[Patches] [CVS] Module ircu2.10: Change committed

Entrope Wed, 22 Feb 2006 13:37:54 -0800

Committer  : entrope
CVSROOT    : /cvsroot/undernet-ircu
Module     : ircu2.10
Branch tags: u2_10_12_branch
Commit time: 2006-02-22 21:35:49 UTC


Modified files:
  Tag: u2_10_12_branch
     ircd/m_silence.c ChangeLog

Log message:

Reject broad silences to make it harder to deduce someone's IP.

---------------------- diff included ----------------------
Index: ircu2.10/ChangeLog
diff -u ircu2.10/ChangeLog:1.710.2.75 ircu2.10/ChangeLog:1.710.2.76
--- ircu2.10/ChangeLog:1.710.2.75       Wed Feb 22 07:34:45 2006
+++ ircu2.10/ChangeLog  Wed Feb 22 13:35:39 2006
@@ -1,5 +1,11 @@
 2006-02-22  Michael Poole <[EMAIL PROTECTED]>
 
+       * ircd/m_silence.c (apply_silence): Refuse to apply silences for
+       local users that are broader than an IPv4 /16 or an IPv6 /32,
+       unless they match every host indiscriminately.
+
+2006-02-22  Michael Poole <[EMAIL PROTECTED]>
+
        * ircd/s_auth.c (check_auth_finished): Give non-iauth clients
        connection classes, too.
        (auth_close_unused): Remove redundant check for iauth != NULL.
Index: ircu2.10/ircd/m_silence.c
diff -u ircu2.10/ircd/m_silence.c:1.11 ircu2.10/ircd/m_silence.c:1.11.2.1
--- ircu2.10/ircd/m_silence.c:1.11      Fri Apr 22 16:36:31 2005
+++ ircu2.10/ircd/m_silence.c   Wed Feb 22 13:35:39 2006
@@ -22,7 +22,7 @@
  */
 /** @file
  * @brief Handlers for SILENCE command.
- * @version $Id: m_silence.c,v 1.11 2005/04/22 23:36:31 entrope Exp $
+ * @version $Id: m_silence.c,v 1.11.2.1 2006/02/22 21:35:39 entrope Exp $
  */
 
 #include "config.h"
@@ -64,6 +64,7 @@
 {
   struct Ban *sile;
   int flags;
+  char orig_mask[NICKLEN+USERLEN+HOSTLEN+3];
 
   assert(mask && mask[0]);
 
@@ -83,9 +84,22 @@
     mask++;
   }
 
-  /* Make the silence, set flags, and apply it. */
+  /* Make the silence and set additional flags. */
+  ircd_strncpy(orig_mask, mask, sizeof(orig_mask) - 1);
   sile = make_ban(pretty_mask(mask));
   sile->flags |= flags;
+
+  /* If they're a local user trying to ban too broad a mask, forbid it. */
+  if (MyUser(sptr)
+      && (sile->flags & BAN_IPMASK)
+      && sile->addrbits > 0
+      && sile->addrbits < (irc_in_addr_is_ipv4(&sile->address) ? 112 : 32)) {
+    send_reply(sptr, ERR_MASKTOOWIDE, orig_mask);
+    free_ban(sile);
+    return NULL;
+  }
+
+  /* Apply it to the silence list. */
   return apply_ban(&cli_user(sptr)->silence, sile, 1) ? NULL : sile;
 }
 
----------------------- End of diff -----------------------
_______________________________________________
Patches mailing list
[email protected]
http://undernet.sbg.org/mailman/listinfo/patches

[Patches] [CVS] Module ircu2.10: Change committed

Reply via email to