diff options
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/commands/os_dns.cpp | 19 | ||||
| -rw-r--r-- | modules/commands/os_session.cpp | 176 | ||||
| -rw-r--r-- | modules/extra/m_proxyscan.cpp | 18 | ||||
| -rw-r--r-- | modules/m_dns.cpp | 10 | ||||
| -rw-r--r-- | modules/m_dnsbl.cpp | 9 | ||||
| -rw-r--r-- | modules/protocol/bahamut.cpp | 18 | ||||
| -rw-r--r-- | modules/protocol/inspircd11.cpp | 18 | ||||
| -rw-r--r-- | modules/protocol/inspircd12.cpp | 9 | ||||
| -rw-r--r-- | modules/protocol/unreal.cpp | 28 | ||||
| -rw-r--r-- | modules/pseudoclients/operserv.cpp | 15 |
10 files changed, 135 insertions, 185 deletions
diff --git a/modules/commands/os_dns.cpp b/modules/commands/os_dns.cpp index 698fa0e1a..32e6be59d 100644 --- a/modules/commands/os_dns.cpp +++ b/modules/commands/os_dns.cpp @@ -446,22 +446,11 @@ class CommandOSDNS : public Command return; } - sockaddrs addr; - try + sockaddrs addr(params[2]); + if (!addr.valid()) { - addr.pton(AF_INET, params[2]); - } - catch (const SocketException &) - { - try - { - addr.pton(AF_INET6, params[2]); - } - catch (const SocketException &) - { - source.Reply(_("%s is not a valid IP address."), params[2].c_str()); - return; - } + source.Reply(_("%s is not a valid IP address."), params[2].c_str()); + return; } s->GetIPs().push_back(params[2]); diff --git a/modules/commands/os_session.cpp b/modules/commands/os_session.cpp index 259c9bdd0..656e046af 100644 --- a/modules/commands/os_session.cpp +++ b/modules/commands/os_session.cpp @@ -63,15 +63,9 @@ class MySessionService : public SessionService Exception *e = *it; if (Anope::Match(u->host, e->mask) || Anope::Match(u->ip, e->mask)) return e; - else if (e->mask.find_first_not_of("0123456789.:/") == Anope::string::npos && e->mask.find('/') != Anope::string::npos && u->ip.find_first_not_of("0123456789.:") == Anope::string::npos) - { - try - { - if (cidr(e->mask).match(u->ip)) - return e; - } - catch (const SocketException &) { } - } + + if (cidr(e->mask).match(sockaddrs(u->ip))) + return e; } return NULL; } @@ -83,15 +77,9 @@ class MySessionService : public SessionService Exception *e = *it; if (Anope::Match(host, e->mask)) return e; - else if (e->mask.find_first_not_of("0123456789.:/") == Anope::string::npos && e->mask.find('/') != Anope::string::npos && host.find_first_not_of("0123456789.:") == Anope::string::npos) - { - try - { - if (cidr(e->mask).match(host)) - return e; - } - catch (const SocketException &) { } - } + + if (cidr(e->mask).match(sockaddrs(host))) + return e; } return NULL; @@ -110,6 +98,8 @@ class MySessionService : public SessionService Session *FindSession(const Anope::string &ip) anope_override { cidr c(ip, ip.find(':') != Anope::string::npos ? ipv6_cidr : ipv4_cidr); + if (!c.valid()) + return NULL; SessionMap::iterator it = this->Sessions.find(c); if (it != this->Sessions.end()) return it->second; @@ -119,13 +109,14 @@ class MySessionService : public SessionService SessionMap::iterator FindSessionIterator(const Anope::string &ip) { cidr c(ip, ip.find(':') != Anope::string::npos ? ipv6_cidr : ipv4_cidr); + if (!c.valid()) + return this->Sessions.end(); return this->Sessions.find(c); } - Session* &FindOrCreateSession(const Anope::string &ip) + Session* &FindOrCreateSession(const cidr &ip) { - cidr c(ip, ip.find(':') != Anope::string::npos ? ipv6_cidr : ipv4_cidr); - return this->Sessions[c]; + return this->Sessions[ip]; } SessionMap &GetSessions() anope_override @@ -246,31 +237,24 @@ class CommandOSSession : public Command void