ViewVC Help

View File | Revision Log | Show Annotations | View Changeset | Root Listing

root/svn/ircd-hybrid/trunk/src/server.c

Comparing ircd-hybrid-8/src/s_serv.c (file contents):
Revision 1247 by michael, Sat Oct 1 07:54:24 2011 UTC vs.
Revision 1383 by michael, Tue May 1 11:18:22 2012 UTC

#	Line 43 | Line 43
43		#include "numeric.h"
44		#include "packet.h"
45		#include "irc_res.h"
46	<	#include "s_conf.h"
46	>	#include "conf.h"
47		#include "s_serv.h"
48	<	#include "s_log.h"
48	>	#include "log.h"
49	>	#include "s_misc.h"
50		#include "s_user.h"
51		#include "send.h"
52		#include "memory.h"
#	Line 56 | Line 57
57
58		static dlink_list cap_list = { NULL, NULL, 0 };
59		static void server_burst(struct Client *);
59	–	static int fork_server(struct Client *);
60		static void burst_all(struct Client *);
61		static void send_tb(struct Client *client_p, struct Channel *chptr);
62
63		static CNCB serv_connect_callback;
64
65	–	static void start_io(struct Client *);
65		static void burst_members(struct Client *, struct Channel *);
66
68	–	static SlinkRplHnd slink_error;
69	–	static SlinkRplHnd slink_zipstats;
70	–
71	–
72	–	#ifdef HAVE_LIBCRYPTO
73	–	struct EncCapability CipherTable[] =
74	–	{
75	–	#ifdef HAVE_EVP_BF_CFB
76	–	{ "BF/168",     CAP_ENC_BF_168,     24, CIPHER_BF     },
77	–	{ "BF/128",     CAP_ENC_BF_128,     16, CIPHER_BF     },
78	–	#endif
79	–	#ifdef HAVE_EVP_CAST5_CFB
80	–	{ "CAST/128",   CAP_ENC_CAST_128,   16, CIPHER_CAST   },
81	–	#endif
82	–	#ifdef HAVE_EVP_IDEA_CFB
83	–	{ "IDEA/128",   CAP_ENC_IDEA_128,   16, CIPHER_IDEA   },
84	–	#endif
85	–	#ifdef HAVE_EVP_RC5_32_12_16_CFB
86	–	{ "RC5.16/128", CAP_ENC_RC5_16_128, 16, CIPHER_RC5_16 },
87	–	{ "RC5.12/128", CAP_ENC_RC5_12_128, 16, CIPHER_RC5_12 },
88	–	{ "RC5.8/128",  CAP_ENC_RC5_8_128,  16, CIPHER_RC5_8  },
89	–	#endif
90	–	#ifdef HAVE_EVP_DES_EDE3_CFB
91	–	{ "3DES/168",   CAP_ENC_3DES_168,   24, CIPHER_3DES   },
92	–	#endif
93	–	#ifdef HAVE_EVP_DES_CFB
94	–	{ "DES/56",     CAP_ENC_DES_56,      8, CIPHER_DES    },
95	–	#endif
96	–	{ 0,            0,                   0, 0             }
97	–	};
98	–	#endif
99	–
100	–	struct SlinkRplDef slinkrpltab[] = {
101	–	{ SLINKRPL_ERROR,    slink_error,    SLINKRPL_FLAG_DATA },
102	–	{ SLINKRPL_ZIPSTATS, slink_zipstats, SLINKRPL_FLAG_DATA },
103	–	{ 0,                 0,              0 },
104	–	};
105	–
106	–
107	–	void
108	–	slink_error(unsigned int rpl, unsigned int len, unsigned char *data,
109	–	struct Client *server_p)
110	–	{
111	–	assert(rpl == SLINKRPL_ERROR);
112	–	assert(len < 256);
113	–
114	–	data[len-1] = '\0';
115	–
116	–	sendto_realops_flags(UMODE_ALL, L_ALL, "SlinkError for %s: %s",
117	–	server_p->name, data);
118	–	/* XXX should this be exit_client? */
119	–	exit_client(server_p, &me, "servlink error -- terminating link");
120	–	}
121	–
122	–	void
123	–	slink_zipstats(unsigned int rpl, unsigned int len, unsigned char *data,
124	–	struct Client *server_p)
125	–	{
126	–	struct ZipStats zipstats;
127	–	uint64_t in = 0, in_wire = 0, out = 0, out_wire = 0;
128	–	int i = 0;
129	–
130	–	assert(rpl == SLINKRPL_ZIPSTATS);
131	–	assert(len == 16);
132	–	assert(IsCapable(server_p, CAP_ZIP));
133	–
134	–	/* Yes, it needs to be done this way, no we cannot let the compiler
135	–	* work with the pointer to the structure.  This works around a GCC
136	–	* bug on SPARC that affects all versions at the time of this writing.
137	–	* I will feed you to the creatures living in RMS's beard if you do
138	–	* not leave this as is, without being sure that you are not causing
139	–	* regression for most of our installed SPARC base.
140	–	* -jmallett, 04/27/2002
141	–	*/
142	–	memcpy(&zipstats, &server_p->localClient->zipstats, sizeof(struct ZipStats));
143	–
144	–	in |= (data[i++] << 24);
145	–	in |= (data[i++] << 16);
146	–	in |= (data[i++] <<  8);
147	–	in |= (data[i++]      );
148	–
149	–	in_wire |= (data[i++] << 24);
150	–	in_wire |= (data[i++] << 16);
151	–	in_wire |= (data[i++] <<  8);
152	–	in_wire |= (data[i++]      );
153	–
154	–	out |= (data[i++] << 24);
155	–	out |= (data[i++] << 16);
156	–	out |= (data[i++] <<  8);
157	–	out |= (data[i++]      );
158	–
159	–	out_wire |= (data[i++] << 24);
160	–	out_wire |= (data[i++] << 16);
161	–	out_wire |= (data[i++] <<  8);
162	–	out_wire |= (data[i++]      );
163	–
164	–	/* This macro adds b to a if a plus b is not an overflow, and sets the
165	–	* value of a to b if it is.
166	–	* Add and Set if No Overflow.
