def m_OPER(cli, ev_msg):
name, password = ev_msg['params'][:2]
# make sure hostmask is valid, if defined in config
valid_hosts = [
data.get('hostmask', None) for data in cli.ctx.conf.opers.values()
]
if None not in valid_hosts:
have_a_valid_host = False
for hostmask in valid_hosts:
if ircmatch.match(0, hostmask, cli.hostmask):
have_a_valid_host = True
break
if not have_a_valid_host:
cli.dump_numeric('491', ['No O-lines for your host'])
return
data = cli.ctx.conf.opers.get(name, None)
if data is not None:
pass_is_valid = False
hash = data.get('hash', None)
if hash:
if hash not in cli.ctx.hashing.valid_schemes:
print(
'mammon: error: hashing algorithm for oper password is not valid'
)
elif cli.ctx.hashing.enabled:
pass_is_valid = cli.ctx.hashing.verify(password,
data.get('password'))
else:
print(
'mammon: error: cannot verify oper password, hashing is not enabled'
)
else:
pass_is_valid = password == data.get('password')
del password
# check this specific oper's hostmask
hostmask = data.get('hostmask')
if not ircmatch.match(0, hostmask, cli.hostmask):
# we do this so we don't leak info on oper blocks
pass_is_valid = False
if pass_is_valid:
if data.get('role') in cli.ctx.roles:
cli.role = data.get('role')
else:
print('mammon: error: role does not exist for oper', name)
cli.props['special:oper'] = True
cli.dump_numeric('381', ['You are now an IRC operator'])
else:
cli.dump_numeric('464', ['Password incorrect'])
def m_OPER(cli, ev_msg):
name, password = ev_msg["params"][:2]
# make sure hostmask is valid, if defined in config
valid_hosts = [data.get("hostmask", None) for data in cli.ctx.conf.opers.values()]
if None not in valid_hosts:
have_a_valid_host = False
for hostmask in valid_hosts:
if ircmatch.match(0, hostmask, cli.hostmask):
have_a_valid_host = True
break
if not have_a_valid_host:
cli.dump_numeric("491", ["No O-lines for your host"])
return
data = cli.ctx.conf.opers.get(name, None)
if data is not None:
pass_is_valid = False
hash = data.get("hash", None)
if hash:
if hash not in cli.ctx.hashing.valid_schemes:
print("mammon: error: hashing algorithm for oper password is not valid")
elif cli.ctx.hashing.enabled:
pass_is_valid = cli.ctx.hashing.verify(password, data.get("password"))
else:
print("mammon: error: cannot verify oper password, hashing is not enabled")
else:
pass_is_valid = password == data.get("password")
del password
# check this specific oper's hostmask
hostmask = data.get("hostmask")
if not ircmatch.match(0, hostmask, cli.hostmask):
# we do this so we don't leak info on oper blocks
pass_is_valid = False
if pass_is_valid:
if data.get("role") in cli.ctx.roles:
cli.role = data.get("role")
else:
print("mammon: error: role does not exist for oper", name)
cli.props["special:oper"] = True
cli.dump_numeric("381", ["You are now an IRC operator"])
else:
cli.dump_numeric("464", ["Password incorrect"])
def authorize(self, cli, ev_msg):
if 'key' in self.props and (len(ev_msg['params']) < 2 or self.props['key'] != ev_msg['params'][1]):
cli.dump_numeric('475', [self.name, 'Cannot join channel (+k) - bad key'])
return False
if 'exempt' in self.props:
for e in self.props['exempt']:
if match(0, e, cli.hostmask):
return True
if 'ban' in self.props:
for b in self.props['ban']:
if match(0, b, cli.hostmask):
cli.dump_numeric('474', [self.name, 'You are banned.'])
