Committer : entrope
CVSROOT : /cvsroot/undernet-ircu
Module : ircu2.10
Branch tags: u2_10_12_branch
Commit time: 2006-05-25 03:14:23 UTC
Modified files:
Tag: u2_10_12_branch
ChangeLog ircd/s_auth.c
Log message:
Fix assertion failures and other misbehaviors in new auth code.
---------------------- diff included ----------------------
Index: ircu2.10/ChangeLog
diff -u ircu2.10/ChangeLog:1.710.2.104 ircu2.10/ChangeLog:1.710.2.105
--- ircu2.10/ChangeLog:1.710.2.104 Wed May 17 20:50:07 2006
+++ ircu2.10/ChangeLog Wed May 24 20:14:12 2006
@@ -1,3 +1,11 @@
+2006-05-24 Michael Poole <[EMAIL PROTECTED]>
+
+ * ircd/s_auth.c (auth_dns_callback): Be more careful about
+ handling failed DNS lookups. Use a more standard function to
+ disconnect clients for IP mismatches.
+ (start_auth): Use a more standard function to disconnect clients
+ for peer or local socket address lookup failures.
+
2006-05-17 Michael Poole <[EMAIL PROTECTED]>
* ircd/s_auth.c (auth_ping_timeout): Fix off-by-one error.
Index: ircu2.10/ircd/s_auth.c
diff -u ircu2.10/ircd/s_auth.c:1.37.2.14 ircu2.10/ircd/s_auth.c:1.37.2.15
--- ircu2.10/ircd/s_auth.c:1.37.2.14 Wed May 17 20:50:07 2006
+++ ircu2.10/ircd/s_auth.c Wed May 24 20:14:13 2006
@@ -31,7 +31,7 @@
*/
/** @file
* @brief Implementation of DNS and ident lookups.
- * @version $Id: s_auth.c,v 1.37.2.14 2006/05/18 03:50:07 entrope Exp $
+ * @version $Id: s_auth.c,v 1.37.2.15 2006/05/25 03:14:13 entrope Exp $
*/
#include "config.h"
@@ -820,21 +820,18 @@
if (IsUserPort(auth->client))
sendheader(auth->client, REPORT_FAIL_DNS);
sendto_iauth(auth->client, "d");
- } else if (irc_in_addr_cmp(addr, &cli_ip(auth->client))
- && irc_in_addr_cmp(addr, &auth->original)) {
+ } else if (!irc_in_addr_valid(addr)
+ || (irc_in_addr_cmp(&cli_ip(auth->client), addr)
+ && irc_in_addr_cmp(&auth->original, addr))) {
/* IP for hostname did not match client's IP. */
sendto_opmask_butone(0, SNO_IPMISMATCH, "IP# Mismatch: %s != %s[%s]",
cli_sock_ip(auth->client), h_name,
ircd_ntoa(addr));
if (IsUserPort(auth->client))
sendheader(auth->client, REPORT_IP_MISMATCH);
- /* Clear DNS pending flag so free_client doesn't ask the resolver
- * to delete the query that just finished.
- */
if (feature_bool(FEAT_KILL_IPMISMATCH)) {
- IPcheck_disconnect(auth->client);
- Count_unknowndisconnects(UserStats);
- free_client(auth->client);
+ exit_client(auth->client, auth->client, &me, "IP mismatch");
+ return;
}
} else if (!auth_verify_hostname(h_name, HOSTLEN)) {
/* Hostname did not look valid. */
@@ -973,9 +970,7 @@
++ServerStats->is_abad;
if (IsUserPort(auth->client))
sendheader(auth->client, REPORT_FAIL_ID);
- IPcheck_disconnect(auth->client);
- Count_unknowndisconnects(UserStats);
- free_client(auth->client);
+ exit_client(auth->client, auth->client, &me, "Socket local/peer lookup
failed");
return;
}
auth->port = remote.port;
----------------------- End of diff -----------------------
_______________________________________________
Patches mailing list
[email protected]
http://undernet.sbg.org/mailman/listinfo/patches
