1 |
/* |
2 |
* ircd-hybrid: an advanced Internet Relay Chat Daemon(ircd). |
3 |
* s_bsd.c: Network functions. |
4 |
* |
5 |
* Copyright (C) 2002 by the past and present ircd coders, and others. |
6 |
* |
7 |
* This program is free software; you can redistribute it and/or modify |
8 |
* it under the terms of the GNU General Public License as published by |
9 |
* the Free Software Foundation; either version 2 of the License, or |
10 |
* (at your option) any later version. |
11 |
* |
12 |
* This program is distributed in the hope that it will be useful, |
13 |
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
14 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
15 |
* GNU General Public License for more details. |
16 |
* |
17 |
* You should have received a copy of the GNU General Public License |
18 |
* along with this program; if not, write to the Free Software |
19 |
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 |
20 |
* USA |
21 |
* |
22 |
* $Id$ |
23 |
*/ |
24 |
|
25 |
#include "stdinc.h" |
26 |
#include <netinet/in_systm.h> |
27 |
#include <netinet/ip.h> |
28 |
#include <netinet/tcp.h> |
29 |
#include "list.h" |
30 |
#include "fdlist.h" |
31 |
#include "s_bsd.h" |
32 |
#include "client.h" |
33 |
#include "dbuf.h" |
34 |
#include "event.h" |
35 |
#include "irc_string.h" |
36 |
#include "ircd.h" |
37 |
#include "listener.h" |
38 |
#include "numeric.h" |
39 |
#include "packet.h" |
40 |
#include "irc_res.h" |
41 |
#include "restart.h" |
42 |
#include "s_auth.h" |
43 |
#include "conf.h" |
44 |
#include "log.h" |
45 |
#include "s_serv.h" |
46 |
#include "send.h" |
47 |
#include "memory.h" |
48 |
#include "s_user.h" |
49 |
#include "hook.h" |
50 |
|
51 |
static const char *comm_err_str[] = { "Comm OK", "Error during bind()", |
52 |
"Error during DNS lookup", "connect timeout", "Error during connect()", |
53 |
"Comm Error" }; |
54 |
|
55 |
struct Callback *setup_socket_cb = NULL; |
56 |
|
57 |
static void comm_connect_callback(fde_t *, int); |
58 |
static PF comm_connect_timeout; |
59 |
static void comm_connect_dns_callback(void *, const struct irc_ssaddr *, const char *); |
60 |
static PF comm_connect_tryconnect; |
61 |
|
62 |
|
63 |
/* check_can_use_v6() |
64 |
* Check if the system can open AF_INET6 sockets |
65 |
*/ |
66 |
void |
67 |
check_can_use_v6(void) |
68 |
{ |
69 |
#ifdef IPV6 |
70 |
int v6; |
71 |
|
72 |
if ((v6 = socket(AF_INET6, SOCK_STREAM, 0)) < 0) |
73 |
ServerInfo.can_use_v6 = 0; |
74 |
else |
75 |
{ |
76 |
ServerInfo.can_use_v6 = 1; |
77 |
close(v6); |
78 |
} |
79 |
#else |
80 |
ServerInfo.can_use_v6 = 0; |
81 |
#endif |
82 |
} |
83 |
|
84 |
/* get_sockerr - get the error value from the socket or the current errno |
85 |
* |
86 |
* Get the *real* error from the socket (well try to anyway..). |
87 |
* This may only work when SO_DEBUG is enabled but its worth the |
88 |
* gamble anyway. |
89 |
*/ |
90 |
int |
91 |
get_sockerr(int fd) |
92 |
{ |
93 |
int errtmp = errno; |
94 |
#ifdef SO_ERROR |
95 |
int err = 0; |
96 |
socklen_t len = sizeof(err); |
97 |
|
98 |
if (-1 < fd && !getsockopt(fd, SOL_SOCKET, SO_ERROR, &err, &len)) |
99 |
{ |
100 |
if (err) |
101 |
errtmp = err; |
102 |
} |
103 |
errno = errtmp; |
104 |
#endif |
105 |
return errtmp; |
106 |
} |
107 |
|
108 |
/* |
109 |
* report_error - report an error from an errno. |
110 |
* Record error to log and also send a copy to all *LOCAL* opers online. |
111 |
* |
112 |
* text is a *format* string for outputing error. It must |
113 |
* contain only two '%s', the first will be replaced |
114 |
