ViewVC Help

View File | Revision Log | Show Annotations | View Changeset | Root Listing

root/svn/ircd-hybrid/trunk/src/server.c

Comparing ircd-hybrid/trunk/src/server.c (file contents):
Revision 4189 by michael, Mon Jul 7 18:30:34 2014 UTC vs.
Revision 7105 by michael, Sat Jan 23 20:11:27 2016 UTC

#	Line 1 | Line 1
1		/*
2		*  ircd-hybrid: an advanced, lightweight Internet Relay Chat Daemon (ircd)
3		*
4	<	*  Copyright (c) 1997-2014 ircd-hybrid development team
4	>	*  Copyright (c) 1997-2016 ircd-hybrid development team
5		*
6		*  This program is free software; you can redistribute it and/or modify
7		*  it under the terms of the GNU General Public License as published by
#	Line 15 | Line 15
15		*
16		*  You should have received a copy of the GNU General Public License
17		*  along with this program; if not, write to the Free Software
18	<	*  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307
18	>	*  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
19		*  USA
20		*/
21
#	Line 25 | Line 25
25		*/
26
27		#include "stdinc.h"
28	–	#ifdef HAVE_LIBCRYPTO
29	–	#include <openssl/rsa.h>
30	–	#include "rsa.h"
31	–	#endif
28		#include "list.h"
29		#include "client.h"
30		#include "event.h"
#	Line 48 | Line 44
44		#include "channel.h"
45		#include "parse.h"
46
51	–	#define MIN_CONN_FREQ 300
47
48		dlink_list flatten_links;
49	<	static dlink_list cap_list = { NULL, NULL, 0 };
50	<	static CNCB serv_connect_callback;
49	>	static dlink_list server_capabilities_list;
50	>	static void serv_connect_callback(fde_t *, int, void *);
51
52
53		/*
#	Line 64 | Line 59 | static CNCB serv_connect_callback;
59		*                but in no particular order.
60		*/
61		void
62	<	write_links_file(void *notused)
62	>	write_links_file(void *unused)
63		{
64		FILE *file = NULL;
65	<	dlink_node *ptr = NULL, *ptr_next = NULL;
65	>	dlink_node *node = NULL, *node_next = NULL;
66		char buff[IRCD_BUFSIZE] = "";
67
68	<	if ((file = fopen(LIPATH, "w")) == NULL)
68	>	if (EmptyString(ConfigServerHide.flatten_links_file))
69		return;
70
71	<	DLINK_FOREACH_SAFE(ptr, ptr_next, flatten_links.head)
71	>	if ((file = fopen(ConfigServerHide.flatten_links_file, "w")) == NULL)
72	>	{
73	>	ilog(LOG_TYPE_IRCD, "Couldn't open \"%s\": %s", ConfigServerHide.flatten_links_file,
74	>	strerror(errno));
75	>	return;
76	>	}
77	>
78	>	DLINK_FOREACH_SAFE(node, node_next, flatten_links.head)
79		{
80	<	dlinkDelete(ptr, &flatten_links);
81	<	MyFree(ptr->data);
82	<	free_dlink_node(ptr);
80	>	dlinkDelete(node, &flatten_links);
81	>	xfree(node->data);
82	>	free_dlink_node(node);
83		}
84
85	<	DLINK_FOREACH(ptr, global_serv_list.head)
85	>	DLINK_FOREACH(node, global_server_list.head)
86		{
87	<	const struct Client *target_p = ptr->data;
87	>	const struct Client *target_p = node->data;
88
89		/*
90		* Skip hidden servers, aswell as ourselves, since we already send
#	Line 119 | Line 121 | read_links_file(void)
121		char *p = NULL;
122		char buff[IRCD_BUFSIZE] = "";
123
124	<	if ((file = fopen(LIPATH, "r")) == NULL)
124	>	if (EmptyString(ConfigServerHide.flatten_links_file))
125		return;
126
127	+	if ((file = fopen(ConfigServerHide.flatten_links_file, "r")) == NULL)
128	+	{
129	+	ilog(LOG_TYPE_IRCD, "Couldn't open \"%s\": %s", ConfigServerHide.flatten_links_file,
130	+	strerror(errno));
131	+	return;
132	+	}
133	+
134		while (fgets(buff, sizeof(buff), file))
135		{
136		if ((p = strchr(buff, '\n')))
#	Line 157 | Line 166 | hunt_server(struct Client *source_p, con
166		const int server, const int parc, char *parv[])
167		{
168		struct Client *target_p = NULL;
169	<	struct Client *target_tmp = NULL;
161	<	dlink_node *ptr;
169	>	dlink_node *node = NULL;
170
171		/* Assume it's me, if no server */
172		if (parc <= server || EmptyString(parv[server]))
173		return HUNTED_ISME;
174
175	<	if (!strcmp(parv[server], me.id) || !match(parv[server], me.name))
176	<	return HUNTED_ISME;
175	>	if ((target_p = find_person(source_p, parv[server])) == NULL)
176	>	target_p = hash_find_server(parv[server]);
177
178	<	/* These are to pickup matches that would cause the following
178	>	/*
179	>	* These are to pickup matches that would cause the following
180		* message to go in the wrong direction while doing quick fast
181		* non-matching lookups.
