8.2.x/src/s_bsd.c

/*
 *  ircd-hybrid: an advanced, lightweight Internet Relay Chat Daemon (ircd)
 *
 *  Copyright (c) 1997-2019 ircd-hybrid development team
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
 *  USA
 */

/*! \file s_bsd.c
 * \brief Network functions.
 * \version $Id$
 */

#include "stdinc.h"
#include <netinet/in_systm.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include "list.h"
#include "fdlist.h"
#include "s_bsd.h"
#include "client.h"
#include "dbuf.h"
#include "event.h"
#include "irc_string.h"
#include "ircd.h"
#include "listener.h"
#include "numeric.h"
#include "packet.h"
#include "res.h"
#include "restart.h"
#include "conf.h"
#include "log.h"
#include "server.h"
#include "send.h"
#include "memory.h"
#include "user.h"


static const char *const comm_err_str[] =
{
  [COMM_OK] = "Comm OK",
  [COMM_ERR_BIND] = "Error during bind()",
  [COMM_ERR_TIMEOUT] = "connect timeout",
  [COMM_ERR_CONNECT] = "Error during connect()",
  [COMM_ERROR] = "Comm Error"
};

static void comm_connect_callback(fde_t *, int);
static void comm_connect_timeout(fde_t *, void *);
static void comm_connect_tryconnect(fde_t *, void *);


/* comm_get_sockerr - get the error value from the socket or the current errno
 *
 * Get the *real* error from the socket (well try to anyway..).
 * This may only work when SO_DEBUG is enabled but its worth the
 * gamble anyway.
 */
int
comm_get_sockerr(fde_t *F)
{
  int errtmp = errno;
#ifdef SO_ERROR
  int err = 0;
  socklen_t len = sizeof(err);

  assert(F);
  assert(F->flags.open == true);

  if (getsockopt(F->fd, SOL_SOCKET, SO_ERROR, &err, &len) == 0)
  {
    if (err)
      errtmp = err;
  }

  errno = errtmp;
#endif
  return errtmp;
}

/*
 * report_error - report an error from an errno.
 * Record error to log and also send a copy to all *LOCAL* opers online.
 *
 *        text        is a *format* string for outputing error. It must
 *                contain only two '%s', the first will be replaced
 *                by the sockhost from the client_p, and the latter will
 *                be taken from sys_errlist[errno].
 *
 *        client_p        if not NULL, is the *LOCAL* client associated with
 *                the error.
 *
 * Cannot use perror() within daemon. stderr is closed in
 * ircd and cannot be used. And, worse yet, it might have
 * been reassigned to a normal connection...
 *
 * Actually stderr is still there IFF ircd was run with -s --Rodder
 */
void
report_error(int level, const char *text, const char *who, int error)
{
  who = (who) ? who : "";

  sendto_realops_flags(UMODE_DEBUG, level, SEND_NOTICE,
                       text, who, strerror(error));
  ilog(LOG_TYPE_IRCD, text, who, strerror(error));
}

/*
 * setup_socket()
 *
 * Set the socket non-blocking, and other wonderful bits.
 */
static void
setup_socket(int fd)
{
  int opt = 1;

  setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, sizeof(opt));

#ifdef IPTOS_LOWDELAY
  opt = IPTOS_LOWDELAY;
  setsockopt(fd, IPPROTO_IP, IP_TOS, &opt, sizeof(opt));
#endif

  fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) | O_NONBLOCK);
}

/*
 * ssl_handshake - let OpenSSL initialize the protocol. Register for
 * read/write events if necessary.
 */
static void
ssl_handshake(fde_t *F, void *data)
{
  struct Client *client_p = data;

  assert(client_p);
  assert(client_p->connection);
  assert(client_p->connection->fd);
  assert(client_p->connection->fd == F);

  tls_handshake_status_t ret = tls_handshake(&F->ssl, TLS_ROLE_SERVER, NULL);
  if (ret != TLS_HANDSHAKE_DONE)
  {
    if ((event_base->time.sec_monotonic - client_p->connection->created_monotonic) > CONNECTTIMEOUT)
    {
      exit_client(client_p, "Timeout during TLS handshake");
      return;
    }

    switch (ret)
    {
      case TLS_HANDSHAKE_WANT_WRITE:
        comm_setselect(F, COMM_SELECT_WRITE, ssl_handshake, client_p, CONNECTTIMEOUT);
        return;
      case TLS_HANDSHAKE_WANT_READ:
        comm_setselect(F, COMM_SELECT_READ, ssl_handshake, client_p, CONNECTTIMEOUT);
        return;
      default:
        exit_client(client_p, "Error during TLS handshake");
        return;
    }
  }

