12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339234023412342234323442345234623472348234923502351235223532354235523562357235823592360236123622363236423652366236723682369237023712372237323742375237623772378237923802381238223832384238523862387238823892390239123922393239423952396239723982399240024012402240324042405240624072408240924102411241224132414241524162417241824192420242124222423242424252426242724282429243024312432243324342435243624372438243924402441244224432444244524462447244824492450245124522453 |
- /*
- * ngIRCd -- The Next Generation IRC Daemon
- * Copyright (c)2001-2012 Alexander Barton (alex@barton.de) and Contributors.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- * Please read the file COPYING, README and AUTHORS for more information.
- */
- #undef DEBUG_BUFFER
- #define CONN_MODULE
- #include "portab.h"
- #include "conf-ssl.h"
- #include "io.h"
- /**
- * @file
- * Connection management
- */
- #include "imp.h"
- #include <assert.h>
- #ifdef PROTOTYPES
- # include <stdarg.h>
- #else
- # include <varargs.h>
- #endif
- #include <stdio.h>
- #include <stdlib.h>
- #include <unistd.h>
- #include <errno.h>
- #include <string.h>
- #include <sys/socket.h>
- #include <sys/time.h>
- #include <sys/types.h>
- #include <time.h>
- #include <netinet/in.h>
- #ifdef HAVE_NETINET_IP_H
- # ifdef HAVE_NETINET_IN_SYSTM_H
- # include <netinet/in_systm.h>
- # endif
- # include <netinet/ip.h>
- #endif
- #ifdef HAVE_STDINT_H
- # include <stdint.h> /* e.g. for Mac OS X */
- #endif
- #ifdef TCPWRAP
- # include <tcpd.h> /* for TCP Wrappers */
- #endif
- #include "array.h"
- #include "defines.h"
- #include "exp.h"
- #include "conn.h"
- #include "imp.h"
- #include "ngircd.h"
- #include "array.h"
- #include "client.h"
- #include "class.h"
- #include "conf.h"
- #include "conn-ssl.h"
- #include "conn-zip.h"
- #include "conn-func.h"
- #include "log.h"
- #include "ng_ipaddr.h"
- #include "parse.h"
- #include "resolve.h"
- #include "tool.h"
- #include "exp.h"
- #define SERVER_WAIT (NONE - 1)
- #define MAX_COMMANDS 3
- #define MAX_COMMANDS_SERVER_MIN 10
- #define MAX_COMMANDS_SERVICE 10
- static bool Handle_Write PARAMS(( CONN_ID Idx ));
- static bool Conn_Write PARAMS(( CONN_ID Idx, char *Data, size_t Len ));
- static int New_Connection PARAMS(( int Sock ));
- static CONN_ID Socket2Index PARAMS(( int Sock ));
- static void Read_Request PARAMS(( CONN_ID Idx ));
- static unsigned int Handle_Buffer PARAMS(( CONN_ID Idx ));
- static void Check_Connections PARAMS(( void ));
- static void Check_Servers PARAMS(( void ));
- static void Init_Conn_Struct PARAMS(( CONN_ID Idx ));
- static bool Init_Socket PARAMS(( int Sock ));
- static void New_Server PARAMS(( int Server, ng_ipaddr_t *dest ));
- static void Simple_Message PARAMS(( int Sock, const char *Msg ));
- static int NewListener PARAMS(( const char *listen_addr, UINT16 Port ));
- static void Account_Connection PARAMS((void));
- static array My_Listeners;
- static array My_ConnArray;
- static size_t NumConnections, NumConnectionsMax, NumConnectionsAccepted;
- #ifdef TCPWRAP
- int allow_severity = LOG_INFO;
- int deny_severity = LOG_ERR;
- #endif
- static void server_login PARAMS((CONN_ID idx));
- #ifdef SSL_SUPPORT
- extern struct SSLOptions Conf_SSLOptions;
- static void cb_connserver_login_ssl PARAMS((int sock, short what));
- static void cb_clientserver_ssl PARAMS((int sock, short what));
- #endif
- static void cb_Read_Resolver_Result PARAMS((int sock, UNUSED short what));
- static void cb_Connect_to_Server PARAMS((int sock, UNUSED short what));
- static void cb_clientserver PARAMS((int sock, short what));
- /**
- * IO callback for listening sockets: handle new connections. This callback
- * gets called when a new non-SSL connection should be accepted.
- *
- * @param sock Socket descriptor.
- * @param irrelevant (ignored IO specification)
- */
- static void
- cb_listen(int sock, short irrelevant)
- {
- (void) irrelevant;
- (void) New_Connection(sock);
- }
- #ifdef SSL_SUPPORT
- /**
- * IO callback for listening SSL sockets: handle new connections. This callback
- * gets called when a new SSL-enabled connection should be accepted.
- *
- * @param sock Socket descriptor.
- * @param irrelevant (ignored IO specification)
- */
- static void
- cb_listen_ssl(int sock, short irrelevant)
- {
- int fd;
- (void) irrelevant;
- fd = New_Connection(sock);
- if (fd < 0)
- return;
- io_event_setcb(My_Connections[fd].sock, cb_clientserver_ssl);
- }
- #endif
- /**
- * IO callback for new outgoing non-SSL server connections.
- *
- * @param sock Socket descriptor.
- * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...).
- */
- static void
- cb_connserver(int sock, UNUSED short what)
- {
- int res, err, server;
- socklen_t sock_len;
- CONN_ID idx = Socket2Index( sock );
- if (idx <= NONE) {
- LogDebug("cb_connserver wants to write on unknown socket?!");
- io_close(sock);
- return;
- }
- assert(what & IO_WANTWRITE);
- /* Make sure that the server is still configured; it could have been
- * removed in the meantime! */
- server = Conf_GetServer(idx);
- if (server < 0) {
- Log(LOG_ERR, "Connection on socket %d to \"%s\" aborted!",
- sock, My_Connections[idx].host);
- Conn_Close(idx, "Connection aborted!", NULL, false);
- return;
- }
- /* connect() finished, get result. */
- sock_len = (socklen_t)sizeof(err);
- res = getsockopt(My_Connections[idx].sock, SOL_SOCKET, SO_ERROR,
- &err, &sock_len );
- assert(sock_len == sizeof(err));
- /* Error while connecting? */
- if ((res != 0) || (err != 0)) {
- if (res != 0)
- Log(LOG_CRIT, "getsockopt (connection %d): %s!",
- idx, strerror(errno));
- else
- Log(LOG_CRIT,
- "Can't connect socket to \"%s:%d\" (connection %d): %s!",
- My_Connections[idx].host, Conf_Server[server].port,
- idx, strerror(err));
- Conn_Close(idx, "Can't connect!", NULL, false);
- if (ng_ipaddr_af(&Conf_Server[server].dst_addr[0])) {
- /* more addresses to try... */
- New_Server(server, &Conf_Server[server].dst_addr[0]);
- /* connection to dst_addr[0] is now in progress, so
- * remove this address... */
- Conf_Server[server].dst_addr[0] =
- Conf_Server[server].dst_addr[1];
- memset(&Conf_Server[server].dst_addr[1], 0,
- sizeof(Conf_Server[server].dst_addr[1]));
- }
- return;
- }
- /* connect() succeeded, remove all additional addresses */
- memset(&Conf_Server[server].dst_addr, 0,
- sizeof(Conf_Server[server].dst_addr));
- Conn_OPTION_DEL( &My_Connections[idx], CONN_ISCONNECTING );
- #ifdef SSL_SUPPORT
- if ( Conn_OPTION_ISSET( &My_Connections[idx], CONN_SSL_CONNECT )) {
- io_event_setcb( sock, cb_connserver_login_ssl );
- io_event_add( sock, IO_WANTWRITE|IO_WANTREAD );
- return;
- }
- #endif
- server_login(idx);
- }
- /**
- * Login to a remote server.
- *
- * @param idx Connection index.
- */
- static void
- server_login(CONN_ID idx)
- {
- Log(LOG_INFO,
- "Connection %d (socket %d) with \"%s:%d\" established. Now logging in ...",
- idx, My_Connections[idx].sock, My_Connections[idx].host,
- Conf_Server[Conf_GetServer(idx)].port);
- io_event_setcb( My_Connections[idx].sock, cb_clientserver);
- io_event_add( My_Connections[idx].sock, IO_WANTREAD|IO_WANTWRITE);
- /* Send PASS and SERVER command to peer */
- Conn_WriteStr( idx, "PASS %s %s", Conf_Server[Conf_GetServer( idx )].pwd_out, NGIRCd_ProtoID );
- Conn_WriteStr( idx, "SERVER %s :%s", Conf_ServerName, Conf_ServerInfo );
- }
- #ifdef SSL_SUPPORT
- /**
- * IO callback for new outgoing SSL-enabled server connections.
- *
- * @param sock Socket descriptor.
- * @param unused (ignored IO specification)
- */
- static void
- cb_connserver_login_ssl(int sock, short unused)
- {
- CONN_ID idx = Socket2Index(sock);
- assert(idx >= 0);
- if (idx < 0) {
- io_close(sock);
- return;
- }
- (void) unused;
- switch (ConnSSL_Connect( &My_Connections[idx])) {
- case 1: break;
- case 0: LogDebug("ConnSSL_Connect: not ready");
- return;
- case -1:
- Log(LOG_ERR, "SSL connection on socket %d failed!", sock);
- Conn_Close(idx, "Can't connect!", NULL, false);
- return;
- }
- Log( LOG_INFO, "SSL connection %d with \"%s:%d\" established.", idx,
- My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port );
- server_login(idx);
- }
- #endif
- /**
- * IO callback for established non-SSL client and server connections.
- *
- * @param sock Socket descriptor.
- * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...).
