Don't attempt to connect to the uplink if given invalid hostnames

5 files changed, 46 insertions, 18 deletions

diff --git a/include/dns.h b/include/dns.h
index c95cc64de..17d69ecb1 100644
--- a/include/dns.h
+++ b/include/dns.h
@@ -130,9 +130,11 @@ struct DNSRecord
 	/* Record length */
 	unsigned short rdlength;
 
-	inline DNSRecord(const Anope::string &n);
 	/* When this record was created in our cache */
 	time_t created;
+
+	inline DNSRecord(const Anope::string &n);
+	operator bool() const;
 };
 
 /** The socket used to talk to the nameserver, uses UDP
diff --git a/modules/extra/m_ssl.cpp b/modules/extra/m_ssl.cpp
index 4eb36b97f..408ebf609 100644
--- a/modules/extra/m_ssl.cpp
+++ b/modules/extra/m_ssl.cpp
@@ -155,19 +155,25 @@ class SSLModule : public Module
 
 		if (config.ReadFlag("uplink", "ssl", "no", Number - 1))
 		{
-			try
-			{
-				new UplinkSocket(uplink_server->ipv6);
-				this->service.Init(UplinkSock);
-				DNSRecord req = DNSManager::BlockingQuery(uplink_server->host, uplink_server->ipv6 ? DNS_QUERY_AAAA : DNS_QUERY_A);
-				UplinkSock->Connect(req.result, uplink_server->port, Config->LocalHost);
+			DNSRecord req = DNSManager::BlockingQuery(uplink_server->host, uplink_server->ipv6 ? DNS_QUERY_AAAA : DNS_QUERY_A);
 
-				Log() << "Connected to server " << Number << " (" << u->host << ":" << u->port << ") with SSL";
-				return EVENT_ALLOW;
-			}
-			catch (const SocketException &ex)
+			if (!req)
+				Log() << "Unable to connect to server " << uplink_server->host << ":" << uplink_server->port << " using SSL: Invalid hostname/IP";
+			else
 			{
-				Log() << "Unable to connect with SSL to server " << Number << " (" << u->host << ":" << u->port << "), " << ex.GetReason();
+				try
+				{
+					new UplinkSocket(uplink_server->ipv6);
+					this->service.Init(UplinkSock);
+					UplinkSock->Connect(req.result, uplink_server->port, Config->LocalHost);
+
+					Log() << "Connected to server " << Number << " (" << u->host << ":" << u->port << ") with SSL";
+					return EVENT_ALLOW;
+				}
+				catch (const SocketException &ex)
+				{
+					Log() << "Unable to connect with SSL to server " << Number << " (" << u->host << ":" << u->port << "), " << ex.GetReason();
+				}
 			}
 
 			return EVENT_STOP;
diff --git a/src/dns.cpp b/src/dns.cpp
index e5a2c3098..45b3db6bd 100644
--- a/src/dns.cpp
+++ b/src/dns.cpp
@@ -221,6 +221,11 @@ inline DNSRecord::DNSRecord(const Anope::string &n) : name(n)
 	this->created = Anope::CurTime;
 }
 
+DNSRecord::operator bool() const
+{
+	return !this->result.empty();
+}
+
 DNSSocket::DNSSocket() : ConnectionSocket(false, SOCK_DGRAM)
 {
 }
@@ -613,7 +618,6 @@ DNSRecord DNSManager::BlockingQuery(const Anope::string &mask, QueryType qt)
 	DNSRecord result(mask);
 	addrinfo *addrresult, hints;
 
-	result.result = mask;
 	result.type = qt;
 
 	int type = AF_UNSPEC;
diff --git a/src/main.cpp b/src/main.cpp
index 3ca033507..b71a7754a 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -369,6 +369,12 @@ static bool Connect()
 
 		DNSRecord req = DNSManager::BlockingQuery(uplink_server->host, uplink_server->ipv6 ? DNS_QUERY_AAAA : DNS_QUERY_A);
 
+		if (!req)
+		{
+			Log() << "Unable to connect to server " << servernum << " (" << uplink_server->host << ":" << uplink_server->port << "): Invalid hostname/IP";
+			continue;
+		}
+		
 		try
 		{
 			new UplinkSocket(uplink_server->ipv6);
@@ -376,7 +382,7 @@ static bool Connect()
 		}
 		catch (const SocketException &ex)
 		{
-			Log() << "Unable to connect to server" << servernum << " (" << uplink_server->host << ":" << uplink_server->port << "), " << ex.GetReason();
+			Log() << "Unable to connect to server " << servernum << " (" << uplink_server->host << ":" << uplink_server->port << "): " << ex.GetReason();
 			continue;
 		}
 
diff --git a/src/sockets.cpp b/src/sockets.cpp
index 941169c17..3f334e26e 100644
--- a/src/sockets.cpp
+++ b/src/sockets.cpp
@@ -129,17 +129,27 @@ void sockaddrs::pton(int type, const Anope::string &address, int pport)
 	switch (type)
 	{
 		case AF_INET:
-			if (inet_pton(type, address.c_str(), &sa4.sin_addr) < 1)
-				throw SocketException(Anope::string("Invalid host: ") + Anope::LastError());
+		{
+			int i = inet_pton(type, address.c_str(), &sa4.sin_addr);
+			if (i == 0)
+				throw SocketException("Invalid host");
+			else if (i <= -1)
+				throw SocketException("Invalid host: "  + Anope::LastError());
 			sa4.sin_family = type;
 			sa4.sin_port = htons(pport);
 			return;
+		}
 		case AF_INET6:
-			if (inet_pton(type, address.c_str(), &sa6.sin6_addr) < 1)
-				throw SocketException(Anope::string("Invalid host: ") + Anope::LastError());
+		{
+			int i = inet_pton(type, address.c_str(), &sa6.sin6_addr);
+			if (i == 0)
+				throw SocketException("Invalid host");
+			else if (i <= -1)
+				throw SocketException("Invalid host: " + Anope::LastError());
 			sa6.sin6_family = type;
 			sa6.sin6_port = htons(pport);
 			return;
+		}
 		default:
 			break;
 	}