View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0004781unrealircdpublic2016-12-02 15:202016-12-04 16:21
ReporterKnuX Assigned Tosyzop  
PrioritynormalSeveritymajorReproducibilityalways
Status resolvedResolutionfixed 
Product Version4.0.8.1 
Fixed in Version4.0.9 
Summary0004781: NICKLEN=30 doesn't work for linked servers
DescriptionHi,

I have a weird issue :(

When I connect a client with a 30 characters length nickname in a 2 servers network, he can connect but the linked server systematically kill him.

I have 2 ircds 4.0.8.2 linked called :
* ircdev01.prodin.orbus.fr (2) 201
* `-ircdev02.prodin.orbus.fr (2) 202
* End of /MAP

Both have the following specs :
* ircdev01.prodin.orbus.fr UnrealIRCd-4.0.8.2 iowrsxzdHtIRqpWTS lvhopsmntikraqbeIzMQNRTOVKDdGLPZSCcf
* UHNAMES NAMESX SAFELIST HCN MAXCHANNELS=70 CHANLIMIT=#:70 MAXLIST=b:360,e:360,I:360 MAXNICKLEN=30 NICKLEN=30 CHANNELLEN=32 TOPICLEN=307 KICKLEN=307 AWAYLEN=307 :are supported by this server
* MAXTARGETS=20 WALLCHOPS WATCH=128 WATCHOPTS=A SILENCE=15 MODES=12 CHANTYPES=# PREFIX=(ohv)@%+ CHANMODES=beIqa,kLf,l,psmntirzMQNRTOVKDdGPZSCc NETWORK=Skyrock CASEMAPPING=ascii EXTBAN=~,SOcaRrnqj ELIST=MNUCT :are supported by this server
* STATUSMSG=@%+ EXCEPTS INVEX CMDS=USERIP,MAP :are supported by this server

* ircdev02.prodin.orbus.fr UnrealIRCd-4.0.8.2 iowrsxzdHtIRqpWTS lvhopsmntikraqbeIzMQNRTOVKDdGLPZSCcf
* UHNAMES NAMESX SAFELIST HCN MAXCHANNELS=70 CHANLIMIT=#:70 MAXLIST=b:360,e:360,I:360 MAXNICKLEN=30 NICKLEN=30 CHANNELLEN=32 TOPICLEN=307 KICKLEN=307 AWAYLEN=307 :are supported by this server
* MAXTARGETS=20 WALLCHOPS WATCH=128 WATCHOPTS=A SILENCE=15 MODES=12 CHANTYPES=# PREFIX=(ohv)@%+ CHANMODES=beIqa,kLf,l,psmntirzMQNRTOVKDdGPZSCc NETWORK=Skyrock CASEMAPPING=ascii EXTBAN=~,SOcaRrnqj ELIST=MNUCT :are supported by this server
* STATUSMSG=@%+ EXCEPTS INVEX CMDS=USERIP,MAP :are supported by this server
Steps To ReproduceMy user is "azertyuiopqsdfghjklmwxcvbnazer" (30 chars), connecting to ircdev01 will produce :
[14:58:22] * Welcome to the Skyrock IRC Network [email protected]
[14:58:22] * Your host is ircdev01.prodin.orbus.fr, running version UnrealIRCd-4.0.8.2
[14:58:22] * This server was created Thu Nov 17 2016 at 13:44:35 UTC
[...]
[14:58:22] * Skyrock-FD37C91C.prodin.orbus.fr :is now your displayed host
[14:58:22] * There are 1 users and 5 invisible on 2 servers
[14:58:22] * 4 :operator(s) online
[14:58:22] * 40 :channels formed
[14:58:22] * I have 3 clients and 1 servers
[14:58:22] * 3 3 :Current local users 3, max 3
[14:58:22] * 6 25 :Current global users 6, max 25
[14:58:22] * MOTD File is missing
[14:58:22] * azertyuiopqsdfghjklmwxcvbnazer sets modes [azertyuiopqsdfghjklmwxcvbnazer :+iwx]
[14:58:22] * azertyuiopqsdfghjklmwxcvbnazer sets modes [azertyuiopqsdfghjklmwxcvbnazer :+os]
[14:58:22] * Server notice mask (+kcfvGqso)
[14:58:22] * You are now an IRC Operator
[14:58:22] * *** Received KILL message for azertyuiopqsdfghjklmwxcvbnazer!KnuX@Skyrock-FD37C91C.prodin.orbus.fr from ircdev02.prodin.orbus.fr Path: ircdev02!ircdev02.prodin.orbus.fr (azertyuiopqsdfghjklmwxcvbnazer(?) <- ircdev01.prodin.orbus.fr)
[14:58:22] * You have been killed by ircdev02.prodin.orbus.fr (ircdev02!ircdev02.prodin.orbus.fr (azertyuiopqsdfghjklmwxcvbnazer(?) <- ircdev01.prodin.orbus.fr))
[14:58:22] * *** Client exiting: azertyuiopqsdfghjklmwxcvbnazer ([email protected]) [172.18.194.25] ([ircdev01.prodin.orbus.fr] Local kill by ircdev02.prodin.orbus.fr (ircdev02.prodin.orbus.fr (azertyuiopqsdfghjklmwxcvbnazer(?) <- ircdev01.prodin.orbus.fr)))
[14:58:22] * Closing Link: azertyuiopqsdfghjklmwxcvbnazer[fw01.prodin.orbus.fr] ircdev02.prodin.orbus.fr ([ircdev01.prodin.orbus.fr] Local kill by ircdev02.prodin.orbus.fr (ircdev02.prodin.orbus.fr (azertyuiopqsdfghjklmwxcvbnazer(?) <- ircdev01.prodin.orbus.fr)))

