eggdrop
eggdrop copied to clipboard
eggheads
[s->] WHOIS <nick>
I see the following log after jumping to a server:
[23:27:34] [@] zen.localdomain 001 linux :Welcome to the AthemeNET Internet Relay Chat Network linux
[23:27:34] [!s] WHOIS linux
[23:27:34] triggering bind evnt:init_server
[23:27:34] [!m] MODE linux +i-ws
[23:27:34] [m->] MODE linux +i-ws
[23:27:34] triggered bind evnt:init_server, user 0.072ms sys 0.071ms
[23:27:34] [@] zen.localdomain 002 linux :Your host is zen.localdomain[zen.localdomain/6677], running version ircd-seven-1.1.7
[23:27:34] [@] zen.localdomain 003 linux :This server was created Sat Oct 6 2018 at 00:22:30 CEST
[23:27:34] [@] zen.localdomain 004 linux zen.localdomain ircd-seven-1.1.7 DOQRSZaghilopswz CFILMPQbcefgijklmnopqrstvz bkloveqjfI
[23:27:34] [@] zen.localdomain 005 linux CHANTYPES=&# EXCEPTS INVEX CHANMODES=eIbq,k,flj,CFLMPQcgimnprstz CHANLIMIT=&#:15 PREFIX=(ov)@+ MAXLIST=bqeI:100 MODES=4 NETWORK=AthemeNET STATUSMSG=@+ CALLERID=g CASEMAPPING=rfc1459 :are supported by this server
[23:27:34] [@] zen.localdomain 005 linux CHARSET=ascii NICKLEN=15 CHANNELLEN=50 TOPICLEN=390 DEAF=D FNC TARGMAX=NAMES:1,LIST:1,KICK:1,WHOIS:1,PRIVMSG:4,NOTICE:4,ACCEPT:,MONITOR: CLIENTVER=3.0 KNOCK CPRIVMSG CNOTICE SAFELIST :are supported by this server
[23:27:34] [@] zen.localdomain 005 linux ELIST=CTU WHOX ETRACE MONITOR=100 :are supported by this server
[23:27:34] [@] zen.localdomain 251 linux :There are 0 users and 11 invisible on 2 servers
[23:27:34] [@] zen.localdomain 255 linux :I have 2 clients and 1 servers
[23:27:34] [@] zen.localdomain 265 linux 2 2 :Current local users 2, max 2
[23:27:34] [@] zen.localdomain 266 linux 11 11 :Current global users 11, max 11
[23:27:34] [@] zen.localdomain 250 linux :Highest connection count: 3 (2 clients) (163 connections received)
[23:27:34] [@] zen.localdomain 375 linux :- zen.localdomain Message of the Day -
[23:27:34] [@] zen.localdomain 372 linux :- This is charybdis MOTD you might replace it, but if not your friends will
[23:27:34] [@] zen.localdomain 372 linux :- laugh at you.
[23:27:34] [@] zen.localdomain 376 linux :End of /MOTD command.
[23:27:34] [@] linux MODE linux :+i
[23:27:34] [!s] WHOIS linux
[23:27:40] [s->] WHOIS linux
[23:27:40] [@] zen.localdomain 311 linux linux ~linux 127.0.0.1 * :/msg linux hello
[23:27:40] [@] zen.localdomain 312 linux linux zen.localdomain :charybdis test server
[23:27:40] [@] zen.localdomain 378 linux linux :is connecting from *@127.0.0.1 127.0.0.1
[23:27:40] [@] zen.localdomain 317 linux linux 6 1539725254 :seconds idle, signon time
[23:27:40] [@] zen.localdomain 330 linux linux sasluser :is logged in as
[23:27:40] [@] zen.localdomain 318 linux linux :End of /WHOIS list.
