From 68c2b3ae7f14471ce7a86689a59d9317024180ea Mon Sep 17 00:00:00 2001 From: michael Date: Wed, 29 May 2013 21:16:10 +0000 Subject: - s_user.c:user_set_hostmask(): don't unset FLAGS_IP_SPOOFING if the client's hostname has already been spoofed by an auth{} block based spoof. git-svn-id: svn://svn.ircd-hybrid.org/svnroot/ircd-hybrid/branches/8.1.x@2139 82007160-df01-0410-b94d-b575c5fd34c7 --- include/client.h | 53 +++++++++++++++++++++++++++-------------------------- src/conf.c | 2 +- src/s_user.c | 4 +++- 3 files changed, 31 insertions(+), 28 deletions(-) diff --git a/include/client.h b/include/client.h index c85de6e..d50e0e3 100644 --- a/include/client.h +++ b/include/client.h @@ -100,32 +100,33 @@ #define HasCap(x, y) ((x)->localClient->cap_active & (y)) /* housekeeping flags */ -#define FLAGS_PINGSENT 0x00000001 /**< Unreplied ping sent */ -#define FLAGS_DEADSOCKET 0x00000002 /**< Local socket is dead--Exiting soon */ -#define FLAGS_KILLED 0x00000004 /**< Prevents "QUIT" from being sent for this */ -#define FLAGS_CLOSING 0x00000008 /**< set when closing to suppress errors */ -#define FLAGS_GOTID 0x00000010 /**< successful ident lookup achieved */ -#define FLAGS_NEEDID 0x00000020 /**< auth{} block say must use ident return */ -#define FLAGS_SENDQEX 0x00000040 /**< Sendq exceeded */ -#define FLAGS_IPHASH 0x00000080 /**< iphashed this client */ -#define FLAGS_MARK 0x00000100 /**< marked client */ -#define FLAGS_CANFLOOD 0x00000200 /**< client has the ability to flood */ -#define FLAGS_EXEMPTGLINE 0x00000400 /**< client can't be G-lined */ -#define FLAGS_EXEMPTKLINE 0x00000800 /**< client is exempt from kline */ -#define FLAGS_NOLIMIT 0x00001000 /**< client is exempt from limits */ -#define FLAGS_PING_COOKIE 0x00002000 /**< PING Cookie */ -#define FLAGS_IP_SPOOFING 0x00004000 /**< client IP is spoofed */ -#define FLAGS_FLOODDONE 0x00008000 /**< Flood grace period has been ended. */ -#define FLAGS_EOB 0x00010000 /**< server has sent us an EOB */ -#define FLAGS_HIDDEN 0x00020000 /**< a hidden server. not shown in /links */ -#define FLAGS_BLOCKED 0x00040000 /**< must wait for COMM_SELECT_WRITE */ -#define FLAGS_USERHOST 0x00080000 /**< client is in userhost hash */ -#define FLAGS_BURSTED 0x00100000 /**< user was already bursted */ -#define FLAGS_EXEMPTRESV 0x00200000 /**< client is exempt from RESV */ -#define FLAGS_GOTUSER 0x00400000 /**< if we received a USER command */ -#define FLAGS_FINISHED_AUTH 0x00800000 /**< Client has been released from auth */ -#define FLAGS_FLOOD_NOTICED 0x01000000 /**< Notice to opers about this flooder has been sent */ -#define FLAGS_SERVICE 0x02000000 /**< Client/server is a network service */ +#define FLAGS_PINGSENT 0x00000001 /**< Unreplied ping sent */ +#define FLAGS_DEADSOCKET 0x00000002 /**< Local socket is dead--Exiting soon */ +#define FLAGS_KILLED 0x00000004 /**< Prevents "QUIT" from being sent for this */ +#define FLAGS_CLOSING 0x00000008 /**< set when closing to suppress errors */ +#define FLAGS_GOTID 0x00000010 /**< successful ident lookup achieved */ +#define FLAGS_NEEDID 0x00000020 /**< auth{} block say must use ident return */ +#define FLAGS_SENDQEX 0x00000040 /**< Sendq exceeded */ +#define FLAGS_IPHASH 0x00000080 /**< iphashed this client */ +#define FLAGS_MARK 0x00000100 /**< marked client */ +#define FLAGS_CANFLOOD 0x00000200 /**< client has the ability to flood */ +#define FLAGS_EXEMPTGLINE 0x00000400 /**< client can't be G-lined */ +#define FLAGS_EXEMPTKLINE 0x00000800 /**< client is exempt from kline */ +#define FLAGS_NOLIMIT 0x00001000 /**< client is exempt from limits */ +#define FLAGS_PING_COOKIE 0x00002000 /**< PING Cookie */ +#define FLAGS_IP_SPOOFING 0x00004000 /**< client IP is spoofed */ +#define FLAGS_FLOODDONE 0x00008000 /**< Flood grace period has been ended. */ +#define FLAGS_EOB 0x00010000 /**< server has sent us an EOB */ +#define FLAGS_HIDDEN 0x00020000 /**< a hidden server. not shown in /links */ +#define FLAGS_BLOCKED 0x00040000 /**< must wait for COMM_SELECT_WRITE */ +#define FLAGS_USERHOST 0x00080000 /**< client is in userhost hash */ +#define FLAGS_BURSTED 0x00100000 /**< user was already bursted */ +#define FLAGS_EXEMPTRESV 0x00200000 /**< client is exempt from RESV */ +#define FLAGS_GOTUSER 0x00400000 /**< if we received a USER command */ +#define FLAGS_FINISHED_AUTH 0x00800000 /**< Client has been released from auth */ +#define FLAGS_FLOOD_NOTICED 0x01000000 /**< Notice to opers about this flooder has been sent */ +#define FLAGS_SERVICE 0x02000000 /**< Client/server is a network service */ +#define FLAGS_AUTH_SPOOF 0x04000000 /**< user's hostname has been spoofed by an auth{} spoof*/ #define HasFlag(x, y) ((x)->flags & (y)) #define AddFlag(x, y) ((x)->flags |= (y)) diff --git a/src/conf.c b/src/conf.c index 6f2a05e..6e65aeb 100644 --- a/src/conf.c +++ b/src/conf.c @@ -347,7 +347,7 @@ verify_access(struct Client *client_p) "%s spoofing: %s as %s", client_p->name, client_p->host, conf->name); strlcpy(client_p->host, conf->name, sizeof(client_p->host)); - SetIPSpoof(client_p); + AddFlag(client_p, FLAGS_IP_SPOOFING | FLAGS_AUTH_SPOOF); } return(attach_iline(client_p, conf)); diff --git a/src/s_user.c b/src/s_user.c index 709e0d9..8190ca2 100644 --- a/src/s_user.c +++ b/src/s_user.c @@ -1071,7 +1071,9 @@ user_set_hostmask(struct Client *target_p, const char *hostname, const int what) break; case MODE_DEL: DelUMode(target_p, UMODE_HIDDENHOST); - DelFlag(target_p, FLAGS_IP_SPOOFING); + + if (!HasFlag(target_p, FLAGS_AUTH_SPOOF)); + DelFlag(target_p, FLAGS_IP_SPOOFING); break; default: break; } -- cgit