1 files changed, 51 insertions, 17 deletions

diff --git a/src/modules/m_dnsbl.cpp b/src/modules/m_dnsbl.cpp
index 6fe54fa19..752a0d7a5 100644
--- a/src/modules/m_dnsbl.cpp
+++ b/src/modules/m_dnsbl.cpp
@@ -66,7 +66,17 @@ class DNSBLResolver : public DNS::Request
 		if (!them)
 			return;
 
-		const DNS::ResourceRecord &ans_record = r->answers[0];
+		const DNS::ResourceRecord* const ans_record = r->FindAnswerOfType(DNS::QUERY_A);
+		if (!ans_record)
+			return;
+
+		// All replies should be in 127.0.0.0/8
+		if (ans_record->rdata.compare(0, 4, "127.") != 0)
+		{
+			ServerInstance->SNO->WriteGlobalSno('a', "DNSBL: %s returned address outside of acceptable subnet 127.0.0.0/8: %s", ConfEntry->domain.c_str(), ans_record->rdata.c_str());
+			ConfEntry->stats_misses++;
+			return;
+		}
 
 		int i = countExt.get(them);
 		if (i)
@@ -78,7 +88,7 @@ class DNSBLResolver : public DNS::Request
 		bool match = false;
 		in_addr resultip;
 
-		inet_aton(ans_record.rdata.c_str(), &resultip);
+		inet_aton(ans_record->rdata.c_str(), &resultip);
 
 		switch (ConfEntry->type)
 		{
@@ -117,13 +127,13 @@ class DNSBLResolver : public DNS::Request
 				{
 					if (!ConfEntry->ident.empty())
 					{
-						them->WriteNumeric(304, ":Your ident has been set to " + ConfEntry->ident + " because you matched " + reason);
+						them->WriteNumeric(304, "Your ident has been set to " + ConfEntry->ident + " because you matched " + reason);
 						them->ChangeIdent(ConfEntry->ident);
 					}
 
 					if (!ConfEntry->host.empty())
 					{
-						them->WriteNumeric(304, ":Your host has been set to " + ConfEntry->host + " because you matched " + reason);
+						them->WriteNumeric(304, "Your host has been set to " + ConfEntry->host + " because you matched " + reason);
 						them->ChangeDisplayedHost(ConfEntry->host);
 					}
 
@@ -236,7 +246,12 @@ class ModuleDNSBL : public Module
 		return DNSBLConfEntry::I_UNKNOWN;
 	}
  public:
-	ModuleDNSBL() : DNS(this, "DNS"), nameExt("dnsbl_match", this), countExt("dnsbl_pending", this) { }
+	ModuleDNSBL()
+		: DNS(this, "DNS")
+		, nameExt("dnsbl_match", ExtensionItem::EXT_USER, this)
+		, countExt("dnsbl_pending", ExtensionItem::EXT_USER, this)
+	{
+	}
 
 	Version GetVersion() CXX11_OVERRIDE
 	{
@@ -319,7 +334,7 @@ class ModuleDNSBL : public Module
 
 	void OnSetUserIP(LocalUser* user) CXX11_OVERRIDE
 	{
-		if ((user->exempt) || (user->client_sa.sa.sa_family != AF_INET) || !DNS)
+		if ((user->exempt) || !DNS)
 			return;
 
 		if (user->MyClass)
@@ -330,13 +345,32 @@ class ModuleDNSBL : public Module
 		else
 			ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "User has no connect class in OnSetUserIP");
 
-		unsigned int a, b, c, d;
-		d = (unsigned int) (user->client_sa.in4.sin_addr.s_addr >> 24) & 0xFF;
-		c = (unsigned int) (user->client_sa.in4.sin_addr.s_addr >> 16) & 0xFF;
-		b = (unsigned int) (user->client_sa.in4.sin_addr.s_addr >> 8) & 0xFF;
-		a = (unsigned int) user->client_sa.in4.sin_addr.s_addr & 0xFF;
+		std::string reversedip;
+		if (user->client_sa.sa.sa_family == AF_INET)
+		{
+			unsigned int a, b, c, d;
+			d = (unsigned int) (user->client_sa.in4.sin_addr.s_addr >> 24) & 0xFF;
+			c = (unsigned int) (user->client_sa.in4.sin_addr.s_addr >> 16) & 0xFF;
+			b = (unsigned int) (user->client_sa.in4.sin_addr.s_addr >> 8) & 0xFF;
+			a = (unsigned int) user->client_sa.in4.sin_addr.s_addr & 0xFF;
+
+			reversedip = ConvToStr(d) + "." + ConvToStr(c) + "." + ConvToStr(b) + "." + ConvToStr(a);
+		}
+		else if (user->client_sa.sa.sa_family == AF_INET6)
+		{
+			const unsigned char* ip = user->client_sa.in6.sin6_addr.s6_addr;
+
+			std::string buf = BinToHex(ip, 16);
+			for (std::string::const_reverse_iterator it = buf.rbegin(); it != buf.rend(); ++it)
+			{
+				reversedip.push_back(*it);
+				reversedip.push_back('.');
+			}
+		}
+		else
+			return;
 
-		const std::string reversedip = ConvToStr(d) + "." + ConvToStr(c) + "." + ConvToStr(b) + "." + ConvToStr(a);
+		ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "Reversed IP %s -> %s", user->GetIPString().c_str(), reversedip.c_str());
 
 		countExt.set(user, DNSBLConfEntries.size());
 
@@ -382,9 +416,9 @@ class ModuleDNSBL : public Module
 		return MOD_RES_PASSTHRU;
 	}
 
-	ModResult OnStats(char symbol, User* user, string_list &results) CXX11_OVERRIDE
+	ModResult OnStats(Stats::Context& stats) CXX11_OVERRIDE
 	{
-		if (symbol != 'd')
+		if (stats.GetSymbol() != 'd')
 			return MOD_RES_PASSTHRU;
 
 		unsigned long total_hits = 0, total_misses = 0;
@@ -394,12 +428,12 @@ class ModuleDNSBL : public Module
 			total_hits += (*i)->stats_hits;
 			total_misses += (*i)->stats_misses;
 
-			results.push_back("304 " + user->nick + " :DNSBLSTATS DNSbl \"" + (*i)->name + "\" had " +
+			stats.AddRow(304, "DNSBLSTATS DNSbl \"" + (*i)->name + "\" had " +
 					ConvToStr((*i)->stats_hits) + " hits and " + ConvToStr((*i)->stats_misses) + " misses");
 		}
 
-		results.push_back("304 " + user->nick + " :DNSBLSTATS Total hits: " + ConvToStr(total_hits));
-		results.push_back("304 " + user->nick + " :DNSBLSTATS Total misses: " + ConvToStr(total_misses));
+		stats.AddRow(304, "DNSBLSTATS Total hits: " + ConvToStr(total_hits));
+		stats.AddRow(304, "DNSBLSTATS Total misses: " + ConvToStr(total_misses));
 
 		return MOD_RES_PASSTHRU;
 	}