167	–	*/
168	–	#define ASNO(a, b) a = (a + b >= a ? a + b : b)
169	–
170	–	ASNO(zipstats.in, in);
171	–	ASNO(zipstats.out, out);
172	–	ASNO(zipstats.in_wire, in_wire);
173	–	ASNO(zipstats.out_wire, out_wire);
174	–
175	–	if (zipstats.in > 0)
176	–	zipstats.in_ratio = (((double)(zipstats.in - zipstats.in_wire) /
177	–	(double)zipstats.in) * 100.00);
178	–	else
179	–	zipstats.in_ratio = 0;
180	–
181	–	if (zipstats.out > 0)
182	–	zipstats.out_ratio = (((double)(zipstats.out - zipstats.out_wire) /
183	–	(double)zipstats.out) * 100.00);
184	–	else
185	–	zipstats.out_ratio = 0;
186	–
187	–	memcpy(&server_p->localClient->zipstats, &zipstats, sizeof(struct ZipStats));
188	–	}
189	–
190	–	void
191	–	collect_zipstats(void *unused)
192	–	{
193	–	dlink_node *ptr = NULL;
194	–
195	–	DLINK_FOREACH(ptr, serv_list.head)
196	–	{
197	–	struct Client *target_p = ptr->data;
198	–
199	–	if (IsCapable(target_p, CAP_ZIP))
200	–	{
201	–	/* only bother if we haven't already got something queued... */
202	–	if (!target_p->localClient->slinkq)
203	–	{
204	–	target_p->localClient->slinkq     = MyMalloc(1); /* sigh.. */
205	–	target_p->localClient->slinkq[0]  = SLINKCMD_ZIPSTATS;
206	–	target_p->localClient->slinkq_ofs = 0;
207	–	target_p->localClient->slinkq_len = 1;
208	–	send_queued_slink_write(target_p);
209	–	}
210	–	}
211	–	}
212	–	}
213	–
214	–	#ifdef HAVE_LIBCRYPTO
215	–	struct EncCapability *
216	–	check_cipher(struct Client *client_p, struct AccessItem *aconf)
217	–	{
218	–	struct EncCapability *epref = NULL;
219	–
220	–	/* Use connect{} specific info if available */
221	–	if (aconf->cipher_preference)
222	–	epref = aconf->cipher_preference;
223	–	else if (ConfigFileEntry.default_cipher_preference)
224	–	epref = ConfigFileEntry.default_cipher_preference;
225	–
226	–	/*
227	–	* If the server supports the capability in hand, return the matching
228	–	* conf struct.  Otherwise, return NULL (an error).
229	–	*/
230	–	if (epref && IsCapableEnc(client_p, epref->cap))
231	–	return epref;
232	–
233	–	return NULL;
234	–	}
235	–	#endif /* HAVE_LIBCRYPTO */
236	–
67		/*
68		* write_links_file
69		*
#	Line 251 | Line 81 | write_links_file(void* notused)
81		MessageFileLine *newMessageLine = 0;
82		MessageFile *MessageFileptr;
83		const char *p;
84	<	FBFILE *file;
84	>	FILE *file;
85		char buff[512];
86		dlink_node *ptr;
87
88		MessageFileptr = &ConfigFileEntry.linksfile;
89
90	<	if ((file = fbopen(MessageFileptr->fileName, "w")) == NULL)
90	>	if ((file = fopen(MessageFileptr->fileName, "w")) == NULL)
91		return;
92
93		for (mptr = MessageFileptr->contentsOfFile; mptr; mptr = next_mptr)
#	Line 271 | Line 101 | write_links_file(void* notused)
101
102		DLINK_FOREACH(ptr, global_serv_list.head)
103		{
104	<	size_t nbytes = 0;
275	<	struct Client *target_p = ptr->data;
104	>	const struct Client *target_p = ptr->data;
105
106		/* skip ourselves, we send ourselves in /links */
107		if (IsMe(target_p))
#	Line 303 | Line 132 | write_links_file(void* notused)
132		*/
133		assert(strlen(target_p->name) + strlen(me.name) + 6 + strlen(p) <=
134		MESSAGELINELEN);
135	<	ircsprintf(newMessageLine->line, "%s %s :1 %s",
136	<	target_p->name, me.name, p);
135	>	snprintf(newMessageLine->line, sizeof(newMessageLine->line), "%s %s :1 %s",
136	>	target_p->name, me.name, p);
137		newMessageLine->next = NULL;
138
139		if (MessageFileptr->contentsOfFile)
#	Line 319 | Line 148 | write_links_file(void* notused)
148		currentMessageLine = newMessageLine;
149		}
150
151	<	nbytes = ircsprintf(buff, "%s %s :1 %s\n", target_p->name, me.name, p);
152	<	fbputs(buff, file, nbytes);
151	>	snprintf(buff, sizeof(buff), "%s %s :1 %s\n", target_p->name, me.name, p);
152	>	fputs(buff, file);
153		}
154
155	<	fbclose(file);
155	>	fclose(file);
156		}
157
158		/* hunt_server()
#	Line 354 | Line 183 | hunt_server(struct Client *client_p, str
183		dlink_node *ptr;
184		int wilds;
185
186	<	/* Assume it's me, if no server
187	<	*/
188	<	if (parc <= server || EmptyString(parv[server]) ||
189	<	match(me.name, parv[server]) ||
190	<	match(parv[server], me.name) ||
191	<	!strcmp(parv[server], me.id))
363	<	return(HUNTED_ISME);
186	>	/* Assume it's me, if no server */
187	>	if (parc <= server || EmptyString(parv[server]))
188	>	return HUNTED_ISME;
189	>
190	>	if (!strcmp(parv[server], me.id) || match(parv[server], me.name))
191	>	return HUNTED_ISME;
192
193		/* These are to pickup matches that would cause the following
194		* message to go in the wrong direction while doing quick fast
#	Line 496 | Line 324 | try_connections(void *unused)
324		confrq = DEFAULT_CONNECTFREQUENCY;
325		else
326		{
327	<	confrq = ConFreq(cltmp);
328	<	if (confrq < MIN_CONN_FREQ )
327	>	confrq = cltmp->con_freq;
328	>	if (confrq < MIN_CONN_FREQ)
329		confrq = MIN_CONN_FREQ;
330		}
331
#	Line 509 | Line 337 | try_connections(void *unused)
337		if (hash_find_server(conf->name) != NULL)
338		continue;
339
340	<	if (CurrUserCount(cltmp) < MaxTotal(cltmp))
340	>	if (cltmp->curr_user_count < cltmp->max_total)
341		{
342		/* Go to the end of the list, if not already last */
343		if (ptr->next != NULL)
#	Line 565 | Line 393 | valid_servname(const char *name)
393		}
394