  comm_settimeout(F, 0, NULL, NULL);

  if (tls_verify_cert(&F->ssl, ConfigServerInfo.message_digest_algorithm, &client_p->certfp) == false)
    ilog(LOG_TYPE_IRCD, "Client %s!%s@%s gave bad TLS client certificate",
         client_p->name, client_p->username, client_p->host);

  auth_start(client_p);
}

/*
 * add_connection - creates a client which has just connected to us on
 * the given fd. The sockhost field is initialized with the ip# of the host.
 * An unique id is calculated now, in case it is needed for auth.
 * The client is sent to the auth module for verification, and not put in
 * any client list yet.
 */
void
add_connection(struct Listener *listener, struct irc_ssaddr *irn, int fd)
{
  struct Client *client_p = client_make(NULL);

  client_p->connection->fd = fd_open(fd, true, (listener->flags & LISTENER_SSL) ?
                                     "Incoming SSL connection" : "Incoming connection");

  /*
   * copy address to 'sockhost' as a string, copy it to host too
   * so we have something valid to put into error messages...
   */
  memcpy(&client_p->ip, irn, sizeof(client_p->ip));

  getnameinfo((const struct sockaddr *)&client_p->ip,
              client_p->ip.ss_len, client_p->sockhost,
              sizeof(client_p->sockhost), NULL, 0, NI_NUMERICHOST);

  if (client_p->sockhost[0] == ':')
  {
    client_p->sockhost[0] = '0';
    memmove(client_p->sockhost + 1, client_p->sockhost, sizeof(client_p->sockhost) - 1);
  }

  strlcpy(client_p->host, client_p->sockhost, sizeof(client_p->host));

  client_p->connection->listener = listener;
  ++listener->ref_count;

  if (listener->flags & LISTENER_SSL)
  {
    if (tls_new(&client_p->connection->fd->ssl, fd, TLS_ROLE_SERVER) == false)
    {
      SetDead(client_p);
      exit_client(client_p, "TLS context initialization failed");
      return;
    }

    AddFlag(client_p, FLAGS_SSL);
    ssl_handshake(client_p->connection->fd, client_p);
  }
  else
    auth_start(client_p);
}

/*
 * stolen from squid - its a neat (but overused! :) routine which we
 * can use to see whether we can ignore this errno or not. It is
 * generally useful for non-blocking network IO related errnos.
 *     -- adrian
 */
bool
comm_ignore_errno(int ierrno)
{
  switch (ierrno)
  {
    case EINPROGRESS:
    case EWOULDBLOCK:
#if EAGAIN != EWOULDBLOCK
    case EAGAIN:
#endif
    case EALREADY:
    case EINTR:
#ifdef ERESTART
    case ERESTART:
#endif
      return true;
    default:
      return false;
  }
}

/*
 * comm_settimeout() - set the socket timeout
 *
 * Set the timeout for the fd
 */
void
comm_settimeout(fde_t *F, uintmax_t timeout, void (*callback)(fde_t *, void *), void *cbdata)
{
  assert(F);
  assert(F->flags.open == true);

  F->timeout = event_base->time.sec_monotonic + (timeout / 1000);
  F->timeout_handler = callback;
  F->timeout_data = cbdata;
}

/*
 * comm_setflush() - set a flush function
 *
 * A flush function is simply a function called if found during
 * comm_timeouts(). Its basically a second timeout, except in this case
 * I'm too lazy to implement multiple timeout functions! :-)
 * its kinda nice to have it separate, since this is designed for
 * flush functions, and when comm_close() is implemented correctly
 * with close functions, we _actually_ don't call comm_close() here ..
 * -- originally Adrian's notes
 * comm_close() is replaced with fd_close() in fdlist.c
 */
void
comm_setflush(fde_t *F, uintmax_t timeout, void (*callback)(fde_t *, void *), void *cbdata)
{
  assert(F);
  assert(F->flags.open == true);

  F->flush_timeout = event_base->time.sec_monotonic + (timeout / 1000);
  F->flush_handler = callback;
  F->flush_data = cbdata;
}

/*
 * comm_checktimeouts() - check the socket timeouts
 *
 * All this routine does is call the given callback/cbdata, without closing
 * down the file descriptor. When close handlers have been implemented,
 * this will happen.
 */
void
comm_checktimeouts(void *unused)
{
  void (*hdl)(fde_t *, void *);
  void *data;

  for (int fd = 0; fd <= highest_fd; ++fd)
  {
    fde_t *F = &fd_table[fd];

    if (F->flags.open == false)
      continue;

