Annotation of ircnowd/src/ngircd/conn.c, Revision 1.1
1.1 ! tomglok 1: /*
! 2: * ngIRCd -- The Next Generation IRC Daemon
! 3: * Copyright (c)2001-2019 Alexander Barton (alex@barton.de) and Contributors.
! 4: *
! 5: * This program is free software; you can redistribute it and/or modify
! 6: * it under the terms of the GNU General Public License as published by
! 7: * the Free Software Foundation; either version 2 of the License, or
! 8: * (at your option) any later version.
! 9: * Please read the file COPYING, README and AUTHORS for more information.
! 10: */
! 11:
! 12: #define CONN_MODULE
! 13: #define CONN_MODULE_GLOBAL_INIT
! 14:
! 15: #include "portab.h"
! 16:
! 17: /**
! 18: * @file
! 19: * Connection management
! 20: */
! 21:
! 22: /* Additionan debug messages related to buffer handling: 0=off / 1=on */
! 23: #define DEBUG_BUFFER 0
! 24:
! 25: #include <assert.h>
! 26: #ifdef PROTOTYPES
! 27: # include <stdarg.h>
! 28: #else
! 29: # include <varargs.h>
! 30: #endif
! 31: #include <stdio.h>
! 32: #include <stdlib.h>
! 33: #include <unistd.h>
! 34: #include <errno.h>
! 35: #include <string.h>
! 36: #include <strings.h>
! 37: #include <sys/socket.h>
! 38: #include <sys/stat.h>
! 39: #include <sys/types.h>
! 40: #include <time.h>
! 41: #include <netinet/in.h>
! 42:
! 43: #ifdef HAVE_NETINET_IP_H
! 44: # ifdef HAVE_NETINET_IN_SYSTM_H
! 45: # include <netinet/in_systm.h>
! 46: # endif
! 47: # include <netinet/ip.h>
! 48: #endif
! 49:
! 50: #ifdef TCPWRAP
! 51: # include <tcpd.h> /* for TCP Wrappers */
! 52: #endif
! 53:
! 54: #include "conn.h"
! 55:
! 56: #include "ngircd.h"
! 57: #include "class.h"
! 58: #ifdef ICONV
! 59: # include "conn-encoding.h"
! 60: #endif
! 61: #include "conn-ssl.h"
! 62: #include "conn-zip.h"
! 63: #include "conn-func.h"
! 64: #include "io.h"
! 65: #include "log.h"
! 66: #include "ng_ipaddr.h"
! 67: #include "parse.h"
! 68: #include "resolve.h"
! 69:
! 70: #define SERVER_WAIT (NONE - 1) /** "Wait for outgoing connection" flag */
! 71:
! 72: #define MAX_COMMANDS 3 /** Max. commands per loop for users */
! 73: #define MAX_COMMANDS_SERVER_MIN 10 /** Min. commands per loop for servers */
! 74: #define MAX_COMMANDS_SERVICE 10 /** Max. commands per loop for services */
! 75:
! 76: #define SD_LISTEN_FDS_START 3 /** systemd(8) socket activation offset */
! 77:
! 78: #define THROTTLE_CMDS 1 /** Throttling: max commands reached */
! 79: #define THROTTLE_BPS 2 /** Throttling: max bps reached */
! 80:
! 81: static bool Handle_Write PARAMS(( CONN_ID Idx ));
! 82: static bool Conn_Write PARAMS(( CONN_ID Idx, char *Data, size_t Len ));
! 83: static int New_Connection PARAMS(( int Sock, bool IsSSL ));
! 84: static CONN_ID Socket2Index PARAMS(( int Sock ));
! 85: static void Read_Request PARAMS(( CONN_ID Idx ));
! 86: static unsigned int Handle_Buffer PARAMS(( CONN_ID Idx ));
! 87: static void Check_Connections PARAMS(( void ));
! 88: static void Check_Servers PARAMS(( void ));
! 89: static void Init_Conn_Struct PARAMS(( CONN_ID Idx ));
! 90: static bool Init_Socket PARAMS(( int Sock ));
! 91: static void New_Server PARAMS(( int Server, ng_ipaddr_t *dest ));
! 92: static void Simple_Message PARAMS(( int Sock, const char *Msg ));
! 93: static int NewListener PARAMS(( const char *listen_addr, UINT16 Port ));
! 94: static void Account_Connection PARAMS((void));
! 95: static void Throttle_Connection PARAMS((const CONN_ID Idx, CLIENT *Client,
! 96: const int Reason, unsigned int Value));
! 97:
! 98: static array My_Listeners;
! 99: static array My_ConnArray;
! 100: static size_t NumConnections, NumConnectionsMax, NumConnectionsAccepted;
! 101:
! 102: #ifdef TCPWRAP
! 103: int allow_severity = LOG_INFO;
! 104: int deny_severity = LOG_ERR;
! 105: #endif
! 106:
! 107: static void server_login PARAMS((CONN_ID idx));
! 108:
! 109: #ifdef SSL_SUPPORT
! 110: extern struct SSLOptions Conf_SSLOptions;
! 111: static bool SSL_WantRead PARAMS((const CONNECTION *c));
! 112: static bool SSL_WantWrite PARAMS((const CONNECTION *c));
! 113: static void cb_listen_ssl PARAMS((int sock, short irrelevant));
! 114: static void cb_connserver_login_ssl PARAMS((int sock, short what));
! 115: static void cb_clientserver_ssl PARAMS((int sock, short what));
! 116: #endif
! 117: static void cb_Read_Resolver_Result PARAMS((int sock, UNUSED short what));
! 118: static void cb_Connect_to_Server PARAMS((int sock, UNUSED short what));
! 119: static void cb_clientserver PARAMS((int sock, short what));
! 120:
! 121: time_t idle_t = 0;
! 122:
! 123: /**
! 124: * Get number of sockets available from systemd(8).
! 125: *
! 126: * ngIRCd needs to implement its own sd_listen_fds(3) function and can't
! 127: * use the one provided by systemd itself, because the sockets will be
! 128: * used in a forked child process with a new PID, and this would trigger
! 129: * an error in the standard implementation.
! 130: *
! 131: * @return Number of sockets available, -1 if sockets have already been
! 132: * initialized, or 0 when no sockets have been passed.
! 133: */
! 134: static int
! 135: my_sd_listen_fds(void)
! 136: {
! 137: const char *e;
! 138: int count;
! 139:
! 140: /* Check if LISTEN_PID exists; but we ignore the result, because
! 141: * normally ngircd forks a child before checking this, and therefore
! 142: * the PID set in the environment is always wrong ... */
! 143: e = getenv("LISTEN_PID");
! 144: if (!e || !*e)
! 145: return 0;
! 146:
! 147: e = getenv("LISTEN_FDS");
! 148: if (!e || !*e)
! 149: return -1;
! 150: count = atoi(e);
! 151: #ifdef HAVE_UNSETENV
! 152: unsetenv("LISTEN_FDS");
! 153: #endif
! 154:
! 155: return count;
! 156: }
! 157:
! 158: /**
! 159: * IO callback for listening sockets: handle new connections. This callback
! 160: * gets called when a new non-SSL connection should be accepted.
! 161: *
! 162: * @param sock Socket descriptor.
! 163: * @param irrelevant (ignored IO specification)
! 164: */
! 165: static void
! 166: cb_listen(int sock, short irrelevant)
! 167: {
! 168: (void) irrelevant;
! 169: (void) New_Connection(sock, false);
! 170: }
! 171:
! 172: /**
! 173: * IO callback for new outgoing non-SSL server connections.
! 174: *
! 175: * @param sock Socket descriptor.
! 176: * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...).
! 177: */
! 178: static void
! 179: cb_connserver(int sock, UNUSED short what)
! 180: {
! 181: int res, err, server;
! 182: socklen_t sock_len;
! 183: CONN_ID idx = Socket2Index( sock );
! 184:
! 185: if (idx <= NONE) {
! 186: io_close(sock);
! 187: return;
! 188: }
! 189:
! 190: assert(what & IO_WANTWRITE);
! 191:
! 192: /* Make sure that the server is still configured; it could have been
! 193: * removed in the meantime! */
! 194: server = Conf_GetServer(idx);
! 195: if (server < 0) {
! 196: Log(LOG_ERR, "Connection on socket %d to \"%s\" aborted!",
! 197: sock, My_Connections[idx].host);
! 198: Conn_Close(idx, "Connection aborted", NULL, false);
! 199: return;
! 200: }
! 201:
! 202: /* connect() finished, get result. */
! 203: sock_len = (socklen_t)sizeof(err);
! 204: res = getsockopt(My_Connections[idx].sock, SOL_SOCKET, SO_ERROR,
! 205: &err, &sock_len );
! 206: assert(sock_len == sizeof(err));
! 207:
! 208: /* Error while connecting? */
! 209: if ((res != 0) || (err != 0)) {
! 210: if (res != 0)
! 211: Log(LOG_CRIT, "getsockopt (connection %d): %s!",
! 212: idx, strerror(errno));
! 213: else
! 214: Log(LOG_CRIT,
! 215: "Can't connect socket to \"%s:%d\" (connection %d): %s!",
! 216: My_Connections[idx].host, Conf_Server[server].port,
! 217: idx, strerror(err));
! 218:
! 219: Conn_Close(idx, "Can't connect", NULL, false);
! 220:
! 221: if (ng_ipaddr_af(&Conf_Server[server].dst_addr[0])) {
! 222: /* more addresses to try... */
! 223: New_Server(server, &Conf_Server[server].dst_addr[0]);
! 224: /* connection to dst_addr[0] is now in progress, so
! 225: * remove this address... */
! 226: Conf_Server[server].dst_addr[0] =
! 227: Conf_Server[server].dst_addr[1];
! 228: memset(&Conf_Server[server].dst_addr[1], 0,
! 229: sizeof(Conf_Server[server].dst_addr[1]));
! 230: }
! 231: return;
! 232: }
! 233:
! 234: /* connect() succeeded, remove all additional addresses */
! 235: memset(&Conf_Server[server].dst_addr, 0,
! 236: sizeof(Conf_Server[server].dst_addr));
! 237:
! 238: Conn_OPTION_DEL( &My_Connections[idx], CONN_ISCONNECTING );
! 239: #ifdef SSL_SUPPORT
! 240: if ( Conn_OPTION_ISSET( &My_Connections[idx], CONN_SSL_CONNECT )) {
! 241: io_event_setcb( sock, cb_connserver_login_ssl );
! 242: io_event_add( sock, IO_WANTWRITE|IO_WANTREAD );
! 243: return;
! 244: }
! 245: #endif
! 246: server_login(idx);
! 247: }
! 248:
! 249: /**
! 250: * Login to a remote server.
! 251: *
! 252: * @param idx Connection index.
! 253: */
! 254: static void
! 255: server_login(CONN_ID idx)
! 256: {
! 257: Log(LOG_INFO,
! 258: "Connection %d (socket %d) with \"%s:%d\" established. Now logging in ...",
! 259: idx, My_Connections[idx].sock, My_Connections[idx].host,
! 260: Conf_Server[Conf_GetServer(idx)].port);
! 261:
! 262: io_event_setcb( My_Connections[idx].sock, cb_clientserver);
! 263: io_event_add( My_Connections[idx].sock, IO_WANTREAD|IO_WANTWRITE);
! 264:
! 265: /* Send PASS and SERVER command to peer */
! 266: Conn_WriteStr(idx, "PASS %s %s",
! 267: Conf_Server[Conf_GetServer( idx )].pwd_out, NGIRCd_ProtoID);
! 268: Conn_WriteStr(idx, "SERVER %s :%s",
! 269: Conf_ServerName, Conf_ServerInfo);
! 270: }
! 271:
! 272: /**
! 273: * IO callback for established non-SSL client and server connections.
! 274: *
! 275: * @param sock Socket descriptor.
! 276: * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...).
! 277: */
! 278: static void
! 279: cb_clientserver(int sock, short what)
! 280: {
! 281: CONN_ID idx = Socket2Index(sock);
! 282:
! 283: if (idx <= NONE) {
! 284: io_close(sock);
! 285: return;
! 286: }
! 287:
! 288: #ifdef SSL_SUPPORT
! 289: if (what & IO_WANTREAD
! 290: || (Conn_OPTION_ISSET(&My_Connections[idx], CONN_SSL_WANT_WRITE))) {
! 291: /* if TLS layer needs to write additional data, call
! 292: * Read_Request() instead so that SSL/TLS can continue */
! 293: Read_Request(idx);
! 294: }
! 295: #else
! 296: if (what & IO_WANTREAD)
! 297: Read_Request(idx);
! 298: #endif
! 299: if (what & IO_WANTWRITE)
! 300: Handle_Write(idx);
! 301: }
! 302:
! 303: /**
! 304: * Initialize connection module.
! 305: */
! 306: GLOBAL void
! 307: Conn_Init( void )
! 308: {
! 309: int size;
! 310:
! 311: /* Initialize the "connection pool".
! 312: * FIXME: My_Connetions/Pool_Size is needed by other parts of the
! 313: * code; remove them! */
! 314: Pool_Size = 0;
! 315: size = Conf_MaxConnections > 0 ? Conf_MaxConnections : CONNECTION_POOL;
! 316: if (Socket2Index(size) <= NONE) {
! 317: Log(LOG_EMERG, "Failed to initialize connection pool!");
! 318: exit(1);
! 319: }
! 320:
! 321: /* Initialize "listener" array. */
! 322: array_free( &My_Listeners );
! 323: } /* Conn_Init */
! 324:
! 325: /**
! 326: * Clean up connection module.
! 327: */
! 328: GLOBAL void
! 329: Conn_Exit( void )
! 330: {
! 331: CONN_ID idx;
! 332:
! 333: Conn_ExitListeners();
! 334:
! 335: LogDebug("Shutting down all connections ..." );
! 336: for( idx = 0; idx < Pool_Size; idx++ ) {
! 337: if( My_Connections[idx].sock > NONE ) {
! 338: Conn_Close( idx, NULL, NGIRCd_SignalRestart ?
! 339: "Server going down (restarting)":"Server going down", true );
! 340: }
! 341: }
! 342:
! 343: array_free(&My_ConnArray);
! 344: My_Connections = NULL;
! 345: Pool_Size = 0;
! 346: io_library_shutdown();
! 347: } /* Conn_Exit */
! 348:
! 349: /**
! 350: * Close all sockets (file descriptors) of open connections.
! 351: * This is useful in forked child processes, for example, to make sure that
! 352: * they don't hold connections open that the main process wants to close.
! 353: */
! 354: GLOBAL void
! 355: Conn_CloseAllSockets(int ExceptOf)
! 356: {
! 357: CONN_ID idx;
! 358:
! 359: for(idx = 0; idx < Pool_Size; idx++) {
! 360: if(My_Connections[idx].sock > NONE &&
! 361: My_Connections[idx].sock != ExceptOf)
! 362: close(My_Connections[idx].sock);
! 363: }
! 364: }
! 365:
! 366: /**
! 367: * Initialize listening ports.
! 368: *
! 369: * @param a Array containing the ports the daemon should listen on.
! 370: * @param listen_addr Address the socket should listen on (can be "0.0.0.0").
! 371: * @param func IO callback function to register.
! 372: * @returns Number of listening sockets created.
! 373: */
! 374: static unsigned int
! 375: Init_Listeners(array *a, const char *listen_addr, void (*func)(int,short))
! 376: {
! 377: unsigned int created = 0;
! 378: size_t len;
! 379: int fd;
! 380: UINT16 *port;
! 381:
! 382: len = array_length(a, sizeof (UINT16));
! 383: port = array_start(a);
! 384: while (len--) {
! 385: fd = NewListener(listen_addr, *port);
! 386: if (fd < 0) {
! 387: port++;
! 388: continue;
! 389: }
! 390: if (!io_event_create( fd, IO_WANTREAD, func )) {
! 391: Log(LOG_ERR,
! 392: "io_event_create(): Can't add fd %d (port %u): %s!",
! 393: fd, (unsigned int) *port, strerror(errno));
! 394: close(fd);
! 395: port++;
! 396: continue;
! 397: }
! 398: created++;
! 399: port++;
! 400: }
! 401: return created;
! 402: }
! 403:
! 404: /**
! 405: * Initialize all listening sockets.
! 406: *
! 407: * @returns Number of created listening sockets
! 408: */
! 409: GLOBAL unsigned int
! 410: Conn_InitListeners( void )
! 411: {
! 412: /* Initialize ports on which the server should accept connections */
! 413: unsigned int created = 0;
! 414: char *af_str, *copy, *listen_addr;
! 415: int count, fd, i, addr_len;
! 416: ng_ipaddr_t addr;
! 417:
! 418: assert(Conf_ListenAddress);
! 419:
! 420: count = my_sd_listen_fds();
! 421: if (count < 0) {
! 422: Log(LOG_INFO,
! 423: "Not re-initializing listening sockets of systemd(8) ...");
! 424: return 0;
! 425: }
! 426: if (count > 0) {
! 427: /* systemd(8) passed sockets to us, so don't try to initialize
! 428: * listening sockets on our own but use the passed ones */
! 429: LogDebug("Initializing %d systemd sockets ...", count);
! 430: for (i = 0; i < count; i++) {
! 431: fd = SD_LISTEN_FDS_START + i;
! 432: addr_len = (int)sizeof(addr);
! 433: getsockname(fd, (struct sockaddr *)&addr,
! 434: (socklen_t*)&addr_len);
! 435: #ifdef WANT_IPV6
! 436: if (addr.sin4.sin_family != AF_INET
! 437: && addr.sin4.sin_family != AF_INET6)
! 438: #else
! 439: if (addr.sin4.sin_family != AF_INET)
! 440: #endif
! 441: {
! 442: /* Socket is of unsupported type! For example,
! 443: * systemd passed in an IPv6 socket but ngIRCd
! 444: * isn't compiled with IPv6 support. */
! 445: switch (addr.sin4.sin_family)
! 446: {
! 447: case AF_UNSPEC: af_str = "AF_UNSPEC"; break;
! 448: case AF_UNIX: af_str = "AF_UNIX"; break;
! 449: case AF_INET: af_str = "AF_INET"; break;
! 450: #ifdef AF_INET6
! 451: case AF_INET6: af_str = "AF_INET6"; break;
! 452: #endif
! 453: #ifdef AF_NETLINK
! 454: case AF_NETLINK: af_str = "AF_NETLINK"; break;
! 455: #endif
! 456: default: af_str = "unknown"; break;
! 457: }
! 458: Log(LOG_CRIT,
! 459: "Socket %d is of unsupported type \"%s\" (%d), have to ignore it!",
! 460: fd, af_str, addr.sin4.sin_family);
! 461: close(fd);
! 462: continue;
! 463: }
! 464:
! 465: Init_Socket(fd);
! 466: if (!io_event_create(fd, IO_WANTREAD, cb_listen)) {
! 467: Log(LOG_ERR,
! 468: "io_event_create(): Can't add fd %d: %s!",
! 469: fd, strerror(errno));
! 470: continue;
! 471: }
! 472: Log(LOG_INFO,
! 473: "Initialized socket %d from systemd(8): %s:%d.", fd,
! 474: ng_ipaddr_tostr(&addr), ng_ipaddr_getport(&addr));
! 475: created++;
! 476: }
! 477: return created;
! 478: }
! 479:
! 480: /* not using systemd socket activation, initialize listening sockets: */
! 481:
! 482: /* can't use Conf_ListenAddress directly, see below */
! 483: copy = strdup(Conf_ListenAddress);
! 484: if (!copy) {
! 485: Log(LOG_CRIT, "Cannot copy %s: %s", Conf_ListenAddress,
! 486: strerror(errno));
! 487: return 0;
! 488: }
! 489: listen_addr = strtok(copy, ",");
! 490:
! 491: while (listen_addr) {
! 492: ngt_TrimStr(listen_addr);
! 493: if (*listen_addr) {
! 494: created += Init_Listeners(&Conf_ListenPorts,
! 495: listen_addr, cb_listen);
! 496: #ifdef SSL_SUPPORT
! 497: created += Init_Listeners(&Conf_SSLOptions.ListenPorts,
! 498: listen_addr, cb_listen_ssl);
! 499: #endif
! 500: }
! 501:
! 502: listen_addr = strtok(NULL, ",");
! 503: }
! 504:
! 505: /* Can't free() Conf_ListenAddress here: on REHASH, if the config file
! 506: * cannot be re-loaded, we'd end up with a NULL Conf_ListenAddress.
! 507: * Instead, free() takes place in conf.c, before the config file
! 508: * is being parsed. */
! 509: free(copy);
! 510:
! 511: return created;
! 512: } /* Conn_InitListeners */
! 513:
! 514: /**
! 515: * Shut down all listening sockets.
! 516: */
! 517: GLOBAL void
! 518: Conn_ExitListeners( void )
! 519: {
! 520: /* Close down all listening sockets */
! 521: int *fd;
! 522: size_t arraylen;
! 523:
! 524: /* Get number of listening sockets to shut down. There can be none
! 525: * if ngIRCd has been "socket activated" by systemd. */
! 526: arraylen = array_length(&My_Listeners, sizeof (int));
! 527: if (arraylen < 1)
! 528: return;
! 529:
! 530: Log(LOG_INFO,
! 531: "Shutting down all listening sockets (%d total) ...", arraylen);
! 532: fd = array_start(&My_Listeners);
! 533: while(arraylen--) {
! 534: assert(fd != NULL);
! 535: assert(*fd >= 0);
! 536: io_close(*fd);
! 537: LogDebug("Listening socket %d closed.", *fd );
! 538: fd++;
! 539: }
! 540: array_free(&My_Listeners);
! 541: } /* Conn_ExitListeners */
! 542:
! 543: /**
! 544: * Bind a socket to a specific (source) address.
! 545: *
! 546: * @param addr Address structure.
! 547: * @param listen_addrstr Source address as string.
! 548: * @param Port Port number.
! 549: * @returns true on success, false otherwise.
! 550: */
! 551: static bool
! 552: InitSinaddrListenAddr(ng_ipaddr_t *addr, const char *listen_addrstr, UINT16 Port)
! 553: {
! 554: bool ret;
! 555:
! 556: ret = ng_ipaddr_init(addr, listen_addrstr, Port);
! 557: if (!ret) {
! 558: assert(listen_addrstr);
! 559: Log(LOG_CRIT,
! 560: "Can't listen on [%s]:%u: Failed to parse IP address!",
! 561: listen_addrstr, Port);
! 562: }
! 563: return ret;
! 564: }
! 565:
! 566: /**
! 567: * Set a socket to "IPv6 only". If the given socket doesn't belong to the
! 568: * AF_INET6 family, or the operating system doesn't support this functionality,
! 569: * this function retruns silently.
! 570: *
! 571: * @param af Address family of the socket.
! 572: * @param sock Socket handle.
! 573: */
! 574: static void
! 575: set_v6_only(int af, int sock)
! 576: {
! 577: #if defined(IPV6_V6ONLY) && defined(WANT_IPV6)
! 578: int on = 1;
! 579:
! 580: if (af != AF_INET6)
! 581: return;
! 582:
! 583: if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, (socklen_t)sizeof(on)))
! 584: Log(LOG_ERR, "Could not set IPV6_V6ONLY: %s", strerror(errno));
! 585: #else
! 586: (void)af;
! 587: (void)sock;
! 588: #endif
! 589: }
! 590:
! 591: /**
! 592: * Initialize new listening port.
! 593: *
! 594: * @param listen_addr Local address to bind the socet to (can be 0.0.0.0).
! 595: * @param Port Port number on which the new socket should be listening.
! 596: * @returns file descriptor of the socket or -1 on failure.
! 597: */
! 598: static int
! 599: NewListener(const char *listen_addr, UINT16 Port)
! 600: {
! 601: /* Create new listening socket on specified port */
! 602: ng_ipaddr_t addr;
! 603: int sock, af;
! 604:
! 605: if (!InitSinaddrListenAddr(&addr, listen_addr, Port))
! 606: return -1;
! 607:
! 608: af = ng_ipaddr_af(&addr);
! 609: sock = socket(af, SOCK_STREAM, 0);
! 610: if (sock < 0) {
! 611: Log(LOG_CRIT, "Can't create socket (af %d) : %s!", af,
! 612: strerror(errno));
! 613: return -1;
! 614: }
! 615:
! 616: set_v6_only(af, sock);
! 617:
! 618: if (!Init_Socket(sock))
! 619: return -1;
! 620:
! 621: if (bind(sock, (struct sockaddr *)&addr, ng_ipaddr_salen(&addr)) != 0) {
! 622: Log(LOG_CRIT, "Can't bind socket to address %s:%d - %s!",
! 623: ng_ipaddr_tostr(&addr), Port, strerror(errno));
! 624: close(sock);
! 625: return -1;
! 626: }
! 627:
! 628: if (listen(sock, 10) != 0) {
! 629: Log(LOG_CRIT, "Can't listen on socket: %s!", strerror(errno));
! 630: close(sock);
! 631: return -1;
! 632: }
! 633:
! 634: /* keep fd in list so we can close it when ngircd restarts/shuts down */
! 635: if (!array_catb(&My_Listeners, (char *)&sock, sizeof(int))) {
! 636: Log(LOG_CRIT, "Can't add socket to My_Listeners array: %s!",
! 637: strerror(errno));
! 638: close(sock);
! 639: return -1;
! 640: }
! 641:
! 642: Log(LOG_INFO, "Now listening on [%s]:%d (socket %d).",
! 643: ng_ipaddr_tostr(&addr), Port, sock);
! 644: return sock;
! 645: } /* NewListener */
! 646:
! 647: /**
! 648: * "Main Loop": Loop until shutdown or restart is signalled.
! 649: *
! 650: * This function loops until a shutdown or restart of ngIRCd is signalled and
! 651: * calls io_dispatch() to check for readable and writable sockets every second.
! 652: * It checks for status changes on pending connections (e. g. when a hostname
! 653: * has been resolved), checks for "penalties" and timeouts, and handles the
! 654: * input buffers.
! 655: */
! 656: GLOBAL void
! 657: Conn_Handler(void)
! 658: {
! 659: int i;
! 660: size_t wdatalen;
! 661: struct timeval tv;
! 662: time_t t;
! 663: bool command_available;
! 664:
! 665: Log(LOG_NOTICE, "Server \"%s\" (on \"%s\") ready.",
! 666: Client_ID(Client_ThisServer()), Client_Hostname(Client_ThisServer()));
! 667:
! 668: while (!NGIRCd_SignalQuit && !NGIRCd_SignalRestart) {
! 669: t = time(NULL);
! 670: command_available = false;
! 671:
! 672: /* Check configured servers and established links */
! 673: Check_Servers();
! 674: Check_Connections();
! 675:
! 676: /* Expire outdated class/list items */
! 677: Class_Expire();
! 678:
! 679: /* Look for non-empty read buffers ... */
! 680: for (i = 0; i < Pool_Size; i++) {
! 681: if ((My_Connections[i].sock > NONE)
! 682: && (array_bytes(&My_Connections[i].rbuf) > 0)) {
! 683: /* ... and try to handle the received data */
! 684: Handle_Buffer(i);
! 685: }
! 686: }
! 687:
! 688: /* Look for non-empty write buffers ... */
! 689: for (i = 0; i < Pool_Size; i++) {
! 690: if (My_Connections[i].sock <= NONE)
! 691: continue;
! 692:
! 693: wdatalen = array_bytes(&My_Connections[i].wbuf);
! 694: #ifdef ZLIB
! 695: if (wdatalen > 0 ||
! 696: array_bytes(&My_Connections[i].zip.wbuf) > 0)
! 697: #else
! 698: if (wdatalen > 0)
! 699: #endif
! 700: {
! 701: #ifdef SSL_SUPPORT
! 702: if (SSL_WantRead(&My_Connections[i]))
! 703: continue;
! 704: #endif
! 705: io_event_add(My_Connections[i].sock,
! 706: IO_WANTWRITE);
! 707: }
! 708: }
! 709:
! 710: /* Check from which sockets we possibly could read ... */
! 711: for (i = 0; i < Pool_Size; i++) {
! 712: if (My_Connections[i].sock <= NONE)
! 713: continue;
! 714: #ifdef SSL_SUPPORT
! 715: if (SSL_WantWrite(&My_Connections[i]))
! 716: /* TLS/SSL layer needs to write data; deal
! 717: * with this first! */
! 718: continue;
! 719: #endif
! 720: if (Proc_InProgress(&My_Connections[i].proc_stat)) {
! 721: /* Wait for completion of forked subprocess
! 722: * and ignore the socket in the meantime ... */
! 723: io_event_del(My_Connections[i].sock,
! 724: IO_WANTREAD);
! 725: continue;
! 726: }
! 727:
! 728: if (Conn_OPTION_ISSET(&My_Connections[i], CONN_ISCONNECTING))
! 729: /* Wait for completion of connect() ... */
! 730: continue;
! 731:
! 732: if (My_Connections[i].delaytime > t) {
! 733: /* There is a "penalty time" set: ignore socket! */
! 734: io_event_del(My_Connections[i].sock,
! 735: IO_WANTREAD);
! 736: continue;
! 737: }
! 738:
! 739: if (array_bytes(&My_Connections[i].rbuf) >= COMMAND_LEN) {
! 740: /* There is still more data in the read buffer
! 741: * than a single valid command can get long:
! 742: * so either there is a complete command, or
! 743: * invalid data. Therefore don't try to read in
! 744: * even more data from the network but wait for
! 745: * this command(s) to be handled first! */
! 746: io_event_del(My_Connections[i].sock,
! 747: IO_WANTREAD);
! 748: command_available = true;
! 749: continue;
! 750: }
! 751:
! 752: io_event_add(My_Connections[i].sock, IO_WANTREAD);
! 753: }
! 754:
! 755: /* Don't wait for data when there is still at least one command
! 756: * available in a read buffer which can be handled immediately;
! 757: * set the timeout for reading from the network to 1 second
! 758: * otherwise, which is the granularity with witch we handle
! 759: * "penalty times" for example.