395		int
396	<	check_server(const char *name, struct Client *client_p, int cryptlink)
396	>	check_server(const char *name, struct Client *client_p)
397		{
398		dlink_node *ptr;
399		struct ConfItem *conf           = NULL;
#	Line 599 | Line 427 | check_server(const char *name, struct Cl
427		match(aconf->host, client_p->sockhost))
428		{
429		error = -2;
602	–	#ifdef HAVE_LIBCRYPTO
603	–	if (cryptlink && IsConfCryptLink(aconf))
604	–	{
605	–	if (aconf->rsa_public_key)
606	–	server_conf = conf;
607	–	}
608	–	else if (!(cryptlink || IsConfCryptLink(aconf)))
609	–	#endif /* HAVE_LIBCRYPTO */
430		{
431		/* A NULL password is as good as a bad one */
432		if (EmptyString(client_p->localClient->passwd))
#	Line 637 | Line 457 | check_server(const char *name, struct Cl
457
458		attach_conf(client_p, server_conf);
459
640	–	/* Now find all leaf or hub config items for this server */
641	–	DLINK_FOREACH(ptr, hub_items.head)
642	–	{
643	–	conf = ptr->data;
644	–
645	–	if (!match(name, conf->name))
646	–	continue;
647	–	attach_conf(client_p, conf);
648	–	}
649	–
650	–	DLINK_FOREACH(ptr, leaf_items.head)
651	–	{
652	–	conf = ptr->data;
653	–
654	–	if (!match(name, conf->name))
655	–	continue;
656	–	attach_conf(client_p, conf);
657	–	}
658	–
460		server_aconf = map_to_conf(server_conf);
461
661	–	#ifdef HAVE_LIBZ /* otherwise, clear it unconditionally */
662	–	if (!IsConfCompressed(server_aconf))
663	–	#endif
664	–	ClearCap(client_p, CAP_ZIP);
665	–	if (!IsConfCryptLink(server_aconf))
666	–	ClearCap(client_p, CAP_ENC);
462		if (!IsConfTopicBurst(server_aconf))
463		{
464		ClearCap(client_p, CAP_TB);
#	Line 781 | Line 576 | find_capability(const char *capab)
576		* inputs       - Client pointer to send to
577		*              - Pointer to AccessItem (for crypt)
578		*              - int flag of capabilities that this server can send
784	–	*              - int flag of encryption capabilities
579		* output       - NONE
580		* side effects - send the CAPAB line to a server  -orabidoo
581		*
582		*/
583		void
584		send_capabilities(struct Client *client_p, struct AccessItem *aconf,
585	<	int cap_can_send, int enc_can_send)
585	>	int cap_can_send)
586		{
587		struct Capability *cap=NULL;
588		char msgbuf[IRCD_BUFSIZE];
589		char *t;
590		int tl;
591		dlink_node *ptr;
798	–	#ifdef HAVE_LIBCRYPTO
799	–	const struct EncCapability *epref = NULL;
800	–	char *capend;
801	–	int sent_cipher = 0;
802	–	#endif
592
593		t = msgbuf;
594
#	Line 813 | Line 602 | send_capabilities(struct Client *client_
602		t += tl;
603		}
604		}
816	–	#ifdef HAVE_LIBCRYPTO
817	–	if (enc_can_send)
818	–	{
819	–	capend = t;
820	–	strcpy(t, "ENC:");
821	–	t += 4;
822	–
823	–	/* use connect{} specific info if available */
824	–	if (aconf->cipher_preference)
825	–	epref = aconf->cipher_preference;
826	–	else if (ConfigFileEntry.default_cipher_preference)
827	–	epref = ConfigFileEntry.default_cipher_preference;
828	–
829	–	if (epref && (epref->cap & enc_can_send))
830	–	{
831	–	/* Leave the space -- it is removed later. */
832	–	tl = ircsprintf(t, "%s ", epref->name);
833	–	t += tl;
834	–	sent_cipher = 1;
835	–	}
605
837	–	if (!sent_cipher)
838	–	t = capend; /* truncate string before ENC:, below */
839	–	}
840	–	#endif
606		*(t - 1) = '\0';
607		sendto_one(client_p, "CAPAB :%s", msgbuf);
608		}
#	Line 857 | Line 622 | sendnick_TS(struct Client *client_p, str
622		if (!IsClient(target_p))
623		return;
624
625	<	send_umode(NULL, target_p, 0, HasOFlag(target_p, OPER_FLAG_HIDDEN_ADMIN) ?
861	<	SEND_UMODES & ~UMODE_ADMIN : SEND_UMODES, ubuf);
625	>	send_umode(NULL, target_p, 0, SEND_UMODES, ubuf);
626
627		if (ubuf[0] == '\0')
628		{
#	Line 934 | Line 698 | show_capabilities(struct Client *target_
698		if (IsCapable(target_p, cap->cap))
699		t += ircsprintf(t, "%s ", cap->name);
700		}
937	–	#ifdef HAVE_LIBCRYPTO
938	–	if (IsCapable(target_p, CAP_ENC) &&
939	–	target_p->localClient->in_cipher &&
940	–	target_p->localClient->out_cipher)
941	–	t += ircsprintf(t, "ENC:%s ",
942	–	target_p->localClient->in_cipher->name);
943	–	#endif
944	–	*(t - 1) = '\0';
701
702	<	return(msgbuf);
702	>	*(t - 1) = '\0';
703	>	return msgbuf;
704		}
705
706		/* make_server()
#	Line 978 | Line 735 | server_estab(struct Client *client_p)
735		const char *inpath;
736		static char inpath_ip[HOSTLEN * 2 + USERLEN + 6];
737		dlink_node *ptr;
738	+	#ifdef HAVE_LIBCRYPTO
739	+	const COMP_METHOD *compression = NULL, *expansion = NULL;
740	+	#endif
741
742		assert(client_p != NULL);
743
#	Line 1018 | Line 778 | server_estab(struct Client *client_p)
778
779		aconf = map_to_conf(conf);
780
781	<	if (IsUnknown(client_p) && !IsConfCryptLink(aconf))
781	>	if (IsUnknown(client_p))
782		{
783		/* jdc -- 1.  Use EmptyString(), not [0] index reference.
784		*        2.  Check aconf->spasswd, not aconf->passwd.
#	Line 1035 | Line 795 | server_estab(struct Client *client_p)
795		*/
796
797		send_capabilities(client_p, aconf,
798	<	(IsConfCompressed(aconf) ? CAP_ZIP : 0)
1039	<	| (IsConfTopicBurst(aconf) ? CAP_TBURST|CAP_TB : 0), 0);
798	>	(IsConfTopicBurst(aconf) ? CAP_TBURST|CAP_TB : 0));
799
1041	–	/* SERVER is the last command sent before switching to ziplinks.