* by the sockhost from the client_p, and the latter will |
115 |
* be taken from sys_errlist[errno]. |
116 |
* |
117 |
* client_p if not NULL, is the *LOCAL* client associated with |
118 |
* the error. |
119 |
* |
120 |
* Cannot use perror() within daemon. stderr is closed in |
121 |
* ircd and cannot be used. And, worse yet, it might have |
122 |
* been reassigned to a normal connection... |
123 |
* |
124 |
* Actually stderr is still there IFF ircd was run with -s --Rodder |
125 |
*/ |
126 |
|
127 |
void |
128 |
report_error(int level, const char* text, const char* who, int error) |
129 |
{ |
130 |
who = (who) ? who : ""; |
131 |
|
132 |
sendto_realops_flags(UMODE_DEBUG, level, SEND_NOTICE, |
133 |
text, who, strerror(error)); |
134 |
ilog(LOG_TYPE_IRCD, text, who, strerror(error)); |
135 |
} |
136 |
|
137 |
/* |
138 |
* setup_socket() |
139 |
* |
140 |
* Set the socket non-blocking, and other wonderful bits. |
141 |
*/ |
142 |
static void * |
143 |
setup_socket(va_list args) |
144 |
{ |
145 |
int fd = va_arg(args, int); |
146 |
int opt = 1; |
147 |
|
148 |
setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, sizeof(opt)); |
149 |
|
150 |
#ifdef IPTOS_LOWDELAY |
151 |
opt = IPTOS_LOWDELAY; |
152 |
setsockopt(fd, IPPROTO_IP, IP_TOS, &opt, sizeof(opt)); |
153 |
#endif |
154 |
|
155 |
fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) | O_NONBLOCK); |
156 |
|
157 |
return NULL; |
158 |
} |
159 |
|
160 |
/* |
161 |
* init_comm() |
162 |
* |
163 |
* Initializes comm subsystem. |
164 |
*/ |
165 |
void |
166 |
init_comm(void) |
167 |
{ |
168 |
setup_socket_cb = register_callback("setup_socket", setup_socket); |
169 |
init_netio(); |
170 |
} |
171 |
|
172 |
/* |
173 |
* close_connection |
174 |
* Close the physical connection. This function must make |
175 |
* MyConnect(client_p) == FALSE, and set client_p->from == NULL. |
176 |
*/ |
177 |
void |
178 |
close_connection(struct Client *client_p) |
179 |
{ |
180 |
dlink_node *ptr = NULL; |
181 |
|
182 |
assert(client_p); |
183 |
|
184 |
if (!IsDead(client_p)) |
185 |
{ |
186 |
/* attempt to flush any pending dbufs. Evil, but .. -- adrian */ |
187 |
/* there is still a chance that we might send data to this socket |
188 |
* even if it is marked as blocked (COMM_SELECT_READ handler is called |
189 |
* before COMM_SELECT_WRITE). Let's try, nothing to lose.. -adx |
190 |
*/ |
191 |
ClearSendqBlocked(client_p); |
192 |
send_queued_write(client_p); |
193 |
} |
194 |
|
195 |
if (IsClient(client_p)) |
196 |
{ |
197 |
++ServerStats.is_cl; |
198 |
ServerStats.is_cbs += client_p->localClient->send.bytes; |
199 |
ServerStats.is_cbr += client_p->localClient->recv.bytes; |
200 |
ServerStats.is_cti += CurrentTime - client_p->localClient->firsttime; |
201 |
} |
202 |
else if (IsServer(client_p)) |
203 |
{ |
204 |
++ServerStats.is_sv; |
205 |
ServerStats.is_sbs += client_p->localClient->send.bytes; |
206 |
ServerStats.is_sbr += client_p->localClient->recv.bytes; |
207 |
ServerStats.is_sti += CurrentTime - client_p->localClient->firsttime; |
208 |
|
209 |
DLINK_FOREACH(ptr, server_items.head) |
210 |
{ |
211 |
struct MaskItem *conf = ptr->data; |
212 |
|
213 |
if (irccmp(conf->name, client_p->name)) |
214 |
continue; |
215 |
|
216 |
/* |
217 |
* Reset next-connect cycle of all connect{} blocks that match |
218 |
* this servername. |
219 |
*/ |
220 |
conf->until = CurrentTime + conf->class->con_freq; |
221 |
} |
222 |
} |
223 |
else |
224 |
++ServerStats.is_ni; |
225 |
|
226 |
#ifdef HAVE_LIBCRYPTO |
227 |
if (client_p->localClient->fd.ssl) |
228 |
{ |
229 |
