From: Remco Rijnders Date: Sat, 7 Mar 2026 17:17:36 +0000 (-0500) Subject: CLEANUP: Replace weak RNGs with arc4random, make NOSPOOF unconditional X-Git-Url: http://git.serene-ircd.net/?a=commitdiff_plain;h=074ba1612036ed1e94450542f10c3e1ff505f456;p=serene-ircd.git CLEANUP: Replace weak RNGs with arc4random, make NOSPOOF unconditional Replace srand/rand (NOSPOOF seeds) and srand48/lrand48 (DNS query IDs) with arc4random(), which is cryptographically strong and needs no seeding. Simplify NOSPOOF anti-spoof challenge: replace the MD5-based construction (which depended on predictable seeds) with a direct arc4random() call. Remove NOSPOOF_SEED01/NOSPOOF_SEED02 globals and MD5 dependency. Make NOSPOOF unconditional — every modern IRC client handles PING-on-connect. Remove all #ifdef NOSPOOF conditionals across the codebase. Fix operator precedence bug in res.c where & 0xffff only applied to the lrand48() result instead of the whole expression. Co-Authored-By: Claude Opus 4.6 --- diff --git a/include/config.h b/include/config.h index c185042..7028697 100644 --- a/include/config.h +++ b/include/config.h @@ -95,7 +95,7 @@ #define MALLOC_FLAGS_EXTRA "" -#undef NOSPOOF +#define NOSPOOF /* KLINE_ADDRESS diff --git a/include/h.h b/include/h.h index 6c942ec..283029b 100644 --- a/include/h.h +++ b/include/h.h @@ -32,13 +32,6 @@ extern int bootopt; /* Prototype added to force errors -- Barubary */ extern time_t check_pings(time_t now, int check_kills); -/* moved here to allow the server to generate new seeds on startup - InnerFIRE */ - -#ifdef NOSPOOF -extern uint32_t NOSPOOF_SEED01, NOSPOOF_SEED02 ; -#endif /* NOSPOOF*/ - #define BREPORT_DO_DNS "NOTICE AUTH :*** Looking up your hostname...\r\n" #define BREPORT_FIN_DNS "NOTICE AUTH :*** Found your hostname\r\n" #define BREPORT_FIN_DNSC "NOTICE AUTH :*** Found your hostname (cached)\r\n" diff --git a/include/struct.h b/include/struct.h index 700cf06..4621aff 100644 --- a/include/struct.h +++ b/include/struct.h @@ -253,11 +253,7 @@ typedef struct Zdata aZdata; #define GotProtoctl(x) ((x)->flags & FLAGS_PROTOCTL) #define IsBlocked(x) ((x)->flags & FLAGS_BLOCKED) #define GotCapab(x) ((x)->flags & FLAGS_GOTCAPAB) -#ifdef NOSPOOF #define IsNotSpoof(x) ((x)->nospoof == 0) -#else -#define IsNotSpoof(x) (1) -#endif #ifdef SEEUSERSTATS #define SetStatsF(x) ((x)->umodes |= UMODE_STATS) @@ -639,9 +635,7 @@ struct Client { short lastsq; /* # of 2k blocks when sendqueued called last*/ dbuf sendQ; /* Outgoing message queue--if socket full */ dbuf recvQ; /* Hold for data incoming yet to be parsed */ -#ifdef NOSPOOF uint32_t nospoof; /* Anti-spoofing random number */ -#endif long oflag; /* Operator access flags -Cabal95 */ long proto; /* ProtoCtl options */ long sendM; /* Statistics: protocol messages send */ diff --git a/src/ircd.c b/src/ircd.c index 432b0ae..33fd9fd 100644 --- a/src/ircd.c +++ b/src/ircd.c @@ -38,10 +38,6 @@ char *malloc_options = "h" MALLOC_FLAGS_EXTRA; #endif -#ifdef NOSPOOF -uint32_t NOSPOOF_SEED01, NOSPOOF_SEED02; -#endif /* NOSPOOF */ - int global_count, max_global_count; time_t now; int synchmode; @@ -663,13 +659,6 @@ int main (argc, argv) R_fin_id = strlen (REPORT_FIN_ID); R_fail_id = strlen (REPORT_FAIL_ID); -#ifdef NOSPOOF - srand (time (NULL)); - - NOSPOOF_SEED01 = rand () % 2147483647; - NOSPOOF_SEED02 = rand () % 2147483647; -#endif /* NOSPOOF */ - check_class (); if (bootopt & BOOT_OPER) { aClient *tmp = add_connection (&me, 0); diff --git a/src/parse.c b/src/parse.c index e9d4985..548fcdc 100644 --- a/src/parse.c +++ b/src/parse.c @@ -339,9 +339,7 @@ int parse (aClient *cptr, char *buffer, char *bufend, struct Message *mptr) (mptr->func != m_pass) && (mptr->func != m_quit) && (mptr->func != m_protoctl) && (mptr->func != m_error) && (mptr->func != m_admin) && (mptr->func != m_version) -#ifdef NOSPOOF && (mptr->func != m_notice) -#endif ))) { sendto_one (from, ":%s %d %s :You have not registered", me.name, ERR_NOTREGISTERED, ch); diff --git a/src/res.c b/src/res.c index ed46dc9..5f83e55 100644 --- a/src/res.c +++ b/src/res.c @@ -81,7 +81,6 @@ int init_resolver (op) { int ret = 0; - srand48 (time (NULL)); if (op & RES_INITLIST) { bzero ((char *) &reinfo, sizeof (reinfo)); first = last = NULL; @@ -410,7 +409,7 @@ static int query_name (char *name, int class, int type, ResRQ *rptr) } hptr = (HEADER *) buf; do { - hptr->id = htons (ntohs (hptr->id) + k + lrand48 () & 0xffff); + hptr->id = htons ((ntohs (hptr->id) + k + arc4random ()) & 0xffff); k++; } while (find_id (ntohs (hptr->id))); diff --git a/src/s_debug.c b/src/s_debug.c index 45ad583..a6d69ea 100644 --- a/src/s_debug.c +++ b/src/s_debug.c @@ -47,9 +47,7 @@ char serveropts[] = { #ifdef CRYPT_OPER_PASSWORD 'p', #endif -#ifdef NOSPOOF 'n', -#endif #ifdef USE_SYSLOG 'Y', #endif diff --git a/src/s_user.c b/src/s_user.c index d480fb3..86d638c 100644 --- a/src/s_user.c +++ b/src/s_user.c @@ -45,11 +45,6 @@ static char buf[BUFSIZE], buf2[BUFSIZE]; int ZLineExists (char *); #endif -#ifdef NOSPOOF -/* From md5.c */ -void MD5Init (uint32_t[]); -void MD5Transform (uint32_t[], uint32_t[]); -#endif /* ** m_functions execute protocol messages on this server: @@ -866,10 +861,6 @@ int m_nick (cptr, sptr, parc, parv) time_t lastnick = (time_t) 0; int differ = 1; -#ifdef NOSPOOF - uint32_t md5data[16]; - static uint32_t md5hash[4]; -#endif /* * If the user didn't specify a nickname, complain @@ -1226,55 +1217,7 @@ int m_nick (cptr, sptr, parc, parv) parv[0], nick, sptr->lastnick); } else if (!sptr->name[0]) { -#ifdef NOSPOOF - /* - * Client setting NICK the first time. - * - * Generate a random string for them to pong with. - * - * The first two are server specific. The intent is to randomize - * things well. - * - * We use lots of junk here, but only "low cost" things. - */ - md5data[0] = NOSPOOF_SEED01; - md5data[1] = NOSPOOF_SEED02; - md5data[2] = time (NULL); - md5data[3] = me.sendM; - md5data[4] = me.receiveM; - md5data[5] = 0; - md5data[6] = getpid (); - md5data[7] = sptr->ip.s_addr; - md5data[8] = sptr->fd; - md5data[9] = 0; - md5data[10] = 0; - md5data[11] = 0; - md5data[12] = md5hash[0]; /* previous runs... */ - md5data[13] = md5hash[1]; - md5data[14] = md5hash[2]; - md5data[15] = md5hash[3]; - - /* - * initialize the md5 buffer to known values - */ - MD5Init (md5hash); - - /* - * transform the above information into gibberish - */ - MD5Transform (md5hash, md5data); - - /* - * Never release any internal state of our generator. Instead, - * use two parts of the returned hash and xor them to hide - * both values. - */ - sptr->nospoof = (md5hash[0] ^ md5hash[1]); - - /* - * If on the odd chance it comes out zero, make it something - * non-zero. - */ + sptr->nospoof = arc4random (); if (sptr->nospoof == 0) sptr->nospoof = 0xdeadbeef; sendto_one (sptr, ":%s NOTICE %s :*** If you are having problems" @@ -1282,7 +1225,6 @@ int m_nick (cptr, sptr, parc, parv) " type /notice %X nospoof now.", me.name, nick, sptr->nospoof, sptr->nospoof); sendto_one (sptr, "PING :%X", sptr->nospoof); -#endif /* NOSPOOF */ #ifdef CONTACT_EMAIL sendto_one (sptr, ":%s NOTICE %s :*** If you need assistance with a" @@ -1376,20 +1318,12 @@ static int m_message (cptr, sptr, parc, parv, notice) NULL }; -/* This is related to the test for unregistered users in - * parse.c. Unless NOSPOOF is defined, there is no need to - * test this here since m_notice and m_message are disallowed. - * -Studded - */ - -#ifdef NOSPOOF if (notice) { if (check_registered (sptr)) return 0; } else if (check_registered_user (sptr)) return 0; -#endif sptr->flags &= ~FLAGS_TS8; @@ -1781,19 +1715,15 @@ int m_notice (cptr, sptr, parc, parv) if ((cptr->name[0]) && !IsNotSpoof (cptr)) { if (BadPtr (parv[1])) return 0; -#ifdef NOSPOOF if (strtoul (parv[1], NULL, 16) != cptr->nospoof) goto temp; sptr->nospoof = 0; -#endif if (sptr->user && sptr->name[0]) return register_user (cptr, sptr, sptr->name, sptr->user->username); return 0; } -#ifdef NOSPOOF temp: -#endif return m_message (cptr, sptr, parc, parv, 1); return 0; } @@ -2746,7 +2676,6 @@ int m_ping (cptr, sptr, parc, parv) return 0; } -#ifdef NOSPOOF /* ** m_nospoof - allows clients to respond to no spoofing patch ** parv[0] = prefix @@ -2786,7 +2715,6 @@ int m_nospoof (cptr, sptr, parc, parv) cptr->nospoof, me.name, cptr->name, (char) 1, (char) 1); return 0; } -#endif /* NOSPOOF */ /* ** m_pong @@ -2802,10 +2730,8 @@ int m_pong (cptr, sptr, parc, parv) aClient *acptr; char *origin, *destination; -#ifdef NOSPOOF if (!IsRegistered (cptr)) return m_nospoof (cptr, sptr, parc, parv); -#endif if (parc < 2 || *parv[1] == '\0') { sendto_one (sptr, err_str (ERR_NOORIGIN), me.name, parv[0]);