1042	–	* We set TCPNODELAY on the socket to make sure it gets sent out
1043	–	* on the wire immediately.  Otherwise, it could be sitting in
1044	–	* a kernel buffer when we start sending zipped data, and the
1045	–	* parser on the receiving side can't hand both unzipped and zipped
1046	–	* data in one packet. --Rodder
1047	–	*
1048	–	* currently we only need to call send_queued_write,
1049	–	* Nagle is already disabled at this point --adx
1050	–	*/
800		sendto_one(client_p, "SERVER %s 1 :%s%s",
801		me.name, ConfigServerHide.hidden ? "(H) " : "", me.info);
1053	–	send_queued_write(client_p);
1054	–	}
1055	–
1056	–	/* Hand the server off to servlink now */
1057	–	if (IsCapable(client_p, CAP_ENC) || IsCapable(client_p, CAP_ZIP))
1058	–	{
1059	–	if (fork_server(client_p) < 0)
1060	–	{
1061	–	sendto_realops_flags(UMODE_ALL, L_ADMIN,
1062	–	"Warning: fork failed for server %s -- check servlink_path (%s)",
1063	–	get_client_name(client_p, HIDE_IP), ConfigFileEntry.servlink_path);
1064	–	sendto_realops_flags(UMODE_ALL, L_OPER, "Warning: fork failed for server "
1065	–	"%s -- check servlink_path (%s)",
1066	–	get_client_name(client_p, MASK_IP),
1067	–	ConfigFileEntry.servlink_path);
1068	–	exit_client(client_p, &me, "fork failed");
1069	–	return;
1070	–	}
1071	–
1072	–	start_io(client_p);
1073	–	SetServlink(client_p);
802		}
803
804		sendto_one(client_p, "SVINFO %d %d 0 :%lu", TS_CURRENT, TS_MIN,
#	Line 1123 | Line 851 | server_estab(struct Client *client_p)
851		/* fixing eob timings.. -gnp */
852		client_p->localClient->firsttime = CurrentTime;
853
1126	–
854		if (find_matching_name_conf(SERVICE_TYPE, client_p->name, NULL, NULL, 0))
855		AddFlag(client_p, FLAGS_SERVICE);
856
857		/* Show the real host/IP to admins */
858	<	sendto_realops_flags(UMODE_ALL, L_ADMIN,
859	<	"Link with %s established: (%s) link",
1133	<	inpath_ip,show_capabilities(client_p));
1134	<	/* Now show the masked hostname/IP to opers */
1135	<	sendto_realops_flags(UMODE_ALL, L_OPER,
1136	<	"Link with %s established: (%s) link",
1137	<	inpath,show_capabilities(client_p));
1138	<	ilog(LOG_TYPE_IRCD, "Link with %s established: (%s) link",
1139	<	inpath_ip, show_capabilities(client_p));
1140	<
1141	<	client_p->serv->sconf = conf;
1142	<
1143	<	if (HasServlink(client_p))
858	>	#ifdef HAVE_LIBCRYPTO
859	>	if (client_p->localClient->fd.ssl)
860		{
861	<	/* we won't overflow FD_DESC_SZ here, as it can hold
862	<	* client_p->name + 64
863	<	*/
864	<	fd_note(&client_p->localClient->fd, "slink data: %s", client_p->name);
865	<	fd_note(&client_p->localClient->ctrlfd, "slink ctrl: %s", client_p->name);
861	>	compression = SSL_get_current_compression(client_p->localClient->fd.ssl);
862	>	expansion   = SSL_get_current_expansion(client_p->localClient->fd.ssl);
863	>
864	>	sendto_realops_flags(UMODE_ALL, L_ADMIN,
865	>	"Link with %s established: [SSL: %s, Compression/Expansion method: %s/%s] (Capabilities: %s)",
866	>	inpath_ip, ssl_get_cipher(client_p->localClient->fd.ssl),
867	>	compression ? SSL_COMP_get_name(compression) : "NONE",
868	>	expansion ? SSL_COMP_get_name(expansion) : "NONE",
869	>	show_capabilities(client_p));
870	>	/* Now show the masked hostname/IP to opers */
871	>	sendto_realops_flags(UMODE_ALL, L_OPER,
872	>	"Link with %s established: [SSL: %s, Compression/Expansion method: %s/%s] (Capabilities: %s)",
873	>	inpath, ssl_get_cipher(client_p->localClient->fd.ssl),
874	>	compression ? SSL_COMP_get_name(compression) : "NONE",
875	>	expansion ? SSL_COMP_get_name(expansion) : "NONE",
876	>	show_capabilities(client_p));
877	>	ilog(LOG_TYPE_IRCD, "Link with %s established: [SSL: %s, Compression/Expansion method: %s/%s] (Capabilities: %s)",
878	>	inpath_ip, ssl_get_cipher(client_p->localClient->fd.ssl),
879	>	compression ? SSL_COMP_get_name(compression) : "NONE",
880	>	expansion ? SSL_COMP_get_name(expansion) : "NONE",
881	>	show_capabilities(client_p));
882		}
883		else
884	<	fd_note(&client_p->localClient->fd, "Server: %s", client_p->name);
884	>	#endif
885	>	{
886	>	sendto_realops_flags(UMODE_ALL, L_ADMIN,
887	>	"Link with %s established: (Capabilities: %s)",
888	>	inpath_ip,show_capabilities(client_p));
889	>	/* Now show the masked hostname/IP to opers */
890	>	sendto_realops_flags(UMODE_ALL, L_OPER,
891	>	"Link with %s established: (Capabilities: %s)",
892	>	inpath,show_capabilities(client_p));
893	>	ilog(LOG_TYPE_IRCD, "Link with %s established: (Capabilities: %s)",
894	>	inpath_ip, show_capabilities(client_p));
895	>	}
896	>
897	>	client_p->serv->sconf = conf;
898	>
899	>	fd_note(&client_p->localClient->fd, "Server: %s", client_p->name);
900
901		/* Old sendto_serv_but_one() call removed because we now
902		** need to send different names to different servers
#	Line 1221 | Line 968 | server_estab(struct Client *client_p)
968		server_burst(client_p);
