New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TS6 bans not implemented #32

Closed
cooper opened this Issue Jun 24, 2016 · 4 comments

Comments

Projects
None yet
1 participant
@cooper
Owner

cooper commented Jun 24, 2016

Kline/Dline/etc. are not yet implemented in TS6. The Ban::TS6 module exists and is loaded automatically whenever Ban and TS6 are both loaded.

@cooper cooper modified the milestones: 11, v11 Jun 26, 2016

@cooper cooper referenced this issue Jul 4, 2016

Closed

TS6 command list #78

27 of 27 tasks complete

@cooper cooper modified the milestones: v11, v12 Jul 4, 2016

cooper added a commit that referenced this issue Jul 23, 2016

more work on TS6 bans. #32. moved fnv() to utils.pm. fixed some oper …
…notices which were broken since the changes to ->notice_info().

cooper added a commit that referenced this issue Jul 23, 2016

cooper added a commit that referenced this issue Jul 23, 2016

@cooper

This comment has been minimized.

Owner

cooper commented Jul 23, 2016

Problem

juno bans are global and negotiated during burst with the bursting server as the command source. TS6 remote ban commands have to come from a user source.

Solution

Created a ban agent user which opers up and is used for the source of the K/DLINE commands. It quits immediately after burst.

Critical response

@GLolol

<mad> SEND(ts6.notroll.net): :000 EUID 000AAAAFJ 0 1469308191 +io juno k.notroll.net  000AAAAFJ * * :juno-ircd ban agent
<GL|ovd> ??
<GL|ovd> oh my god
<GL|ovd> what is this hack

Everyone else

<everyone> Wow! What a modern and elegant solution to a bewildering issue!

cooper added a commit that referenced this issue Jul 23, 2016

Revert "might not be a good idea to send QUIT mid-burst, idk, let's j…
…ust do it after the EOB token #32"

This reverts commit fe26abf.
@cooper

This comment has been minimized.

Owner

cooper commented Jul 23, 2016

Update: Reverted a change to wait until end burst; now the QUIT is sent during burst. Sounds bad, but it works better. This prevents the bot from generating annoying oper notices on every connect.

cooper added a commit that referenced this issue Jul 24, 2016

11.57: added incoming TS6 handlers for KLINE, ENCAP KLINE, ENCAP DLINE.
#32.             added convenience function add_update_enforce_activate_ban to Ban.             added support for TS6 capabilities KLN and UNKLN.

cooper added a commit that referenced this issue Jul 24, 2016

cooper added a commit that referenced this issue Jul 24, 2016

cooper added a commit that referenced this issue Jul 24, 2016

cooper added a commit that referenced this issue Jul 24, 2016

cooper added a commit that referenced this issue Jul 24, 2016

cooper added a commit that referenced this issue Jul 24, 2016

added connection events 'found_ident' and 'found_hostname' for Ban. B…
…an now enforces bans on a connection as soon as the host/ident are looked up. #32

cooper added a commit that referenced this issue Jul 24, 2016

Ban classes were removed because some ban types apply to multiple obj…
…ect types. Klines can now be applied directly to connections, so the kill occurs during registration when possible. #32
@cooper

This comment has been minimized.

Owner

cooper commented Jul 24, 2016

Need to improve notices in Ban. Need proto-inspecific methods for that rather than using gnotice() in JELP.pm.

cooper added a commit that referenced this issue Jul 24, 2016

cooper added a commit that referenced this issue Jul 24, 2016

Ban removal now uses ban_by_type_match() instead of ban_by_match(). t…
…his ensures delete commands only match certain types, e.g. UNKLINE only removes KLINES. improved oper notices for ban add, delete, and expire. #32
@cooper

This comment has been minimized.

Owner

cooper commented Jul 24, 2016

Summary of the TS6 ban implementation

Bans are sent to TS6 servers on burst. Because certain ban commands only support a user source, a ban agent bot may be introduced to set the bans and then exit.

The duration sent to TS6 servers is variable based on the difference between the expiration time and the duration, since we cannot propagate an expiration time. The TS6 server will ignore any bans which already exist for the given mask, which is perfect for our purposes. An exception to this is the newer BAN command which does allow propagation of expiry times and is used when available.

Ban::TS6 uses the charybdis-style BAN command when possible. Alternatively KLINE and INCLINE may be used when the KLN and UKLN capabilities are available. Otherwise, it uses ENCAP KLINE and ENCAP UNKLINE. DLINEs always use ENCAP and therefore always require a ban agent during burst.

Note that, because some charybdis server bans are local-only, the TS6 server may not burst its own bans (such as D-Lines, or even K-Lines if the BAN capability is not available). However, ban commands are handled such that AKILLs (which have target *) will be effective across an entire mixed charybdis/juno network. AKILL is considered the most reliable way to ensure global ban propagation.

Other changes in Ban

  • Bans are now enforced immediately upon hostname and ident resolve, speeding up the process.
  • Bans can do things besides kill users now. Different actions can be registered.
  • Notices for bans are now handled locally, which is a much safer way of doing it.
  • More ban validation. validate_ban(), etc.
  • New high-level functions like add_update_enforce_activate_ban() which simplify Ban protocol implementations.
  • Significant changes in BAN::JELP. It is much safer now; it actually checks that required keys are present and ignores unknown ones.

@cooper cooper closed this Jul 24, 2016

cooper added a commit that referenced this issue Jul 25, 2016

11.65: added outgoing charybdis-style BAN command to Ban::TS6. #32. t…
…he new behavior is to send out BAN, (UN)KLINE, or ENCAP (UN)KLINE.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment