ViewVC Help

View File | Revision Log | Show Annotations | View Changeset | Root Listing

root/svn/ircd-hybrid/trunk/src/s_bsd.c

Comparing ircd-hybrid/trunk/src/s_bsd.c (file contents):
Revision 3241 by michael, Sun Mar 30 16:45:31 2014 UTC vs.
Revision 4461 by michael, Wed Aug 13 17:05:26 2014 UTC

#	Line 25 | Line 25
25		*/
26
27		#include "stdinc.h"
28	+	#ifdef HAVE_LIBCRYPTO
29	+	#include "rsa.h"
30	+	#endif
31		#include <netinet/in_systm.h>
32		#include <netinet/ip.h>
33		#include <netinet/tcp.h>
#	Line 39 | Line 42
42		#include "listener.h"
43		#include "numeric.h"
44		#include "packet.h"
45	<	#include "irc_res.h"
45	>	#include "res.h"
46		#include "restart.h"
47	<	#include "s_auth.h"
47	>	#include "auth.h"
48		#include "conf.h"
49		#include "log.h"
50	<	#include "s_serv.h"
50	>	#include "server.h"
51		#include "send.h"
52		#include "memory.h"
53	<	#include "s_user.h"
54	<	#include "hook.h"
53	>	#include "user.h"
54	>
55
56		static const char *comm_err_str[] = { "Comm OK", "Error during bind()",
57		"Error during DNS lookup", "connect timeout", "Error during connect()",
58		"Comm Error" };
59
60		static void comm_connect_callback(fde_t *, int);
61	<	static PF comm_connect_timeout;
62	<	static void comm_connect_dns_callback(void *, const struct irc_ssaddr *, const char *);
63	<	static PF comm_connect_tryconnect;
61	>	static void comm_connect_timeout(fde_t *, void *);
62	>	static void comm_connect_dns_callback(void *, const struct irc_ssaddr *, const char *, size_t);
63	>	static void comm_connect_tryconnect(fde_t *, void *);
64
65
63	–	/* check_can_use_v6()
64	–	*  Check if the system can open AF_INET6 sockets
65	–	*/
66	–	void
67	–	check_can_use_v6(void)
68	–	{
69	–	#ifdef IPV6
70	–	int v6;
71	–
72	–	if ((v6 = socket(AF_INET6, SOCK_STREAM, 0)) < 0)
73	–	ServerInfo.can_use_v6 = 0;
74	–	else
75	–	{
76	–	ServerInfo.can_use_v6 = 1;
77	–	close(v6);
78	–	}
79	–	#else
80	–	ServerInfo.can_use_v6 = 0;
81	–	#endif
82	–	}
83	–
66		/* get_sockerr - get the error value from the socket or the current errno
67		*
68		* Get the *real* error from the socket (well try to anyway..).
#	Line 168 | Line 150 | close_connection(struct Client *client_p
150
151		if (!IsDead(client_p))
152		{
153	<	/*
154	<	* Flush pending write buffer, if any, but first clear the
155	<	* cork as it no longer matters, this connection is being
156	<	* closed now
153	>	/* attempt to flush any pending dbufs. Evil, but .. -- adrian */
154	>	/* there is still a chance that we might send data to this socket
155	>	* even if it is marked as blocked (COMM_SELECT_READ handler is called
156	>	* before COMM_SELECT_WRITE). Let's try, nothing to lose.. -adx
157		*/
158	<	DelFlag(client_p, FLAGS_CORK);
158	>	DelFlag(client_p, FLAGS_BLOCKED);
159		send_queued_write(client_p);
160		}
161
#	Line 223 | Line 205 | close_connection(struct Client *client_p
205		dbuf_clear(&client_p->localClient->buf_sendq);
206		dbuf_clear(&client_p->localClient->buf_recvq);
207
208	<	MyFree(client_p->localClient->passwd);
208	>	MyFree(client_p->localClient->password);
209	>	client_p->localClient->password = NULL;
210	>
211		detach_conf(client_p, CONF_CLIENT|CONF_OPER|CONF_SERVER);
228	–	client_p->from = NULL; /* ...this should catch them! >:) --msa */
212		}
213
214		#ifdef HAVE_LIBCRYPTO
#	Line 234 | Line 217 | close_connection(struct Client *client_p
217		* read/write events if necessary.