969		}
970
1224	–	static void
1225	–	start_io(struct Client *server)
1226	–	{
1227	–	struct LocalUser *lserver = server->localClient;
1228	–	int alloclen = 1;
1229	–	char *buf;
1230	–	dlink_node *ptr;
1231	–	struct dbuf_block *block;
1232	–
1233	–	/* calculate how many bytes to allocate */
1234	–	if (IsCapable(server, CAP_ZIP))
1235	–	alloclen += 6;
1236	–	#ifdef HAVE_LIBCRYPTO
1237	–	if (IsCapable(server, CAP_ENC))
1238	–	alloclen += 16 + lserver->in_cipher->keylen + lserver->out_cipher->keylen;
1239	–	#endif
1240	–	alloclen += dbuf_length(&lserver->buf_recvq);
1241	–	alloclen += dlink_list_length(&lserver->buf_recvq.blocks) * 3;
1242	–	alloclen += dbuf_length(&lserver->buf_sendq);
1243	–	alloclen += dlink_list_length(&lserver->buf_sendq.blocks) * 3;
1244	–
1245	–	/* initialize servlink control sendq */
1246	–	lserver->slinkq = buf = MyMalloc(alloclen);
1247	–	lserver->slinkq_ofs = 0;
1248	–	lserver->slinkq_len = alloclen;
1249	–
1250	–	if (IsCapable(server, CAP_ZIP))
1251	–	{
1252	–	/* ziplink */
1253	–	*buf++ = SLINKCMD_SET_ZIP_OUT_LEVEL;
1254	–	*buf++ = 0; /* |          */
1255	–	*buf++ = 1; /* \ len is 1 */
1256	–	*buf++ = ConfigFileEntry.compression_level;
1257	–	*buf++ = SLINKCMD_START_ZIP_IN;
1258	–	*buf++ = SLINKCMD_START_ZIP_OUT;
1259	–	}
1260	–	#ifdef HAVE_LIBCRYPTO
1261	–	if (IsCapable(server, CAP_ENC))
1262	–	{
1263	–	/* Decryption settings */
1264	–	*buf++ = SLINKCMD_SET_CRYPT_IN_CIPHER;
1265	–	*buf++ = 0; /* /                     (upper 8-bits of len) */
1266	–	*buf++ = 1; /* \ cipher id is 1 byte (lower 8-bits of len) */
1267	–	*buf++ = lserver->in_cipher->cipherid;
1268	–	*buf++ = SLINKCMD_SET_CRYPT_IN_KEY;
1269	–	*buf++ = 0; /* keylen < 256 */
1270	–	*buf++ = lserver->in_cipher->keylen;
1271	–	memcpy(buf, lserver->in_key, lserver->in_cipher->keylen);
1272	–	buf += lserver->in_cipher->keylen;
1273	–	/* Encryption settings */
1274	–	*buf++ = SLINKCMD_SET_CRYPT_OUT_CIPHER;
1275	–	*buf++ = 0; /* /                     (upper 8-bits of len) */
1276	–	*buf++ = 1; /* \ cipher id is 1 byte (lower 8-bits of len) */
1277	–	*buf++ = lserver->out_cipher->cipherid;
1278	–	*buf++ = SLINKCMD_SET_CRYPT_OUT_KEY;
1279	–	*buf++ = 0; /* keylen < 256 */
1280	–	*buf++ = lserver->out_cipher->keylen;
1281	–	memcpy(buf, lserver->out_key, lserver->out_cipher->keylen);
1282	–	buf += lserver->out_cipher->keylen;
1283	–	*buf++ = SLINKCMD_START_CRYPT_IN;
1284	–	*buf++ = SLINKCMD_START_CRYPT_OUT;
1285	–	}
1286	–	#endif
1287	–
1288	–	/* pass the whole recvq to servlink */
1289	–	DLINK_FOREACH (ptr, lserver->buf_recvq.blocks.head)
1290	–	{
1291	–	block = ptr->data;
1292	–	*buf++ = SLINKCMD_INJECT_RECVQ;
1293	–	*buf++ = (block->size >> 8);
1294	–	*buf++ = (block->size & 0xff);
1295	–	memcpy(buf, &block->data[0], block->size);
1296	–	buf += block->size;
1297	–	}
1298	–
1299	–	dbuf_clear(&lserver->buf_recvq);
1300	–
1301	–	/* pass the whole sendq to servlink */
1302	–	DLINK_FOREACH (ptr, lserver->buf_sendq.blocks.head)
1303	–	{
1304	–	block = ptr->data;
1305	–	*buf++ = SLINKCMD_INJECT_SENDQ;
1306	–	*buf++ = (block->size >> 8);
1307	–	*buf++ = (block->size & 0xff);
1308	–	memcpy(buf, &block->data[0], block->size);
1309	–	buf += block->size;
1310	–	}
1311	–
1312	–	dbuf_clear(&lserver->buf_sendq);
1313	–
1314	–	/* start io */
1315	–	*buf++ = SLINKCMD_INIT;
1316	–
1317	–	/* schedule a write */
1318	–	send_queued_slink_write(server);
1319	–	}
1320	–
1321	–	/* fork_server()
1322	–	*
1323	–	* inputs       - struct Client *server
1324	–	* output       - success: 0 / failure: -1
1325	–	* side effect  - fork, and exec SERVLINK to handle this connection
1326	–	*/
1327	–	static int
1328	–	fork_server(struct Client *server)
1329	–	{
1330	–	#ifndef HAVE_SOCKETPAIR
1331	–	return -1;
1332	–	#else
1333	–	int i;
1334	–	int slink_fds[2][2];
1335	–	/* 0? - ctrl  | 1? - data
1336	–	* ?0 - child | ?1 - parent */
1337	–
1338	–	if (socketpair(AF_UNIX, SOCK_STREAM, 0, slink_fds[0]) < 0)
1339	–	return -1;
1340	–	if (socketpair(AF_UNIX, SOCK_STREAM, 0, slink_fds[1]) < 0)
1341	–	goto free_ctrl_fds;
1342	–
1343	–	if ((i = fork()) < 0)
1344	–	{
1345	–	close(slink_fds[1][0]);  close(slink_fds[1][1]);
1346	–	free_ctrl_fds:
1347	–	close(slink_fds[0][0]);  close(slink_fds[0][1]);
1348	–	return -1;
1349	–	}
1350	–
1351	–	if (i == 0)
1352	–	{
1353	–	char fd_str[3][6];   /* store 3x sizeof("65535") */
1354	–	char *kid_argv[7];
1355	–
1356	–	#ifdef O_ASYNC
1357	–	fcntl(server->localClient->fd.fd, F_SETFL,
1358	–	fcntl(server->localClient->fd.fd, F_GETFL, 0) & ~O_ASYNC);
1359	–	#endif
1360	–	close_fds(&server->localClient->fd);
1361	–	close(slink_fds[0][1]);
1362	–	close(slink_fds[1][1]);
1363	–
1364	–	sprintf(fd_str[0], "%d", slink_fds[0][0]);
1365	–	sprintf(fd_str[1], "%d", slink_fds[1][0]);
1366	–	sprintf(fd_str[2], "%d", server->localClient->fd.fd);
1367	–