! 760: * Note: tv_sec/usec are undefined(!) after io_dispatch()
! 761: * returns, so we have to set it before each call to it! */
! 762: tv.tv_usec = 0;
! 763: tv.tv_sec = command_available ? 0 : 1;
! 764:
! 765: /* Wait for activity ... */
! 766: i = io_dispatch(&tv);
! 767: if (i == -1 && errno != EINTR) {
! 768: Log(LOG_EMERG, "Conn_Handler(): io_dispatch(): %s!",
! 769: strerror(errno));
! 770: Log(LOG_ALERT, "%s exiting due to fatal errors!",
! 771: PACKAGE_NAME);
! 772: exit(1);
! 773: }
! 774:
! 775: /* Should ngIRCd timeout when idle? */
! 776: if (Conf_IdleTimeout > 0 && NumConnectionsAccepted > 0
! 777: && idle_t > 0 && time(NULL) - idle_t >= Conf_IdleTimeout) {
! 778: LogDebug("Server idle timeout reached: %d second%s. Initiating shutdown ...",
! 779: Conf_IdleTimeout,
! 780: Conf_IdleTimeout == 1 ? "" : "s");
! 781: NGIRCd_SignalQuit = true;
! 782: }
! 783: }
! 784:
! 785: if (NGIRCd_SignalQuit)
! 786: Log(LOG_NOTICE | LOG_snotice, "Server going down NOW!");
! 787: else if (NGIRCd_SignalRestart)
! 788: Log(LOG_NOTICE | LOG_snotice, "Server restarting NOW!");
! 789: } /* Conn_Handler */
! 790:
! 791: /**
! 792: * Write a text string into the socket of a connection.
! 793: *
! 794: * This function automatically appends CR+LF to the string and validates that
! 795: * the result is a valid IRC message (oversized messages are shortened, for
! 796: * example). Then it calls the Conn_Write() function to do the actual sending.
! 797: *
! 798: * @param Idx Index fo the connection.
! 799: * @param Format Format string, see printf().
! 800: * @returns true on success, false otherwise.
! 801: */
! 802: #ifdef PROTOTYPES
! 803: GLOBAL bool
! 804: Conn_WriteStr(CONN_ID Idx, const char *Format, ...)
! 805: #else
! 806: GLOBAL bool
! 807: Conn_WriteStr(Idx, Format, va_alist)
! 808: CONN_ID Idx;
! 809: const char *Format;
! 810: va_dcl
! 811: #endif
! 812: {
! 813: char buffer[COMMAND_LEN];
! 814: #ifdef ICONV
! 815: char *ptr, *message;
! 816: #endif
! 817: size_t len;
! 818: bool ok;
! 819: va_list ap;
! 820: int r;
! 821:
! 822: assert( Idx > NONE );
! 823: assert( Format != NULL );
! 824:
! 825: #ifdef PROTOTYPES
! 826: va_start( ap, Format );
! 827: #else
! 828: va_start( ap );
! 829: #endif
! 830: r = vsnprintf(buffer, COMMAND_LEN - 2, Format, ap);
! 831: if (r >= COMMAND_LEN - 2 || r == -1) {
! 832: /*
! 833: * The string that should be written to the socket is longer
! 834: * than the allowed size of COMMAND_LEN bytes (including both
! 835: * the CR and LF characters). This can be caused by the
! 836: * IRC_WriteXXX() functions when the prefix of this server had
! 837: * to be added to an already "quite long" command line which
! 838: * has been received from a regular IRC client, for example.
! 839: *
! 840: * We are not allowed to send such "oversized" messages to
! 841: * other servers and clients, see RFC 2812 2.3 and 2813 3.3
! 842: * ("these messages SHALL NOT exceed 512 characters in length,
! 843: * counting all characters including the trailing CR-LF").
! 844: *
! 845: * So we have a big problem here: we should send more bytes
! 846: * to the network than we are allowed to and we don't know
! 847: * the originator (any more). The "old" behavior of blaming
! 848: * the receiver ("next hop") is a bad idea (it could be just
! 849: * an other server only routing the message!), so the only
! 850: * option left is to shorten the string and to hope that the
! 851: * result is still somewhat useful ...
! 852: *
! 853: * Note:
! 854: * C99 states that vsnprintf() "returns the number of characters
! 855: * that would have been printed if the n were unlimited"; but
! 856: * according to the Linux manual page "glibc until 2.0.6 would
! 857: * return -1 when the output was truncated" -- so we have to
! 858: * handle both cases ...
! 859: * -alex-
! 860: */
! 861:
! 862: strcpy (buffer + sizeof(buffer) - strlen(CUT_TXTSUFFIX) - 2 - 1,
! 863: CUT_TXTSUFFIX);
! 864: }
! 865:
! 866: #ifdef ICONV
! 867: ptr = strchr(buffer + 1, ':');
! 868: if (ptr) {
! 869: ptr++;
! 870: message = Conn_EncodingTo(Idx, ptr);
! 871: if (message != ptr)
! 872: strlcpy(ptr, message, sizeof(buffer) - (ptr - buffer));
! 873: }
! 874: #endif
! 875:
! 876: #ifdef SNIFFER
! 877: if (NGIRCd_Sniffer)
! 878: Log(LOG_DEBUG, " -> connection %d: '%s'.", Idx, buffer);
! 879: #endif
! 880:
! 881: len = strlcat( buffer, "\r\n", sizeof( buffer ));
! 882: ok = Conn_Write(Idx, buffer, len);
! 883: My_Connections[Idx].msg_out++;
! 884:
! 885: va_end( ap );
! 886: return ok;
! 887: } /* Conn_WriteStr */
! 888:
! 889: GLOBAL char*
! 890: Conn_Password( CONN_ID Idx )
! 891: {
! 892: assert( Idx > NONE );
! 893: if (My_Connections[Idx].pwd == NULL)
! 894: return (char*)"\0";
! 895: else
! 896: return My_Connections[Idx].pwd;
! 897: } /* Conn_Password */
! 898:
! 899: GLOBAL void
! 900: Conn_SetPassword( CONN_ID Idx, const char *Pwd )
! 901: {
! 902: assert( Idx > NONE );
! 903:
! 904: if (My_Connections[Idx].pwd)
! 905: free(My_Connections[Idx].pwd);
! 906:
! 907: My_Connections[Idx].pwd = strdup(Pwd);
! 908: if (My_Connections[Idx].pwd == NULL) {
! 909: Log(LOG_EMERG, "Can't allocate memory! [Conn_SetPassword]");
! 910: exit(1);
! 911: }
! 912: } /* Conn_SetPassword */
! 913:
! 914: /**
! 915: * Append Data to the outbound write buffer of a connection.
! 916: *
! 917: * @param Idx Index of the connection.
! 918: * @param Data pointer to the data.
! 919: * @param Len length of Data.
! 920: * @returns true on success, false otherwise.
! 921: */
! 922: static bool
! 923: Conn_Write( CONN_ID Idx, char *Data, size_t Len )
! 924: {
! 925: CLIENT *c;
! 926: size_t writebuf_limit = WRITEBUFFER_MAX_LEN;
! 927: assert( Idx > NONE );
! 928: assert( Data != NULL );
! 929: assert( Len > 0 );
! 930:
! 931: /* Is the socket still open? A previous call to Conn_Write()
! 932: * may have closed the connection due to a fatal error.
! 933: * In this case it is sufficient to return an error, as well. */
! 934: if (My_Connections[Idx].sock <= NONE) {
! 935: LogDebug("Skipped write on closed socket (connection %d).", Idx);
! 936: return false;
! 937: }
! 938:
! 939: /* Make sure that there still exists a CLIENT structure associated
! 940: * with this connection and check if this is a server or not: */
! 941: c = Conn_GetClient(Idx);
! 942: if (c) {
! 943: /* Servers do get special write buffer limits, so they can
! 944: * generate all the messages that are required while peering. */
! 945: if (Client_Type(c) == CLIENT_SERVER)
! 946: writebuf_limit = WRITEBUFFER_SLINK_LEN;
! 947: } else
! 948: LogDebug("Write on socket without client (connection %d)!?", Idx);
! 949:
! 950: #ifdef ZLIB
! 951: if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
! 952: /* Compressed link:
! 953: * Zip_Buffer() does all the dirty work for us: it flushes
! 954: * the (pre-)compression buffers if required and handles
! 955: * all error conditions. */
! 956: if (!Zip_Buffer(Idx, Data, Len))
! 957: return false;
! 958: }
! 959: else
! 960: #endif
! 961: {
! 962: /* Uncompressed link:
! 963: * Check if outbound buffer has enough space for the data. */
! 964: if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
! 965: WRITEBUFFER_FLUSH_LEN) {
! 966: /* Buffer is full, flush it. Handle_Write deals with
! 967: * low-level errors, if any. */
! 968: if (!Handle_Write(Idx))
! 969: return false;
! 970: }
! 971:
! 972: /* When the write buffer is still too big after flushing it,
! 973: * the connection will be killed. */
! 974: if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
! 975: writebuf_limit) {
! 976: Log(LOG_NOTICE,
! 977: "Write buffer space exhausted (connection %d, limit is %lu bytes, %lu bytes new, %lu bytes pending)",
! 978: Idx, writebuf_limit, Len,
! 979: (unsigned long)array_bytes(&My_Connections[Idx].wbuf));
! 980: Conn_Close(Idx, "Write buffer space exhausted", NULL, false);
! 981: return false;
! 982: }
! 983:
! 984: /* Copy data to write buffer */
! 985: if (!array_catb(&My_Connections[Idx].wbuf, Data, Len))
! 986: return false;
! 987:
! 988: My_Connections[Idx].bytes_out += Len;
! 989: }
! 990:
! 991: /* Adjust global write counter */
! 992: WCounter += Len;
! 993:
! 994: return true;
! 995: } /* Conn_Write */
! 996:
! 997: /**
! 998: * Shut down a connection.
! 999: *
! 1000: * @param Idx Connection index.
! 1001: * @param LogMsg Message to write to the log or NULL. If no LogMsg
! 1002: * is given, the FwdMsg is logged.
! 1003: * @param FwdMsg Message to forward to remote servers.
! 1004: * @param InformClient If true, inform the client on the connection which is
! 1005: * to be shut down of the reason (FwdMsg) and send
! 1006: * connection statistics before disconnecting it.