- */
- static void
- cb_clientserver(int sock, short what)
- {
- CONN_ID idx = Socket2Index(sock);
- assert(idx >= 0);
- if (idx < 0) {
- io_close(sock);
- return;
- }
- #ifdef SSL_SUPPORT
- if (what & IO_WANTREAD
- || (Conn_OPTION_ISSET(&My_Connections[idx], CONN_SSL_WANT_WRITE))) {
- /* if TLS layer needs to write additional data, call
- * Read_Request() instead so that SSL/TLS can continue */
- Read_Request(idx);
- }
- #else
- if (what & IO_WANTREAD)
- Read_Request(idx);
- #endif
- if (what & IO_WANTWRITE)
- Handle_Write(idx);
- }
- #ifdef SSL_SUPPORT
- /**
- * IO callback for established SSL-enabled client and server connections.
- *
- * @param sock Socket descriptor.
- * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...).
- */
- static void
- cb_clientserver_ssl(int sock, short what)
- {
- CONN_ID idx = Socket2Index(sock);
- assert(idx >= 0);
- if (idx < 0) {
- io_close(sock);
- return;
- }
- switch (ConnSSL_Accept(&My_Connections[idx])) {
- case 1:
- break; /* OK */
- case 0:
- return; /* EAGAIN: callback will be invoked again by IO layer */
- default:
- Conn_Close(idx, "SSL accept error, closing socket", "SSL accept error", false);
- return;
- }
- if (what & IO_WANTREAD)
- Read_Request(idx);
- if (what & IO_WANTWRITE)
- Handle_Write(idx);
- io_event_setcb(sock, cb_clientserver); /* SSL handshake completed */
- }
- #endif
- /**
- * Initialize connecion module.
- */
- GLOBAL void
- Conn_Init( void )
- {
- CONN_ID i;
- /* Speicher fuer Verbindungs-Pool anfordern */
- Pool_Size = CONNECTION_POOL;
- if ((Conf_MaxConnections > 0) &&
- (Pool_Size > Conf_MaxConnections))
- Pool_Size = Conf_MaxConnections;
- if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)Pool_Size)) {
- Log(LOG_EMERG, "Can't allocate memory! [Conn_Init]");
- exit(1);
- }
- /* FIXME: My_Connetions/Pool_Size is needed by other parts of the
- * code; remove them! */
- My_Connections = (CONNECTION*) array_start(&My_ConnArray);
- LogDebug("Allocated connection pool for %d items (%ld bytes).",
- array_length(&My_ConnArray, sizeof(CONNECTION)),
- array_bytes(&My_ConnArray));
- assert(array_length(&My_ConnArray, sizeof(CONNECTION)) >= (size_t)Pool_Size);
-
- array_free( &My_Listeners );
- for (i = 0; i < Pool_Size; i++)
- Init_Conn_Struct(i);
- } /* Conn_Init */
- /**
- * Clean up connection module.
- */
- GLOBAL void
- Conn_Exit( void )
- {
- CONN_ID idx;
- Conn_ExitListeners();
- LogDebug("Shutting down all connections ..." );
- for( idx = 0; idx < Pool_Size; idx++ ) {
- if( My_Connections[idx].sock > NONE ) {
- Conn_Close( idx, NULL, NGIRCd_SignalRestart ?
- "Server going down (restarting)":"Server going down", true );
- }
- }
- array_free(&My_ConnArray);
- My_Connections = NULL;
- Pool_Size = 0;
- io_library_shutdown();
- } /* Conn_Exit */
- /**
- * Close all sockets (file descriptors) of open connections.
- * This is useful in forked child processes, for example, to make sure that
- * they don't hold connections open that the main process wants to close.
- */
- GLOBAL void
- Conn_CloseAllSockets(int ExceptOf)
- {
- CONN_ID idx;
- for(idx = 0; idx < Pool_Size; idx++) {
- if(My_Connections[idx].sock > NONE &&
- My_Connections[idx].sock != ExceptOf)
- close(My_Connections[idx].sock);
- }
- }
- /**
- * Initialize listening ports.
- *
- * @param a Array containing the ports the daemon should listen on.
- * @param listen_addr Address the socket should listen on (can be "0.0.0.0").
- * @param func IO callback function to register.
- * @returns Number of listening sockets created.
- */
- static unsigned int
- ports_initlisteners(array *a, const char *listen_addr, void (*func)(int,short))
- {
- unsigned int created = 0;
- size_t len;
- int fd;
- UINT16 *port;
- len = array_length(a, sizeof (UINT16));
- port = array_start(a);
- while (len--) {
- fd = NewListener(listen_addr, *port);
- if (fd < 0) {
- port++;
- continue;
- }
- if (!io_event_create( fd, IO_WANTREAD, func )) {
- Log( LOG_ERR, "io_event_create(): Could not add listening fd %d (port %u): %s!",
- fd, (unsigned int) *port, strerror(errno));
- close(fd);
- port++;
- continue;
- }
- created++;
- port++;
- }
- return created;
- }
- /**
- * Initialize all listening sockets.
- *
- * @returns Number of created listening sockets
- */
- GLOBAL unsigned int
- Conn_InitListeners( void )
- {
- /* Initialize ports on which the server should accept connections */
- unsigned int created = 0;
- char *copy, *listen_addr;
- assert(Conf_ListenAddress);
- /* can't use Conf_ListenAddress directly, see below */
- copy = strdup(Conf_ListenAddress);
- if (!copy) {
- Log(LOG_CRIT, "Cannot copy %s: %s", Conf_ListenAddress, strerror(errno));
- return 0;
- }
- listen_addr = strtok(copy, ",");
- while (listen_addr) {
- ngt_TrimStr(listen_addr);
- if (*listen_addr) {
- created += ports_initlisteners(&Conf_ListenPorts, listen_addr, cb_listen);
- #ifdef SSL_SUPPORT
- created += ports_initlisteners(&Conf_SSLOptions.ListenPorts, listen_addr, cb_listen_ssl);
- #endif
- }
- listen_addr = strtok(NULL, ",");
- }
- /* Can't free() Conf_ListenAddress here: on REHASH, if the config file
- * cannot be re-loaded, we'd end up with a NULL Conf_ListenAddress.
- * Instead, free() takes place in conf.c, before the config file
- * is being parsed. */
- free(copy);
- return created;
- } /* Conn_InitListeners */
- /**
- * Shut down all listening sockets.
- */
- GLOBAL void
- Conn_ExitListeners( void )
- {
- /* Close down all listening sockets */
- int *fd;
- size_t arraylen;
- arraylen = array_length(&My_Listeners, sizeof (int));
- Log(LOG_INFO,
- "Shutting down all listening sockets (%d total) ...", arraylen);
- fd = array_start(&My_Listeners);
- while(arraylen--) {
- assert(fd != NULL);
- assert(*fd >= 0);
- io_close(*fd);
- LogDebug("Listening socket %d closed.", *fd );
- fd++;
- }
- array_free(&My_Listeners);
- } /* Conn_ExitListeners */
- /**
- * Bind a socket to a specific (source) address.
- *
- * @param addr Address structure.
- * @param listen_addrstr Source address as string.
- * @param Port Port number.
- * @returns true on success, false otherwise.
- */
- static bool
- InitSinaddrListenAddr(ng_ipaddr_t *addr, const char *listen_addrstr, UINT16 Port)
- {
- bool ret;
- ret = ng_ipaddr_init(addr, listen_addrstr, Port);
- if (!ret) {
- assert(listen_addrstr);
- Log(LOG_CRIT, "Can't bind to [%s]:%u: can't convert ip address \"%s\"",
- listen_addrstr, Port, listen_addrstr);
- }
- return ret;
- }
- /**
- * Set a socket to "IPv6 only". If the given socket doesn't belong to the
- * AF_INET6 family, or the operating system doesn't support this functionality,
- * this function retruns silently.
- *
- * @param af Address family of the socket.
- * @param sock Socket handle.
- */
- static void
- set_v6_only(int af, int sock)
- {
- #if defined(IPV6_V6ONLY) && defined(WANT_IPV6)
- int on = 1;
- if (af != AF_INET6)
- return;
- if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, (socklen_t)sizeof(on)))
- Log(LOG_ERR, "Could not set IPV6_V6ONLY: %s", strerror(errno));
- #else
- (void)af;
- (void)sock;
- #endif
- }
- /**
- * Initialize new listening port.
- *
- * @param listen_addr Local address to bind the socet to (can be 0.0.0.0).
- * @param Port Port number on which the new socket should be listening.
- * @returns file descriptor of the socket or -1 on failure.
- */
- static int
- NewListener(const char *listen_addr, UINT16 Port)
- {
- /* Create new listening socket on specified port */
- ng_ipaddr_t addr;
- int sock, af;
- if (!InitSinaddrListenAddr(&addr, listen_addr, Port))
- return -1;
- af = ng_ipaddr_af(&addr);
- sock = socket(af, SOCK_STREAM, 0);
- if( sock < 0 ) {
- Log(LOG_CRIT, "Can't create socket (af %d) : %s!", af, strerror(errno));
- return -1;
- }
- set_v6_only(af, sock);
- if (!Init_Socket(sock))
- return -1;
- if (bind(sock, (struct sockaddr *)&addr, ng_ipaddr_salen(&addr)) != 0) {
- Log(LOG_CRIT, "Can't bind socket to address %s:%d - %s",
- ng_ipaddr_tostr(&addr), Port, strerror(errno));
- close(sock);
- return -1;
- }
- if( listen( sock, 10 ) != 0 ) {
- Log( LOG_CRIT, "Can't listen on socket: %s!", strerror( errno ));
- close( sock );
- return -1;
- }
- /* keep fd in list so we can close it when ngircd restarts/shuts down */
- if (!array_catb( &My_Listeners,(char*) &sock, sizeof(int) )) {
- Log( LOG_CRIT, "Can't add socket to My_Listeners array: %s!", strerror( errno ));
- close( sock );
- return -1;
- }
- Log(LOG_INFO, "Now listening on [%s]:%d (socket %d).",
- ng_ipaddr_tostr(&addr), Port, sock);
- return sock;
- } /* NewListener */
- #ifdef SSL_SUPPORT
- /**
- * Check if SSL library needs to read SSL-protocol related data.
