From a68898df228d33c425815d0236ff6123e892e979 Mon Sep 17 00:00:00 2001 From: Bram Matthys Date: Thu, 22 Jan 2004 22:03:04 +0000 Subject: [PATCH] - Changed NOSPOOF msg in ./Config a bit since this can also be effective against "blind proxies" (like HTTP POST proxies). - WebTV updates: made it so (user generated) channel notices are now displayed as privmsgs in the channel. Also made the /knock channelnotice a privmsg for webtv. --- Changes | 4 ++++ Config | 7 +++---- src/channel.c | 14 ++++++++------ src/send.c | 25 +++++++++++++++++++++++-- 4 files changed, 38 insertions(+), 12 deletions(-) diff --git a/Changes b/Changes index 7c0e42fa3..3838e9076 100644 --- a/Changes +++ b/Changes @@ -2743,3 +2743,7 @@ seen. gmtime warning still there random numbers. We will also no longer be using rand()/random() anywhere. Thanks to dek\ for pointing out this is potentionally dangerous, especially on win32 with NOSPOOF enabled. +- Changed NOSPOOF msg in ./Config a bit since this can also be effective against + "blind proxies" (like HTTP POST proxies). +- WebTV updates: made it so (user generated) channel notices are now displayed as + privmsgs in the channel. Also made the /knock channelnotice a privmsg for webtv. diff --git a/Config b/Config index fb7da0d00..9bf3bcf20 100755 --- a/Config +++ b/Config @@ -163,11 +163,10 @@ while [ -z "$TEST" ] ; do echo "Many older operating systems have an insecure TCP/IP stack" echo "which may be vulnerable to IP spoofing attacks, if you run" echo "an operating system that is vulnerable to such attacks" - echo "enable this option. If you aren't sure if your OS is vulnerable" - echo "you should still enable it." + echo "enable this option. This option can also be useful to prevent" + echo "blind proxies from connecting (eg: HTTP POST proxies)." echo "" - echo "Do you have an insecure operating system and therefore want to" - echo "use the server anti-spoof protection?" + echo "Do you want to enable the server anti-spoof protection?" echo $n "[$TEST] -> $c" read cc if [ -z "$cc" ] ; then diff --git a/src/channel.c b/src/channel.c index abf49096d..64863ba75 100644 --- a/src/channel.c +++ b/src/channel.c @@ -5469,7 +5469,8 @@ void send_user_joins(aClient *cptr, aClient *user) CMD_FUNC(m_knock) { aChannel *chptr; - + char buf[1024], chbuf[CHANNELLEN + 8]; + if (IsServer(sptr)) return 0; @@ -5543,11 +5544,12 @@ CMD_FUNC(m_knock) return 0; } - sendto_channelprefix_butone(NULL, &me, chptr, PREFIX_OP|PREFIX_ADMIN|PREFIX_OWNER, - ":%s NOTICE " CHANOPPFX "%s :[Knock] by %s!%s@%s (%s) ", - me.name, chptr->chname, sptr->name, - sptr->user->username, GetHost(sptr), - parv[2] ? parv[2] : "no reason specified"); + ircsprintf(chbuf, "%s%s", CHANOPPFX, chptr->chname); + ircsprintf(buf, "[Knock] by %s!%s@%s (%s)", + sptr->name, sptr->user->username, GetHost(sptr), + parv[2] ? parv[2] : "no reason specified"); + sendto_channelprefix_butone_tok(NULL, &me, chptr, PREFIX_OP|PREFIX_ADMIN|PREFIX_OWNER, + MSG_NOTICE, TOK_NOTICE, chbuf, buf, 0); sendto_one(sptr, ":%s %s %s :Knocked on %s", me.name, IsWebTV(sptr) ? "PRIVMSG" : "NOTICE", sptr->name, chptr->chname); diff --git a/src/send.c b/src/send.c index b16752f5e..58642e7da 100644 --- a/src/send.c +++ b/src/send.c @@ -56,6 +56,7 @@ static char sendbuf[2048]; static char tcmd[2048]; static char ccmd[2048]; static char xcmd[2048]; +static char wcmd[2048]; /* this array is used to ensure we send a msg only once to a remote ** server. like, when we are sending a message to all channel members @@ -468,16 +469,20 @@ void sendto_channelprefix_butone_tok(aClient *one, aClient *from, aChannel *chpt aClient *acptr; int i; char is_ctcp = 0; - unsigned int tlen, clen, xlen; + unsigned int tlen, clen, xlen, wlen = 0; char *p; + /* For servers with token capability */ p = ircsprintf(tcmd, ":%s %s %s :%s", from->name, tok, nick, text); tlen = (int)(p - tcmd); ADD_CRLF(tcmd, tlen); + /* For dumb servers without tokens */ p = ircsprintf(ccmd, ":%s %s %s :%s", from->name, cmd, nick, text); clen = (int)(p - ccmd); ADD_CRLF(ccmd, clen); + + /* For our users... */ if (IsPerson(from)) p = ircsprintf(xcmd, ":%s!%s@%s %s %s :%s", from->name, from->user->username, GetHost(from), cmd, nick, text); @@ -486,6 +491,19 @@ void sendto_channelprefix_butone_tok(aClient *one, aClient *from, aChannel *chpt xlen = (int)(p - xcmd); ADD_CRLF(xcmd, xlen); + /* For our webtv friends... */ + if (!strcmp(cmd, "NOTICE")) + { + char *chan = strchr(nick, '#'); /* impossible to become NULL? */ + if (IsPerson(from)) + p = ircsprintf(wcmd, ":%s!%s@%s %s %s :%s", + from->name, from->user->username, GetHost(from), MSG_PRIVATE, chan, text); + else + p = ircsprintf(wcmd, ":%s %s %s :%s", from->name, MSG_PRIVATE, chan, text); + wlen = (int)(p - wcmd); + ADD_CRLF(wcmd, wlen); + } + if (do_send_check && *text == 1 && myncmp(text+1,"ACTION ",7) && myncmp(text+1,"DCC ",4)) is_ctcp = 1; @@ -522,7 +540,10 @@ void sendto_channelprefix_butone_tok(aClient *one, aClient *from, aChannel *chpt if (IsNoCTCP(acptr) && !IsOper(from) && is_ctcp) continue; - sendbufto_one(acptr, xcmd, xlen); + if (IsWebTV(acptr) && wlen) + sendbufto_one(acptr, wcmd, wlen); + else + sendbufto_one(acptr, xcmd, xlen); sentalong[i] = sentalong_marker; } else