1368	–	kid_argv[0] = "-slink";
1369	–	kid_argv[1] = kid_argv[2] = fd_str[0];  /* ctrl */
1370	–	kid_argv[3] = kid_argv[4] = fd_str[1];  /* data */
1371	–	kid_argv[5] = fd_str[2];    /* network */
1372	–	kid_argv[6] = NULL;
1373	–
1374	–	execv(ConfigFileEntry.servlink_path, kid_argv);
1375	–
1376	–	_exit(1);
1377	–	}
1378	–
1379	–	/* close the network fd and the child ends of the pipes */
1380	–	fd_close(&server->localClient->fd);
1381	–	close(slink_fds[0][0]);
1382	–	close(slink_fds[1][0]);
1383	–
1384	–	execute_callback(setup_socket_cb, slink_fds[0][1]);
1385	–	execute_callback(setup_socket_cb, slink_fds[1][1]);
1386	–
1387	–	fd_open(&server->localClient->ctrlfd, slink_fds[0][1], 1, "slink ctrl");
1388	–	fd_open(&server->localClient->fd, slink_fds[1][1], 1, "slink data");
1389	–
1390	–	read_ctrl_packet(&server->localClient->ctrlfd, server);
1391	–	read_packet(&server->localClient->fd, server);
1392	–
1393	–	return 0;
1394	–	#endif
1395	–	}
1396	–
971		/* server_burst()
972		*
973		* inputs       - struct Client pointer server
#	Line 1771 | Line 1345 | serv_connect(struct AccessItem *aconf, s
1345		return (1);
1346		}
1347
1348	+	#ifdef HAVE_LIBCRYPTO
1349	+	static void
1350	+	finish_ssl_server_handshake(struct Client *client_p)
1351	+	{
1352	+	struct ConfItem *conf=NULL;
1353	+	struct AccessItem *aconf=NULL;
1354	+
1355	+	conf = find_conf_name(&client_p->localClient->confs,
1356	+	client_p->name, SERVER_TYPE);
1357	+	if (conf == NULL)
1358	+	{
1359	+	sendto_realops_flags(UMODE_ALL, L_ADMIN,
1360	+	"Lost connect{} block for %s", get_client_name(client_p, HIDE_IP));
1361	+	sendto_realops_flags(UMODE_ALL, L_OPER,
1362	+	"Lost connect{} block for %s", get_client_name(client_p, MASK_IP));
1363	+
1364	+	exit_client(client_p, &me, "Lost connect{} block");
1365	+	return;
1366	+	}
1367	+
1368	+	aconf = map_to_conf(conf);
1369	+
1370	+	/* jdc -- Check and send spasswd, not passwd. */
1371	+	if (!EmptyString(aconf->spasswd))
1372	+	sendto_one(client_p, "PASS %s TS %d %s",
1373	+	aconf->spasswd, TS_CURRENT, me.id);
1374	+
1375	+	send_capabilities(client_p, aconf,
1376	+	(IsConfTopicBurst(aconf) ? CAP_TBURST|CAP_TB : 0));
1377	+
1378	+	sendto_one(client_p, "SERVER %s 1 :%s%s",
1379	+	me.name, ConfigServerHide.hidden ? "(H) " : "",
1380	+	me.info);
1381	+
1382	+	/* If we've been marked dead because a send failed, just exit
1383	+	* here now and save everyone the trouble of us ever existing.
1384	+	*/
1385	+	if (IsDead(client_p))
1386	+	{
1387	+	sendto_realops_flags(UMODE_ALL, L_ADMIN,
1388	+	"%s[%s] went dead during handshake",
1389	+	client_p->name,
1390	+	client_p->host);
1391	+	sendto_realops_flags(UMODE_ALL, L_OPER,
1392	+	"%s went dead during handshake", client_p->name);
1393	+	return;
1394	+	}
1395	+
1396	+	/* don't move to serv_list yet -- we haven't sent a burst! */
1397	+	/* If we get here, we're ok, so lets start reading some data */
1398	+	comm_setselect(&client_p->localClient->fd, COMM_SELECT_READ, read_packet, client_p, 0);
1399	+	}
1400	+
1401	+	static void
1402	+	ssl_server_handshake(fde_t *fd, struct Client *client_p)
1403	+	{
1404	+	int ret;
1405	+	int err;
1406	+
1407	+	ret = SSL_connect(client_p->localClient->fd.ssl);
1408	+
1409	+	if (ret <= 0)
1410	+	{
1411	+	switch ((err = SSL_get_error(client_p->localClient->fd.ssl, ret)))
1412	+	{
1413	+	case SSL_ERROR_WANT_WRITE:
1414	+	comm_setselect(&client_p->localClient->fd, COMM_SELECT_WRITE,
1415	+	(PF *)ssl_server_handshake, client_p, 0);
1416	+	return;
1417	+	case SSL_ERROR_WANT_READ:
1418	+	comm_setselect(&client_p->localClient->fd, COMM_SELECT_READ,
1419	+	(PF *)ssl_server_handshake, client_p, 0);
1420	+	return;
1421	+	default:
1422	+	{
1423	+	const char *sslerr = ERR_error_string(ERR_get_error(), NULL);
1424	+	sendto_realops_flags(UMODE_ALL, L_ALL,
1425	+	"Error connecting to %s: %s", client_p->name,
1426	+	sslerr ? sslerr : "unknown SSL error");
1427	+	exit_client(client_p, client_p, "Error during SSL handshake");
1428	+	return;
1429	+	}
1430	+	}
1431	+	}
1432	+
1433	+	finish_ssl_server_handshake(client_p);
1434	+	}
1435	+
1436	+	static void
1437	+	ssl_connect_init(struct Client *client_p, struct AccessItem *aconf, fde_t *fd)
1438	+	{
1439	+	if ((client_p->localClient->fd.ssl = SSL_new(ServerInfo.client_ctx)) == NULL)
1440	+	{
1441	+	ilog(LOG_TYPE_IRCD, "SSL_new() ERROR! -- %s",
1442	+	ERR_error_string(ERR_get_error(), NULL));
1443	+	SetDead(client_p);
1444	+	exit_client(client_p, client_p, "SSL_new failed");
1445	+	return;
1446	+	}
1447	+
1448	+	SSL_set_fd(fd->ssl, fd->fd);
1449	+
1450	+	if (!EmptyString(aconf->cipher_list))
1451	+	SSL_set_cipher_list(client_p->localClient->fd.ssl, aconf->cipher_list);
1452	+
1453	+	ssl_server_handshake(NULL, client_p);
1454	+	}
1455	+	#endif
1456	+
1457		/* serv_connect_callback() - complete a server connection.