- *
- * SSL/TLS connections require extra treatment:
- * When either CONN_SSL_WANT_WRITE or CONN_SSL_WANT_READ is set, we
- * need to take care of that first, before checking read/write buffers.
- * For instance, while we might have data in our write buffer, the
- * TLS/SSL protocol might need to read internal data first for TLS/SSL
- * writes to succeed.
- *
- * If this function returns true, such a condition is met and we have
- * to reverse the condition (check for read even if we've data to write,
- * do not check for read but writeability even if write-buffer is empty).
- *
- * @param c Connection to check.
- * @returns true if SSL-library has to read protocol data.
- */
- static bool
- SSL_WantRead(const CONNECTION *c)
- {
- if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_READ)) {
- io_event_add(c->sock, IO_WANTREAD);
- return true;
- }
- return false;
- }
- /**
- * Check if SSL library needs to write SSL-protocol related data.
- *
- * Please see description of SSL_WantRead() for full description!
- *
- * @param c Connection to check.
- * @returns true if SSL-library has to write protocol data.
- */
- static bool
- SSL_WantWrite(const CONNECTION *c)
- {
- if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_WRITE)) {
- io_event_add(c->sock, IO_WANTWRITE);
- return true;
- }
- return false;
- }
- #else
- static inline bool
- SSL_WantRead(UNUSED const CONNECTION *c)
- { return false; }
- static inline bool
- SSL_WantWrite(UNUSED const CONNECTION *c)
- { return false; }
- #endif
- /**
- * "Main Loop": Loop until shutdown or restart is signalled.
- *
- * This function loops until a shutdown or restart of ngIRCd is signalled and
- * calls io_dispatch() to check for readable and writable sockets every second.
- * It checks for status changes on pending connections (e. g. when a hostname
- * has been resolved), checks for "penalties" and timeouts, and handles the
- * input buffers.
- */
- GLOBAL void
- Conn_Handler(void)
- {
- int i;
- unsigned int wdatalen, bytes_processed;
- struct timeval tv;
- time_t t;
- while (!NGIRCd_SignalQuit && !NGIRCd_SignalRestart) {
- t = time(NULL);
- /* Check configured servers and established links */
- Check_Servers();
- Check_Connections();
- /* Expire outdated class/list items */
- Class_Expire();
- /* Look for non-empty read buffers ... */
- for (i = 0; i < Pool_Size; i++) {
- if ((My_Connections[i].sock > NONE)
- && (array_bytes(&My_Connections[i].rbuf) > 0)
- && (My_Connections[i].delaytime <= t)) {
- /* ... and try to handle the received data */
- bytes_processed = Handle_Buffer(i);
- /* if we processed data, and there might be
- * more commands in the input buffer, do not
- * try to read any more data now */
- if (bytes_processed &&
- array_bytes(&My_Connections[i].rbuf) > 2) {
- LogDebug
- ("Throttling connection %d: command limit reached!",
- i);
- Conn_SetPenalty(i, 1);
- }
- }
- }
- /* Look for non-empty write buffers ... */
- for (i = 0; i < Pool_Size; i++) {
- if (My_Connections[i].sock <= NONE)
- continue;
- wdatalen = (unsigned int)array_bytes(&My_Connections[i].wbuf);
- #ifdef ZLIB
- if (wdatalen > 0 ||
- array_bytes(&My_Connections[i].zip.wbuf) > 0)
- #else
- if (wdatalen > 0)
- #endif
- {
- if (SSL_WantRead(&My_Connections[i]))
- continue;
- io_event_add(My_Connections[i].sock,
- IO_WANTWRITE);
- }
- }
- /* Check from which sockets we possibly could read ... */
- for (i = 0; i < Pool_Size; i++) {
- if (My_Connections[i].sock <= NONE)
- continue;
- #ifdef SSL_SUPPORT
- if (SSL_WantWrite(&My_Connections[i]))
- continue; /* TLS/SSL layer needs to write data; deal with this first */
- #endif
- if (Proc_InProgress(&My_Connections[i].proc_stat)) {
- /* Wait for completion of forked subprocess
- * and ignore the socket in the meantime ... */
- io_event_del(My_Connections[i].sock,
- IO_WANTREAD);
- continue;
- }
- if (Conn_OPTION_ISSET(&My_Connections[i], CONN_ISCONNECTING))
- /* Wait for completion of connect() ... */
- continue;
- if (My_Connections[i].delaytime > t) {
- /* There is a "penalty time" set: ignore socket! */
- io_event_del(My_Connections[i].sock,
- IO_WANTREAD);
- continue;
- }
- io_event_add(My_Connections[i].sock, IO_WANTREAD);
- }
- /* Set the timeout for reading from the network to 1 second,
- * which is the granularity with witch we handle "penalty
- * times" for example.
- * Note: tv_sec/usec are undefined(!) after io_dispatch()
- * returns, so we have to set it beforce each call to it! */
- tv.tv_usec = 0;
- tv.tv_sec = 1;
- /* Wait for activity ... */
- i = io_dispatch(&tv);
- if (i == -1 && errno != EINTR) {
- Log(LOG_EMERG, "Conn_Handler(): io_dispatch(): %s!",
- strerror(errno));
- Log(LOG_ALERT, "%s exiting due to fatal errors!",
- PACKAGE_NAME);
- exit(1);
- }
- }
- if (NGIRCd_SignalQuit)
- Log(LOG_NOTICE | LOG_snotice, "Server going down NOW!");
- else if (NGIRCd_SignalRestart)
- Log(LOG_NOTICE | LOG_snotice, "Server restarting NOW!");
- } /* Conn_Handler */
- /**
- * Write a text string into the socket of a connection.
- *
- * This function automatically appends CR+LF to the string and validates that
- * the result is a valid IRC message (oversized messages are shortened, for
- * example). Then it calls the Conn_Write() function to do the actual sending.
- *
- * @param Idx Index fo the connection.
- * @param Format Format string, see printf().
- * @returns true on success, false otherwise.
- */
- #ifdef PROTOTYPES
- GLOBAL bool
- Conn_WriteStr(CONN_ID Idx, const char *Format, ...)
- #else
- GLOBAL bool
- Conn_WriteStr(Idx, Format, va_alist)
- CONN_ID Idx;
- const char *Format;
- va_dcl
- #endif
- {
- char buffer[COMMAND_LEN];
- size_t len;
- bool ok;
- va_list ap;
- assert( Idx > NONE );
- assert( Format != NULL );
- #ifdef PROTOTYPES
- va_start( ap, Format );
- #else
- va_start( ap );
- #endif
- if (vsnprintf( buffer, COMMAND_LEN - 2, Format, ap ) >= COMMAND_LEN - 2 ) {
- /*
- * The string that should be written to the socket is longer
- * than the allowed size of COMMAND_LEN bytes (including both
- * the CR and LF characters). This can be caused by the
- * IRC_WriteXXX() functions when the prefix of this server had
- * to be added to an already "quite long" command line which
- * has been received from a regular IRC client, for example.
- *
- * We are not allowed to send such "oversized" messages to
- * other servers and clients, see RFC 2812 2.3 and 2813 3.3
- * ("these messages SHALL NOT exceed 512 characters in length,
- * counting all characters including the trailing CR-LF").
- *
- * So we have a big problem here: we should send more bytes
- * to the network than we are allowed to and we don't know
- * the originator (any more). The "old" behaviour of blaming
- * the receiver ("next hop") is a bad idea (it could be just
- * an other server only routing the message!), so the only
- * option left is to shorten the string and to hope that the
- * result is still somewhat useful ...
- * -alex-
- */
- strcpy (buffer + sizeof(buffer) - strlen(CUT_TXTSUFFIX) - 2 - 1,
- CUT_TXTSUFFIX);
- }
- #ifdef SNIFFER
- if (NGIRCd_Sniffer)
- Log(LOG_DEBUG, " -> connection %d: '%s'.", Idx, buffer);
- #endif
- len = strlcat( buffer, "\r\n", sizeof( buffer ));
- ok = Conn_Write(Idx, buffer, len);
- My_Connections[Idx].msg_out++;
- va_end( ap );
- return ok;
- } /* Conn_WriteStr */
- /**
- * Append Data to the outbound write buffer of a connection.
- *
- * @param Idx Index of the connection.
- * @param Data pointer to the data.
- * @param Len length of Data.
- * @returns true on success, false otherwise.
- */
- static bool
- Conn_Write( CONN_ID Idx, char *Data, size_t Len )
- {
- CLIENT *c;
- size_t writebuf_limit = WRITEBUFFER_MAX_LEN;
- assert( Idx > NONE );
- assert( Data != NULL );
- assert( Len > 0 );
- /* Is the socket still open? A previous call to Conn_Write()
- * may have closed the connection due to a fatal error.
