Merge pull request #315 from edk0/check-kline
Make K-line checking more consistent
This commit is contained in:
commit
60445f51d0
2 changed files with 41 additions and 35 deletions
|
@ -580,9 +580,17 @@ check_one_kline(struct ConfItem *kline)
|
||||||
struct Client *client_p;
|
struct Client *client_p;
|
||||||
rb_dlink_node *ptr;
|
rb_dlink_node *ptr;
|
||||||
rb_dlink_node *next_ptr;
|
rb_dlink_node *next_ptr;
|
||||||
|
int masktype;
|
||||||
|
int bits;
|
||||||
|
struct rb_sockaddr_storage sockaddr;
|
||||||
|
struct sockaddr_in ip4;
|
||||||
|
|
||||||
|
masktype = parse_netmask(kline->host, (struct sockaddr_storage *)&sockaddr, &bits);
|
||||||
|
|
||||||
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, lclient_list.head)
|
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, lclient_list.head)
|
||||||
{
|
{
|
||||||
|
int matched = 0;
|
||||||
|
|
||||||
client_p = ptr->data;
|
client_p = ptr->data;
|
||||||
|
|
||||||
if(IsMe(client_p) || !IsPerson(client_p))
|
if(IsMe(client_p) || !IsPerson(client_p))
|
||||||
|
@ -592,29 +600,30 @@ check_one_kline(struct ConfItem *kline)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
/* match one kline */
|
/* match one kline */
|
||||||
{
|
switch (masktype) {
|
||||||
int matched = 0;
|
case HM_IPV4:
|
||||||
int masktype;
|
if (client_p->localClient->ip.ss_family == AF_INET6 &&
|
||||||
int bits;
|
rb_ipv4_from_ipv6((struct sockaddr_in6 *)&client_p->localClient->ip, &ip4)
|
||||||
struct rb_sockaddr_storage sockaddr;
|
&& comp_with_mask_sock((struct sockaddr *)&ip4, (struct sockaddr *)&sockaddr, bits))
|
||||||
|
matched = 1;
|
||||||
masktype = parse_netmask(kline->host, (struct sockaddr_storage *)&sockaddr, &bits);
|
/* fallthrough */
|
||||||
|
case HM_IPV6:
|
||||||
switch (masktype) {
|
if (client_p->localClient->ip.ss_family == sockaddr.ss_family &&
|
||||||
case HM_IPV4:
|
comp_with_mask_sock((struct sockaddr *)&client_p->localClient->ip,
|
||||||
case HM_IPV6:
|
|
||||||
if(comp_with_mask_sock((struct sockaddr *)&client_p->localClient->ip,
|
|
||||||
(struct sockaddr *)&sockaddr, bits))
|
(struct sockaddr *)&sockaddr, bits))
|
||||||
matched = 1;
|
matched = 1;
|
||||||
case HM_HOST:
|
break;
|
||||||
if (match(kline->host, client_p->orighost))
|
case HM_HOST:
|
||||||
matched = 1;
|
if (match(kline->host, client_p->orighost))
|
||||||
}
|
matched = 1;
|
||||||
|
if (match(kline->host, client_p->sockhost))
|
||||||
if (!matched)
|
matched = 1;
|
||||||
continue;
|
break;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!matched)
|
||||||
|
continue;
|
||||||
|
|
||||||
if(IsExemptKline(client_p))
|
if(IsExemptKline(client_p))
|
||||||
{
|
{
|
||||||
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
|
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,
|
||||||
|
|
|
@ -216,6 +216,8 @@ find_conf_by_address(const char *name, const char *sockhost,
|
||||||
unsigned long hprecv = 0;
|
unsigned long hprecv = 0;
|
||||||
struct ConfItem *hprec = NULL;
|
struct ConfItem *hprec = NULL;
|
||||||
