ViewVC Help
View File | Revision Log | Show Annotations | View Changeset | Root Listing
root/svn/ircd-hybrid/trunk/src/auth.c
(Generate patch)

Comparing:
ircd-hybrid-7.2/src/s_auth.c (file contents), Revision 998 by michael, Sun Aug 23 12:43:17 2009 UTC vs.
ircd-hybrid/trunk/src/s_auth.c (file contents), Revision 2916 by michael, Sat Jan 25 21:09:18 2014 UTC

# Line 1 | Line 1
1   /*
2 < *  ircd-hybrid: an advanced Internet Relay Chat Daemon(ircd).
3 < *  s_auth.c: Functions for querying a users ident.
2 > *  ircd-hybrid: an advanced, lightweight Internet Relay Chat Daemon (ircd)
3   *
4 < *  Copyright (C) 2002 by the past and present ircd coders, and others.
4 > *  Copyright (c) 1997-2014 ircd-hybrid development team
5   *
6   *  This program is free software; you can redistribute it and/or modify
7   *  it under the terms of the GNU General Public License as published by
# Line 18 | Line 17
17   *  along with this program; if not, write to the Free Software
18   *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
19   *  USA
20 < *
21 < *  $Id$
20 > */
21 >
22 > /*! \file s_auth.c
23 > * \brief Functions for querying a users ident.
24 > * \version $Id$
25   */
26  
27   /*
# Line 32 | Line 34
34   *     any messages from it.
35   *     --Bleep  Thomas Helvey <tomh@inxpress.net>
36   */
37 +
38   #include "stdinc.h"
36 #include "tools.h"
39   #include "list.h"
40 + #include "ircd_defs.h"
41 + #include "fdlist.h"
42   #include "s_auth.h"
43 < #include "s_conf.h"
40 < #include "balloc.h"
43 > #include "conf.h"
44   #include "client.h"
42 #include "common.h"
45   #include "event.h"
44 #include "fdlist.h"              /* fdlist_add */
46   #include "hook.h"
47   #include "irc_string.h"
47 #include "sprintf_irc.h"
48   #include "ircd.h"
49 #include "numeric.h"
49   #include "packet.h"
50   #include "irc_res.h"
51   #include "s_bsd.h"
52 < #include "s_log.h"
52 > #include "log.h"
53   #include "send.h"
54 < #include "memory.h"
54 > #include "mempool.h"
55  
56 < static const char *HeaderMessages[] = {
56 >
57 > static const char *HeaderMessages[] =
58 > {
59    ":%s NOTICE AUTH :*** Looking up your hostname...",
60    ":%s NOTICE AUTH :*** Found your hostname",
61    ":%s NOTICE AUTH :*** Couldn't look up your hostname",
# Line 65 | Line 66 | static const char *HeaderMessages[] = {
66    ":%s NOTICE AUTH :*** Your hostname is too long, ignoring hostname"
67   };
68  
69 < enum {
69 > enum
70 > {
71    REPORT_DO_DNS,
72    REPORT_FIN_DNS,
73    REPORT_FAIL_DNS,
# Line 78 | Line 80 | enum {
80  
81   #define sendheader(c, i) sendto_one((c), HeaderMessages[(i)], me.name)
82  
81 static BlockHeap *auth_heap = NULL;
83   static dlink_list auth_doing_list = { NULL, NULL, 0 };
84  
85   static EVH timeout_auth_queries_event;
86  
87   static PF read_auth_reply;
88   static CNCB auth_connect_callback;
88 static CBFUNC start_auth;
89
90 struct Callback *auth_cb = NULL;
89  
90 < /* init_auth()
90 > /* auth_init
91   *
92   * Initialise the auth code
93   */
94   void
95 < init_auth(void)
95 > auth_init(void)
96   {
99  auth_heap = BlockHeapCreate("auth", sizeof(struct AuthRequest), AUTH_HEAP_SIZE);
100  auth_cb = register_callback("start_auth", start_auth);
97    eventAddIsh("timeout_auth_queries_event", timeout_auth_queries_event, NULL, 1);