SSL_set_shutdown(client_p->localClient->fd.ssl, SSL_RECEIVED_SHUTDOWN); |
230 |
|
231 |
if (!SSL_shutdown(client_p->localClient->fd.ssl)) |
232 |
SSL_shutdown(client_p->localClient->fd.ssl); |
233 |
} |
234 |
#endif |
235 |
if (client_p->localClient->fd.flags.open) |
236 |
fd_close(&client_p->localClient->fd); |
237 |
|
238 |
dbuf_clear(&client_p->localClient->buf_sendq); |
239 |
dbuf_clear(&client_p->localClient->buf_recvq); |
240 |
|
241 |
MyFree(client_p->localClient->passwd); |
242 |
detach_conf(client_p, CONF_CLIENT|CONF_OPER|CONF_SERVER); |
243 |
client_p->from = NULL; /* ...this should catch them! >:) --msa */ |
244 |
} |
245 |
|
246 |
/* Base16 encoding is: |
247 |
* Copyright (c) 2001-2004, Roger Dingledine |
248 |
* Copyright (c) 2004-2007, Roger Dingledine, Nick Mathewson |
249 |
* |
250 |
* Redistribution and use in source and binary forms, with or without |
251 |
* modification, are permitted provided that the following conditions are |
252 |
* met: |
253 |
* |
254 |
* Redistributions of source code must retain the above copyright |
255 |
* notice, this list of conditions and the following disclaimer. |
256 |
|
257 |
* Redistributions in binary form must reproduce the above copyright notice, |
258 |
* this list of conditions and the following disclaimer |
259 |
* in the documentation and/or other materials provided with the distribution. |
260 |
* |
261 |
* Neither the names of the copyright owners nor the names of its |
262 |
* contributors may be used to endorse or promote products derived from |
263 |
* this software without specific prior written permission. |
264 |
|
265 |
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
266 |
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
267 |
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR |
268 |
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT |
269 |
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
270 |
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
271 |
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
272 |
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
273 |
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
274 |
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE |
275 |
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
276 |
*/ |
277 |
static void |
278 |
base16_encode(char *dest, size_t destlen, const char *src, size_t srclen) |
279 |
{ |
280 |
const char *end; |
281 |
char *cp; |
282 |
|
283 |
assert(destlen >= srclen * 2 + 1); |
284 |
|
285 |
cp = dest; |
286 |
end = src + srclen; |
287 |
|
288 |
while (src < end) |
289 |
{ |
290 |
*cp++ = "0123456789ABCDEF"[(*(const uint8_t *)src) >> 4]; |
291 |
*cp++ = "0123456789ABCDEF"[(*(const uint8_t *)src) & 0xf]; |
292 |
++src; |
293 |
} |
294 |
|
295 |
*cp = '\0'; |
296 |
} |
297 |
|
298 |
#ifdef HAVE_LIBCRYPTO |
299 |
/* |
300 |
* ssl_handshake - let OpenSSL initialize the protocol. Register for |
301 |
* read/write events if necessary. |
302 |
*/ |
303 |
static void |
304 |
ssl_handshake(int fd, struct Client *client_p) |
305 |
{ |
306 |
X509 *cert = NULL; |
307 |
int ret = SSL_accept(client_p->localClient->fd.ssl); |
308 |
int err = SSL_get_error(client_p->localClient->fd.ssl, ret); |
309 |
|
310 |
ilog(LOG_TYPE_IRCD, "SSL Error %d %s", err, ERR_error_string(err, NULL)); |
311 |
|
312 |
if ((cert = SSL_get_peer_certificate(client_p->localClient->fd.ssl))) |
313 |
{ |
314 |
int res = SSL_get_verify_result(client_p->localClient->fd.ssl); |
315 |
char buf[SHA_DIGEST_LENGTH * 2 + 1] = { '\0' }; |
316 |
|
317 |
