[cvslog] [CVS] Module eggdrop1.8: Change committed

cvs at eggheads.org cvs at eggheads.org
Fri Nov 26 07:20:40 CST 2010


CVSROOT    : /usr/local/cvsroot
Module     : eggdrop1.8
Commit time: 2010-11-26 13:20:39 UTC
Committer  : Rumen Stoyanov <pseudo at egg6.net>

Modified files:
     doc/Changes1.8 src/dcc.c src/dccutil.c src/net.c src/patch.h
     src/tls.c

Log message:

Added a little hack to send starttls before password exchange during the initial handshake.

---------------------- diff included ----------------------
Index: eggdrop1.8/doc/Changes1.8
diff -u eggdrop1.8/doc/Changes1.8:1.39 eggdrop1.8/doc/Changes1.8:1.40
--- eggdrop1.8/doc/Changes1.8:1.39	Tue Nov 23 17:25:24 2010
+++ eggdrop1.8/doc/Changes1.8	Fri Nov 26 07:20:29 2010
@@ -1,4 +1,4 @@
-$Id: Changes1.8,v 1.39 2010/11/23 23:25:24 pseudo Exp $
+$Id: Changes1.8,v 1.40 2010/11/26 13:20:29 pseudo Exp $
 
 Eggdrop Changes (since version 1.8.0)
 
@@ -6,8 +6,12 @@
 
 1.8.0 (CVS):
 
+  - Added a little hack to send starttls before password exchange during the
+    initial handshake.
+    Patch by: pseudo
+
   - Fixed a problem with sharing causing starttls to fail.
-    Found by: dr1
+    Found by: DarkReap1
   - Moved STARTTLS early in the bot link process and synchronized the
     handshake.
   - Made it possible for ssl handshakes to complete even without data to be
@@ -26,7 +30,7 @@
     Found by: izy` / Patch by: pseudo
 
   - Fixed a bug in (u)timers which could lead to invalid memory access.
-    Found by: dr1 / Patch by: thommey
+    Found by: DarkReap1 / Patch by: thommey
 
   - Made it possible to specify ssl independently for telnet and user ports
     when modifying bot addresses.
Index: eggdrop1.8/src/dcc.c
diff -u eggdrop1.8/src/dcc.c:1.7 eggdrop1.8/src/dcc.c:1.8
--- eggdrop1.8/src/dcc.c:1.7	Tue Nov 23 10:36:23 2010
+++ eggdrop1.8/src/dcc.c	Fri Nov 26 07:20:29 2010
@@ -4,7 +4,7 @@
  *   disconnect on a dcc socket
  *   ...and that's it!  (but it's a LOT)
  *
- * $Id: dcc.c,v 1.7 2010/11/23 16:36:23 pseudo Exp $
+ * $Id: dcc.c,v 1.8 2010/11/26 13:20:29 pseudo Exp $
  */
 /*
  * Copyright (C) 1997 Robey Pointer
@@ -604,18 +604,38 @@
     buf += 3; /* 'IAC','DO(DONT)','STATUS' */
   atr = dcc[idx].user ? dcc[idx].user->flags : 0;
 
-  /* Check for MD5 digest from remote _bot_. <cybah> */
 #ifdef TLS
-  if ((atr & USER_BOT) && !egg_strncasecmp(buf, "starttls ", 9)) {
-    dcc[idx].ssl = 1;
-    if (ssl_handshake(dcc[idx].sock, TLS_LISTEN, tls_vfybots, LOG_BOTS,
-                      dcc[idx].host, NULL)) {
-      killsock(dcc[idx].sock);
-      lostdcc(idx);
+  if (atr & USER_BOT) {
+    if (!egg_strncasecmp(buf, "starttls ", 9)) {
+      dcc[idx].ssl = 1;
+      if (ssl_handshake(dcc[idx].sock, TLS_LISTEN, tls_vfybots, LOG_BOTS,
+                        dcc[idx].host, NULL)) {
+        killsock(dcc[idx].sock);
+        lostdcc(idx);
+      }
+      return;
+    }
+    /* No password set? */
+    if (u_pass_match(dcc[idx].user, "-")) {
+      char ps[20];
+
+      makepass(ps);
+      set_user(&USERENTRY_PASS, dcc[idx].user, ps);
+      changeover_dcc(idx, &DCC_BOT_NEW, sizeof(struct bot_info));
+
+      dcc[idx].status = STAT_CALLED;
+      dprintf(idx, "*hello!\n");
+      greet_new_bot(idx);
+#ifdef NO_OLD_BOTNET
+      dprintf(idx, "h %s\n", ps);
+#else
+      dprintf(idx, "handshake %s\n", ps);
+#endif
+      return;
     }
-    return;
   }
 #endif
+  /* Check for MD5 digest from remote _bot_. <cybah> */
   if ((atr & USER_BOT) && !egg_strncasecmp(buf, "digest ", 7)) {
     if (dcc_bot_check_digest(idx, buf + 7)) {
       nfree(dcc[idx].u.chat);
@@ -1584,24 +1604,7 @@
   }
 #endif
   /* No password set? */
-  if (u_pass_match(dcc[idx].user, "-")) {
-    if (glob_bot(fr)) {
-      char ps[20];
-
-      makepass(ps);
-      set_user(&USERENTRY_PASS, dcc[idx].user, ps);
-      changeover_dcc(idx, &DCC_BOT_NEW, sizeof(struct bot_info));
-
-      dcc[idx].status = STAT_CALLED;
-      dprintf(idx, "*hello!\n");
-      greet_new_bot(idx);
-#ifdef NO_OLD_BOTNET
-      dprintf(idx, "h %s\n", ps);
-#else
-      dprintf(idx, "handshake %s\n", ps);
-#endif
-      return;
-    }
+  if (!glob_bot(fr) && u_pass_match(dcc[idx].user, "-")) {
     dprintf(idx, "Can't telnet until you have a password set.\n");
     putlog(LOG_MISC, "*", DCC_NOPASS, dcc[idx].nick, dcc[idx].host);
     killsock(dcc[idx].sock);
Index: eggdrop1.8/src/dccutil.c
diff -u eggdrop1.8/src/dccutil.c:1.3 eggdrop1.8/src/dccutil.c:1.4
--- eggdrop1.8/src/dccutil.c:1.3	Tue Oct 19 06:13:33 2010
+++ eggdrop1.8/src/dccutil.c	Fri Nov 26 07:20:29 2010
@@ -6,7 +6,7 @@
  *   memory management for dcc structures
  *   timeout checking for dcc connections
  *
- * $Id: dccutil.c,v 1.3 2010/10/19 12:13:33 pseudo Exp $
+ * $Id: dccutil.c,v 1.4 2010/11/26 13:20:29 pseudo Exp $
  */
 /*
  * Copyright (C) 1997 Robey Pointer
@@ -147,7 +147,7 @@
 