But if I connect him using 29 chars, it's OK :
[...]
[15:08:12] * You are now an IRC Operator
[15:08:12] * azertyuiopqsdfghjklmwxcvbnaze sets modes [azertyuiopqsdfghjklmwxcvbnaze :+qWT]
[15:08:12] * Server notice mask (+kcfFjveGqSso)
[15:08:12] * azertyuiopqsdfghjklmwxcvbnaze*[email protected]

And he can change his nickname back to 30 chars :
[15:08:16] * You are now known as azertyuiopqsdfghjklmwxcvbnazer
Additional InformationIf needed, the ./configure is attached.
TagsNo tags attached.
Attached Files
configure.txt (9,013 bytes)
3rd party modulesno

Activities

syzop

2016-12-02 15:52

administrator   ~0019538

So this is an UnrealIRCd with default settings? No changes to config.h/struct.h?

I can't reproduce it with 'azertyuiopqsdfghjklmwxcvbnazer' on my ircd.
Does it also occur with a different 30 character nick?

syzop

2016-12-02 15:54

administrator   ~0019539

Also, any source modifications? Any 3rd party modules?

KnuX

2016-12-02 16:07

reporter   ~0019540

Yes, default settings, no patch applied, no 3rd party modules. Same bug occurs with the nickname "iiiiiiiiiiiiiiiiiiiiiiiiiiiiii" and we doesn't use the "set::nick-length" configuration.

Links are configured as "insecure" :
link ircdev02.prodin.orbus.fr
{
    outgoing {
            hostname 172.18.104.193;
        port 6667;
        options {
            autoconnect;
            insecure;
        };
    };
    incoming {
        mask 172.18.104.193;
    };
    password "*";
    hub *;
    class servers;
};

I can send you our unrealircd.conf in private if it can help you ^^

syzop

2016-12-02 16:09

administrator   ~0019541

Strange. Yes, could you send your entire unrealircd.conf from both servers to [email protected] ?
Best to ***** out the passwords, even for me :)

KnuX

2016-12-02 16:23

reporter   ~0019542

Done ;)

syzop

2016-12-02 16:39

administrator   ~0019543

Thanks, I was going to email you that I cannot reproduce. But now I just reproduced the problem and saw the kill.

I'll look into this now :)

syzop

2016-12-02 16:43

administrator   ~0019544

Could you keep the issue quiet while I trace this? I'm not sure if it has security impact (yet) :)

KnuX

2016-12-02 16:48

reporter   ~0019545

OK ! Thx ;)

syzop

2016-12-04 16:21

administrator   ~0019546

Fixed in 4.0.9, released yesterday. Thanks again for informing us about this bug :)

https://github.com/unrealircd/unrealircd/commit/a3cdb49bc94388e5d918777b8f61b528aff4e69a

Issue History

Date Modified Username Field Change
2016-12-02 15:20 KnuX New Issue
2016-12-02 15:20 KnuX File Added: configure.txt
2016-12-02 15:52 syzop Note Added: 0019538
2016-12-02 15:54 syzop Note Added: 0019539
2016-12-02 15:54 syzop Assigned To => syzop
2016-12-02 15:54 syzop Status new => feedback
2016-12-02 15:58 syzop View Status public => private
2016-12-02 16:07 KnuX Note Added: 0019540
2016-12-02 16:09 syzop Note Added: 0019541
2016-12-02 16:23 KnuX Note Added: 0019542
2016-12-02 16:39 syzop Note Added: 0019543
2016-12-02 16:43 syzop Note Added: 0019544
2016-12-02 16:48 KnuX Note Added: 0019545
2016-12-04 16:19 syzop Severity minor => major
2016-12-04 16:19 syzop View Status private => public
2016-12-04 16:21 syzop Status feedback => resolved
2016-12-04 16:21 syzop Resolution open => fixed
2016-12-04 16:21 syzop Fixed in Version => 4.0.9
2016-12-04 16:21 syzop Note Added: 0019546