! 1007: */
! 1008: GLOBAL void
! 1009: Conn_Close(CONN_ID Idx, const char *LogMsg, const char *FwdMsg, bool InformClient)
! 1010: {
! 1011: /* Close connection. Open pipes of asynchronous resolver
! 1012: * sub-processes are closed down. */
! 1013:
! 1014: CLIENT *c;
! 1015: double in_k, out_k;
! 1016: UINT16 port;
! 1017: #ifdef ZLIB
! 1018: double in_z_k, out_z_k;
! 1019: int in_p, out_p;
! 1020: #endif
! 1021:
! 1022: assert( Idx > NONE );
! 1023:
! 1024: /* Is this link already shutting down? */
! 1025: if( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ISCLOSING )) {
! 1026: /* Conn_Close() has been called recursively for this link;
! 1027: * probable reason: Handle_Write() failed -- see below. */
! 1028: LogDebug("Recursive request to close connection %d!", Idx );
! 1029: return;
! 1030: }
! 1031:
! 1032: assert( My_Connections[Idx].sock > NONE );
! 1033:
! 1034: /* Mark link as "closing" */
! 1035: Conn_OPTION_ADD( &My_Connections[Idx], CONN_ISCLOSING );
! 1036:
! 1037: port = ng_ipaddr_getport(&My_Connections[Idx].addr);
! 1038: Log(LOG_INFO, "Shutting down connection %d (%s) with \"%s:%d\" ...", Idx,
! 1039: LogMsg ? LogMsg : FwdMsg, My_Connections[Idx].host, port);
! 1040:
! 1041: /* Search client, if any */
! 1042: c = Conn_GetClient( Idx );
! 1043:
! 1044: /* Should the client be informed? */
! 1045: if (InformClient) {
! 1046: #ifndef STRICT_RFC
! 1047: /* Send statistics to client if registered as user: */
! 1048: if ((c != NULL) && (Client_Type(c) == CLIENT_USER)) {
! 1049: Conn_WriteStr( Idx,
! 1050: ":%s NOTICE %s :%sConnection statistics: client %.1f kb, server %.1f kb.",
! 1051: Client_ID(Client_ThisServer()), Client_ID(c),
! 1052: NOTICE_TXTPREFIX,
! 1053: (double)My_Connections[Idx].bytes_in / 1024,
! 1054: (double)My_Connections[Idx].bytes_out / 1024);
! 1055: }
! 1056: #endif
! 1057: /* Send ERROR to client (see RFC 2812, section 3.1.7) */
! 1058: if (FwdMsg)
! 1059: Conn_WriteStr(Idx, "ERROR :%s", FwdMsg);
! 1060: else
! 1061: Conn_WriteStr(Idx, "ERROR :Closing connection");
! 1062: }
! 1063:
! 1064: /* Try to write out the write buffer. Note: Handle_Write() eventually
! 1065: * removes the CLIENT structure associated with this connection if an
! 1066: * error occurs! So we have to re-check if there is still an valid
! 1067: * CLIENT structure after calling Handle_Write() ...*/
! 1068: (void)Handle_Write( Idx );
! 1069:
! 1070: /* Search client, if any (re-check!) */
! 1071: c = Conn_GetClient( Idx );
! 1072: #ifdef SSL_SUPPORT
! 1073: if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
! 1074: LogDebug("SSL connection %d shutting down ...", Idx);
! 1075: ConnSSL_Free(&My_Connections[Idx]);
! 1076: }
! 1077: #endif
! 1078: /* Shut down socket */
! 1079: if (! io_close(My_Connections[Idx].sock)) {
! 1080: /* Oops, we can't close the socket!? This is ... ugly! */
! 1081: Log(LOG_CRIT,
! 1082: "Error closing connection %d (socket %d) with %s:%d - %s! (ignored)",
! 1083: Idx, My_Connections[Idx].sock, My_Connections[Idx].host,
! 1084: port, strerror(errno));
! 1085: }
! 1086:
! 1087: /* Mark socket as invalid: */
! 1088: My_Connections[Idx].sock = NONE;
! 1089:
! 1090: /* If there is still a client, unregister it now */
! 1091: if (c)
! 1092: Client_Destroy(c, LogMsg, FwdMsg, true);
! 1093:
! 1094: /* Calculate statistics and log information */
! 1095: in_k = (double)My_Connections[Idx].bytes_in / 1024;
! 1096: out_k = (double)My_Connections[Idx].bytes_out / 1024;
! 1097: #ifdef ZLIB
! 1098: if (Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP)) {
! 1099: in_z_k = (double)My_Connections[Idx].zip.bytes_in / 1024;
! 1100: out_z_k = (double)My_Connections[Idx].zip.bytes_out / 1024;
! 1101: /* Make sure that no division by zero can occur during
! 1102: * the calculation of in_p and out_p: in_z_k and out_z_k
! 1103: * are non-zero, that's guaranteed by the protocol until
! 1104: * compression can be enabled. */
! 1105: if (in_z_k <= 0)
! 1106: in_z_k = in_k;
! 1107: if (out_z_k <= 0)
! 1108: out_z_k = out_k;
! 1109: in_p = (int)(( in_k * 100 ) / in_z_k );
! 1110: out_p = (int)(( out_k * 100 ) / out_z_k );
! 1111: Log(LOG_INFO,
! 1112: "Connection %d with \"%s:%d\" closed (in: %.1fk/%.1fk/%d%%, out: %.1fk/%.1fk/%d%%).",
! 1113: Idx, My_Connections[Idx].host, port,
! 1114: in_k, in_z_k, in_p, out_k, out_z_k, out_p);
! 1115: }
! 1116: else
! 1117: #endif
! 1118: {
! 1119: Log(LOG_INFO,
! 1120: "Connection %d with \"%s:%d\" closed (in: %.1fk, out: %.1fk).",
! 1121: Idx, My_Connections[Idx].host, port,
! 1122: in_k, out_k);
! 1123: }
! 1124:
! 1125: /* Servers: Modify time of next connect attempt? */
! 1126: Conf_UnsetServer( Idx );
! 1127:
! 1128: #ifdef ZLIB
! 1129: /* Clean up zlib, if link was compressed */
! 1130: if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
! 1131: inflateEnd( &My_Connections[Idx].zip.in );
! 1132: deflateEnd( &My_Connections[Idx].zip.out );
! 1133: array_free(&My_Connections[Idx].zip.rbuf);
! 1134: array_free(&My_Connections[Idx].zip.wbuf);
! 1135: }
! 1136: #endif
! 1137:
! 1138: array_free(&My_Connections[Idx].rbuf);
! 1139: array_free(&My_Connections[Idx].wbuf);
! 1140: if (My_Connections[Idx].pwd != NULL)
! 1141: free(My_Connections[Idx].pwd);
! 1142:
! 1143: /* Clean up connection structure (=free it) */
! 1144: Init_Conn_Struct( Idx );
! 1145:
! 1146: assert(NumConnections > 0);
! 1147: if (NumConnections)
! 1148: NumConnections--;
! 1149: LogDebug("Shutdown of connection %d completed, %ld connection%s left.",
! 1150: Idx, NumConnections, NumConnections != 1 ? "s" : "");
! 1151:
! 1152: idle_t = NumConnections > 0 ? 0 : time(NULL);
! 1153: } /* Conn_Close */
! 1154:
! 1155: /**
! 1156: * Get current number of connections.
! 1157: *
! 1158: * @returns Number of current connections.
! 1159: */
! 1160: GLOBAL long
! 1161: Conn_Count(void)
! 1162: {
! 1163: return NumConnections;
! 1164: } /* Conn_Count */
! 1165:
! 1166: /**
! 1167: * Get number of maximum simultaneous connections.
! 1168: *
! 1169: * @returns Number of maximum simultaneous connections.
! 1170: */
! 1171: GLOBAL long
! 1172: Conn_CountMax(void)
! 1173: {
! 1174: return NumConnectionsMax;
! 1175: } /* Conn_CountMax */
! 1176:
! 1177: /**
! 1178: * Get number of connections accepted since the daemon startet.
! 1179: *
! 1180: * @returns Number of connections accepted.
! 1181: */
! 1182: GLOBAL long
! 1183: Conn_CountAccepted(void)
! 1184: {
! 1185: return NumConnectionsAccepted;
! 1186: } /* Conn_CountAccepted */
! 1187:
! 1188: /**
! 1189: * Synchronize established connections and configured server structures
! 1190: * after a configuration update and store the correct connection IDs, if any.
! 1191: */
! 1192: GLOBAL void
! 1193: Conn_SyncServerStruct(void)
! 1194: {
! 1195: CLIENT *client;
! 1196: CONN_ID i;
! 1197: int c;
! 1198:
! 1199: for (i = 0; i < Pool_Size; i++) {
! 1200: if (My_Connections[i].sock == NONE)
! 1201: continue;
! 1202:
! 1203: /* Server link? */
! 1204: client = Conn_GetClient(i);
! 1205: if (!client || Client_Type(client) != CLIENT_SERVER)
! 1206: continue;
! 1207:
! 1208: for (c = 0; c < MAX_SERVERS; c++) {
! 1209: /* Configured server? */
! 1210: if (!Conf_Server[c].host[0])
! 1211: continue;
! 1212:
! 1213: if (strcasecmp(Conf_Server[c].name, Client_ID(client)) == 0)
! 1214: Conf_Server[c].conn_id = i;
! 1215: }
! 1216: }
! 1217: } /* SyncServerStruct */
! 1218:
! 1219: /**
! 1220: * Get IP address string of a connection.
! 1221: *
! 1222: * @param Idx Connection index.
! 1223: * @return Pointer to a global buffer containing the IP address as string.
! 1224: */
! 1225: GLOBAL const char *
! 1226: Conn_GetIPAInfo(CONN_ID Idx)
! 1227: {
! 1228: assert(Idx > NONE);
! 1229: return ng_ipaddr_tostr(&My_Connections[Idx].addr);
! 1230: }
! 1231:
! 1232: /**
! 1233: * Send out data of write buffer; connect new sockets.
! 1234: *
! 1235: * @param Idx Connection index.
! 1236: * @returns true on success, false otherwise.
! 1237: */
! 1238: static bool
! 1239: Handle_Write( CONN_ID Idx )
! 1240: {
! 1241: ssize_t len;
! 1242: size_t wdatalen;
! 1243:
! 1244: assert( Idx > NONE );
! 1245: if ( My_Connections[Idx].sock < 0 ) {
! 1246: LogDebug("Handle_Write() on closed socket, connection %d", Idx);
! 1247: return false;
! 1248: }
! 1249: assert( My_Connections[Idx].sock > NONE );
! 1250:
! 1251: wdatalen = array_bytes(&My_Connections[Idx].wbuf );
! 1252:
! 1253: #ifdef ZLIB
! 1254: if (wdatalen == 0) {
! 1255: /* Write buffer is empty, so we try to flush the compression
! 1256: * buffer and get some data to work with from there :-) */
! 1257: if (!Zip_Flush(Idx))
! 1258: return false;
! 1259:
! 1260: /* Now the write buffer most probably has changed: */
! 1261: wdatalen = array_bytes(&My_Connections[Idx].wbuf);
! 1262: }
! 1263: #endif
! 1264:
! 1265: if (wdatalen == 0) {
! 1266: /* Still no data, fine. */
! 1267: io_event_del(My_Connections[Idx].sock, IO_WANTWRITE );
! 1268: return true;
! 1269: }
! 1270:
! 1271: #if DEBUG_BUFFER
! 1272: LogDebug
! 1273: ("Handle_Write() called for connection %d, %ld bytes pending ...",
! 1274: Idx, wdatalen);
! 1275: #endif
! 1276:
! 1277: #ifdef SSL_SUPPORT
! 1278: if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
! 1279: len = ConnSSL_Write(&My_Connections[Idx],
! 1280: array_start(&My_Connections[Idx].wbuf),
! 1281: wdatalen);
! 1282: } else
! 1283: #endif
! 1284: {
! 1285: len = write(My_Connections[Idx].sock,
! 1286: array_start(&My_Connections[Idx].wbuf), wdatalen );
! 1287: }
! 1288: if( len < 0 ) {
! 1289: if (errno == EAGAIN || errno == EINTR)
! 1290: return true;
! 1291:
! 1292: /* Log write errors but do not close the connection yet.
! 1293: * Calling Conn_Close() now could result in too many recursive calls.
! 1294: */
! 1295: if (!Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ISCLOSING))
! 1296: Log(LOG_ERR,
! 1297: "Write error on connection %d (socket %d): %s!",
! 1298: Idx, My_Connections[Idx].sock, strerror(errno));
! 1299: else
! 1300: LogDebug("Recursive write error on connection %d (socket %d): %s!",
! 1301: Idx, My_Connections[Idx].sock, strerror(errno));
! 1302:
! 1303: return false;
! 1304: }
! 1305:
! 1306: /* move any data not yet written to beginning */
! 1307: array_moveleft(&My_Connections[Idx].wbuf, 1, (size_t)len);
! 1308:
! 1309: return true;
! 1310: } /* Handle_Write */
! 1311:
! 1312: /**
! 1313: * Count established connections to a specific IP address.
! 1314: *
! 1315: * @returns Number of established connections.
! 1316: */
! 1317: static int
! 1318: Count_Connections(ng_ipaddr_t *a)
! 1319: {
! 1320: int i, cnt;
! 1321:
! 1322: cnt = 0;
! 1323: for (i = 0; i < Pool_Size; i++) {
! 1324: if (My_Connections[i].sock <= NONE)
! 1325: continue;
! 1326: if (ng_ipaddr_ipequal(&My_Connections[i].addr, a))
! 1327: cnt++;
! 1328: }
! 1329: return cnt;
! 1330: } /* Count_Connections */
! 1331:
! 1332: /**
! 1333: * Initialize new client connection on a listening socket.
! 1334: *
! 1335: * @param Sock Listening socket descriptor.
! 1336: * @param IsSSL true if this socket expects SSL-encrypted data.
! 1337: * @returns Accepted socket descriptor or -1 on error.
