X-Git-Url: http://mop.ddnsfree.com/gitweb/?a=blobdiff_plain;f=web%2FObj%2Fbrisk.phh;h=5fe56c628593cc1e1f3b3554792653f40f8b5e48;hb=66f94441ec85a5555c7280aff03ba7e5d661c364;hp=896c28bd2b30ec28046132574e46b6a345854b46;hpb=f8e4fc91f8fa59e3dea560616a461db0bfc301cf;p=brisk.git diff --git a/web/Obj/brisk.phh b/web/Obj/brisk.phh index 896c28b..5fe56c6 100644 --- a/web/Obj/brisk.phh +++ b/web/Obj/brisk.phh @@ -2,7 +2,7 @@ /* * brisk - brisk.phh * - * Copyright (C) 2006-2014 Matteo Nastasi + * Copyright (C) 2006-2015 Matteo Nastasi * mailto: nastasi@alternativeoutput.it * matteo.nastasi@milug.org * web: http://www.alternativeoutput.it @@ -90,7 +90,6 @@ define('DEBUGGING', "no-debugging"); require_once("$DOCUMENT_ROOT/Etc/".BRISK_CONF); require_once("${G_base}Obj/ipclass.phh"); -require_once("${G_base}Obj/provider_proxy.phh"); $mlang_brisk = array( 'btn_backstand'=> array( 'it' => 'torna in piedi', 'en' => 'back standing' ), @@ -155,12 +154,12 @@ $mlang_brisk = array( 'btn_backstand'=> array( 'it' => 'torna in piedi', $G_lng = langtolng($G_lang); $G_all_points = array( 11,10,4,3,2, 0,0,0,0,0 ); -$G_brisk_version = "4.17.0"; +$G_brisk_version = "4.18.5"; /* MLANG: ALL THE INFO STRINGS IN brisk.phh */ -$root_wellarr = array( 'it' => array ( 'Brisk (Ver. '.$G_brisk_version.'), NOVITA\': gestione accessi da sistemi di anonimizzazione, nuovi termini di utilizzo.', +$root_wellarr = array( 'it' => array ( 'Brisk (Ver. '.$G_brisk_version.'), NOVITA\': Puffin riattivato, accessi da cloud disattivati, corretto bug sulla gestione di puffin, riabilitato blocco dei proxy.', 'Se vuoi iscriverti alla Mailing List, cliccala!' ), - 'en' => array ( 'Brisk (Ver. '.$G_brisk_version.'), NEWS: engine refactoring and logout message.', + 'en' => array ( 'Brisk (Ver. '.$G_brisk_version.'), NEWS: Puffin re-enabled, cloud accesses disabled, fixed puffin mgmt bug, re-enabled proxy access block.', 'If you want to subscribe our Mailing List, click it!' ) ); $G_room_help = array( 'it' => ' @@ -346,6 +345,39 @@ $G_PG_cons_n = 345; /* printf("\n"); */ /* } */ +function ip2int($s) +{ + return (ip2long($s)); +} + +function int2ip($i) +{ + return (long2ip($i)); +} + +function int2four($l) +{ + if (PHP_INT_SIZE == 4) + return ($l); + + return ( ($l & 0x80000000 ? 0xffffffff00000000 : 0x00) | $l ); +} + +function four2int($s) +{ + return ($s & 0xffffffff); +} + +function ip2four($s) +{ + return int2four( ip2int($s) ); +} + +function four2ip($i) +{ + return int2ip( four2int($i) ); +} + function nickserv_msg($dt, $msg) { return sprintf('chatt_sub("%s",[0x040003,"%s"],"%s");', $dt, NICKSERV, $msg); } @@ -447,6 +479,7 @@ function versions_cmp($v1, $v2) return 0; } +// return string with IPV4 address function addrtoipv4($addr) { $ipv4addr_arr = explode(':' , $addr); @@ -783,13 +816,13 @@ class Table { if ($sitted < PLAYERS_N) { switch ($this->auth_type) { case TABLE_AUTH_TY_CERT: - if ($user->is_cert()) + if ($user->is_cert() && !$user->is_appr()) $act = "sitcert"; else $act = 'resercert'; break; case TABLE_AUTH_TY_AUTH: - if ($user->is_auth()) + if ($user->is_auth() && !