Merge pull request #315 from edk0/check-kline

Make K-line checking more consistent
This commit is contained in:
Aaron Jones 2020-04-19 11:57:08 +00:00 committed by GitHub
commit 60445f51d0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 41 additions and 35 deletions

View file

@ -580,9 +580,17 @@ check_one_kline(struct ConfItem *kline)
struct Client *client_p; struct Client *client_p;
rb_dlink_node *ptr; rb_dlink_node *ptr;
rb_dlink_node *next_ptr; rb_dlink_node *next_ptr;
int masktype;
int bits;
struct rb_sockaddr_storage sockaddr;
struct sockaddr_in ip4;
masktype = parse_netmask(kline->host, (struct sockaddr_storage *)&sockaddr, &bits);
RB_DLINK_FOREACH_SAFE(ptr, next_ptr, lclient_list.head) RB_DLINK_FOREACH_SAFE(ptr, next_ptr, lclient_list.head)
{ {
int matched = 0;
client_p = ptr->data; client_p = ptr->data;
if(IsMe(client_p) || !IsPerson(client_p)) if(IsMe(client_p) || !IsPerson(client_p))
@ -592,29 +600,30 @@ check_one_kline(struct ConfItem *kline)
continue; continue;
/* match one kline */ /* match one kline */
{ switch (masktype) {
int matched = 0; case HM_IPV4:
int masktype; if (client_p->localClient->ip.ss_family == AF_INET6 &&
int bits; rb_ipv4_from_ipv6((struct sockaddr_in6 *)&client_p->localClient->ip, &ip4)
struct rb_sockaddr_storage sockaddr; && comp_with_mask_sock((struct sockaddr *)&ip4, (struct sockaddr *)&sockaddr, bits))
matched = 1;
masktype = parse_netmask(kline->host, (struct sockaddr_storage *)&sockaddr, &bits); /* fallthrough */
case HM_IPV6:
switch (masktype) { if (client_p->localClient->ip.ss_family == sockaddr.ss_family &&
case HM_IPV4: comp_with_mask_sock((struct sockaddr *)&client_p->localClient->ip,
case HM_IPV6:
if(comp_with_mask_sock((struct sockaddr *)&client_p->localClient->ip,
(struct sockaddr *)&sockaddr, bits)) (struct sockaddr *)&sockaddr, bits))
matched = 1; matched = 1;
case HM_HOST: break;
if (match(kline->host, client_p->orighost)) case HM_HOST:
matched = 1; if (match(kline->host, client_p->orighost))
} matched = 1;
if (match(kline->host, client_p->sockhost))
if (!matched) matched = 1;
continue; break;
} }
if (!matched)
continue;
if(IsExemptKline(client_p)) if(IsExemptKline(client_p))
{ {
sendto_realops_snomask(SNO_GENERAL, L_NETWIDE, sendto_realops_snomask(SNO_GENERAL, L_NETWIDE,

View file

@ -216,6 +216,8 @@ find_conf_by_address(const char *name, const char *sockhost,
unsigned long hprecv = 0; unsigned long hprecv = 0;
struct ConfItem *hprec = NULL; struct ConfItem *hprec = NULL;
struct AddressRec *arec; struct AddressRec *arec;
struct sockaddr_in ip4;
struct sockaddr *pip4 = NULL;
int b; int b;
if(username == NULL) if(username == NULL)
@ -223,9 +225,13 @@ find_conf_by_address(const char *name, const char *sockhost,
if(addr) if(addr)
{ {
/* Check for IPV6 matches... */ if (fam == AF_INET)
if(fam == AF_INET6) pip4 = addr;
if (fam == AF_INET6)
{ {
if (type == CONF_KILL && rb_ipv4_from_ipv6((struct sockaddr_in6 *)addr, &ip4))
pip4 = (struct sockaddr *)&ip4;
for (b = 128; b >= 0; b -= 16) for (b = 128; b >= 0; b -= 16)
{ {
@ -244,15 +250,15 @@ find_conf_by_address(const char *name, const char *sockhost,
} }
} }
} }
else
if(fam == AF_INET) if (pip4 != NULL)
{ {
for (b = 32; b >= 0; b -= 8) for (b = 32; b >= 0; b -= 8)
{ {
for (arec = atable[hash_ipv4(addr, b)]; arec; arec = arec->next) for (arec = atable[hash_ipv4(pip4, b)]; arec; arec = arec->next)
if(arec->type == (type & ~0x1) && if(arec->type == (type & ~0x1) &&
arec->masktype == HM_IPV4 && arec->masktype == HM_IPV4 &&
comp_with_mask_sock(addr, (struct sockaddr *)&arec->Mask.ipa.addr, comp_with_mask_sock(pip4, (struct sockaddr *)&arec->Mask.ipa.addr,
arec->Mask.ipa.bits) && arec->Mask.ipa.bits) &&
(type & 0x1 || match(arec->username, username)) && (type & 0x1 || match(arec->username, username)) &&
(type != CONF_CLIENT || !arec->auth_user || (type != CONF_CLIENT || !arec->auth_user ||
@ -364,7 +370,6 @@ find_address_conf(const char *host, const char *sockhost, const char *user,
{ {
struct ConfItem *iconf, *kconf; struct ConfItem *iconf, *kconf;
const char *vuser; const char *vuser;
struct sockaddr_in ip4;
/* Find the best I-line... If none, return NULL -A1kmm */ /* Find the best I-line... If none, return NULL -A1kmm */
if(!(iconf = find_conf_by_address(host, sockhost, NULL, ip, CONF_CLIENT, aftype, user, auth_user))) if(!(iconf = find_conf_by_address(host, sockhost, NULL, ip, CONF_CLIENT, aftype, user, auth_user)))
@ -415,14 +420,6 @@ find_address_conf(const char *host, const char *sockhost, const char *user,
return kconf; return kconf;
} }
if(ip != NULL && ip->sa_family == AF_INET6 &&
rb_ipv4_from_ipv6((const struct sockaddr_in6 *)(const void *)ip, &ip4))
{
kconf = find_conf_by_address(NULL, NULL, NULL, (struct sockaddr *)&ip4, CONF_KILL, AF_INET, vuser, NULL);
if(kconf)
return kconf;
}
return iconf; return iconf;
} }