return False
if 'invite' in self.props and 'invite-exemption' in self.props:
for i in self.props['invite-exemption']:
if match(0, i, cli.hostmask):
return True
# XXX - /invite command
return False
return True
def our_on_message(target, source, message):
global gbot
global oldOn_message
for ignore in gbot.ignores:
if gbot.isadmin(source):
break
hostmask = "{0}!{1}@{2}".format(gbot.users[source]['nickname'],
gbot.users[source]['username'],
gbot.users[source]['hostname'])
if ircmatch.match(0, ignore, hostmask):
return
oldOn_message(target, source, message)
def our_on_message(target, source, message):
global gbot
global oldOn_message
for ignore in gbot.ignores:
if gbot.isadmin(source):
break
hostmask = "{0}!{1}@{2}".format(gbot.users[source]['nickname'],
gbot.users[source]['username'],
gbot.users[source]['hostname'])
if ircmatch.match(0, ignore, hostmask):
return
oldOn_message(target, source, message)
def authorize(self, cli, ev_msg):
if 'key' in self.props and (len(ev_msg['params']) < 2 or
self.props['key'] != ev_msg['params'][1]):
cli.dump_numeric('475',
[self.name, 'Cannot join channel (+k) - bad key'])
return False
if 'exempt' in self.props:
for e in self.props['exempt']:
if match(0, e, cli.hostmask):
return True
if 'ban' in self.props:
for b in self.props['ban']:
if match(0, b, cli.hostmask):
cli.dump_numeric('474', [self.name, 'You are banned.'])
return False
if 'invite' in self.props and 'invite-exemption' in self.props:
for i in self.props['invite-exemption']:
if match(0, i, cli.hostmask):
return True
# XXX - /invite command
return False
return True
def __eq__(self, other):
if not isinstance(other, User):
return NotImplemented
nick = self.nick if self.nick is not None else '*'
user = self.user if self.user is not None else '*'
nick2 = other.nick if other.nick is not None else '*'
user2 = other.user if other.user is not None else '*'
x = '{}!{}@{}'.format(nick, user, self.host)
y = '{}!{}@{}'.format(nick2, user2, other.host)
return ircmatch.match(0, x, y)
from __future__ import print_function
import ircmatch
mask = '*rabbit**!*rabbits@**rabb*.it'
print('mask: ' + mask)
print('collapse(): ' + ircmatch.collapse(mask))
print('match(0, "{0}", "{1}"): {2}'.format(mask, '[email protected]', ircmatch.match(0, mask, '[email protected]')))
print('match(0, "{0}", "{1}"): {2}'.format(mask, '[email protected]', ircmatch.match(0, mask, '[email protected]')))
print('irccasecmp(0, "{0}", "{1}"): {2}'.format('apple', 'appel', ircmatch.irccasecmp(0, 'apple', 'appel')))
print('irccasecmp(0, "{0}", "{1}"): {2}'.format('apple', 'apple', ircmatch.irccasecmp(0, 'apple', 'apple')))
print('irccasecmp(0, "{0}", "{1}"): {2}'.format('appel', 'apple', ircmatch.irccasecmp(0, 'appel', 'apple')))
print('ircncasecmp(0, "{0}", "{1}", 4): {2}'.format('apple', 'appel', ircmatch.ircncasecmp(0, 'apple', 'appel', 4)))
print('ircncasecmp(0, "{0}", "{1}", 4): {2}'.format('apple', 'apple', ircmatch.ircncasecmp(0, 'apple', 'apple', 4)))
print('ircncasecmp(0, "{0}", "{1}", 4): {2}'.format('appel', 'apple', ircmatch.ircncasecmp(0, 'appel', 'apple', 4)))
print('ircncasecmp(0, "{0}", "{1}", 3): {2}'.format('apple', 'appel', ircmatch.ircncasecmp(0, 'apple', 'appel', 3)))
print('ircncasecmp(0, "{0}", "{1}", 3): {2}'.format('apple', 'apple', ircmatch.ircncasecmp(0, 'apple', 'apple', 3)))
print('ircncasecmp(0, "{0}", "{1}", 3): {2}'.format('appel', 'apple', ircmatch.ircncasecmp(0, 'appel', 'apple', 3)))
def handle_textfilter(irc, source, command, args):
"""Antispam text filter handler."""