if (res == X509_V_OK || res == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN || |
318 |
res == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE || |
319 |
res == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) |
320 |
{ |
321 |
base16_encode(buf, sizeof(buf), |
322 |
(const char *)cert->sha1_hash, sizeof(cert->sha1_hash)); |
323 |
client_p->certfp = xstrndup(buf, sizeof(buf)); |
324 |
} |
325 |
else |
326 |
ilog(LOG_TYPE_IRCD, "Client %s!%s@%s gave bad SSL client certificate: %d", |
327 |
client_p->name, client_p->username, client_p->host, res); |
328 |
X509_free(cert); |
329 |
} |
330 |
|
331 |
if (ret <= 0) |
332 |
{ |
333 |
switch (SSL_get_error(client_p->localClient->fd.ssl, ret)) |
334 |
{ |
335 |
case SSL_ERROR_WANT_WRITE: |
336 |
comm_setselect(&client_p->localClient->fd, COMM_SELECT_WRITE, |
337 |
(PF *) ssl_handshake, client_p, 0); |
338 |
return; |
339 |
|
340 |
case SSL_ERROR_WANT_READ: |
341 |
comm_setselect(&client_p->localClient->fd, COMM_SELECT_READ, |
342 |
(PF *) ssl_handshake, client_p, 0); |
343 |
return; |
344 |
|
345 |
default: |
346 |
exit_client(client_p, client_p, "Error during SSL handshake"); |
347 |
return; |
348 |
} |
349 |
} |
350 |
|
351 |
start_auth(client_p); |
352 |
} |
353 |
#endif |
354 |
|
355 |
/* |
356 |
* add_connection - creates a client which has just connected to us on |
357 |
* the given fd. The sockhost field is initialized with the ip# of the host. |
358 |
* An unique id is calculated now, in case it is needed for auth. |
359 |
* The client is sent to the auth module for verification, and not put in |
360 |
* any client list yet. |
361 |
*/ |
362 |
void |
363 |
add_connection(struct Listener *listener, struct irc_ssaddr *irn, int fd) |
364 |
{ |
365 |
struct Client *new_client = make_client(NULL); |
366 |
|
367 |
fd_open(&new_client->localClient->fd, fd, 1, |
368 |
(listener->flags & LISTENER_SSL) ? |
369 |
"Incoming SSL connection" : "Incoming connection"); |
370 |
|
371 |
/* |
372 |
* copy address to 'sockhost' as a string, copy it to host too |
373 |
* so we have something valid to put into error messages... |
374 |
*/ |
375 |
memcpy(&new_client->localClient->ip, irn, sizeof(struct irc_ssaddr)); |
376 |
|
377 |
getnameinfo((struct sockaddr *)&new_client->localClient->ip, |
378 |
new_client->localClient->ip.ss_len, new_client->sockhost, |
379 |
sizeof(new_client->sockhost), NULL, 0, NI_NUMERICHOST); |
380 |
new_client->localClient->aftype = new_client->localClient->ip.ss.ss_family; |
381 |
|
382 |
#ifdef HAVE_LIBGEOIP |
383 |
/* XXX IPV6 SUPPORT XXX */ |
384 |
if (irn->ss.ss_family == AF_INET && geoip_ctx) |
385 |
{ |
386 |
const struct sockaddr_in *v4 = (const struct sockaddr_in *)&new_client->localClient->ip; |
387 |
new_client->localClient->country_id = GeoIP_id_by_ipnum(geoip_ctx, (unsigned long)ntohl(v4->sin_addr.s_addr)); |
388 |
} |
389 |
#endif |
390 |
|
391 |
if (new_client->sockhost[0] == ':' && new_client->sockhost[1] == ':') |
392 |
{ |
393 |
strlcpy(new_client->host, "0", sizeof(new_client->host)); |
394 |
strlcpy(new_client->host+1, new_client->sockhost, sizeof(new_client->host)-1); |
395 |
memmove(new_client->sockhost+1, new_client->sockhost, sizeof(new_client->sockhost)-1); |
396 |
new_client->sockhost[0] = '0'; |
397 |
} |
398 |
else |
399 |
strlcpy(new_client->host, new_client->sockhost, sizeof(new_client->host)); |
400 |
|
401 |
new_client->localClient->listener = listener; |
402 |
++listener->ref_count; |
403 |
|
404 |
#ifdef HAVE_LIBCRYPTO |
405 |
if (listener->flags & LISTENER_SSL) |
406 |
{ |
407 |
