diff -urN irc-cvs/common/numeric_def.h irc-cvs-nospoof/common/numeric_def.h --- irc-cvs/common/numeric_def.h Wed Jan 20 12:28:46 1999 +++ irc-cvs-nospoof/common/numeric_def.h Tue Mar 16 12:45:56 1999 @@ -198,6 +198,10 @@ #define ERR_UMODEUNKNOWNFLAG 501 #define ERR_USERSDONTMATCH 502 +#if defined(NOSPOOF) +#define ERR_BADPING 513 +#endif + /* * Numberic replies from server commands. * These are currently in the range 200-399. diff -urN irc-cvs/common/parse.c irc-cvs-nospoof/common/parse.c --- irc-cvs/common/parse.c Tue Dec 29 02:44:57 1998 +++ irc-cvs-nospoof/common/parse.c Tue Mar 16 12:45:56 1999 @@ -56,7 +56,11 @@ { MSG_INVITE, m_invite, MAXPARA, MSG_LAG|MSG_REGU, 0, 0, 0L}, { MSG_WALLOPS, m_wallops, MAXPARA, MSG_LAG|MSG_REG|MSG_NOU, 0, 0, 0L}, { MSG_PING, m_ping, MAXPARA, MSG_LAG|MSG_REG, 0, 0, 0L}, +#if defined(NOSPOOF) + { MSG_PONG, m_pong, MAXPARA, MSG_LAG, 0, 0, 0L}, +#else { MSG_PONG, m_pong, MAXPARA, MSG_LAG|MSG_REG, 0, 0, 0L}, +#endif { MSG_ERROR, m_error, MAXPARA, MSG_LAG|MSG_REG|MSG_NOU, 0, 0, 0L}, #ifdef OPER_KILL { MSG_KILL, m_kill, MAXPARA, MSG_LAG|MSG_REG|MSG_OP|MSG_LOP, 0,0, 0L}, diff -urN irc-cvs/common/send.c irc-cvs-nospoof/common/send.c --- irc-cvs/common/send.c Fri Feb 5 10:26:35 1999 +++ irc-cvs-nospoof/common/send.c Tue Mar 16 12:45:56 1999 @@ -392,6 +392,9 @@ NULL, # endif 0, {0, 0, NULL }, {0, 0, NULL }, +#if defined(NOSPOOF) + -1, +#endif 0, 0, 0, 0, 0, 0, 0, 0, 0, NULL, NULL, 0, NULL, 0 # if defined(__STDC__) /* hack around union{} initialization -Vesa */ ,{0}, NULL, "", "" diff -urN irc-cvs/common/struct_def.h irc-cvs-nospoof/common/struct_def.h --- irc-cvs/common/struct_def.h Sun Mar 14 11:59:54 1999 +++ irc-cvs-nospoof/common/struct_def.h Tue Mar 16 12:45:56 1999 @@ -432,6 +432,9 @@ short lastsq; /* # of 2k blocks when sendqueued called last*/ dbuf sendQ; /* Outgoing message queue--if socket full */ dbuf recvQ; /* Hold for data incoming yet to be parsed */ +#if defined(NOSPOOF) + u_long cookie; /* Random cookie local clients must PONG */ +#endif long sendM; /* Statistics: protocol messages send */ long sendK; /* Statistics: total k-bytes send */ long receiveM; /* Statistics: protocol messages received */ diff -urN irc-cvs/ircd/ircd.c irc-cvs-nospoof/ircd/ircd.c --- irc-cvs/ircd/ircd.c Sun Mar 14 11:59:58 1999 +++ irc-cvs-nospoof/ircd/ircd.c Tue Mar 16 12:45:56 1999 @@ -493,6 +493,22 @@ else { cptr->exitc = EXITC_PING; +#if defined(NOSPOOF) + if((!IsRegistered(cptr)) && (cptr->name) && + (cptr->username)) + { + sendto_one(cptr, + ":%s %d %s :Your client may not be compatible with this server.", + me.name, ERR_BADPING, cptr->name); + /* Someone suggest a better + * place? :) - Earthpig + */ + sendto_one(cptr, + ":%s %d %s :Compatible clients are available at " + "ftp://yoyo.cc.monash.edu.au/pub/irc/clients/", + me.name, ERR_BADPING, cptr->name); + } +#endif (void)exit_client(cptr, cptr, &me, "Ping timeout"); } diff -urN irc-cvs/ircd/list.c irc-cvs-nospoof/ircd/list.c --- irc-cvs/ircd/list.c Tue Dec 29 02:44:57 1998 +++ irc-cvs-nospoof/ircd/list.c Tue Mar 16 12:45:56 1999 @@ -146,6 +146,9 @@ if (size == CLIENT_LOCAL_SIZE) { cptr->since = cptr->lasttime = cptr->firsttime = timeofday; +#if defined(NOSPOOF) + cptr->cookie = 0; +#endif cptr->confs = NULL; cptr->sockhost[0] = '\0'; cptr->buffer[0] = '\0'; diff -urN irc-cvs/ircd/random.c irc-cvs-nospoof/ircd/random.c --- irc-cvs/ircd/random.c Thu Jan 1 10:00:00 1970 +++ irc-cvs-nospoof/ircd/random.c Tue Mar 16 12:45:56 1999 @@ -0,0 +1,162 @@ +/************************************************************************ + * IRC - Internet Relay Chat, ircd/random.c + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 1, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#include +#include +#include +#include +#include "os.h" +#include "s_defines.h" + +#ifdef NOSPOOF + +char localkey[8] = RANDOM_SEED; + +/* + * MD5 transform algorithm, taken from code written by Colin Plumb, + * and put into the public domain + * + * Kev: Taken from Ted T'so's /dev/random random.c code and modified to + * be slightly simpler. That code is released under a BSD-style copyright + * OR under the terms of the GNU Public License, which should be included + * at the top of this source file. + * + * record: Cleaned up to work with ircd. RANDOM_TOKEN is defined in + * setup.h by the make script; if people start to "guess" your cookies, + * consider recompiling your server with a different random token. + */ + +/* The four core functions - F1 is optimized somewhat */ + +#define F1(x, y, z) (z ^ (x & (y ^ z))) +#define F2(x, y, z) F1(z, x, y) +#define F3(x, y, z) (x ^ y ^ z) +#define F4(x, y, z) (y ^ (x | ~z)) + +/* This is the central step in the MD5 algorithm. */ +#define MD5STEP(f, w, x, y, z, data, s) \ + ( w += f(x, y, z) + data, w = w<>(32-s), w += x ) + +/* + * The core of the MD5 algorithm, this alters an existing MD5 hash to + * reflect the addition of 16 longwords of new data. MD5Update blocks + * the data and converts bytes into longwords for this routine. + * + * original comment left in; this used to be called MD5Transform and took + * two arguments; I've internalized those arguments, creating the character + * array "localkey," which should contain 8 bytes of data. The function also + * originally returned nothing; now it returns an unsigned long that is the + * random number. It appears to be reallyrandom, so... -Kev + * + * I don't really know what this does. I tried to figure it out and got + * a headache. If you know what's good for you, you'll leave this stuff + * for the smart people and do something else. -record + */ +unsigned long ircrandom(void) +{ + unsigned long a, b, c, d; + unsigned char in[16]; + struct timeval tv; + + (void)gettimeofday(&tv, NULL); + + (void)memcpy((void *)in, (void *)localkey, 8); + (void)memcpy((void *)(in+8), (void *)&tv.tv_sec, 4); + (void)memcpy((void *)(in+12), (void *)&tv.tv_usec, 4); + + a = 0x67452301; + b = 0xefcdab89; + c = 0x98badcfe; + d = 0x10325476; + + MD5STEP(F1, a, b, c, d, (long)in[ 0]+0xd76aa478, 7); + MD5STEP(F1, d, a, b, c, (long)in[ 1]+0xe8c7b756, 12); + MD5STEP(F1, c, d, a, b, (long)in[ 2]+0x242070db, 17); + MD5STEP(F1, b, c, d, a, (long)in[ 3]+0xc1bdceee, 22); + MD5STEP(F1, a, b, c, d, (long)in[ 4]+0xf57c0faf, 7); + MD5STEP(F1, d, a, b, c, (long)in[ 5]+0x4787c62a, 12); + MD5STEP(F1, c, d, a, b, (long)in[ 6]+0xa8304613, 17); + MD5STEP(F1, b, c, d, a, (long)in[ 7]+0xfd469501, 22); + MD5STEP(F1, a, b, c, d, (long)in[ 8]+0x698098d8, 7); + MD5STEP(F1, d, a, b, c, (long)in[ 9]+0x8b44f7af, 12); + MD5STEP(F1, c, d, a, b, (long)in[10]+0xffff5bb1, 17); + MD5STEP(F1, b, c, d, a, (long)in[11]+0x895cd7be, 22); + MD5STEP(F1, a, b, c, d, (long)in[12]+0x6b901122, 7); + MD5STEP(F1, d, a, b, c, (long)in[13]+0xfd987193, 12); + MD5STEP(F1, c, d, a, b, (long)in[14]+0xa679438e, 17); + MD5STEP(F1, b, c, d, a, (long)in[15]+0x49b40821, 22); + + MD5STEP(F2, a, b, c, d, (long)in[ 1]+0xf61e2562, 5); + MD5STEP(F2, d, a, b, c, (long)in[ 6]+0xc040b340, 9); + MD5STEP(F2, c, d, a, b, (long)in[11]+0x265e5a51, 14); + MD5STEP(F2, b, c, d, a, (long)in[ 0]+0xe9b6c7aa, 20); + MD5STEP(F2, a, b, c, d, (long)in[ 5]+0xd62f105d, 5); + MD5STEP(F2, d, a, b, c, (long)in[10]+0x02441453, 9); + MD5STEP(F2, c, d, a, b, (long)in[15]+0xd8a1e681, 14); + MD5STEP(F2, b, c, d, a, (long)in[ 4]+0xe7d3fbc8, 20); + MD5STEP(F2, a, b, c, d, (long)in[ 9]+0x21e1cde6, 5); + MD5STEP(F2, d, a, b, c, (long)in[14]+0xc33707d6, 9); + MD5STEP(F2, c, d, a, b, (long)in[ 3]+0xf4d50d87, 14); + MD5STEP(F2, b, c, d, a, (long)in[ 8]+0x455a14ed, 20); + MD5STEP(F2, a, b, c, d, (long)in[13]+0xa9e3e905, 5); + MD5STEP(F2, d, a, b, c, (long)in[ 2]+0xfcefa3f8, 9); + MD5STEP(F2, c, d, a, b, (long)in[ 7]+0x676f02d9, 14); + MD5STEP(F2, b, c, d, a, (long)in[12]+0x8d2a4c8a, 20); + + MD5STEP(F3, a, b, c, d, (long)in[ 5]+0xfffa3942, 4); + MD5STEP(F3, d, a, b, c, (long)in[ 8]+0x8771f681, 11); + MD5STEP(F3, c, d, a, b, (long)in[11]+0x6d9d6122, 16); + MD5STEP(F3, b, c, d, a, (long)in[14]+0xfde5380c, 23); + MD5STEP(F3, a, b, c, d, (long)in[ 1]+0xa4beea44, 4); + MD5STEP(F3, d, a, b, c, (long)in[ 4]+0x4bdecfa9, 11); + MD5STEP(F3, c, d, a, b, (long)in[ 7]+0xf6bb4b60, 16); + MD5STEP(F3, b, c, d, a, (long)in[10]+0xbebfbc70, 23); + MD5STEP(F3, a, b, c, d, (long)in[13]+0x289b7ec6, 4); + MD5STEP(F3, d, a, b, c, (long)in[ 0]+0xeaa127fa, 11); + MD5STEP(F3, c, d, a, b, (long)in[ 3]+0xd4ef3085, 16); + MD5STEP(F3, b, c, d, a, (long)in[ 6]+0x04881d05, 23); + MD5STEP(F3, a, b, c, d, (long)in[ 9]+0xd9d4d039, 4); + MD5STEP(F3, d, a, b, c, (long)in[12]+0xe6db99e5, 11); + MD5STEP(F3, c, d, a, b, (long)in[15]+0x1fa27cf8, 16); + MD5STEP(F3, b, c, d, a, (long)in[ 2]+0xc4ac5665, 23); + + MD5STEP(F4, a, b, c, d, (long)in[ 0]+0xf4292244, 6); + MD5STEP(F4, d, a, b, c, (long)in[ 7]+0x432aff97, 10); + MD5STEP(F4, c, d, a, b, (long)in[14]+0xab9423a7, 15); + MD5STEP(F4, b, c, d, a, (long)in[ 5]+0xfc93a039, 21); + MD5STEP(F4, a, b, c, d, (long)in[12]+0x655b59c3, 6); + MD5STEP(F4, d, a, b, c, (long)in[ 3]+0x8f0ccc92, 10); + MD5STEP(F4, c, d, a, b, (long)in[10]+0xffeff47d, 15); + MD5STEP(F4, b, c, d, a, (long)in[ 1]+0x85845dd1, 21); + MD5STEP(F4, a, b, c, d, (long)in[ 8]+0x6fa87e4f, 6); + MD5STEP(F4, d, a, b, c, (long)in[15]+0xfe2ce6e0, 10); + MD5STEP(F4, c, d, a, b, (long)in[ 6]+0xa3014314, 15); + MD5STEP(F4, b, c, d, a, (long)in[13]+0x4e0811a1, 21); + MD5STEP(F4, a, b, c, d, (long)in[ 4]+0xf7537e82, 6); + MD5STEP(F4, d, a, b, c, (long)in[11]+0xbd3af235, 10); + MD5STEP(F4, c, d, a, b, (long)in[ 2]+0x2ad7d2bb, 15); + MD5STEP(F4, b, c, d, a, (long)in[ 9]+0xeb86d391, 21); + + /* + * we have 4 unsigned longs generated by the above sequence; this scrambles + * them together so that if there is any pattern, it will be obscured. + */ + return (a ^ b ^ c ^ d); +} + +#endif diff -urN irc-cvs/ircd/s_debug.c irc-cvs-nospoof/ircd/s_debug.c --- irc-cvs/ircd/s_debug.c Fri Feb 5 10:44:16 