]> jfr.im git - irc/rqf/shadowircd.git/blob - ssld/ssld.c
projects / irc / rqf / shadowircd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Removed __CYGWIN__ define - server has no ability to work on cygwin right now
[irc/rqf/shadowircd.git] / ssld / ssld.c
1 /*
2 * ssld.c: The ircd-ratbox ssl/zlib helper daemon thingy
3 * Copyright (C) 2007 Aaron Sethman <androsyn@ratbox.org>
4 * Copyright (C) 2007 ircd-ratbox development team
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
19 * USA
20 *
21 * $Id: ssld.c 25594 2008-06-25 14:58:47Z androsyn $
22 */
23
24
25 #include "stdinc.h"
26
27 #ifdef HAVE_LIBZ
28 #include <zlib.h>
29 #endif
30
31 #define MAXPASSFD 4
32 #ifndef READBUF_SIZE
33 #define READBUF_SIZE 16384
34 #endif
35
36 static void setup_signals(void);
37
38 static inline rb_int32_t buf_to_int32(char *buf)
39 {
40 rb_int32_t x;
41 memcpy(&x, buf, sizeof(x));
42 return x;
43 }
44
45 static inline void int32_to_buf(char *buf, rb_int32_t x)
46 {
47 memcpy(buf, &x, sizeof(x));
48 return;
49 }
50
51 static inline rb_uint16_t buf_to_uint16(char *buf)
52 {
53 rb_uint16_t x;
54 memcpy(&x, buf, sizeof(x));
55 return x;
56 }
57
58 static inline void uint16_to_buf(char *buf, rb_uint16_t x)
59 {
60 memcpy(buf, &x, sizeof(x));
61 return;
62 }
63
64
65 static char inbuf[READBUF_SIZE];
66 #ifdef HAVE_LIBZ
67 static char outbuf[READBUF_SIZE];
68 #endif
69
70 typedef struct _mod_ctl_buf
71 {
72 rb_dlink_node node;
73 char *buf;
74 size_t buflen;
75 rb_fde_t *F[MAXPASSFD];
76 int nfds;
77 } mod_ctl_buf_t;
78
79 typedef struct _mod_ctl
80 {
81 rb_dlink_node node;
82 int cli_count;
83 rb_fde_t *F;
84 rb_fde_t *F_pipe;
85 rb_dlink_list readq;
86 rb_dlink_list writeq;
87 } mod_ctl_t;
88
89 static mod_ctl_t *mod_ctl;
90
91
92 #ifdef HAVE_LIBZ
93 typedef struct _zlib_stream
94 {
95 z_stream instream;
96 z_stream outstream;
97 } zlib_stream_t;
98 #endif
99
100 typedef struct _conn
101 {
102 rb_dlink_node node;
103 mod_ctl_t *ctl;
104 rawbuf_head_t *modbuf_out;
105 rawbuf_head_t *plainbuf_out;
106
107 rb_int32_t id;
108
109 rb_fde_t *mod_fd;
110 rb_fde_t *plain_fd;
111 unsigned long long mod_out;
112 unsigned long long mod_in;
113 unsigned long long plain_in;
114 unsigned long long plain_out;
115 rb_uint8_t flags;
116 void *stream;
117 } conn_t;
118
119 #define FLAG_SSL 0x01
120 #define FLAG_ZIP 0x02
121 #define FLAG_CORK 0x04
122 #define FLAG_DEAD 0x08
123 #define FLAG_SSL_W_WANTS_R 0x10 /* output needs to wait until input possible */
124 #define FLAG_SSL_R_WANTS_W 0x20 /* input needs to wait until output possible */
125
126 #define IsSSL(x) ((x)->flags & FLAG_SSL)
127 #define IsZip(x) ((x)->flags & FLAG_ZIP)
128 #define IsCork(x) ((x)->flags & FLAG_CORK)
129 #define IsDead(x) ((x)->flags & FLAG_DEAD)
130 #define IsSSLWWantsR(x) ((x)->flags & FLAG_SSL_W_WANTS_R)
131 #define IsSSLRWantsW(x) ((x)->flags & FLAG_SSL_R_WANTS_W)
132
133 #define SetSSL(x) ((x)->flags |= FLAG_SSL)
134 #define SetZip(x) ((x)->flags |= FLAG_ZIP)
135 #define SetCork(x) ((x)->flags |= FLAG_CORK)
136 #define SetDead(x) ((x)->flags |= FLAG_DEAD)
137 #define SetSSLWWantsR(x) ((x)->flags |= FLAG_SSL_W_WANTS_R)
138 #define SetSSLRWantsW(x) ((x)->flags |= FLAG_SSL_R_WANTS_W)
139
140 #define ClearSSL(x) ((x)->flags &= ~FLAG_SSL)
141 #define ClearZip(x) ((x)->flags &= ~FLAG_ZIP)
142 #define ClearCork(x) ((x)->flags &= ~FLAG_CORK)
143 #define ClearDead(x) ((x)->flags &= ~FLAG_DEAD)
144 #define ClearSSLWWantsR(x) ((x)->flags &= ~FLAG_SSL_W_WANTS_R)
145 #define ClearSSLRWantsW(x) ((x)->flags &= ~FLAG_SSL_R_WANTS_W)