! 1338: */
! 1339: static int
! 1340: New_Connection(int Sock, UNUSED bool IsSSL)
! 1341: {
! 1342: #ifdef TCPWRAP
! 1343: struct request_info req;
! 1344: #endif
! 1345: ng_ipaddr_t new_addr;
! 1346: char ip_str[NG_INET_ADDRSTRLEN];
! 1347: int new_sock, new_sock_len;
! 1348: CLIENT *c;
! 1349: long cnt;
! 1350:
! 1351: assert(Sock > NONE);
! 1352:
! 1353: LogDebug("Accepting new connection on socket %d ...", Sock);
! 1354:
! 1355: new_sock_len = (int)sizeof(new_addr);
! 1356: new_sock = accept(Sock, (struct sockaddr *)&new_addr,
! 1357: (socklen_t *)&new_sock_len);
! 1358: if (new_sock < 0) {
! 1359: Log(LOG_CRIT, "Can't accept connection: %s!", strerror(errno));
! 1360: return -1;
! 1361: }
! 1362: NumConnectionsAccepted++;
! 1363:
! 1364: if (!ng_ipaddr_tostr_r(&new_addr, ip_str)) {
! 1365: Log(LOG_CRIT, "fd %d: Can't convert IP address!", new_sock);
! 1366: Simple_Message(new_sock, "ERROR :Internal Server Error");
! 1367: close(new_sock);
! 1368: return -1;
! 1369: }
! 1370:
! 1371: #ifdef TCPWRAP
! 1372: /* Validate socket using TCP Wrappers */
! 1373: request_init(&req, RQ_DAEMON, PACKAGE_NAME, RQ_FILE, new_sock,
! 1374: RQ_CLIENT_SIN, &new_addr, NULL);
! 1375: fromhost(&req);
! 1376: if (!hosts_access(&req)) {
! 1377: Log(deny_severity,
! 1378: "Refused connection from %s (by TCP Wrappers)!", ip_str);
! 1379: Simple_Message(new_sock, "ERROR :Connection refused");
! 1380: close(new_sock);
! 1381: return -1;
! 1382: }
! 1383: #endif
! 1384:
! 1385: if (!Init_Socket(new_sock))
! 1386: return -1;
! 1387:
! 1388: /* Check global connection limit */
! 1389: if ((Conf_MaxConnections > 0) &&
! 1390: (NumConnections >= (size_t) Conf_MaxConnections)) {
! 1391: Log(LOG_ALERT, "Can't accept new connection on socket %d: Limit (%d) reached!",
! 1392: Sock, Conf_MaxConnections);
! 1393: Simple_Message(new_sock, "ERROR :Connection limit reached");
! 1394: close(new_sock);
! 1395: return -1;
! 1396: }
! 1397:
! 1398: /* Check IP-based connection limit */
! 1399: cnt = Count_Connections(&new_addr);
! 1400: if ((Conf_MaxConnectionsIP > 0) && (cnt >= Conf_MaxConnectionsIP)) {
! 1401: /* Access denied, too many connections from this IP address! */
! 1402: Log(LOG_ERR,
! 1403: "Refused connection from %s: too may connections (%ld) from this IP address!",
! 1404: ip_str, cnt);
! 1405: Simple_Message(new_sock,
! 1406: "ERROR :Connection refused, too many connections from your IP address");
! 1407: close(new_sock);
! 1408: return -1;
! 1409: }
! 1410:
! 1411: if (Socket2Index(new_sock) <= NONE) {
! 1412: Simple_Message(new_sock, "ERROR: Internal error");
! 1413: close(new_sock);
! 1414: return -1;
! 1415: }
! 1416:
! 1417: /* register callback */
! 1418: if (!io_event_create(new_sock, IO_WANTREAD, cb_clientserver)) {
! 1419: Log(LOG_ALERT,
! 1420: "Can't accept connection: io_event_create failed!");
! 1421: Simple_Message(new_sock, "ERROR :Internal error");
! 1422: close(new_sock);
! 1423: return -1;
! 1424: }
! 1425:
! 1426: c = Client_NewLocal(new_sock, NULL, CLIENT_UNKNOWN, false);
! 1427: if (!c) {
! 1428: Log(LOG_ALERT,
! 1429: "Can't accept connection: can't create client structure!");
! 1430: Simple_Message(new_sock, "ERROR :Internal error");
! 1431: io_close(new_sock);
! 1432: return -1;
! 1433: }
! 1434:
! 1435: Init_Conn_Struct(new_sock);
! 1436: My_Connections[new_sock].sock = new_sock;
! 1437: My_Connections[new_sock].addr = new_addr;
! 1438: My_Connections[new_sock].client = c;
! 1439:
! 1440: /* Set initial hostname to IP address. This becomes overwritten when
! 1441: * the DNS lookup is enabled and succeeds, but is used otherwise. */
! 1442: if (ng_ipaddr_af(&new_addr) != AF_INET)
! 1443: snprintf(My_Connections[new_sock].host,
! 1444: sizeof(My_Connections[new_sock].host), "[%s]", ip_str);
! 1445: else
! 1446: strlcpy(My_Connections[new_sock].host, ip_str,
! 1447: sizeof(My_Connections[new_sock].host));
! 1448:
! 1449: Client_SetHostname(c, My_Connections[new_sock].host);
! 1450:
! 1451: Log(LOG_INFO, "Accepted connection %d from \"%s:%d\" on socket %d.",
! 1452: new_sock, My_Connections[new_sock].host,
! 1453: ng_ipaddr_getport(&new_addr), Sock);
! 1454: Account_Connection();
! 1455:
! 1456: #ifdef SSL_SUPPORT
! 1457: /* Delay connection initalization until SSL handshake is finished */
! 1458: if (!IsSSL)
! 1459: #endif
! 1460: Conn_StartLogin(new_sock);
! 1461:
! 1462: return new_sock;
! 1463: } /* New_Connection */
! 1464:
! 1465: /**
! 1466: * Finish connection initialization, start resolver subprocess.
! 1467: *
! 1468: * @param Idx Connection index.
! 1469: */
! 1470: GLOBAL void
! 1471: Conn_StartLogin(CONN_ID Idx)
! 1472: {
! 1473: int ident_sock = -1;
! 1474:
! 1475: assert(Idx >= 0);
! 1476:
! 1477: /* Nothing to do if DNS (and resolver subprocess) is disabled */
! 1478: if (!Conf_DNS)
! 1479: return;
! 1480:
! 1481: #ifdef IDENTAUTH
! 1482: /* Should we make an IDENT request? */
! 1483: if (Conf_Ident)
! 1484: ident_sock = My_Connections[Idx].sock;
! 1485: #endif
! 1486:
! 1487: if (Conf_NoticeBeforeRegistration) {
! 1488: /* Send "NOTICE *" messages to the client */
! 1489: #ifdef IDENTAUTH
! 1490: if (Conf_Ident)
! 1491: (void)Conn_WriteStr(Idx,
! 1492: "NOTICE * :*** Looking up your hostname and checking ident");
! 1493: else
! 1494: #endif
! 1495: (void)Conn_WriteStr(Idx,
! 1496: "NOTICE * :*** Looking up your hostname");
! 1497: /* Send buffered data to the client, but break on errors
! 1498: * because Handle_Write() would have closed the connection
! 1499: * again in this case! */
! 1500: if (!Handle_Write(Idx))
! 1501: return;
! 1502: }
! 1503:
! 1504: Resolve_Addr(&My_Connections[Idx].proc_stat, &My_Connections[Idx].addr,
! 1505: ident_sock, cb_Read_Resolver_Result);
! 1506: }
! 1507:
! 1508: /**
! 1509: * Update global connection counters.
! 1510: */
! 1511: static void
! 1512: Account_Connection(void)
! 1513: {
! 1514: NumConnections++;
! 1515: idle_t = 0;
! 1516: if (NumConnections > NumConnectionsMax)
! 1517: NumConnectionsMax = NumConnections;
! 1518: LogDebug("Total number of connections now %lu (max %lu).",
! 1519: NumConnections, NumConnectionsMax);
! 1520: } /* Account_Connection */
! 1521:
! 1522: /**
! 1523: * Translate socket handle into connection index (for historical reasons, it is
! 1524: * a 1:1 mapping today) and enlarge the "connection pool" accordingly.
! 1525: *
! 1526: * @param Sock Socket handle.
! 1527: * @returns Connecion index or NONE when the pool is too small.
! 1528: */
! 1529: static CONN_ID
! 1530: Socket2Index( int Sock )
! 1531: {
! 1532: assert(Sock > 0);
! 1533: assert(Pool_Size >= 0);
! 1534:
! 1535: if (Sock < Pool_Size)
! 1536: return Sock;
! 1537:
! 1538: /* Try to allocate more memory ... */
! 1539: if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)Sock)) {
! 1540: Log(LOG_EMERG,
! 1541: "Can't allocate memory to enlarge connection pool!");
! 1542: return NONE;
! 1543: }
! 1544: LogDebug("Enlarged connection pool for %ld sockets (%ld items, %ld bytes)",
! 1545: Sock, array_length(&My_ConnArray, sizeof(CONNECTION)),
! 1546: array_bytes(&My_ConnArray));
! 1547:
! 1548: /* Adjust pointer to new block, update size and initialize new items. */
! 1549: My_Connections = array_start(&My_ConnArray);
! 1550: while (Pool_Size <= Sock)
! 1551: Init_Conn_Struct(Pool_Size++);
! 1552:
! 1553: return Sock;
! 1554: }
! 1555:
! 1556: /**
! 1557: * Read data from the network to the read buffer. If an error occurs,
! 1558: * the socket of this connection will be shut down.
! 1559: *
! 1560: * @param Idx Connection index.
! 1561: */
! 1562: static void
! 1563: Read_Request(CONN_ID Idx)
! 1564: {
! 1565: ssize_t len;
! 1566: static const unsigned int maxbps = COMMAND_LEN / 2;
! 1567: char readbuf[READBUFFER_LEN];
! 1568: time_t t;
! 1569: CLIENT *c;
! 1570:
! 1571: assert(Idx > NONE);
! 1572: assert(My_Connections[Idx].sock > NONE);
! 1573:
! 1574: /* Check if the read buffer is "full". Basically this shouldn't happen
! 1575: * here, because as long as there possibly are commands in the read
! 1576: * buffer (buffer usage > COMMAND_LEN), the socket shouldn't be
! 1577: * scheduled for reading in Conn_Handler() at all ... */
! 1578: #ifdef ZLIB
! 1579: if ((array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN) ||
! 1580: (array_bytes(&My_Connections[Idx].zip.rbuf) >= READBUFFER_LEN))
! 1581: #else
! 1582: if (array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN)
! 1583: #endif
! 1584: {
! 1585: Log(LOG_ERR,
! 1586: "Receive buffer space exhausted (connection %d): %d/%d bytes",
! 1587: Idx, array_bytes(&My_Connections[Idx].rbuf), READBUFFER_LEN);
! 1588: Conn_Close(Idx, "Receive buffer space exhausted", NULL, false);
! 1589: return;
! 1590: }
! 1591:
! 1592: /* Now read new data from the network, up to READBUFFER_LEN bytes ... */
! 1593: #ifdef SSL_SUPPORT
! 1594: if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL))
! 1595: len = ConnSSL_Read(&My_Connections[Idx], readbuf, sizeof(readbuf));
! 1596: else
! 1597: #endif
! 1598: len = read(My_Connections[Idx].sock, readbuf, sizeof(readbuf));
! 1599:
! 1600: if (len == 0) {
! 1601: LogDebug("Client \"%s:%u\" is closing connection %d ...",
! 1602: My_Connections[Idx].host,
! 1603: ng_ipaddr_getport(&My_Connections[Idx].addr), Idx);
! 1604: Conn_Close(Idx, NULL, "Client closed connection", false);
! 1605: return;
! 1606: }
! 1607:
! 1608: if (len < 0) {
! 1609: if (errno == EAGAIN)
! 1610: return;
! 1611:
! 1612: Log(LOG_ERR, "Read error on connection %d (socket %d): %s!",
! 1613: Idx, My_Connections[Idx].sock, strerror(errno));
! 1614: Conn_Close(Idx, "Read error", "Client closed connection",
! 1615: false);
! 1616: return;
! 1617: }
! 1618:
! 1619: /* Now append the newly received data to the connection buffer.
! 1620: * NOTE: This can lead to connection read buffers being bigger(!) than
! 1621: * READBUFFER_LEN bytes, as we add up to READBUFFER_LEN new bytes to a
! 1622: * buffer possibly being "almost" READBUFFER_LEN bytes already! */
! 1623: #ifdef ZLIB
! 1624: if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
! 1625: if (!array_catb(&My_Connections[Idx].zip.rbuf, readbuf,
! 1626: (size_t) len)) {
! 1627: Log(LOG_ERR,
! 1628: "Could not append received data to zip input buffer (connection %d): %d bytes!",
! 1629: Idx, len);
! 1630: Conn_Close(Idx, "Receive buffer space exhausted", NULL,
! 1631: false);
! 1632: return;
! 1633: }
! 1634: } else
! 1635: #endif
! 1636: {
! 1637: if (!array_catb( &My_Connections[Idx].rbuf, readbuf, len)) {
! 1638: Log(LOG_ERR,
! 1639: "Could not append received data to input buffer (connection %d): %d bytes!",
! 1640: Idx, len);
! 1641: Conn_Close(Idx, "Receive buffer space exhausted", NULL,
! 1642: false );
! 1643: }
! 1644: }
! 1645:
! 1646: /* Update connection statistics */
! 1647: My_Connections[Idx].bytes_in += len;
! 1648:
! 1649: /* Handle read buffer */
! 1650: My_Connections[Idx].bps += Handle_Buffer(Idx);
! 1651:
! 1652: /* Make sure that there is still a valid client registered */
! 1653: c = Conn_GetClient(Idx);
! 1654: if (!c)
! 1655: return;
! 1656:
! 1657: /* Update timestamp of last data received if this connection is
! 1658: * registered as a user, server or service connection. Don't update
! 1659: * otherwise, so users have at least Conf_PongTimeout seconds time to
! 1660: * register with the IRC server -- see Check_Connections().
! 1661: * Update "lastping", too, if time shifted backwards ... */
! 1662: if (Client_Type(c) == CLIENT_USER
! 1663: || Client_Type(c) == CLIENT_SERVER
! 1664: || Client_Type(c) == CLIENT_SERVICE) {
! 1665: t = time(NULL);
! 1666: if (My_Connections[Idx].lastdata != t)
! 1667: My_Connections[Idx].bps = 0;
! 1668:
! 1669: My_Connections[Idx].lastdata = t;
! 1670: if (My_Connections[Idx].lastping > t)
! 1671: My_Connections[Idx].lastping = t;
! 1672: }
! 1673:
! 1674: /* Look at the data in the (read-) buffer of this connection */
! 1675: if (My_Connections[Idx].bps >= maxbps)
! 1676: Throttle_Connection(Idx, c, THROTTLE_BPS, maxbps);
! 1677: } /* Read_Request */
! 1678:
! 1679: /**
! 1680: * Handle all data in the connection read-buffer.
! 1681: *
! 1682: * Data is processed until no complete command is left in the read buffer,
! 1683: * or MAX_COMMANDS[_SERVER|_SERVICE] commands were processed.
! 1684: * When a fatal error occurs, the connection is shut down.
! 1685: *
! 1686: * @param Idx Index of the connection.
! 1687: * @returns Number of bytes processed.
