Merge pull request #8529 from Robyt3/Server-Dnsbl-Ban-Reason

Add `sv_dnsbl_ban_reason`, increase maximum ban reason length
This commit is contained in:
Dennis Felsing 2024-06-27 21:52:04 +00:00 committed by GitHub
commit b0b89d54a0
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 11 additions and 9 deletions

View file

@ -2888,9 +2888,10 @@ int CServer::Run()
}
}
if(m_aClients[ClientId].m_DnsblState == CClient::DNSBL_STATE_BLACKLISTED &&
Config()->m_SvDnsblBan)
m_NetServer.NetBan()->BanAddr(m_NetServer.ClientAddr(ClientId), 60 * 10, "VPN detected, try connecting without. Contact admin if mistaken");
if(m_aClients[ClientId].m_DnsblState == CClient::DNSBL_STATE_BLACKLISTED && Config()->m_SvDnsblBan)
{
m_NetServer.NetBan()->BanAddr(m_NetServer.ClientAddr(ClientId), 60 * 10, Config()->m_SvDnsblBanReason);
}
}
}

View file

@ -395,6 +395,7 @@ MACRO_CONFIG_STR(SvDnsblHost, sv_dnsbl_host, 128, "", CFGFLAG_SERVER, "Hostname
MACRO_CONFIG_STR(SvDnsblKey, sv_dnsbl_key, 128, "", CFGFLAG_SERVER | CFGFLAG_NONTEEHISTORIC, "Optional Authentication Key for the specified DNSBL provider")
MACRO_CONFIG_INT(SvDnsblVote, sv_dnsbl_vote, 0, 0, 1, CFGFLAG_SERVER, "Block votes by blacklisted addresses")
MACRO_CONFIG_INT(SvDnsblBan, sv_dnsbl_ban, 0, 0, 1, CFGFLAG_SERVER, "Automatically ban blacklisted addresses")
MACRO_CONFIG_STR(SvDnsblBanReason, sv_dnsbl_ban_reason, 128, "VPN detected, try connecting without. Contact admin if mistaken", CFGFLAG_SERVER, "Ban reason for 'sv_dnsbl_ban'")
MACRO_CONFIG_INT(SvDnsblChat, sv_dnsbl_chat, 0, 0, 1, CFGFLAG_SERVER, "Don't allow chat from blacklisted addresses")
MACRO_CONFIG_INT(SvRconVote, sv_rcon_vote, 0, 0, 1, CFGFLAG_SERVER, "Only allow authed clients to call votes")

View file

@ -231,7 +231,7 @@ int CNetBan::Ban(T *pBanPool, const typename T::CDataType *pData, int Seconds, c
{
// adjust the ban
pBanPool->Update(pBan, &Info);
char aBuf[128];
char aBuf[256];
MakeBanInfo(pBan, aBuf, sizeof(aBuf), MSGTYPE_LIST);
Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "net_ban", aBuf);
return 1;
@ -241,7 +241,7 @@ int CNetBan::Ban(T *pBanPool, const typename T::CDataType *pData, int Seconds, c
pBan = pBanPool->Add(pData, &Info, &NetHash);
if(pBan)
{
char aBuf[128];
char aBuf[256];
MakeBanInfo(pBan, aBuf, sizeof(aBuf), MSGTYPE_BANADD);
Console()->Print(IConsole::OUTPUT_LEVEL_STANDARD, "net_ban", aBuf);
return 0;

View file

@ -77,7 +77,7 @@ protected:
enum
{
EXPIRES_NEVER = -1,
REASON_LENGTH = 64,
REASON_LENGTH = 128,
};
int64_t m_Expires;
char m_aReason[REASON_LENGTH];

View file

@ -321,10 +321,10 @@ int CNetConnection::Feed(CNetPacketConstruct *pPacket, NETADDR *pAddr, SECURITY_
m_State = NET_CONNSTATE_ERROR;
m_RemoteClosed = 1;
char aStr[128] = {0};
char aStr[256] = {0};
if(pPacket->m_DataSize > 1)
{
// make sure to sanitize the error string form the other party
// make sure to sanitize the error string from the other party
str_copy(aStr, (char *)&pPacket->m_aChunkData[1], minimum(pPacket->m_DataSize, (int)sizeof(aStr)));
str_sanitize_cc(aStr);
}
@ -455,7 +455,7 @@ int CNetConnection::Update()
if(Now - pResend->m_FirstSendTime > time_freq() * g_Config.m_ConnTimeout)
{
m_State = NET_CONNSTATE_ERROR;
char aBuf[512];
char aBuf[128];
str_format(aBuf, sizeof(aBuf), "Too weak connection (not acked for %d seconds)", g_Config.m_ConnTimeout);
SetError(aBuf);
m_TimeoutSituation = true;