182		*/
174	–	if (MyClient(source_p))
175	–	target_p = hash_find_client(parv[server]);
176	–	else
177	–	target_p = find_person(source_p, parv[server]);
178	–
183		if (target_p)
184		if (target_p->from == source_p->from && !MyConnect(target_p))
185		target_p = NULL;
186
187	<	if (target_p == NULL && (target_p = hash_find_server(parv[server])))
184	<	if (target_p->from == source_p->from && !MyConnect(target_p))
185	<	target_p = NULL;
186	<
187	<	/* Again, if there are no wild cards involved in the server
188	<	* name, use the hash lookup
189	<	*/
190	<	if (target_p == NULL)
187	>	if (!target_p && has_wildcards(parv[server]))
188		{
189	<	if (!has_wildcards(parv[server]))
189	>	DLINK_FOREACH(node, global_server_list.head)
190		{
191	<	if (!(target_p = hash_find_server(parv[server])))
191	>	struct Client *tmp = node->data;
192	>
193	>	assert(IsMe(tmp) || IsServer(tmp));
194	>	if (!match(parv[server], tmp->name))
195		{
196	<	sendto_one_numeric(source_p, &me, ERR_NOSUCHSERVER, parv[server]);
197	<	return HUNTED_NOSUCH;
196	>	if (tmp->from == source_p->from && !MyConnect(tmp))
197	>	continue;
198	>
199	>	target_p = node->data;
200	>	break;
201		}
202		}
203	<	else
203	>
204	>	if (!target_p)
205		{
206	<	DLINK_FOREACH(ptr, global_client_list.head)
206	>	DLINK_FOREACH(node, global_client_list.head)
207		{
208	<	target_tmp = ptr->data;
208	>	struct Client *tmp = node->data;
209
210	<	if (!match(parv[server], target_tmp->name))
210	>	assert(IsMe(tmp) || IsServer(tmp) || IsClient(tmp));
211	>	if (!match(parv[server], tmp->name))
212		{
213	<	if (target_tmp->from == source_p->from && !MyConnect(target_tmp))
213	>	if (tmp->from == source_p->from && !MyConnect(tmp))
214		continue;
210	–	target_p = ptr->data;
215
216	<	if (IsRegistered(target_p) && (target_p != source_p->from))
217	<	break;
216	>	target_p = node->data;
217	>	break;
218		}
219		}
220		}
#	Line 218 | Line 222 | hunt_server(struct Client *source_p, con
222
223		if (target_p)
224		{
225	<	if (!IsRegistered(target_p))
222	<	{
223	<	sendto_one_numeric(source_p, &me, ERR_NOSUCHSERVER, parv[server]);
224	<	return HUNTED_NOSUCH;
225	<	}
226	<
225	>	assert(IsMe(target_p) || IsServer(target_p) || IsClient(target_p));
226		if (IsMe(target_p) || MyClient(target_p))
227		return HUNTED_ISME;
228
229	<	if (match(target_p->name, parv[server]))
230	<	parv[server] = target_p->name;
232	<
233	<	/* This is a little kludgy but should work... */
234	<	sendto_one(target_p, command, ID_or_name(source_p, target_p),
229	>	parv[server] = target_p->id;
230	>	sendto_one(target_p, command, source_p->id,
231		parv[1], parv[2], parv[3], parv[4],
232		parv[5], parv[6], parv[7], parv[8]);
233		return HUNTED_PASS;
#	Line 254 | Line 250 | hunt_server(struct Client *source_p, con
250		void
251		try_connections(void *unused)
252		{
253	<	dlink_node *ptr = NULL;
258	<	int confrq = 0;
253	>	dlink_node *node = NULL;
254
260	–	/* TODO: change this to set active flag to 0 when added to event! --Habeeb */
255		if (GlobalSetOptions.autoconn == 0)
256		return;
257
258	<	DLINK_FOREACH(ptr, server_items.head)
258	>	DLINK_FOREACH(node, server_items.head)
259		{
260	<	struct MaskItem *conf = ptr->data;
260	>	struct MaskItem *conf = node->data;
261
262		assert(conf->type == CONF_SERVER);
263
264	<	/* Also when already connecting! (update holdtimes) --SRB
265	<	*/
272	<	if (!conf->port ||!IsConfAllowAutoConn(conf))
264	>	/* Also when already connecting! (update holdtimes) --SRB */
265	>	if (!conf->port || !IsConfAllowAutoConn(conf))
266		continue;
267
268	<
269	<	/* Skip this entry if the use of it is still on hold until
268	>	/*
269	>	* Skip this entry if the use of it is still on hold until
270		* future. Otherwise handle this entry (and set it on hold
271		* until next time). Will reset only hold times, if already
272		* made one successfull connection... [this algorithm is
#	Line 284 | Line 277 | try_connections(void *unused)
277
278		assert(conf->class);
279
280	<	confrq = conf->class->con_freq;
288	<	if (confrq < MIN_CONN_FREQ)
289	<	confrq = MIN_CONN_FREQ;
290	<
291	<	conf->until = CurrentTime + confrq;
280	>	conf->until = CurrentTime + conf->class->con_freq;
281
282		/*
283		* Found a CONNECT config with port specified, scan clients
#	Line 299 | Line 288 | try_connections(void *unused)
288