$user->is_appr()) $act = "sitreser"; else $act = 'reserved'; @@ -964,6 +997,7 @@ define('GHOST_SESS_REAS_ANOT', 2); // another user get session define('GHOST_SESS_REAS_TOUT', 3); // room timeout define('GHOST_SESS_REAS_TTOT', 4); // table timeout define('GHOST_SESS_REAS_ANON', 5); // anonymizer access +define('GHOST_SESS_REAS_PROX', 6); // proxy access class GhostSessEl { @@ -1038,9 +1072,9 @@ class Brisk var $garbage_timeout; var $shm_sz; - var $ban_list; // ban list (authized allowed) - var $black_list; // black list (anti-dos, noone allowed) - var $provider_proxy; // list of provider/browser that offer proxy service + var $ban_list; // ban list (authized allowed) + var $black_list; // black list (anti-dos, noone allowed) + var $cloud_smasher; // list of cloud ip ranges to be rejected var $ghost_sess; var $delay_mgr; @@ -1054,13 +1088,13 @@ class Brisk } // constructor - static function create($crystal_filename, $ban_list, $black_list, $prov_proxy) { + static function create($crystal_filename, $ban_list, $black_list, $cloud_smasher) { if (($brisk_ser = @file_get_contents($crystal_filename)) != FALSE) { if (($brisk = unserialize($brisk_ser)) != FALSE) { fprintf(STDERR, "ROOM FROM FILE\n"); rename($crystal_filename, $crystal_filename.".old"); - $brisk->reload(TRUE, $ban_list, $black_list, $prov_proxy); + $brisk->reload(TRUE, $ban_list, $black_list, $cloud_smasher); return($brisk); } @@ -1076,7 +1110,7 @@ class Brisk $thiz->ban_list = IpClass::create(); $thiz->black_list = IpClass::create(); - $thiz->provider_proxy = ProviderProxy::create(); + $thiz->cloud_smasher = IpClass::create(); $thiz->ghost_sess = new GhostSess(); for ($i = 0 ; $i < MAX_PLAYERS ; $i++) { @@ -1093,14 +1127,15 @@ class Brisk static::$sess_cur = FALSE; - $thiz->reload(TRUE, $ban_list, $black_list, $prov_proxy); + $thiz->reload(TRUE, $ban_list, $black_list, $cloud_smasher); return ($thiz); } - function reload($is_first, $ban_list, $black_list, $prov_proxy) + function reload($is_first, $ban_list, $black_list, $cloud_smasher) { - fprintf(STDERR, "RELOAD STUFF (%d)(%d)(%d)\n", count($ban_list), count($black_list), count($prov_proxy)); + fprintf(STDERR, "RELOAD STUFF (%d)(%d)(%d)\n", + count($ban_list), count($black_list), count($cloud_smasher)); if (defined('CURL_DE_SAC_VERS')) { if (brisk_cds_reload($this) == FALSE) { @@ -1109,7 +1144,7 @@ class Brisk } $this->ban_list->update($ban_list); $this->black_list->update($black_list); - $this->provider_proxy->update($prov_proxy); + $this->cloud_smasher->update($cloud_smasher); if (!$is_first) { $this->banned_kickoff(); @@ -1144,7 +1179,8 @@ class Brisk continue; // check if the IP is blacklisted - if ($this->black_check($user_cur->ip)) { + if ($this->black_check($user_cur->ip) || + $this->cloud_check($user_cur->ip)) { $user_cur->lacc = 0; $is_ban = TRUE; continue; @@ -1174,9 +1210,9 @@ class Brisk return ($this->black_list->check($ip_str)); } - function pproxy_realip($ip_str) + function cloud_check($ip_str) { - return ($this->provider_proxy->realip($ip_str)); + return ($this->cloud_smasher->check($ip_str)); } function users_cleanup() @@ -1960,7 +1996,7 @@ class Brisk $to_user = nickserv_msg($dt, $mlang_brisk['mesgmust'][$G_lang]); } } - else if (strncmp($msg, "/nick ", 6) == 0) { + else if (FALSE && strncmp($msg, "/nick ", 6) == 0) { log_main("chatt_send BEGIN"); do { @@ -2121,17 +2157,19 @@ class Brisk if ( TRUE && (! $user->is_auth()) ) { $to_user = nickserv_msg($dt, xcape("Visto l'elevato numero di molestatori che ultimamente hanno preso dimora su Brisk abbiamo deciso")); $to_user .