- * In this case it is sufficient to return an error, as well. */
- if (My_Connections[Idx].sock <= NONE) {
- LogDebug("Skipped write on closed socket (connection %d).", Idx);
- return false;
- }
- /* Make sure that there still exists a CLIENT structure associated
- * with this connection and check if this is a server or not: */
- c = Conn_GetClient(Idx);
- if (c) {
- /* Servers do get special write buffer limits, so they can
- * generate all the messages that are required while peering. */
- if (Client_Type(c) == CLIENT_SERVER)
- writebuf_limit = WRITEBUFFER_SLINK_LEN;
- } else
- LogDebug("Write on socket without client (connection %d)!?", Idx);
- #ifdef ZLIB
- if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
- /* Compressed link:
- * Zip_Buffer() does all the dirty work for us: it flushes
- * the (pre-)compression buffers if required and handles
- * all error conditions. */
- if (!Zip_Buffer(Idx, Data, Len))
- return false;
- }
- else
- #endif
- {
- /* Uncompressed link:
- * Check if outbound buffer has enough space for the data. */
- if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
- WRITEBUFFER_FLUSH_LEN) {
- /* Buffer is full, flush it. Handle_Write deals with
- * low-level errors, if any. */
- if (!Handle_Write(Idx))
- return false;
- }
- /* When the write buffer is still too big after flushing it,
- * the connection will be killed. */
- if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
- writebuf_limit) {
- Log(LOG_NOTICE,
- "Write buffer space exhausted (connection %d, limit is %lu bytes, %lu bytes new, %lu bytes pending)",
- Idx, writebuf_limit, Len,
- (unsigned long)array_bytes(&My_Connections[Idx].wbuf));
- Conn_Close(Idx, "Write buffer space exhausted", NULL, false);
- return false;
- }
- /* Copy data to write buffer */
- if (!array_catb(&My_Connections[Idx].wbuf, Data, Len))
- return false;
- My_Connections[Idx].bytes_out += Len;
- }
- /* Adjust global write counter */
- WCounter += Len;
- return true;
- } /* Conn_Write */
- /**
- * Shut down a connection.
- *
- * @param Idx Connection index.
- * @param LogMsg Message to write to the log or NULL. If no LogMsg
- * is given, the FwdMsg is logged.
- * @param FwdMsg Message to forward to remote servers.
- * @param InformClient If true, inform the client on the connection which is
- * to be shut down of the reason (FwdMsg) and send
- * connection statistics before disconnecting it.
- */
- GLOBAL void
- Conn_Close( CONN_ID Idx, const char *LogMsg, const char *FwdMsg, bool InformClient )
- {
- /* Close connection. Open pipes of asynchronous resolver
- * sub-processes are closed down. */
- CLIENT *c;
- double in_k, out_k;
- UINT16 port;
- #ifdef ZLIB
- double in_z_k, out_z_k;
- int in_p, out_p;
- #endif
- assert( Idx > NONE );
- /* Is this link already shutting down? */
- if( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ISCLOSING )) {
- /* Conn_Close() has been called recursively for this link;
- * probabe reason: Handle_Write() failed -- see below. */
- LogDebug("Recursive request to close connection: %d", Idx );
- return;
- }
- assert( My_Connections[Idx].sock > NONE );
- /* Mark link as "closing" */
- Conn_OPTION_ADD( &My_Connections[Idx], CONN_ISCLOSING );
- port = ng_ipaddr_getport(&My_Connections[Idx].addr);
- Log(LOG_INFO, "Shutting down connection %d (%s) with %s:%d ...", Idx,
- LogMsg ? LogMsg : FwdMsg, My_Connections[Idx].host, port);
- /* Search client, if any */
- c = Conn_GetClient( Idx );
- /* Should the client be informed? */
- if (InformClient) {
- #ifndef STRICT_RFC
- /* Send statistics to client if registered as user: */
- if ((c != NULL) && (Client_Type(c) == CLIENT_USER)) {
- Conn_WriteStr( Idx,
- ":%s NOTICE %s :%sConnection statistics: client %.1f kb, server %.1f kb.",
- Client_ID(Client_ThisServer()), Client_ID(c),
- NOTICE_TXTPREFIX,
- (double)My_Connections[Idx].bytes_in / 1024,
- (double)My_Connections[Idx].bytes_out / 1024);
- }
- #endif
- /* Send ERROR to client (see RFC 2812, section 3.1.7) */
- if (FwdMsg)
- Conn_WriteStr(Idx, "ERROR :%s", FwdMsg);
- else
- Conn_WriteStr(Idx, "ERROR :Closing connection");
- }
- /* Try to write out the write buffer. Note: Handle_Write() eventually
- * removes the CLIENT structure associated with this connection if an
- * error occurs! So we have to re-check if there is still an valid
- * CLIENT structure after calling Handle_Write() ...*/
- (void)Handle_Write( Idx );
- /* Search client, if any (re-check!) */
- c = Conn_GetClient( Idx );
- #ifdef SSL_SUPPORT
- if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
- Log(LOG_INFO, "SSL connection %d shutting down ...", Idx);
- ConnSSL_Free(&My_Connections[Idx]);
- }
- #endif
- /* Shut down socket */
- if (! io_close(My_Connections[Idx].sock)) {
- /* Oops, we can't close the socket!? This is ... ugly! */
- Log(LOG_CRIT,
- "Error closing connection %d (socket %d) with %s:%d - %s! (ignored)",
- Idx, My_Connections[Idx].sock, My_Connections[Idx].host,
- port, strerror(errno));
- }
- /* Mark socket as invalid: */
- My_Connections[Idx].sock = NONE;
- /* If there is still a client, unregister it now */
- if (c)
- Client_Destroy(c, LogMsg, FwdMsg, true);
- /* Calculate statistics and log information */
- in_k = (double)My_Connections[Idx].bytes_in / 1024;
- out_k = (double)My_Connections[Idx].bytes_out / 1024;
- #ifdef ZLIB
- if (Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP)) {
- in_z_k = (double)My_Connections[Idx].zip.bytes_in / 1024;
- out_z_k = (double)My_Connections[Idx].zip.bytes_out / 1024;
- /* Make sure that no division by zero can occur during
- * the calculation of in_p and out_p: in_z_k and out_z_k
- * are non-zero, that's guaranteed by the protocol until
- * compression can be enabled. */
- if (! in_z_k)
- in_z_k = in_k;
- if (! out_z_k)
- out_z_k = out_k;
- in_p = (int)(( in_k * 100 ) / in_z_k );
- out_p = (int)(( out_k * 100 ) / out_z_k );
- Log(LOG_INFO,
- "Connection %d with %s:%d closed (in: %.1fk/%.1fk/%d%%, out: %.1fk/%.1fk/%d%%).",
- Idx, My_Connections[Idx].host, port,
- in_k, in_z_k, in_p, out_k, out_z_k, out_p);
- }
- else
- #endif
- {
- Log(LOG_INFO,
- "Connection %d with %s:%d closed (in: %.1fk, out: %.1fk).",
- Idx, My_Connections[Idx].host, port,
- in_k, out_k);
- }
- /* Servers: Modify time of next connect attempt? */
- Conf_UnsetServer( Idx );
- #ifdef ZLIB
- /* Clean up zlib, if link was compressed */
- if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
- inflateEnd( &My_Connections[Idx].zip.in );
- deflateEnd( &My_Connections[Idx].zip.out );
- array_free(&My_Connections[Idx].zip.rbuf);
- array_free(&My_Connections[Idx].zip.wbuf);
- }
- #endif
- array_free(&My_Connections[Idx].rbuf);
- array_free(&My_Connections[Idx].wbuf);
- /* Clean up connection structure (=free it) */
- Init_Conn_Struct( Idx );
- assert(NumConnections > 0);
- if (NumConnections)
- NumConnections--;
- LogDebug("Shutdown of connection %d completed, %ld connection%s left.",
- Idx, NumConnections, NumConnections != 1 ? "s" : "");
- } /* Conn_Close */
- /**
- * Get current number of connections.
- *
- * @returns Number of current connections.
- */
- GLOBAL long
- Conn_Count(void)
- {
- return NumConnections;
- } /* Conn_Count */
- /**
- * Get number of maximum simultaneous connections.
- *
- * @returns Number of maximum simultaneous connections.
- */
- GLOBAL long
- Conn_CountMax(void)
- {
- return NumConnectionsMax;
- } /* Conn_CountMax */
- /**
- * Get number of connections accepted since the daemon startet.
- *
- * @returns Number of connections accepted.
- */
- GLOBAL long
- Conn_CountAccepted(void)
- {
- return NumConnectionsAccepted;
- } /* Conn_CountAccepted */
- /**
- * Synchronize established connections and configured server structures
- * after a configuration update and store the correct connection IDs, if any.
- */
- GLOBAL void
- Conn_SyncServerStruct(void)
- {
- CLIENT *client;
- CONN_ID i;
- int c;
- for (i = 0; i < Pool_Size; i++) {
- if (My_Connections[i].sock == NONE)
- continue;
- /* Server link? */
- client = Conn_GetClient(i);
- if (!client || Client_Type(client) != CLIENT_SERVER)
- continue;
- for (c = 0; c < MAX_SERVERS; c++) {
- /* Configured server? */
- if (!Conf_Server[c].host[0])
- continue;
- if (strcasecmp(Conf_Server[c].name, Client_ID(client)) == 0)
- Conf_Server[c].conn_id = i;
- }
- }
- } /* SyncServerStruct */
- /**
- * Get IP address string of a connection.
- *
- * @param Idx Connection index.
- * @return Pointer to a global buffer containing the IP address as string.
- */
- GLOBAL const char *
- Conn_GetIPAInfo(CONN_ID Idx)
- {
- assert(Idx > NONE);
- return ng_ipaddr_tostr(&My_Connections[Idx].addr);
- }
- /**
- * Send out data of write buffer; connect new sockets.
- *
- * @param Idx Connection index.
- * @returns true on success, false otherwise.