[23:27:42] [s->] WHOIS linux
[23:27:42] [@] zen.localdomain 311 linux linux ~linux 127.0.0.1 * :/msg linux hello
[23:27:42] [@] zen.localdomain 312 linux linux zen.localdomain :charybdis test server
[23:27:42] [@] zen.localdomain 378 linux linux :is connecting from *@127.0.0.1 127.0.0.1
[23:27:42] [@] zen.localdomain 317 linux linux 8 1539725254 :seconds idle, signon time
[23:27:42] [@] zen.localdomain 330 linux linux sasluser :is logged in as
[23:27:42] [@] zen.localdomain 318 linux linux :End of /WHOIS list.
tcpdump also shows:
21:28:14.385507 IP (tos 0x2,ECT(0), ttl 64, id 64288, offset 0, flags [DF], proto TCP (6), length 65)
127.0.0.1.39181 > 127.0.0.1.6677: Flags [P.], seq 151:164, ack 2355, win 1391, options [nop,nop,TS val 1729473739 ecr 1729467733], length 13
0x0000: 4502 0041 fb20 4000 4006 4192 7f00 0001 E..A..@[email protected].....
0x0010: 7f00 0001 990d 1a15 c0a7 b3ee fba7 1b75 ...............u
0x0020: 8018 056f fe35 0000 0101 080a 6715 accb ...o.5......g...
0x0030: 6715 9555 5748 4f49 5320 6c69 6e75 780d g..UWHOIS.linux.
0x0040: 0a .
[...]
21:28:16.388293 IP (tos 0x2,ECT(0), ttl 64, id 64294, offset 0, flags [DF], proto TCP (6), length 65)
127.0.0.1.39181 > 127.0.0.1.6677: Flags [P.], seq 164:177, ack 2704, win 1391, options [nop,nop,TS val 1729475742 ecr 1729473739], length 13
0x0000: 4502 0041 fb26 4000 4006 418c 7f00 0001 E..A.&@[email protected].....
0x0010: 7f00 0001 990d 1a15 c0a7 b3fb fba7 1cd2 ................
0x0020: 8018 056f fe35 0000 0101 080a 6715 b49e ...o.5......g...
0x0030: 6715 accb 5748 4f49 5320 6c69 6e75 780d g...WHOIS.linux.
0x0040: 0a .
OK, eggdrop is double queing here, but lets analyze.
eggdrop.conf default setting:
# Allow identical messages in the mode queue?
set double-mode 1
thats fine. we dont want to change it.
if we lookinto servmsg.c a WHOIS is put into queue after 001, OK
another one after gotmode to uncloak a potentially cloaked host.
when gotmode happens, we cant check if the mode really cloaked os, we dont know the flags.
Now, what i propose is: https://github.com/eggheads/eggdrop/blob/develop/src/mod/server.mod/servmsg.c#L966 here we need to check if there already/still a whois in the queue the one stuffed in after 001 may still be in here, and this is the case as shown in the log. which means, eggdrop will be sending one, regardless if we tell it again to do so or not, its a machine, it wont forget, so we don't put a second one in in this case.
Draft fix: https://github.com/eggheads/eggdrop/blob/develop/src/mod/server.mod/server.c#L869 should be put into a separate function, to detect if an element is already queued then we can call the new function from within https://github.com/eggheads/eggdrop/blob/develop/src/mod/server.mod/servmsg.c#L966 and only queue the whois if none is in.
This would leave eggdrop to still execure the 001 whoid, to still catch every potential cloak mode and to issue new whois whenever is need.
I think this is related to some IRCds cloaking/uncloaking clients when a client-mode is set/unset. Eggdrop sends WHOIS whenever it sees MODE from the server. I suppose it would be nice if it could be less stupid about it though.
