X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd-alex.git;a=blobdiff_plain;f=src%2Fngircd%2Fparse.c;h=02ab8935d6ca465d33c70ac29f8e731f1f46307b;hp=8f5e6019694a53807d023b4df9010c281ad10d0b;hb=56b7e67307c1be110eaa4e84681bca03df21bd69;hpb=d61fbfc6e3a0a85ced036d8c1fa161fab0d9ba3d

diff --git a/src/ngircd/parse.c b/src/ngircd/parse.c
index 8f5e6019..02ab8935 100644
--- a/src/ngircd/parse.c
+++ b/src/ngircd/parse.c
@@ -47,6 +47,7 @@
 #include "numeric.h"
 
 #include "exp.h"
+#include "conf.h"
 
 struct _NUMERIC {
 	int numeric;
@@ -62,6 +63,7 @@ static COMMAND My_Commands[] =
 	{ "DIE", IRC_DIE, CLIENT_USER, 0, 0, 0 },
 	{ "DISCONNECT", IRC_DISCONNECT, CLIENT_USER, 0, 0, 0 },
 	{ "ERROR", IRC_ERROR, 0xFFFF, 0, 0, 0 },
+	{ "GLINE", IRC_xLINE, CLIENT_USER|CLIENT_SERVER, 0, 0, 0 },
 	{ "HELP", IRC_HELP, CLIENT_USER, 0, 0, 0 },
 	{ "INFO", IRC_INFO, CLIENT_USER|CLIENT_SERVER, 0, 0, 0 },
 	{ "INVITE", IRC_INVITE, CLIENT_USER|CLIENT_SERVER, 0, 0, 0 },
@@ -69,6 +71,7 @@ static COMMAND My_Commands[] =
 	{ "JOIN", IRC_JOIN, CLIENT_USER|CLIENT_SERVER, 0, 0, 0 },
 	{ "KICK", IRC_KICK, CLIENT_USER|CLIENT_SERVER, 0, 0, 0 },
 	{ "KILL", IRC_KILL, CLIENT_USER|CLIENT_SERVER, 0, 0, 0 },
+	{ "KLINE", IRC_xLINE, CLIENT_USER|CLIENT_SERVER, 0, 0, 0 },
 	{ "LINKS", IRC_LINKS, CLIENT_USER|CLIENT_SERVER, 0, 0, 0 },
 	{ "LIST", IRC_LIST, CLIENT_USER|CLIENT_SERVER, 0, 0, 0 },
 	{ "LUSERS", IRC_LUSERS, CLIENT_USER|CLIENT_SERVER, 0, 0, 0 },
@@ -124,6 +127,8 @@ static bool Validate_Args PARAMS(( CONN_ID Idx, REQUEST *Req, bool *Closed ));
 
 static bool Handle_Request PARAMS(( CONN_ID Idx, REQUEST *Req ));
 
+static bool ScrubCTCP PARAMS((char *Request));
+
 /**
  * Return the pointer to the global "IRC command structure".
  * This structure, an array of type "COMMAND" describes all the IRC commands
@@ -174,8 +179,10 @@ Parse_Request( CONN_ID Idx, char *Request )
 	/* remove leading & trailing whitespace */
 	ngt_TrimStr( Request );
 
-	if( Request[0] == ':' )
-	{
+	if (Conf_ScrubCTCP && ScrubCTCP(Request))
+		return true;
+
+	if (Request[0] == ':') {
 		/* Prefix */
 		req.prefix = Request + 1;
 		ptr = strchr( Request, ' ' );
@@ -280,6 +287,7 @@ Validate_Prefix( CONN_ID Idx, REQUEST *Req, bool *Closed )
 	assert( client != NULL );
 
 	if (!Req->prefix && Client_Type(client) == CLIENT_SERVER
+	    && !(Conn_Options(Idx) & CONN_RFC1459)
 	    && strcasecmp(Req->command, "ERROR") != 0
 	    && strcasecmp(Req->command, "PING") != 0)
 	{
@@ -319,13 +327,21 @@ Validate_Prefix( CONN_ID Idx, REQUEST *Req, bool *Closed )
 	/* check if the client named in the prefix is expected
 	 * to come from that direction */
 	if (Client_NextHop(c) != client) {
-		Log(LOG_ERR,
-		    "Spoofed prefix \"%s\" from \"%s\" (connection %d, command \"%s\")!",
-		    Req->prefix, Client_Mask(Conn_GetClient(Idx)), Idx,
-		    Req->command);
-		Conn_Close(Idx, NULL, "Spoofed prefix", true);
-		*Closed = true;
+		if (Client_Type(c) != CLIENT_SERVER) {
+			Log(LOG_ERR,
+			    "Spoofed prefix \"%s\" from \"%s\" (connection %d, command \"%s\")!",
+			    Req->prefix, Client_Mask(Conn_GetClient(Idx)), Idx,
+			    Req->command);
+			Conn_Close(Idx, NULL, "Spoofed prefix", true);
+			*Closed = true;
+		} else {
+			Log(LOG_INFO,
+			    "Ignoring spoofed prefix \"%s\" from \"%s\" (connection %d, command \"%s\").",
+			    Req->prefix, Client_Mask(Conn_GetClient(Idx)), Idx,
+			    Req->command);
+		}
 		return false;
+
 	}
 
 	return true;
@@ -458,7 +474,6 @@ Handle_Numeric(CLIENT *client, REQUEST *Req)
 	return IRC_WriteStrClientPrefix(target, prefix, "%s", str);
 }
 
-
 static bool
 Handle_Request( CONN_ID Idx, REQUEST *Req )
 {
@@ -524,4 +539,39 @@ Handle_Request( CONN_ID Idx, REQUEST *Req )
 } /* Handle_Request */
 
 
+/**
+ * Check if incoming messages contains CTCP commands and should be dropped.
+ *
+ * @param Request NULL terminated incoming command.
+ * @returns true, when the message should be dropped.
+ */
+static bool
+ScrubCTCP(char *Request)
+{
+	static const char me_cmd[] = "ACTION ";
+	static const char ctcp_char = 0x1;
+	bool dropCommand = false;
+	char *ptr = Request;
+	char *ptrEnd = strchr(Request, '\0');
+
+	if (Request[0] == ':' && ptrEnd > ptr)
+		ptr++;
+
+	while (ptr != ptrEnd && *ptr != ':')
+		ptr++;
+
+	if ((ptrEnd - ptr) > 1) {
+		ptr++;
+		if (*ptr == ctcp_char) {
+			dropCommand = true;
+			ptr++;
+			/* allow /me commands */
+			if ((size_t)(ptrEnd - ptr) >= strlen(me_cmd)
+			    && !strncmp(ptr, me_cmd, strlen(me_cmd)))
+				dropCommand = false;
+		}
+	}
+	return dropCommand;
+}
+
 /* -eof- */