    /* check flush functions */
    if (F->flush_handler && F->flush_timeout > 0 &&
        F->flush_timeout < event_base->time.sec_monotonic)
    {
      hdl = F->flush_handler;
      data = F->flush_data;

      comm_setflush(F, 0, NULL, NULL);
      hdl(F, data);
    }

    /* check timeouts */
    if (F->timeout_handler && F->timeout > 0 &&
        F->timeout < event_base->time.sec_monotonic)
    {
      /* Call timeout handler */
      hdl = F->timeout_handler;
      data = F->timeout_data;

      comm_settimeout(F, 0, NULL, NULL);
      hdl(F, data);
    }
  }
}

/*
 * void comm_connect_tcp(int fd, const char *host, unsigned short port,
 *                       struct sockaddr *clocal, int socklen,
 *                       CNCB *callback, void *data, int aftype, int timeout)
 * Input: An fd to connect with, a host and port to connect to,
 *        a local sockaddr to connect from + length(or NULL to use the
 *        default), a callback, the data to pass into the callback, the
 *        address family.
 * Output: None.
 * Side-effects: A non-blocking connection to the host is started, and
 *               if necessary, set up for selection. The callback given
 *               may be called now, or it may be called later.
 */
void
comm_connect_tcp(fde_t *F, const struct irc_ssaddr *caddr, unsigned short port, const struct irc_ssaddr *baddr,
                 void (*callback)(fde_t *, int, void *), void *data, uintmax_t timeout)
{
  assert(callback);

  memcpy(&F->connect.hostaddr, caddr, sizeof(F->connect.hostaddr));

  /* The cast is hacky, but safe - port offset is same on v4 and v6 */
  ((struct sockaddr_in *)&F->connect.hostaddr)->sin_port = htons(port);
  F->connect.callback = callback;
  F->connect.data = data;

  /* Note that we're using a passed sockaddr here. This is because
   * generally you'll be bind()ing to a sockaddr grabbed from
   * getsockname(), so this makes things easier.
   * XXX If NULL is passed as local, we should later on bind() to the
   * virtual host IP, for completeness.
   *   -- adrian
   */
  if (baddr && bind(F->fd, (const struct sockaddr *)baddr, baddr->ss_len) < 0)
  {
    /* Failure, call the callback with COMM_ERR_BIND */
    comm_connect_callback(F, COMM_ERR_BIND);
    return;  /* ... and quit */
  }

  comm_settimeout(F, timeout * 1000, comm_connect_timeout, NULL);
  comm_connect_tryconnect(F, NULL);
}

/*
 * comm_connect_callback() - call the callback, and continue with life
 */
static void
comm_connect_callback(fde_t *F, int status)
{
  void (*hdl)(fde_t *, int, void *);

  /* This check is gross..but probably necessary */
  if (F->connect.callback == NULL)
    return;

  /* Clear the connect flag + handler */
  hdl = F->connect.callback;
  F->connect.callback = NULL;

  /* Clear the timeout handler */
  comm_settimeout(F, 0, NULL, NULL);

  /* Call the handler */
  hdl(F, status, F->connect.data);
}

/*
 * comm_connect_timeout() - this gets called when the socket connection
 * times out. This *only* can be called once connect() is initially
 * called ..
 */
static void
comm_connect_timeout(fde_t *F, void *unused)
{
  /* error! */
  comm_connect_callback(F, COMM_ERR_TIMEOUT);
}

/* static void comm_connect_tryconnect(fde_t *fd, void *unused)
 * Input: The fd, the handler data(unused).
 * Output: None.
 * Side-effects: Try and connect with pending connect data for the FD. If
 *               we succeed or get a fatal error, call the callback.
 *               Otherwise, it is still blocking or something, so register
 *               to select for a write event on this FD.
 */
static void
comm_connect_tryconnect(fde_t *F, void *unused)
{
  /* This check is needed or re-entrant s_bsd_* like sigio break it. */
  if (F->connect.callback == NULL)
    return;

  /* Try the connect() */
  int retval = connect(F->fd, (struct sockaddr *)&F->connect.hostaddr, F->connect.hostaddr.ss_len);

  /* Error? */
  if (retval < 0)
  {
    /*
     * If we get EISCONN, then we've already connect()ed the socket,
     * which is a good thing.
     *   -- adrian
     */
    if (errno == EISCONN)
      comm_connect_callback(F, COMM_OK);
    else if (comm_ignore_errno(errno))
      /* Ignore error? Reschedule */
      comm_setselect(F, COMM_SELECT_WRITE, comm_connect_tryconnect, NULL, 0);
    else
      /* Error? Fail with COMM_ERR_CONNECT */
      comm_connect_callback(F, COMM_ERR_CONNECT);
    return;
  }