289		if (conf->class->ref_count < conf->class->max_total)
290		{
291	<	/* Go to the end of the list, if not already last */
292	<	if (ptr->next)
291	>	/* Move this entry to the end of the list, if not already last */
292	>	if (node->next)
293		{
294	<	dlinkDelete(ptr, &server_items);
294	>	dlinkDelete(node, &server_items);
295		dlinkAddTail(conf, &conf->node, &server_items);
296		}
297
#	Line 319 | Line 308 | try_connections(void *unused)
308		*   -- adrian
309		*/
310		if (ConfigServerHide.hide_server_ips)
311	<	sendto_realops_flags(UMODE_ALL, L_ALL, SEND_NOTICE,
311	>	sendto_realops_flags(UMODE_SERVNOTICE, L_ALL, SEND_NOTICE,
312		"Connection to %s activated.",
313		conf->name);
314		else
315	<	sendto_realops_flags(UMODE_ALL, L_ALL, SEND_NOTICE,
315	>	sendto_realops_flags(UMODE_SERVNOTICE, L_ALL, SEND_NOTICE,
316		"Connection to %s[%s] activated.",
317		conf->name, conf->host);
318
#	Line 355 | Line 344 | valid_servname(const char *name)
344		int
345		check_server(const char *name, struct Client *client_p)
346		{
347	<	dlink_node *ptr;
347	>	dlink_node *node = NULL;
348		struct MaskItem *conf        = NULL;
349		struct MaskItem *server_conf = NULL;
350		int error = -1;
351
352		assert(client_p);
353
354	<	/* loop through looking for all possible connect items that might work */
355	<	DLINK_FOREACH(ptr, server_items.head)
354	>	/* Loop through looking for all possible connect items that might work */
355	>	DLINK_FOREACH(node, server_items.head)
356		{
357	<	conf = ptr->data;
357	>	conf = node->data;
358
359		if (match(name, conf->name))
360		continue;
361
362		error = -3;
363
375	–	/* XXX: Fix me for IPv6                    */
376	–	/* XXX sockhost is the IPv4 ip as a string */
364		if (!match(conf->host, client_p->host) ||
365		!match(conf->host, client_p->sockhost))
366		{
367		error = -2;
368
369	<	if (!match_conf_password(client_p->localClient->passwd, conf))
369	>	if (!match_conf_password(client_p->connection->password, conf))
370		return -2;
371
372		if (!EmptyString(conf->certfp))
#	Line 395 | Line 382 | check_server(const char *name, struct Cl
382
383		attach_conf(client_p, server_conf);
384
385	<
399	<	if (server_conf)
385	>	switch (server_conf->aftype)
386		{
387	<	struct sockaddr_in *v4;
402	<	#ifdef IPV6
403	<	struct sockaddr_in6 *v6;
404	<	#endif
405	<	switch (server_conf->aftype)
387	>	case AF_INET6:
388		{
389	<	#ifdef IPV6
408	<	case AF_INET6:
409	<	v6 = (struct sockaddr_in6 *)&server_conf->addr;
389	>	const struct sockaddr_in6 *v6 = (struct sockaddr_in6 *)&server_conf->addr;
390
391	<	if (IN6_IS_ADDR_UNSPECIFIED(&v6->sin6_addr))
392	<	memcpy(&server_conf->addr, &client_p->localClient->ip, sizeof(struct irc_ssaddr));
393	<	break;
394	<	#endif
395	<	case AF_INET:
396	<	v4 = (struct sockaddr_in *)&server_conf->addr;
391	>	if (IN6_IS_ADDR_UNSPECIFIED(&v6->sin6_addr))
392	>	memcpy(&server_conf->addr, &client_p->connection->ip, sizeof(struct irc_ssaddr));
393	>	break;
394	>	}
395	>	case AF_INET:
396	>	{
397	>	const struct sockaddr_in *v4 = (struct sockaddr_in *)&server_conf->addr;
398
399	<	if (v4->sin_addr.s_addr == INADDR_NONE)
400	<	memcpy(&server_conf->addr, &client_p->localClient->ip, sizeof(struct irc_ssaddr));
401	<	break;
399	>	if (v4->sin_addr.s_addr == INADDR_NONE)
400	>	memcpy(&server_conf->addr, &client_p->connection->ip, sizeof(struct irc_ssaddr));
401	>	break;
402		}
403		}
404
#	Line 434 | Line 415 | check_server(const char *name, struct Cl
415		*                modules to dynamically add or subtract their capability.
416		*/
417		void
418	<	add_capability(const char *capab_name, int cap_flag, int add_to_default)
418	>	add_capability(const char *name, unsigned int flag)
419		{
420	<	struct Capability *cap = MyCalloc(sizeof(*cap));
420	>	struct Capability *cap = xcalloc(sizeof(*cap));
421
422	<	cap->name = xstrdup(capab_name);
423	<	cap->cap = cap_flag;
424	<	dlinkAdd(cap, &cap->node, &cap_list);
444	<
445	<	if (add_to_default)
446	<	default_server_capabs |= cap_flag;
422	>	cap->name = xstrdup(name);
423	>	cap->cap = flag;
424	>	dlinkAdd(cap, &cap->node, &server_capabilities_list);
425		}
426
427		/* delete_capability()
#	Line 452 | Line 430 | add_capability(const char *capab_name, i
430		* output       - NONE
431		* side effects - delete given capability from ones known.
