Spamfilter fixes: prevent actions that are currently config-only from

being added by other servers and being able to spread to areas of
which the code is currently not ready for ('set', 'report', 'stop').

diff --git a/include/h.h b/include/h.h
index 715685b84bc0635d6eb1d1d0a442071eb9483014..f1909d16a6d0b73b417ad6149f2e8e828c021866 100644 (file)
--- a/include/h.h
+++ b/include/h.h
@@ -738,6 +738,7 @@ extern const char *banact_valtostring(BanActionValue val);
 extern BanActionValue banact_chartoval(char c);
 extern char banact_valtochar(BanActionValue val);
 extern BanAction *banact_value_to_struct(BanActionValue val);
+extern int banact_config_only(BanActionValue action);
 extern int only_actions_of_type(BanAction *actions, BanActionValue what);
 extern int has_actions_of_type(BanAction *actions, BanActionValue what);
 extern int only_soft_actions(BanAction *actions);

diff --git a/src/misc.c b/src/misc.c
index 8b3dca8d68716bd050046dc65d2bd6e04f3c0f22..a5d0218e0b56b4c23d719dd33eb58ee588d0f313 100644 (file)
--- a/src/misc.c
+++ b/src/misc.c
@@ -56,33 +56,34 @@ typedef struct {
        int value;                      /** Unique integer value of item */
        char character;         /** Unique character assigned to item */
        char *name;                     /** Name of item */
+       char config_only;
 } BanActTable;
 
 static BanActTable banacttable[] = {
-       { BAN_ACT_KILL,         'K',    "kill" },
-       { BAN_ACT_SOFT_KILL,    'i',    "soft-kill" },
-       { BAN_ACT_TEMPSHUN,     'S',    "tempshun" },
-       { BAN_ACT_SOFT_TEMPSHUN,'T',    "soft-tempshun" },
-       { BAN_ACT_SHUN,         's',    "shun" },
-       { BAN_ACT_SOFT_SHUN,    'H',    "soft-shun" },
-       { BAN_ACT_KLINE,        'k',    "kline" },
-       { BAN_ACT_SOFT_KLINE,   'I',    "soft-kline" },
-       { BAN_ACT_ZLINE,        'z',    "zline" },
-       { BAN_ACT_GLINE,        'g',    "gline" },
-       { BAN_ACT_SOFT_GLINE,   'G',    "soft-gline" },
-       { BAN_ACT_GZLINE,       'Z',    "gzline" },
-       { BAN_ACT_BLOCK,        'b',    "block" },
-       { BAN_ACT_SOFT_BLOCK,   'B',    "soft-block" },
-       { BAN_ACT_DCCBLOCK,     'd',    "dccblock" },
-       { BAN_ACT_SOFT_DCCBLOCK,'D',    "soft-dccblock" },
-       { BAN_ACT_VIRUSCHAN,    'v',    "viruschan" },
-       { BAN_ACT_SOFT_VIRUSCHAN,'V',   "soft-viruschan" },
-       { BAN_ACT_WARN,         'w',    "warn" },
-       { BAN_ACT_SOFT_WARN,    'W',    "soft-warn" },
-       { BAN_ACT_SET,          '1',    "set" },
-       { BAN_ACT_REPORT,       'r',    "report" },
-       { BAN_ACT_STOP,         '0',    "stop" },
-       { 0, 0, 0 }
+       { BAN_ACT_KILL,         'K',    "kill",                 0 },
+       { BAN_ACT_SOFT_KILL,    'i',    "soft-kill",            0 },
+       { BAN_ACT_TEMPSHUN,     'S',    "tempshun",             0 },
+       { BAN_ACT_SOFT_TEMPSHUN,'T',    "soft-tempshun",        0 },
+       { BAN_ACT_SHUN,         's',    "shun",                 0 },
+       { BAN_ACT_SOFT_SHUN,    'H',    "soft-shun",            0 },
+       { BAN_ACT_KLINE,        'k',    "kline",                0 },
+       { BAN_ACT_SOFT_KLINE,   'I',    "soft-kline",           0 },
+       { BAN_ACT_ZLINE,        'z',    "zline",                0 },
+       { BAN_ACT_GLINE,        'g',    "gline",                0 },
+       { BAN_ACT_SOFT_GLINE,   'G',    "soft-gline",           0 },
+       { BAN_ACT_GZLINE,       'Z',    "gzline",               0 },
+       { BAN_ACT_BLOCK,        'b',    "block",                0 },
+       { BAN_ACT_SOFT_BLOCK,   'B',    "soft-block",           0 },
+       { BAN_ACT_DCCBLOCK,     'd',    "dccblock",             0 },
+       { BAN_ACT_SOFT_DCCBLOCK,'D',    "soft-dccblock",        0 },
+       { BAN_ACT_VIRUSCHAN,    'v',    "viruschan",            0 },
+       { BAN_ACT_SOFT_VIRUSCHAN,'V',   "soft-viruschan",       0 },
+       { BAN_ACT_WARN,         'w',    "warn",                 0 },
+       { BAN_ACT_SOFT_WARN,    'W',    "soft-warn",            0 },
+       { BAN_ACT_SET,          '1',    "set",                  1 },
+       { BAN_ACT_REPORT,       'r',    "report",               1 },
+       { BAN_ACT_STOP,         '0',    "stop",                 1 },
+       { 0, 0, 0, 0 }
 };
 