  /* If we get here, we've suceeded, so call with COMM_OK */
  comm_connect_callback(F, COMM_OK);
}

/*
 * comm_errorstr() - return an error string for the given error condition
 */
const char *
comm_errstr(int error)
{
  if (error < 0 || error >= COMM_ERR_MAX)
    return "Invalid error number!";
  return comm_err_str[error];
}

/*
 * comm_open() - open a socket
 *
 * This is a highly highly cut down version of squid's comm_open() which
 * for the most part emulates socket(), *EXCEPT* it fails if we're about
 * to run out of file descriptors.
 */
int
comm_socket(int family, int sock_type, int proto)
{
  /* First, make sure we aren't going to run out of file descriptors */
  if (number_fd >= hard_fdlimit)
  {
    errno = ENFILE;
    return -1;
  }

  /*
   * Next, we try to open the socket. We *should* drop the reserved FD
   * limit if/when we get an error, but we can deal with that later.
   * XXX !!! -- adrian
   */
  int fd = socket(family, sock_type, proto);
  if (fd < 0)
    return -1; /* errno will be passed through, yay.. */

  setup_socket(fd);

  return fd;
}

/*
 * comm_accept() - accept an incoming connection
 *
 * This is a simple wrapper for accept() which enforces FD limits like
 * comm_open() does. Returned fd must be either closed or tagged with
 * fd_open (this function no longer does it).
 */
int
comm_accept(fde_t *F, struct irc_ssaddr *addr)
{
  socklen_t addrlen = sizeof(struct irc_ssaddr);

  if (number_fd >= hard_fdlimit)
  {
    errno = ENFILE;
    return -1;
  }

  memset(addr, 0, sizeof(*addr));

  /*
   * Next, do the accept(). if we get an error, we should drop the
   * reserved fd limit, but we can deal with that when comm_open()
   * also does it. XXX -- adrian
   */
  int fd = accept(F->fd, (struct sockaddr *)addr, &addrlen);
  if (fd < 0)
    return -1;

  remove_ipv6_mapping(addr);

  setup_socket(fd);

  /* .. and return */
  return fd;
}

/*
 * remove_ipv6_mapping() - Removes IPv4-In-IPv6 mapping from an address
 * OSes with IPv6 mapping listening on both
 * AF_INET and AF_INET6 map AF_INET connections inside AF_INET6 structures
 *
 */
void
remove_ipv6_mapping(struct irc_ssaddr *addr)
{
  if (addr->ss.ss_family == AF_INET6)
  {
    if (IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)addr)->sin6_addr))
    {
      struct sockaddr_in6 v6;
      struct sockaddr_in *v4 = (struct sockaddr_in *)addr;

      memcpy(&v6, addr, sizeof(v6));
      memset(v4, 0, sizeof(struct sockaddr_in));
      memcpy(&v4->sin_addr, &v6.sin6_addr.s6_addr[12], sizeof(v4->sin_addr));