432		*/
433	<	int
434	<	delete_capability(const char *capab_name)
433	>	void
434	>	delete_capability(const char *name)
435		{
436	<	dlink_node *ptr = NULL, *ptr_next = NULL;
436	>	dlink_node *node = NULL, *node_next = NULL;
437
438	<	DLINK_FOREACH_SAFE(ptr, ptr_next, cap_list.head)
438	>	DLINK_FOREACH_SAFE(node, node_next, server_capabilities_list.head)
439		{
440	<	struct Capability *cap = ptr->data;
440	>	struct Capability *cap = node->data;
441
442	<	if (cap->cap)
442	>	if (!irccmp(cap->name, name))
443		{
444	<	if (!irccmp(cap->name, capab_name))
445	<	{
446	<	default_server_capabs &= ~(cap->cap);
469	<	dlinkDelete(ptr, &cap_list);
470	<	MyFree(cap->name);
471	<	MyFree(cap);
472	<	}
444	>	dlinkDelete(node, &server_capabilities_list);
445	>	xfree(cap->name);
446	>	xfree(cap);
447		}
448		}
475	–
476	–	return 0;
449		}
450
451		/*
#	Line 484 | Line 456 | delete_capability(const char *capab_name
456		* side effects - none
457		*/
458		unsigned int
459	<	find_capability(const char *capab)
459	>	find_capability(const char *name)
460		{
461	<	const dlink_node *ptr = NULL;
461	>	const dlink_node *node = NULL;
462
463	<	DLINK_FOREACH(ptr, cap_list.head)
463	>	DLINK_FOREACH(node, server_capabilities_list.head)
464		{
465	<	const struct Capability *cap = ptr->data;
465	>	const struct Capability *cap = node->data;
466
467	<	if (cap->cap && !irccmp(cap->name, capab))
467	>	if (!irccmp(cap->name, name))
468		return cap->cap;
469		}
470
#	Line 508 | Line 480 | find_capability(const char *capab)
480		*
481		*/
482		void
483	<	send_capabilities(struct Client *client_p, int cap_can_send)
483	>	send_capabilities(struct Client *client_p)
484		{
485		char buf[IRCD_BUFSIZE] = "";
486	<	const dlink_node *ptr = NULL;
486	>	const dlink_node *node = NULL;
487
488	<	DLINK_FOREACH(ptr, cap_list.head)
488	>	DLINK_FOREACH(node, server_capabilities_list.head)
489		{
490	<	const struct Capability *cap = ptr->data;
490	>	const struct Capability *cap = node->data;
491
492	<	if (cap->cap & (cap_can_send|default_server_capabs))
493	<	{
494	<	strlcat(buf, cap->name, sizeof(buf));
495	<	if (ptr->next)
524	<	strlcat(buf, " ", sizeof(buf));
525	<	}
492	>	strlcat(buf, cap->name, sizeof(buf));
493	>
494	>	if (node->next)
495	>	strlcat(buf, " ", sizeof(buf));
496		}
497
498		sendto_one(client_p, "CAPAB :%s", buf);
#	Line 539 | Line 509 | const char *
509		show_capabilities(const struct Client *target_p)
510		{
511		static char msgbuf[IRCD_BUFSIZE] = "";
512	<	const dlink_node *ptr = NULL;
512	>	const dlink_node *node = NULL;
513
514		strlcpy(msgbuf, "TS", sizeof(msgbuf));
515
516	<	DLINK_FOREACH(ptr, cap_list.head)
516	>	DLINK_FOREACH(node, server_capabilities_list.head)
517		{
518	<	const struct Capability *cap = ptr->data;
518	>	const struct Capability *cap = node->data;
519
520		if (!IsCapable(target_p, cap->cap))
521		continue;
#	Line 568 | Line 538 | struct Server *
538		make_server(struct Client *client_p)
539		{
540		if (client_p->serv == NULL)
541	<	client_p->serv = MyCalloc(sizeof(struct Server));
541	>	client_p->serv = xcalloc(sizeof(struct Server));
542
543		return client_p->serv;
544		}
#	Line 606 | Line 576 | serv_connect(struct MaskItem *conf, stru
576		/* Make sure conf is useful */
577		assert(conf);
578
579	<	getnameinfo((struct sockaddr *)&conf->addr, conf->addr.ss_len,
579	>	getnameinfo((const struct sockaddr *)&conf->addr, conf->addr.ss_len,
580		buf, sizeof(buf), NULL, 0, NI_NUMERICHOST);
581		ilog(LOG_TYPE_IRCD, "Connect to %s[%s] @%s", conf->name, conf->host,
582		buf);
#	Line 614 | Line 584 | serv_connect(struct MaskItem *conf, stru
584		/* Still processing a DNS lookup? -> exit */
585		if (conf->dns_pending)
586		{
587	<	sendto_realops_flags(UMODE_ALL, L_ALL, SEND_NOTICE,
587	>	sendto_realops_flags(UMODE_SERVNOTICE, L_ALL, SEND_NOTICE,
588		"Error connecting to %s: DNS lookup for connect{} in progress.",
589		conf->name);
590		return 0;
#	Line 622 | Line 592 | serv_connect(struct MaskItem *conf, stru
592
593		if (conf->dns_failed)
594		{
595	<	sendto_realops_flags(UMODE_ALL, L_ALL, SEND_NOTICE,
595	>	sendto_realops_flags(UMODE_SERVNOTICE, L_ALL, SEND_NOTICE,
596		"Error connecting to %s: DNS lookup for connect{} failed.",
597		conf->name);
598		return 0;
599		}
600
601	<	/* Make sure this server isn't already connected
602	<	* Note: conf should ALWAYS be a valid C: line
601	>	/*
602	>	* Make sure this server isn't already connected.
