ViewVC Help

View File | Revision Log | Show Annotations | View Changeset | Root Listing

root/svn/ircd-hybrid/trunk/src/auth.c

Comparing ircd-hybrid/trunk/src/auth.c (file contents):
Revision 4815 by michael, Sat Nov 1 15:28:42 2014 UTC vs.
Revision 7006 by michael, Fri Jan 1 00:07:54 2016 UTC

#	Line 1 | Line 1
1		/*
2		*  ircd-hybrid: an advanced, lightweight Internet Relay Chat Daemon (ircd)
3		*
4	<	*  Copyright (c) 1997-2014 ircd-hybrid development team
4	>	*  Copyright (c) 1997-2016 ircd-hybrid development team
5		*
6		*  This program is free software; you can redistribute it and/or modify
7		*  it under the terms of the GNU General Public License as published by
#	Line 53 | Line 53
53		#include "mempool.h"
54
55
56	–	static const char *const HeaderMessages[] =
57	–	{
58	–	":*** Looking up your hostname",
59	–	":*** Found your hostname",
60	–	":*** Couldn't look up your hostname",
61	–	":*** Checking Ident",
62	–	":*** Got Ident response",
63	–	":*** No Ident response",
64	–	":*** Your forward and reverse DNS do not match, ignoring hostname",
65	–	":*** Your hostname is too long, ignoring hostname"
66	–	};
67	–
56		enum
57		{
58		REPORT_DO_DNS,
#	Line 77 | Line 65 | enum
65		REPORT_HOST_TOOLONG
66		};
67
68	<	#define sendheader(c, i) sendto_one_notice((c), &me, HeaderMessages[(i)])
68	>	static const char *const HeaderMessages[] =
69	>	{
70	>	[REPORT_DO_DNS] = ":*** Looking up your hostname",
71	>	[REPORT_FIN_DNS] = ":*** Found your hostname",
72	>	[REPORT_FAIL_DNS] = ":*** Couldn't look up your hostname",
73	>	[REPORT_DO_ID] = ":*** Checking Ident",
74	>	[REPORT_FIN_ID] = ":*** Got Ident response",
75	>	[REPORT_FAIL_ID] = ":*** No Ident response",
76	>	[REPORT_IP_MISMATCH] = ":*** Your forward and reverse DNS do not match, ignoring hostname",
77	>	[REPORT_HOST_TOOLONG] = ":*** Your hostname is too long, ignoring hostname"
78	>	};
79	>
80	>	#define sendheader(c, i) sendto_one_notice((c), &me, "%s", HeaderMessages[(i)])
81
82	<	static dlink_list auth_pending_list;
82	>	static dlink_list auth_list;
83		static void read_auth_reply(fde_t *, void *);
84		static void auth_connect_callback(fde_t *, int, void *);
85
#	Line 90 | Line 90 | static void auth_connect_callback(fde_t
90		static struct AuthRequest *
91		make_auth_request(struct Client *client)
92		{
93	<	struct AuthRequest *request = &client->connection->auth;
93	>	struct AuthRequest *const auth = &client->connection->auth;
94
95	<	memset(request, 0, sizeof(*request));
95	>	memset(auth, 0, sizeof(*auth));
96
97	<	request->client  = client;
98	<	request->timeout = CurrentTime + CONNECTTIMEOUT;
97	>	auth->client = client;
98	>	auth->timeout = CurrentTime + CONNECTTIMEOUT;
99
100	<	return request;
100	>	return auth;
101		}
102
103		/*
#	Line 108 | Line 108 | make_auth_request(struct Client *client)
108		void
109		release_auth_client(struct AuthRequest *auth)
110		{
111	<	struct Client *client = auth->client;
111	>	struct Client *const client = auth->client;
112
113		if (IsDoingAuth(auth) || IsDNSPending(auth))
114		return;
115
116		if (IsInAuth(auth))
117		{
118	<	dlinkDelete(&auth->node, &auth_pending_list);
118	>	dlinkDelete(&auth->node, &auth_list);
119		ClearInAuth(auth);
120		}
121
#	Line 145 | Line 145 | release_auth_client(struct AuthRequest *
145		static void
146		auth_dns_callback(void *vptr, const struct irc_ssaddr *addr, const char *name, size_t namelength)
147		{
