freenode: guard against Freenode impersonation "feature"

Freenode allows impersonating registered users for 30 seconds, so don't consider users registered before we've known them for at least a minute. And be a bit paranoid about it with parts and joins.
2024-08-15 00:33:14 +00:00 · 2018-05-04 19:12:02 +01:00 · 2018-05-04 19:12:02 +01:00 · 259aed3c66
commit 259aed3c66
parent 236a906328
3 changed files with 27 additions and 1 deletions
--- a/tipbot/command_manager.py
+++ b/tipbot/command_manager.py
@ -181,7 +181,7 @@ def OnCommand(link,cmd,check_admin,check_registered):
    if 'admin' in c and c['admin']:
      check_admin(link,c['function'],cmd,SendToProxy,"You must be admin")
    elif 'registered' in c and c['registered']:
-      check_registered(link,c['function'],cmd,SendToProxy,"You must be registered with Freenode")
+      check_registered(link,c['function'],cmd,SendToProxy,"You must be registered with Freenode, or known for a minute")
    else:
      Lock()
      try:
--- a/tipbot/modules/freenode.py
+++ b/tipbot/modules/freenode.py
@ -28,6 +28,12 @@ class FreenodeNetwork(IRCNetwork):

  def identify(self,link):
    nick = link.user.nick
+    t = self.is_known(nick)
+    if t < 60:
+      log_info('%s is not known, or only time for %d seconds' % (nick, t))
+      if self.on_identified:
+        self.on_identified(link,False)
+      return
    log_info('Asking nickserv whether %s is identified' % nick)
    self.send_to('nickserv', "ACC " + nick)

--- a/tipbot/modules/irc.py
+++ b/tipbot/modules/irc.py
@ -45,6 +45,7 @@ class IRCNetwork(Network):
    self.current_send_delay = irc_min_send_delay
    self.quitting = False
    self.buffered_data = ""
+    self.known = {}

  def connect(self):
    try:
@ -166,6 +167,19 @@ class IRCNetwork(Network):
      return True
    return False

+  def evict_known(self, nick):
+    del self.known[nick]
+    self.registered_users.discard(Link(self,User(self,nick),None).identity())
+    log_info("now unknown: " + Link(self,User(self,nick),None).identity())
+
+  def add_known(self, nick):
+    self.known[nick] = time.time()
+    self.registered_users.discard(Link(self,User(self,nick),None).identity())
+    log_info("now known: " + Link(self,User(self,nick),None).identity())
+
+  def is_known(self, nick):
+    return time.time() - self.known[nick] if nick in self.known else 0
+
  def update(self):
    try:
      data=self._getline()
@ -306,6 +320,7 @@ class IRCNetwork(Network):
              if who_chan_user[0] in ["@","+"]:
                who_chan_user = who_chan_user[1:]
              self.userstable[who_chan][who_chan_user] = None
+            self.add_known(who_chan_user)
          log_log("New list of users in %s: %s" % (who_chan, str(self.userstable[who_chan].keys())))
        except Exception,e:
          log_error('Failed to parse "353" line: %s: %s' % (data, str(e)))
@ -331,6 +346,7 @@ class IRCNetwork(Network):

      elif action == 'JOIN':
        nick = GetNick(who)
+        self.add_known(nick)
        log_info('%s joined the channel' % nick)
        if not chan in self.userstable:
          self.userstable[chan] = dict()
@ -344,6 +360,7 @@ class IRCNetwork(Network):

      elif action == 'PART':
        nick = GetNick(who)
+        self.evict_known(nick)
        log_info('%s left the channel' % nick)
        if not nick in self.userstable[chan]:
          log_warn('%s left, but was not in %s' % (nick, chan))
@ -355,6 +372,7 @@ class IRCNetwork(Network):

      elif action == 'QUIT':
        nick = GetNick(who)
+        self.evict_known(nick)
        log_info('%s quit' % nick)
        removed_list = ""
        for chan in self.userstable:
@ -383,6 +401,8 @@ class IRCNetwork(Network):
        nick = GetNick(who)
        new_nick = cparts[len(cparts)-1].lower()
        log_info('%s renamed to %s' % (nick, new_nick))
+        self.evict_known(nick)
+        self.add_known(new_nick)
        for c in self.userstable:
          log_log('checking %s' % c)
          if nick in self.userstable[c]: