| 1 |
|
/* |
| 2 |
|
* ircd-hybrid: an advanced, lightweight Internet Relay Chat Daemon (ircd) |
| 3 |
|
* |
| 4 |
< |
* Copyright (c) 1997-2014 ircd-hybrid development team |
| 4 |
> |
* Copyright (c) 1997-2015 ircd-hybrid development team |
| 5 |
|
* |
| 6 |
|
* This program is free software; you can redistribute it and/or modify |
| 7 |
|
* it under the terms of the GNU General Public License as published by |
| 15 |
|
* |
| 16 |
|
* You should have received a copy of the GNU General Public License |
| 17 |
|
* along with this program; if not, write to the Free Software |
| 18 |
< |
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 |
| 18 |
> |
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 |
| 19 |
|
* USA |
| 20 |
|
*/ |
| 21 |
|
|
| 77 |
|
REPORT_HOST_TOOLONG |
| 78 |
|
}; |
| 79 |
|
|
| 80 |
< |
#define sendheader(c, i) sendto_one_notice((c), &me, HeaderMessages[(i)]) |
| 80 |
> |
#define sendheader(c, i) sendto_one_notice((c), &me, "%s", HeaderMessages[(i)]) |
| 81 |
|
|
| 82 |
|
static dlink_list auth_pending_list; |
| 83 |
< |
static PF read_auth_reply; |
| 84 |
< |
static CNCB auth_connect_callback; |
| 83 |
> |
static void read_auth_reply(fde_t *, void *); |
| 84 |
> |
static void auth_connect_callback(fde_t *, int, void *); |
| 85 |
|
|
| 86 |
|
|
| 87 |
|
/* |
| 90 |
|
static struct AuthRequest * |
| 91 |
|
make_auth_request(struct Client *client) |
| 92 |
|
{ |
| 93 |
< |
struct AuthRequest *request = &client->localClient->auth; |
| 93 |
> |
struct AuthRequest *const request = &client->connection->auth; |
| 94 |
|
|
| 95 |
|
memset(request, 0, sizeof(*request)); |
| 96 |
|
|
| 108 |
|
void |
| 109 |
|
release_auth_client(struct AuthRequest *auth) |
| 110 |
|
{ |
| 111 |
< |
struct Client *client = auth->client; |
| 111 |
> |
struct Client *const client = auth->client; |
| 112 |
|
|
| 113 |
|
if (IsDoingAuth(auth) || IsDNSPending(auth)) |
| 114 |
|
return; |
| 124 |
|
* us. This is what read_packet() does. |
| 125 |
|
* -- adrian |
| 126 |
|
*/ |
| 127 |
< |
client->localClient->allow_read = MAX_FLOOD; |
| 128 |
< |
comm_setflush(&client->localClient->fd, 1000, flood_recalc, client); |
| 127 |
> |
client->connection->allow_read = MAX_FLOOD; |
| 128 |
> |
comm_setflush(&client->connection->fd, 1000, flood_recalc, client); |
| 129 |
|
|
| 130 |
< |
client->localClient->since = CurrentTime; |
| 131 |
< |
client->localClient->lasttime = CurrentTime; |
| 132 |
< |
client->localClient->firsttime = CurrentTime; |
| 130 |
> |
client->connection->since = CurrentTime; |
| 131 |
> |
client->connection->lasttime = CurrentTime; |
| 132 |
> |
client->connection->firsttime = CurrentTime; |
| 133 |
|
client->flags |= FLAGS_FINISHED_AUTH; |
| 134 |
|
|
| 135 |
< |
read_packet(&client->localClient->fd, client); |
| 135 |
> |
read_packet(&client->connection->fd, client); |
| 136 |
|
} |
| 137 |
|
|
| 138 |
|
/* |
| 145 |
|
static void |
| 146 |
|
auth_dns_callback(void *vptr, const struct irc_ssaddr *addr, const char *name, size_t namelength) |
| 147 |
|
{ |
| 148 |
< |
struct AuthRequest *auth = vptr; |
| 148 |
> |
struct AuthRequest *const auth = vptr; |
| 149 |
|
|
| 150 |
|
ClearDNSPending(auth); |
| 151 |
|
|
| 152 |
|
if (!EmptyString(name)) |
| 153 |
|
{ |
| 154 |
< |
const struct sockaddr_in *v4, *v4dns; |
| 155 |
< |
#ifdef IPV6 |
| 156 |
< |
const struct sockaddr_in6 *v6, *v6dns; |
| 157 |
< |
|
| 158 |
< |
if (auth->client->localClient->ip.ss.ss_family == AF_INET6) |
| 154 |
> |
if (auth->client->connection->ip.ss.ss_family == AF_INET6) |
| 155 |
|
{ |
| 156 |
< |
v6 = (const struct sockaddr_in6 *)&auth->client->localClient->ip; |
| 157 |
< |
v6dns = (const struct sockaddr_in6 *)addr; |
| 156 |
> |
const struct sockaddr_in6 *const v6 = (const struct sockaddr_in6 *)&auth->client->connection->ip; |
| 157 |
> |
const struct sockaddr_in6 *const v6dns = (const struct sockaddr_in6 *)addr; |
| 158 |
|
|
| 159 |
|
if (memcmp(&v6->sin6_addr, &v6dns->sin6_addr, sizeof(struct in6_addr)) != 0) |
| 160 |
|
{ |
| 164 |
|
} |
| 165 |
|
} |
| 166 |
|
else |
| 171 |
– |
#endif |
| 167 |
|
{ |
| 168 |
< |
v4 = (const struct sockaddr_in *)&auth->client->localClient->ip; |
| 169 |
< |
v4dns = (const struct sockaddr_in *)addr; |
| 168 |
> |
const struct sockaddr_in *const v4 = (const struct sockaddr_in *)&auth->client->connection->ip; |
| 169 |
> |
const struct sockaddr_in *const v4dns = (const struct sockaddr_in *)addr; |
| 170 |
|
|
| 171 |
|
if (v4->sin_addr.s_addr != v4dns->sin_addr.s_addr) |
| 172 |
|
{ |
| 220 |
|
{ |
| 221 |
|
struct irc_ssaddr localaddr; |
| 222 |
|
socklen_t locallen = sizeof(struct irc_ssaddr); |
| 228 |
– |
#ifdef IPV6 |
| 223 |
|
struct sockaddr_in6 *v6; |
| 230 |
– |
#else |
| 231 |
– |
struct sockaddr_in *v4; |
| 232 |
– |
#endif |
| 224 |
|
|
| 225 |
|
/* open a socket of the same type as the client socket */ |
| 226 |
< |
if (comm_open(&auth->fd, auth->client->localClient->ip.ss.ss_family, |
| 226 |
> |
if (comm_open(&auth->fd, auth->client->connection->ip.ss.ss_family, |
| 227 |
|
SOCK_STREAM, 0, "ident") == -1) |
| 228 |
|
{ |
| 229 |
|
report_error(L_ALL, "creating auth stream socket %s:%s", |
| 230 |
|
get_client_name(auth->client, SHOW_IP), errno); |
| 240 |
– |
ilog(LOG_TYPE_IRCD, "Unable to create auth socket for %s", |
| 241 |
– |
get_client_name(auth->client, SHOW_IP)); |
| 231 |
|
++ServerStats.is_abad; |
| 232 |
|
return 0; |
| 233 |
|
} |
| 235 |
|
sendheader(auth->client, REPORT_DO_ID); |
| 236 |
|
|
| 237 |
|
/* |
| 238 |
< |
* get the local address of the client and bind to that to |
| 239 |
< |
* make the auth request. This used to be done only for |
| 251 |
< |
* ifdef VIRTUAL_HOST, but needs to be done for all clients |
| 252 |
< |
* since the ident request must originate from that same address-- |
| 253 |
< |
* and machines with multiple IP addresses are common now |
| 238 |
> |
* Get the local address of the client and bind to that to |
| 239 |
> |
* make the auth request. |
| 240 |
|
*/ |
| 241 |
|
memset(&localaddr, 0, locallen); |
| 242 |
< |
getsockname(auth->client->localClient->fd.fd, (struct sockaddr*)&localaddr, |
| 242 |
> |
getsockname(auth->client->connection->fd.fd, (struct sockaddr*)&localaddr, |
| 243 |
|
&locallen); |
| 244 |
|
|
| 259 |
– |
#ifdef IPV6 |
| 245 |
|
remove_ipv6_mapping(&localaddr); |
| 246 |
|
v6 = (struct sockaddr_in6 *)&localaddr; |
| 247 |
|
v6->sin6_port = htons(0); |
| 263 |
– |
#else |
| 264 |
– |
localaddr.ss_len = locallen; |
| 265 |
– |
v4 = (struct sockaddr_in *)&localaddr; |
| 266 |
– |
v4->sin_port = htons(0); |
| 267 |
– |
#endif |
| 248 |
|
localaddr.ss_port = htons(0); |
| 249 |
|
|
| 250 |
|
comm_connect_tcp(&auth->fd, auth->client->sockhost, RFC1413_PORT, |
| 251 |
|
(struct sockaddr *)&localaddr, localaddr.ss_len, auth_connect_callback, |
| 252 |
< |
auth, auth->client->localClient->ip.ss.ss_family, |
| 252 |
> |
auth, auth->client->connection->ip.ss.ss_family, |
| 253 |
|
GlobalSetOptions.ident_timeout); |
| 254 |
|
return 1; /* We suceed here for now */ |
| 255 |
|
} |
| 264 |
|
void |
| 265 |
|
start_auth(struct Client *client_p) |
| 266 |
|
{ |
| 267 |
< |
struct AuthRequest *auth = NULL; |
| 288 |
< |
|
| 289 |
< |
assert(client_p); |
| 267 |
> |
struct AuthRequest *const auth = make_auth_request(client_p); |
| 268 |
|
|
| 291 |
– |
auth = make_auth_request(client_p); |
| 269 |
|
SetInAuth(auth); |
| 270 |
|
dlinkAddTail(auth, &auth->node, &auth_pending_list); |
| 271 |
|
|
| 279 |
|
start_auth_query(auth); |
| 280 |
|
} |
| 281 |
|
|
| 282 |
< |
gethost_byaddr(auth_dns_callback, auth, &client_p->localClient->ip); |
| 282 |
> |
gethost_byaddr(auth_dns_callback, auth, &client_p->connection->ip); |
| 283 |
|
} |
| 284 |
|
|
| 285 |
|
/* |
| 289 |
|
static void |
| 290 |
|
timeout_auth_queries_event(void *notused) |
| 291 |
|
{ |
| 292 |
< |
dlink_node *ptr = NULL, *ptr_next = NULL; |
| 292 |
> |
dlink_node *node = NULL, *node_next = NULL; |
| 293 |
|
|
| 294 |
< |
DLINK_FOREACH_SAFE(ptr, ptr_next, auth_pending_list.head) |
| 294 |
> |
DLINK_FOREACH_SAFE(node, node_next, auth_pending_list.head) |
| 295 |
|
{ |
| 296 |
< |
struct AuthRequest *auth = ptr->data; |
| 296 |
> |
struct AuthRequest *auth = node->data; |
| 297 |
|
|
| 298 |
|
if (auth->timeout > CurrentTime) |
| 299 |
|
break; |
| 313 |
|
sendheader(auth->client, REPORT_FAIL_DNS); |
| 314 |
|
} |
| 315 |
|
|
| 339 |
– |
ilog(LOG_TYPE_IRCD, "DNS/AUTH timeout %s", |
| 340 |
– |
get_client_name(auth->client, SHOW_IP)); |
| 316 |
|
release_auth_client(auth); |
| 317 |
|
} |
| 318 |
|
} |
| 331 |
|
static void |
| 332 |
|
auth_connect_callback(fde_t *fd, int error, void *data) |
| 333 |
|
{ |
| 334 |
< |