98   }
99  
# Line 107 | Line 103 | init_auth(void)
103   static struct AuthRequest *
104   make_auth_request(struct Client *client)
105   {
106 <  struct AuthRequest *request = BlockHeapAlloc(auth_heap);
106 >  struct AuthRequest *request = &client->localClient->auth;
107  
108 <  client->localClient->auth = request;
109 <  request->client           = client;
110 <  request->timeout          = CurrentTime + CONNECTTIMEOUT;
108 >  memset(request, 0, sizeof(*request));
109 >
110 >  request->client  = client;
111 >  request->timeout = CurrentTime + CONNECTTIMEOUT;
112  
113    return request;
114   }
# Line 129 | Line 126 | release_auth_client(struct AuthRequest *
126    if (IsDoingAuth(auth) || IsDNSPending(auth))
127      return;
128  
129 <  client->localClient->auth = NULL;
130 <  dlinkDelete(&auth->node, &auth_doing_list);
134 <  BlockHeapFree(auth_heap, auth);
129 >  if (dlinkFind(&auth_doing_list, auth))
130 >    dlinkDelete(&auth->node, &auth_doing_list);
131  
132    /*
133     * When a client has auth'ed, we want to start reading what it sends
# Line 143 | Line 139 | release_auth_client(struct AuthRequest *
139  
140    dlinkAdd(client, &client->node, &global_client_list);
141  
142 <  client->since  = client->lasttime = client->firsttime = CurrentTime;
142 >  client->localClient->since     = CurrentTime;
143 >  client->localClient->lasttime  = CurrentTime;
144 >  client->localClient->firsttime = CurrentTime;
145    client->flags |= FLAGS_FINISHED_AUTH;
146  
147    read_packet(&client->localClient->fd, client);
148   }
149 <
149 >
150   /*
151   * auth_dns_callback - called when resolver query finishes
152   * if the query resulted in a successful search, name will contain
# Line 196 | Line 194 | auth_dns_callback(void *vptr, const stru
194      if (good && strlen(name) <= HOSTLEN)
195      {
196        strlcpy(auth->client->host, name,
197 <              sizeof(auth->client->host));
197 >              sizeof(auth->client->host));
198        sendheader(auth->client, REPORT_FIN_DNS);
199      }
200      else if (strlen(name) > HOSTLEN)
# Line 226 | Line 224 | auth_error(struct AuthRequest *auth)
224   }
225  
226   /*
227 < * start_auth_query - Flag the client to show that an attempt to
227 > * start_auth_query - Flag the client to show that an attempt to
228   * contact the ident server on
229   * the client's host.  The connect and subsequently the socket are all put
230   * into 'non-blocking' mode.  Should the connect or any later phase of the
# Line 248 | Line 246 | start_auth_query(struct AuthRequest *aut
246    if (comm_open(&auth->fd, auth->client->localClient->ip.ss.ss_family,
247                  SOCK_STREAM, 0, "ident") == -1)
248    {
249 <    report_error(L_ALL, "creating auth stream socket %s:%s",
250 <        get_client_name(auth->client, SHOW_IP), errno);
251 <    ilog(L_ERROR, "Unable to create auth socket for %s",
249 >    report_error(L_ALL, "creating auth stream socket %s:%s",
250 >                 get_client_name(auth->client, SHOW_IP), errno);
251 >    ilog(LOG_TYPE_IRCD, "Unable to create auth socket for %s",
252          get_client_name(auth->client, SHOW_IP));
253      ++ServerStats.is_abad;
254      return 0;