struct AddressRec *arec;
|
struct AddressRec *arec;
|
||||||
|
struct sockaddr_in ip4;
|
||||||
|
struct sockaddr *pip4 = NULL;
|
||||||
int b;
|
int b;
|
||||||
|
|
||||||
if(username == NULL)
|
if(username == NULL)
|
||||||
|
@ -223,9 +225,13 @@ find_conf_by_address(const char *name, const char *sockhost,
|
||||||
|
|
||||||
if(addr)
|
if(addr)
|
||||||
{
|
{
|
||||||
/* Check for IPV6 matches... */
|
if (fam == AF_INET)
|
||||||
if(fam == AF_INET6)
|
pip4 = addr;
|
||||||
|
|
||||||
|
if (fam == AF_INET6)
|
||||||
{
|
{
|
||||||
|
if (type == CONF_KILL && rb_ipv4_from_ipv6((struct sockaddr_in6 *)addr, &ip4))
|
||||||
|
pip4 = (struct sockaddr *)&ip4;
|
||||||
|
|
||||||
for (b = 128; b >= 0; b -= 16)
|
for (b = 128; b >= 0; b -= 16)
|
||||||
{
|
{
|
||||||
|
@ -244,15 +250,15 @@ find_conf_by_address(const char *name, const char *sockhost,
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
else
|
|
||||||
if(fam == AF_INET)
|
if (pip4 != NULL)
|
||||||
{
|
{
|
||||||
for (b = 32; b >= 0; b -= 8)
|
for (b = 32; b >= 0; b -= 8)
|
||||||
{
|
{
|
||||||
for (arec = atable[hash_ipv4(addr, b)]; arec; arec = arec->next)
|
for (arec = atable[hash_ipv4(pip4, b)]; arec; arec = arec->next)
|
||||||
if(arec->type == (type & ~0x1) &&
|
if(arec->type == (type & ~0x1) &&
|
||||||
arec->masktype == HM_IPV4 &&
|
arec->masktype == HM_IPV4 &&
|
||||||
comp_with_mask_sock(addr, (struct sockaddr *)&arec->Mask.ipa.addr,
|
comp_with_mask_sock(pip4, (struct sockaddr *)&arec->Mask.ipa.addr,
|
||||||
arec->Mask.ipa.bits) &&
|
arec->Mask.ipa.bits) &&
|
||||||
(type & 0x1 || match(arec->username, username)) &&
|
(type & 0x1 || match(arec->username, username)) &&
|
||||||
(type != CONF_CLIENT || !arec->auth_user ||
|
(type != CONF_CLIENT || !arec->auth_user ||
|
||||||
|
@ -364,7 +370,6 @@ find_address_conf(const char *host, const char *sockhost, const char *user,
|
||||||
{
|
{
|
||||||
struct ConfItem *iconf, *kconf;
|
struct ConfItem *iconf, *kconf;
|
||||||
const char *vuser;
|
const char *vuser;
|
||||||
struct sockaddr_in ip4;
|
|
||||||
|
|
||||||
/* Find the best I-line... If none, return NULL -A1kmm */
|
/* Find the best I-line... If none, return NULL -A1kmm */
|
||||||
if(!(iconf = find_conf_by_address(host, sockhost, NULL, ip, CONF_CLIENT, aftype, user, auth_user)))
|
if(!(iconf = find_conf_by_address(host, sockhost, NULL, ip, CONF_CLIENT, aftype, user, auth_user)))
|
||||||
|
@ -415,14 +420,6 @@ find_address_conf(const char *host, const char *sockhost, const char *user,
|
||||||
return kconf;
|
return kconf;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(ip != NULL && ip->sa_family == AF_INET6 &&
|
|
||||||
rb_ipv4_from_ipv6((const struct sockaddr_in6 *)(const void *)ip, &ip4))
|
|
||||||
{
|
|
||||||
kconf = find_conf_by_address(NULL, NULL, NULL, (struct sockaddr *)&ip4, CONF_KILL, AF_INET, vuser, NULL);
|
|
||||||
if(kconf)
|
|
||||||
return kconf;
|
|
||||||
}
|
|
||||||
|
|
||||||
return iconf;
|
return iconf;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue