ViewVC Help

View File | Revision Log | Show Annotations | View Changeset | Root Listing

root/svn/ircd-hybrid/trunk/src/s_bsd.c

Comparing:
ircd-hybrid-7.3/src/s_bsd.c (file contents), Revision 1072 by michael, Wed Feb 17 22:58:23 2010 UTC vs.
ircd-hybrid/trunk/src/s_bsd.c (file contents), Revision 3241 by michael, Sun Mar 30 16:45:31 2014 UTC

#	Line 1 | Line 1
1		/*
2	<	*  ircd-hybrid: an advanced Internet Relay Chat Daemon(ircd).
3	<	*  s_bsd.c: Network functions.
2	>	*  ircd-hybrid: an advanced, lightweight Internet Relay Chat Daemon (ircd)
3		*
4	<	*  Copyright (C) 2002 by the past and present ircd coders, and others.
4	>	*  Copyright (c) 1997-2014 ircd-hybrid development team
5		*
6		*  This program is free software; you can redistribute it and/or modify
7		*  it under the terms of the GNU General Public License as published by
#	Line 18 | Line 17
17		*  along with this program; if not, write to the Free Software
18		*  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
19		*  USA
20	<	*
21	<	*  $Id$
20	>	*/
21	>
22	>	/*! \file s_bsd.c
23	>	* \brief Network functions.
24	>	* \version $Id$
25		*/
26
27		#include "stdinc.h"
#	Line 30 | Line 32
32		#include "fdlist.h"
33		#include "s_bsd.h"
34		#include "client.h"
33	–	#include "common.h"
35		#include "dbuf.h"
36		#include "event.h"
37		#include "irc_string.h"
37	–	#include "irc_getnameinfo.h"
38	–	#include "irc_getaddrinfo.h"
38		#include "ircd.h"
39		#include "listener.h"
40		#include "numeric.h"
41		#include "packet.h"
42		#include "irc_res.h"
44	–	#include "inet_misc.h"
43		#include "restart.h"
44		#include "s_auth.h"
45	<	#include "s_conf.h"
46	<	#include "s_log.h"
45	>	#include "conf.h"
46	>	#include "log.h"
47		#include "s_serv.h"
48		#include "send.h"
49		#include "memory.h"
#	Line 56 | Line 54 | static const char *comm_err_str[] = { "C
54		"Error during DNS lookup", "connect timeout", "Error during connect()",
55		"Comm Error" };
56
59	–	struct Callback *setup_socket_cb = NULL;
60	–
57		static void comm_connect_callback(fde_t *, int);
58		static PF comm_connect_timeout;
59		static void comm_connect_dns_callback(void *, const struct irc_ssaddr *, const char *);
#	Line 110 | Line 106 | get_sockerr(int fd)
106		}
107
108		/*
109	<	* report_error - report an error from an errno.
109	>	* report_error - report an error from an errno.
110		* Record error to log and also send a copy to all *LOCAL* opers online.
111		*
112		*        text        is a *format* string for outputing error. It must
#	Line 124 | Line 120 | get_sockerr(int fd)
120		* Cannot use perror() within daemon. stderr is closed in
121		* ircd and cannot be used. And, worse yet, it might have
122		* been reassigned to a normal connection...
123	<	*
123	>	*
124		* Actually stderr is still there IFF ircd was run with -s --Rodder
125		*/
126
127		void
128	<	report_error(int level, const char* text, const char* who, int error)
128	>	report_error(int level, const char* text, const char* who, int error)
129		{
130		who = (who) ? who : "";
131
132	<	sendto_realops_flags(UMODE_DEBUG, level, text, who, strerror(error));
133	<	log_oper_action(LOG_IOERR_TYPE, NULL, "%s %s %s\n", who, text, strerror(error));
134	<	ilog(L_ERROR, text, who, strerror(error));
132	>	sendto_realops_flags(UMODE_DEBUG, level, SEND_NOTICE,
133	>	text, who, strerror(error));
134	>	ilog(LOG_TYPE_IRCD, text, who, strerror(error));
135		}
136
137		/*
#	Line 143 | Line 139 | report_error(int level, const char* text
139		*
140		* Set the socket non-blocking, and other wonderful bits.