target = args['target']
text = args['text']
txf_settings = irc.get_service_option('antispam', 'textfilter',
TEXTFILTER_DEFAULTS)
if not txf_settings.get('enabled', False):
return
my_uid = sbot.uids.get(irc.name)
# XXX workaround for single-bot protocols like Clientbot
if irc.pseudoclient and not irc.has_cap('can-spawn-clients'):
my_uid = irc.pseudoclient.uid
if (not irc.connected.is_set()) or (not my_uid):
# Break if the network isn't ready.
log.debug(
"(%s) antispam.textfilters: skipping processing; network isn't ready",
irc.name)
return
elif irc.is_internal_client(source):
# Ignore messages from our own clients.
log.debug(
"(%s) antispam.textfilters: skipping processing message from internal client %s",
irc.name, source)
return
elif source not in irc.users:
log.debug(
"(%s) antispam.textfilters: ignoring message from non-user %s",
irc.name, source)
return
if irc.is_channel(target):
channel_or_none = target
if target not in irc.channels or my_uid not in irc.channels[
target].users:
# We're not monitoring this channel.
log.debug(
"(%s) antispam.textfilters: skipping processing message from channel %r we're not in",
irc.name, target)
return
else:
channel_or_none = None
watch_pms = txf_settings.get('watch_pms',
TEXTFILTER_DEFAULTS['watch_pms'])
if watch_pms == 'services':
if not irc.get_service_bot(target):
log.debug(
"(%s) antispam.textfilters: skipping processing; %r is not a service bot (watch_pms='services')",
irc.name, target)
return
elif watch_pms == 'all':
log.debug(
"(%s) antispam.textfilters: checking all PMs (watch_pms='all')",
irc.name)
pass
else:
# Not a channel.
log.debug(
"(%s) antispam.textfilters: skipping processing; %r is not a channel and watch_pms is disabled",
irc.name, target)
return
# Merge together global and local textfilter lists.
txf_globs = set(conf.conf.get('antispam', {}).get('textfilter_globs', [])) | \
set(irc.serverdata.get('antispam_textfilter_globs', []))
punishment = txf_settings.get('punishment',
TEXTFILTER_DEFAULTS['punishment']).lower()
reason = txf_settings.get('reason', TEXTFILTER_DEFAULTS['reason'])
if irc.get_service_option('antispam', 'strip_formatting', True):
text = utils.strip_irc_formatting(text)
if txf_settings.get('munge_unicode', TEXTFILTER_DEFAULTS['munge_unicode']):
text = str.translate(text, UNICODE_CHARMAP)
punished = False
for filterglob in txf_globs:
if ircmatch.match(1, filterglob, text):
log.info("(%s) antispam: punishing %s => %s for text filter %r",
irc.name, irc.get_friendly_name(source),
irc.get_friendly_name(target), filterglob)
punished = _punish(irc, source, channel_or_none, punishment,
reason)
break
return not punished # Filter this message from relay, etc. if it triggered protection
data = yaml.safe_load(open('tests/mask-match.yaml').read())
failed_tests = 0
passed_tests = 0
for test in data['tests']:
mask = test['mask']
matches = test['matches']
invalid = test['fails']
out = ' * Testing: [{}]\n'.format(mask)
failed = False
# test validity
for address in matches:
if not ircmatch.match(1, mask, address):
out += ' Address did not match but should have [{}]\n'.format(address)
failed = True
for address in invalid:
if ircmatch.match(1, mask, address):
out += ' Address matched but should not have [{}]\n'.format(address)
failed = True
# fail message
if failed:
print(out)
failed_tests += 1
else:
passed_tests += 1
