X-Git-Url: https://jfr.im/git/irc/quakenet/newserv.git/blobdiff_plain/27ce0548659b866469bb01b639aab0682a4ea667..a4f1c6607af22469078a50c571218d6571914ca5:/proxyscan/proxyscanhandlers.c diff --git a/proxyscan/proxyscanhandlers.c b/proxyscan/proxyscanhandlers.c index 6bde0a73..df5c6b61 100644 --- a/proxyscan/proxyscanhandlers.c +++ b/proxyscan/proxyscanhandlers.c @@ -1,18 +1,43 @@ +#include #include "proxyscan.h" #include "../irc/irc.h" #include "../lib/irc_string.h" +#include "../core/error.h" +#include "../glines/glines.h" void proxyscan_newnick(int hooknum, void *arg) { nick *np=(nick *)arg; cachehost *chp; foundproxy *fpp, *nfpp; + extrascan *esp, *espp; + char reason[200]; + int i; /* Skip 127.* and 0.* hosts */ - if (irc_in_addr_is_loopback(&np->p_ipaddr) || !irc_in_addr_is_ipv4(&np->p_ipaddr)) + if (irc_in_addr_is_loopback(&np->ipaddress)) return; - unsigned int ip = irc_in_addr_v4_to_int(&np->p_ipaddr); + /* slug: why is this here? why isn't it with the other queuing stuff? */ + /* we're given a list of ip/subnets and port pairs which someone else has + seen a proxy on in the past, so we scan these very aggressively + (even ignoring the cache) + */ + /* disabled as the list is hopelessly out of date */ + if ((esp=findextrascan(np->ipnode))) { + Error("proxyextra", ERR_ERROR, "connection from possible proxy %s", IPtostr(np->ipaddress)); + for (espp=esp;espp;espp=espp->nextbynode) { + /* we force a scan on any hosts that may be an open proxy, even if they are: + * a) already in the queue, b) we've been running < 120 seconds */ + queuescan(np->ipnode, espp->type, espp->port, SCLASS_NORMAL, time(NULL)); + } + } + +/* slug: this BREAKS all of P's design assumptions, do NOT REENABLE THIS UNDER ANY CIRCUMSTANCES */ +/* ignore newnick until initial burst complete */ +/* if (!ps_ready) + return; +*/ /* * Logic for connecting hosts: @@ -27,8 +52,7 @@ void proxyscan_newnick(int hooknum, void *arg) { * * If they're not in the cache, we queue up their scans */ - - if ((chp=findcachehost(ip))) { + if ((chp=findcachehost(np->ipnode))) { if (!chp->proxies) return; @@ -43,30 +67,31 @@ void proxyscan_newnick(int hooknum, void *arg) { break; if (!fpp) - queuescan(ip, thescans[i].type, thescans[i].port, SCLASS_NORMAL, 0); + queuescan(np->ipnode, thescans[i].type, thescans[i].port, SCLASS_NORMAL, 0); } } /* We want these scans to start around now, so we put them at the front of the priority queue */ for (fpp=chp->proxies;fpp;fpp=nfpp) { nfpp=fpp->next; - queuescan(ip, fpp->type, fpp->port, SCLASS_CHECK, time(NULL)); + queuescan(np->ipnode, fpp->type, fpp->port, SCLASS_CHECK, time(NULL)); freefoundproxy(fpp); } /* set a SHORT gline - if they really have an open proxy the gline will be re-set, with a new ID */ - irc_send("%s GL * +*@%s 600 :Open Proxy, see http://www.quakenet.org/openproxies.html - ID: %d", - mynumeric->content,IPtostr(np->p_ipaddr),chp->glineid); + snprintf(reason, sizeof(reason), "Open Proxy, see http://www.quakenet.org/openproxies.html - ID: %d", chp->glineid); + glinebynick(np, 600, reason, GLINE_IGNORE_TRUST, "proxyscan"); chp->lastscan=time(NULL); chp->proxies=NULL; chp->glineid=0; } else { - chp=addcleanhost(ip, time(NULL)); + chp=addcleanhost(time(NULL)); + np->ipnode->exts[ps_cache_ext] = chp; + patricia_ref_prefix(np->ipnode->prefix); /* Queue up all the normal scans - on the normal queue */ for (i=0;iipnode, thescans[i].type, thescans[i].port, SCLASS_NORMAL, 0); } } -