 typedef struct {
@@ -999,6 +1000,17 @@ void parse_ban_action_config(ConfigEntry *ce, BanAction **store_actions)
        }
 }
 
+/** Return 1 if this is "config only" ban action, like BAN_ACT_SET is */
+int banact_config_only(BanActionValue action)
+{
+       BanActTable *b;
+
+       for (b = &banacttable[0]; b->value; b++)
+               if (b->value == action)
+                       return b->config_only;
+       return 0;
+}
+
 /** Converts a banaction string (eg: "kill") to an integer value (eg: BAN_ACT_KILL) */
 BanActionValue banact_stringtoval(const char *s)
 {

diff --git a/src/modules/rpc/spamfilter.c b/src/modules/rpc/spamfilter.c
index 201cf9c58f2a966b6687bea6e88d9a48eaa7272f..997aab5dae66b26fe87ec656d5631df7534ca17d 100644 (file)
--- a/src/modules/rpc/spamfilter.c
+++ b/src/modules/rpc/spamfilter.c
@@ -151,6 +151,12 @@ int spamfilter_select_criteria(Client *client, json_t *request, json_t *params,
                rpc_error(client, request, JSON_RPC_ERROR_INVALID_PARAMS, "Invalid value for parameter 'ban_action'");
                return 0;
        }
+       /* I hope to remove this restriction at a later point: */
+       if (banact_config_only(*action))
+       {
+               rpc_error(client, request, JSON_RPC_ERROR_INVALID_PARAMS, "Invalid value for parameter 'ban_action': action is config-based only");
+               return 0;
+       }
        actionbuf[0] = banact_valtochar(*action);
        actionbuf[1] = '\0';
        return 1;

diff --git a/src/modules/tkl.c b/src/modules/tkl.c
index 25b43a6fd37a074f69ad156a9be6eb3819d2c5cd..027b9aabbb2624920842d56a30dc879533cc11d6 100644 (file)
--- a/src/modules/tkl.c
+++ b/src/modules/tkl.c
@@ -4449,7 +4449,7 @@ CMD_FUNC(cmd_tkl_add)
                        return;
                }
 
-               if (!(action = banact_chartoval(*parv[4])))
+               if (!(action = banact_chartoval(*parv[4])) || banact_config_only(action))
                {
                        unreal_log(ULOG_WARNING, "tkl", "TKL_ADD_INVALID", client,
                                "Invalid TKL entry from $client: "

diff --git a/src/modules/tkldb.c b/src/modules/tkldb.c
index ccbfd6601724548f142faec771256f71b855a7c3..aa038522b6bb76d9e864ff8306a514cbfa58c275 100644 (file)
--- a/src/modules/tkldb.c
+++ b/src/modules/tkldb.c
@@ -432,7 +432,7 @@ int write_tkline(UnrealDB *db, const char *tmpfname, TKL *tkl)
        {
                char *match_type = unreal_match_method_valtostr(tkl->ptr.spamfilter->match->type);
                char *target = spamfilter_target_inttostring(tkl->ptr.spamfilter->target);
-               char action = banact_valtochar(tkl->ptr.spamfilter->action->action);
+               char action = banact_valtochar(tkl->ptr.spamfilter->action->action); // NOTE: only writes single action value
 
                W_SAFE(unrealdb_write_str(db, match_type));
                W_SAFE(unrealdb_write_str(db, tkl->ptr.spamfilter->match->str));
@@ -701,8 +701,8 @@ int read_tkldb(void)
 
                        /* Action */
                        R_SAFE(unrealdb_read_char(db, &c));
-                       tkl->ptr.spamfilter->action = banact_value_to_struct(banact_chartoval(c));
-                       if (!tkl->ptr.spamfilter->action)
+                       tkl->ptr.spamfilter->action = banact_value_to_struct(banact_chartoval(c)); // NOTE: only reads single action value
+                       if (!tkl->ptr.spamfilter->action || banact_config_only(tkl->ptr.spamfilter->action->action))
                        {
                                config_warn("[tkldb] Spamfilter '%s' without valid action (%c) -- spamfilter entry not added",
                                        tkl->ptr.spamfilter->match->str, c);