ViewVC Help
View File | Revision Log | Show Annotations | View Changeset | Root Listing
root/svn/ircd-hybrid/trunk/src/auth.c
(Generate patch)

Comparing:
ircd-hybrid-7.2/src/s_auth.c (file contents), Revision 650 by michael, Thu Jun 8 07:00:17 2006 UTC vs.
ircd-hybrid/src/s_auth.c (file contents), Revision 1155 by michael, Tue Aug 9 20:27:45 2011 UTC

# Line 33 | Line 33
33   *     --Bleep  Thomas Helvey <tomh@inxpress.net>
34   */
35   #include "stdinc.h"
36 #include "tools.h"
36   #include "list.h"
37 + #include "ircd_defs.h"
38 + #include "fdlist.h"
39   #include "s_auth.h"
40   #include "s_conf.h"
41 + #include "balloc.h"
42   #include "client.h"
43   #include "common.h"
44   #include "event.h"
43 #include "fdlist.h"              /* fdlist_add */
45   #include "hook.h"
46   #include "irc_string.h"
46 #include "sprintf_irc.h"
47   #include "ircd.h"
48 #include "numeric.h"
48   #include "packet.h"
49   #include "irc_res.h"
50   #include "s_bsd.h"
51   #include "s_log.h"
53 #include "s_stats.h"
52   #include "send.h"
53 < #include "memory.h"
53 >
54  
55   static const char *HeaderMessages[] = {
56    ":%s NOTICE AUTH :*** Looking up your hostname...",
# Line 78 | Line 76 | enum {
76  
77   #define sendheader(c, i) sendto_one((c), HeaderMessages[(i)], me.name)
78  
79 < /*
80 < * Ok, the original was confusing.
83 < * Now there are two lists, an auth request can be on both at the same time
84 < * or only on one or the other.
85 < * - Dianora
86 < */
87 < static dlink_list auth_doing_dns_list   = { NULL, NULL, 0 };
88 < static dlink_list auth_doing_ident_list = { NULL, NULL, 0 };
79 > static BlockHeap *auth_heap = NULL;
80 > static dlink_list auth_doing_list = { NULL, NULL, 0 };
81  
82   static EVH timeout_auth_queries_event;
83  
# Line 102 | Line 94 | struct Callback *auth_cb = NULL;
94   void
95   init_auth(void)
96   {
97 +  auth_heap = BlockHeapCreate("auth", sizeof(struct AuthRequest), AUTH_HEAP_SIZE);
98    auth_cb = register_callback("start_auth", start_auth);
99    eventAddIsh("timeout_auth_queries_event", timeout_auth_queries_event, NULL, 1);
100   }
# Line 112 | Line 105 | init_auth(void)
105   static struct AuthRequest *
106   make_auth_request(struct Client *client)
107   {
108 <  struct AuthRequest *request = MyMalloc(sizeof(struct AuthRequest));
108 >  struct AuthRequest *request = BlockHeapAlloc(auth_heap);
109  
110 <  request->client  = client;
111 <  request->timeout = CurrentTime + CONNECTTIMEOUT;
110 >  client->localClient->auth = request;
111 >  request->client           = client;
112 >  request->timeout          = CurrentTime + CONNECTTIMEOUT;
113  
114    return request;
115   }
# Line 126 | Line 120 | make_auth_request(struct Client *client)
120   * the main io processing loop
121   */
122   void
123 < release_auth_client(struct Client *client)
123 > release_auth_client(struct AuthRequest *auth)
124   {
125 +  struct Client *client = auth->client;
126 +
127 +  if (IsDoingAuth(auth) || IsDNSPending(auth))
128 +    return;
129 +
130 +  client->localClient->auth = NULL;
131 +  dlinkDelete(&auth->node, &auth_doing_list);
132 +  BlockHeapFree(auth_heap, auth);
133 +
134    /*
135     * When a client has auth'ed, we want to start reading what it sends
136     * us. This is what read_packet() does.
# Line 136 | Line 139 | release_auth_client(struct Client *clien
139    client->localClient->allow_read = MAX_FLOOD;
140    comm_setflush(&client->localClient->fd, 1000, flood_recalc, client);
141  
142 <  if ((client->node.prev != NULL) || (client->node.next != NULL))
140 <  {
141 <    sendto_realops_flags(UMODE_ALL, L_OPER,
142 <                         "already linked %s at %s:%d", client->name,
143 <                         __FILE__, __LINE__);
144 <    ilog(L_ERROR, "already linked %s at %s:%d", client->name,
145 <         __FILE__, __LINE__);
146 <    assert(0==5);
147 <  }
148 <  else
149 <    dlinkAdd(client, &client->node, &global_client_list);
142 >  dlinkAdd(client, &client->node, &global_client_list);
143  
144 <  client_p->since  = client_p->lasttime = client_p->firsttime = CurrentTime;
145 <  client_p->flags |= FLAGS_FINISHED_AUTH;
144 >  client->since  = client->lasttime = client->firsttime = CurrentTime;
145 >  client->flags |= FLAGS_FINISHED_AUTH;
146  
147    read_packet(&client->localClient->fd, client);
148   }
149  
150   /*
151   * auth_dns_callback - called when resolver query finishes
152 < * if the query resulted in a successful search, hp will contain
153 < * a non-null pointer, otherwise hp will be null.
152 > * if the query resulted in a successful search, name will contain
153 > * a non-NULL pointer, otherwise name will be NULL.
154   * set the client on it's way to a connection completion, regardless
155   * of success of failure
156   */
157   static void
158 < auth_dns_callback(void *vptr, struct DNSReply *reply)
158 > auth_dns_callback(void *vptr, const struct irc_ssaddr *addr, const char *name)
159   {
160 <  struct AuthRequest *auth = (struct AuthRequest *)vptr;
160 >  struct AuthRequest *auth = vptr;
161  
169  dlinkDelete(&auth->dns_node, &auth_doing_dns_list);
162    ClearDNSPending(auth);
163  
164 <  if (reply != NULL)
164 >  if (name != NULL)
165    {
166 <    struct sockaddr_in *v4, *v4dns;
166 >    const struct sockaddr_in *v4, *v4dns;
167   #ifdef IPV6
168 <    struct sockaddr_in6 *v6, *v6dns;
168 >    const struct sockaddr_in6 *v6, *v6dns;
169   #endif
170      int good = 1;
171  
172   #ifdef IPV6
173      if (auth->client->localClient->ip.ss.ss_family == AF_INET6)
174      {
175 <      v6 = (struct sockaddr_in6 *)&auth->client->localClient->ip;
176 <      v6dns = (struct sockaddr_in6 *)&reply->addr;
175 >      v6 = (const struct sockaddr_in6 *)&auth->client->localClient->ip;
176 >      v6dns = (const struct sockaddr_in6 *)addr;
177        if (memcmp(&v6->sin6_addr, &v6dns->sin6_addr, sizeof(struct in6_addr)) != 0)
178        {
179          sendheader(auth->client, REPORT_IP_MISMATCH);
# Line 191 | Line 183 | auth_dns_callback(void *vptr, struct DNS
183      else
184   #endif
185      {
186 <      v4 = (struct sockaddr_in *)&auth->client->localClient->ip;
187 <      v4dns = (struct sockaddr_in *)&reply->addr;
186 >      v4 = (const struct sockaddr_in *)&auth->client->localClient->ip;
187 >      v4dns = (const struct sockaddr_in *)addr;
188        if(v4->sin_addr.s_addr != v4dns->sin_addr.s_addr)
189        {
190          sendheader(auth->client, REPORT_IP_MISMATCH);
191          good = 0;
192        }
193      }
194 <    if (good && strlen(reply->h_name) <= HOSTLEN)
194 >    if (good && strlen(name) <= HOSTLEN)
195      {
196 <      strlcpy(auth->client->host, reply->h_name,
196 >      strlcpy(auth->client->host, name,
197                sizeof(auth->client->host));
198        sendheader(auth->client, REPORT_FIN_DNS);
199      }
200 <    else if (strlen(reply->h_name) > HOSTLEN)
200 >    else if (strlen(name) > HOSTLEN)
201        sendheader(auth->client, REPORT_HOST_TOOLONG);
202    }
203    else
204 <      sendheader(auth->client, REPORT_FAIL_DNS);
204 >    sendheader(auth->client, REPORT_FAIL_DNS);
205  
206 <  MyFree(auth->client->localClient->dns_query);
215 <  auth->client->localClient->dns_query = NULL;
216 <
217 <  if (!IsDoingAuth(auth))
218 <  {
219 <    struct Client *client_p = auth->client;
220 <    MyFree(auth);
221 <    release_auth_client(client_p);
222 <  }
206 >  release_auth_client(auth);
207   }
208  
209   /*
# Line 228 | Line 212 | auth_dns_callback(void *vptr, struct DNS
212   static void
213   auth_error(struct AuthRequest *auth)
214   {
215 <  ++ServerStats->is_abad;
215 >  ++ServerStats.is_abad;
216  
217    fd_close(&auth->fd);
218  
235  dlinkDelete(&auth->ident_node, &auth_doing_ident_list);
219    ClearAuth(auth);
220  
221    sendheader(auth->client, REPORT_FAIL_ID);
222  
223 <  if (!IsDNSPending(auth) && !IsCrit(auth))
241 <  {
242 <    release_auth_client(auth->client);
243 <    MyFree(auth);
244 <  }
223 >  release_auth_client(auth);
224   }
225  
226   /*
# Line 271 | Line 250 | start_auth_query(struct AuthRequest *aut
250          get_client_name(auth->client, SHOW_IP), errno);
251      ilog(L_ERROR, "Unable to create auth socket for %s",
252          get_client_name(auth->client, SHOW_IP));
253 <    ++ServerStats->is_abad;
253 >    ++ServerStats.is_abad;
254      return 0;
255    }
256  
# Line 299 | Line 278 | start_auth_query(struct AuthRequest *aut
278   #endif
279    localaddr.ss_port = htons(0);
280  
302  SetDoingAuth(auth);
303  dlinkAdd(auth, &auth->ident_node, &auth_doing_ident_list);
304
281    comm_connect_tcp(&auth->fd, auth->client->sockhost, 113,
282        (struct sockaddr *)&localaddr, localaddr.ss_len, auth_connect_callback,
283        auth, auth->client->localClient->ip.ss.ss_family,
# Line 393 | Line 369 | start_auth(va_list args)
369    assert(client != NULL);
370  
371    auth = make_auth_request(client);
372 <  SetCrit(auth);
397 <
398 <  client->localClient->dns_query = MyMalloc(sizeof(struct DNSQuery));
399 <  client->localClient->dns_query->ptr = auth;
400 <  client->localClient->dns_query->callback = auth_dns_callback;
372 >  dlinkAdd(auth, &auth->node, &auth_doing_list);
373  
374    sendheader(client, REPORT_DO_DNS);
375  
376 +  SetDNSPending(auth);
377 +
378    if (ConfigFileEntry.disable_auth == 0)
379 +  {
380 +    SetDoingAuth(auth);
381      start_auth_query(auth);
382 +  }
383  
384 <  /* auth order changed, before gethost_byaddr can immediately call
408 <   * dns callback under win32 when the lookup cannot be started.
