").c_str());
- printf("%s %s\n", "ffff:2f00:3f11::5f13::2", Cloak6("ffff:2f00:3f11::5f13::2").c_str());
- exit(0);
- }
- */
void DoRehash()
{
ConfigReader Conf(ServerInstance);
key1 = key2 = key3 = key4 = 0;
- key1 = Conf.ReadInteger("cloak","key1",0,false);
- key2 = Conf.ReadInteger("cloak","key2",0,false);
- key3 = Conf.ReadInteger("cloak","key3",0,false);
- key4 = Conf.ReadInteger("cloak","key4",0,false);
-
+ key1 = Conf.ReadInteger("cloak","key1",0,true);
+ key2 = Conf.ReadInteger("cloak","key2",0,true);
+ key3 = Conf.ReadInteger("cloak","key3",0,true);
+ key4 = Conf.ReadInteger("cloak","key4",0,true);
prefix = Conf.ReadValue("cloak","prefix",0);
- if (prefix == "")
- {
+
+ if (prefix.empty())
prefix = ServerInstance->Config->Network;
- }
+
if (!key1 && !key2 && !key3 && !key4)
{
ModuleException ex("You have not defined cloak keys for m_cloaking!!! THIS IS INSECURE AND SHOULD BE CHECKED!");
@@ -255,6 +242,7 @@ class ModuleCloaking : public Module
ModuleCloaking(InspIRCd* Me)
: Module::Module(Me)
{
+ /* Attempt to locate the MD5 service provider, bail if we can't find it */
MD5Module = ServerInstance->FindModule("m_md5.so");
if (!MD5Module)
throw ModuleException("Can't find m_md5.so. Please load m_md5.so before m_cloaking.so.");