if ((new_client->localClient->fd.ssl = SSL_new(ServerInfo.server_ctx)) == NULL) |
408 |
{ |
409 |
ilog(LOG_TYPE_IRCD, "SSL_new() ERROR! -- %s", |
410 |
ERR_error_string(ERR_get_error(), NULL)); |
411 |
|
412 |
SetDead(new_client); |
413 |
exit_client(new_client, new_client, "SSL_new failed"); |
414 |
return; |
415 |
} |
416 |
|
417 |
SSL_set_fd(new_client->localClient->fd.ssl, fd); |
418 |
ssl_handshake(0, new_client); |
419 |
} |
420 |
else |
421 |
#endif |
422 |
start_auth(new_client); |
423 |
} |
424 |
|
425 |
/* |
426 |
* stolen from squid - its a neat (but overused! :) routine which we |
427 |
* can use to see whether we can ignore this errno or not. It is |
428 |
* generally useful for non-blocking network IO related errnos. |
429 |
* -- adrian |
430 |
*/ |
431 |
int |
432 |
ignoreErrno(int ierrno) |
433 |
{ |
434 |
switch (ierrno) |
435 |
{ |
436 |
case EINPROGRESS: |
437 |
case EWOULDBLOCK: |
438 |
#if EAGAIN != EWOULDBLOCK |
439 |
case EAGAIN: |
440 |
#endif |
441 |
case EALREADY: |
442 |
case EINTR: |
443 |
#ifdef ERESTART |
444 |
case ERESTART: |
445 |
#endif |
446 |
return 1; |
447 |
default: |
448 |
return 0; |
449 |
} |
450 |
} |
451 |
|
452 |
/* |
453 |
* comm_settimeout() - set the socket timeout |
454 |
* |
455 |
* Set the timeout for the fd |
456 |
*/ |
457 |
void |
458 |
comm_settimeout(fde_t *fd, time_t timeout, PF *callback, void *cbdata) |
459 |
{ |
460 |
assert(fd->flags.open); |
461 |
|
462 |
fd->timeout = CurrentTime + (timeout / 1000); |
463 |
fd->timeout_handler = callback; |
464 |
fd->timeout_data = cbdata; |
465 |
} |
466 |
|
467 |
/* |
468 |
* comm_setflush() - set a flush function |
469 |
* |
470 |
* A flush function is simply a function called if found during |
471 |
* comm_timeouts(). Its basically a second timeout, except in this case |
472 |
* I'm too lazy to implement multiple timeout functions! :-) |
473 |
* its kinda nice to have it separate, since this is designed for |
474 |
* flush functions, and when comm_close() is implemented correctly |
475 |
* with close functions, we _actually_ don't call comm_close() here .. |
476 |
* -- originally Adrian's notes |
477 |
* comm_close() is replaced with fd_close() in fdlist.c |
478 |
*/ |
479 |
void |
480 |
comm_setflush(fde_t *fd, time_t timeout, PF *callback, void *cbdata) |
481 |
{ |
482 |
assert(fd->flags.open); |
483 |
|
484 |
fd->flush_timeout = CurrentTime + (timeout / 1000); |
485 |
fd->flush_handler = callback; |
486 |
fd->flush_data = cbdata; |
487 |
} |
488 |
|
489 |
/* |
490 |
* comm_checktimeouts() - check the socket timeouts |
491 |
* |
492 |
* All this routine does is call the given callback/cbdata, without closing |
493 |
* down the file descriptor. When close handlers have been implemented, |
494 |
* this will happen. |
495 |
*/ |
496 |
void |
497 |
comm_checktimeouts(void *notused) |
498 |
{ |
499 |
int i; |
500 |
fde_t *F; |
501 |
PF *hdl; |
502 |
void *data; |
503 |
|
504 |
for (i = 0; i < FD_HASH_SIZE; i++) |
505 |
for (F = fd_hash[i]; F != NULL; F = fd_next_in_loop) |
506 |
{ |
507 |
assert(F->flags.open); |
508 |
fd_next_in_loop = F->hnext; |
509 |
|
510 |
/* check flush functions */ |
511 |
if (F->flush_handler && F->flush_timeout > 0 && |
512 |
F->flush_timeout < CurrentTime) |
513 |
{ |
514 |
hdl = F->flush_handler; |
515 |
data = F->flush_data; |
516 |
comm_setflush(F, 0, NULL, NULL); |
517 |
hdl(F, data); |
518 |
} |
519 |
|
520 |
/* check timeouts */ |
521 |
if (F->timeout_handler && F->timeout > 0 && |
522 |
F->timeout < CurrentTime) |
523 |
{ |
524 |
/* Call timeout handler */ |
525 |