141		*/
142	<	static void *
143	<	setup_socket(va_list args)
142	>	static void
143	>	setup_socket(int fd)
144		{
149	–	int fd = va_arg(args, int);
145		int opt = 1;
146
147		setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, sizeof(opt));
#	Line 157 | Line 152 | setup_socket(va_list args)
152		#endif
153
154		fcntl(fd, F_SETFL, fcntl(fd, F_GETFL, 0) | O_NONBLOCK);
160	–
161	–	return NULL;
162	–	}
163	–
164	–	/*
165	–	* init_comm()
166	–	*
167	–	* Initializes comm subsystem.
168	–	*/
169	–	void
170	–	init_comm(void)
171	–	{
172	–	setup_socket_cb = register_callback("setup_socket", setup_socket);
173	–	init_netio();
155		}
156
157		/*
#	Line 181 | Line 162 | init_comm(void)
162		void
163		close_connection(struct Client *client_p)
164		{
165	<	struct ConfItem *conf;
185	<	struct AccessItem *aconf;
186	<	struct ClassItem *aclass;
165	>	dlink_node *ptr = NULL;
166
167	<	assert(NULL != client_p);
167	>	assert(client_p);
168
169		if (!IsDead(client_p))
170		{
171	<	/* attempt to flush any pending dbufs. Evil, but .. -- adrian */
172	<	/* there is still a chance that we might send data to this socket
173	<	* even if it is marked as blocked (COMM_SELECT_READ handler is called
174	<	* before COMM_SELECT_WRITE). Let's try, nothing to lose.. -adx
171	>	/*
172	>	* Flush pending write buffer, if any, but first clear the
173	>	* cork as it no longer matters, this connection is being
174	>	* closed now
175		*/
176	<	ClearSendqBlocked(client_p);
176	>	DelFlag(client_p, FLAGS_CORK);
177		send_queued_write(client_p);
178		}
179
180	<	if (IsServer(client_p))
180	>	if (IsClient(client_p))
181	>	{
182	>	++ServerStats.is_cl;
183	>	ServerStats.is_cbs += client_p->localClient->send.bytes;
184	>	ServerStats.is_cbr += client_p->localClient->recv.bytes;
185	>	ServerStats.is_cti += CurrentTime - client_p->localClient->firsttime;
186	>	}
187	>	else if (IsServer(client_p))
188		{
189		++ServerStats.is_sv;
190		ServerStats.is_sbs += client_p->localClient->send.bytes;
191		ServerStats.is_sbr += client_p->localClient->recv.bytes;
192	<	ServerStats.is_sti += CurrentTime - client_p->firsttime;
192	>	ServerStats.is_sti += CurrentTime - client_p->localClient->firsttime;
193
194	<	/* XXX Does this even make any sense at all anymore?
209	<	* scheduling a 'quick' reconnect could cause a pile of
210	<	* nick collides under TSora protocol... -db
211	<	*/
212	<	/*
213	<	* If the connection has been up for a long amount of time, schedule
214	<	* a 'quick' reconnect, else reset the next-connect cycle.
215	<	*/
216	<	if ((conf = find_conf_exact(SERVER_TYPE, client_p->name,
217	<	client_p->username, client_p->host)))
194	>	DLINK_FOREACH(ptr, server_items.head)
195		{
196	+	struct MaskItem *conf = ptr->data;
197	+
198	+	if (irccmp(conf->name, client_p->name))
199	+	continue;
200	+
201		/*
202	<	* Reschedule a faster reconnect, if this was a automatically
203	<	* connected configuration entry. (Note that if we have had
222	<	* a rehash in between, the status has been changed to
223	<	* CONF_ILLEGAL). But only do this if it was a "good" link.
