-/* $Id: ip_cloaking.c 2805 2006-12-05 12:45:43Z jilles $ */
+/* $Id: ip_cloaking.c 3526 2007-07-06 07:56:14Z nenolod $ */
#include "stdinc.h"
#include "modules.h"
};
DECLARE_MODULE_AV1(ip_cloaking, _modinit, _moddeinit, NULL, NULL,
- ip_cloaking_hfnlist, "$Revision: 2805 $");
+ ip_cloaking_hfnlist, "$Revision: 3526 $");
static void
distribute_hostchange(struct Client *client)
ClearDynSpoof(client);
}
+#define Nval 0x8c3a48ac
+#define HOSTLEN 63
+#define INITDATA "98fwqefnoiqefv03f423t34gbv3vb89tg432t3b8" /* change this */
+
+static inline unsigned int
+get_string_entropy(const char *inbuf)
+{
+ unsigned int accum = 1;
+
+ while(*inbuf != '\0')
+ accum += *inbuf++;
+
+ return accum;
+}
+
+/* calls get_string_entropy() and toasts it against INITDATA */
+static inline unsigned int
+get_string_weighted_entropy(const char *inbuf)
+{
+ static int base_entropy = 0;
+ unsigned int accum = get_string_entropy(inbuf);
+
+ /* initialize the algorithm if it is not yet ready */
+ if (base_entropy == 0)
+ base_entropy = get_string_entropy(INITDATA);
+
+ return (Nval * accum) ^ base_entropy;
+}
+
static void
-do_host_cloak(const char *inbuf, char *outbuf, int ipmask)
+do_host_cloak_ip(const char *inbuf, char *outbuf)
{
- int cyc;
- unsigned int hosthash = 1, hosthash2 = 1;
- unsigned int maxcycle = strlen(inbuf);
- int len1;
- const char *rest, *next;
-
- for (cyc = 0; cyc < maxcycle - 2; cyc += 2)
- hosthash *= (unsigned int) inbuf[cyc];
-
- /* safety: decrement ourselves two steps back */
- for (cyc = maxcycle - 1; cyc >= 1; cyc -= 2)
- hosthash2 *= (unsigned int) inbuf[cyc];
-
- /* lets do some bitshifting -- this pretty much destroys the IP
- * sequence, while still providing a checksum. exactly what
- * we're shooting for. --nenolod
- */
- hosthash += (hosthash2 / KEY);
- hosthash2 += (hosthash / KEY);
+ char *tptr;
+ unsigned int accum = get_string_weighted_entropy(inbuf);
+ char buf[HOSTLEN];
- if (ipmask == 0)
+ strncpy(buf, inbuf, HOSTLEN);
+ tptr = strrchr(buf, '.');
+
+ if (tptr == NULL)
{
- ircsnprintf(outbuf, HOSTLEN, "%s-%X%X",
- ServerInfo.network_name, hosthash2, hosthash);
- len1 = strlen(outbuf);
- rest = strchr(inbuf, '.');
- if (rest == NULL)
- rest = ".";
- /* try to avoid truncation -- jilles */
- while (len1 + strlen(rest) >= HOSTLEN && (next = strchr(rest + 1, '.')) != NULL)
- rest = next;
- strlcat(outbuf, rest, HOSTLEN);
+ strncpy(outbuf, inbuf, HOSTLEN);
+ return;
}
- else
- ircsnprintf(outbuf, HOSTLEN, "%X%X.%s",
- hosthash2, hosthash, ServerInfo.network_name);
+
+ *tptr++ = '\0';
+
+ snprintf(outbuf, HOSTLEN, "%s.%x", buf, accum);
+}
+
+static void
+do_host_cloak_host(const char *inbuf, char *outbuf)
+{
+ char b26_alphabet[] = "abcdefghijklmnopqrstuvwxyz";
+ char *tptr;
+ unsigned int accum = get_string_weighted_entropy(inbuf);
+
+ strncpy(outbuf, inbuf, HOSTLEN);
+
+ /* pass 1: scramble first section of hostname using base26
+ * alphabet toasted against the weighted entropy of the string.
+ *
+ * numbers are not changed at this time, only letters.
+ */
+ for (tptr = outbuf; *tptr != '\0'; tptr++)
+ {
+ if (*tptr == '.')
+ break;
+
+ if (isdigit(*tptr) || *tptr == '-')
+ continue;
+
+ *tptr = b26_alphabet[(*tptr * accum) % 26];
+ }
+
+ /* pass 2: scramble each number in the address */
+ for (tptr = outbuf; *tptr != '\0'; tptr++)
+ {
+ if (isdigit(*tptr))
+ {
+ *tptr = 48 + ((*tptr * accum) % 10);
+ }
+ }
}
static void
}
source_p->localClient->mangledhost = MyMalloc(HOSTLEN);
if (!irccmp(source_p->orighost, source_p->sockhost))
- do_host_cloak(source_p->orighost, source_p->localClient->mangledhost, 1);
+ do_host_cloak_ip(source_p->orighost, source_p->localClient->mangledhost);
else
- do_host_cloak(source_p->orighost, source_p->localClient->mangledhost, 0);
+ do_host_cloak_host(source_p->orighost, source_p->localClient->mangledhost);
if (IsDynSpoof(source_p))
source_p->umodes &= ~user_modes['h'];
if (source_p->umodes & user_modes['h'])