From dfeba6556304bc6ee712b484a9730cf998d4a4d7 Mon Sep 17 00:00:00 2001 From: Ed Kellett Date: Sat, 24 Apr 2021 12:15:20 +0100 Subject: [PATCH] Add channel::ip_bans_through_vhost --- doc/reference.conf | 3 +++ include/s_conf.h | 1 + ircd/match.c | 6 ++++-- ircd/newconf.c | 1 + ircd/s_conf.c | 1 + modules/m_info.c | 5 +++++ 6 files changed, 15 insertions(+), 2 deletions(-) diff --git a/doc/reference.conf b/doc/reference.conf index 4bfd49f5..702e4325 100644 --- a/doc/reference.conf +++ b/doc/reference.conf @@ -794,6 +794,9 @@ channel { * as PRIVMSG @#channel when sent to clients. */ opmod_send_statusmsg = no; + + /* ip_bans_through_vhost: should channel IP bans see through dynamic spoofed hosts? */ + ip_bans_through_vhost = yes; }; diff --git a/include/s_conf.h b/include/s_conf.h index 8f7a1855..ae1ef15e 100644 --- a/include/s_conf.h +++ b/include/s_conf.h @@ -285,6 +285,7 @@ struct config_channel_entry int displayed_usercount; int strip_topic_colors; int opmod_send_statusmsg; + int ip_bans_through_vhost; }; struct config_server_hide diff --git a/ircd/match.c b/ircd/match.c index 38641866..429387ca 100644 --- a/ircd/match.c +++ b/ircd/match.c @@ -22,6 +22,7 @@ #include "client.h" #include "ircd.h" #include "match.h" +#include "s_conf.h" #include "s_assert.h" /* @@ -622,6 +623,7 @@ int ircncmp(const char *s1, const char *s2, int n) void matchset_for_client(struct Client *who, struct matchset *m) { + bool hide_ip = IsIPSpoof(who) || (!ConfigChannel.ip_bans_through_vhost && IsDynSpoof(who)); unsigned hostn = 0; unsigned ipn = 0; @@ -629,7 +631,7 @@ void matchset_for_client(struct Client *who, struct matchset *m) sprintf(m->host[hostn++], "%s!%s@%s", who->name, who->username, who->host); - if (!IsIPSpoof(who)) + if (!hide_ip) { sprintf(m->ip[ipn++], "%s!%s@%s", who->name, who->username, who->sockhost); } @@ -648,7 +650,7 @@ void matchset_for_client(struct Client *who, struct matchset *m) sprintf(m->host[hostn++], "%s!%s@%s", who->name, who->username, who->localClient->mangledhost); } } - if (!IsIPSpoof(who) && GET_SS_FAMILY(&who->localClient->ip) == AF_INET6 && + if (!hide_ip && GET_SS_FAMILY(&who->localClient->ip) == AF_INET6 && rb_ipv4_from_ipv6((const struct sockaddr_in6 *)&who->localClient->ip, &ip4)) { int n = sprintf(m->ip[ipn++], "%s!%s@", who->name, who->username); diff --git a/ircd/newconf.c b/ircd/newconf.c index b9a329c9..22cc983b 100644 --- a/ircd/newconf.c +++ b/ircd/newconf.c @@ -2744,6 +2744,7 @@ static struct ConfEntry conf_channel_table[] = { "displayed_usercount", CF_INT, NULL, 0, &ConfigChannel.displayed_usercount }, { "strip_topic_colors", CF_YESNO, NULL, 0, &ConfigChannel.strip_topic_colors }, { "opmod_send_statusmsg", CF_YESNO, NULL, 0, &ConfigChannel.opmod_send_statusmsg }, + { "ip_bans_through_vhost", CF_YESNO, NULL, 0, &ConfigChannel.ip_bans_through_vhost }, { "\0", 0, NULL, 0, NULL } }; diff --git a/ircd/s_conf.c b/ircd/s_conf.c index c84047e4..a35d64a8 100644 --- a/ircd/s_conf.c +++ b/ircd/s_conf.c @@ -808,6 +808,7 @@ set_default_conf(void) ConfigChannel.disable_local_channels = false; ConfigChannel.displayed_usercount = 3; ConfigChannel.opmod_send_statusmsg = false; + ConfigChannel.ip_bans_through_vhost= true; ConfigChannel.autochanmodes = MODE_TOPICLIMIT | MODE_NOPRIVMSGS; diff --git a/modules/m_info.c b/modules/m_info.c index 11ab1db9..d1b286f6 100644 --- a/modules/m_info.c +++ b/modules/m_info.c @@ -581,6 +581,11 @@ static struct InfoStruct info_table[] = { "Send messages to @#channel if affected by +z", INFO_INTBOOL_YN(&ConfigChannel.opmod_send_statusmsg), }, + { + "ip_bans_through_vhost", + "Channel IP bans see through dynamic spoofs", + INFO_INTBOOL_YN(&ConfigChannel.ip_bans_through_vhost), + }, { "hide_opers", "Hide all opers from unprivileged users",