      addr->ss.ss_family = AF_INET;
      addr->ss_len = sizeof(struct sockaddr_in);
    }
    else
      addr->ss_len = sizeof(struct sockaddr_in6);
  }
  else
    addr->ss_len = sizeof(struct sockaddr_in);
}
1	/*
2	* ircd-hybrid: an advanced, lightweight Internet Relay Chat Daemon (ircd)
3	*
4	* Copyright (c) 1997-2019 ircd-hybrid development team
5	*
6	* This program is free software; you can redistribute it and/or modify
7	* it under the terms of the GNU General Public License as published by
8	* the Free Software Foundation; either version 2 of the License, or
9	* (at your option) any later version.
10	*
11	* This program is distributed in the hope that it will be useful,
12	* but WITHOUT ANY WARRANTY; without even the implied warranty of
13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14	* GNU General Public License for more details.
15	*
16	* You should have received a copy of the GNU General Public License
17	* along with this program; if not, write to the Free Software
18	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
19	* USA
20	*/
21
22	/*! \file s_bsd.c
23	* \brief Network functions.
24	* \version $Id$
25	*/
26
27	#include "stdinc.h"
28	#include <netinet/in_systm.h>
29	#include <netinet/ip.h>
30	#include <netinet/tcp.h>
31	#include "list.h"
32	#include "fdlist.h"
33	#include "s_bsd.h"
34	#include "client.h"
35	#include "dbuf.h"
36	#include "event.h"
37	#include "irc_string.h"
38	#include "ircd.h"
39	#include "listener.h"
40	#include "numeric.h"
41	#include "packet.h"
42	#include "res.h"
43	#include "restart.h"
44	#include "conf.h"
45	#include "log.h"
46	#include "server.h"
47	#include "send.h"
48	#include "memory.h"
49	#include "user.h"
50
51
52	static const char *const comm_err_str[] =
53	{
54	[COMM_OK] = "Comm OK",
55	[COMM_ERR_BIND] = "Error during bind()",
56	[COMM_ERR_TIMEOUT] = "connect timeout",
57	[COMM_ERR_CONNECT] = "Error during connect()",
58	[COMM_ERROR] = "Comm Error"
59	};
60
61	static void comm_connect_callback(fde_t *, int);
62	static void comm_connect_timeout(fde_t , void );
63	static void comm_connect_tryconnect(fde_t , void );
64
65
66	/* comm_get_sockerr - get the error value from the socket or the current errno
67	*
68	* Get the real error from the socket (well try to anyway..).
69	* This may only work when SO_DEBUG is enabled but its worth the
70	* gamble anyway.
71	*/
72	int
73	comm_get_sockerr(fde_t *F)
74	{
75	int errtmp = errno;
76	#ifdef SO_ERROR
77	int err = 0;
78	socklen_t len = sizeof(err);
79
80	assert(F);
81	assert(F->flags.open == true);
82
83	if (getsockopt(F->fd, SOL_SOCKET, SO_ERROR, &err, &len) == 0)
84	{
85	if (err)
86	errtmp = err;
87	}
88
89	errno = errtmp;
90	#endif
91	return errtmp;
92	}
93
94	/*
95	* report_error - report an error from an errno.
96	* Record error to log and also send a copy to all LOCAL opers online.
97	*
98	* text is a format string for outputing error. It must
99	* contain only two '%s', the first will be replaced
100	* by the sockhost from the client_p, and the latter will
101	* be taken from sys_errlist[errno].
102	*
103	* client_p if not NULL, is the LOCAL client associated with
104	* the error.
105	*
106	* Cannot use perror() within daemon. stderr is closed in
107	* ircd and cannot be used. And, worse yet, it might have
108	* been reassigned to a normal connection...
109	*
110	* Actually stderr is still there IFF ircd was run with -s --Rodder
111	*/
112	void
113	report_error(int level, const char text, const char who, int error)
114	{
115	who = (who) ? who : "";
116
117	sendto_realops_flags(UMODE_DEBUG, level, SEND_NOTICE,
118	text, who, strerror(error));
119	ilog(LOG_TYPE_IRCD, text, who, strerror(error));
120	}
121
122	/*
123	* setup_socket()
124	*
125	* Set the socket non-blocking, and other wonderful bits.
126	*/
127	static void
128	setup_socket(int fd)
129	{
130	int opt = 1;
131
132	setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, sizeof(opt));
133
134	#ifdef IPTOS_LOWDELAY
135	opt = IPTOS_LOWDELAY;
136	setsockopt(fd, IPPROTO_IP, IP_TOS, &opt, sizeof(opt));
137	#endif
138
139	fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) \| O_NONBLOCK);
140	}
141
142	/*
143	* ssl_handshake - let OpenSSL initialize the protocol. Register for
144	* read/write events if necessary.
145	*/
146	static void