218		*/
219		static void
220	<	ssl_handshake(int fd, struct Client *client_p)
220	>	ssl_handshake(fde_t *fd, void *data)
221		{
222	+	struct Client *client_p = data;
223		X509 *cert = NULL;
224		int ret = 0;
225
#	Line 251 | Line 235 | ssl_handshake(int fd, struct Client *cli
235		{
236		case SSL_ERROR_WANT_WRITE:
237		comm_setselect(&client_p->localClient->fd, COMM_SELECT_WRITE,
238	<	(PF *)ssl_handshake, client_p, 30);
238	>	ssl_handshake, client_p, 30);
239		return;
240
241		case SSL_ERROR_WANT_READ:
242		comm_setselect(&client_p->localClient->fd, COMM_SELECT_READ,
243	<	(PF *)ssl_handshake, client_p, 30);
243	>	ssl_handshake, client_p, 30);
244		return;
245
246		default:
#	Line 270 | Line 254 | ssl_handshake(int fd, struct Client *cli
254		if ((cert = SSL_get_peer_certificate(client_p->localClient->fd.ssl)))
255		{
256		int res = SSL_get_verify_result(client_p->localClient->fd.ssl);
257	<	char buf[EVP_MAX_MD_SIZE * 2 + 1] = { '\0' };
258	<	unsigned char md[EVP_MAX_MD_SIZE] = { '\0' };
257	>	char buf[EVP_MAX_MD_SIZE * 2 + 1] = "";
258	>	unsigned char md[EVP_MAX_MD_SIZE] = "";
259
260		if (res == X509_V_OK || res == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN ||
261		res == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE ||
262		res == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
263		{
264	<	unsigned int i = 0, n = 0;
264	>	unsigned int n = 0;
265
266	<	if (X509_digest(cert, EVP_sha256(), md, &n))
266	>	if (X509_digest(cert, ConfigServerInfo.message_digest_algorithm, md, &n))
267		{
268	<	for (; i < n; ++i)
285	<	snprintf(buf + 2 * i, 3, "%02X", md[i]);
268	>	binary_to_hex(md, buf, n);
269		client_p->certfp = xstrdup(buf);
270		}
271		}
#	Line 348 | Line 331 | add_connection(struct Listener *listener
331		#ifdef HAVE_LIBCRYPTO
332		if (listener->flags & LISTENER_SSL)
333		{
334	<	if ((client_p->localClient->fd.ssl = SSL_new(ServerInfo.server_ctx)) == NULL)
334	>	if ((client_p->localClient->fd.ssl = SSL_new(ConfigServerInfo.server_ctx)) == NULL)
335		{
336		ilog(LOG_TYPE_IRCD, "SSL_new() ERROR! -- %s",
337		ERR_error_string(ERR_get_error(), NULL));
#	Line 360 | Line 343 | add_connection(struct Listener *listener
343
344		AddFlag(client_p, FLAGS_SSL);
345		SSL_set_fd(client_p->localClient->fd.ssl, fd);
346	<	ssl_handshake(0, client_p);
346	>	ssl_handshake(NULL, client_p);
347		}
348		else
349		#endif
#	Line 400 | Line 383 | ignoreErrno(int ierrno)
383		* Set the timeout for the fd
384		*/
385		void
386	<	comm_settimeout(fde_t *fd, time_t timeout, PF *callback, void *cbdata)
386	>	comm_settimeout(fde_t *fd, time_t timeout, void (*callback)(fde_t *, void *), void *cbdata)
387		{
388		assert(fd->flags.open);
389
#	Line 422 | Line 405 | comm_settimeout(fde_t *fd, time_t timeou
405		* comm_close() is replaced with fd_close() in fdlist.c
406		*/
407		void
408	<	comm_setflush(fde_t *fd, time_t timeout, PF *callback, void *cbdata)
408	>	comm_setflush(fde_t *fd, time_t timeout, void (*callback)(fde_t *, void *), void *cbdata)
409		{
410		assert(fd->flags.open);
411
#	Line 439 | Line 422 | comm_setflush(fde_t *fd, time_t timeout,
422		* this will happen.
423		*/
424		void
425	<	comm_checktimeouts(void *notused)
425	>	comm_checktimeouts(void *unused)
426		{
427		int i;
428		fde_t *F;
429	<	PF *hdl;
429	>	void (*hdl)(fde_t *, void *);
430		void *data;
431
432		for (i = 0; i < FD_HASH_SIZE; i++)
