More helpful ERROR server notices.

- Do not use hide_error_messages for certain "safe" ERRORs.
- If hide_error_messages hides an ERROR from a handshake,
  send a server notice anyway, but without the message
  text.
- Send server notices about ERRORs from handshakes network
  wide if it was a remote connect.
This commit is contained in:
Jilles Tjoelker 2007-12-28 01:31:56 +01:00
parent 06b697a268
commit 922aa82644
2 changed files with 52 additions and 25 deletions

View file

@ -765,11 +765,13 @@ alias "MS" {
*/
general {
/* hide error messages: defines whether error messages from
* servers are hidden or not. These can sometimes contain IPs and
* can have an adverse effect on server ip hiding. Set to:
* servers that are not deemed fully safe are hidden or not.
* These can sometimes contain IPs and can have an adverse
* effect on server ip hiding. Set to:
* yes: hide from opers and admin
* opers: hide from opers only
* no: do not hide error messages
* Admins on other servers count as opers.
*/
hide_error_messages = opers;

View file

@ -50,6 +50,36 @@ mapi_clist_av1 error_clist[] = {
DECLARE_MODULE_AV1(error, NULL, NULL, error_clist, NULL, NULL, "$Revision: 494 $");
/* Determine whether an ERROR message is safe to show (no IP address in it) */
static int
is_safe_error(const char *message)
{
char prefix2[100];
const char *p;
if (!strncmp(message, "Closing Link: 127.0.0.1 (", 25))
return 1;
snprintf(prefix2, sizeof prefix2,
"Closing Link: 127.0.0.1 %s (", me.name);
if (!strncmp(message, prefix2, strlen(prefix2)))
return 1;
if (!strncmp(message, "Restart by ", 11))
return 1;
if (!strncmp(message, "Terminated by ", 14))
return 1;
if (!ircncmp(message, "Closing Link", 12))
return 0;
if (strchr(message, '['))
return 0;
p = strchr(message, '.');
if (p != NULL && p[1] != '\0')
return 0;
if (strchr(message, ':'))
return 0;
return 1;
}
/*
* Note: At least at protocol level ERROR has only one parameter,
@ -63,22 +93,25 @@ int
m_error(struct Client *client_p, struct Client *source_p, int parc, const char *parv[])
{
const char *para;
int hideit = ConfigFileEntry.hide_error_messages;
para = (parc > 1 && *parv[1] != '\0') ? parv[1] : "<>";
ilog(L_SERVER, "Received ERROR message from %s: %s",
log_client_name(source_p, SHOW_IP), para);
if(IsAnyServer(client_p) && ConfigFileEntry.hide_error_messages < 2)
if(is_safe_error(para))
hideit = 0;
if(IsAnyServer(client_p))
{
sendto_realops_snomask(SNO_GENERAL, L_ADMIN,
"ERROR :from %s -- %s",
get_server_name(client_p, HIDE_IP), para);
if(!ConfigFileEntry.hide_error_messages)
sendto_realops_snomask(SNO_GENERAL, L_OPER,
"ERROR :from %s -- %s",
get_server_name(client_p, HIDE_IP), para);
if (hideit < 2)
sendto_realops_snomask(SNO_GENERAL, hideit ? L_ADMIN : (is_remote_connect(client_p) ? L_NETWIDE : L_ALL),
"ERROR :from %s -- %s",
get_server_name(client_p, HIDE_IP), para);
if (hideit > 0)
sendto_realops_snomask(SNO_GENERAL, (hideit == 1 ? L_OPER : L_ALL) | (is_remote_connect(client_p) ? L_NETWIDE : L_ALL),
"ERROR :from %s -- <hidden>",
get_server_name(client_p, HIDE_IP));
}
exit_client(client_p, source_p, source_p, "ERROR");
@ -90,35 +123,27 @@ static int
ms_error(struct Client *client_p, struct Client *source_p, int parc, const char *parv[])
{
const char *para;
int hideit = ConfigFileEntry.hide_error_messages;
para = (parc > 1 && *parv[1] != '\0') ? parv[1] : "<>";
ilog(L_SERVER, "Received ERROR message from %s: %s",
log_client_name(source_p, SHOW_IP), para);
if(ConfigFileEntry.hide_error_messages == 2)
if(is_safe_error(para))
hideit = 0;
if(hideit == 2)
return 0;
if(client_p == source_p)
{
sendto_realops_snomask(SNO_GENERAL, L_ADMIN, "ERROR :from %s -- %s",
sendto_realops_snomask(SNO_GENERAL, hideit ? L_ADMIN : L_ALL, "ERROR :from %s -- %s",
get_server_name(client_p, HIDE_IP), para);
if(!ConfigFileEntry.hide_error_messages)
sendto_realops_snomask(SNO_GENERAL, L_OPER,
"ERROR :from %s -- %s",
get_server_name(client_p, HIDE_IP), para);
}
else
{
sendto_realops_snomask(SNO_GENERAL, L_ADMIN, "ERROR :from %s via %s -- %s",
sendto_realops_snomask(SNO_GENERAL, hideit ? L_ADMIN : L_ALL, "ERROR :from %s via %s -- %s",
source_p->name, get_server_name(client_p, HIDE_IP), para);
if(!ConfigFileEntry.hide_error_messages)
sendto_realops_snomask(SNO_GENERAL, L_OPER,
"ERROR :from %s via %s -- %s",
source_p->name,
get_server_name(client_p, HIDE_IP), para);
}
return 0;