December 9th, 1998

  Okay.  This patch applies cleanly against the CVS tree as of this morning,
  and shouldn't conflict against the tarballs, since I don't think any of the
  patches out even come close to these parts of the code.  What it does is
  applies a much needed sanity check to the supposed connection point given
  in a DCC request (chat or filesend) to the bots to make it very very hard
  (although it's still possible, it would be far harder than it is worth to)
  to trick the bot into connecting to some place it's not supposed to.

  This is, IMHO, a rather nasty issue, because without it in place, basically
  anyone who has the ability to send a file into the bot, or get on the
  partyline over a DCC connection can make the bot try to establish a session
  to just about any place on the planet.  This breaks accountability of the
  person making the connection by leaving the bot site basically holding the
  bag, and therefore is a pretty easy way of getting a bot owner into a mess
  as long as loons like Fr*d C*h*n are running around loose.

  Anyway, it will also make it a little easier to see when one of your users
  is using a broken copy of mIRC that won't sent the proper address, as well
  as those really astounding individuals who can set up an NAT or ip_masq
  firewall and have no idea that DCC chat won't work for a reason.  Heh.

  The code is fairly well commented, in case anyone is wondering how it works
  and I went around and around trying to make the changes as few as possible
  so that only one statement needs to be wedged into any module that wants to
  call this routine.  It's as simple as checking the truth or the return value
  of sanitycheck_dcc, and the arguments are pretty obvious and easy to spot.

  This will NOT however work with the 1.3.3+ facade modules at the moment
  where DCC CHAT is concerned, since the routine from server.c gets replaced.
  TheGhost has been notified, and since I've already made the changes to my
  own modules, it shouldn't take him too long to get things fixed there.

  While technically this could probably go to Bugtraq, it's such a pathetic
  problem to begin with that I would rather just keep my fool mouth shut
  about it.  Heh.  Someone else can tell them.  I don't feel like being
  held responsible for all the other bugs they would surely find elsewhere 
  in the code that I didn't mess with.  ;)  (But hey!  The thing runs!!!)

  --+ Dagmar