1999 +++ irc-cvs-nospoof/ircd/s_debug.c Tue Mar 16 12:45:56 1999 @@ -148,6 +148,9 @@ #ifdef INET6 '6', #endif +#if defined(NOSPOOF) +'*', +#endif '\0'}; #ifdef DEBUGMODE @@ -344,7 +347,7 @@ sendto_one(cptr, ":%s %d %s :BS:%d MXR:%d MXB:%d MXBL:%d PY:%d", ME, RPL_STATSDEFINE, nick, BUFSIZE, MAXRECIPIENTS, MAXBANS, MAXBANLENGTH, MAXPENALTY); - sendto_one(cptr, ":%s %d %s :ZL:%d CM:%d CP:%d", + sendto_one(cptr, ":%s %d %s :ZL:%d CM:%d CP:%d NS:%s", ME, RPL_STATSDEFINE, nick, #ifdef ZIP_LINKS ZIP_LEVEL, @@ -352,9 +355,14 @@ -1, #endif #ifdef CLONE_CHECK - CLONE_MAX, CLONE_PERIOD + CLONE_MAX, CLONE_PERIOD, +#else + -1, -1, +#endif +#if defined(NOSPOOF) + "yes" #else - -1, -1 + "no" #endif ); } diff -urN irc-cvs/ircd/s_err.c irc-cvs-nospoof/ircd/s_err.c --- irc-cvs/ircd/s_err.c Sun Feb 28 02:45:29 1999 +++ irc-cvs-nospoof/ircd/s_err.c Tue Mar 16 12:45:56 1999 @@ -162,6 +162,19 @@ { 0, (char *)NULL }, /* 501 */ { ERR_UMODEUNKNOWNFLAG, ":Unknown MODE flag" }, /* 502 */ { ERR_USERSDONTMATCH, ":Can't change mode for other users" }, +#if defined(NOSPOOF) + { 0, (char *)NULL }, + { 0, (char *)NULL }, + { 0, (char *)NULL }, + { 0, (char *)NULL }, + { 0, (char *)NULL }, + { 0, (char *)NULL }, + { 0, (char *)NULL }, + { 0, (char *)NULL }, + { 0, (char *)NULL }, + { 0, (char *)NULL }, +/* 513 */ { ERR_BADPING, (char *)NULL }, +#endif { 0, (char *)NULL } }; diff -urN irc-cvs/ircd/s_user.c irc-cvs-nospoof/ircd/s_user.c --- irc-cvs/ircd/s_user.c Tue Mar 16 12:32:51 1999 +++ irc-cvs-nospoof/ircd/s_user.c Tue Mar 16 12:51:41 1999 @@ -335,9 +335,9 @@ /* ** register_user -** This function is called when both NICK and USER messages -** have been accepted for the client, in whatever order. Only -** after this the USER message is propagated. +** This function is called when both NICK and USER [and maybe PONG] +** messages have been accepted for the client, in whatever order. +** Only after this the USER message is propagated. ** ** NICK's must be propagated at once when received, although ** it would be better to delay them too until full info is @@ -1007,9 +1007,30 @@ /* This had to be copied here to avoid problems.. */ (void)strcpy(sptr->name, nick); +#if defined(NOSPOOF) + /* If the client hasn't gotten a cookie-ping yet, + choose a cookie and send it. -record!jegelhof@cloud9.net */ + + if (!sptr->cookie) + { + while((!sptr->cookie) || (sptr->cookie==-1)) + sptr->cookie=(ircrandom()); + sendto_one(cptr, "PING :%lu", sptr->cookie); + sendto_one(sptr, + ":%s %d %s :If your client freezes here, type /QUOTE PONG %lu " + "or /PONG %lu ", + me.name, ERR_BADPING, sptr->name, + sptr->cookie, sptr->cookie); + } + + if ((sptr->user) && (sptr->cookie==-1)) + { +#else if (sptr->user) +#endif /* - ** USER already received, now we have NICK. + ** USER [and possibly PONG] already received, + ** now we have NICK. ** *NOTE* For servers "NICK" *must* precede the ** user message (giving USER before NICK is possible ** only for local client connection!). register_user @@ -1020,6 +1041,9 @@ sptr->user->username) == FLUSH_BUFFER) return FLUSH_BUFFER; +#if defined(NOSPOOF) + } +#endif } /* ** Finally set new nick name. @@ -1849,7 +1873,12 @@ if (strlen(realname) > REALLEN) realname[REALLEN] = '\0'; sptr->info = mystrdup(realname); - if (sptr->name[0]) /* NICK already