there are many issues with unreal, since i had a chance to build my own unreal services i stumbled a lot of sync issues.<br>here are some issues, some of which (but not all) are already handled:<br><br>+b can be overridden or be desynced.
<br>here are the reasons i remember for overrides:<br>user who gets an /invite (services invite too in ajoin etc)<br>user who has +e *!*@*<br>+e can include shit loads of extensions i.e. +e ~c:#opers or ~r:gekos<br>+I acts like /invite and also may include weird extensions
<br>and when u handle all that you need to start taking into account services timestamp desync handler,<br>generally speaking, if your timestamp is higher than the one the ircd sends you, you need to discard your modes, if they are identical, you need to do an awkward merge, and if you have a lower value discard everything the server just told you.
<br>btw, are time desyncs (TS) taking into account here? usually not an issue when services link to localhost, but i've seen different setups.<br>sounds simple? sure, just a couple more ideas<br>my implementation unsets a ban after 5 minutes, to avoid ban list getting filled, and akicks/restricts always set a ban in *!*@host form to avoid dbls.
<br>some modules allow opers to override but that's obvious.<br>i've still didn't have a chance to figure out the new maskign module (thanks ircd for sending * instead of the actual value) so i do USERHOST nick1 nick2 nick3 on every connect to get in sync.
<br><br>i've implemented ALL of that, and guess what, on extremely rare occasions, i still get a desync issue (my services think ban is set but it's not).<br>i'm pretty sure it's just a protocol compatibility issue and not the services fault (although implementing more of the protocol would help), so my solution is to set +f with user join flood protection that bans users and unsets the bans after 5 minutes.
<br><br><br><div class="gmail_quote">On Jan 6, 2008 2:05 AM, Robin Burchell <<a href="mailto:robin@en2no.com">robin@en2no.com</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
No +I masks, three +e masks are set, neither of which match me..<br><br>#helpers *!*@<a href="http://herring.chatspike.net" target="_blank">herring.chatspike.net</a> set by Om (Sat Nov 03 23:13:31)<br>#helpers *!*@<a href="http://helper.chatspike.net" target="_blank">
helper.chatspike.net</a> set by Om (Sat Nov 03 23:13:27)<br>#helpers *!*@<a href="http://tortoisegod.chatspike.net" target="_blank">tortoisegod.chatspike.net</a> set by Om (Sat Nov 03 23:13:21)<br>#helpers End of Channel Exception List
<br>-<br>#helpers End of Channel Invite Exception List<br><br>w00t is <a href="mailto:w00t@globop.chatspike.net">w00t@globop.chatspike.net</a> * Master of all trades; jack of none<br><- being me.<br><br>Explicit invite - (as in /invite?) - aren't used on that channel. It's
<br>also perhaps worthy of note that /invite only overrides ban on some<br>software.<br><br>I imagine the problem was caused as some IRCds will propegate the ban<br>anyway (no duplicates checking) from a server to server link, so I
<br>guess that could be construed as a problem of sorts, though not a<br>major one.<br><br>Given the infrequency of this problem, I don't mind waiting until the<br>list archives are back up for you to check, by all means. :)
<br><div><div></div><div class="Wj3C7c"><br>On Jan 5, 2008 11:52 PM, Andrew Church <<a href="mailto:achurch@achurch.org">achurch@achurch.org</a>> wrote:<br>> >I understand it must be frustrating to have an issue like this that's
<br>> >so hard to track down, but it is equally frustrating to get bit in the<br>> >ass by it. Isn't it wise to assume that if they are joining an<br>> >existing channel that a ban matching them doesn't exist anyway
<br>> >(otherwise how are they joining?)<br>><br>> +e, +I, explicit INVITE, possibly other methods. Originally, I didn't<br>> bother checking for the ban, but apparently it caused a problem, because<br>
> I added the check in 4.5pre0:<br>><br>> 2001/01/11 Fixed duplicate adding of bans when auto-kicking a user<br>> from a channel. Reported by James <<a href="mailto:daemus@evilcode.com">
daemus@evilcode.com</a>><br>> --- chanserv.c 11 Jan 2001 00:03:56 -0000 1.10<br>> +++ chanserv.c 11 Jan 2001 04:29:13 -0000 1.11<br>> @@ -670,10 +670,13 @@<br>> #else<br>> }<br>> #endif
<br>> - av[1] = "+b";<br>> - av[2] = mask;<br>> - send_cmd(s_ChanServ, "MODE %s +b %s %lu", chan, mask, time(NULL));<br>> - do_cmode(s_ChanServ, 3, av);<br>> + /* Apparently invites can get around bans, so check for ban first */
<br>> + if (!chan_has_ban(mask)) {<br>> + av[1] = "+b";<br>> + av[2] = mask;<br>> + send_cmd(s_ChanServ, "MODE %s +b %s %lu", chan, mask, time(NULL));<br>> + do_cmode(s_ChanServ, 3, av);
<br>> + }<br>> free(mask);<br>> send_cmd(s_ChanServ, "KICK %s %s :%s", chan, user->nick, reason);<br>> if (stay) {<br>><br>> The list archives are down at the moment, so I can't check exactly what
<br>> the problem was, whether it was a serious issue or just cosmetic; I'm<br>> hesitant to remove the check without knowing more. (Of course, you're<br>> welcome to try removing it yourself and seeing what happens.)
<br>><br>><br>> --Andrew Church<br>> <a href="mailto:achurch@achurch.org">achurch@achurch.org</a><br>> <a href="http://achurch.org/" target="_blank">http://achurch.org/</a><br>><br></div></div>
<div><div></div><div class="Wj3C7c">> ------------------------------------------------------------------<br>> To unsubscribe or change your subscription options, visit:<br>> <a href="http://lists.ircservices.za.net/mailman/listinfo/ircservices" target="_blank">
http://lists.ircservices.za.net/mailman/listinfo/ircservices</a><br>><br><br><br><br>--<br>Robin Burchell<br>mob: +447702671419<br>msn: <a href="mailto:msn@viroteck.net">msn@viroteck.net</a><br>web: <a href="http://www.en2no.com" target="_blank">
http://www.en2no.com</a><br>------------------------------------------------------------------<br>To unsubscribe or change your subscription options, visit:<br><a href="http://lists.ircservices.za.net/mailman/listinfo/ircservices" target="_blank">
http://lists.ircservices.za.net/mailman/listinfo/ircservices</a><br></div></div></blockquote></div><br><br clear="all"><br>-- <br>Best Regards,<br><br>Anton Wolkov<br>Information Security Expert | BugSec Ltd.<br>Mobile: 054-7703580 | Office: 03-9622655
<br>Visit us at our web site: <a href="http://www.bugsec.com">www.bugsec.com</a>