struct AuthRequest *auth = data; |
| 334 |
> |
struct AuthRequest *const auth = data; |
| 335 |
|
struct irc_ssaddr us; |
| 336 |
|
struct irc_ssaddr them; |
| 337 |
< |
char authbuf[32]; |
| 337 |
> |
char authbuf[16]; |
| 338 |
|
socklen_t ulen = sizeof(struct irc_ssaddr); |
| 339 |
|
socklen_t tlen = sizeof(struct irc_ssaddr); |
| 340 |
|
uint16_t uport, tport; |
| 366 |
– |
#ifdef IPV6 |
| 341 |
|
struct sockaddr_in6 *v6; |
| 368 |
– |
#else |
| 369 |
– |
struct sockaddr_in *v4; |
| 370 |
– |
#endif |
| 342 |
|
|
| 343 |
|
if (error != COMM_OK) |
| 344 |
|
{ |
| 346 |
|
return; |
| 347 |
|
} |
| 348 |
|
|
| 349 |
< |
if (getsockname(auth->client->localClient->fd.fd, (struct sockaddr *)&us, &ulen) || |
| 350 |
< |
getpeername(auth->client->localClient->fd.fd, (struct sockaddr *)&them, &tlen)) |
| 349 |
> |
if (getsockname(auth->client->connection->fd.fd, (struct sockaddr *)&us, &ulen) || |
| 350 |
> |
getpeername(auth->client->connection->fd.fd, (struct sockaddr *)&them, &tlen)) |
| 351 |
|
{ |
| 352 |
< |
ilog(LOG_TYPE_IRCD, "auth get{sock,peer}name error for %s", |
| 353 |
< |
get_client_name(auth->client, SHOW_IP)); |
| 352 |
> |
report_error(L_ALL, "auth get{sock,peer}name error %s:%s", |
| 353 |
> |
get_client_name(auth->client, SHOW_IP), errno); |
| 354 |
|
auth_error(auth); |
| 355 |
|
return; |
| 356 |
|
} |
| 357 |
|
|
| 387 |
– |
#ifdef IPV6 |
| 358 |
|
v6 = (struct sockaddr_in6 *)&us; |
| 359 |
|
uport = ntohs(v6->sin6_port); |
| 360 |
|
v6 = (struct sockaddr_in6 *)&them; |
| 361 |
|
tport = ntohs(v6->sin6_port); |
| 362 |
|
remove_ipv6_mapping(&us); |
| 363 |
|
remove_ipv6_mapping(&them); |
| 394 |
– |
#else |
| 395 |
– |
v4 = (struct sockaddr_in *)&us; |
| 396 |
– |
uport = ntohs(v4->sin_port); |
| 397 |
– |
v4 = (struct sockaddr_in *)&them; |
| 398 |
– |
tport = ntohs(v4->sin_port); |
| 399 |
– |
us.ss_len = ulen; |
| 400 |
– |
them.ss_len = tlen; |
| 401 |
– |
#endif |
| 364 |
|
|
| 365 |
|
snprintf(authbuf, sizeof(authbuf), "%u, %u\r\n", tport, uport); |
| 366 |
|
|
| 388 |
|
* \return The userid, or NULL on parse failure. |
| 389 |
|
*/ |
| 390 |
|
static const char * |
| 391 |
< |
check_ident_reply(char *reply) |
| 391 |
> |
check_ident_reply(char *const reply) |
| 392 |
|
{ |
| 393 |
|
char *token = NULL, *end = NULL; |
| 394 |
|
char *vector[USERID_TOKEN_COUNT]; |
| 395 |
< |
int count = token_vector(reply, ':', vector, USERID_TOKEN_COUNT); |
| 395 |
> |
const int count = token_vector(reply, ':', vector, USERID_TOKEN_COUNT); |
| 396 |
|
|
| 397 |
|
if (USERID_TOKEN_COUNT != count) |
| 398 |
|
return NULL; |
| 472 |
|
static void |
| 473 |
|
read_auth_reply(fde_t *fd, void *data) |
| 474 |
|
{ |
| 475 |
< |
struct AuthRequest *auth = data; |
| 475 |
> |
struct AuthRequest *const auth = data; |
| 476 |
|
const char *username = NULL; |
| 477 |
|
ssize_t len = 0; |
| 478 |
|
char buf[RFC1413_BUFSIZ + 1]; |