603	>	* Note: conf should ALWAYS be a valid connect {} block
604		*/
605		if ((client_p = hash_find_server(conf->name)))
606		{
607	<	sendto_realops_flags(UMODE_ALL, L_ADMIN, SEND_NOTICE,
607	>	sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE,
608		"Server %s already present from %s",
609		conf->name, get_client_name(client_p, SHOW_IP));
610	<	sendto_realops_flags(UMODE_ALL, L_OPER, SEND_NOTICE,
610	>	sendto_realops_flags(UMODE_SERVNOTICE, L_OPER, SEND_NOTICE,
611		"Server %s already present from %s",
612		conf->name, get_client_name(client_p, MASK_IP));
613		if (by && IsClient(by) && !MyClient(by))
#	Line 655 | Line 626 | serv_connect(struct MaskItem *conf, stru
626		/* We already converted the ip once, so lets use it - stu */
627		strlcpy(client_p->sockhost, buf, sizeof(client_p->sockhost));
628
629	<	/* create a socket for the server connection */
630	<	if (comm_open(&client_p->localClient->fd, conf->addr.ss.ss_family, SOCK_STREAM, 0, NULL) < 0)
629	>	/* Create a socket for the server connection */
630	>	if (comm_open(&client_p->connection->fd, conf->addr.ss.ss_family, SOCK_STREAM, 0, NULL) < 0)
631		{
632		/* Eek, failure to create the socket */
633		report_error(L_ALL, "opening stream socket to %s: %s", conf->name, errno);
#	Line 666 | Line 637 | serv_connect(struct MaskItem *conf, stru
637		return 0;
638		}
639
640	<	/* servernames are always guaranteed under HOSTLEN chars */
641	<	fd_note(&client_p->localClient->fd, "Server: %s", conf->name);
640	>	/* Server names are always guaranteed under HOSTLEN chars */
641	>	fd_note(&client_p->connection->fd, "Server: %s", client_p->name);
642
643	<	/* Attach config entries to client here rather than in
644	<	* serv_connect_callback(). This to avoid null pointer references.
643	>	/*
644	>	* Attach config entries to client here rather than in serv_connect_callback().
645	>	* This to avoid null pointer references.
646		*/
647		if (!attach_connect_block(client_p, conf->name, conf->host))
648		{
649	<	sendto_realops_flags(UMODE_ALL, L_ALL, SEND_NOTICE,
650	<	"Host %s is not enabled for connecting: no connect{} block",
649	>	sendto_realops_flags(UMODE_SERVNOTICE, L_ALL, SEND_NOTICE,
650	>	"Host %s is not enabled for connecting: no connect {} block",
651		conf->name);
652		if (by && IsClient(by) && !MyClient(by))
653	<	sendto_one_notice(by, &me, ":Connect to host %s failed.", client_p->name);
653	>	sendto_one_notice(by, &me, ":Connect to host %s failed: no connect {} block", client_p->name);
654
655		SetDead(client_p);
656		exit_client(client_p, "Connection failed");
657		return 0;
658		}
659
660	<	/* at this point we have a connection in progress and C/N lines
661	<	* attached to the client, the socket info should be saved in the
662	<	* client and it should either be resolved or have a valid address.
660	>	/*
661	>	* At this point we have a connection in progress and a connect {} block
662	>	* attached to the client, the socket info should be saved in the client
663	>	* and it should either be resolved or have a valid address.
664		*
665		* The socket has been connected or connect is in progress.
666		*/
#	Line 699 | Line 672 | serv_connect(struct MaskItem *conf, stru
672		strlcpy(client_p->serv->by, "AutoConn.", sizeof(client_p->serv->by));
673
674		SetConnecting(client_p);
675	<	client_p->localClient->aftype = conf->aftype;
675	>	client_p->connection->aftype = conf->aftype;
676
677		/* Now, initiate the connection */
678		/* XXX assume that a non 0 type means a specific bind address
#	Line 716 | Line 689 | serv_connect(struct MaskItem *conf, stru
689		ipn.ss.ss_family = AF_INET;
690		ipn.ss_port = 0;
691		memcpy(&ipn, &conf->bind, sizeof(struct irc_ssaddr));
692	<	comm_connect_tcp(&client_p->localClient->fd, conf->host, conf->port,
692	>	comm_connect_tcp(&client_p->connection->fd, conf->host, conf->port,
