16 static const char sasl_usercloak_desc
[] =
17 "Insert the SASL account name into certain iline spoofed hosts";
19 static void check_new_user(void *data
);
20 mapi_hfn_list_av1 sasl_usercloak_hfnlist
[] = {
21 { "new_local_user", check_new_user
},
26 unsigned int fnv_hash_string(char *str
)
28 unsigned int hash
= 0x811c9dc5; // Magic value for 32-bit fnv1 hash initialisation.
29 unsigned char *p
= (unsigned char *)str
;
32 hash
+= (hash
<<1) + (hash
<<4) + (hash
<<7) + (hash
<<8) + (hash
<<24);
39 check_new_user(void *vdata
)
41 struct Client
*source_p
= vdata
;
43 if (IsAnyDead(source_p
))
46 if (!IsIPSpoof(source_p
))
49 if (EmptyString(source_p
->user
->suser
))
52 char *accountpart
= strstr(source_p
->orighost
, "/account");
53 if (!accountpart
|| accountpart
[8] != '\0')
59 memset(buf
, 0, sizeof(buf
));
62 strncpy(buf
, source_p
->orighost
, accountpart
- source_p
->orighost
);
63 dst
+= accountpart
- source_p
->orighost
;
67 for (char *src
= source_p
->user
->suser
; *src
; src
++ )
69 if (dst
>= buf
+ sizeof(buf
))
71 /* Doesn't fit. Warn opers and bail. */
72 sendto_realops_snomask(SNO_GENERAL
, L_NETWIDE
,
73 "Couldn't fit account name part %s in hostname for %s!%s@%s",
74 source_p
->user
->suser
, source_p
->name
, source_p
->username
, source_p
->orighost
);
78 char c
= tolower(*src
);
88 if (dst
> buf
+ sizeof(buf
) - 12) /* '/x-' plus eight digit hash plus null terminator */
90 /* Doesn't fit. Warn opers and bail. */
91 sendto_realops_snomask(SNO_GENERAL
, L_NETWIDE
,
92 "Couldn't fit account name part %s in hostname for %s!%s@%s",
93 source_p
->user
->suser
, source_p
->name
, source_p
->username
, source_p
->orighost
);
101 unsigned int hashval
= fnv_hash_string(source_p
->user
->suser
);
102 hashval
%= 100000000; // eight digits only please.
103 snprintf(dst
, 9, "%08u", hashval
);
107 buf
[HOSTLEN
-1] = '\0';
109 /* If hostname has been changed already (probably by services cloak on SASL login), then
110 * leave it intact. If not, change it. In either case, update the original hostname.
112 if (0 == irccmp(source_p
->host
, source_p
->orighost
))
113 change_nick_user_host(source_p
, source_p
->name
, source_p
->username
, buf
, 0, "Changing host");
114 strncpy(source_p
->orighost
, buf
, HOSTLEN
);
117 struct ConfItem
*aconf
= find_kline(source_p
);
122 if(IsExemptKline(source_p
))
124 sendto_realops_snomask(SNO_GENERAL
, L_NETWIDE
,
125 "KLINE over-ruled for %s, client is kline_exempt [%s@%s]",
126 get_client_name(source_p
, HIDE_IP
),
127 aconf
->user
, aconf
->host
);
131 sendto_realops_snomask(SNO_BANNED
, L_NETWIDE
,
132 "Rejecting K-Lined user %s [%s] (%s@%s)", get_client_name(source_p
, HIDE_IP
),
133 show_ip(NULL
, source_p
) ? source_p
->sockhost
: "255.255.255.255", aconf
->user
, aconf
->host
);
135 notify_banned_client(source_p
, aconf
, K_LINED
);
139 DECLARE_MODULE_AV2(sasl_usercloak
, NULL
, NULL
, NULL
, NULL
, sasl_usercloak_hfnlist
, NULL
, NULL
, sasl_usercloak_desc
);