! 1688: */
! 1689: static unsigned int
! 1690: Handle_Buffer(CONN_ID Idx)
! 1691: {
! 1692: #ifndef STRICT_RFC
! 1693: char *ptr1, *ptr2, *first_eol;
! 1694: #endif
! 1695: char *ptr;
! 1696: size_t len, delta;
! 1697: time_t starttime;
! 1698: #ifdef ZLIB
! 1699: bool old_z;
! 1700: #endif
! 1701: unsigned int i, maxcmd = MAX_COMMANDS, len_processed = 0;
! 1702: CLIENT *c;
! 1703:
! 1704: c = Conn_GetClient(Idx);
! 1705: starttime = time(NULL);
! 1706:
! 1707: assert(c != NULL);
! 1708:
! 1709: /* Servers get special command limits that depend on the user count */
! 1710: switch (Client_Type(c)) {
! 1711: case CLIENT_SERVER:
! 1712: maxcmd = (int)(Client_UserCount() / 5)
! 1713: + MAX_COMMANDS_SERVER_MIN;
! 1714: /* Allow servers to handle even more commands while peering
! 1715: * to speed up server login and network synchronization. */
! 1716: if (Conn_LastPing(Idx) == 0)
! 1717: maxcmd *= 5;
! 1718: break;
! 1719: case CLIENT_SERVICE:
! 1720: maxcmd = MAX_COMMANDS_SERVICE;
! 1721: break;
! 1722: case CLIENT_USER:
! 1723: if (Client_HasMode(c, 'F'))
! 1724: maxcmd = MAX_COMMANDS_SERVICE;
! 1725: break;
! 1726: }
! 1727:
! 1728: for (i=0; i < maxcmd; i++) {
! 1729: /* Check penalty */
! 1730: if (My_Connections[Idx].delaytime > starttime)
! 1731: return 0;
! 1732: #ifdef ZLIB
! 1733: /* Unpack compressed data, if compression is in use */
! 1734: if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
! 1735: /* When unzipping fails, Unzip_Buffer() shuts
! 1736: * down the connection itself */
! 1737: if (!Unzip_Buffer(Idx))
! 1738: return 0;
! 1739: }
! 1740: #endif
! 1741:
! 1742: if (0 == array_bytes(&My_Connections[Idx].rbuf))
! 1743: break;
! 1744:
! 1745: /* Make sure that the buffer is NULL terminated */
! 1746: if (!array_cat0_temporary(&My_Connections[Idx].rbuf)) {
! 1747: Conn_Close(Idx, NULL,
! 1748: "Can't allocate memory [Handle_Buffer]",
! 1749: true);
! 1750: return 0;
! 1751: }
! 1752:
! 1753: /* RFC 2812, section "2.3 Messages", 5th paragraph:
! 1754: * "IRC messages are always lines of characters terminated
! 1755: * with a CR-LF (Carriage Return - Line Feed) pair [...]". */
! 1756: delta = 2;
! 1757: ptr = strstr(array_start(&My_Connections[Idx].rbuf), "\r\n");
! 1758:
! 1759: #ifndef STRICT_RFC
! 1760: /* Check for non-RFC-compliant request (only CR or LF)?
! 1761: * Unfortunately, there are quite a few clients out there
! 1762: * that do this -- e. g. mIRC, BitchX, and Trillian :-( */
! 1763: ptr1 = strchr(array_start(&My_Connections[Idx].rbuf), '\r');
! 1764: ptr2 = strchr(array_start(&My_Connections[Idx].rbuf), '\n');
! 1765: if (ptr) {
! 1766: /* Check if there is a single CR or LF _before_ the
! 1767: * correct CR+LF line terminator: */
! 1768: first_eol = ptr1 < ptr2 ? ptr1 : ptr2;
! 1769: if (first_eol < ptr) {
! 1770: /* Single CR or LF before CR+LF found */
! 1771: ptr = first_eol;
! 1772: delta = 1;
! 1773: }
! 1774: } else if (ptr1 || ptr2) {
! 1775: /* No CR+LF terminated command found, but single
! 1776: * CR or LF found ... */
! 1777: if (ptr1 && ptr2)
! 1778: ptr = ptr1 < ptr2 ? ptr1 : ptr2;
! 1779: else
! 1780: ptr = ptr1 ? ptr1 : ptr2;
! 1781: delta = 1;
! 1782: }
! 1783: #endif
! 1784:
! 1785: if (!ptr)
! 1786: break;
! 1787:
! 1788: /* Complete (=line terminated) request found, handle it! */
! 1789: *ptr = '\0';
! 1790:
! 1791: len = ptr - (char *)array_start(&My_Connections[Idx].rbuf) + delta;
! 1792:
! 1793: if (len > (COMMAND_LEN - 1)) {
! 1794: /* Request must not exceed 512 chars (incl. CR+LF!),
! 1795: * see RFC 2812. Disconnect Client if this happens. */
! 1796: Log(LOG_ERR,
! 1797: "Request too long (connection %d): %d bytes (max. %d expected)!",
! 1798: Idx, array_bytes(&My_Connections[Idx].rbuf),
! 1799: COMMAND_LEN - 1);
! 1800: Conn_Close(Idx, NULL, "Request too long", true);
! 1801: return 0;
! 1802: }
! 1803:
! 1804: len_processed += (unsigned int)len;
! 1805: if (len <= delta) {
! 1806: /* Request is empty (only '\r\n', '\r' or '\n');
! 1807: * delta is 2 ('\r\n') or 1 ('\r' or '\n'), see above */
! 1808: array_moveleft(&My_Connections[Idx].rbuf, 1, len);
! 1809: continue;
! 1810: }
! 1811: #ifdef ZLIB
! 1812: /* remember if stream is already compressed */
! 1813: old_z = My_Connections[Idx].options & CONN_ZIP;
! 1814: #endif
! 1815:
! 1816: My_Connections[Idx].msg_in++;
! 1817: if (!Parse_Request
! 1818: (Idx, (char *)array_start(&My_Connections[Idx].rbuf)))
! 1819: return 0; /* error -> connection has been closed */
! 1820:
! 1821: array_moveleft(&My_Connections[Idx].rbuf, 1, len);
! 1822: #ifdef ZLIB
! 1823: if ((!old_z) && (My_Connections[Idx].options & CONN_ZIP) &&
! 1824: (array_bytes(&My_Connections[Idx].rbuf) > 0)) {
! 1825: /* The last command activated socket compression.
! 1826: * Data that was read after that needs to be copied
! 1827: * to the unzip buffer for decompression: */
! 1828: if (!array_copy
! 1829: (&My_Connections[Idx].zip.rbuf,
! 1830: &My_Connections[Idx].rbuf)) {
! 1831: Conn_Close(Idx, NULL,
! 1832: "Can't allocate memory [Handle_Buffer]",
! 1833: true);
! 1834: return 0;
! 1835: }
! 1836:
! 1837: array_trunc(&My_Connections[Idx].rbuf);
! 1838: LogDebug
! 1839: ("Moved already received data (%u bytes) to uncompression buffer.",
! 1840: array_bytes(&My_Connections[Idx].zip.rbuf));
! 1841: }
! 1842: #endif
! 1843: }
! 1844: #if DEBUG_BUFFER
! 1845: LogDebug("Connection %d: Processed %ld commands (max=%ld), %ld bytes. %ld bytes left in read buffer.",
! 1846: Idx, i, maxcmd, len_processed,
! 1847: array_bytes(&My_Connections[Idx].rbuf));
! 1848: #endif
! 1849:
! 1850: /* If data has been processed but there is still data in the read
! 1851: * buffer, the command limit triggered. Enforce the penalty time: */
! 1852: if (len_processed && array_bytes(&My_Connections[Idx].rbuf) > 2)
! 1853: Throttle_Connection(Idx, c, THROTTLE_CMDS, maxcmd);
! 1854:
! 1855: return len_processed;
! 1856: } /* Handle_Buffer */
! 1857:
! 1858: /**
! 1859: * Check whether established connections are still alive or not.
! 1860: * If not, play PING-PONG first; and if that doesn't help either,
! 1861: * disconnect the respective peer.
! 1862: */
! 1863: static void
! 1864: Check_Connections(void)
! 1865: {
! 1866: CLIENT *c;
! 1867: CONN_ID i;
! 1868: char msg[64];
! 1869: time_t time_now;
! 1870:
! 1871: time_now = time(NULL);
! 1872:
! 1873: for (i = 0; i < Pool_Size; i++) {
! 1874: if (My_Connections[i].sock < 0)
! 1875: continue;
! 1876:
! 1877: c = Conn_GetClient(i);
! 1878: if (c && ((Client_Type(c) == CLIENT_USER)
! 1879: || (Client_Type(c) == CLIENT_SERVER)
! 1880: || (Client_Type(c) == CLIENT_SERVICE))) {
! 1881: /* connected User, Server or Service */
! 1882: if (My_Connections[i].lastping >
! 1883: My_Connections[i].lastdata) {
! 1884: /* We already sent a ping */
! 1885: if (My_Connections[i].lastping <
! 1886: time_now - Conf_PongTimeout) {
! 1887: /* Timeout */
! 1888: snprintf(msg, sizeof(msg),
! 1889: "Ping timeout: %d seconds",
! 1890: Conf_PongTimeout);
! 1891: LogDebug("Connection %d: %s.", i, msg);
! 1892: Conn_Close(i, NULL, msg, true);
! 1893: }
! 1894: } else if (My_Connections[i].lastdata <
! 1895: time_now - Conf_PingTimeout) {
! 1896: /* We need to send a PING ... */
! 1897: LogDebug("Connection %d: sending PING ...", i);
! 1898: Conn_UpdatePing(i, time_now);
! 1899: Conn_WriteStr(i, "PING :%s",
! 1900: Client_ID(Client_ThisServer()));
! 1901: }
! 1902: } else {
! 1903: /* The connection is not fully established yet, so
! 1904: * we don't do the PING-PONG game here but instead
! 1905: * disconnect the client after "a short time" if it's
! 1906: * still not registered. */
! 1907:
! 1908: if (My_Connections[i].lastdata <
! 1909: time_now - Conf_PongTimeout) {
! 1910: LogDebug
! 1911: ("Unregistered connection %d timed out ...",
! 1912: i);
! 1913: Conn_Close(i, NULL, "Timeout", false);
! 1914: }
! 1915: }
! 1916: }
! 1917: } /* Check_Connections */
! 1918:
! 1919: /**
! 1920: * Check if further server links should be established.
! 1921: */
! 1922: static void
! 1923: Check_Servers(void)
! 1924: {
! 1925: int i, n;
! 1926: time_t time_now;
! 1927:
! 1928: time_now = time(NULL);
! 1929:
! 1930: /* Check all configured servers */
! 1931: for (i = 0; i < MAX_SERVERS; i++) {
! 1932: if (Conf_Server[i].conn_id != NONE)
! 1933: continue; /* Already establishing or connected */
! 1934: if (!Conf_Server[i].host[0] || Conf_Server[i].port <= 0)
! 1935: continue; /* No host and/or port configured */
! 1936: if (Conf_Server[i].flags & CONF_SFLAG_DISABLED)
! 1937: continue; /* Disabled configuration entry */
! 1938: if (Conf_Server[i].lasttry > (time_now - Conf_ConnectRetry))
! 1939: continue; /* We have to wait a little bit ... */
! 1940:
! 1941: /* Is there already a connection in this group? */
! 1942: if (Conf_Server[i].group > NONE) {
! 1943: for (n = 0; n < MAX_SERVERS; n++) {
! 1944: if (n == i)
! 1945: continue;
! 1946: if ((Conf_Server[n].conn_id != NONE) &&
! 1947: (Conf_Server[n].group == Conf_Server[i].group))
! 1948: break;
! 1949: }
! 1950: if (n < MAX_SERVERS)
! 1951: continue;
! 1952: }
! 1953:
! 1954: /* Okay, try to connect now */
! 1955: Log(LOG_NOTICE,
! 1956: "Preparing to establish a new server link for \"%s\" ...",
! 1957: Conf_Server[i].name);
! 1958: Conf_Server[i].lasttry = time_now;
! 1959: Conf_Server[i].conn_id = SERVER_WAIT;
! 1960: assert(Proc_GetPipeFd(&Conf_Server[i].res_stat) < 0);
! 1961:
! 1962: /* Start resolver subprocess ... */
! 1963: if (!Resolve_Name(&Conf_Server[i].res_stat, Conf_Server[i].host,
! 1964: cb_Connect_to_Server))
! 1965: Conf_Server[i].conn_id = NONE;
! 1966: }
! 1967: } /* Check_Servers */
! 1968:
! 1969: /**
! 1970: * Establish a new outgoing server connection.
! 1971: *
! 1972: * @param Server Configuration index of the server.
! 1973: * @param dest Destination IP address to connect to.