146
147 #define NO_WAIT 0x0
148 #define WAIT_PLAIN 0x1
149
150 #define HASH_WALK_SAFE(i, max, ptr, next, table) for(i = 0; i < max; i++) { RB_DLINK_FOREACH_SAFE(ptr, next, table[i].head)
151 #define HASH_WALK_END }
152 #define CONN_HASH_SIZE 2000
153 #define connid_hash(x) (&connid_hash_table[(x % CONN_HASH_SIZE)])
154
155
156
157 static rb_dlink_list connid_hash_table[CONN_HASH_SIZE];
158 static rb_dlink_list dead_list;
159
160 static void conn_mod_read_cb(rb_fde_t * fd, void *data);
161 static void conn_mod_write_sendq(rb_fde_t *, void *data);
162 static void conn_plain_write_sendq(rb_fde_t *, void *data);
163 static void mod_write_ctl(rb_fde_t *, void *data);
164 static void conn_plain_read_cb(rb_fde_t * fd, void *data);
165 static void mod_cmd_write_queue(mod_ctl_t *ctl, const void *data, size_t len);
166 static const char *remote_closed = "Remote host closed the connection";
167 static int ssl_ok;
168 #ifdef HAVE_LIBZ
169 static int zlib_ok = 1;
170 #else
171 static int zlib_ok = 0;
172 #endif
173
174
175 #ifdef HAVE_LIBZ
176 static void *
177 ssld_alloc(void *unused, size_t count, size_t size)
178 {
179 return rb_malloc(count * size);
180 }
181
182 static void
183 ssld_free(void *unused, void *ptr)
184 {
185 rb_free(ptr);
186 }
187 #endif
188
189 static conn_t *
190 conn_find_by_id(rb_int32_t id)
191 {
192 rb_dlink_node *ptr;
193 conn_t *conn;
194
195 RB_DLINK_FOREACH(ptr, (connid_hash(id))->head)
196 {
197 conn = ptr->data;
198 if(conn->id == id && !IsDead(conn))
199 return conn;
200 }
201 return NULL;
202 }
203
204 static void
205 conn_add_id_hash(conn_t * conn, rb_int32_t id)
206 {
207 conn->id = id;
208 rb_dlinkAdd(conn, &conn->node, connid_hash(id));
209 }
210
211 static void
212 free_conn(conn_t * conn)
213 {
214 rb_free_rawbuffer(conn->modbuf_out);
215 rb_free_rawbuffer(conn->plainbuf_out);
216 #ifdef HAVE_LIBZ
217 if(IsZip(conn))
218 {
219 zlib_stream_t *stream = conn->stream;
220 inflateEnd(&stream->instream);
221 deflateEnd(&stream->outstream);
222 }
223 #endif
224 rb_free(conn);
225 }
226
227 static void
228 clean_dead_conns(void *unused)
229 {
230 conn_t *conn;
231 rb_dlink_node *ptr, *next;
232 RB_DLINK_FOREACH_SAFE(ptr, next, dead_list.head)
233 {
234 conn = ptr->data;
235 free_conn(conn);
236 }
237 dead_list.tail = dead_list.head = NULL;
238 }
239
240
241 static void
242 close_conn(conn_t * conn, int wait_plain, const char *fmt, ...)
243 {
244 va_list ap;
245 char reason[128]; /* must always be under 250 bytes */
246 char buf[256];
247 int len;
248 if(IsDead(conn))
249 return;
250
251 rb_rawbuf_flush(conn->modbuf_out, conn->mod_fd);
252 rb_rawbuf_flush(conn->plainbuf_out, conn->plain_fd);
253 rb_close(conn->mod_fd);
254 SetDead(conn);
255
256 if(!wait_plain || fmt == NULL)
257 {
258 rb_close(conn->plain_fd);
259
260 if(conn->id >= 0)
261 rb_dlinkDelete(&conn->node, connid_hash(conn->id));
262 rb_dlinkAdd(conn, &conn->node, &dead_list);
263 return;
264 }
265 rb_setselect(conn->plain_fd, RB_SELECT_WRITE|RB_SELECT_READ, NULL, NULL);
266 va_start(ap, fmt);
267 rb_vsnprintf(reason, sizeof(reason), fmt, ap);
268 va_end(ap);
269
270 buf[0] = 'D';
271 int32_to_buf(&buf[1], conn->id);
272 strcpy(&buf[5], reason);
273 len = (strlen(reason) + 1) + 5;
274 mod_cmd_write_queue(conn->ctl, buf, len);
275 }
276
277 static conn_t *
278 make_conn(mod_ctl_t *ctl, rb_fde_t * mod_fd, rb_fde_t * plain_fd)
279 {
280 conn_t *conn = rb_malloc(sizeof(conn_t));
281 conn->ctl = ctl;
282 conn->modbuf_out = rb_new_rawbuffer();
283 conn->plainbuf_out = rb_new_rawbuffer();