hdl = F->timeout_handler; |
526 |
data = F->timeout_data; |
527 |
comm_settimeout(F, 0, NULL, NULL); |
528 |
hdl(F, data); |
529 |
} |
530 |
} |
531 |
} |
532 |
|
533 |
/* |
534 |
* void comm_connect_tcp(int fd, const char *host, unsigned short port, |
535 |
* struct sockaddr *clocal, int socklen, |
536 |
* CNCB *callback, void *data, int aftype, int timeout) |
537 |
* Input: An fd to connect with, a host and port to connect to, |
538 |
* a local sockaddr to connect from + length(or NULL to use the |
539 |
* default), a callback, the data to pass into the callback, the |
540 |
* address family. |
541 |
* Output: None. |
542 |
* Side-effects: A non-blocking connection to the host is started, and |
543 |
* if necessary, set up for selection. The callback given |
544 |
* may be called now, or it may be called later. |
545 |
*/ |
546 |
void |
547 |
comm_connect_tcp(fde_t *fd, const char *host, unsigned short port, |
548 |
struct sockaddr *clocal, int socklen, CNCB *callback, |
549 |
void *data, int aftype, int timeout) |
550 |
{ |
551 |
struct addrinfo hints, *res; |
552 |
char portname[PORTNAMELEN + 1]; |
553 |
|
554 |
assert(callback); |
555 |
fd->connect.callback = callback; |
556 |
fd->connect.data = data; |
557 |
|
558 |
fd->connect.hostaddr.ss.ss_family = aftype; |
559 |
fd->connect.hostaddr.ss_port = htons(port); |
560 |
|
561 |
/* Note that we're using a passed sockaddr here. This is because |
562 |
* generally you'll be bind()ing to a sockaddr grabbed from |
563 |
* getsockname(), so this makes things easier. |
564 |
* XXX If NULL is passed as local, we should later on bind() to the |
565 |
* virtual host IP, for completeness. |
566 |
* -- adrian |
567 |
*/ |
568 |
if ((clocal != NULL) && (bind(fd->fd, clocal, socklen) < 0)) |
569 |
{ |
570 |
/* Failure, call the callback with COMM_ERR_BIND */ |
571 |
comm_connect_callback(fd, COMM_ERR_BIND); |
572 |
/* ... and quit */ |
573 |
return; |
574 |
} |
575 |
|
576 |
/* Next, if we have been given an IP, get the addr and skip the |
577 |
* DNS check (and head direct to comm_connect_tryconnect(). |
578 |
*/ |
579 |
memset(&hints, 0, sizeof(hints)); |
580 |
hints.ai_family = AF_UNSPEC; |
581 |
hints.ai_socktype = SOCK_STREAM; |
582 |
hints.ai_flags = AI_PASSIVE | AI_NUMERICHOST; |
583 |
|
584 |
snprintf(portname, sizeof(portname), "%d", port); |
585 |
|
586 |
if (getaddrinfo(host, portname, &hints, &res)) |
587 |
{ |
588 |
/* Send the DNS request, for the next level */ |
589 |
if (aftype == AF_INET6) |
590 |
gethost_byname_type(comm_connect_dns_callback, fd, host, T_AAAA); |
591 |
else |
592 |
gethost_byname_type(comm_connect_dns_callback, fd, host, T_A); |
593 |
} |
594 |
else |
595 |
{ |
596 |
/* We have a valid IP, so we just call tryconnect */ |
597 |
/* Make sure we actually set the timeout here .. */ |
598 |
assert(res != NULL); |
599 |
memcpy(&fd->connect.hostaddr, res->ai_addr, res->ai_addrlen); |
600 |
fd->connect.hostaddr.ss_len = res->ai_addrlen; |
601 |
fd->connect.hostaddr.ss.ss_family = res->ai_family; |
602 |
freeaddrinfo(res); |
603 |
comm_settimeout(fd, timeout*1000, comm_connect_timeout, NULL); |
604 |
comm_connect_tryconnect(fd, NULL); |
605 |
} |
606 |
} |
607 |
|
608 |
/* |
609 |
* comm_connect_callback() - call the callback, and continue with life |
610 |
*/ |
611 |
static void |
612 |
comm_connect_callback(fde_t *fd, int status) |
613 |
{ |
614 |
CNCB *hdl; |
615 |
|
616 |
/* This check is gross..but probably necessary */ |
617 |
if (fd->connect.callback == NULL) |
618 |
return; |
619 |
|
620 |
/* Clear the connect flag + handler */ |