! 1974: */
! 1975: static void
! 1976: New_Server( int Server , ng_ipaddr_t *dest)
! 1977: {
! 1978: /* Establish new server link */
! 1979: char ip_str[NG_INET_ADDRSTRLEN];
! 1980: int af_dest, res, new_sock;
! 1981: CLIENT *c;
! 1982:
! 1983: assert( Server > NONE );
! 1984:
! 1985: /* Make sure that the remote server hasn't re-linked to this server
! 1986: * asynchronously on its own */
! 1987: if (Conf_Server[Server].conn_id > NONE) {
! 1988: Log(LOG_INFO,
! 1989: "Connection to \"%s\" meanwhile re-established, aborting preparation.");
! 1990: return;
! 1991: }
! 1992:
! 1993: if (!ng_ipaddr_tostr_r(dest, ip_str)) {
! 1994: Log(LOG_WARNING, "New_Server: Could not convert IP to string");
! 1995: Conf_Server[Server].conn_id = NONE;
! 1996: return;
! 1997: }
! 1998:
! 1999: af_dest = ng_ipaddr_af(dest);
! 2000: new_sock = socket(af_dest, SOCK_STREAM, 0);
! 2001:
! 2002: Log(LOG_INFO,
! 2003: "Establishing connection for \"%s\" to \"%s:%d\" (%s), socket %d ...",
! 2004: Conf_Server[Server].name, Conf_Server[Server].host,
! 2005: Conf_Server[Server].port, ip_str, new_sock);
! 2006:
! 2007: if (new_sock < 0) {
! 2008: Log(LOG_CRIT, "Can't create socket (af %d): %s!",
! 2009: af_dest, strerror(errno));
! 2010: Conf_Server[Server].conn_id = NONE;
! 2011: return;
! 2012: }
! 2013:
! 2014: if (!Init_Socket(new_sock)) {
! 2015: Conf_Server[Server].conn_id = NONE;
! 2016: return;
! 2017: }
! 2018:
! 2019: /* is a bind address configured? */
! 2020: res = ng_ipaddr_af(&Conf_Server[Server].bind_addr);
! 2021:
! 2022: /* if yes, bind now. If it fails, warn and let connect() pick a
! 2023: * source address */
! 2024: if (res && bind(new_sock, (struct sockaddr *) &Conf_Server[Server].bind_addr,
! 2025: ng_ipaddr_salen(&Conf_Server[Server].bind_addr)))
! 2026: {
! 2027: ng_ipaddr_tostr_r(&Conf_Server[Server].bind_addr, ip_str);
! 2028: Log(LOG_WARNING, "Can't bind socket to %s: %s!", ip_str,
! 2029: strerror(errno));
! 2030: }
! 2031: ng_ipaddr_setport(dest, Conf_Server[Server].port);
! 2032: res = connect(new_sock, (struct sockaddr *) dest, ng_ipaddr_salen(dest));
! 2033: if(( res != 0 ) && ( errno != EINPROGRESS )) {
! 2034: Log( LOG_CRIT, "Can't connect socket: %s!", strerror( errno ));
! 2035: close( new_sock );
! 2036: Conf_Server[Server].conn_id = NONE;
! 2037: return;
! 2038: }
! 2039:
! 2040: if (Socket2Index(new_sock) <= NONE) {
! 2041: close( new_sock );
! 2042: Conf_Server[Server].conn_id = NONE;
! 2043: return;
! 2044: }
! 2045:
! 2046: if (!io_event_create( new_sock, IO_WANTWRITE, cb_connserver)) {
! 2047: Log(LOG_ALERT, "io_event_create(): could not add fd %d",
! 2048: strerror(errno));
! 2049: close(new_sock);
! 2050: Conf_Server[Server].conn_id = NONE;
! 2051: return;
! 2052: }
! 2053:
! 2054: assert(My_Connections[new_sock].sock <= 0);
! 2055:
! 2056: Init_Conn_Struct(new_sock);
! 2057:
! 2058: ng_ipaddr_tostr_r(dest, ip_str);
! 2059: c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWNSERVER, false);
! 2060: if (!c) {
! 2061: Log( LOG_ALERT, "Can't establish connection: can't create client structure!" );
! 2062: io_close(new_sock);
! 2063: Conf_Server[Server].conn_id = NONE;
! 2064: return;
! 2065: }
! 2066:
! 2067: /* Conn_Close() decrements this counter again */
! 2068: Account_Connection();
! 2069: Client_SetIntroducer( c, c );
! 2070: Client_SetToken( c, TOKEN_OUTBOUND );
! 2071:
! 2072: /* Register connection */
! 2073: if (!Conf_SetServer(Server, new_sock))
! 2074: return;
! 2075: My_Connections[new_sock].sock = new_sock;
! 2076: My_Connections[new_sock].addr = *dest;
! 2077: My_Connections[new_sock].client = c;
! 2078: strlcpy( My_Connections[new_sock].host, Conf_Server[Server].host,
! 2079: sizeof(My_Connections[new_sock].host ));
! 2080:
! 2081: #ifdef SSL_SUPPORT
! 2082: if (Conf_Server[Server].SSLConnect &&
! 2083: !ConnSSL_PrepareConnect(&My_Connections[new_sock], &Conf_Server[Server]))
! 2084: {
! 2085: Log(LOG_ALERT, "Could not initialize SSL for outgoing connection");
! 2086: Conn_Close(new_sock, "Could not initialize SSL for outgoing connection",
! 2087: NULL, false);
! 2088: Init_Conn_Struct(new_sock);
! 2089: Conf_Server[Server].conn_id = NONE;
! 2090: return;
! 2091: }
! 2092: #endif
! 2093: LogDebug("Registered new connection %d on socket %d (%ld in total).",
! 2094: new_sock, My_Connections[new_sock].sock, NumConnections);
! 2095: Conn_OPTION_ADD( &My_Connections[new_sock], CONN_ISCONNECTING );
! 2096: } /* New_Server */
! 2097:
! 2098: /**
! 2099: * Initialize connection structure.
! 2100: *
! 2101: * @param Idx Connection index.
! 2102: */
! 2103: static void
! 2104: Init_Conn_Struct(CONN_ID Idx)
! 2105: {
! 2106: time_t now = time(NULL);
! 2107:
! 2108: memset(&My_Connections[Idx], 0, sizeof(CONNECTION));
! 2109: My_Connections[Idx].sock = -1;
! 2110: My_Connections[Idx].signon = now;
! 2111: My_Connections[Idx].lastdata = now;
! 2112: My_Connections[Idx].lastprivmsg = now;
! 2113: Proc_InitStruct(&My_Connections[Idx].proc_stat);
! 2114:
! 2115: #ifdef ICONV
! 2116: My_Connections[Idx].iconv_from = (iconv_t)(-1);
! 2117: My_Connections[Idx].iconv_to = (iconv_t)(-1);
! 2118: #endif
! 2119: } /* Init_Conn_Struct */
! 2120:
! 2121: /**
! 2122: * Initialize options of a new socket.
! 2123: *
! 2124: * For example, we try to set socket options SO_REUSEADDR and IPTOS_LOWDELAY.
! 2125: * The socket is automatically closed if a fatal error is encountered.
! 2126: *
! 2127: * @param Sock Socket handle.
! 2128: * @returns false if socket was closed due to fatal error.
! 2129: */
! 2130: static bool
! 2131: Init_Socket( int Sock )
! 2132: {
! 2133: int value;
! 2134:
! 2135: if (!io_setnonblock(Sock)) {
! 2136: Log(LOG_CRIT, "Can't enable non-blocking mode for socket: %s!",
! 2137: strerror(errno));
! 2138: close(Sock);
! 2139: return false;
! 2140: }
! 2141:
! 2142: /* Don't block this port after socket shutdown */
! 2143: value = 1;
! 2144: if (setsockopt(Sock, SOL_SOCKET, SO_REUSEADDR, &value,
! 2145: (socklen_t)sizeof(value)) != 0) {
! 2146: Log(LOG_ERR, "Can't set socket option SO_REUSEADDR: %s!",
! 2147: strerror(errno));
! 2148: /* ignore this error */
! 2149: }
! 2150:
! 2151: /* Set type of service (TOS) */
! 2152: #if defined(IPPROTO_IP) && defined(IPTOS_LOWDELAY)
! 2153: value = IPTOS_LOWDELAY;
! 2154: if (setsockopt(Sock, IPPROTO_IP, IP_TOS, &value,
! 2155: (socklen_t) sizeof(value))) {
! 2156: LogDebug("Can't set socket option IP_TOS: %s!",
! 2157: strerror(errno));
! 2158: /* ignore this error */
! 2159: } else
! 2160: LogDebug("IP_TOS on socket %d has been set to IPTOS_LOWDELAY.",
! 2161: Sock);
! 2162: #endif
! 2163:
! 2164: return true;
! 2165: } /* Init_Socket */
! 2166:
! 2167: /**
! 2168: * Read results of a resolver sub-process and try to initiate a new server
! 2169: * connection.
! 2170: *
! 2171: * @param fd File descriptor of the pipe to the sub-process.
! 2172: * @param events (ignored IO specification)
! 2173: */
! 2174: static void
! 2175: cb_Connect_to_Server(int fd, UNUSED short events)
! 2176: {
! 2177: int i;
! 2178: size_t len;
! 2179:
! 2180: /* we can handle at most 3 addresses; but we read up to 4 so we can
! 2181: * log the 'more than we can handle' condition. First result is tried
! 2182: * immediately, rest is saved for later if needed. */
! 2183: ng_ipaddr_t dest_addrs[4];
! 2184:
! 2185: LogDebug("Resolver: Got forward lookup callback on fd %d, events %d",
! 2186: fd, events);
! 2187:
! 2188: for (i=0; i < MAX_SERVERS; i++) {
! 2189: if (Proc_GetPipeFd(&Conf_Server[i].res_stat) == fd )
! 2190: break;
! 2191: }
! 2192:
! 2193: if( i >= MAX_SERVERS) {
! 2194: /* Ops, no matching server found?! */
! 2195: io_close( fd );
! 2196: LogDebug("Resolver: Got Forward Lookup callback for unknown server!?");
! 2197: return;
! 2198: }
! 2199:
! 2200: /* Read result from pipe */
! 2201: len = Proc_Read(&Conf_Server[i].res_stat, dest_addrs, sizeof(dest_addrs));
! 2202: Proc_Close(&Conf_Server[i].res_stat);
! 2203: if (len == 0) {
! 2204: /* Error resolving hostname: reset server structure */
! 2205: Conf_Server[i].conn_id = NONE;
! 2206: return;
! 2207: }
! 2208:
! 2209: assert((len % sizeof(ng_ipaddr_t)) == 0);
! 2210:
! 2211: LogDebug("Got result from resolver: %u structs (%u bytes).",
! 2212: len/sizeof(ng_ipaddr_t), len);
! 2213:
! 2214: memset(&Conf_Server[i].dst_addr, 0, sizeof(Conf_Server[i].dst_addr));
! 2215: if (len > sizeof(ng_ipaddr_t)) {
! 2216: /* more than one address for this hostname, remember them
! 2217: * in case first address is unreachable/not available */
! 2218: len -= sizeof(ng_ipaddr_t);
! 2219: if (len > sizeof(Conf_Server[i].dst_addr)) {
! 2220: len = sizeof(Conf_Server[i].dst_addr);
! 2221: Log(LOG_NOTICE,
! 2222: "Notice: Resolver returned more IP Addresses for host than we can handle, additional addresses dropped.");
! 2223: }
! 2224: memcpy(&Conf_Server[i].dst_addr, &dest_addrs[1], len);
! 2225: }
! 2226: /* connect() */
! 2227: New_Server(i, dest_addrs);
! 2228: } /* cb_Read_Forward_Lookup */
! 2229:
! 2230: /**
! 2231: * Read results of a resolver sub-process from the pipe and update the
! 2232: * appropriate connection/client structure(s): hostname and/or IDENT user name.
! 2233: *
! 2234: * @param r_fd File descriptor of the pipe to the sub-process.
! 2235: * @param events (ignored IO specification)
! 2236: */
! 2237: static void
! 2238: cb_Read_Resolver_Result( int r_fd, UNUSED short events )
! 2239: {
! 2240: CLIENT *c;
! 2241: CONN_ID i;
! 2242: size_t len;
! 2243: char *identptr;
! 2244: #ifdef IDENTAUTH
! 2245: char readbuf[HOST_LEN + 2 + CLIENT_USER_LEN];
! 2246: char *ptr;
! 2247: #else
! 2248: char readbuf[HOST_LEN + 1];
! 2249: #endif
! 2250:
! 2251: LogDebug("Resolver: Got callback on fd %d, events %d", r_fd, events );
! 2252: i = Conn_GetFromProc(r_fd);
! 2253: if (i == NONE) {
! 2254: /* Ops, none found? Probably the connection has already
! 2255: * been closed!? We'll ignore that ... */
! 2256: io_close( r_fd );
! 2257: LogDebug("Resolver: Got callback for unknown connection!?");
! 2258: return;
! 2259: }
! 2260:
! 2261: /* Read result from pipe */
! 2262: len = Proc_Read(&My_Connections[i].proc_stat, readbuf, sizeof readbuf -1);
! 2263: Proc_Close(&My_Connections[i].proc_stat);
! 2264: if (len == 0)
! 2265: return;
! 2266:
! 2267: readbuf[len] = '\0';
! 2268: identptr = strchr(readbuf, '\n');
! 2269: assert(identptr != NULL);
! 2270: if (!identptr) {
! 2271: Log( LOG_CRIT, "Resolver: Got malformed result!");
! 2272: return;
! 2273: }
! 2274:
! 2275: *identptr = '\0';
! 2276: LogDebug("Got result from resolver: \"%s\" (%u bytes read).", readbuf, len);
! 2277: /* Okay, we got a complete result: this is a host name for outgoing
! 2278: * connections and a host name and IDENT user name (if enabled) for
! 2279: * incoming connections.*/
! 2280: assert ( My_Connections[i].sock >= 0 );
! 2281: /* Incoming connection. Search client ... */
! 2282: c = Conn_GetClient( i );
! 2283: assert( c != NULL );
! 2284:
! 2285: /* Only update client information of unregistered clients.
! 2286: * Note: user commands (e. g. WEBIRC) are always read _after_ reading
! 2287: * the resolver results, so we don't have to worry to override settings
! 2288: * from these commands here. */
! 2289: if(Client_Type(c) == CLIENT_UNKNOWN) {
! 2290: strlcpy(My_Connections[i].host, readbuf,
! 2291: sizeof(My_Connections[i].host));
! 2292: Client_SetHostname(c, readbuf);
! 2293: if (Conf_NoticeBeforeRegistration)
! 2294: (void)Conn_WriteStr(i,
! 2295: "NOTICE * :*** Found your hostname: %s",
! 2296: My_Connections[i].host);
! 2297: #ifdef IDENTAUTH
! 2298: ++identptr;
! 2299: if (*identptr) {
! 2300: ptr = identptr;
! 2301: while (*ptr) {
! 2302: if ((*ptr < '0' || *ptr > '9') &&
! 2303: (*ptr < 'A' || *ptr > 'Z') &&
! 2304: (*ptr < 'a' || *ptr > 'z'))
! 2305: break;
! 2306: ptr++;
! 2307: }
! 2308: if (*ptr) {
! 2309: /* Erroneous IDENT reply */
! 2310: Log(LOG_NOTICE,
! 2311: "Got invalid IDENT reply for connection %d! Ignored.",
! 2312: i);
! 2313: } else {
! 2314: Log(LOG_INFO,
! 2315: "IDENT lookup for connection %d: \"%s\".",
! 2316: i, identptr);
! 2317: Client_SetUser(c, identptr, true);
! 2318: }
! 2319: if (Conf_NoticeBeforeRegistration) {
! 2320: (void)Conn_WriteStr(i,
! 2321: "NOTICE * :*** Got %sident response%s%s",
! 2322: *ptr ? "invalid " : "",
! 2323: *ptr ? "" : ": ",
! 2324: *ptr ? "" : identptr);
! 2325: }
! 2326: } else if(Conf_Ident) {
! 2327: Log(LOG_INFO, "IDENT lookup for connection %d: no result.", i);
! 2328: if (Conf_NoticeBeforeRegistration)
! 2329: (void)Conn_WriteStr(i,
! 2330: "NOTICE * :*** No ident response");
! 2331: }
! 2332: #endif
! 2333:
! 2334: if (Conf_NoticeBeforeRegistration) {
! 2335: /* Send buffered data to the client, but break on
! 2336: * errors because Handle_Write() would have closed
! 2337: * the connection again in this case! */
! 2338: if (!Handle_Write(i))
! 2339: return;
! 2340: }
! 2341:
! 2342: Class_HandleServerBans(c);
! 2343: }
! 2344: #ifdef DEBUG
! 2345: else
! 2346: LogDebug("Resolver: discarding result for already registered connection %d.", i);
! 2347: #endif
! 2348: } /* cb_Read_Resolver_Result */
! 2349:
! 2350: /**
! 2351: * Write a "simple" (error) message to a socket.
