Commit Diff
Diff:
6680b536c4da7dc27e11490fe098e98cb0393fa2
695df6532ec717e5571e1ddc2c88a8c968603c5a
Commit:
695df6532ec717e5571e1ddc2c88a8c968603c5a
Tree:
a7f2fc30f81804bf6f3bb2ec1209d0bf14acacc1
Author:
Alexander Barton <alex@barton.de>
Committer:
Alexander Barton <alex@barton.de>
Date:
Fri Jun 1 22:24:53 2012 UTC
Message:
IDENT reply: only allow alphanumeric characters in user name Only alphanumeric characters are allowed in the user name, so ignore all IDENT replies that would violate this rule and use the one supplied by the USER command.
blob - b6e628092633fb68a34b8175e383b195033d9b0f
blob + 4d778719a2c8623c60570e9c839877595b38e0a2
--- src/ngircd/conn.c
+++ src/ngircd/conn.c
@@ -2174,6 +2174,7 @@ cb_Read_Resolver_Result( int r_fd, UNUSED short events
char *identptr;
#ifdef IDENTAUTH
char readbuf[HOST_LEN + 2 + CLIENT_USER_LEN];
+ char *ptr;
#else
char readbuf[HOST_LEN + 1];
#endif
@@ -2226,11 +2227,30 @@ cb_Read_Resolver_Result( int r_fd, UNUSED short events
#ifdef IDENTAUTH
++identptr;
if (*identptr) {
- Log(LOG_INFO, "IDENT lookup for connection %d: \"%s\".", i, identptr);
- Client_SetUser(c, identptr, true);
- if (Conf_NoticeAuth)
+ ptr = identptr;
+ while (*ptr) {
+ if ((*ptr < '0' || *ptr > '9') &&
+ (*ptr < 'A' || *ptr > 'Z') &&
+ (*ptr < 'a' || *ptr > 'z'))
+ break;
+ ptr++;
+ }
+ if (*ptr) {
+ /* Erroneous IDENT reply */
+ Log(LOG_NOTICE,
+ "Got invalid IDENT reply for connection %d! Ignored.",
+ i);
+ } else {
+ Log(LOG_INFO,
+ "IDENT lookup for connection %d: \"%s\".",
+ i, identptr);
+ Client_SetUser(c, identptr, true);
+ }
+ if (Conf_NoticeAuth) {
(void)Conn_WriteStr(i,
- "NOTICE AUTH :*** Got ident response");
+ "NOTICE AUTH :*** Got %sident response",
+ *ptr == NULL ? "" : "invalid ");
+ }
} else {
Log(LOG_INFO, "IDENT lookup for connection %d: no result.", i);
if (Conf_NoticeAuth && Conf_Ident)
IRCNow