View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0005957||unreal||ircd||public||2021-07-07 00:05||2021-07-09 09:08|
|Priority||normal||Severity||minor||Reproducibility||have not tried|
|Fixed in Version||5.2.1|
|Summary||0005957: Eline conflict|
|Description||Today I gline a user with this IP address: /gline *@127.133.22.93.rev.sfr.net (and /gline *@220.127.116.11)|
but no luck he does not disconnect on IRC server.
I'm looking for the reason it's not logging out, I check / eline / stats except and see this:
[23:47:47] * *@127.* GkZzsbcd 0 93393 -default- localhost is always exempt
Fail of Unrealircd or not?
|Tags||No tags attached.|
|3rd party modules|
||Oh that is a funny oversight indeed. You can use /gzline (instead of /gline) to get rid of this particular user in the meantime :D|
I have marked the issue as 'private' as this is a security issue that should not be publicly known or spoken about until a fix/release is announced.
I expect to release UnreaIRCd 5.2.1 on Friday (48 hours from now). Unfortunately 5.2.1-rc1 needs 2-3 days more testing otherwise i would have released it today already.
I will also include a hot patch in the release announcement so people can fix the issue for both 5.0.9 and 5.2.x without a restart.
You can use the following command on on both 5.0.9 and 5.2.0(.x): ./unrealircd hot-patch exemptlocalhost
But please don't tell anyone yet for the next 48 hours (until release).
||@syzop ok thank, i would use gzline|
"I have marked the issue as 'private' as this is a security issue that should not be publicly known or spoken about until a fix/release is announced."
ah yes yes indeed
>You can use the following command on on both 5.0.9 and 5.2.0 (.x): ./unrealircd hot-patch exemptlocalhost
>But please don't tell anyone yet for the next 48 hours (until release).
It's validated, it worked (but I haven't tested the gline on the other hand, because no user currently with this ip range)
||Oh and I forgot to say: thanks for the report, you have found several important bugs by now! :)|
ah yes I just did /stats except
[09:45:06] * *@127.0.0.0/8 GkZzsbcd 0 176 -default- localhost is always exempt
||@Syzop there is a problem with the patch, it should not be published|
By typing this on a channel:
/mode #chan +e ~a: <account>
User cannot join the channel, there is no exception effect
||however yesterday it was working|
||The patch could not have caused that. Maybe something else in your case :)|
||@sysop ah yes it's resolved, it was +I ~a: <account>, not +e ~a:<account>|
UnrealIRCd 5.2.1 was released today to fix it. Also announced the hot patch to fix the issue without restart.
Release announcement is in https://forums.unrealircd.org/viewtopic.php?f=1&t=9117
This bug is now no longer private but public.
Actual fix was https://github.com/unrealircd/unrealircd/commit/b398c3d1018436b5390302faa2f9c0fd67c463d5
Author: Bram Matthys <email@example.com>
Date: Wed Jul 7 08:53:47 2021 +0200
Change default exempt from 127.* to 127.0.0.0/8 so it does not match
arbitrary hosts that have a host starting with "127.". A rather stupid
oversight on my part, really.
In the meantime, if this happens, then you can still resort to using
ZLINE/GZLINE as a workaround to ban such a user. (The exemption won't
match against the host because DNS lookups are not done for zlines)
Reported by armyn in https://bugs.unrealircd.org/view.php?id=5957
|2021-07-07 00:05||armyn||New Issue|
|2021-07-07 08:53||syzop||Note Added: 0022084|
|2021-07-07 09:02||syzop||View Status||public => private|
|2021-07-07 09:35||syzop||Note Added: 0022085|
|2021-07-07 09:35||syzop||Assigned To||=> syzop|
|2021-07-07 09:35||syzop||Status||new => confirmed|
|2021-07-07 09:37||armyn||Note Added: 0022086|
|2021-07-07 09:39||armyn||Note Added: 0022087|
|2021-07-07 09:43||armyn||Note Added: 0022088|
|2021-07-07 09:44||syzop||Note Added: 0022089|
|2021-07-07 09:45||armyn||Note Added: 0022090|
|2021-07-07 11:26||armyn||Note Added: 0022091|
|2021-07-07 11:28||armyn||Note Added: 0022092|
|2021-07-07 11:32||armyn||Note Added: 0022093|
|2021-07-07 12:56||syzop||Note Added: 0022094|
|2021-07-07 15:59||armyn||Note Added: 0022095|
|2021-07-07 16:47||syzop||Note Added: 0022096|
|2021-07-09 09:05||syzop||View Status||private => public|
|2021-07-09 09:05||syzop||Note Added: 0022099|
|2021-07-09 09:06||syzop||Status||confirmed => resolved|
|2021-07-09 09:06||syzop||Resolution||open => fixed|
|2021-07-09 09:06||syzop||Fixed in Version||=> 5.2.1|
|2021-07-09 09:07||syzop||Note Edited: 0022099|
|2021-07-09 09:08||syzop||Note Edited: 0022099|