* };
* Possible flags:
* encrypted - password is encrypted (recommended)
- * kline_exempt - k/g lines on the cgiirc ip are ignored
- * gline_exempt - glines on the cgiirc ip are ignored
+ * kline_exempt - klines on the cgiirc ip are ignored
* dlines are checked on the cgiirc ip (of course).
- * k/d/g/x lines, auth blocks, user limits, etc are checked using the
+ * k/d/x lines, auth blocks, user limits, etc are checked using the
* real host/ip.
* The password should be specified unencrypted in webirc_password in
* cgiirc.config
#include "stdinc.h"
#include "client.h" /* client struct */
-#include "irc_string.h"
+#include "match.h"
#include "hostmask.h"
#include "send.h" /* sendto_one */
#include "numeric.h" /* ERR_xxx */
/*
* mr_webirc - webirc message handler
- * parv[0] = sender prefix
* parv[1] = password
* parv[2] = fake username (we ignore this)
- * parv[3] = fake hostname
+ * parv[3] = fake hostname
* parv[4] = fake ip
*/
static int
{
struct ConfItem *aconf;
const char *encr;
+ struct rb_sockaddr_storage addr;
- if (!strchr(parv[4], '.') && !strchr(parv[4], ':'))
+ if ((!strchr(parv[4], '.') && !strchr(parv[4], ':')) ||
+ strlen(parv[4]) + (*parv[4] == ':') >=
+ sizeof(source_p->sockhost))
{
sendto_one(source_p, "NOTICE * :Invalid IP");
return 0;
}
- aconf = find_address_conf(client_p->host, client_p->sockhost,
+ aconf = find_address_conf(client_p->host, client_p->sockhost,
IsGotId(client_p) ? client_p->username : "webirc",
IsGotId(client_p) ? client_p->username : "webirc",
(struct sockaddr *) &client_p->localClient->ip,
- client_p->localClient->ip.ss_family);
+ client_p->localClient->ip.ss_family, NULL);
if (aconf == NULL || !(aconf->status & CONF_CLIENT))
return 0;
- if (!IsConfDoSpoofIp(aconf) || irccmp(aconf->name, "webirc."))
+ if (!IsConfDoSpoofIp(aconf) || irccmp(aconf->info.name, "webirc."))
{
/* XXX */
sendto_one(source_p, "NOTICE * :Not a CGI:IRC auth block");
if (EmptyString(parv[1]))
encr = "";
else if (IsConfEncrypted(aconf))
- encr = crypt(parv[1], aconf->passwd);
+ encr = rb_crypt(parv[1], aconf->passwd);
else
encr = parv[1];
- if (strcmp(encr, aconf->passwd))
+ if (encr == NULL || strcmp(encr, aconf->passwd))
{
sendto_one(source_p, "NOTICE * :CGI:IRC password incorrect");
return 0;
}
+ if (rb_inet_pton_sock(parv[4], (struct sockaddr *)&addr) <= 0)
+ {
+ sendto_one(source_p, "NOTICE * :Invalid IP");
+ return 0;
+ }
- strlcpy(source_p->sockhost, parv[4], sizeof(source_p->sockhost));
+ if (*parv[4] == ':')
+ {
+ source_p->sockhost[0] = '0';
+ rb_strlcpy(source_p->sockhost + 1, parv[4],
+ sizeof(source_p->sockhost) - 1);
+ }
+ else
+ rb_strlcpy(source_p->sockhost, parv[4],
+ sizeof(source_p->sockhost));
if(strlen(parv[3]) <= HOSTLEN)
- strlcpy(source_p->host, parv[3], sizeof(source_p->host));
+ rb_strlcpy(source_p->host, parv[3], sizeof(source_p->host));
else
- strlcpy(source_p->host, source_p->sockhost, sizeof(source_p->host));
-
- del_unknown_ip(source_p);
- inetpton_sock(parv[4], (struct sockaddr *)&source_p->localClient->ip);
+ rb_strlcpy(source_p->host, source_p->sockhost, sizeof(source_p->host));
+
+ source_p->localClient->ip = addr;
- /* Check dlines now, k/glines will be checked on registration */
- if((aconf = find_dline((struct sockaddr *)&source_p->localClient->ip,
+ /* Check dlines now, klines will be checked on registration */
+ if((aconf = find_dline((struct sockaddr *)&source_p->localClient->ip,
source_p->localClient->ip.ss_family)))
{
if(!(aconf->status & CONF_EXEMPTDLINE))