- */
- static bool
- Handle_Write( CONN_ID Idx )
- {
- ssize_t len;
- size_t wdatalen;
- assert( Idx > NONE );
- if ( My_Connections[Idx].sock < 0 ) {
- LogDebug("Handle_Write() on closed socket, connection %d", Idx);
- return false;
- }
- assert( My_Connections[Idx].sock > NONE );
- wdatalen = array_bytes(&My_Connections[Idx].wbuf );
- #ifdef ZLIB
- if (wdatalen == 0) {
- /* Write buffer is empty, so we try to flush the compression
- * buffer and get some data to work with from there :-) */
- if (!Zip_Flush(Idx))
- return false;
- /* Now the write buffer most probably has changed: */
- wdatalen = array_bytes(&My_Connections[Idx].wbuf);
- }
- #endif
- if (wdatalen == 0) {
- /* Still no data, fine. */
- io_event_del(My_Connections[Idx].sock, IO_WANTWRITE );
- return true;
- }
- #ifdef DEBUG_BUFFER
- LogDebug
- ("Handle_Write() called for connection %d, %ld bytes pending ...",
- Idx, wdatalen);
- #endif
- #ifdef SSL_SUPPORT
- if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
- len = ConnSSL_Write(&My_Connections[Idx], array_start(&My_Connections[Idx].wbuf), wdatalen);
- } else
- #endif
- {
- len = write(My_Connections[Idx].sock,
- array_start(&My_Connections[Idx].wbuf), wdatalen );
- }
- if( len < 0 ) {
- if (errno == EAGAIN || errno == EINTR)
- return true;
- Log(LOG_ERR, "Write error on connection %d (socket %d): %s!",
- Idx, My_Connections[Idx].sock, strerror(errno));
- Conn_Close(Idx, "Write error!", NULL, false);
- return false;
- }
- /* move any data not yet written to beginning */
- array_moveleft(&My_Connections[Idx].wbuf, 1, (size_t)len);
- return true;
- } /* Handle_Write */
- /**
- * Count established connections to a specific IP address.
- *
- * @returns Number of established connections.
- */
- static int
- Count_Connections(ng_ipaddr_t *a)
- {
- int i, cnt;
- cnt = 0;
- for (i = 0; i < Pool_Size; i++) {
- if (My_Connections[i].sock <= NONE)
- continue;
- if (ng_ipaddr_ipequal(&My_Connections[i].addr, a))
- cnt++;
- }
- return cnt;
- } /* Count_Connections */
- /**
- * Initialize new client connection on a listening socket.
- *
- * @param Sock Listening socket descriptor.
- * @returns Accepted socket descriptor or -1 on error.
- */
- static int
- New_Connection(int Sock)
- {
- #ifdef TCPWRAP
- struct request_info req;
- #endif
- ng_ipaddr_t new_addr;
- char ip_str[NG_INET_ADDRSTRLEN];
- int new_sock, new_sock_len, identsock;
- CLIENT *c;
- long cnt;
- assert(Sock > NONE);
- LogDebug("Accepting new connection on socket %d ...", Sock);
- new_sock_len = (int)sizeof(new_addr);
- new_sock = accept(Sock, (struct sockaddr *)&new_addr,
- (socklen_t *)&new_sock_len);
- if (new_sock < 0) {
- Log(LOG_CRIT, "Can't accept connection: %s!", strerror(errno));
- return -1;
- }
- NumConnectionsAccepted++;
- if (!ng_ipaddr_tostr_r(&new_addr, ip_str)) {
- Log(LOG_CRIT, "fd %d: Can't convert IP address!", new_sock);
- Simple_Message(new_sock, "ERROR :Internal Server Error");
- close(new_sock);
- return -1;
- }
- #ifdef TCPWRAP
- /* Validate socket using TCP Wrappers */
- request_init(&req, RQ_DAEMON, PACKAGE_NAME, RQ_FILE, new_sock,
- RQ_CLIENT_SIN, &new_addr, NULL);
- fromhost(&req);
- if (!hosts_access(&req)) {
- Log(deny_severity,
- "Refused connection from %s (by TCP Wrappers)!", ip_str);
- Simple_Message(new_sock, "ERROR :Connection refused");
- close(new_sock);
- return -1;
- }
- #endif
- if (!Init_Socket(new_sock))
- return -1;
- /* Check global connection limit */
- if ((Conf_MaxConnections > 0) &&
- (NumConnections >= (size_t) Conf_MaxConnections)) {
- Log(LOG_ALERT, "Can't accept connection: limit (%d) reached!",
- Conf_MaxConnections);
- Simple_Message(new_sock, "ERROR :Connection limit reached");
- close(new_sock);
- return -1;
- }
- /* Check IP-based connection limit */
- cnt = Count_Connections(&new_addr);
- if ((Conf_MaxConnectionsIP > 0) && (cnt >= Conf_MaxConnectionsIP)) {
- /* Access denied, too many connections from this IP address! */
- Log(LOG_ERR,
- "Refused connection from %s: too may connections (%ld) from this IP address!",
- ip_str, cnt);
- Simple_Message(new_sock,
- "ERROR :Connection refused, too many connections from your IP address");
- close(new_sock);
- return -1;
- }
- if (new_sock >= Pool_Size) {
- if (!array_alloc(&My_ConnArray, sizeof(CONNECTION),
- (size_t) new_sock)) {
- Log(LOG_EMERG,
- "Can't allocate memory! [New_Connection]");
- Simple_Message(new_sock, "ERROR: Internal error");
- close(new_sock);
- return -1;
- }
- LogDebug("Bumped connection pool to %ld items (internal: %ld items, %ld bytes)",
- new_sock, array_length(&My_ConnArray,
- sizeof(CONNECTION)), array_bytes(&My_ConnArray));
- /* Adjust pointer to new block */
- My_Connections = array_start(&My_ConnArray);
- while (Pool_Size <= new_sock)
- Init_Conn_Struct(Pool_Size++);
- }
- /* register callback */
- if (!io_event_create(new_sock, IO_WANTREAD, cb_clientserver)) {
- Log(LOG_ALERT,
- "Can't accept connection: io_event_create failed!");
- Simple_Message(new_sock, "ERROR :Internal error");
- close(new_sock);
- return -1;
- }
- c = Client_NewLocal(new_sock, NULL, CLIENT_UNKNOWN, false);
- if (!c) {
- Log(LOG_ALERT,
- "Can't accept connection: can't create client structure!");
- Simple_Message(new_sock, "ERROR :Internal error");
- io_close(new_sock);
- return -1;
- }
- Init_Conn_Struct(new_sock);
- My_Connections[new_sock].sock = new_sock;
- My_Connections[new_sock].addr = new_addr;
- My_Connections[new_sock].client = c;
- /* Set initial hostname to IP address. This becomes overwritten when
- * the DNS lookup is enabled and succeeds, but is used otherwise. */
- if (ng_ipaddr_af(&new_addr) != AF_INET)
- snprintf(My_Connections[new_sock].host,
- sizeof(My_Connections[new_sock].host), "[%s]", ip_str);
- else
- strlcpy(My_Connections[new_sock].host, ip_str,
- sizeof(My_Connections[new_sock].host));
- Client_SetHostname(c, My_Connections[new_sock].host);
- Log(LOG_INFO, "Accepted connection %d from %s:%d on socket %d.",
- new_sock, My_Connections[new_sock].host,
- ng_ipaddr_getport(&new_addr), Sock);
- identsock = new_sock;
- #ifdef IDENTAUTH
- if (!Conf_Ident)
- identsock = -1;
- #endif
- if (Conf_DNS) {
- if (Conf_NoticeAuth) {
- #ifdef IDENTAUTH
- if (Conf_Ident)
- (void)Conn_WriteStr(new_sock,
- "NOTICE AUTH :*** Looking up your hostname and checking ident");
- else
- #endif
- (void)Conn_WriteStr(new_sock,
- "NOTICE AUTH :*** Looking up your hostname");
- }
- Resolve_Addr(&My_Connections[new_sock].proc_stat, &new_addr,
- identsock, cb_Read_Resolver_Result);
- }
- Account_Connection();
- return new_sock;
- } /* New_Connection */
- /**
- * Update global connection counters.
- */
- static void
- Account_Connection(void)
- {
- NumConnections++;
- if (NumConnections > NumConnectionsMax)
- NumConnectionsMax = NumConnections;
- LogDebug("Total number of connections now %lu (max %lu).",
- NumConnections, NumConnectionsMax);
- } /* Account_Connection */
- /**
- * Translate socket handle into connection index.
- *
- * @param Sock Socket handle.
- * @returns Connecion index or NONE, if no connection could be found.
- */
- static CONN_ID
- Socket2Index( int Sock )
- {
- assert( Sock >= 0 );
- if( Sock >= Pool_Size || My_Connections[Sock].sock != Sock ) {
- /* the Connection was already closed again, likely due to
- * an error. */
- LogDebug("Socket2Index: can't get connection for socket %d!", Sock);
- return NONE;
- }
- return Sock;
- } /* Socket2Index */
- /**
- * Read data from the network to the read buffer. If an error occures,
- * the socket of this connection will be shut down.
- *
- * @param Idx Connection index.
