+2006-05-24 Michael Poole <mdpoole@troilus.org>
+
+ * ircd/s_auth.c (auth_dns_callback): Be more careful about
+ handling failed DNS lookups. Use a more standard function to
+ disconnect clients for IP mismatches.
+ (start_auth): Use a more standard function to disconnect clients
+ for peer or local socket address lookup failures.
+
2006-05-17 Michael Poole <mdpoole@troilus.org>
* ircd/s_auth.c (auth_ping_timeout): Fix off-by-one error.
if (IsUserPort(auth->client))
sendheader(auth->client, REPORT_FAIL_DNS);
sendto_iauth(auth->client, "d");
- } else if (irc_in_addr_cmp(addr, &cli_ip(auth->client))
- && irc_in_addr_cmp(addr, &auth->original)) {
+ } else if (!irc_in_addr_valid(addr)
+ || (irc_in_addr_cmp(&cli_ip(auth->client), addr)
+ && irc_in_addr_cmp(&auth->original, addr))) {
/* IP for hostname did not match client's IP. */
sendto_opmask_butone(0, SNO_IPMISMATCH, "IP# Mismatch: %s != %s[%s]",
cli_sock_ip(auth->client), h_name,
ircd_ntoa(addr));
if (IsUserPort(auth->client))
sendheader(auth->client, REPORT_IP_MISMATCH);
- /* Clear DNS pending flag so free_client doesn't ask the resolver
- * to delete the query that just finished.
- */
if (feature_bool(FEAT_KILL_IPMISMATCH)) {
- IPcheck_disconnect(auth->client);
- Count_unknowndisconnects(UserStats);
- free_client(auth->client);
+ exit_client(auth->client, auth->client, &me, "IP mismatch");
+ return;
}
} else if (!auth_verify_hostname(h_name, HOSTLEN)) {
/* Hostname did not look valid. */
++ServerStats->is_abad;
if (IsUserPort(auth->client))
sendheader(auth->client, REPORT_FAIL_ID);
- IPcheck_disconnect(auth->client);
- Count_unknowndisconnects(UserStats);
- free_client(auth->client);
+ exit_client(auth->client, auth->client, &me, "Socket local/peer lookup failed");
return;
}
auth->port = remote.port;