202	>	* Reset next-connect cycle of all connect{} blocks that match
203	>	* this servername.
204		*/
205	<	aconf  = map_to_conf(conf);
226	<	aclass = map_to_conf(aconf->class_ptr);
227	<	aconf->hold = time(NULL);
228	<	aconf->hold += (aconf->hold - client_p->since > HANGONGOODLINK) ?
229	<	HANGONRETRYDELAY : ConFreq(aclass);
205	>	conf->until = CurrentTime + conf->class->con_freq;
206		}
207		}
232	–	else if (IsClient(client_p))
233	–	{
234	–	++ServerStats.is_cl;
235	–	ServerStats.is_cbs += client_p->localClient->send.bytes;
236	–	ServerStats.is_cbr += client_p->localClient->recv.bytes;
237	–	ServerStats.is_cti += CurrentTime - client_p->firsttime;
238	–	}
208		else
209		++ServerStats.is_ni;
210
#	Line 251 | Line 220 | close_connection(struct Client *client_p
220		if (client_p->localClient->fd.flags.open)
221		fd_close(&client_p->localClient->fd);
222
254	–	if (HasServlink(client_p))
255	–	{
256	–	if (client_p->localClient->ctrlfd.flags.open)
257	–	fd_close(&client_p->localClient->ctrlfd);
258	–	}
259	–
223		dbuf_clear(&client_p->localClient->buf_sendq);
224		dbuf_clear(&client_p->localClient->buf_recvq);
225	<
225	>
226		MyFree(client_p->localClient->passwd);
227	<	detach_conf(client_p, CONF_TYPE);
227	>	detach_conf(client_p, CONF_CLIENT|CONF_OPER|CONF_SERVER);
228		client_p->from = NULL; /* ...this should catch them! >:) --msa */
229		}
230
#	Line 273 | Line 236 | close_connection(struct Client *client_p
236		static void
237		ssl_handshake(int fd, struct Client *client_p)
238		{
239	<	int ret = SSL_accept(client_p->localClient->fd.ssl);
239	>	X509 *cert = NULL;
240	>	int ret = 0;
241	>
242	>	if ((ret = SSL_accept(client_p->localClient->fd.ssl)) <= 0)
243	>	{
244	>	if ((CurrentTime - client_p->localClient->firsttime) > 30)
245	>	{
246	>	exit_client(client_p, "Timeout during SSL handshake");
247	>	return;
248	>	}
249
278	–	if (ret <= 0)
250		switch (SSL_get_error(client_p->localClient->fd.ssl, ret))
251		{
252		case SSL_ERROR_WANT_WRITE:
253		comm_setselect(&client_p->localClient->fd, COMM_SELECT_WRITE,
254	<	(PF *) ssl_handshake, client_p, 0);
254	>	(PF *)ssl_handshake, client_p, 30);
255		return;
256
257		case SSL_ERROR_WANT_READ:
258		comm_setselect(&client_p->localClient->fd, COMM_SELECT_READ,
259	<	(PF *) ssl_handshake, client_p, 0);
259	>	(PF *)ssl_handshake, client_p, 30);
260		return;
261
262		default:
263	<	exit_client(client_p, client_p, "Error during SSL handshake");
264	<	return;
263	>	exit_client(client_p, "Error during SSL handshake");
264	>	return;
265		}
266	+	}
267	+
268	+	comm_settimeout(&client_p->localClient->fd, 0, NULL, NULL);
269
270	<	execute_callback(auth_cb, client_p);
270	>	if ((cert = SSL_get_peer_certificate(client_p->localClient->fd.ssl)))
271	>	{
272	>	int res = SSL_get_verify_result(client_p->localClient->fd.ssl);
273	>	char buf[EVP_MAX_MD_SIZE * 2 + 1] = { '\0' };
274	>	unsigned char md[EVP_MAX_MD_SIZE] = { '\0' };
275	>
276	>	if (res == X509_V_OK || res == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN ||
277	>	res == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE ||
278	>	res == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
279	>	{
280	>	unsigned int i = 0, n = 0;
281	>
282	>	if (X509_digest(cert, EVP_sha256(), md, &n))
283	>	{
284	>	for (; i < n; ++i)
285	>	snprintf(buf + 2 * i, 3, "%02X", md[i]);
286	>	client_p->certfp = xstrdup(buf);
287	>	}
288	>	}
289	>	else
290	>	ilog(LOG_TYPE_IRCD, "Client %s!%s@%s gave bad SSL client certificate: %d",
291	>	client_p->name, client_p->username, client_p->host, res);
292	>	X509_free(cert);
293	>	}
294	>
295	>	start_auth(client_p);
296		}
297		#endif
298
299		/*
300	<	* add_connection - creates a client which has just connected to us on
300	>	* add_connection - creates a client which has just connected to us on
301		* the given fd. The sockhost field is initialized with the ip# of the host.
302		* An unique id is calculated now, in case it is needed for auth.
303		* The client is sent to the auth module for verification, and not put in
#	Line 307 | Line 306 | ssl_handshake(int fd, struct Client *cli
306		void
307		add_connection(struct Listener *listener, struct irc_ssaddr *irn, int fd)
308		{
309	<	struct Client *new_client;
311	<
312	<	assert(NULL != listener);
313	<
314	<	new_client = make_client(NULL);
309	>	struct Client *client_p = make_client(NULL);
310
311	<	fd_open(&new_client->localClient->fd, fd, 1,
311	>	fd_open(&client_p->localClient->fd, fd, 1,
312		(listener->flags & LISTENER_SSL) ?
313	<	"Incoming SSL connection" : "Incoming connection");
313	>	"Incoming SSL connection" : "Incoming connection");
314
315	<	/*
315	>	/*
316		* copy address to 'sockhost' as a string, copy it to host too
317		* so we have something valid to put into error messages...
318		*/
319	<	memcpy(&new_client->localClient->ip, irn, sizeof(struct irc_ssaddr));
319	>	memcpy(&client_p->localClient->ip, irn, sizeof(struct irc_ssaddr));
320
321	<	irc_getnameinfo((struct sockaddr*)&new_client->localClient->ip,
322	<	new_client->localClient->ip.ss_len, new_client->sockhost,
323	<	sizeof(new_client->sockhost), NULL, 0, NI_NUMERICHOST);
324	<	new_client->localClient->aftype = new_client->localClient->ip.ss.ss_family;
321	>	getnameinfo((struct sockaddr *)&client_p->localClient->ip,
322	>	client_p->localClient->ip.ss_len, client_p->sockhost,
323	>	sizeof(client_p->sockhost), NULL, 0, NI_NUMERICHOST);
324	>	client_p->localClient->aftype = client_p->localClient->ip.ss.ss_family;
325	>
326	>	#ifdef HAVE_LIBGEOIP
327	>	/* XXX IPV6 SUPPORT XXX */
328	>	if (irn->ss.ss_family == AF_INET && geoip_ctx)
329	>	{
330	>	const struct sockaddr_in *v4 = (const struct sockaddr_in *)&client_p->localClient->ip;
331	>	client_p->localClient->country_id = GeoIP_id_by_ipnum(geoip_ctx, (unsigned long)ntohl(v4->sin_addr.s_addr));
332	>	}
333	>	#endif
334
335	<	if (new_client->sockhost[0] == ':')
335	>	if (client_p->sockhost[0] == ':' && client_p->sockhost[1] == ':')
336		{
337	<	strlcpy(new_client->host, "0", sizeof(new_client->host));
338	<	strlcpy(new_client->host+1, new_client->sockhost, sizeof(new_client->host)-1);
337	>	strlcpy(client_p->host, "0", sizeof(client_p->host));
338	>	strlcpy(client_p->host+1, client_p->sockhost, sizeof(client_p->host)-1);
339	>	memmove(client_p->sockhost+1, client_p->sockhost, sizeof(client_p->sockhost)-1);
340	>	client_p->sockhost[0] = '0';
341		}
342		else
343	<	strlcpy(new_client->host, new_client->sockhost, sizeof(new_client->host));
343	>	strlcpy(client_p->host, client_p->sockhost, sizeof(client_p->host));
344
345	<	new_client->localClient->listener = listener;
345	>	client_p->localClient->listener = listener;