693		(struct sockaddr *)&ipn, ipn.ss_len,
694		serv_connect_callback, client_p, conf->aftype,
695		CONNECTTIMEOUT);
696		}
697	<	else if (ServerInfo.specific_ipv4_vhost)
697	>	else if (ConfigServerInfo.specific_ipv4_vhost)
698		{
699		struct irc_ssaddr ipn;
700		memset(&ipn, 0, sizeof(struct irc_ssaddr));
701		ipn.ss.ss_family = AF_INET;
702		ipn.ss_port = 0;
703	<	memcpy(&ipn, &ServerInfo.ip, sizeof(struct irc_ssaddr));
704	<	comm_connect_tcp(&client_p->localClient->fd, conf->host, conf->port,
703	>	memcpy(&ipn, &ConfigServerInfo.ip, sizeof(struct irc_ssaddr));
704	>	comm_connect_tcp(&client_p->connection->fd, conf->host, conf->port,
705		(struct sockaddr *)&ipn, ipn.ss_len,
706		serv_connect_callback, client_p, conf->aftype,
707		CONNECTTIMEOUT);
708		}
709		else
710	<	comm_connect_tcp(&client_p->localClient->fd, conf->host, conf->port,
710	>	comm_connect_tcp(&client_p->connection->fd, conf->host, conf->port,
711		NULL, 0, serv_connect_callback, client_p, conf->aftype,
712		CONNECTTIMEOUT);
713		break;
741	–	#ifdef IPV6
714		case AF_INET6:
715		{
716		struct irc_ssaddr ipn;
#	Line 754 | Line 726 | serv_connect(struct MaskItem *conf, stru
726		memcpy(&ipn, &conf->bind, sizeof(struct irc_ssaddr));
727		ipn.ss.ss_family = AF_INET6;
728		ipn.ss_port = 0;
729	<	comm_connect_tcp(&client_p->localClient->fd,
729	>	comm_connect_tcp(&client_p->connection->fd,
730		conf->host, conf->port,
731		(struct sockaddr *)&ipn, ipn.ss_len,
732		serv_connect_callback, client_p,
733		conf->aftype, CONNECTTIMEOUT);
734		}
735	<	else if (ServerInfo.specific_ipv6_vhost)
735	>	else if (ConfigServerInfo.specific_ipv6_vhost)
736		{
737	<	memcpy(&ipn, &ServerInfo.ip6, sizeof(struct irc_ssaddr));
737	>	memcpy(&ipn, &ConfigServerInfo.ip6, sizeof(struct irc_ssaddr));
738		ipn.ss.ss_family = AF_INET6;
739		ipn.ss_port = 0;
740	<	comm_connect_tcp(&client_p->localClient->fd,
740	>	comm_connect_tcp(&client_p->connection->fd,
741		conf->host, conf->port,
742		(struct sockaddr *)&ipn, ipn.ss_len,
743		serv_connect_callback, client_p,
744		conf->aftype, CONNECTTIMEOUT);
745		}
746		else
747	<	comm_connect_tcp(&client_p->localClient->fd,
747	>	comm_connect_tcp(&client_p->connection->fd,
748		conf->host, conf->port,
749		NULL, 0, serv_connect_callback, client_p,
750		conf->aftype, CONNECTTIMEOUT);
751		}
780	–	#endif
752		}
753	+
754		return 1;
755		}
756
757	<	#ifdef HAVE_LIBCRYPTO
757	>	#ifdef HAVE_TLS
758		static void
759		finish_ssl_server_handshake(struct Client *client_p)
760		{
761		struct MaskItem *conf = NULL;
762
763	<	conf = find_conf_name(&client_p->localClient->confs,
763	>	conf = find_conf_name(&client_p->connection->confs,
764		client_p->name, CONF_SERVER);
765		if (conf == NULL)
766		{
767	<	sendto_realops_flags(UMODE_ALL, L_ADMIN, SEND_NOTICE,
768	<	"Lost connect{} block for %s", get_client_name(client_p, HIDE_IP));
769	<	sendto_realops_flags(UMODE_ALL, L_OPER, SEND_NOTICE,
767	>	sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE,
768	>	"Lost connect{} block for %s", get_client_name(client_p, SHOW_IP));
769	>	sendto_realops_flags(UMODE_SERVNOTICE, L_OPER, SEND_NOTICE,
770		"Lost connect{} block for %s", get_client_name(client_p, MASK_IP));
771
772		exit_client(client_p, "Lost connect{} block");
#	Line 803 | Line 775 | finish_ssl_server_handshake(struct Clien
775
776		sendto_one(client_p, "PASS %s TS %d %s", conf->spasswd, TS_CURRENT, me.id);
777
778	<	send_capabilities(client_p, 0);
778	>	send_capabilities(client_p);
779
780		sendto_one(client_p, "SERVER %s 1 :%s%s",
781		me.name, ConfigServerHide.hidden ? "(H) " : "",
782		me.info);
783
784	<	/* If we've been marked dead because a send failed, just exit
784	>	/*
785	>	* If we've been marked dead because a send failed, just exit
786		* here now and save everyone the trouble of us ever existing.