409 <   * And that would do MyFree(auth) etc -adx */
410 <  SetDNSPending(auth);
411 <  dlinkAdd(auth, &auth->dns_node, &auth_doing_dns_list);
412 <  ClearCrit(auth);
413 <  gethost_byaddr(&client->localClient->ip, client->localClient->dns_query);
384 >  gethost_byaddr(auth_dns_callback, auth, &client->localClient->ip);
385  
386    return NULL;
387   }
# Line 422 | Line 393 | start_auth(va_list args)
393   static void
394   timeout_auth_queries_event(void *notused)
395   {
396 <  dlink_node *ptr;
426 <  dlink_node *next_ptr;
427 <  struct AuthRequest* auth;
396 >  dlink_node *ptr = NULL, *next_ptr = NULL;
397  
398 <  DLINK_FOREACH_SAFE(ptr, next_ptr, auth_doing_ident_list.head)
398 >  DLINK_FOREACH_SAFE(ptr, next_ptr, auth_doing_list.head)
399    {
400 <    auth = ptr->data;
400 >    struct AuthRequest *auth = ptr->data;
401  
402 <    if (auth->timeout <= CurrentTime)
403 <    {
435 <      fd_close(&auth->fd);
402 >    if (auth->timeout > CurrentTime)
403 >      continue;
404  
405 <      ++ServerStats->is_abad;
405 >    if (IsDoingAuth(auth))
406 >    {  
407 >      ++ServerStats.is_abad;
408 >      fd_close(&auth->fd);
409 >      ClearAuth(auth);
410        sendheader(auth->client, REPORT_FAIL_ID);
411 +    }
412  
413 <      if (IsDNSPending(auth))
414 <      {
415 <        struct Client *client_p = auth->client;
416 <
417 <        dlinkDelete(&auth->dns_node, &auth_doing_dns_list);
445 <        if (client_p->localClient->dns_query != NULL)
446 <        {
447 <          delete_resolver_queries(client_p->localClient->dns_query);
448 <          MyFree(client_p->localClient->dns_query);
449 <        }
450 <        auth->client->localClient->dns_query = NULL;
451 <        sendheader(client_p, REPORT_FAIL_DNS);
452 <      }
453 <
454 <      ilog(L_INFO, "DNS/AUTH timeout %s",
455 <           get_client_name(auth->client, SHOW_IP));
456 <
457 <      dlinkDelete(&auth->ident_node, &auth_doing_ident_list);
458 <      release_auth_client(auth->client);
459 <      MyFree(auth);
413 >    if (IsDNSPending(auth))
414 >    {
415 >      delete_resolver_queries(auth);
416 >      ClearDNSPending(auth);
417 >      sendheader(auth->client, REPORT_FAIL_DNS);
418      }
419 +
420 +    ilog(L_INFO, "DNS/AUTH timeout %s",
421 +         get_client_name(auth->client, SHOW_IP));
422 +    release_auth_client(auth);
423    }
424   }
425  
# Line 481 | Line 443 | auth_connect_callback(fde_t *fd, int err
443    char authbuf[32];
444    socklen_t ulen = sizeof(struct irc_ssaddr);
445    socklen_t tlen = sizeof(struct irc_ssaddr);
446 <  u_int16_t uport, tport;
446 >  uint16_t uport, tport;
447   #ifdef IPV6
448    struct sockaddr_in6 *v6;
449   #else
# Line 494 | Line 456 | auth_connect_callback(fde_t *fd, int err
456      return;
457    }
458  
459 <  if (getsockname(auth->client->localClient->fd.fd, (struct sockaddr *) &us,
460 <      (socklen_t *) &ulen) ||
461 <      getpeername(auth->client->localClient->fd.fd, (struct sockaddr *) &them,
462 <      (socklen_t *) &tlen))
459 >  if (getsockname(auth->client->localClient->fd.fd, (struct sockaddr *)&us,
460 >      &ulen) ||
461 >      getpeername(auth->client->localClient->fd.fd, (struct sockaddr *)&them,
