Merge branch 'ScrubCTCP'
* ScrubCTCP: Add documentation for "ScrubCTCP" configuration option New option to scrub incoming CTCP commands
This commit is contained in:
commit
269310f04b
|
@ -166,6 +166,9 @@
|
||||||
# "PONG" reply.
|
# "PONG" reply.
|
||||||
;RequireAuthPing = no
|
;RequireAuthPing = no
|
||||||
|
|
||||||
|
# Silently drop all incomming CTCP requests.
|
||||||
|
;ScrubCTCP = no
|
||||||
|
|
||||||
# Syslog "facility" to which ngIRCd should send log messages.
|
# Syslog "facility" to which ngIRCd should send log messages.
|
||||||
# Possible values are system dependent, but most probably auth, daemon,
|
# Possible values are system dependent, but most probably auth, daemon,
|
||||||
# user and local1 through local7 are possible values; see syslog(3).
|
# user and local1 through local7 are possible values; see syslog(3).
|
||||||
|
|
|
@ -278,6 +278,16 @@ Let ngIRCd send an "authentication PING" when a new client connects, and
|
||||||
register this client only after receiving the corresponding "PONG" reply.
|
register this client only after receiving the corresponding "PONG" reply.
|
||||||
Default: no.
|
Default: no.
|
||||||
.TP
|
.TP
|
||||||
|
\fBScrubCTCP\fR (boolean)
|
||||||
|
If set to true, ngIRCd will silently drop all CTCP requests sent to it from
|
||||||
|
both clients and servers. It will also not forward CTCP requests to any
|
||||||
|
other servers. CTCP requests can be used to query user clients about which
|
||||||
|
software they are using and which versions said softare is. CTCP can also be
|
||||||
|
used to reveal clients IP numbers. ACTION CTCP requests are not blocked,
|
||||||
|
this means that /me commands will not be dropped, but please note that
|
||||||
|
blocking CTCP will disable file sharing between users!
|
||||||
|
Default: no.
|
||||||
|
.TP
|
||||||
\fBSyslogFacility\fR (string)
|
\fBSyslogFacility\fR (string)
|
||||||
Syslog "facility" to which ngIRCd should send log messages. Possible
|
Syslog "facility" to which ngIRCd should send log messages. Possible
|
||||||
values are system dependent, but most probably "auth", "daemon", "user"
|
values are system dependent, but most probably "auth", "daemon", "user"
|
||||||
|
|
|
@ -379,6 +379,7 @@ Conf_Test( void )
|
||||||
#ifndef STRICT_RFC
|
#ifndef STRICT_RFC
|
||||||
printf(" RequireAuthPing = %s\n", yesno_to_str(Conf_AuthPing));
|
printf(" RequireAuthPing = %s\n", yesno_to_str(Conf_AuthPing));
|
||||||
#endif
|
#endif
|
||||||
|
printf(" ScrubCTCP = %s\n", yesno_to_str(Conf_ScrubCTCP));
|
||||||
#ifdef SYSLOG
|
#ifdef SYSLOG
|
||||||
printf(" SyslogFacility = %s\n",
|
printf(" SyslogFacility = %s\n",
|
||||||
ngt_SyslogFacilityName(Conf_SyslogFacility));
|
ngt_SyslogFacilityName(Conf_SyslogFacility));
|
||||||
|
@ -698,6 +699,7 @@ Set_Defaults(bool InitServers)
|
||||||
#endif
|
#endif
|
||||||
Conf_PredefChannelsOnly = false;
|
Conf_PredefChannelsOnly = false;
|
||||||
#ifdef SYSLOG
|
#ifdef SYSLOG
|
||||||
|
Conf_ScrubCTCP = false;
|
||||||
#ifdef LOG_LOCAL5
|
#ifdef LOG_LOCAL5
|
||||||
Conf_SyslogFacility = LOG_LOCAL5;
|
Conf_SyslogFacility = LOG_LOCAL5;
|
||||||
#else
|
#else
|
||||||
|
@ -1485,6 +1487,10 @@ Handle_OPTIONS(int Line, char *Var, char *Arg)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
if (strcasecmp(Var, "ScrubCTCP") == 0) {
|
||||||
|
Conf_ScrubCTCP = Check_ArgIsTrue(Arg);
|
||||||
|
return;
|
||||||
|
}
|
||||||
#ifdef SYSLOG
|
#ifdef SYSLOG
|
||||||
if (strcasecmp(Var, "SyslogFacility") == 0) {
|
if (strcasecmp(Var, "SyslogFacility") == 0) {
|
||||||
Conf_SyslogFacility = ngt_SyslogFacilityID(Arg,
|
Conf_SyslogFacility = ngt_SyslogFacilityID(Arg,
|
||||||
|
|
|
@ -178,6 +178,9 @@ GLOBAL bool Conf_Ident;
|
||||||