= nickserv_msg($dt, xcape("di disattivare temporaneamente la chat in room per i non registrati, non ce ne vogliate e buone feste.")); - $aug_head = array("Tanti", "Tantissimi", "Un enormità", "Un milione", "Un' esagerazione"); - $aug_body = array("a tutti gli utenti", "a tutti gli uomini", "a tutte le donne", "a tutti gli utenti"); - $aug_tail = array("di Brisk", "del sito", "della ciurma", "della comitiva", "del gruppo"); - - $auguri = sprintf("%s auguri %s %s.", - $aug_head[mt_rand(0, count($aug_head)-1)], - $aug_body[mt_rand(0, count($aug_body)-1)], - $aug_tail[mt_rand(0, count($aug_tail)-1)]); - - $to_room = sprintf('chatt_sub("%s",[%d,"%s"],"%s");', $dt, $user->flags, xcape($user->name), - xcape($auguri)); + if (FALSE) { + $aug_head = array("Tanti", "Tantissimi", "Un enormità", "Un milione", "Un' esagerazione"); + $aug_body = array("a tutti gli utenti", "a tutti gli uomini", "a tutte le donne", "a tutti gli utenti"); + $aug_tail = array("di Brisk", "del sito", "della ciurma", "della comitiva", "del gruppo"); + + $auguri = sprintf("%s auguri %s %s.", + $aug_head[mt_rand(0, count($aug_head)-1)], + $aug_body[mt_rand(0, count($aug_body)-1)], + $aug_tail[mt_rand(0, count($aug_tail)-1)]); + + $to_room = sprintf('chatt_sub("%s",[%d,"%s"],"%s");', $dt, $user->flags, xcape($user->name), + xcape($auguri)); + } } else { $to_user = sprintf('chatt_sub("%s",[%d,"%s"],"%s");', $dt, $user->flags, xcape($user->name), xcape($msg)); @@ -2613,18 +2651,22 @@ class Brisk function request_mgr(&$s_a_p, $header, &$header_out, &$new_socket, $path, $addr, $get, $post, $cookie) { - GLOBAL $G_ban_list, $G_black_list; + GLOBAL $G_ban_list, $G_black_list, $G_cloud_smasher; printf("NEW_SOCKET (root): %d PATH [%s]\n", intval($new_socket), $path); - // $remote_addr = addrtoipv4($addr); - $remote_addr = $this->pproxy_realip(addrtoipv4($addr)); - fprintf(STDERR, "\n\n\n PRE_BLACK_CHECK \n\n\n"); - if ($this->black_check($remote_addr)) { + fprintf(STDERR, "\n\n\n PRE_BLACK [%s]\n\n\n", $addr); + if ($this->black_check($addr)) { // TODO: waiting async 5 sec before close - fprintf(STDERR, "\n\n\n BLACK_CHECK \n\n\n"); + fprintf(STDERR, "\n\n\n BLACK CHECK\n\n\n"); return (FALSE); } + if ($path != "" && $path != "index.php") { + if ($this->cloud_check($addr)) { + // TODO: waiting async 5 sec before close + return (FALSE); + } + } $enc = get_encoding($header); if (isset($header['User-Agent'])) { @@ -3292,7 +3334,7 @@ function validate_name($name) { $name_new = str_replace(' ', '_', mb_substr(trim($name),0,12, "UTF-8")); - for ($i = 0 ; $i < strlen($name_new) ; $i++) { + for ($i = 0 ; $i < mb_strlen($name_new) ; $i++) { $c = $name_new[$i]; if (($c >= "a" && $c <= "z") || ($c >= "A" && $c <= "Z") || ($c >= "0" && $c <= "9")) return ($name_new);