[23:27:34] [@] zen.localdomain 001 linux :Welcome to the AthemeNET Internet Relay Chat Network linux
[23:27:34] [!s] WHOIS linux
I think this is sent as part of what Eggdrop does when connecting to a server
[23:27:34] triggering bind evnt:init_server
[23:27:34] [!m] MODE linux +i-ws
[23:27:34] [m->] MODE linux +i-ws
Eggdrop sets its own modes as defined in the config
[23:27:34] triggered bind evnt:init_server, user 0.072ms sys 0.071ms
[23:27:34] [@] zen.localdomain 002 linux :Your host is zen.localdomain[zen.localdomain/6677], running version ircd-seven-1.1.7
[23:27:34] [@] zen.localdomain 003 linux :This server was created Sat Oct 6 2018 at 00:22:30 CEST
[23:27:34] [@] zen.localdomain 004 linux zen.localdomain ircd-seven-1.1.7 DOQRSZaghilopswz CFILMPQbcefgijklmnopqrstvz bkloveqjfI
[23:27:34] [@] zen.localdomain 005 linux CHANTYPES=&# EXCEPTS INVEX CHANMODES=eIbq,k,flj,CFLMPQcgimnprstz CHANLIMIT=&#:15 PREFIX=(ov)@+ MAXLIST=bqeI:100 MODES=4 NETWORK=AthemeNET STATUSMSG=@+ CALLERID=g CASEMAPPING=rfc1459 :are supported by this server
[23:27:34] [@] zen.localdomain 005 linux CHARSET=ascii NICKLEN=15 CHANNELLEN=50 TOPICLEN=390 DEAF=D FNC TARGMAX=NAMES:1,LIST:1,KICK:1,WHOIS:1,PRIVMSG:4,NOTICE:4,ACCEPT:,MONITOR: CLIENTVER=3.0 KNOCK CPRIVMSG CNOTICE SAFELIST :are supported by this server
[23:27:34] [@] zen.localdomain 005 linux ELIST=CTU WHOX ETRACE MONITOR=100 :are supported by this server
[23:27:34] [@] zen.localdomain 251 linux :There are 0 users and 11 invisible on 2 servers
[23:27:34] [@] zen.localdomain 255 linux :I have 2 clients and 1 servers
[23:27:34] [@] zen.localdomain 265 linux 2 2 :Current local users 2, max 2
[23:27:34] [@] zen.localdomain 266 linux 11 11 :Current global users 11, max 11
[23:27:34] [@] zen.localdomain 250 linux :Highest connection count: 3 (2 clients) (163 connections received)
[23:27:34] [@] zen.localdomain 375 linux :- zen.localdomain Message of the Day -
[23:27:34] [@] zen.localdomain 372 linux :- This is charybdis MOTD you might replace it, but if not your friends will
[23:27:34] [@] zen.localdomain 372 linux :- laugh at you.
[23:27:34] [@] zen.localdomain 376 linux :End of /MOTD command.
[23:27:34] [@] linux MODE linux :+i
[23:27:34] [!s] WHOIS linux
Eggdrop detects MODE from the server and sends WHOIS to see if its host changed
[23:27:40] [s->] WHOIS linux
[23:27:40] [@] zen.localdomain 311 linux linux ~linux 127.0.0.1 * :/msg linux hello
[23:27:40] [@] zen.localdomain 312 linux linux zen.localdomain :charybdis test server
[23:27:40] [@] zen.localdomain 378 linux linux :is connecting from *@127.0.0.1 127.0.0.1
[23:27:40] [@] zen.localdomain 317 linux linux 6 1539725254 :seconds idle, signon time
[23:27:40] [@] zen.localdomain 330 linux linux sasluser :is logged in as
[23:27:40] [@] zen.localdomain 318 linux linux :End of /WHOIS list.
[23:27:42] [s->] WHOIS linux
[23:27:42] [@] zen.localdomain 311 linux linux ~linux 127.0.0.1 * :/msg linux hello
[23:27:42] [@] zen.localdomain 312 linux linux zen.localdomain :charybdis test server
[23:27:42] [@] zen.localdomain 378 linux linux :is connecting from *@127.0.0.1 127.0.0.1
[23:27:42] [@] zen.localdomain 317 linux linux 8 1539725254 :seconds idle, signon time
[23:27:42] [@] zen.localdomain 330 linux linux sasluser :is logged in as
[23:27:42] [@] zen.localdomain 318 linux linux :End of /WHOIS list.
Isnt host cloaking irc server/network dependent? we already have builtin net-type, so maybe we can make that uncloaking-whois a config option, enabled by default, but disabled for net-types where we know it doesnt make sense?
I also realized that my bot does 5 (At home, at his connection, he does this whois once, then he rewhois when he assigns himself his usermode to configure in his config, then again when the ircd sets him the default mode and one last time when he uses are open. it does a few times in a short time.) whois when it connects and considers it a bug.
I did some research before reading this post here. I came to think to myself that the bot should only this WHOIS at RAW 001 and RAW 311 code. remove in gotmode.