 void dprintf EGG_VARARGS_DEF(int, arg1)
 {
-  static char buf[1024];
+  char buf[1024];
   char *format;
   int idx, len;
   va_list va;
Index: eggdrop1.8/src/net.c
diff -u eggdrop1.8/src/net.c:1.8 eggdrop1.8/src/net.c:1.9
--- eggdrop1.8/src/net.c:1.8	Tue Nov 23 10:36:23 2010
+++ eggdrop1.8/src/net.c	Fri Nov 26 07:20:29 2010
@@ -2,7 +2,7 @@
  * net.c -- handles:
  *   all raw network i/o
  *
- * $Id: net.c,v 1.8 2010/11/23 16:36:23 pseudo Exp $
+ * $Id: net.c,v 1.9 2010/11/26 13:20:29 pseudo Exp $
  */
 /*
  * This is hereby released into the public domain.
@@ -1152,21 +1152,12 @@
   FD_ZERO(&wfds);
   tv.tv_sec = 0;
   tv.tv_usec = 0;               /* we only want to see if it's ready for writing, no need to actually wait.. */
-  for (i = 0; i < threaddata()->MAXSOCKS; i++) {
-    if (!(socklist[i].flags & (SOCK_UNUSED | SOCK_TCL))) {
-#ifdef TLS
-      /* We can't rely on a transparent negotiation, because the
-       * handshake may never finish if we don't have any data to send.
-       */
-      if (socklist[i].ssl && !SSL_is_init_finished(socklist[i].ssl))
-        SSL_do_handshake(socklist[i].ssl);
-#endif
-      if (socklist[i].handler.sock.outbuf != NULL) {
-        FD_SET(socklist[i].sock, &wfds);
-        z = 1;
-      }
+  for (i = 0; i < threaddata()->MAXSOCKS; i++)
+    if (!(socklist[i].flags & (SOCK_UNUSED | SOCK_TCL)) &&
+        (socklist[i].handler.sock.outbuf != NULL)) {
+      FD_SET(socklist[i].sock, &wfds);
+      z = 1;
     }
-  }
   if (!z)
     return;                     /* nothing to write */
 
Index: eggdrop1.8/src/patch.h
diff -u eggdrop1.8/src/patch.h:1.27 eggdrop1.8/src/patch.h:1.28
--- eggdrop1.8/src/patch.h:1.27	Tue Nov 23 17:25:24 2010
+++ eggdrop1.8/src/patch.h	Fri Nov 26 07:20:29 2010
@@ -10,7 +10,7 @@
  * statement, leave the rest of the file alone, this allows better
  * overlapping patches.
  *
- * $Id: patch.h,v 1.27 2010/11/23 23:25:24 pseudo Exp $
+ * $Id: patch.h,v 1.28 2010/11/26 13:20:29 pseudo Exp $
  */
 /*
  * Copyright (C) 1997 Robey Pointer
@@ -41,12 +41,12 @@
  *
  *
  */
-patch("1290554653");            /* current unixtime */
+patch("1290774474");            /* current unixtime */
 /*
  *
  *
  */
-patch("sharebotaddr");
+patch("sslhs");
 /*
  *
  *
Index: eggdrop1.8/src/tls.c
diff -u eggdrop1.8/src/tls.c:1.4 eggdrop1.8/src/tls.c:1.5
--- eggdrop1.8/src/tls.c:1.4	Tue Nov 23 17:25:24 2010
+++ eggdrop1.8/src/tls.c	Fri Nov 26 07:20:29 2010
@@ -4,7 +4,7 @@
  *   Certificate handling
  *   OpenSSL initialization and shutdown
  *
- * $Id: tls.c,v 1.4 2010/11/23 23:25:24 pseudo Exp $
+ * $Id: tls.c,v 1.5 2010/11/26 13:20:29 pseudo Exp $
  */
 /*
  * Written by Rumen Stoyanov <pseudo at egg6.net>
@@ -628,7 +628,7 @@
   }
 
   /* Display the state of the engine for debugging purposes */
-  /* debug1("TLS: state change: %s", SSL_state_string_long(ssl)); */
+  debug1("TLS: state change: %s", SSL_state_string_long(ssl));
 }
     
 /* Switch a socket to SSL communication
----------------------- End of diff -----------------------


More information about the Changes mailing list