148	<	struct AuthRequest *auth = vptr;
148	>	struct AuthRequest *const auth = vptr;
149
150		ClearDNSPending(auth);
151
152		if (!EmptyString(name))
153		{
154	–	const struct sockaddr_in *v4, *v4dns;
155	–	const struct sockaddr_in6 *v6, *v6dns;
156	–
154		if (auth->client->connection->ip.ss.ss_family == AF_INET6)
155		{
156	<	v6 = (const struct sockaddr_in6 *)&auth->client->connection->ip;
157	<	v6dns = (const struct sockaddr_in6 *)addr;
156	>	const struct sockaddr_in6 *const v6 = (const struct sockaddr_in6 *)&auth->client->connection->ip;
157	>	const struct sockaddr_in6 *const v6dns = (const struct sockaddr_in6 *)addr;
158
159	<	if (memcmp(&v6->sin6_addr, &v6dns->sin6_addr, sizeof(struct in6_addr)) != 0)
159	>	if (memcmp(&v6->sin6_addr, &v6dns->sin6_addr, sizeof(struct in6_addr)))
160		{
161		sendheader(auth->client, REPORT_IP_MISMATCH);
162		release_auth_client(auth);
#	Line 168 | Line 165 | auth_dns_callback(void *vptr, const stru
165		}
166		else
167		{
168	<	v4 = (const struct sockaddr_in *)&auth->client->connection->ip;
169	<	v4dns = (const struct sockaddr_in *)addr;
168	>	const struct sockaddr_in *const v4 = (const struct sockaddr_in *)&auth->client->connection->ip;
169	>	const struct sockaddr_in *const v4dns = (const struct sockaddr_in *)addr;
170
171		if (v4->sin_addr.s_addr != v4dns->sin_addr.s_addr)
172		{
#	Line 218 | Line 215 | auth_error(struct AuthRequest *auth)
215		* identifing process fail, it is aborted and the user is given a username
216		* of "unknown".
217		*/
218	<	static int
218	>	static void
219		start_auth_query(struct AuthRequest *auth)
220		{
221		struct irc_ssaddr localaddr;
#	Line 232 | Line 229 | start_auth_query(struct AuthRequest *aut
229		report_error(L_ALL, "creating auth stream socket %s:%s",
230		get_client_name(auth->client, SHOW_IP), errno);
231		++ServerStats.is_abad;
232	<	return 0;
232	>	return;
233		}
234
235	+	SetDoingAuth(auth);
236		sendheader(auth->client, REPORT_DO_ID);
237
238		/*
239	<	* get the local address of the client and bind to that to
240	<	* make the auth request.  This used to be done only for
243	<	* ifdef VIRTUAL_HOST, but needs to be done for all clients
244	<	* since the ident request must originate from that same address--
245	<	* and machines with multiple IP addresses are common now
239	>	* Get the local address of the client and bind to that to
240	>	* make the auth request.
241		*/
242		memset(&localaddr, 0, locallen);
243		getsockname(auth->client->connection->fd.fd, (struct sockaddr*)&localaddr,
#	Line 257 | Line 252 | start_auth_query(struct AuthRequest *aut
252		(struct sockaddr *)&localaddr, localaddr.ss_len, auth_connect_callback,
253		auth, auth->client->connection->ip.ss.ss_family,
254		GlobalSetOptions.ident_timeout);
260	–	return 1; /* We suceed here for now */
255		}
256
257		/*
#	Line 270 | Line 264 | start_auth_query(struct AuthRequest *aut
264		void
265		start_auth(struct Client *client_p)
266		{
267	<	struct AuthRequest *auth = NULL;
274	<
275	<	assert(client_p);
267	>	struct AuthRequest *const auth = make_auth_request(client_p);
268
277	–	auth = make_auth_request(client_p);
269		SetInAuth(auth);
270	<	dlinkAddTail(auth, &auth->node, &auth_pending_list);
270	>	dlinkAddTail(auth, &auth->node, &auth_list);
271
272		sendheader(client_p, REPORT_DO_DNS);
273
274		SetDNSPending(auth);
275
276		if (ConfigGeneral.disable_auth == 0)
286	–	{
287	–	SetDoingAuth(auth);
277		start_auth_query(auth);