#	Line 579 | Line 562 | comm_connect_callback(fde_t *fd, int sta
562		* called ..
563		*/
564		static void
565	<	comm_connect_timeout(fde_t *fd, void *notused)
565	>	comm_connect_timeout(fde_t *fd, void *unused)
566		{
567		/* error! */
568		comm_connect_callback(fd, COMM_ERR_TIMEOUT);
#	Line 592 | Line 575 | comm_connect_timeout(fde_t *fd, void *no
575		* otherwise we initiate the connect()
576		*/
577		static void
578	<	comm_connect_dns_callback(void *vptr, const struct irc_ssaddr *addr, const char *name)
578	>	comm_connect_dns_callback(void *vptr, const struct irc_ssaddr *addr, const char *name, size_t namelength)
579		{
580		fde_t *F = vptr;
581
582	<	if (name == NULL)
582	>	if (!addr)
583		{
584		comm_connect_callback(F, COMM_ERR_DNS);
585		return;
#	Line 613 | Line 596 | comm_connect_dns_callback(void *vptr, co
596		*/
597		memcpy(&F->connect.hostaddr, addr, addr->ss_len);
598		/* The cast is hacky, but safe - port offset is same on v4 and v6 */
599	<	((struct sockaddr_in *) &F->connect.hostaddr)->sin_port =
617	<	F->connect.hostaddr.ss_port;
599	>	((struct sockaddr_in *) &F->connect.hostaddr)->sin_port = F->connect.hostaddr.ss_port;
600		F->connect.hostaddr.ss_len = addr->ss_len;
601
602		/* Now, call the tryconnect() routine to try a connect() */
603		comm_connect_tryconnect(F, NULL);
604		}
605
606	<	/* static void comm_connect_tryconnect(int fd, void *notused)
606	>	/* static void comm_connect_tryconnect(int fd, void *unused)
607		* Input: The fd, the handler data(unused).
608		* Output: None.
609		* Side-effects: Try and connect with pending connect data for the FD. If
#	Line 630 | Line 612 | comm_connect_dns_callback(void *vptr, co
612		*               to select for a write event on this FD.
613		*/
614		static void
615	<	comm_connect_tryconnect(fde_t *fd, void *notused)
615	>	comm_connect_tryconnect(fde_t *fd, void *unused)
616		{
617		int retval;
618
#	Line 720 | Line 702 | comm_open(fde_t *F, int family, int sock
702		* fd_open (this function no longer does it).
703		*/
704		int
705	<	comm_accept(struct Listener *lptr, struct irc_ssaddr *pn)
705	>	comm_accept(struct Listener *lptr, struct irc_ssaddr *addr)
706		{
707		int newfd;
708		socklen_t addrlen = sizeof(struct irc_ssaddr);
#	Line 731 | Line 713 | comm_accept(struct Listener *lptr, struc
713		return -1;
714		}
715
716	+	memset(addr, 0, sizeof(struct irc_ssaddr));
717	+
718		/*
719		* Next, do the accept(). if we get an error, we should drop the
720		* reserved fd limit, but we can deal with that when comm_open()
721		* also does it. XXX -- adrian
722		*/
723	<	newfd = accept(lptr->fd.fd, (struct sockaddr *)pn, &addrlen);
723	>	newfd = accept(lptr->fd.fd, (struct sockaddr *)addr, &addrlen);
724		if (newfd < 0)
725		return -1;
726
727	<	#ifdef IPV6
744	<	remove_ipv6_mapping(pn);
745	<	#else
746	<	pn->ss_len = addrlen;
747	<	#endif
727	>	remove_ipv6_mapping(addr);
728
729		setup_socket(newfd);
730
#	Line 758 | Line 738 | comm_accept(struct Listener *lptr, struc
738		* AF_INET and AF_INET6 map AF_INET connections inside AF_INET6 structures
739		*
740		*/
761	–	#ifdef IPV6
741		void
742		remove_ipv6_mapping(struct irc_ssaddr *addr)
743		{
#	Line 782 | Line 761 | remove_ipv6_mapping(struct irc_ssaddr *a
761		else
762		addr->ss_len = sizeof(struct sockaddr_in);
763		}
785	–	#endif

Diff Legend

–	Removed lines
+	Added lines
<	Changed lines (old)
>	Changed lines (new)