147	ssl_handshake(fde_t F, void data)
148	{
149	struct Client *client_p = data;
150
151	assert(client_p);
152	assert(client_p->connection);
153	assert(client_p->connection->fd);
154	assert(client_p->connection->fd == F);
155
156	tls_handshake_status_t ret = tls_handshake(&F->ssl, TLS_ROLE_SERVER, NULL);
157	if (ret != TLS_HANDSHAKE_DONE)
158	{
159	if ((event_base->time.sec_monotonic - client_p->connection->created_monotonic) > CONNECTTIMEOUT)
160	{
161	exit_client(client_p, "Timeout during TLS handshake");
162	return;
163	}
164
165	switch (ret)
166	{
167	case TLS_HANDSHAKE_WANT_WRITE:
168	comm_setselect(F, COMM_SELECT_WRITE, ssl_handshake, client_p, CONNECTTIMEOUT);
169	return;
170	case TLS_HANDSHAKE_WANT_READ:
171	comm_setselect(F, COMM_SELECT_READ, ssl_handshake, client_p, CONNECTTIMEOUT);
172	return;
173	default:
174	exit_client(client_p, "Error during TLS handshake");
175	return;
176	}
177	}
178
179	comm_settimeout(F, 0, NULL, NULL);
180
181	if (tls_verify_cert(&F->ssl, ConfigServerInfo.message_digest_algorithm, &client_p->certfp) == false)
182	ilog(LOG_TYPE_IRCD, "Client %s!%s@%s gave bad TLS client certificate",
183	client_p->name, client_p->username, client_p->host);
184
185	auth_start(client_p);
186	}
187
188	/*
189	* add_connection - creates a client which has just connected to us on
190	* the given fd. The sockhost field is initialized with the ip# of the host.
191	* An unique id is calculated now, in case it is needed for auth.
192	* The client is sent to the auth module for verification, and not put in
193	* any client list yet.
194	*/
195	void
196	add_connection(struct Listener listener, struct irc_ssaddr irn, int fd)
197	{
198	struct Client *client_p = client_make(NULL);
199
200	client_p->connection->fd = fd_open(fd, true, (listener->flags & LISTENER_SSL) ?
201	"Incoming SSL connection" : "Incoming connection");
202
203	/*
204	* copy address to 'sockhost' as a string, copy it to host too
205	* so we have something valid to put into error messages...
206	*/
207	memcpy(&client_p->ip, irn, sizeof(client_p->ip));
208
209	getnameinfo((const struct sockaddr *)&client_p->ip,
210	client_p->ip.ss_len, client_p->sockhost,
211	sizeof(client_p->sockhost), NULL, 0, NI_NUMERICHOST);
212
213	if (client_p->sockhost[0] == ':')
214	{
215	client_p->sockhost[0] = '0';
216	memmove(client_p->sockhost + 1, client_p->sockhost, sizeof(client_p->sockhost) - 1);
217	}
218
219	strlcpy(client_p->host, client_p->sockhost, sizeof(client_p->host));
220
221	client_p->connection->listener = listener;
222	++listener->ref_count;
223
224	if (listener->flags & LISTENER_SSL)
225	{
226	if (tls_new(&client_p->connection->fd->ssl, fd, TLS_ROLE_SERVER) == false)
227	{
228	SetDead(client_p);
229	exit_client(client_p, "TLS context initialization failed");
230	return;
231	}
232
233	AddFlag(client_p, FLAGS_SSL);
234	ssl_handshake(client_p->connection->fd, client_p);
235	}
236	else
237	auth_start(client_p);
238	}
239
240	/*
241	* stolen from squid - its a neat (but overused! :) routine which we
242	* can use to see whether we can ignore this errno or not. It is
243	* generally useful for non-blocking network IO related errnos.
244	* -- adrian
245	*/
246	bool
247	comm_ignore_errno(int ierrno)
248	{
249	switch (ierrno)
250	{
251	case EINPROGRESS:
252	case EWOULDBLOCK:
253	#if EAGAIN != EWOULDBLOCK
254	case EAGAIN:
255	#endif
256	case EALREADY:
257	case EINTR:
258	#ifdef ERESTART
259	case ERESTART:
260	#endif
261	return true;
262	default:
263	return false;
264	}
265	}
266
267	/*
268	* comm_settimeout() - set the socket timeout
269	*
270	* Set the timeout for the fd
271	*/
272	void
273	comm_settimeout(fde_t F, uintmax_t timeout, void (callback)(fde_t , void ), void *cbdata)
274	{
275	assert(F);
276	assert(F->flags.open == true);
277
278	F->timeout = event_base->time.sec_monotonic + (timeout / 1000);
279	F->timeout_handler = callback;
280	F->timeout_data = cbdata;
281	}
282
283	/*
284	* comm_setflush() - set a flush function
285	*
286	* A flush function is simply a function called if found during
287	* comm_timeouts(). Its basically a second timeout, except in this case
288	* I'm too lazy to implement multiple timeout functions! :-)
289	* its kinda nice to have it separate, since this is designed for