289	–	}
278
279		gethost_byaddr(auth_dns_callback, auth, &client_p->connection->ip);
280		}
#	Line 300 | Line 288 | timeout_auth_queries_event(void *notused
288		{
289		dlink_node *node = NULL, *node_next = NULL;
290
291	<	DLINK_FOREACH_SAFE(node, node_next, auth_pending_list.head)
291	>	DLINK_FOREACH_SAFE(node, node_next, auth_list.head)
292		{
293		struct AuthRequest *auth = node->data;
294
#	Line 340 | Line 328 | timeout_auth_queries_event(void *notused
328		static void
329		auth_connect_callback(fde_t *fd, int error, void *data)
330		{
331	<	struct AuthRequest *auth = data;
331	>	struct AuthRequest *const auth = data;
332		struct irc_ssaddr us;
333		struct irc_ssaddr them;
334	<	char authbuf[32];
334	>	char authbuf[16];
335	>	ssize_t len = 0;
336		socklen_t ulen = sizeof(struct irc_ssaddr);
337		socklen_t tlen = sizeof(struct irc_ssaddr);
338		uint16_t uport, tport;
#	Line 358 | Line 347 | auth_connect_callback(fde_t *fd, int err
347		if (getsockname(auth->client->connection->fd.fd, (struct sockaddr *)&us, &ulen) ||
348		getpeername(auth->client->connection->fd.fd, (struct sockaddr *)&them, &tlen))
349		{
350	<	ilog(LOG_TYPE_IRCD, "auth get{sock,peer}name error for %s",
351	<	get_client_name(auth->client, SHOW_IP));
350	>	report_error(L_ALL, "auth get{sock,peer}name error %s:%s",
351	>	get_client_name(auth->client, SHOW_IP), errno);
352		auth_error(auth);
353		return;
354		}
#	Line 368 | Line 357 | auth_connect_callback(fde_t *fd, int err
357		uport = ntohs(v6->sin6_port);
358		v6 = (struct sockaddr_in6 *)&them;
359		tport = ntohs(v6->sin6_port);
371	–	remove_ipv6_mapping(&us);
372	–	remove_ipv6_mapping(&them);
360
361	<	snprintf(authbuf, sizeof(authbuf), "%u, %u\r\n", tport, uport);
361	>	len = snprintf(authbuf, sizeof(authbuf), "%u, %u\r\n", tport, uport);
362
363	<	if (send(fd->fd, authbuf, strlen(authbuf), 0) == -1)
363	>	if (send(fd->fd, authbuf, len, 0) != len)
364		{
365		auth_error(auth);
366		return;
#	Line 397 | Line 384 | enum IdentReplyFields
384		* \return The userid, or NULL on parse failure.
385		*/
386		static const char *
387	<	check_ident_reply(char *reply)
387	>	check_ident_reply(char *const reply)
388		{
389		char *token = NULL, *end = NULL;
390		char *vector[USERID_TOKEN_COUNT];
391	<	int count = token_vector(reply, ':', vector, USERID_TOKEN_COUNT);
391	>	const int count = token_vector(reply, ':', vector, USERID_TOKEN_COUNT);
392
393		if (USERID_TOKEN_COUNT != count)
394		return NULL;
#	Line 481 | Line 468 | check_ident_reply(char *reply)
468		static void
469		read_auth_reply(fde_t *fd, void *data)
470		{
471	<	struct AuthRequest *auth = data;
471	>	struct AuthRequest *const auth = data;
472		const char *username = NULL;
473		ssize_t len = 0;
474		char buf[RFC1413_BUFSIZ + 1];
#	Line 506 | Line 493 | read_auth_reply(fde_t *fd, void *data)
493		strlcpy(auth->client->username, username, sizeof(auth->client->username));
494		sendheader(auth->client, REPORT_FIN_ID);
495		++ServerStats.is_asuc;
496	<	SetGotId(auth->client);
496	>	AddFlag(auth->client, FLAGS_GOTID);
497		}
498
499		release_auth_client(auth);
#	Line 526 | Line 513 | delete_auth(struct AuthRequest *auth)
513
514		if (IsInAuth(auth))
515		{
516	<	dlinkDelete(&auth->node, &auth_pending_list);
516	>	dlinkDelete(&auth->node, &auth_list);
517		ClearInAuth(auth);
518		}
519		}

Diff Legend

–	Removed lines
+	Added lines
<	Changed lines (old)
>	Changed lines (new)