462 >      &tlen))
463    {
464      ilog(L_INFO, "auth get{sock,peer}name error for %s",
465          get_client_name(auth->client, SHOW_IP));
# Line 521 | Line 483 | auth_connect_callback(fde_t *fd, int err
483    them.ss_len = tlen;
484   #endif
485    
486 <  ircsprintf(authbuf, "%u , %u\r\n", tport, uport);
486 >  snprintf(authbuf, sizeof(authbuf), "%u , %u\r\n", tport, uport);
487  
488    if (send(fd->fd, authbuf, strlen(authbuf), 0) == -1)
489    {
490      auth_error(auth);
491      return;
492    }
493 +
494    read_auth_reply(&auth->fd, auth);
495   }
496  
# Line 560 | Line 523 | read_auth_reply(fde_t *fd, void *data)
523     *
524     *    --nenolod
525     */
563 #ifndef _WIN32
526    len = read(fd->fd, buf, AUTH_BUFSIZ);
527 < #else
566 <  len = recv(fd->fd, buf, AUTH_BUFSIZ, 0);
567 < #endif
568 <  
527 >
528    if (len < 0)
529    {
571 #ifdef _WIN32
572    errno = WSAGetLastError();
573 #endif
530      if (ignoreErrno(errno))
531        comm_setselect(fd, COMM_SELECT_READ, read_auth_reply, auth, 0);
532      else
# Line 606 | Line 562 | read_auth_reply(fde_t *fd, void *data)
562  
563    fd_close(fd);
564  
609  dlinkDelete(&auth->ident_node, &auth_doing_ident_list);  
565    ClearAuth(auth);
566  
567    if (s == NULL)
568    {
569      sendheader(auth->client, REPORT_FAIL_ID);
570 <    ++ServerStats->is_abad;
570 >    ++ServerStats.is_abad;
571    }
572    else
573    {
574      sendheader(auth->client, REPORT_FIN_ID);
575 <    ++ServerStats->is_asuc;
575 >    ++ServerStats.is_asuc;
576      SetGotId(auth->client);
577    }
578  
579 <  if (!IsDNSPending(auth) && !IsCrit(auth))
625 <  {
626 <    release_auth_client(auth->client);
627 <    MyFree(auth);
628 <  }
579 >  release_auth_client(auth);
580   }
581  
582   /*
583   * delete_auth()
584   */
585   void
586 < delete_auth(struct Client *target_p)
586 > delete_auth(struct AuthRequest *auth)
587   {
588 <  dlink_node *ptr;
589 <  dlink_node *next_ptr;
639 <  struct AuthRequest *auth;
588 >  if (IsDNSPending(auth))
589 >    delete_resolver_queries(auth);
590  
591 <  if (!IsUnknown(target_p))
592 <    return;
591 >  if (IsDoingAuth(auth))
592 >    fd_close(&auth->fd);
593  
594 <  if (target_p->localClient->dns_query != NULL)
595 <    DLINK_FOREACH_SAFE(ptr, next_ptr, auth_doing_dns_list.head)
646 <    {
647 <      auth = ptr->data;
648 <
649 <      if (auth->client == target_p)
650 <      {
651 <        delete_resolver_queries(target_p->localClient->dns_query);
652 <
653 <        dlinkDelete(&auth->dns_node, &auth_doing_dns_list);
654 <        if (!IsDoingAuth(auth))
655 <        {
656 <          MyFree(auth);
657 <          return;
658 <        }
659 <      }
660 <    }
661 <
662 <  DLINK_FOREACH_SAFE(ptr, next_ptr, auth_doing_ident_list.head)
663 <  {
664 <    auth = ptr->data;
665 <
666 <    if (auth->client == target_p)
667 <    {
668 <      fd_close(&auth->fd);
669 <
670 <      dlinkDelete(&auth->ident_node, &auth_doing_ident_list);
671 <      MyFree(auth);
672 <    }
673 <  }
594 >  dlinkDelete(&auth->node, &auth_doing_list);
595 >  BlockHeapFree(auth_heap, auth);
596   }

Diff Legend

Removed lines
+ Added lines
< Changed lines (old)
> Changed lines (new)