use strict;
use vars qw(%Cache %cmd_cache $errstr %aliases $scriptbase %nothereslug
$maxbadcount $msgpolltime $default_pagelth $cmdimportdir $users $maxusers
+ $maxcmdlth $maxcmdcount $cmdinterval
);
%Cache = (); # cache of dynamically loaded routine's mod times
# this does not exist as default, you need to create it manually
$users = 0; # no of users on this node currently
$maxusers = 0; # max no users on this node for this run
+$maxcmdlth = 512; # max length of incoming cmd line (including the command and any arguments
+$maxcmdcount = 27; # max no cmds entering $cmdinterval seconds
+$cmdinterval = 20; # if user enters more than $maxcmdcount in $cmdinterval seconds, they are logged off
#
# obtain a new connection this is derived from dxchannel
}
$self->lastmsgpoll($main::systime);
+ $self->{user_interval} = $self->user->user_interval || $main::user_interval; # allow user to change idle time between prompts
$self->prompt;
+
+ $self->{cmdintstart} = 0; # set when systime > this + cmdinterval and a command entered, cmdcount set to 0
+ $self->{cmdcount} = 0; # incremented on a coming in. If this value > $maxcmdcount, disconnect
+
}
#
}
$self->state('prompt');
delete $self->{talklist};
- } elsif ($cmdline =~ m|^/+\w+|) {
+ } elsif ($cmdline =~ m|^[/\w\\]+|) {
$cmdline =~ s|^/||;
my $sendit = $cmdline =~ s|^/+||;
if (@bad = BadWords::check($cmdline)) {
$self->badcount(($self->badcount||0) + @bad);
LogDbg('DXCommand', "$self->{call} swore: '$cmdline' with badwords: '" . join(',', @bad) . "'");
} else {
- my @in = $self->run_cmd($cmdline);
- $self->send_ans(@in);
- if ($sendit && $self->{talklist} && @{$self->{talklist}}) {
- foreach my $l (@in) {
- for (@{$self->{talklist}}) {
- if ($self->{state} eq 'talk') {
- $self->send_talks($_, $l);
- } else {
- send_chats($self, $_, $l)
+ my @cmd = split /\s*\\n\s*/, $cmdline;
+ foreach my $l (@cmd) {
+ my @in = $self->run_cmd($l);
+ $self->send_ans(@in);
+ if ($sendit && $self->{talklist} && @{$self->{talklist}}) {
+ foreach my $l (@in) {
+ for (@{$self->{talklist}}) {
+ if ($self->{state} eq 'talk') {
+ $self->send_talks($_, $l);
+ } else {
+ send_chats($self, $_, $l)
+ }
}
}
}
# if (@bad = BadWords::check($cmdline)) {
# $self->badcount(($self->badcount||0) + @bad);
# LogDbg('DXCommand', "$self->{call} swore: '$cmdline' with badwords: '" . join(',', @bad) . "'");
-# } else {
- $self->send_ans(run_cmd($self, $cmdline));
+ # } else {
+ my @cmd = split /\s*\\n\s*/, $cmdline;
+ foreach my $l (@cmd) {
+
+ # rate limiting code
+
+ if (($self->{cmdintstart} + $cmdinterval <= $main::systime) || $self->{inscript}) {
+ $self->{cmdintstart} = $main::systime;
+ $self->{cmdcount} = 1;
+ dbg("$self->{call} started cmdinterval") if isdbg('cmdcount');
+ } else {
+ if (++$self->{cmdcount} > $maxcmdcount) {
+ LogDbg('baduser', qq{User $self->{call} sent $self->{cmdcount} (>= $maxcmdcount) cmds in $cmdinterval seconds starting at } . atime($self->{cmdintstart}) . ", disconnected" );
+ $self->disconnect;
+ }
+ dbg("$self->{call} cmd: '$l' cmdcount = $self->{cmdcount} in $cmdinterval secs") if isdbg('cmdcount');
+ }
+ $self->send_ans(run_cmd($self, $l));
+ }
# }
}
if ($cmd) {
- # check cmd
- if ($cmd =~ m|^/| || $cmd =~ m|[^-?\w/]|) {
+ # strip out // on command only
+ $cmd =~ s|//+|/|g;
+
+ # check for length of whole command line and any invalid characters
+ if (length $cmdline > $maxcmdlth || $cmd =~ m|\.| || $cmd !~ m|^\w+(?:/\w+){0,1}(?:/\d+)?$|) {
LogDbg('DXCommand', "cmd: $self->{call} - invalid characters in '$cmd'");
- return $self->_error_out('e1');
+ return $self->_error_out('e40');
}
- # strip out // on command only
- $cmd =~ s|//|/|g;
-
my ($path, $fcmd);
dbg("cmd: $cmd") if isdbg('command');
return $self->_error_out('e1');
}
} else {
- dbg("cmd: $cmd not found") if isdbg('command');
+ LogDbg('DXCommand', "$self->{call} cmd: '$cmd' not found");
return $self->_error_out('e1');
}
}
if ($ok) {
delete $self->{errors};
} else {
- if (++$self->{errors} > $DXChannel::maxerrors) {
+ if ($self != $main::me && ++$self->{errors} > $DXChannel::maxerrors) {
$self->send($self->msg('e26'));
$self->disconnect;
return ();
- }
+ }
}
return map {s/([^\s])\s+$/$1/; $_} @ans;
}
}
# send a prompt if no activity out on this channel
- if ($t >= $dxchan->t + $main::user_interval) {
+ if ($t >= $dxchan->t + $dxchan->{user_interval}) {
$dxchan->prompt() if $dxchan->{state} =~ /^prompt/o;
$dxchan->t($t);
}
if (isdbg('eval')) {
my @list = split /\n/, $eval;
- my $line;
for (@list) {
dbg($_ . "\n") if isdbg('eval');
}
no strict 'refs';
# just behave normally if something has set the "one-shot" _nospawn in the channel
- if ($self->{_nospawn}) {
+ if ($self->{_nospawn} || $main::is_win == 1) {
eval { @out = $cmdref->(@$args); };
if ($@) {
DXDebug::dbgprintring(25);
projects / spider.git / blobdiff