290	* flush functions, and when comm_close() is implemented correctly
291	* with close functions, we _actually_ don't call comm_close() here ..
292	* -- originally Adrian's notes
293	* comm_close() is replaced with fd_close() in fdlist.c
294	*/
295	void
296	comm_setflush(fde_t F, uintmax_t timeout, void (callback)(fde_t , void ), void *cbdata)
297	{
298	assert(F);
299	assert(F->flags.open == true);
300
301	F->flush_timeout = event_base->time.sec_monotonic + (timeout / 1000);
302	F->flush_handler = callback;
303	F->flush_data = cbdata;
304	}
305
306	/*
307	* comm_checktimeouts() - check the socket timeouts
308	*
309	* All this routine does is call the given callback/cbdata, without closing
310	* down the file descriptor. When close handlers have been implemented,
311	* this will happen.
312	*/
313	void
314	comm_checktimeouts(void *unused)
315	{
316	void (hdl)(fde_t , void *);
317	void *data;
318
319	for (int fd = 0; fd <= highest_fd; ++fd)
320	{
321	fde_t *F = &fd_table[fd];
322
323	if (F->flags.open == false)
324	continue;
325
326	/* check flush functions */
327	if (F->flush_handler && F->flush_timeout > 0 &&
328	F->flush_timeout < event_base->time.sec_monotonic)
329	{
330	hdl = F->flush_handler;
331	data = F->flush_data;
332
333	comm_setflush(F, 0, NULL, NULL);
334	hdl(F, data);
335	}
336
337	/* check timeouts */
338	if (F->timeout_handler && F->timeout > 0 &&
339	F->timeout < event_base->time.sec_monotonic)
340	{
341	/* Call timeout handler */
342	hdl = F->timeout_handler;
343	data = F->timeout_data;
344
345	comm_settimeout(F, 0, NULL, NULL);
346	hdl(F, data);
347	}
348	}
349	}
350
351	/*
352	* void comm_connect_tcp(int fd, const char *host, unsigned short port,
353	* struct sockaddr *clocal, int socklen,
354	* CNCB callback, void data, int aftype, int timeout)
355	* Input: An fd to connect with, a host and port to connect to,
356	* a local sockaddr to connect from + length(or NULL to use the
357	* default), a callback, the data to pass into the callback, the
358	* address family.
359	* Output: None.
360	* Side-effects: A non-blocking connection to the host is started, and
361	* if necessary, set up for selection. The callback given
362	* may be called now, or it may be called later.
363	*/
364	void
365	comm_connect_tcp(fde_t F, const struct irc_ssaddr caddr, unsigned short port, const struct irc_ssaddr *baddr,
366	void (callback)(fde_t , int, void ), void data, uintmax_t timeout)
367	{
368	assert(callback);
369
370	memcpy(&F->connect.hostaddr, caddr, sizeof(F->connect.hostaddr));
371
372	/* The cast is hacky, but safe - port offset is same on v4 and v6 */
373	((struct sockaddr_in *)&F->connect.hostaddr)->sin_port = htons(port);
374	F->connect.callback = callback;
375	F->connect.data = data;
376
377	/* Note that we're using a passed sockaddr here. This is because
378	* generally you'll be bind()ing to a sockaddr grabbed from
379	* getsockname(), so this makes things easier.
380	* XXX If NULL is passed as local, we should later on bind() to the
381	* virtual host IP, for completeness.
382	* -- adrian
383	*/
384	if (baddr && bind(F->fd, (const struct sockaddr *)baddr, baddr->ss_len) < 0)
385	{
386	/* Failure, call the callback with COMM_ERR_BIND */
387	comm_connect_callback(F, COMM_ERR_BIND);
388	return; /* ... and quit */
389	}
390
391	comm_settimeout(F, timeout * 1000, comm_connect_timeout, NULL);
392	comm_connect_tryconnect(F, NULL);
393	}
394
395	/*
396	* comm_connect_callback() - call the callback, and continue with life
397	*/
398	static void
399	comm_connect_callback(fde_t *F, int status)
400	{
401	void (hdl)(fde_t , int, void *);
402
403	/* This check is gross..but probably necessary */
404	if (F->connect.callback == NULL)
405	return;
406
407	/* Clear the connect flag + handler */
408	hdl = F->connect.callback;
409	F->connect.callback = NULL;
410
411	/* Clear the timeout handler */
412	comm_settimeout(F, 0, NULL, NULL);
413
414	/* Call the handler */
415	hdl(F, status, F->connect.data);
416	}
417
418	/*
419	* comm_connect_timeout() - this gets called when the socket connection
420	* times out. This only can be called once connect() is initially
421	* called ..
422	*/
423	static void
424	comm_connect_timeout(fde_t F, void unused)
425	{
426	/* error! */
427	comm_connect_callback(F, COMM_ERR_TIMEOUT);
428	}
429