# Line 258 | Line 256 | start_auth_query(struct AuthRequest *aut
256  
257    sendheader(auth->client, REPORT_DO_ID);
258  
259 <  /*
259 >  /*
260     * get the local address of the client and bind to that to
261     * make the auth request.  This used to be done only for
262     * ifdef VIRTUAL_HOST, but needs to be done for all clients
# Line 280 | Line 278 | start_auth_query(struct AuthRequest *aut
278   #endif
279    localaddr.ss_port = htons(0);
280  
281 <  comm_connect_tcp(&auth->fd, auth->client->sockhost, 113,
282 <      (struct sockaddr *)&localaddr, localaddr.ss_len, auth_connect_callback,
283 <      auth, auth->client->localClient->ip.ss.ss_family,
281 >  comm_connect_tcp(&auth->fd, auth->client->sockhost, 113,
282 >      (struct sockaddr *)&localaddr, localaddr.ss_len, auth_connect_callback,
283 >      auth, auth->client->localClient->ip.ss.ss_family,
284        GlobalSetOptions.ident_timeout);
285    return 1; /* We suceed here for now */
286   }
287  
288   /*
289   * GetValidIdent - parse ident query reply from identd server
290 < *
290 > *
291   * Inputs        - pointer to ident buf
292   * Output        - NULL if no valid ident found, otherwise pointer to name
293   * Side effects  -
# Line 322 | Line 320 | GetValidIdent(char *buf)
320  
321    /* All this to get rid of a sscanf() fun. */
322    remotePortString = buf;
323 <  
323 >
324    if ((colon1Ptr = strchr(remotePortString,':')) == NULL)
325      return 0;
326    *colon1Ptr = '\0';
# Line 332 | Line 330 | GetValidIdent(char *buf)
330      return 0;
331    *colon2Ptr = '\0';
332    colon2Ptr++;
333 <  
333 >
334    if ((commaPtr = strchr(remotePortString, ',')) == NULL)
335      return 0;
336    *commaPtr = '\0';
# Line 340 | Line 338 | GetValidIdent(char *buf)
338  
339    if ((remp = atoi(remotePortString)) == 0)
340      return 0;
341 <              
341 >
342    if ((locp = atoi(commaPtr)) == 0)
343      return 0;
344  
# Line 356 | Line 354 | GetValidIdent(char *buf)
354   }
355  
356   /*
357 < * start_auth
357 > * start_auth
358   *
359   * inputs       - pointer to client to auth
360   * output       - NONE
361   * side effects - starts auth (identd) and dns queries for a client
362   */
363 < static void *
364 < start_auth(va_list args)
363 > void
364 > start_auth(struct Client *client)
365   {
368  struct Client *client = va_arg(args, struct Client *);
366    struct AuthRequest *auth = NULL;
367  
368    assert(client != NULL);
369  
370    auth = make_auth_request(client);
371 +  dlinkAdd(auth, &auth->node, &auth_doing_list);
372  
373    sendheader(client, REPORT_DO_DNS);
374  
# Line 382 | Line 380 | start_auth(va_list args)
380      start_auth_query(auth);
381    }
382  
385  dlinkAdd(auth, &auth->node, &auth_doing_list);
386
383    gethost_byaddr(auth_dns_callback, auth, &client->localClient->ip);
388
389  return NULL;
384   }
385  
386   /*
# Line 405 | Line 399 | timeout_auth_queries_event(void *notused
399      if (auth->timeout > CurrentTime)
400        continue;
401  
408    fd_close(&auth->fd);
409
402      if (IsDoingAuth(auth))
403 <    {  
403 >    {
404        ++ServerStats.is_abad;
405 +      fd_close(&auth->fd);
406        ClearAuth(auth);
407        sendheader(auth->client, REPORT_FAIL_ID);
408      }