1458		*
1459		* This routine is called after the server connection attempt has
#	Line 1834 | Line 1517 | serv_connect_callback(fde_t *fd, int sta
1517		return;
1518		}
1519
1520	<	aconf = (struct AccessItem *)map_to_conf(conf);
1520	>	aconf = map_to_conf(conf);
1521		/* Next, send the initial handshake */
1522		SetHandshake(client_p);
1523
1524		#ifdef HAVE_LIBCRYPTO
1525	<	/* Handle all CRYPTLINK links in cryptlink_init */
1843	<	if (IsConfCryptLink(aconf))
1525	>	if (IsConfSSL(aconf))
1526		{
1527	<	cryptlink_init(client_p, conf, fd);
1527	>	ssl_connect_init(client_p, aconf, fd);
1528		return;
1529		}
1530		#endif
1531
1532		/* jdc -- Check and send spasswd, not passwd. */
1533		if (!EmptyString(aconf->spasswd))
1852	–	/* Send TS 6 form only if id */
1534		sendto_one(client_p, "PASS %s TS %d %s",
1535		aconf->spasswd, TS_CURRENT, me.id);
1536
1856	–	/* Pass my info to the new server
1857	–	*
1858	–	* Pass on ZIP if supported
1859	–	* Pass on TB if supported.
1860	–	* - Dianora
1861	–	*/
1537		send_capabilities(client_p, aconf,
1538	<	(IsConfCompressed(aconf) ? CAP_ZIP : 0)
1864	<	| (IsConfTopicBurst(aconf) ? CAP_TBURST|CAP_TB : 0), 0);
1538	>	(IsConfTopicBurst(aconf) ? CAP_TBURST|CAP_TB : 0));
1539
1540		sendto_one(client_p, "SERVER %s 1 :%s%s",
1541		me.name, ConfigServerHide.hidden ? "(H) " : "",
#	Line 1903 | Line 1577 | find_servconn_in_progress(const char *na
1577
1578		return NULL;
1579		}
1906	–
1907	–	#ifdef HAVE_LIBCRYPTO
1908	–	/*
1909	–	* sends a CRYPTLINK SERV command.
1910	–	*/
1911	–	void
1912	–	cryptlink_init(struct Client *client_p, struct ConfItem *conf, fde_t *fd)
1913	–	{
1914	–	struct AccessItem *aconf;
1915	–	char *encrypted;
1916	–	unsigned char *key_to_send;
1917	–	char randkey[CIPHERKEYLEN];
1918	–	int enc_len;
1919	–
1920	–	/* get key */
1921	–	if ((!ServerInfo.rsa_private_key) ||
1922	–	(!RSA_check_key(ServerInfo.rsa_private_key)) )
1923	–	{
1924	–	cryptlink_error(client_p, "SERV", "Invalid RSA private key",
1925	–	"Invalid RSA private key");
1926	–	return;
1927	–	}
1928	–
1929	–	aconf = (struct AccessItem *)map_to_conf(conf);
1930	–
1931	–	if (aconf->rsa_public_key == NULL)
1932	–	{
1933	–	cryptlink_error(client_p, "SERV", "Invalid RSA public key",
1934	–	"Invalid RSA public key");
1935	–	return;
1936	–	}
1937	–
1938	–	if (get_randomness((unsigned char *)randkey, CIPHERKEYLEN) != 1)
1939	–	{
1940	–	cryptlink_error(client_p, "SERV", "Couldn't generate keyphrase",
1941	–	"Couldn't generate keyphrase");
1942	–	return;
1943	–	}
1944	–
1945	–	encrypted = MyMalloc(RSA_size(ServerInfo.rsa_private_key));
1946	–	enc_len   = RSA_public_encrypt(CIPHERKEYLEN,
1947	–	(unsigned char *)randkey,
1948	–	(unsigned char *)encrypted,
1949	–	aconf->rsa_public_key,
1950	–	RSA_PKCS1_PADDING);
1951	–
1952	–	memcpy(client_p->localClient->in_key, randkey, CIPHERKEYLEN);
1953	–
1954	–	if (enc_len <= 0)
1955	–	{
1956	–	report_crypto_errors();
1957	–	MyFree(encrypted);
1958	–	cryptlink_error(client_p, "SERV", "Couldn't encrypt data",
1959	–	"Couldn't encrypt data");
1960	–	return;
1961	–	}
1962	–
1963	–	if (!(base64_block(&key_to_send, encrypted, enc_len)))
1964	–	{
1965	–	MyFree(encrypted);
1966	–	cryptlink_error(client_p, "SERV", "Couldn't base64 encode key",
1967	–	"Couldn't base64 encode key");
1968	–	return;
1969	–	}
1970	–
1971	–	send_capabilities(client_p, aconf,
1972	–	(IsConfCompressed(aconf) ? CAP_ZIP : 0)
1973	–	| (IsConfTopicBurst(aconf) ? CAP_TBURST|CAP_TB : 0), CAP_ENC_MASK);
1974	–
1975	–	sendto_one(client_p, "PASS . TS %d %s", TS_CURRENT, me.id);
1976	–	sendto_one(client_p, "CRYPTLINK SERV %s %s :%s%s",
1977	–	me.name, key_to_send,
1978	–	ConfigServerHide.hidden ? "(H) " : "", me.info);
1979	–
1980	–	SetHandshake(client_p);
1981	–	SetWaitAuth(client_p);
1982	–
1983	–	MyFree(encrypted);
1984	–	MyFree(key_to_send);
1985	–
1986	–	if (IsDead(client_p))
1987	–	cryptlink_error(client_p, "SERV", "Went dead during handshake",
1988	–	"Went dead during handshake");
1989	–	else if (fd != NULL)
1990	–	/* If we get here, we're ok, so lets start reading some data */
1991	–	comm_setselect(fd, COMM_SELECT_READ, read_packet, client_p, 0);
1992	–	}
1993	–
1994	–	void
1995	–	cryptlink_error(struct Client *client_p, const char *type,
1996	–	const char *reason, const char *client_reason)
1997	–	{
1998	–	sendto_realops_flags(UMODE_ALL, L_ADMIN, "%s: CRYPTLINK %s error - %s",
1999	–	get_client_name(client_p, SHOW_IP), type, reason);
2000	–	sendto_realops_flags(UMODE_ALL, L_OPER,  "%s: CRYPTLINK %s error - %s",
2001	–	get_client_name(client_p, MASK_IP), type, reason);
2002	–	ilog(LOG_TYPE_IRCD, "%s: CRYPTLINK %s error - %s",
2003	–	get_client_name(client_p, SHOW_IP), type, reason);
2004	–
2005	–	/* If client_reason isn't NULL, then exit the client with the message
2006	–	* defined in the call.