621 |
hdl = fd->connect.callback; |
622 |
fd->connect.callback = NULL; |
623 |
|
624 |
/* Clear the timeout handler */ |
625 |
comm_settimeout(fd, 0, NULL, NULL); |
626 |
|
627 |
/* Call the handler */ |
628 |
hdl(fd, status, fd->connect.data); |
629 |
} |
630 |
|
631 |
/* |
632 |
* comm_connect_timeout() - this gets called when the socket connection |
633 |
* times out. This *only* can be called once connect() is initially |
634 |
* called .. |
635 |
*/ |
636 |
static void |
637 |
comm_connect_timeout(fde_t *fd, void *notused) |
638 |
{ |
639 |
/* error! */ |
640 |
comm_connect_callback(fd, COMM_ERR_TIMEOUT); |
641 |
} |
642 |
|
643 |
/* |
644 |
* comm_connect_dns_callback() - called at the completion of the DNS request |
645 |
* |
646 |
* The DNS request has completed, so if we've got an error, return it, |
647 |
* otherwise we initiate the connect() |
648 |
*/ |
649 |
static void |
650 |
comm_connect_dns_callback(void *vptr, const struct irc_ssaddr *addr, const char *name) |
651 |
{ |
652 |
fde_t *F = vptr; |
653 |
|
654 |
if (name == NULL) |
655 |
{ |
656 |
comm_connect_callback(F, COMM_ERR_DNS); |
657 |
return; |
658 |
} |
659 |
|
660 |
/* No error, set a 10 second timeout */ |
661 |
comm_settimeout(F, 30*1000, comm_connect_timeout, NULL); |
662 |
|
663 |
/* Copy over the DNS reply info so we can use it in the connect() */ |
664 |
/* |
665 |
* Note we don't fudge the refcount here, because we aren't keeping |
666 |
* the DNS record around, and the DNS cache is gone anyway.. |
667 |
* -- adrian |
668 |
*/ |
669 |
memcpy(&F->connect.hostaddr, addr, addr->ss_len); |
670 |
/* The cast is hacky, but safe - port offset is same on v4 and v6 */ |
671 |
((struct sockaddr_in *) &F->connect.hostaddr)->sin_port = |
672 |
F->connect.hostaddr.ss_port; |
673 |
F->connect.hostaddr.ss_len = addr->ss_len; |
674 |
|
675 |
/* Now, call the tryconnect() routine to try a connect() */ |
676 |
comm_connect_tryconnect(F, NULL); |
677 |
} |
678 |
|
679 |
/* static void comm_connect_tryconnect(int fd, void *notused) |
680 |
* Input: The fd, the handler data(unused). |
681 |
* Output: None. |
682 |
* Side-effects: Try and connect with pending connect data for the FD. If |
683 |
* we succeed or get a fatal error, call the callback. |
684 |
* Otherwise, it is still blocking or something, so register |
685 |
* to select for a write event on this FD. |
686 |
*/ |
687 |
static void |
688 |
comm_connect_tryconnect(fde_t *fd, void *notused) |
689 |
{ |
690 |
int retval; |
691 |
|
692 |
/* This check is needed or re-entrant s_bsd_* like sigio break it. */ |
693 |
if (fd->connect.callback == NULL) |
694 |
return; |
695 |
|
696 |
/* Try the connect() */ |
697 |
retval = connect(fd->fd, (struct sockaddr *) &fd->connect.hostaddr, |
698 |
fd->connect.hostaddr.ss_len); |
699 |
|
700 |
/* Error? */ |
701 |
if (retval < 0) |
702 |
{ |
703 |
/* |
704 |
* If we get EISCONN, then we've already connect()ed the socket, |
705 |
* which is a good thing. |
706 |
* -- adrian |
707 |
*/ |
708 |
if (errno == EISCONN) |
709 |
comm_connect_callback(fd, COMM_OK); |
710 |
else if (ignoreErrno(errno)) |
711 |
/* Ignore error? Reschedule */ |
712 |
comm_setselect(fd, COMM_SELECT_WRITE, comm_connect_tryconnect, |
713 |
NULL, 0); |
714 |
else |
715 |
/* Error? Fail with COMM_ERR_CONNECT */ |
716 |
comm_connect_callback(fd, COMM_ERR_CONNECT); |
717 |
return; |
718 |
} |
719 |
|
720 |
/* If we get here, we've suceeded, so call with COMM_OK */ |
721 |
comm_connect_callback(fd, COMM_OK); |
722 |
} |
723 |
|
724 |
/* |
725 |