- */
- static void
- Read_Request( CONN_ID Idx )
- {
- ssize_t len;
- static const unsigned int maxbps = COMMAND_LEN / 2;
- char readbuf[READBUFFER_LEN];
- time_t t;
- CLIENT *c;
- assert( Idx > NONE );
- assert( My_Connections[Idx].sock > NONE );
- #ifdef ZLIB
- if ((array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN) ||
- (array_bytes(&My_Connections[Idx].zip.rbuf) >= READBUFFER_LEN))
- #else
- if (array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN)
- #endif
- {
- /* Read buffer is full */
- Log(LOG_ERR,
- "Receive buffer space exhausted (connection %d): %d bytes",
- Idx, array_bytes(&My_Connections[Idx].rbuf));
- Conn_Close(Idx, "Receive buffer space exhausted", NULL, false);
- return;
- }
- #ifdef SSL_SUPPORT
- if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL))
- len = ConnSSL_Read( &My_Connections[Idx], readbuf, sizeof(readbuf));
- else
- #endif
- len = read(My_Connections[Idx].sock, readbuf, sizeof(readbuf));
- if (len == 0) {
- Log(LOG_INFO, "%s:%u (%s) is closing the connection ...",
- My_Connections[Idx].host,
- (unsigned int) ng_ipaddr_getport(&My_Connections[Idx].addr),
- ng_ipaddr_tostr(&My_Connections[Idx].addr));
- Conn_Close(Idx,
- "Socket closed!", "Client closed connection",
- false);
- return;
- }
- if (len < 0) {
- if( errno == EAGAIN ) return;
- Log(LOG_ERR, "Read error on connection %d (socket %d): %s!",
- Idx, My_Connections[Idx].sock, strerror(errno));
- Conn_Close(Idx, "Read error!", "Client closed connection",
- false);
- return;
- }
- #ifdef ZLIB
- if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
- if (!array_catb(&My_Connections[Idx].zip.rbuf, readbuf,
- (size_t) len)) {
- Log(LOG_ERR,
- "Could not append received data to zip input buffer (connection %d): %d bytes!",
- Idx, len);
- Conn_Close(Idx, "Receive buffer space exhausted", NULL,
- false);
- return;
- }
- } else
- #endif
- {
- if (!array_catb( &My_Connections[Idx].rbuf, readbuf, len)) {
- Log(LOG_ERR,
- "Could not append received data to input buffer (connection %d): %d bytes!",
- Idx, len);
- Conn_Close(Idx, "Receive buffer space exhausted", NULL, false );
- }
- }
- /* Update connection statistics */
- My_Connections[Idx].bytes_in += len;
- My_Connections[Idx].bps += Handle_Buffer(Idx);
- /* Make sure that there is still a valid client registered */
- c = Conn_GetClient(Idx);
- if (!c)
- return;
- /* Update timestamp of last data received if this connection is
- * registered as a user, server or service connection. Don't update
- * otherwise, so users have at least Conf_PongTimeout seconds time to
- * register with the IRC server -- see Check_Connections().
- * Update "lastping", too, if time shifted backwards ... */
- if (Client_Type(c) == CLIENT_USER
- || Client_Type(c) == CLIENT_SERVER
- || Client_Type(c) == CLIENT_SERVICE) {
- t = time(NULL);
- if (My_Connections[Idx].lastdata != t)
- My_Connections[Idx].bps = 0;
- My_Connections[Idx].lastdata = t;
- if (My_Connections[Idx].lastping > t)
- My_Connections[Idx].lastping = t;
- }
- /* Look at the data in the (read-) buffer of this connection */
- if (Client_Type(c) != CLIENT_SERVER
- && Client_Type(c) != CLIENT_UNKNOWNSERVER
- && Client_Type(c) != CLIENT_SERVICE
- && My_Connections[Idx].bps >= maxbps) {
- LogDebug("Throttling connection %d: BPS exceeded! (%u >= %u)",
- Idx, My_Connections[Idx].bps, maxbps);
- Conn_SetPenalty(Idx, 1);
- }
- } /* Read_Request */
- /**
- * Handle all data in the connection read-buffer.
- *
- * Data is processed until no complete command is left in the read buffer,
- * or MAX_COMMANDS[_SERVER|_SERVICE] commands were processed.
- * When a fatal error occurs, the connection is shut down.
- *
- * @param Idx Index of the connection.
- * @returns Number of bytes processed.
- */
- static unsigned int
- Handle_Buffer(CONN_ID Idx)
- {
- #ifndef STRICT_RFC
- char *ptr1, *ptr2, *first_eol;
- #endif
- char *ptr;
- size_t len, delta;
- time_t starttime;
- #ifdef ZLIB
- bool old_z;
- #endif
- unsigned int i, maxcmd = MAX_COMMANDS, len_processed = 0;
- CLIENT *c;
- c = Conn_GetClient(Idx);
- starttime = time(NULL);
- assert(c != NULL);
- /* Servers get special command limits that depend on the user count */
- switch (Client_Type(c)) {
- case CLIENT_SERVER:
- maxcmd = (int)(Client_UserCount() / 5)
- + MAX_COMMANDS_SERVER_MIN;
- /* Allow servers to handle even more commands while peering
- * to speed up server login and network synchronisation. */
- if (Conn_LastPing(Idx) == 0)
- maxcmd *= 5;
- break;
- case CLIENT_SERVICE:
- maxcmd = MAX_COMMANDS_SERVICE; break;
- }
- for (i=0; i < maxcmd; i++) {
- /* Check penalty */
- if (My_Connections[Idx].delaytime > starttime)
- return 0;
- #ifdef ZLIB
- /* Unpack compressed data, if compression is in use */
- if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
- /* When unzipping fails, Unzip_Buffer() shuts
- * down the connection itself */
- if (!Unzip_Buffer(Idx))
- return 0;
- }
- #endif
- if (0 == array_bytes(&My_Connections[Idx].rbuf))
- break;
- /* Make sure that the buffer is NULL terminated */
- if (!array_cat0_temporary(&My_Connections[Idx].rbuf)) {
- Conn_Close(Idx, NULL,
- "Can't allocate memory [Handle_Buffer]",
- true);
- return 0;
- }
- /* RFC 2812, section "2.3 Messages", 5th paragraph:
- * "IRC messages are always lines of characters terminated
- * with a CR-LF (Carriage Return - Line Feed) pair [...]". */
- delta = 2;
- ptr = strstr(array_start(&My_Connections[Idx].rbuf), "\r\n");
- #ifndef STRICT_RFC
- /* Check for non-RFC-compliant request (only CR or LF)?
- * Unfortunately, there are quite a few clients out there
- * that do this -- e. g. mIRC, BitchX, and Trillian :-( */
- ptr1 = strchr(array_start(&My_Connections[Idx].rbuf), '\r');
- ptr2 = strchr(array_start(&My_Connections[Idx].rbuf), '\n');
- if (ptr) {
- /* Check if there is a single CR or LF _before_ the
- * corerct CR+LF line terminator: */
- first_eol = ptr1 < ptr2 ? ptr1 : ptr2;
- if (first_eol < ptr) {
- /* Single CR or LF before CR+LF found */
- ptr = first_eol;
- delta = 1;
- }
- } else if (ptr1 || ptr2) {
- /* No CR+LF terminated command found, but single
- * CR or LF found ... */
- if (ptr1 && ptr2)
- ptr = ptr1 < ptr2 ? ptr1 : ptr2;
- else
- ptr = ptr1 ? ptr1 : ptr2;
- delta = 1;
- }
- #endif
- if (!ptr)
- break;
- /* Complete (=line terminated) request found, handle it! */
- *ptr = '\0';
- len = ptr - (char *)array_start(&My_Connections[Idx].rbuf) + delta;
- if (len > (COMMAND_LEN - 1)) {
- /* Request must not exceed 512 chars (incl. CR+LF!),
- * see RFC 2812. Disconnect Client if this happens. */
- Log(LOG_ERR,
- "Request too long (connection %d): %d bytes (max. %d expected)!",
- Idx, array_bytes(&My_Connections[Idx].rbuf),
- COMMAND_LEN - 1);
- Conn_Close(Idx, NULL, "Request too long", true);
- return 0;
- }
- len_processed += (unsigned int)len;
- if (len <= delta) {
- /* Request is empty (only '\r\n', '\r' or '\n');
- * delta is 2 ('\r\n') or 1 ('\r' or '\n'), see above */
- array_moveleft(&My_Connections[Idx].rbuf, 1, len);
- continue;
- }
- #ifdef ZLIB
- /* remember if stream is already compressed */
- old_z = My_Connections[Idx].options & CONN_ZIP;
- #endif
- My_Connections[Idx].msg_in++;
- if (!Parse_Request
- (Idx, (char *)array_start(&My_Connections[Idx].rbuf)))
- return 0; /* error -> connection has been closed */
- array_moveleft(&My_Connections[Idx].rbuf, 1, len);
- #ifdef DEBUG_BUFFER
- LogDebug("Connection %d: %d bytes left in read buffer.",
- Idx, array_bytes(&My_Connections[Idx].rbuf));
- #endif
- #ifdef ZLIB
- if ((!old_z) && (My_Connections[Idx].options & CONN_ZIP) &&
- (array_bytes(&My_Connections[Idx].rbuf) > 0)) {
- /* The last command activated socket compression.
- * Data that was read after that needs to be copied
- * to the unzip buffer for decompression: */
- if (!array_copy
- (&My_Connections[Idx].zip.rbuf,
- &My_Connections[Idx].rbuf)) {
- Conn_Close(Idx, NULL,
- "Can't allocate memory [Handle_Buffer]",
- true);
- return 0;
- }
- array_trunc(&My_Connections[Idx].rbuf);
- LogDebug
- ("Moved already received data (%u bytes) to uncompression buffer.",
- array_bytes(&My_Connections[Idx].zip.rbuf));
- }
- #endif
- }
- return len_processed;
- } /* Handle_Buffer */
- /**
- * Check whether established connections are still alive or not.
- * If not, play PING-PONG first; and if that doesn't help either,
- * disconnect the respective peer.
- */
- static void
- Check_Connections(void)
- {
- CLIENT *c;
- CONN_ID i;
- char msg[64];
- for (i = 0; i < Pool_Size; i++) {
- if (My_Connections[i].sock < 0)
- continue;
- c = Conn_GetClient(i);
- if (c && ((Client_Type(c) == CLIENT_USER)
- || (Client_Type(c) == CLIENT_SERVER)
- || (Client_Type(c) == CLIENT_SERVICE))) {
- /* connected User, Server or Service */
- if (My_Connections[i].lastping >
- My_Connections[i].lastdata) {
- /* We already sent a ping */
- if (My_Connections[i].lastping <
- time(NULL) - Conf_PongTimeout) {
- /* Timeout */
- LogDebug
- ("Connection %d: Ping timeout: %d seconds.",
- i, Conf_PongTimeout);
- snprintf(msg, sizeof(msg), "Ping timeout: %d seconds", Conf_PongTimeout);
- Conn_Close(i, NULL, msg, true);
- }
- } else if (My_Connections[i].lastdata <
- time(NULL) - Conf_PingTimeout) {
- /* We need to send a PING ... */
- LogDebug("Connection %d: sending PING ...", i);
- Conn_UpdatePing(i);
- Conn_WriteStr(i, "PING :%s",
- Client_ID(Client_ThisServer()));
- }
- } else {
- /* The connection is not fully established yet, so
- * we don't do the PING-PONG game here but instead
- * disconnect the client after "a short time" if it's
- * still not registered. */
- if (My_Connections[i].lastdata <
- time(NULL) - Conf_PongTimeout) {
- LogDebug
- ("Unregistered connection %d timed out ...",
- i);
- Conn_Close(i, NULL, "Timeout", false);
- }
- }
- }
- } /* Check_Connections */
- /**
- * Check if further server links should be established.