2007	–	*/
2008	–	if ((client_reason != NULL) && (!IsDead(client_p)))
2009	–	exit_client(client_p, &me, client_reason);
2010	–	}
2011	–
2012	–	static char base64_chars[] =
2013	–	"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
2014	–
2015	–	static char base64_values[] =
2016	–	{
2017	–	/* 00-15   */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
2018	–	/* 16-31   */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
2019	–	/* 32-47   */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, 62, -1, -1, -1, 63,
2020	–	/* 48-63   */ 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -1, -1, -1,  0, -1, -1,
2021	–	/* 64-79   */ -1,  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14,
2022	–	/* 80-95   */ 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -1, -1, -1, -1, -1,
2023	–	/* 96-111  */ -1, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
2024	–	/* 112-127 */ 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -1, -1, -1, -1, -1,
2025	–	/* 128-143 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
2026	–	/* 144-159 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
2027	–	/* 160-175 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
2028	–	/* 186-191 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
2029	–	/* 192-207 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
2030	–	/* 208-223 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
2031	–	/* 224-239 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
2032	–	/* 240-255 */ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1
2033	–	};
2034	–
2035	–	/*
2036	–	* base64_block will allocate and return a new block of memory
2037	–	* using MyMalloc().  It should be freed after use.
2038	–	*/
2039	–	int
2040	–	base64_block(unsigned char **output, char *data, int len)
2041	–	{
2042	–	unsigned char *out;
2043	–	unsigned char *in = (unsigned char*)data;
2044	–	unsigned long int q_in;
2045	–	int i;
2046	–	int count = 0;
2047	–
2048	–	out = MyMalloc(((((len + 2) - ((len + 2) % 3)) / 3) * 4) + 1);
2049	–
2050	–	/* process 24 bits at a time */
2051	–	for( i = 0; i < len; i += 3)
2052	–	{
2053	–	q_in = 0;
2054	–
2055	–	if ( i + 2 < len )
2056	–	{
2057	–	q_in  = (in[i+2] & 0xc0) << 2;
2058	–	q_in |=  in[i+2];
2059	–	}
2060	–
2061	–	if ( i + 1 < len )
2062	–	{
2063	–	q_in |= (in[i+1] & 0x0f) << 10;
2064	–	q_in |= (in[i+1] & 0xf0) << 12;
2065	–	}
2066	–
2067	–	q_in |= (in[i]   & 0x03) << 20;
2068	–	q_in |=  in[i]           << 22;
2069	–
2070	–	q_in &= 0x3f3f3f3f;
2071	–
2072	–	out[count++] = base64_chars[((q_in >> 24)       )];
2073	–	out[count++] = base64_chars[((q_in >> 16) & 0xff)];
2074	–	out[count++] = base64_chars[((q_in >>  8) & 0xff)];
2075	–	out[count++] = base64_chars[((q_in      ) & 0xff)];
2076	–	}
2077	–	if ( (i - len) > 0 )
2078	–	{
2079	–	out[count-1] = '=';
2080	–	if ( (i - len) > 1 )
2081	–	out[count-2] = '=';
2082	–	}
2083	–
2084	–	out[count] = '\0';
2085	–	*output = out;
2086	–	return (count);
2087	–	}
2088	–
2089	–	/*
2090	–	* unbase64_block will allocate and return a new block of memory
2091	–	* using MyMalloc().  It should be freed after use.
2092	–	*/
2093	–	int
2094	–	unbase64_block(unsigned char **output, char *data, int len)
2095	–	{
2096	–	unsigned char *out;
2097	–	unsigned char *in = (unsigned char*)data;
2098	–	unsigned long int q_in;
2099	–	int i;
2100	–	int count = 0;
2101	–
2102	–	if ((len % 4) != 0)
2103	–	return (0);
2104	–
2105	–	out = MyMalloc(((len / 4) * 3) + 1);
2106	–
2107	–	/* process 32 bits at a time */
2108	–	for( i = 0; (i + 3) < len; i+=4)
2109	–	{
2110	–	/* compress input (chars a, b, c and d) as follows:
2111	–	* (after converting ascii -> base64 value)
2112	–	*
2113	–	* |00000000aaaaaabbbbbbccccccdddddd|
2114	–	* |  765432  107654  321076  543210|
2115	–	*/
2116	–
2117	–	q_in = 0;
2118	–
2119	–	if (base64_values[in[i+3]] > -1)
2120	–	q_in |= base64_values[in[i+3]]      ;
2121	–	if (base64_values[in[i+2]] > -1)
2122	–	q_in |= base64_values[in[i+2]] <<  6;
2123	–	if (base64_values[in[i+1]] > -1)
2124	–	q_in |= base64_values[in[i+1]] << 12;
2125	–	if (base64_values[in[i  ]] > -1)
2126	–	q_in |= base64_values[in[i  ]] << 18;
2127	–
2128	–	out[count++] = (q_in >> 16) & 0xff;
2129	–	out[count++] = (q_in >>  8) & 0xff;
2130	–	out[count++] = (q_in      ) & 0xff;
2131	–	}
2132	–
2133	–	if (in[i-1] == '=') count--;
2134	–	if (in[i-2] == '=') count--;
2135	–
2136	–	out[count] = '\0';
2137	–	*output = out;
2138	–	return (count);
2139	–	}
2140	–
2141	–	#endif /* HAVE_LIBCRYPTO */
2142	–

Diff Legend

–	Removed lines
+	Added lines
<	Changed lines (old)
>	Changed lines (new)