787		*/
788		if (IsDead(client_p))
789		{
790	<	sendto_realops_flags(UMODE_ALL, L_ADMIN, SEND_NOTICE,
791	<	"%s[%s] went dead during handshake",
792	<	client_p->name,
793	<	client_p->host);
794	<	sendto_realops_flags(UMODE_ALL, L_OPER, SEND_NOTICE,
822	<	"%s went dead during handshake", client_p->name);
823	<	return;
790	>	sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE,
791	>	"%s went dead during handshake", get_client_name(client_p, SHOW_IP));
792	>	sendto_realops_flags(UMODE_SERVNOTICE, L_OPER, SEND_NOTICE,
793	>	"%s went dead during handshake", get_client_name(client_p, MASK_IP));
794	>	return;
795		}
796
797		/* don't move to serv_list yet -- we haven't sent a burst! */
798		/* If we get here, we're ok, so lets start reading some data */
799	<	comm_setselect(&client_p->localClient->fd, COMM_SELECT_READ, read_packet, client_p, 0);
799	>	comm_setselect(&client_p->connection->fd, COMM_SELECT_READ, read_packet, client_p, 0);
800		}
801
802		static void
803	<	ssl_server_handshake(fde_t *fd, struct Client *client_p)
803	>	ssl_server_handshake(fde_t *fd, void *data)
804		{
805	<	X509 *cert = NULL;
806	<	int ret = 0;
805	>	struct Client *client_p = data;
806	>	int res = 0;
807	>	const char *sslerr = NULL;
808
809	<	if ((ret = SSL_connect(client_p->localClient->fd.ssl)) <= 0)
809	>	tls_handshake_status_t ret = tls_handshake(&client_p->connection->fd.ssl, TLS_ROLE_CLIENT, &sslerr);
810	>	if (ret != TLS_HANDSHAKE_DONE)
811		{
812	<	switch (SSL_get_error(client_p->localClient->fd.ssl, ret))
812	>	if ((CurrentTime - client_p->connection->firsttime) > CONNECTTIMEOUT)
813		{
814	<	case SSL_ERROR_WANT_WRITE:
815	<	comm_setselect(&client_p->localClient->fd, COMM_SELECT_WRITE,
816	<	(PF *)ssl_server_handshake, client_p, 0);
814	>	exit_client(client_p, "Timeout during TLS handshake");
815	>	return;
816	>	}
817	>
818	>	switch (ret)
819	>	{
820	>	case TLS_HANDSHAKE_WANT_WRITE:
821	>	comm_setselect(&client_p->connection->fd, COMM_SELECT_WRITE,
822	>	ssl_server_handshake, client_p, CONNECTTIMEOUT);
823		return;
824	<	case SSL_ERROR_WANT_READ:
825	<	comm_setselect(&client_p->localClient->fd, COMM_SELECT_READ,
826	<	(PF *)ssl_server_handshake, client_p, 0);
824	>	case TLS_HANDSHAKE_WANT_READ:
825	>	comm_setselect(&client_p->connection->fd, COMM_SELECT_READ,
826	>	ssl_server_handshake, client_p, CONNECTTIMEOUT);
827		return;
828		default:
829		{
830	<	const char *sslerr = ERR_error_string(ERR_get_error(), NULL);
852	<	sendto_realops_flags(UMODE_ALL, L_ALL, SEND_NOTICE,
830	>	sendto_realops_flags(UMODE_SERVNOTICE, L_ALL, SEND_NOTICE,
831		"Error connecting to %s: %s", client_p->name,
832	<	sslerr ? sslerr : "unknown SSL error");
833	<	exit_client(client_p, "Error during SSL handshake");
832	>	sslerr ? sslerr : "unknown TLS error");
833	>	exit_client(client_p, "Error during TLS handshake");
834		return;
835		}
836		}
837		}
838
839	<	if ((cert = SSL_get_peer_certificate(client_p->localClient->fd.ssl)))
862	<	{
863	<	int res = SSL_get_verify_result(client_p->localClient->fd.ssl);
864	<	char buf[EVP_MAX_MD_SIZE * 2 + 1] = "";
865	<	unsigned char md[EVP_MAX_MD_SIZE] = "";
866	<
867	<	if (res == X509_V_OK || res == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN ||
868	<	res == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE ||
869	<	res == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
870	<	{
871	<	unsigned int n = 0;
839	>	comm_settimeout(&client_p->connection->fd, 0, NULL, NULL);
840
841	<	if (X509_digest(cert, ServerInfo.message_digest_algorithm, md, &n))
842	<	{
843	<	binary_to_hex(md, buf, n);
876	<	client_p->certfp = xstrdup(buf);
877	<	}
878	<	}
879	<	else
880	<	ilog(LOG_TYPE_IRCD, "Server %s!%s@%s gave bad SSL client certificate: %d",
881	<	client_p->name, client_p->username, client_p->host, res);
882	<	X509_free(cert);
883	<	}
841	>	if (!tls_verify_cert(&client_p->connection->fd.ssl, ConfigServerInfo.message_digest_algorithm, &client_p->certfp, &res))
842	>	ilog(LOG_TYPE_IRCD, "Server %s!%s@%s gave bad TLS client certificate: %d",
843	>	client_p->name, client_p->username, client_p->host, res);
844
845		finish_ssl_server_handshake(client_p);
846		}
847
848		static void
849	<	ssl_connect_init(struct Client *client_p, struct MaskItem *conf, fde_t *fd)
849	>	ssl_connect_init(struct Client *client_p, const struct MaskItem *conf, fde_t *fd)
850		{
851	<	if ((client_p->localClient->fd.ssl = SSL_new(ServerInfo.client_ctx)) == NULL)
851	>	if (!tls_new(&client_p->connection->fd.ssl, fd->fd, TLS_ROLE_CLIENT))
852		{
893	–	ilog(LOG_TYPE_IRCD, "SSL_new() ERROR! -- %s",
894	–	ERR_error_string(ERR_get_error(), NULL));
853		SetDead(client_p);
854	<	exit_client(client_p, "SSL_new failed");
854	>	exit_client(client_p, "TLS context initialization failed");
855		return;
856		}
857
900	–	SSL_set_fd(fd->ssl, fd->fd);
901	–
858		if (!EmptyString(conf->cipher_list))
859	<	SSL_set_cipher_list(client_p->localClient->fd.ssl, conf->cipher_list);
859	>	tls_set_ciphers(&client_p->connection->fd.ssl, conf->cipher_list);
860
861		ssl_server_handshake(NULL, client_p);
862		}
#	Line 917 | Line 873 | ssl_connect_init(struct Client *client_p
873		static void
874		serv_connect_callback(fde_t *fd, int status, void *data)
875		{
876	<	struct Client *client_p = data;
877	<	struct MaskItem *conf = NULL;
876	>	struct Client *const client_p = data;
877	>	const struct MaskItem *conf = NULL;
878
879	<	/* First, make sure its a real client! */
879	>	/* First, make sure it's a real client! */
880		assert(client_p);
881	<	assert(&client_p->localClient->fd == fd);
881	>	assert(&client_p->connection->fd == fd);
882
883		/* Next, for backward purposes, record the ip of the server */
884	<	memcpy(&client_p->localClient->ip, &fd->connect.hostaddr,
884	>	memcpy(&client_p->connection->ip, &fd->connect.hostaddr,
885		sizeof(struct irc_ssaddr));
886
887		/* Check the status */
888		if (status != COMM_OK)
889		{
890	<	/* We have an error, so report it and quit
891	<	* Admins get to see any IP, mere opers don't *sigh*
890	>	/* We have an error, so report it and quit */
891	>	sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE,
892	>	"Error connecting to %s: %s",
893	>	get_client_name(client_p, SHOW_IP), comm_errstr(status));
894	>	sendto_realops_flags(UMODE_SERVNOTICE, L_OPER, SEND_NOTICE,
895	>	"Error connecting to %s: %s",
896	>	get_client_name(client_p, MASK_IP), comm_errstr(status));
897	>
898	>	/*
899	>	* If a fd goes bad, call dead_link() the socket is no
900	>	* longer valid for reading or writing.