received, now we have USER... */ + if ((sptr->name[0]) +#if defined(NOSPOOF) + && (!MyConnect(sptr) || (sptr->cookie==-1)) +#endif + ) + /* NICK already received, now we have USER... */ { if ((parc == 6) && IsServer(cptr)) /* internal m_user() */ { @@ -2222,7 +2251,32 @@ aClient *acptr; char *origin, *destination; - if (parc < 2 || *parv[1] == '\0') +#if defined(NOSPOOF) + /* Check to see if this is a PONG :cookie reply from an + unregistered user. If so, process it. -record */ + + if((!IsRegistered(sptr)) && (sptr->cookie!=0) && + (sptr->cookie!=-1) && (parc>1)) + { + if(strtoul(parv[parc-1],NULL,10)==sptr->cookie) + { + sptr->cookie=-1; + if((sptr->user) && (sptr->name[0])) + /* NICK and USER OK */ + return register_user(cptr, sptr, sptr->name, + sptr->user->username); + } + else + sendto_one(sptr, + ":%s %d %s :To connect, type /QUOTE PONG %lu or /PONG %lu", + me.name, ERR_BADPING, sptr->name, + sptr->cookie, sptr->cookie); + + return 1; + } +#endif + + if (parc < 2 || *parv[1] == '\0') { sendto_one(sptr, err_str(ERR_NOORIGIN, parv[0])); return 1; diff -urN irc-cvs/support/Makefile.in irc-cvs-nospoof/support/Makefile.in --- irc-cvs/support/Makefile.in Fri Mar 12 20:06:00 1999 +++ irc-cvs-nospoof/support/Makefile.in Tue Mar 16 12:47:37 1999 @@ -153,7 +153,7 @@ SERVER_OBJS = channel.o class.o hash.o ircd.o list.o res.o s_auth.o \ s_bsd.o s_conf.o s_debug.o s_err.o s_id.o s_misc.o s_numeric.o \ s_serv.o s_service.o s_user.o s_zip.o whowas.o \ - res_init.o res_comp.o res_mkquery.o + res_init.o res_comp.o res_mkquery.o random.o IAUTH_COMMON_OBJS = clsupport.o clmatch.o # This is a little evil IAUTH_OBJS = iauth.o a_conf.o a_io.o a_log.o \ @@ -431,6 +431,9 @@ res_mkquery.o: ../ircd/res_mkquery.c setup.h config.h $(CC) $(S_CFLAGS) -c -o $@ ../ircd/res_mkquery.c + +random.o: ../ircd/random.c setup.h config.h + $(CC) $(S_CFLAGS) -c -o $@ ../ircd/random.c iauth.o: ../iauth/iauth.c config.h setup.h $(CC) $(A_CFLAGS) -c -o $@ ../iauth/iauth.c diff -urN irc-cvs/support/config.h.dist irc-cvs-nospoof/support/config.h.dist --- irc-cvs/support/config.h.dist Mon Feb 22 10:41:32 1999 +++ irc-cvs-nospoof/support/config.h.dist Tue Mar 16 12:45:57 1999 @@ -374,6 +374,30 @@ */ #undef CLONE_CHECK +/* Define this to turn on code that enables a PING/PONG cookies sequence + * whenever a client connects. The purpose of this is to prevent IP + * spoofing (normally based on predicting TCP/IP sequence numbers). + * This breaks the RFC slightly, but so far only one (old) client has + * been encountered that breaks. There's a small overhead if you define + * it, but it's essential for older BSD-based (or any other) TCP/IP + * stacks with predictable sequence numbers. + */ + +#undef NOSPOOF + +/* Random number generator seed -- used for cookies if NOSPOOF is + * defined. + * + * Set this to an 8 character random text string. + * Do _NOT_ use the default text. + * If people are able to defeat the IP-spoofing protection on your + * server, please consider changing this value and recompiling. + */ + +#if defined(NOSPOOF) +#define RANDOM_SEED "ChangeMe" +#endif + /* STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP */ /* STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP */ /* STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP STOP */