- */
- static void
- Check_Servers(void)
- {
- int i, n;
- time_t time_now;
- time_now = time(NULL);
- /* Check all configured servers */
- for (i = 0; i < MAX_SERVERS; i++) {
- if (Conf_Server[i].conn_id != NONE)
- continue; /* Already establishing or connected */
- if (!Conf_Server[i].host[0] || !Conf_Server[i].port > 0)
- continue; /* No host and/or port configured */
- if (Conf_Server[i].flags & CONF_SFLAG_DISABLED)
- continue; /* Disabled configuration entry */
- if (Conf_Server[i].lasttry > (time_now - Conf_ConnectRetry))
- continue; /* We have to wait a little bit ... */
- /* Is there already a connection in this group? */
- if (Conf_Server[i].group > NONE) {
- for (n = 0; n < MAX_SERVERS; n++) {
- if (n == i)
- continue;
- if ((Conf_Server[n].conn_id != NONE) &&
- (Conf_Server[n].group == Conf_Server[i].group))
- break;
- }
- if (n < MAX_SERVERS)
- continue;
- }
- /* Okay, try to connect now */
- Log(LOG_NOTICE,
- "Preparing to establish a new server link for \"%s\" ...",
- Conf_Server[i].name);
- Conf_Server[i].lasttry = time_now;
- Conf_Server[i].conn_id = SERVER_WAIT;
- assert(Proc_GetPipeFd(&Conf_Server[i].res_stat) < 0);
- Resolve_Name(&Conf_Server[i].res_stat, Conf_Server[i].host,
- cb_Connect_to_Server);
- }
- } /* Check_Servers */
- /**
- * Establish a new outgoing server connection.
- *
- * @param Server Configuration index of the server.
- * @param dest Destination IP address to connect to.
- */
- static void
- New_Server( int Server , ng_ipaddr_t *dest)
- {
- /* Establish new server link */
- char ip_str[NG_INET_ADDRSTRLEN];
- int af_dest, res, new_sock;
- CLIENT *c;
- assert( Server > NONE );
- /* Make sure that the remote server hasn't re-linked to this server
- * asynchronously on its own */
- if (Conf_Server[Server].conn_id > NONE) {
- Log(LOG_INFO,
- "Connection to \"%s\" meanwhile re-established, aborting preparation.");
- return;
- }
- if (!ng_ipaddr_tostr_r(dest, ip_str)) {
- Log(LOG_WARNING, "New_Server: Could not convert IP to string");
- return;
- }
- af_dest = ng_ipaddr_af(dest);
- new_sock = socket(af_dest, SOCK_STREAM, 0);
- Log(LOG_INFO,
- "Establishing connection for \"%s\" to \"%s:%d\" (%s), socket %d ...",
- Conf_Server[Server].name, Conf_Server[Server].host,
- Conf_Server[Server].port, ip_str, new_sock);
- if (new_sock < 0) {
- Log(LOG_CRIT, "Can't create socket (af %d): %s!",
- af_dest, strerror(errno));
- return;
- }
- if (!Init_Socket(new_sock))
- return;
- /* is a bind address configured? */
- res = ng_ipaddr_af(&Conf_Server[Server].bind_addr);
- /* if yes, bind now. If it fails, warn and let connect() pick a source address */
- if (res && bind(new_sock, (struct sockaddr *) &Conf_Server[Server].bind_addr,
- ng_ipaddr_salen(&Conf_Server[Server].bind_addr)))
- {
- ng_ipaddr_tostr_r(&Conf_Server[Server].bind_addr, ip_str);
- Log(LOG_WARNING, "Can't bind socket to %s: %s!", ip_str, strerror(errno));
- }
- ng_ipaddr_setport(dest, Conf_Server[Server].port);
- res = connect(new_sock, (struct sockaddr *) dest, ng_ipaddr_salen(dest));
- if(( res != 0 ) && ( errno != EINPROGRESS )) {
- Log( LOG_CRIT, "Can't connect socket: %s!", strerror( errno ));
- close( new_sock );
- return;
- }
- if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)new_sock)) {
- Log(LOG_ALERT,
- "Cannot allocate memory for server connection (socket %d)",
- new_sock);
- close( new_sock );
- return;
- }
- if (!io_event_create( new_sock, IO_WANTWRITE, cb_connserver)) {
- Log(LOG_ALERT, "io_event_create(): could not add fd %d", strerror(errno));
- close(new_sock);
- return;
- }
- My_Connections = array_start(&My_ConnArray);
- assert(My_Connections[new_sock].sock <= 0);
- Init_Conn_Struct(new_sock);
- ng_ipaddr_tostr_r(dest, ip_str);
- c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWNSERVER, false);
- if (!c) {
- Log( LOG_ALERT, "Can't establish connection: can't create client structure!" );
- io_close(new_sock);
- return;
- }
- /* Conn_Close() decrements this counter again */
- Account_Connection();
- Client_SetIntroducer( c, c );
- Client_SetToken( c, TOKEN_OUTBOUND );
- /* Register connection */
- Conf_SetServer(Server, new_sock);
- My_Connections[new_sock].sock = new_sock;
- My_Connections[new_sock].addr = *dest;
- My_Connections[new_sock].client = c;
- strlcpy( My_Connections[new_sock].host, Conf_Server[Server].host,
- sizeof(My_Connections[new_sock].host ));
- #ifdef SSL_SUPPORT
- if (Conf_Server[Server].SSLConnect && !ConnSSL_PrepareConnect( &My_Connections[new_sock],
- &Conf_Server[Server] ))
- {
- Log(LOG_ALERT, "Could not initialize SSL for outgoing connection");
- Conn_Close( new_sock, "Could not initialize SSL for outgoing connection", NULL, false );
- Init_Conn_Struct( new_sock );
- Conf_Server[Server].conn_id = NONE;
- return;
- }
- #endif
- LogDebug("Registered new connection %d on socket %d (%ld in total).",
- new_sock, My_Connections[new_sock].sock, NumConnections);
- Conn_OPTION_ADD( &My_Connections[new_sock], CONN_ISCONNECTING );
- } /* New_Server */
- /**
- * Initialize connection structure.
- *
- * @param Idx Connection index.
- */
- static void
- Init_Conn_Struct(CONN_ID Idx)
- {
- time_t now = time(NULL);
- memset(&My_Connections[Idx], 0, sizeof(CONNECTION));
- My_Connections[Idx].sock = -1;
- My_Connections[Idx].signon = now;
- My_Connections[Idx].lastdata = now;
- My_Connections[Idx].lastprivmsg = now;
- Proc_InitStruct(&My_Connections[Idx].proc_stat);
- } /* Init_Conn_Struct */
- /**
- * Initialize options of a new socket.
- *
- * For example, we try to set socket options SO_REUSEADDR and IPTOS_LOWDELAY.
- * The socket is automatically closed if a fatal error is encountered.
- *
- * @param Sock Socket handle.
- * @returns false if socket was closed due to fatal error.
- */
- static bool
- Init_Socket( int Sock )
- {
- int value;
- if (!io_setnonblock(Sock)) {
- Log( LOG_CRIT, "Can't enable non-blocking mode for socket: %s!", strerror( errno ));
- close( Sock );
- return false;
- }
- /* Don't block this port after socket shutdown */
- value = 1;
- if( setsockopt( Sock, SOL_SOCKET, SO_REUSEADDR, &value, (socklen_t)sizeof( value )) != 0 )
- {
- Log( LOG_ERR, "Can't set socket option SO_REUSEADDR: %s!", strerror( errno ));
- /* ignore this error */
- }
- /* Set type of service (TOS) */
- #if defined(IPPROTO_IP) && defined(IPTOS_LOWDELAY)
- value = IPTOS_LOWDELAY;
- if (setsockopt(Sock, IPPROTO_IP, IP_TOS, &value,
- (socklen_t) sizeof(value))) {
- LogDebug("Can't set socket option IP_TOS: %s!",
- strerror(errno));
- /* ignore this error */
- } else
- LogDebug("IP_TOS on socket %d has been set to IPTOS_LOWDELAY.",
- Sock);
- #endif
- return true;
- } /* Init_Socket */
- /**
- * Read results of a resolver sub-process and try to initiate a new server
- * connection.
- *
- * @param fd File descriptor of the pipe to the sub-process.