/** Enable all usage of PAM, even when compiled with support for it */
|
/** Enable all usage of PAM, even when compiled with support for it */
|
||||||
GLOBAL bool Conf_PAM;
|
GLOBAL bool Conf_PAM;
|
||||||
|
|
||||||
|
/** Disable all CTCP commands except for /me ? */
|
||||||
|
GLOBAL bool Conf_ScrubCTCP;
|
||||||
|
|
||||||
/** Enable NOTICE AUTH messages on connect */
|
/** Enable NOTICE AUTH messages on connect */
|
||||||
GLOBAL bool Conf_NoticeAuth;
|
GLOBAL bool Conf_NoticeAuth;
|
||||||
|
|
||||||
|
|
|
@ -47,6 +47,7 @@
|
||||||
#include "numeric.h"
|
#include "numeric.h"
|
||||||
|
|
||||||
#include "exp.h"
|
#include "exp.h"
|
||||||
|
#include "conf.h"
|
||||||
|
|
||||||
struct _NUMERIC {
|
struct _NUMERIC {
|
||||||
int numeric;
|
int numeric;
|
||||||
|
@ -124,6 +125,8 @@ static bool Validate_Args PARAMS(( CONN_ID Idx, REQUEST *Req, bool *Closed ));
|
||||||
|
|
||||||
static bool Handle_Request PARAMS(( CONN_ID Idx, REQUEST *Req ));
|
static bool Handle_Request PARAMS(( CONN_ID Idx, REQUEST *Req ));
|
||||||
|
|
||||||
|
static bool ScrubCTCP PARAMS((char *Request));
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the pointer to the global "IRC command structure".
|
* Return the pointer to the global "IRC command structure".
|
||||||
* This structure, an array of type "COMMAND" describes all the IRC commands
|
* This structure, an array of type "COMMAND" describes all the IRC commands
|
||||||
|
@ -174,8 +177,10 @@ Parse_Request( CONN_ID Idx, char *Request )
|
||||||
/* remove leading & trailing whitespace */
|
/* remove leading & trailing whitespace */
|
||||||
ngt_TrimStr( Request );
|
ngt_TrimStr( Request );
|
||||||
|
|
||||||
if( Request[0] == ':' )
|
if (Conf_ScrubCTCP && ScrubCTCP(Request))
|
||||||
{
|
return true;
|
||||||
|
|
||||||
|
if (Request[0] == ':') {
|
||||||
/* Prefix */
|
/* Prefix */
|
||||||
req.prefix = Request + 1;
|
req.prefix = Request + 1;
|
||||||
ptr = strchr( Request, ' ' );
|
ptr = strchr( Request, ' ' );
|
||||||
|
@ -459,7 +464,6 @@ Handle_Numeric(CLIENT *client, REQUEST *Req)
|
||||||
return IRC_WriteStrClientPrefix(target, prefix, "%s", str);
|
return IRC_WriteStrClientPrefix(target, prefix, "%s", str);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static bool
|
static bool
|
||||||
Handle_Request( CONN_ID Idx, REQUEST *Req )
|
Handle_Request( CONN_ID Idx, REQUEST *Req )
|
||||||
{
|
{
|
||||||
|
@ -525,4 +529,39 @@ Handle_Request( CONN_ID Idx, REQUEST *Req )
|
||||||
} /* Handle_Request */
|
} /* Handle_Request */
|
||||||
|
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check if incoming messages contains CTCP commands and should be dropped.
|
||||||
|
*
|
||||||
|
* @param Request NULL terminated incoming command.
|
||||||
|
* @returns true, when the message should be dropped.
|
||||||
|
*/
|
||||||
|
static bool
|
||||||
|
ScrubCTCP(char *Request)
|
||||||
|
{
|
||||||
|
static const char me_cmd[] = "ACTION ";
|
||||||
|
static const char ctcp_char = 0x1;
|
||||||
|
bool dropCommand = false;
|
||||||
|
char *ptr = Request;
|
||||||
|
char *ptrEnd = strchr(Request, '\0');
|
||||||
|
|
||||||
|
if (Request[0] == ':' && ptrEnd > ptr)
|
||||||
|
ptr++;
|
||||||
|
|
||||||
|
while (ptr != ptrEnd && *ptr != ':')
|
||||||
|
ptr++;
|
||||||
|
|
||||||
|
if ((ptrEnd - ptr) > 1) {
|
||||||
|
ptr++;
|
||||||
|
if (*ptr == ctcp_char) {
|
||||||
|
dropCommand = true;
|
||||||
|
ptr++;
|
||||||
|
/* allow /me commands */
|
||||||
|
if ((size_t)(ptrEnd - ptr) >= strlen(me_cmd)
|
||||||
|
&& !strncmp(ptr, me_cmd, strlen(me_cmd)))
|
||||||
|
dropCommand = false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return dropCommand;
|
||||||
|
}
|
||||||
|
|
||||||
/* -eof- */
|
/* -eof- */
|
||||||
|
|
Loading…
Reference in New Issue