mirror
/
oragono
mirror of https://github.com/oragono/oragono
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 69 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1284 Commits
21 Branches
Tree: dfb0a57040
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'dfb0a57040'
${ noResults }
oragono/irc/gateways.go

gateways.go 2.1KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889 
  1. // Copyright (c) 2012-2014 Jeremy Latt

  2. // Copyright (c) 2014-2015 Edmund Huber

  3. // Copyright (c) 2017 Daniel Oaks <daniel@danieloaks.net>

  4. // released under the MIT license

  5. 

  6. package irc

  7. 

  8. import (

  9. 	"fmt"

  10. 	"net"

  11. 

  12. 	"github.com/oragono/oragono/irc/modes"

  13. 	"github.com/oragono/oragono/irc/utils"

  14. )

  15. 

  16. type webircConfig struct {

  17. 	PasswordString string `yaml:"password"`

  18. 	Password       []byte `yaml:"password-bytes"`

  19. 	Fingerprint    string

  20. 	Hosts          []string

  21. }

  22. 

  23. // Populate fills out our password or fingerprint.

  24. func (wc *webircConfig) Populate() (err error) {

  25. 	if wc.Fingerprint == "" && wc.PasswordString == "" {

  26. 		return ErrNoFingerprintOrPassword

  27. 	}

  28. 

  29. 	if wc.PasswordString != "" {

  30. 		var password []byte

  31. 		wc.Password, err = decodeLegacyPasswordHash(wc.PasswordString)

  32. 		wc.Password = password

  33. 	}

  34. 	return err

  35. }

  36. 

  37. func isGatewayAllowed(addr net.Addr, gatewaySpec string) bool {

  38. 	// "localhost" includes any loopback IP or unix domain socket

  39. 	if gatewaySpec == "localhost" {

  40. 		return utils.AddrIsLocal(addr)

  41. 	}

  42. 

  43. 	ip := utils.AddrToIP(addr)

  44. 	if ip == nil {

  45. 		return false

  46. 	}

  47. 

  48. 	// exact IP match

  49. 	if ip.String() == gatewaySpec {

  50. 		return true

  51. 	}

  52. 

  53. 	// CIDR match

  54. 	_, gatewayNet, err := net.ParseCIDR(gatewaySpec)

  55. 	if err != nil {

  56. 		return false

  57. 	}

  58. 	return gatewayNet.Contains(ip)

  59. }

  60. 

  61. // ApplyProxiedIP applies the given IP to the client.

  62. func (client *Client) ApplyProxiedIP(proxiedIP string, tls bool) (exiting bool) {

  63. 	// ensure IP is sane

  64. 	parsedProxiedIP := net.ParseIP(proxiedIP)

  65. 	if parsedProxiedIP == nil {

  66. 		client.Quit(fmt.Sprintf(client.t("Proxied IP address is not valid: [%s]"), proxiedIP))

  67. 		return true

  68. 	}

  69. 

  70. 	isBanned, banMsg := client.server.checkBans(parsedProxiedIP)

  71. 	if isBanned {

  72. 		client.Quit(banMsg)

  73. 		return true

  74. 	}

  75. 

  76. 	// given IP is sane! override the client's current IP

  77. 	rawHostname := utils.LookupHostname(proxiedIP)

  78. 	client.stateMutex.Lock()

  79. 	client.proxiedIP = parsedProxiedIP

  80. 	client.rawHostname = rawHostname

  81. 	client.stateMutex.Unlock()

  82. 	// nickmask will be updated when the client completes registration

  83. 

  84. 	// set tls info

  85. 	client.certfp = ""

  86. 	client.SetMode(modes.TLS, tls)

  87. 

  88. 	return false

  89. }