- * @param events (ignored IO specification)
- */
- static void
- cb_Connect_to_Server(int fd, UNUSED short events)
- {
- /* Read result of resolver sub-process from pipe and start connection */
- int i;
- size_t len;
- ng_ipaddr_t dest_addrs[4]; /* we can handle at most 3; but we read up to
- four so we can log the 'more than we can handle'
- condition. First result is tried immediately, rest
- is saved for later if needed. */
- LogDebug("Resolver: Got forward lookup callback on fd %d, events %d", fd, events);
- for (i=0; i < MAX_SERVERS; i++) {
- if (Proc_GetPipeFd(&Conf_Server[i].res_stat) == fd )
- break;
- }
- if( i >= MAX_SERVERS) {
- /* Ops, no matching server found?! */
- io_close( fd );
- LogDebug("Resolver: Got Forward Lookup callback for unknown server!?");
- return;
- }
- /* Read result from pipe */
- len = Proc_Read(&Conf_Server[i].res_stat, dest_addrs, sizeof(dest_addrs));
- Proc_Close(&Conf_Server[i].res_stat);
- if (len == 0) {
- /* Error resolving hostname: reset server structure */
- Conf_Server[i].conn_id = NONE;
- return;
- }
- assert((len % sizeof(ng_ipaddr_t)) == 0);
- LogDebug("Got result from resolver: %u structs (%u bytes).", len/sizeof(ng_ipaddr_t), len);
- memset(&Conf_Server[i].dst_addr, 0, sizeof(Conf_Server[i].dst_addr));
- if (len > sizeof(ng_ipaddr_t)) {
- /* more than one address for this hostname, remember them
- * in case first address is unreachable/not available */
- len -= sizeof(ng_ipaddr_t);
- if (len > sizeof(Conf_Server[i].dst_addr)) {
- len = sizeof(Conf_Server[i].dst_addr);
- Log(LOG_NOTICE,
- "Notice: Resolver returned more IP Addresses for host than we can handle, additional addresses dropped.");
- }
- memcpy(&Conf_Server[i].dst_addr, &dest_addrs[1], len);
- }
- /* connect() */
- New_Server(i, dest_addrs);
- } /* cb_Read_Forward_Lookup */
- /**
- * Read results of a resolver sub-process from the pipe and update the
- * apropriate connection/client structure(s): hostname and/or IDENT user name.
- *
- * @param r_fd File descriptor of the pipe to the sub-process.
- * @param events (ignored IO specification)
- */
- static void
- cb_Read_Resolver_Result( int r_fd, UNUSED short events )
- {
- CLIENT *c;
- CONN_ID i;
- size_t len;
- char *identptr;
- #ifdef IDENTAUTH
- char readbuf[HOST_LEN + 2 + CLIENT_USER_LEN];
- char *ptr;
- #else
- char readbuf[HOST_LEN + 1];
- #endif
- LogDebug("Resolver: Got callback on fd %d, events %d", r_fd, events );
- i = Conn_GetFromProc(r_fd);
- if (i == NONE) {
- /* Ops, none found? Probably the connection has already
- * been closed!? We'll ignore that ... */
- io_close( r_fd );
- LogDebug("Resolver: Got callback for unknown connection!?");
- return;
- }
- /* Read result from pipe */
- len = Proc_Read(&My_Connections[i].proc_stat, readbuf, sizeof readbuf -1);
- Proc_Close(&My_Connections[i].proc_stat);
- if (len == 0)
- return;
- readbuf[len] = '\0';
- identptr = strchr(readbuf, '\n');
- assert(identptr != NULL);
- if (!identptr) {
- Log( LOG_CRIT, "Resolver: Got malformed result!");
- return;
- }
- *identptr = '\0';
- LogDebug("Got result from resolver: \"%s\" (%u bytes read).", readbuf, len);
- /* Okay, we got a complete result: this is a host name for outgoing
- * connections and a host name and IDENT user name (if enabled) for
- * incoming connections.*/
- assert ( My_Connections[i].sock >= 0 );
- /* Incoming connection. Search client ... */
- c = Conn_GetClient( i );
- assert( c != NULL );
- /* Only update client information of unregistered clients.
- * Note: user commands (e. g. WEBIRC) are always read _after_ reading
- * the resolver results, so we don't have to worry to override settings
- * from these commands here. */
- if(Client_Type(c) == CLIENT_UNKNOWN) {
- strlcpy(My_Connections[i].host, readbuf,
- sizeof(My_Connections[i].host));
- Client_SetHostname(c, readbuf);
- if (Conf_NoticeAuth)
- (void)Conn_WriteStr(i,
- "NOTICE AUTH :*** Found your hostname");
- #ifdef IDENTAUTH
- ++identptr;
- if (*identptr) {
- ptr = identptr;
- while (*ptr) {
- if ((*ptr < '0' || *ptr > '9') &&
- (*ptr < 'A' || *ptr > 'Z') &&
- (*ptr < 'a' || *ptr > 'z'))
- break;
- ptr++;
- }
- if (*ptr) {
- /* Erroneous IDENT reply */
- Log(LOG_NOTICE,
- "Got invalid IDENT reply for connection %d! Ignored.",
- i);
- } else {
- Log(LOG_INFO,
- "IDENT lookup for connection %d: \"%s\".",
- i, identptr);
- Client_SetUser(c, identptr, true);
- }
- if (Conf_NoticeAuth) {
- (void)Conn_WriteStr(i,
- "NOTICE AUTH :*** Got %sident response",
- *ptr ? "invalid " : "");
- }
- } else {
- Log(LOG_INFO, "IDENT lookup for connection %d: no result.", i);
- if (Conf_NoticeAuth && Conf_Ident)
- (void)Conn_WriteStr(i,
- "NOTICE AUTH :*** No ident response");
- }
- #endif
- Class_HandleServerBans(c);
- }
- #ifdef DEBUG
- else Log( LOG_DEBUG, "Resolver: discarding result for already registered connection %d.", i );
- #endif
- } /* cb_Read_Resolver_Result */
- /**
- * Write a "simple" (error) message to a socket.
- *
- * The message is sent without using the connection write buffers, without
- * compression/encryption, and even without any error reporting. It is
- * designed for error messages of e.g. New_Connection().
- *
- * @param Sock Socket handle.
- * @param Msg Message string to send.
- */
- static void
- Simple_Message(int Sock, const char *Msg)
- {
- char buf[COMMAND_LEN];
- size_t len;
- assert(Sock > NONE);
- assert(Msg != NULL);
- strlcpy(buf, Msg, sizeof buf - 2);
- len = strlcat(buf, "\r\n", sizeof buf);
- if (write(Sock, buf, len) < 0) {
- /* Because this function most probably got called to log
- * an error message, any write error is ignored here to
- * avoid an endless loop. But casting the result of write()
- * to "void" doesn't satisfy the GNU C code attribute
- * "warn_unused_result" which is used by some versions of
- * glibc (e.g. 2.11.1), therefore this silly error
- * "handling" code here :-( */
- return;
- }
- } /* Simple_Error */
- /**
- * Get CLIENT structure that belongs to a local connection identified by its
- * index number. Each connection belongs to a client by definition, so it is
- * not required that the caller checks for NULL return values.
- *
- * @param Idx Connection index number.
- * @returns Pointer to CLIENT structure.
- */
- GLOBAL CLIENT *
- Conn_GetClient( CONN_ID Idx )
- {
- CONNECTION *c;
- assert(Idx >= 0);
- c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
- assert(c != NULL);
- return c ? c->client : NULL;
- }
- /**
- * Get PROC_STAT sub-process structure of a connection.
- *
- * @param Idx Connection index number.
- * @returns PROC_STAT structure.
- */
- GLOBAL PROC_STAT *
- Conn_GetProcStat(CONN_ID Idx)
- {
- CONNECTION *c;
- assert(Idx >= 0);
- c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
- assert(c != NULL);
- return &c->proc_stat;
- } /* Conn_GetProcStat */
- /**
- * Get CONN_ID from file descriptor associated to a subprocess structure.
- *
- * @param fd File descriptor.
- * @returns CONN_ID or NONE (-1).
- */
- GLOBAL CONN_ID
- Conn_GetFromProc(int fd)
- {
- int i;
- assert(fd > 0);
- for (i = 0; i < Pool_Size; i++) {
- if ((My_Connections[i].sock != NONE)
- && (Proc_GetPipeFd(&My_Connections[i].proc_stat) == fd))
- return i;
- }
- return NONE;
- } /* Conn_GetFromProc */
- #ifndef STRICT_RFC
- GLOBAL long
- Conn_GetAuthPing(CONN_ID Idx)
- {
- assert (Idx != NONE);
- return My_Connections[Idx].auth_ping;
- } /* Conn_GetAuthPing */
- GLOBAL void
- Conn_SetAuthPing(CONN_ID Idx, long ID)
- {
- assert (Idx != NONE);
- My_Connections[Idx].auth_ping = ID;
- } /* Conn_SetAuthPing */
- #endif
- #ifdef SSL_SUPPORT
- /**
- * Get information about used SSL chiper.
- *
- * @param Idx Connection index number.
- * @param buf Buffer for returned information text.
- * @param len Size of return buffer "buf".
- * @returns true on success, false otherwise.
- */
- GLOBAL bool
- Conn_GetCipherInfo(CONN_ID Idx, char *buf, size_t len)
- {
- if (Idx < 0)
- return false;
- assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
- return ConnSSL_GetCipherInfo(&My_Connections[Idx], buf, len);
- }
- /**
- * Check if a connection is SSL-enabled or not.
- *
- * @param Idx Connection index number.
- * @return true if connection is SSL-enabled, false otherwise.
- */
- GLOBAL bool
- Conn_UsesSSL(CONN_ID Idx)
- {
- if (Idx < 0)
- return false;
- assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
- return Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL);
- }
- #endif
- #ifdef DEBUG
- /**
- * Dump internal state of the "connection module".
- */
- GLOBAL void
- Conn_DebugDump(void)
- {
- int i;
- Log(LOG_DEBUG, "Connection status:");
- for (i = 0; i < Pool_Size; i++) {
- if (My_Connections[i].sock == NONE)
- continue;
- Log(LOG_DEBUG,
- " - %d: host=%s, lastdata=%ld, lastping=%ld, delaytime=%ld, flag=%d, options=%d, bps=%d, client=%s",
- My_Connections[i].sock, My_Connections[i].host,
- My_Connections[i].lastdata, My_Connections[i].lastping,
- My_Connections[i].delaytime, My_Connections[i].flag,
- My_Connections[i].options, My_Connections[i].bps,
- My_Connections[i].client ? Client_ID(My_Connections[i].client) : "-");
- }
- } /* Conn_DumpClients */
- #endif
- /* -eof- */
|