346		++listener->ref_count;
347
348		#ifdef HAVE_LIBCRYPTO
349		if (listener->flags & LISTENER_SSL)
350		{
351	<	if ((new_client->localClient->fd.ssl = SSL_new(ServerInfo.server_ctx)) == NULL)
351	>	if ((client_p->localClient->fd.ssl = SSL_new(ServerInfo.server_ctx)) == NULL)
352		{
353	<	ilog(L_CRIT, "SSL_new() ERROR! -- %s",
353	>	ilog(LOG_TYPE_IRCD, "SSL_new() ERROR! -- %s",
354		ERR_error_string(ERR_get_error(), NULL));
355
356	<	SetDead(new_client);
357	<	exit_client(new_client, new_client, "SSL_new failed");
356	>	SetDead(client_p);
357	>	exit_client(client_p, "SSL_new failed");
358		return;
359		}
360
361	<	SSL_set_fd(new_client->localClient->fd.ssl, fd);
362	<	ssl_handshake(0, new_client);
361	>	AddFlag(client_p, FLAGS_SSL);
362	>	SSL_set_fd(client_p->localClient->fd.ssl, fd);
363	>	ssl_handshake(0, client_p);
364		}
365		else
366		#endif
367	<	execute_callback(auth_cb, new_client);
367	>	start_auth(client_p);
368		}
369
370		/*
#	Line 412 | Line 419 | comm_settimeout(fde_t *fd, time_t timeou
419		* flush functions, and when comm_close() is implemented correctly
420		* with close functions, we _actually_ don't call comm_close() here ..
421		* -- originally Adrian's notes
422	<	* comm_close() is replaced with fd_close() in fdlist.c
422	>	* comm_close() is replaced with fd_close() in fdlist.c
423		*/
424		void
425		comm_setflush(fde_t *fd, time_t timeout, PF *callback, void *cbdata)
#	Line 504 | Line 511 | comm_connect_tcp(fde_t *fd, const char *
511		*   -- adrian
512		*/
513		if ((clocal != NULL) && (bind(fd->fd, clocal, socklen) < 0))
514	<	{
514	>	{
515		/* Failure, call the callback with COMM_ERR_BIND */
516		comm_connect_callback(fd, COMM_ERR_BIND);
517		/* ... and quit */
#	Line 521 | Line 528 | comm_connect_tcp(fde_t *fd, const char *
528
529		snprintf(portname, sizeof(portname), "%d", port);
530
531	<	if (irc_getaddrinfo(host, portname, &hints, &res))
531	>	if (getaddrinfo(host, portname, &hints, &res))
532		{
533		/* Send the DNS request, for the next level */
534		if (aftype == AF_INET6)
#	Line 537 | Line 544 | comm_connect_tcp(fde_t *fd, const char *
544		memcpy(&fd->connect.hostaddr, res->ai_addr, res->ai_addrlen);
545		fd->connect.hostaddr.ss_len = res->ai_addrlen;
546		fd->connect.hostaddr.ss.ss_family = res->ai_family;
547	<	irc_freeaddrinfo(res);
547	>	freeaddrinfo(res);
548		comm_settimeout(fd, timeout*1000, comm_connect_timeout, NULL);
549		comm_connect_tryconnect(fd, NULL);
550		}
#	Line 601 | Line 608 | comm_connect_dns_callback(void *vptr, co
608		/* Copy over the DNS reply info so we can use it in the connect() */
609		/*
610		* Note we don't fudge the refcount here, because we aren't keeping
611	<	* the DNS record around, and the DNS cache is gone anyway..
