Prevent a simple DoS.

diff --git a/irkerd b/irkerd
index e5bf3000c669777436a973836158f51be26dcac5..d249fca52de88af755d203be9507569c89f96a96 100755 (executable)
--- a/irkerd
+++ b/irkerd
@@ -18,9 +18,9 @@ developers). The -V option prints the program version and exits.
 Design and code by Eric S. Raymond <esr@thyrsus.com>. See the project
 resource page at <http://www.catb.org/~esr/irker/>.
 
-Requires Python 2.6 and the irc.client library at version >= 2.0.2: see
+Requires Python 2.6 and the irc client library at version >= 2.0.2: see
 
-http://sourceforge.net/projects/python-irclib
+http://pypi.python.org/pypi/irc/
 """
 # These things might need tuning
 
@@ -38,7 +38,7 @@ ANTI_BUZZ_DELAY = 0.09                # Anti-buzz delay after queue-empty check
 
 # No user-serviceable parts below this line
 
-import sys, json, getopt, urlparse, time
+import sys, json, getopt, urlparse, time, random
 import threading, Queue, SocketServer
 import irc.client, logging
 
@@ -110,7 +110,9 @@ class Connection:
     def handle_badnick(self):
         "The server says our nick has a conflict."
         self.irker.debug(1, "nick %s rejected" % self.nickname())
-        self.nick_trial += 1
+        # Randomness prevents a malicious user or bot from antcipating the
+        # next trial name in order to block us from completing the handshake.
+        self.nick_trial += random.randint(1, 3)
         self.connection.nick(self.nickname())
     def enqueue(self, channel, message):
         "Enque a message for transmission."