901		*/
902	<	if (ConfigServerHide.hide_server_ips)
903	<	sendto_realops_flags(UMODE_ALL, L_ADMIN, SEND_NOTICE,
939	<	"Error connecting to %s: %s",
940	<	client_p->name, comm_errstr(status));
941	<	else
942	<	sendto_realops_flags(UMODE_ALL, L_ADMIN, SEND_NOTICE,
943	<	"Error connecting to %s[%s]: %s", client_p->name,
944	<	client_p->host, comm_errstr(status));
945	<
946	<	sendto_realops_flags(UMODE_ALL, L_OPER, SEND_NOTICE,
947	<	"Error connecting to %s: %s",
948	<	client_p->name, comm_errstr(status));
949	<
950	<	/* If a fd goes bad, call dead_link() the socket is no
951	<	* longer valid for reading or writing.
952	<	*/
953	<	dead_link_on_write(client_p, 0);
954	<	return;
902	>	dead_link_on_write(client_p, 0);
903	>	return;
904		}
905
906		/* COMM_OK, so continue the connection procedure */
907		/* Get the C/N lines */
908	<	conf = find_conf_name(&client_p->localClient->confs,
908	>	conf = find_conf_name(&client_p->connection->confs,
909		client_p->name, CONF_SERVER);
910		if (conf == NULL)
911		{
912	<	sendto_realops_flags(UMODE_ALL, L_ADMIN, SEND_NOTICE,
913	<	"Lost connect{} block for %s", get_client_name(client_p, HIDE_IP));
914	<	sendto_realops_flags(UMODE_ALL, L_OPER, SEND_NOTICE,
912	>	sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE,
913	>	"Lost connect{} block for %s", get_client_name(client_p, SHOW_IP));
914	>	sendto_realops_flags(UMODE_SERVNOTICE, L_OPER, SEND_NOTICE,
915		"Lost connect{} block for %s", get_client_name(client_p, MASK_IP));
916
917		exit_client(client_p, "Lost connect{} block");
#	Line 972 | Line 921 | serv_connect_callback(fde_t *fd, int sta
921		/* Next, send the initial handshake */
922		SetHandshake(client_p);
923
924	<	#ifdef HAVE_LIBCRYPTO
924	>	#ifdef HAVE_TLS
925		if (IsConfSSL(conf))
926		{
927		ssl_connect_init(client_p, conf, fd);
#	Line 982 | Line 931 | serv_connect_callback(fde_t *fd, int sta
931
932		sendto_one(client_p, "PASS %s TS %d %s", conf->spasswd, TS_CURRENT, me.id);
933
934	<	send_capabilities(client_p, 0);
934	>	send_capabilities(client_p);
935
936		sendto_one(client_p, "SERVER %s 1 :%s%s", me.name,
937		ConfigServerHide.hidden ? "(H) " : "", me.info);
938
939	<	/* If we've been marked dead because a send failed, just exit
939	>	/*
940	>	* If we've been marked dead because a send failed, just exit
941		* here now and save everyone the trouble of us ever existing.
942		*/
943		if (IsDead(client_p))
944		{
945	<	sendto_realops_flags(UMODE_ALL, L_ADMIN, SEND_NOTICE,
946	<	"%s[%s] went dead during handshake",
947	<	client_p->name,
948	<	client_p->host);
949	<	sendto_realops_flags(UMODE_ALL, L_OPER, SEND_NOTICE,
1000	<	"%s went dead during handshake", client_p->name);
1001	<	return;
945	>	sendto_realops_flags(UMODE_SERVNOTICE, L_ADMIN, SEND_NOTICE,
946	>	"%s went dead during handshake", get_client_name(client_p, SHOW_IP));
947	>	sendto_realops_flags(UMODE_SERVNOTICE, L_OPER, SEND_NOTICE,
948	>	"%s went dead during handshake", get_client_name(client_p, MASK_IP));
949	>	return;
950		}
951
952		/* don't move to serv_list yet -- we haven't sent a burst! */

Diff Legend

–	Removed lines
+	Added lines
<	Changed lines (old)
>	Changed lines (new)