430	/* static void comm_connect_tryconnect(fde_t fd, void unused)
431	* Input: The fd, the handler data(unused).
432	* Output: None.
433	* Side-effects: Try and connect with pending connect data for the FD. If
434	* we succeed or get a fatal error, call the callback.
435	* Otherwise, it is still blocking or something, so register
436	* to select for a write event on this FD.
437	*/
438	static void
439	comm_connect_tryconnect(fde_t F, void unused)
440	{
441	/* This check is needed or re-entrant s_bsd_* like sigio break it. */
442	if (F->connect.callback == NULL)
443	return;
444
445	/* Try the connect() */
446	int retval = connect(F->fd, (struct sockaddr *)&F->connect.hostaddr, F->connect.hostaddr.ss_len);
447
448	/* Error? */
449	if (retval < 0)
450	{
451	/*
452	* If we get EISCONN, then we've already connect()ed the socket,
453	* which is a good thing.
454	* -- adrian
455	*/
456	if (errno == EISCONN)
457	comm_connect_callback(F, COMM_OK);
458	else if (comm_ignore_errno(errno))
459	/* Ignore error? Reschedule */
460	comm_setselect(F, COMM_SELECT_WRITE, comm_connect_tryconnect, NULL, 0);
461	else
462	/* Error? Fail with COMM_ERR_CONNECT */
463	comm_connect_callback(F, COMM_ERR_CONNECT);
464	return;
465	}
466
467	/* If we get here, we've suceeded, so call with COMM_OK */
468	comm_connect_callback(F, COMM_OK);
469	}
470
471	/*
472	* comm_errorstr() - return an error string for the given error condition
473	*/
474	const char *
475	comm_errstr(int error)
476	{
477	if (error < 0 \|\| error >= COMM_ERR_MAX)
478	return "Invalid error number!";
479	return comm_err_str[error];
480	}
481
482	/*
483	* comm_open() - open a socket
484	*
485	* This is a highly highly cut down version of squid's comm_open() which
486	* for the most part emulates socket(), EXCEPT it fails if we're about
487	* to run out of file descriptors.
488	*/
489	int
490	comm_socket(int family, int sock_type, int proto)
491	{
492	/* First, make sure we aren't going to run out of file descriptors */
493	if (number_fd >= hard_fdlimit)
494	{
495	errno = ENFILE;
496	return -1;
497	}
498
499	/*
500	* Next, we try to open the socket. We should drop the reserved FD
501	* limit if/when we get an error, but we can deal with that later.
502	* XXX !!! -- adrian
503	*/
504	int fd = socket(family, sock_type, proto);
505	if (fd < 0)
506	return -1; /* errno will be passed through, yay.. */
507
508	setup_socket(fd);
509
510	return fd;
511	}
512
513	/*
514	* comm_accept() - accept an incoming connection
515	*
516	* This is a simple wrapper for accept() which enforces FD limits like
517	* comm_open() does. Returned fd must be either closed or tagged with
518	* fd_open (this function no longer does it).
519	*/
520	int
521	comm_accept(fde_t F, struct irc_ssaddr addr)
522	{
523	socklen_t addrlen = sizeof(struct irc_ssaddr);
524
525	if (number_fd >= hard_fdlimit)
526	{
527	errno = ENFILE;
528	return -1;
529	}
530
531	memset(addr, 0, sizeof(*addr));
532
533	/*
534	* Next, do the accept(). if we get an error, we should drop the
535	* reserved fd limit, but we can deal with that when comm_open()
536	* also does it. XXX -- adrian
537	*/
538	int fd = accept(F->fd, (struct sockaddr *)addr, &addrlen);
539	if (fd < 0)
540	return -1;
541
542	remove_ipv6_mapping(addr);
543
544	setup_socket(fd);
545
546	/* .. and return */
547	return fd;
548	}
549
550	/*
551	* remove_ipv6_mapping() - Removes IPv4-In-IPv6 mapping from an address
552	* OSes with IPv6 mapping listening on both
553	* AF_INET and AF_INET6 map AF_INET connections inside AF_INET6 structures
554	*
555	*/
556	void
557	remove_ipv6_mapping(struct irc_ssaddr *addr)
558	{
559	if (addr->ss.ss_family == AF_INET6)
560	{
561	if (IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)addr)->sin6_addr))
562	{
563	struct sockaddr_in6 v6;
564	struct sockaddr_in v4 = (struct sockaddr_in )addr;
565
566	memcpy(&v6, addr, sizeof(v6));
567	memset(v4, 0, sizeof(struct sockaddr_in));
568	memcpy(&v4->sin_addr, &v6.sin6_addr.s6_addr[12], sizeof(v4->sin_addr));
569
570	addr->ss.ss_family = AF_INET;
571	addr->ss_len = sizeof(struct sockaddr_in);
572	}
573	else
574	addr->ss_len = sizeof(struct sockaddr_in6);
575	}
576	else
577	addr->ss_len = sizeof(struct sockaddr_in);
578	}
svnadmin@ircd-hybrid.org	ViewVC Help
Powered by ViewVC 1.1.28