Module: ngircd.git Branch: master Commit: cccd8fc957e893e250324b65146df8fca4680f11 URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=cccd8...
Author: Alexander Barton alex@barton.de Date: Thu Sep 26 02:26:24 2013 +0200
Adjust log messages for invalid and spoofed prefixes
Now invalid prefixes aren't logged no more when originating from an other server (besides in debug mode), and spoofed prefixes are correctly logged using LOG_WARNING (from an other server) or LOG_ERR (from a client) levels.
In addition, the log message texts have been adjusted to better reflect what will happen: commands with invalid prefixes are ignored and logged, commands with spoofed prefixes will result in the client being disconncted (regular users) or the command being ignored (other servers).
This cleans up logging of commands related to already KILL'ed clients.
---
src/ngircd/parse.c | 34 ++++++++++++++++++---------------- 1 file changed, 18 insertions(+), 16 deletions(-)
diff --git a/src/ngircd/parse.c b/src/ngircd/parse.c index bc01e09..5006d2f 100644 --- a/src/ngircd/parse.c +++ b/src/ngircd/parse.c @@ -325,15 +325,20 @@ Validate_Prefix( CONN_ID Idx, REQUEST *Req, bool *Closed ) }
/* check if client in prefix is known */ - c = Client_Search( Req->prefix ); + c = Client_Search(Req->prefix); if (!c) { - Log(LOG_ERR, - "Invalid prefix "%s", client not known (connection %d, command "%s")!?", - Req->prefix, Idx, Req->command); - if (!Conn_WriteStr(Idx, - "ERROR :Invalid prefix "%s", client not known", - Req->prefix)) - *Closed = true; + if (Client_Type(client) != CLIENT_SERVER) { + Log(LOG_ERR, + "Ignoring command with invalid prefix "%s" from "%s" (connection %d, command "%s")!", + Req->prefix, Client_ID(client), Idx, Req->command); + if (!Conn_WriteStr(Idx, + "ERROR :Invalid prefix "%s"", + Req->prefix)) + *Closed = true; + IRC_SetPenalty(client, 2); + } else + LogDebug("Ignoring command with invalid prefix "%s" from "%s" (connection %d, command "%s")!", + Req->prefix, Client_ID(client), Idx, Req->command); return false; }
@@ -342,19 +347,16 @@ Validate_Prefix( CONN_ID Idx, REQUEST *Req, bool *Closed ) if (Client_NextHop(c) != client) { if (Client_Type(c) != CLIENT_SERVER) { Log(LOG_ERR, - "Spoofed prefix "%s" from "%s" (connection %d, command "%s")!", - Req->prefix, Client_Mask(Conn_GetClient(Idx)), Idx, - Req->command); + "Spoofed prefix "%s" from "%s" (connection %d, command "%s"), closing connection!", + Req->prefix, Client_ID(client), Idx, Req->command); Conn_Close(Idx, NULL, "Spoofed prefix", true); *Closed = true; } else { - Log(LOG_INFO, - "Ignoring spoofed prefix "%s" from "%s" (connection %d, command "%s").", - Req->prefix, Client_Mask(Conn_GetClient(Idx)), Idx, - Req->command); + Log(LOG_WARNING, + "Ignoring command with spoofed prefix "%s" from "%s" (connection %d, command "%s")!", + Req->prefix, Client_ID(client), Idx, Req->command); } return false; - }
return true;