! 2352: *
! 2353: * The message is sent without using the connection write buffers, without
! 2354: * compression/encryption, and even without any error reporting. It is
! 2355: * designed for error messages of e.g. New_Connection().
! 2356: *
! 2357: * @param Sock Socket handle.
! 2358: * @param Msg Message string to send.
! 2359: */
! 2360: static void
! 2361: Simple_Message(int Sock, const char *Msg)
! 2362: {
! 2363: char buf[COMMAND_LEN];
! 2364: size_t len;
! 2365:
! 2366: assert(Sock > NONE);
! 2367: assert(Msg != NULL);
! 2368:
! 2369: strlcpy(buf, Msg, sizeof buf - 2);
! 2370: len = strlcat(buf, "\r\n", sizeof buf);
! 2371: if (write(Sock, buf, len) < 0) {
! 2372: /* Because this function most probably got called to log
! 2373: * an error message, any write error is ignored here to
! 2374: * avoid an endless loop. But casting the result of write()
! 2375: * to "void" doesn't satisfy the GNU C code attribute
! 2376: * "warn_unused_result" which is used by some versions of
! 2377: * glibc (e.g. 2.11.1), therefore this silly error
! 2378: * "handling" code here :-( */
! 2379: return;
! 2380: }
! 2381: } /* Simple_Error */
! 2382:
! 2383: /**
! 2384: * Get CLIENT structure that belongs to a local connection identified by its
! 2385: * index number. Each connection belongs to a client by definition, so it is
! 2386: * not required that the caller checks for NULL return values.
! 2387: *
! 2388: * @param Idx Connection index number.
! 2389: * @returns Pointer to CLIENT structure.
! 2390: */
! 2391: GLOBAL CLIENT *
! 2392: Conn_GetClient( CONN_ID Idx )
! 2393: {
! 2394: CONNECTION *c;
! 2395:
! 2396: assert(Idx >= 0);
! 2397: c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
! 2398: assert(c != NULL);
! 2399: return c ? c->client : NULL;
! 2400: }
! 2401:
! 2402: /**
! 2403: * Get PROC_STAT sub-process structure of a connection.
! 2404: *
! 2405: * @param Idx Connection index number.
! 2406: * @returns PROC_STAT structure.
! 2407: */
! 2408: GLOBAL PROC_STAT *
! 2409: Conn_GetProcStat(CONN_ID Idx)
! 2410: {
! 2411: CONNECTION *c;
! 2412:
! 2413: assert(Idx >= 0);
! 2414: c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
! 2415: assert(c != NULL);
! 2416: return &c->proc_stat;
! 2417: } /* Conn_GetProcStat */
! 2418:
! 2419: /**
! 2420: * Get CONN_ID from file descriptor associated to a subprocess structure.
! 2421: *
! 2422: * @param fd File descriptor.
! 2423: * @returns CONN_ID or NONE (-1).
! 2424: */
! 2425: GLOBAL CONN_ID
! 2426: Conn_GetFromProc(int fd)
! 2427: {
! 2428: int i;
! 2429:
! 2430: assert(fd > 0);
! 2431: for (i = 0; i < Pool_Size; i++) {
! 2432: if ((My_Connections[i].sock != NONE)
! 2433: && (Proc_GetPipeFd(&My_Connections[i].proc_stat) == fd))
! 2434: return i;
! 2435: }
! 2436: return NONE;
! 2437: } /* Conn_GetFromProc */
! 2438:
! 2439: /**
! 2440: * Throttle a connection because of excessive usage.
! 2441: *
! 2442: * @param Reason The reason, see THROTTLE_xxx constants.
! 2443: * @param Idx The connection index.
! 2444: * @param Client The client of this connection.
! 2445: * @param Value The time to delay this connection.
! 2446: */
! 2447: static void
! 2448: Throttle_Connection(const CONN_ID Idx, CLIENT *Client, const int Reason,
! 2449: unsigned int Value)
! 2450: {
! 2451: assert(Idx > NONE);
! 2452: assert(Client != NULL);
! 2453:
! 2454: /* Never throttle servers or services, only interrupt processing */
! 2455: if (Client_Type(Client) == CLIENT_SERVER
! 2456: || Client_Type(Client) == CLIENT_UNKNOWNSERVER
! 2457: || Client_Type(Client) == CLIENT_SERVICE)
! 2458: return;
! 2459:
! 2460: /* Don't throttle clients with user mode 'F' set */
! 2461: if (Client_HasMode(Client, 'F'))
! 2462: return;
! 2463:
! 2464: LogDebug("Throttling connection %d: code %d, value %d!", Idx,
! 2465: Reason, Value);
! 2466: Conn_SetPenalty(Idx, 1);
! 2467: }
! 2468:
! 2469: #ifndef STRICT_RFC
! 2470:
! 2471: GLOBAL long
! 2472: Conn_GetAuthPing(CONN_ID Idx)
! 2473: {
! 2474: assert (Idx != NONE);
! 2475: return My_Connections[Idx].auth_ping;
! 2476: } /* Conn_GetAuthPing */
! 2477:
! 2478: GLOBAL void
! 2479: Conn_SetAuthPing(CONN_ID Idx, long ID)
! 2480: {
! 2481: assert (Idx != NONE);
! 2482: My_Connections[Idx].auth_ping = ID;
! 2483: } /* Conn_SetAuthPing */
! 2484:
! 2485: #endif /* STRICT_RFC */
! 2486:
! 2487: #ifdef SSL_SUPPORT
! 2488:
! 2489: /**
! 2490: * IO callback for new SSL-enabled client and server connections.
! 2491: *
! 2492: * @param sock Socket descriptor.
! 2493: * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...).
! 2494: */
! 2495: static void
! 2496: cb_clientserver_ssl(int sock, UNUSED short what)
! 2497: {
! 2498: CONN_ID idx = Socket2Index(sock);
! 2499:
! 2500: if (idx <= NONE) {
! 2501: io_close(sock);
! 2502: return;
! 2503: }
! 2504:
! 2505: switch (ConnSSL_Accept(&My_Connections[idx])) {
! 2506: case 1:
! 2507: break; /* OK */
! 2508: case 0:
! 2509: return; /* EAGAIN: callback will be invoked again by IO layer */
! 2510: default:
! 2511: Conn_Close(idx,
! 2512: "SSL accept error, closing socket", "SSL accept error",
! 2513: false);
! 2514: return;
! 2515: }
! 2516:
! 2517: io_event_setcb(sock, cb_clientserver); /* SSL handshake completed */
! 2518: }
! 2519:
! 2520: /**
! 2521: * IO callback for listening SSL sockets: handle new connections. This callback
! 2522: * gets called when a new SSL-enabled connection should be accepted.
! 2523: *
! 2524: * @param sock Socket descriptor.
! 2525: * @param irrelevant (ignored IO specification)
! 2526: */
! 2527: static void
! 2528: cb_listen_ssl(int sock, short irrelevant)
! 2529: {
! 2530: int fd;
! 2531:
! 2532: (void) irrelevant;
! 2533: fd = New_Connection(sock, true);
! 2534: if (fd < 0)
! 2535: return;
! 2536: io_event_setcb(My_Connections[fd].sock, cb_clientserver_ssl);
! 2537: }
! 2538:
! 2539: /**
! 2540: * IO callback for new outgoing SSL-enabled server connections.
! 2541: *
! 2542: * @param sock Socket descriptor.
! 2543: * @param unused (ignored IO specification)
! 2544: */
! 2545: static void
! 2546: cb_connserver_login_ssl(int sock, short unused)
! 2547: {
! 2548: CONN_ID idx = Socket2Index(sock);
! 2549:
! 2550: (void) unused;
! 2551:
! 2552: if (idx <= NONE) {
! 2553: io_close(sock);
! 2554: return;
! 2555: }
! 2556:
! 2557: switch (ConnSSL_Connect( &My_Connections[idx])) {
! 2558: case 1: break;
! 2559: case 0: LogDebug("ConnSSL_Connect: not ready");
! 2560: return;
! 2561: case -1:
! 2562: Log(LOG_ERR, "SSL connection on socket %d failed!", sock);
! 2563: Conn_Close(idx, "Can't connect", NULL, false);
! 2564: return;
! 2565: }
! 2566:
! 2567: Log( LOG_INFO, "SSL connection %d with \"%s:%d\" established.", idx,
! 2568: My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port );
! 2569:
! 2570: server_login(idx);
! 2571: }
! 2572:
! 2573:
! 2574: /**
! 2575: * Check if SSL library needs to read SSL-protocol related data.
! 2576: *
! 2577: * SSL/TLS connections require extra treatment:
! 2578: * When either CONN_SSL_WANT_WRITE or CONN_SSL_WANT_READ is set, we
! 2579: * need to take care of that first, before checking read/write buffers.
! 2580: * For instance, while we might have data in our write buffer, the
! 2581: * TLS/SSL protocol might need to read internal data first for TLS/SSL
! 2582: * writes to succeed.
! 2583: *
! 2584: * If this function returns true, such a condition is met and we have
! 2585: * to reverse the condition (check for read even if we've data to write,
! 2586: * do not check for read but writeability even if write-buffer is empty).
! 2587: *
! 2588: * @param c Connection to check.
! 2589: * @returns true if SSL-library has to read protocol data.
! 2590: */
! 2591: static bool
! 2592: SSL_WantRead(const CONNECTION *c)
! 2593: {
! 2594: if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_READ)) {
! 2595: io_event_add(c->sock, IO_WANTREAD);
! 2596: return true;
! 2597: }
! 2598: return false;
! 2599: }
! 2600:
! 2601: /**
! 2602: * Check if SSL library needs to write SSL-protocol related data.
! 2603: *
! 2604: * Please see description of SSL_WantRead() for full description!
! 2605: *
! 2606: * @param c Connection to check.
! 2607: * @returns true if SSL-library has to write protocol data.
! 2608: */
! 2609: static bool
! 2610: SSL_WantWrite(const CONNECTION *c)
! 2611: {
! 2612: if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_WRITE)) {
! 2613: io_event_add(c->sock, IO_WANTWRITE);
! 2614: return true;
! 2615: }
! 2616: return false;
! 2617: }
! 2618:
! 2619: /**
! 2620: * Get information about used SSL cipher.
! 2621: *
! 2622: * @param Idx Connection index number.
! 2623: * @param buf Buffer for returned information text.
! 2624: * @param len Size of return buffer "buf".
! 2625: * @returns true on success, false otherwise.
! 2626: */
! 2627: GLOBAL bool
! 2628: Conn_GetCipherInfo(CONN_ID Idx, char *buf, size_t len)
! 2629: {
! 2630: if (Idx < 0)
! 2631: return false;
! 2632: assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
! 2633: return ConnSSL_GetCipherInfo(&My_Connections[Idx], buf, len);
! 2634: }
! 2635:
! 2636: /**
! 2637: * Check if a connection is SSL-enabled or not.
! 2638: *
! 2639: * @param Idx Connection index number.
! 2640: * @return true if connection is SSL-enabled, false otherwise.
! 2641: */
! 2642: GLOBAL bool
! 2643: Conn_UsesSSL(CONN_ID Idx)
! 2644: {
! 2645: if (Idx < 0)
! 2646: return false;
! 2647: assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
! 2648: return Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL);
! 2649: }
! 2650:
! 2651: GLOBAL char *
! 2652: Conn_GetCertFp(CONN_ID Idx)
! 2653: {
! 2654: if (Idx < 0)
! 2655: return NULL;
! 2656: assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
! 2657: return ConnSSL_GetCertFp(&My_Connections[Idx]);
! 2658: }
! 2659:
! 2660: GLOBAL bool
! 2661: Conn_SetCertFp(CONN_ID Idx, const char *fingerprint)
! 2662: {
! 2663: if (Idx < 0)
! 2664: return false;
! 2665: assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
! 2666: return ConnSSL_SetCertFp(&My_Connections[Idx], fingerprint);
! 2667: }
! 2668:
! 2669: #else /* SSL_SUPPORT */
! 2670:
! 2671: GLOBAL bool
! 2672: Conn_UsesSSL(UNUSED CONN_ID Idx)
! 2673: {
! 2674: return false;
! 2675: }
! 2676:
! 2677: GLOBAL char *
! 2678: Conn_GetCertFp(UNUSED CONN_ID Idx)
! 2679: {
! 2680: return NULL;
! 2681: }
! 2682:
! 2683: GLOBAL bool
! 2684: Conn_SetCertFp(UNUSED CONN_ID Idx, UNUSED const char *fingerprint)
! 2685: {
! 2686: return true;
! 2687: }
! 2688:
! 2689: #endif /* SSL_SUPPORT */
! 2690:
! 2691: #ifdef DEBUG
! 2692:
! 2693: /**
! 2694: * Dump internal state of the "connection module".
! 2695: */
! 2696: GLOBAL void
! 2697: Conn_DebugDump(void)
! 2698: {
! 2699: int i;
! 2700:
! 2701: Log(LOG_DEBUG, "Connection status:");
! 2702: for (i = 0; i < Pool_Size; i++) {
! 2703: if (My_Connections[i].sock == NONE)
! 2704: continue;
! 2705: Log(LOG_DEBUG,
! 2706: " - %d: host=%s, lastdata=%ld, lastping=%ld, delaytime=%ld, flag=%d, options=%d, bps=%d, client=%s",
! 2707: My_Connections[i].sock, My_Connections[i].host,
! 2708: My_Connections[i].lastdata, My_Connections[i].lastping,
! 2709: My_Connections[i].delaytime, My_Connections[i].flag,
! 2710: My_Connections[i].options, My_Connections[i].bps,
! 2711: My_Connections[i].client ? Client_ID(My_Connections[i].client) : "-");
! 2712: }
! 2713: } /* Conn_DumpClients */
! 2714:
! 2715: #endif /* DEBUG */
! 2716:
! 2717: /* -eof- */
CVSweb
![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to conn.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [local] / ircnowd / src / ngircd