DoView(CommandSource &source, const std::vector<Anope::string> ¶ms) { Anope::string param = params[1]; - Session *session = NULL; - - try + Session *session = session_service->FindSession(param); + + Exception *exception = session_service->FindException(param); + Anope::string entry = "no entry"; + unsigned limit = session_limit; + if (exception) { - session = session_service->FindSession(param); + if (!exception->limit) + limit = 0; + else if (exception->limit > limit) + limit = exception->limit; + entry = exception->mask; } - catch (const SocketException &) { } if (!session) - source.Reply(_("\002%s\002 not found on session list."), param.c_str()); + source.Reply(_("\002%s\002 not found on session list, but has a limit of \002%d\002 because it matches entry: \2%s\2."), param.c_str(), limit, entry.c_str()); else - { - Exception *exception = session_service->FindException(param); - Anope::string entry = "no entry"; - unsigned limit = session_limit; - if (exception) - { - if (!exception->limit) - limit = 0; - else if (exception->limit > limit) - limit = exception->limit; - entry = exception->mask; - } source.Reply(_("The host \002%s\002 currently has \002%d\002 sessions with a limit of \002%d\002 because it matches entry: \2%s\2."), session->addr.mask().c_str(), session->count, limit, entry.c_str()); - } } public: CommandOSSession(Module *creator) : Command(creator, "operserv/session", 2, 2) @@ -690,68 +674,68 @@ class OSSession : public Module if (u->Quitting() || !session_limit || exempt || !u->server || u->server->IsULined()) return; - try - { - Session* &session = this->ss.FindOrCreateSession(u->ip); + cidr u_ip(u->ip); + if (!u_ip.valid()) + return; + + Session* &session = this->ss.FindOrCreateSession(u_ip); - if (session) + if (session) + { + bool kill = false; + if (session->count >= session_limit) { - bool kill = false; - if (session->count >= session_limit) + kill = true; + Exception *exception = this->ss.FindException(u); + if (exception) { - kill = true; - Exception *exception = this->ss.FindException(u); - if (exception) - { - kill = false; - if (exception->limit && session->count >= exception->limit) - kill = true; - } + kill = false; + if (exception->limit && session->count >= exception->limit) + kill = true; } + } - /* Previously on IRCds that send a QUIT (InspIRCD) when a user is killed, the session for a host was - * decremented in do_quit, which caused problems and fixed here - * - * Now, we create the user struture before calling this to fix some user tracking issues, - * so we must increment this here no matter what because it will either be - * decremented when the user is killed or quits - Adam - */ - ++session->count; + /* Previously on IRCds that send a QUIT (InspIRCD) when a user is killed, the session for a host was + * decremented in do_quit, which caused problems and fixed here + * + * Now, we create the user struture before calling this to fix some user tracking issues, + * so we must increment this here no matter what because it will either be + * decremented when the user is killed or quits - Adam + */ + ++session->count; - if (kill && !exempt) + if (kill && !exempt) + { + if (OperServ) { - if (OperServ) + if (!sle_reason.empty()) { - if (!sle_reason.empty()) - { - Anope::string message = sle_reason.replace_all_cs("%IP%", u->ip); - u->SendMessage(OperServ, message); - } - if (!sle_detailsloc.empty()) - u->SendMessage(OperServ, sle_detailsloc); + Anope::string message = sle_reason.replace_all_cs("%IP%", u->ip); + u->SendMessage(OperServ, message); } + if (!sle_detailsloc.empty()) + u->SendMessage(OperServ, sle_detailsloc); + } - ++session->hits; - if (max_session_kill && session->hits >= max_session_kill && akills) - { - const Anope::string &akillmask = "*@" + u->ip; - XLine *x = new XLine(akillmask, OperServ ? OperServ->nick : "", Anope::CurTime + session_autokill_expiry, "Session limit exceeded", XLineManager::GenerateUID()); - akills->AddXLine(x); - akills->Send(NULL, x); - Log(OperServ, "akill/session") << "Added a temporary AKILL for \002" << akillmask << "\002 due to excessive connections"; - } - else - { - u->Kill(OperServ ? OperServ->nick : "", "Session limit exceeded"); - } + ++session->hits; + if (max_session_kill && session->hits >= max_session_kill && akills) + { + const Anope::string &akillmask = "*@" + u->ip; + XLine *x = new XLine(akillmask, OperServ ? OperServ->nick : "", Anope::CurTime + session_autokill_expiry, "Session limit exceeded", XLineManager::GenerateUID()); + akills->AddXLine(x); + akills->Send(NULL, x); + Log(OperServ, "akill/session") << "Added a temporary AKILL for \002" << akillmask << "\002 due to excessive connections"; + } + else + { + u->Kill(OperServ ? OperServ->nick : "", "Session limit exceeded"); } } - else - { - session = new Session(u->ip, u->ip.find(':') != Anope::string::npos ? ipv6_cidr : ipv4_cidr); - } } - catch (const SocketException &) { } + else + { + session = new Session(u->ip, u->ip.find(':') != Anope::string::npos ? ipv6_cidr : ipv4_cidr); + } } void OnUserQuit(User *u, const Anope::string &msg) anope_override @@ -759,23 +743,11 @@ class OSSession : public Module if (!session_limit || !u->server || u->server->IsULined()) return; - SessionService::SessionMap::iterator sit; - try - { - sit = this->ss.FindSessionIterator(u->ip); - } - catch (const SocketException &) - { - return; - } - SessionService::SessionMap &sessions = this->ss.GetSessions(); + SessionService::SessionMap::iterator sit = this->ss.FindSessionIterator(u->ip); if (sit == sessions.end()) - { - Log(LOG_DEBUG) << "Tried to delete non-existant session: " << u->ip; return; - } Session *session = sit->second; diff --git a/modules/extra/m_proxyscan.cpp b/modules/extra/m_proxyscan.cpp index da2ab5692..4e2a6bd88 100644 --- a/modules/extra/m_proxyscan.cpp +++ b/modules/extra/m_proxyscan.cpp @@ -149,14 +149,9 @@ class SOCKS5ProxyConnect : public ProxyConnect, public BinarySocket sockaddrs target_addr; char buf[4 + sizeof(target_addr.sa4.sin_addr.s_addr) + sizeof(target_addr.sa4.sin_port)]; int ptr = 0; - try - { - target_addr.pton(AF_INET, target_ip, target_port); - } - catch (const SocketException &) - { + target_addr.pton(AF_INET, target_ip, target_port); + if (!target_addr.valid()) return; - } buf[ptr++] = 5; // Version buf[ptr++] = 1; // # of methods @@ -340,15 +335,10 @@ class ModuleProxyScan : public Module /* At this time we only support IPv4 */ sockaddrs user_ip; - try - { - user_ip.pton(AF_INET, user->ip); - } - catch (const SocketException &) - { + user_ip.pton(AF_INET, user->ip); + if (!user_ip.valid()) /* User doesn't have a valid IPv4 IP (ipv6/spoof/etc) */ return; - } if (!this->con_notice.empty() && !this->con_source.empty()) { diff --git a/modules/m_dns.cpp b/modules/m_dns.cpp index 9b0157069..ea64da92f 100644 --- a/modules/m_dns.cpp +++ b/modules/m_dns.cpp @@ -151,6 +151,8 @@ class Packet : public Query sockaddrs addrs; addrs.ntop(AF_INET, &a); + if (!addrs.valid()) + throw SocketException("Invalid IP"); record.rdata = addrs.addr(); break; @@ -167,6 +169,8 @@ class Packet : public Query sockaddrs addrs; addrs.ntop(AF_INET6, &a); + if (!addrs.valid()) + throw SocketException("Invalid IP"); record.rdata = addrs.addr(); break; @@ -272,6 +276,8 @@ class Packet : public Query if (q.type == QUERY_PTR) { sockaddrs ip(q.name); + if (!ip.valid()) + throw SocketException("Invalid IP"); if (q.name.find(':') != Anope::string::npos) { @@ -347,6 +353,8 @@ class Packet : public Query throw SocketException("Unable to pack packet"); sockaddrs a(rr.rdata); + if (!a.valid()) + throw SocketException("Invalid IP"); s = htons(4); memcpy(&output[pos], &s, 2); @@ -362,6 +370,8 @@ class Packet : public Query throw SocketException("Unable to pack packet"); sockaddrs a(rr.rdata); + if (!a.valid()) + throw SocketException("Invalid IP"); s = htons(16); memcpy(&output[pos], &s, 2); diff --git a/modules/m_dnsbl.cpp b/modules/m_dnsbl.cpp index ea1f1d9f6..08d4e365d 100644 --- a/modules/m_dnsbl.cpp +++ b/modules/m_dnsbl.cpp @@ -134,15 +134,10 @@ class ModuleDNSBL : public Module /* At this time we only support IPv4 */ sockaddrs user_ip; - try - { - user_ip.pton(AF_INET, user->ip); - } - catch (const SocketException &) - { + user_ip.pton(AF_INET, user->ip); + if (!user_ip.valid()) /* User doesn't have a valid IPv4 IP (ipv6/spoof/etc) */ return; - } const unsigned long &ip = user_ip.sa4.sin_addr.s_addr; unsigned long reverse_ip = (ip << 24) | ((ip & 0xFF00) << 8) | ((ip & 0xFF0000) >> 8) | (ip >> 24); diff --git a/modules/protocol/bahamut.cpp b/modules/protocol/bahamut.cpp index 6aa097433..f485bd62c 100644 --- a/modules/protocol/bahamut.cpp +++ b/modules/protocol/bahamut.cpp @@ -143,14 +143,15 @@ class BahamutIRCdProto : public IRCDProto return; /* ZLine if we can instead */ - if (x->GetUser() == "*" && x->GetHost().find_first_not_of("0123456789:.") == Anope::string::npos) - try + if (x->GetUser() == "*") + { + sockaddrs a(x->GetHost()); + if (a.valid()) { - sockaddrs(x->GetHost()); IRCD->SendSZLineDel(x); return; } - catch (const SocketException &) { } + } UplinkSocket::Message() << "RAKILL " << x->GetHost() << " " << x->GetUser(); } @@ -214,14 +215,15 @@ class BahamutIRCdProto : public IRCDProto } /* ZLine if we can instead */ - if (x->GetUser() == "*" && x->GetHost().find_first_not_of("0123456789:.") == Anope::string::npos) - try + if (x->GetUser() == "*") + { + sockaddrs a(x->GetHost()); + if (a.valid()) { - sockaddrs(x->GetHost()); IRCD->SendSZLine(u, x); return; } - catch (const SocketException &) { } + } // Calculate the time left before this would expire, capping it at 2 days time_t timeleft = x->expires - Anope::CurTime; diff --git a/modules/protocol/inspircd11.cpp b/modules/protocol/inspircd11.cpp index 12a22e724..f978417f6 100644 --- a/modules/protocol/inspircd11.cpp +++ b/modules/protocol/inspircd11.cpp @@ -80,14 +80,15 @@ class InspIRCdProto : public IRCDProto return; /* ZLine if we can instead */ - if (x->GetUser() == "*" && x->GetHost().find_first_not_of("0123456789:.") == Anope::string::npos) - try + if (x->GetUser() == "*") + { + sockaddrs a(x->GetHost()); + if (a.valid()) { - sockaddrs(x->GetHost()); IRCD->SendSZLineDel(x); return; } - catch (const SocketException &) { } + } UplinkSocket::Message(OperServ) << "GLINE " << x->mask; } @@ -134,14 +135,15 @@ class InspIRCdProto : public IRCDProto } /* ZLine if we can instead */ - if (x->GetUser() == "*" && x->GetHost().find_first_not_of("0123456789:.") == Anope::string::npos) - try + if (x->GetUser() == "*") + { + sockaddrs a(x->GetHost()); + if (a.valid()) { - sockaddrs(x->GetHost()); IRCD->SendSZLine(u, x); return; } - catch (const SocketException &) { } + } // Calculate the time left before this would expire, capping it at 2 days time_t timeleft = x->expires - Anope::CurTime; diff --git a/modules/protocol/inspircd12.cpp b/modules/protocol/inspircd12.cpp index c3fa04b85..d46d8733e 100644 --- a/modules/protocol/inspircd12.cpp +++ b/modules/protocol/inspircd12.cpp @@ -180,14 +180,15 @@ class InspIRCd12Proto : public IRCDProto } /* ZLine if we can instead */ - if (x->GetUser() == "*" && x->GetHost().find_first_not_of("0123456789:.") == Anope::string::npos) - try + if (x->GetUser() == "*") + { + sockaddrs addr(x->GetHost()); + if (addr.valid()) { - sockaddrs(x->GetHost()); IRCD->SendSZLine(u, x); return; } - catch (const SocketException &) { } + } SendAddLine("G", x->GetUser() + "@" + x->GetHost(), timeleft, x->by, x->GetReason()); } diff --git a/modules/protocol/unreal.cpp b/modules/protocol/unreal.cpp index 4186ee5d0..ea5da3dbe 100644 --- a/modules/protocol/unreal.cpp +++ b/modules/protocol/unreal.cpp @@ -46,14 +46,15 @@ class UnrealIRCdProto : public IRCDProto return; /* ZLine if we can instead */ - if (x->GetUser() == "*" && x->GetHost().find_first_not_of("0123456789:.") == Anope::string::npos) - try + if (x->GetUser() == "*") + { + sockaddrs a(x->GetHost()); + if (a.valid()) { - sockaddrs(x->GetHost()); IRCD->SendSZLineDel(x); return; } - catch (const SocketException &) { } + } UplinkSocket::Message() << "TKL - G " << x->GetUser() << " " << x->GetHost() << " " << x->by; } @@ -108,14 +109,15 @@ class UnrealIRCdProto : public IRCDProto } /* ZLine if we can instead */ - if (x->GetUser() == "*" && x->GetHost().find_first_not_of("0123456789:.") == Anope::string::npos) - try + if (x->GetUser() == "*") + { + sockaddrs a(x->GetHost()); + if (a.valid()) { - sockaddrs(x->GetHost()); IRCD->SendSZLine(u, x); return; } - catch (const SocketException &) { } + } // Calculate the time left before this would expire, capping it at 2 days time_t timeleft = x->expires - Anope::CurTime; @@ -786,13 +788,9 @@ struct IRCDMessageNick : IRCDMessage Anope::string decoded_ip; Anope::B64Decode(params[9], decoded_ip); - try - { - sockaddrs ip_addr; - ip_addr.ntop(params[9].length() == 8 ? AF_INET : AF_INET6, decoded_ip.c_str()); - ip = ip_addr.addr(); - } - catch (const SocketException &ex) { } + sockaddrs ip_addr; + ip_addr.ntop(params[9].length() == 8 ? AF_INET : AF_INET6, decoded_ip.c_str()); + ip = ip_addr.addr(); } Anope::string vhost = params[8]; diff --git a/modules/pseudoclients/operserv.cpp b/modules/pseudoclients/operserv.cpp index 0720110cb..a451813ef 100644 --- a/modules/pseudoclients/operserv.cpp +++ b/modules/pseudoclients/operserv.cpp @@ -43,10 +43,7 @@ class SGLineManager : public XLineManager if (x->regex) { Anope::string uh = u->GetIdent() + "@" + u->host, nuhr = u->nick + "!" + uh + "#" + u->realname; - if (x->regex->Matches(uh) || x->regex->Matches(nuhr)) - return true; - - return false; + return x->regex->Matches(uh) || x->regex->Matches(nuhr); } if (!x->GetNick().empty() && !Anope::Match(u->nick, x->GetNick())) @@ -60,14 +57,8 @@ class SGLineManager : public XLineManager if (x->GetHost().find('/') != Anope::string::npos) { - try - { - cidr cidr_ip(x->GetHost()); - sockaddrs ip(u->ip); - if (cidr_ip.match(ip)) - return true; - } - catch (const SocketException &) { } + if (cidr(x->GetHost()).match(sockaddrs(u->ip))) + return true; } if (x->GetHost().empty() || Anope::Match(u->host, x->GetHost()) || Anope::Match(u->ip, x->GetHost())) |