External/ergo
1
0
Fork 1
mirror of https://github.com/ergochat/ergo.git synced 2025-12-22 19:12:05 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

enum types simplifying sort, config fails on wrong action types

Browse source
This commit is contained in:
moocow 2018-04-24 13:47:35 +02:00
parent 5e7aceb75e
commit 6a9fa35d35
5 changed files with 151 additions and 63 deletions
Download patch file Download diff file Expand all files Collapse all files

101
irc/dnsbl.go
View file

@ -9,6 +9,16 @@ import (
"github.com/oragono/oragono/irc/sno"
)
// Constants
const (
DnsblRequireSaslReply uint = iota
DnsblAllowReply
DnsblBlockReply
DnsblNotifyReply
DnsblUnknownReply
)
// ReverseAddress returns IPv4 addresses reversed
func ReverseAddress(ip net.IP) string {
// This is a IPv4 address
if ip.To4() != nil {
@ -25,12 +35,7 @@ func ReverseAddress(ip net.IP) string {
return ip.String()
}
func LastIpOctet(addr string) string {
address := strings.Split(addr, ".")
return address[len(address)-1]
}
// LookupBlacklistEntry performs a lookup on the dnsbl on the client IP
func (server *Server) LookupBlacklistEntry(list *DnsblListEntry, client *Client) []string {
res, err := net.LookupHost(fmt.Sprintf("%s.%s", ReverseAddress(client.IP()), list.Host))
@ -42,23 +47,16 @@ func (server *Server) LookupBlacklistEntry(list *DnsblListEntry, client *Client)
if len(res) > 0 {
for _, addr := range res {
entries = append(entries, LastIpOctet(addr))
octet := strings.Split(addr, ".")
if len(octet) > 0 {
entries = append(entries, octet[len(octet)-1])
}
}
}
return entries
}
func sendDnsblMessage(client *Client, message string) {
/*fmt.Printf(client.server.DnsblConfig().Channel)
if channel := client.server.DnsblConfig().Channel; channel != "" {
fmt.Printf(channel)
client.Send(nil, client.server.name, "PRIVMSG", channel, message)
}
*/
client.server.snomasks.Send(sno.Dnsbl, message)
}
// ProcessBlacklist does
func (server *Server) ProcessBlacklist(client *Client) {
@ -67,56 +65,51 @@ func (server *Server) ProcessBlacklist(client *Client) {
return
}
channel := server.DnsblConfig().Channel
lists := server.DnsblConfig().Lists
type DnsblTypeResponse struct {
Host string
Action string
Reason string
Host string
ActionType uint
Reason string
}
var items = []DnsblTypeResponse{}
for _, list := range server.DnsblConfig().Lists {
for _, list := range lists {
response := DnsblTypeResponse{
Host: list.Host,
Action: list.Action,
Reason: list.Reason,
Host: list.Host,
ActionType: list.ActionType,
Reason: list.Reason,
}
// update action/reason if matched with new ...
for _, entry := range server.LookupBlacklistEntry(&list, client) {
if reply, exists := list.Reply[entry]; exists {
response.Action, response.Reason = reply.Action, reply.Reason
response.ActionType, response.Reason = list.ActionType, reply.Reason
}
items = append(items, response)
}
}
// Sort responses so that require-sasl blocks come first. Otherwise A>B (allow>block, allow>notify, block>notify)
// so that responses come in this order:
// - require-sasl
// - allow
// - block
// - notify
// Sorts in the following order: require-sasl, allow, block, notify
sort.Slice(items, func(i, j int) bool {
if items[i].Action == "require-sasl" {
return true
}
return items[i].Action > items[j].Action
return items[i].ActionType > items[j].ActionType
})
if len(items) > 0 {
item := items[0]
switch item.Action {
case "require-sasl":
sendDnsblMessage(client, fmt.Sprintf("Connecting client %s matched %s, requiring SASL to proceed", client.IP(), item.Host))
switch item.ActionType {
case DnsblRequireSaslReply:
client.sendServerMessage("", channel, sno.Dnsbl, fmt.Sprintf("Connecting client %s matched %s, requiring SASL to proceed", client.IP(), item.Host))
client.SetRequireSasl(true, item.Reason)
case "block":
sendDnsblMessage(client, fmt.Sprintf("Connecting client %s matched %s - killing", client.IP(), item.Host))
case DnsblBlockReply:
client.sendServerMessage("", channel, sno.Dnsbl, fmt.Sprintf("Connecting client %s matched %s - killing", client.IP(), item.Host))
client.Quit(strings.Replace(item.Reason, "{ip}", client.IPString(), -1))
case "notify":
sendDnsblMessage(client, fmt.Sprintf("Connecting client %s matched %s", client.IP(), item.Host))
case DnsblNotifyReply:
client.sendServerMessage("", channel, sno.Dnsbl, fmt.Sprintf("Connecting client %s matched %s", client.IP(), item.Host))
case "allow":
sendDnsblMessage(client, fmt.Sprintf("Allowing host %s [%s]", client.IP(), item.Host))
case DnsblAllowReply:
client.sendServerMessage("", channel, sno.Dnsbl, fmt.Sprintf("Allowing host %s [%s]", client.IP(), item.Host))
}
}
@ -130,13 +123,29 @@ func connectionRequiresSasl(client *Client) bool {
return false
}
channel := client.server.DnsblConfig().Channel
if client.Account() == "" {
sendDnsblMessage(client, fmt.Sprintf("Connecting client %s and did not authenticate through SASL - blocking connection", client.IP()))
//client.sendServerMessage("", channel, sno.Dnsbl, fmt.Sprintf("Connecting client %s and did not authenticate through SASL - blocking connection", client.IP()))
client.Quit(strings.Replace(reason, "{ip}", client.IPString(), -1))
return true
}
sendDnsblMessage(client, fmt.Sprintf("Connecting client %s authenticated through SASL - allowing", client.IP()))
client.sendServerMessage("", channel, sno.Dnsbl, fmt.Sprintf("Connecting client %s authenticated through SASL - allowing", client.IP()))
return false
}
func (client *Client) sendServerMessage(pseudo string, channel string, mask sno.Mask, message string) {
/*
This causes an out of bounds error - possibly in client.Send() - investigate further
if pseudo == "" {
pseudo = client.server.name
}
if channel != "" {
client.Send(nil, pseudo, "PRIVMSG", channel, message)
}
*/
client.server.snomasks.Send(mask, message)
}