* comm_errorstr() - return an error string for the given error condition |
726 |
*/ |
727 |
const char * |
728 |
comm_errstr(int error) |
729 |
{ |
730 |
if (error < 0 || error >= COMM_ERR_MAX) |
731 |
return "Invalid error number!"; |
732 |
return comm_err_str[error]; |
733 |
} |
734 |
|
735 |
/* |
736 |
* comm_open() - open a socket |
737 |
* |
738 |
* This is a highly highly cut down version of squid's comm_open() which |
739 |
* for the most part emulates socket(), *EXCEPT* it fails if we're about |
740 |
* to run out of file descriptors. |
741 |
*/ |
742 |
int |
743 |
comm_open(fde_t *F, int family, int sock_type, int proto, const char *note) |
744 |
{ |
745 |
int fd; |
746 |
|
747 |
/* First, make sure we aren't going to run out of file descriptors */ |
748 |
if (number_fd >= hard_fdlimit) |
749 |
{ |
750 |
errno = ENFILE; |
751 |
return -1; |
752 |
} |
753 |
|
754 |
/* |
755 |
* Next, we try to open the socket. We *should* drop the reserved FD |
756 |
* limit if/when we get an error, but we can deal with that later. |
757 |
* XXX !!! -- adrian |
758 |
*/ |
759 |
fd = socket(family, sock_type, proto); |
760 |
if (fd < 0) |
761 |
return -1; /* errno will be passed through, yay.. */ |
762 |
|
763 |
execute_callback(setup_socket_cb, fd); |
764 |
|
765 |
/* update things in our fd tracking */ |
766 |
fd_open(F, fd, 1, note); |
767 |
return 0; |
768 |
} |
769 |
|
770 |
/* |
771 |
* comm_accept() - accept an incoming connection |
772 |
* |
773 |
* This is a simple wrapper for accept() which enforces FD limits like |
774 |
* comm_open() does. Returned fd must be either closed or tagged with |
775 |
* fd_open (this function no longer does it). |
776 |
*/ |
777 |
int |
778 |
comm_accept(struct Listener *lptr, struct irc_ssaddr *pn) |
779 |
{ |
780 |
int newfd; |
781 |
socklen_t addrlen = sizeof(struct irc_ssaddr); |
782 |
|
783 |
if (number_fd >= hard_fdlimit) |
784 |
{ |
785 |
errno = ENFILE; |
786 |
return -1; |
787 |
} |
788 |
|
789 |
/* |
790 |
* Next, do the accept(). if we get an error, we should drop the |
791 |
* reserved fd limit, but we can deal with that when comm_open() |
792 |
* also does it. XXX -- adrian |
793 |
*/ |
794 |
newfd = accept(lptr->fd.fd, (struct sockaddr *)pn, &addrlen); |
795 |
if (newfd < 0) |
796 |
return -1; |
797 |
|
798 |
#ifdef IPV6 |
799 |
remove_ipv6_mapping(pn); |
800 |
#else |
801 |
pn->ss_len = addrlen; |
802 |
#endif |
803 |
|
804 |
execute_callback(setup_socket_cb, newfd); |
805 |
|
806 |
/* .. and return */ |
807 |
return newfd; |
808 |
} |
809 |
|
810 |
/* |
811 |
* remove_ipv6_mapping() - Removes IPv4-In-IPv6 mapping from an address |
812 |
* OSes with IPv6 mapping listening on both |
813 |
* AF_INET and AF_INET6 map AF_INET connections inside AF_INET6 structures |
814 |
* |
815 |
*/ |
816 |
#ifdef IPV6 |
817 |
void |
818 |
remove_ipv6_mapping(struct irc_ssaddr *addr) |
819 |
{ |
820 |
if (addr->ss.ss_family == AF_INET6) |
821 |
{ |
822 |
if (IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)addr)->sin6_addr)) |
823 |
{ |
824 |
struct sockaddr_in6 v6; |
825 |
struct sockaddr_in *v4 = (struct sockaddr_in *)addr; |
826 |
|
827 |
memcpy(&v6, addr, sizeof(v6)); |
828 |
memset(v4, 0, sizeof(struct sockaddr_in)); |
829 |
memcpy(&v4->sin_addr, &v6.sin6_addr.s6_addr[12], sizeof(v4->sin_addr)); |
830 |
|
831 |
addr->ss.ss_family = AF_INET; |
832 |
addr->ss_len = sizeof(struct sockaddr_in); |
833 |
} |
834 |
else |
835 |
addr->ss_len = sizeof(struct sockaddr_in6); |
836 |
} |
837 |
else |
838 |
addr->ss_len = sizeof(struct sockaddr_in); |
839 |
} |
840 |
#endif |