611	>	* the DNS record around, and the DNS cache is gone anyway..
612		*     -- adrian
613		*/
614		memcpy(&F->connect.hostaddr, addr, addr->ss_len);
#	Line 632 | Line 639 | comm_connect_tryconnect(fde_t *fd, void
639		return;
640
641		/* Try the connect() */
642	<	retval = connect(fd->fd, (struct sockaddr *) &fd->connect.hostaddr,
642	>	retval = connect(fd->fd, (struct sockaddr *) &fd->connect.hostaddr,
643		fd->connect.hostaddr.ss_len);
644
645		/* Error? */
#	Line 698 | Line 705 | comm_open(fde_t *F, int family, int sock
705		if (fd < 0)
706		return -1; /* errno will be passed through, yay.. */
707
708	<	execute_callback(setup_socket_cb, fd);
708	>	setup_socket(fd);
709
710		/* update things in our fd tracking */
711		fd_open(F, fd, 1, note);
#	Line 739 | Line 746 | comm_accept(struct Listener *lptr, struc
746		pn->ss_len = addrlen;
747		#endif
748
749	<	execute_callback(setup_socket_cb, newfd);
749	>	setup_socket(newfd);
750
751		/* .. and return */
752		return newfd;
753		}
754
755	<	/*
755	>	/*
756		* remove_ipv6_mapping() - Removes IPv4-In-IPv6 mapping from an address
757	<	* This function should really inspect the struct itself rather than relying
751	<	* on inet_pton and inet_ntop.  OSes with IPv6 mapping listening on both
757	>	* OSes with IPv6 mapping listening on both
758		* AF_INET and AF_INET6 map AF_INET connections inside AF_INET6 structures
759	<	*
759	>	*
760		*/
761		#ifdef IPV6
762		void
#	Line 758 | Line 764 | remove_ipv6_mapping(struct irc_ssaddr *a
764		{
765		if (addr->ss.ss_family == AF_INET6)
766		{
767	<	struct sockaddr_in6 *v6;
762	<
763	<	v6 = (struct sockaddr_in6*)addr;
764	<	if (IN6_IS_ADDR_V4MAPPED(&v6->sin6_addr))
767	>	if (IN6_IS_ADDR_V4MAPPED(&((struct sockaddr_in6 *)addr)->sin6_addr))
768		{
769	<	char v4ip[HOSTIPLEN];
770	<	struct sockaddr_in *v4 = (struct sockaddr_in*)addr;
771	<	inetntop(AF_INET6, &v6->sin6_addr, v4ip, HOSTIPLEN);
772	<	inet_pton(AF_INET, v4ip, &v4->sin_addr);
769	>	struct sockaddr_in6 v6;
770	>	struct sockaddr_in *v4 = (struct sockaddr_in *)addr;
771	>
772	>	memcpy(&v6, addr, sizeof(v6));
773	>	memset(v4, 0, sizeof(struct sockaddr_in));
774	>	memcpy(&v4->sin_addr, &v6.sin6_addr.s6_addr[12], sizeof(v4->sin_addr));
775	>
776		addr->ss.ss_family = AF_INET;
777		addr->ss_len = sizeof(struct sockaddr_in);
778		}
779	<	else
779	>	else
780		addr->ss_len = sizeof(struct sockaddr_in6);
781		}
782		else
783		addr->ss_len = sizeof(struct sockaddr_in);
784	<	}
784	>	}
785		#endif

Diff Legend

–	Removed lines
+	Added lines
<	Changed lines (old)
>	Changed lines (new)