# Line 421 | Line 414 | timeout_auth_queries_event(void *notused
414        sendheader(auth->client, REPORT_FAIL_DNS);
415      }
416  
417 <    ilog(L_INFO, "DNS/AUTH timeout %s",
417 >    ilog(LOG_TYPE_IRCD, "DNS/AUTH timeout %s",
418           get_client_name(auth->client, SHOW_IP));
419      release_auth_client(auth);
420    }
# Line 447 | Line 440 | auth_connect_callback(fde_t *fd, int err
440    char authbuf[32];
441    socklen_t ulen = sizeof(struct irc_ssaddr);
442    socklen_t tlen = sizeof(struct irc_ssaddr);
443 <  u_int16_t uport, tport;
443 >  uint16_t uport, tport;
444   #ifdef IPV6
445    struct sockaddr_in6 *v6;
446   #else
# Line 460 | Line 453 | auth_connect_callback(fde_t *fd, int err
453      return;
454    }
455  
456 <  if (getsockname(auth->client->localClient->fd.fd, (struct sockaddr *) &us,
457 <      (socklen_t *) &ulen) ||
458 <      getpeername(auth->client->localClient->fd.fd, (struct sockaddr *) &them,
459 <      (socklen_t *) &tlen))
456 >  if (getsockname(auth->client->localClient->fd.fd, (struct sockaddr *)&us,
457 >      &ulen) ||
458 >      getpeername(auth->client->localClient->fd.fd, (struct sockaddr *)&them,
459 >      &tlen))
460    {
461 <    ilog(L_INFO, "auth get{sock,peer}name error for %s",
461 >    ilog(LOG_TYPE_IRCD, "auth get{sock,peer}name error for %s",
462          get_client_name(auth->client, SHOW_IP));
463      auth_error(auth);
464      return;
# Line 486 | Line 479 | auth_connect_callback(fde_t *fd, int err
479    us.ss_len = ulen;
480    them.ss_len = tlen;
481   #endif
482 <  
483 <  ircsprintf(authbuf, "%u , %u\r\n", tport, uport);
482 >
483 >  snprintf(authbuf, sizeof(authbuf), "%u , %u\r\n", tport, uport);
484  
485    if (send(fd->fd, authbuf, strlen(authbuf), 0) == -1)
486    {
# Line 499 | Line 492 | auth_connect_callback(fde_t *fd, int err
492   }
493  
494   /*
495 < * read_auth_reply - read the reply (if any) from the ident server
495 > * read_auth_reply - read the reply (if any) from the ident server
496   * we connected to.
497   * We only give it one shot, if the reply isn't good the first time
498   * fail the authentication entirely. --Bleep
# Line 527 | Line 520 | read_auth_reply(fde_t *fd, void *data)
520     *
521     *    --nenolod
522     */
530 #ifndef _WIN32
523    len = read(fd->fd, buf, AUTH_BUFSIZ);
524 < #else
533 <  len = recv(fd->fd, buf, AUTH_BUFSIZ, 0);
534 < #endif
535 <  
524 >
525    if (len < 0)
526    {
538 #ifdef _WIN32
539    errno = WSAGetLastError();
540 #endif
527      if (ignoreErrno(errno))
528        comm_setselect(fd, COMM_SELECT_READ, read_auth_reply, auth, 0);
529      else
# Line 593 | Line 579 | read_auth_reply(fde_t *fd, void *data)
579   /*
580   * delete_auth()
581   */
582 < void
582 > void
583   delete_auth(struct AuthRequest *auth)
584   {
585    if (IsDNSPending(auth))
586      delete_resolver_queries(auth);
587  
588 <  fd_close(&auth->fd);
589 <  dlinkDelete(&auth->node, &auth_doing_list);
590 <  BlockHeapFree(auth_heap, auth);
588 >  if (IsDoingAuth(auth))
589 >    fd_close(&auth->fd);
590 >
591 >  if (dlinkFind(&auth_doing_list, auth))
592 >    dlinkDelete(&auth->node, &auth_doing_list);
593   }

Diff Legend

Removed lines
+ Added lines
< Changed lines (old)
> Changed lines (new)