vulpineawoo/solanum
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge pull request #355 from edk0/kline-cidr

Browse source 
Improve [kd]line handling of invalid IP-like masks
This commit is contained in:
Aaron Jones 2020-08-06 09:17:00 +00:00 committed by GitHub
commit 59cfd72e68
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 296 additions and 34 deletions
Download patch file Download diff file Expand all files Collapse all files

24
modules/m_dline.c
View file

@ -99,7 +99,14 @@ mo_dline(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source
/* would break the protocol */
if (*dlhost == ':')
{
sendto_one_notice(source_p, ":Invalid D-Line");
sendto_one_notice(source_p, ":Invalid D-Line [%s] - IP cannot start with :", dlhost);
return;
}
int ty = parse_netmask_strict(dlhost, NULL, NULL);
if (ty != HM_IPV4 && ty != HM_IPV6)
{
sendto_one_notice(source_p, ":Invalid D-Line [%s] - doesn't look like IP[/cidr]", dlhost);
return;
}
@ -216,8 +223,8 @@ apply_dline(struct Client *source_p, const char *dlhost, int tdline_time, char *
int t = AF_INET, ty, b;
const char *creason;
ty = parse_netmask(dlhost, &daddr, &b);
if(ty == HM_HOST)
ty = parse_netmask_strict(dlhost, &daddr, &b);
if(ty != HM_IPV4 && ty != HM_IPV6)
{
sendto_one(source_p, ":%s NOTICE %s :Invalid D-Line", me.name, source_p->name);
return;
@ -252,8 +259,9 @@ apply_dline(struct Client *source_p, const char *dlhost, int tdline_time, char *
if((aconf = find_dline((struct sockaddr *) &daddr, t)) != NULL)
{
int bx;
parse_netmask(aconf->host, NULL, &bx);
if(b >= bx)
int masktype = parse_netmask_strict(aconf->host, NULL, &bx);
if (masktype != HM_ERROR && b >= bx)
{
creason = aconf->passwd ? aconf->passwd : "<No Reason>";
if(IsConfExemptKline(aconf))
@ -354,9 +362,11 @@ apply_undline(struct Client *source_p, const char *cidr)
char buf[BUFSIZE];
struct ConfItem *aconf;
if(parse_netmask(cidr, NULL, NULL) == HM_HOST)
int masktype = parse_netmask(cidr, NULL, NULL);
if(masktype != HM_IPV4 && masktype != HM_IPV6)
{
sendto_one_notice(source_p, ":Invalid D-Line");
sendto_one_notice(source_p, ":Invalid D-Line [%s] - doesn't look like IP[/cidr]", cidr);
return;
}

23
modules/m_kline.c
View file

@ -153,6 +153,14 @@ mo_kline(struct MsgBuf *msgbuf_p, struct Client *client_p, struct Client *source
reason = LOCAL_COPY(parv[loc]);
if(parse_netmask_strict(host, NULL, NULL) == HM_ERROR)
{
sendto_one_notice(source_p,
":[%s@%s] looks like an ill-formed IP K-line, refusing to set it",
user, host);
return;
}
if(target_server != NULL)
{
propagate_generic(source_p, "KLINE", target_server, CAP_KLN,
@ -700,15 +708,12 @@ already_placed_kline(struct Client *source_p, const char *luser, const char *lho
if(aconf == NULL && ConfigFileEntry.non_redundant_klines)
{
bits = 0;
if((t = parse_netmask(lhost, &iphost, &bits)) != HM_HOST)
{
if(t == HM_IPV6)
t = AF_INET6;
else
t = AF_INET;
piphost = &iphost;
}
t = parse_netmask_strict(lhost, &iphost, &bits);
piphost = &iphost;
if (t == HM_IPV4)
t = AF_INET;
else if (t == HM_IPV6)
t = AF_INET6;
else
piphost = NULL;