284 conn->mod_fd = mod_fd;
285 conn->plain_fd = plain_fd;
286 conn->id = -1;
287 conn->stream = NULL;
288 rb_set_nb(mod_fd);
289 rb_set_nb(plain_fd);
290 return conn;
291 }
292
293 static void
294 check_handshake_flood(void *unused)
295 {
296 conn_t *conn;
297 rb_dlink_node *ptr, *next;
298 unsigned int count;
299 int i;
300 HASH_WALK_SAFE(i, CONN_HASH_SIZE, ptr, next, connid_hash_table)
301 {
302 conn = ptr->data;
303 if(!IsSSL(conn))
304 continue;
305
306 count = rb_ssl_handshake_count(conn->mod_fd);
307 /* nothing needs to do this more than twice in ten seconds i don't think */
308 if(count > 2)
309 close_conn(conn, WAIT_PLAIN, "Handshake flooding");
310 else
311 rb_ssl_clear_handshake_count(conn->mod_fd);
312 }
313 HASH_WALK_END
314
315 }
316
317 static void
318 conn_mod_write_sendq(rb_fde_t * fd, void *data)
319 {
320 conn_t *conn = data;
321 const char *err;
322 int retlen;
323 if(IsDead(conn))
324 return;
325
326 if(IsSSLWWantsR(conn))
327 {
328 ClearSSLWWantsR(conn);
329 conn_mod_read_cb(conn->mod_fd, conn);
330 if(IsDead(conn))
331 return;
332 }
333
334 while ((retlen = rb_rawbuf_flush(conn->modbuf_out, fd)) > 0)
335 conn->mod_out += retlen;
336
337 if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno)))
338 {
339 if(retlen == 0)
340 close_conn(conn, WAIT_PLAIN, "%s", remote_closed);
341 if(IsSSL(conn) && retlen == RB_RW_SSL_ERROR)
342 err = rb_get_ssl_strerror(conn->mod_fd);
343 else
344 err = strerror(errno);
345 close_conn(conn, WAIT_PLAIN, "Write error: %s", err);
346 return;
347 }
348 if(rb_rawbuf_length(conn->modbuf_out) > 0)
349 {
350 if(retlen != RB_RW_SSL_NEED_READ)
351 rb_setselect(conn->mod_fd, RB_SELECT_WRITE, conn_mod_write_sendq, conn);
352 else
353 {
354 rb_setselect(conn->mod_fd, RB_SELECT_READ, conn_mod_write_sendq, conn);
355 rb_setselect(conn->mod_fd, RB_SELECT_WRITE, NULL, NULL);
356 SetSSLWWantsR(conn);
357 }
358 }
359 else
360 rb_setselect(conn->mod_fd, RB_SELECT_WRITE, NULL, NULL);
361
362 if(IsCork(conn) && rb_rawbuf_length(conn->modbuf_out) == 0)
363 {
364 ClearCork(conn);
365 conn_plain_read_cb(conn->plain_fd, conn);
366 }
367
368 }
369
370 static void
371 conn_mod_write(conn_t * conn, void *data, size_t len)
372 {
373 if(IsDead(conn)) /* no point in queueing to a dead man */
374 return;
375 rb_rawbuf_append(conn->modbuf_out, data, len);
376 }
377
378 static void
379 conn_plain_write(conn_t * conn, void *data, size_t len)
380 {
381 if(IsDead(conn)) /* again no point in queueing to dead men */
382 return;
383 rb_rawbuf_append(conn->plainbuf_out, data, len);
384 }
385
386 static void
387 mod_cmd_write_queue(mod_ctl_t * ctl, const void *data, size_t len)
388 {
389 mod_ctl_buf_t *ctl_buf;
390 ctl_buf = rb_malloc(sizeof(mod_ctl_buf_t));
391 ctl_buf->buf = rb_malloc(len);
392 ctl_buf->buflen = len;
393 memcpy(ctl_buf->buf, data, len);
394 ctl_buf->nfds = 0;
395 rb_dlinkAddTail(ctl_buf, &ctl_buf->node, &ctl->writeq);
396 mod_write_ctl(ctl->F, ctl);
397 }
398
399 #ifdef HAVE_LIBZ
400 static void
401 common_zlib_deflate(conn_t * conn, void *buf, size_t len)
402 {
403 int ret, have;
404 z_stream *outstream = &((zlib_stream_t *)conn->stream)->outstream;
405 outstream->next_in = buf;
406 outstream->avail_in = len;
407 outstream->next_out = (Bytef *) outbuf;
408 outstream->avail_out = sizeof(outbuf);
409
410 ret = deflate(outstream, Z_SYNC_FLUSH);
411 if(ret != Z_OK)
412 {
413 /* deflate error */
414 close_conn(conn, WAIT_PLAIN, "Deflate failed: %s", zError(ret));
415 return;
416 }
417 if(outstream->avail_out == 0)
418 {
419 /* avail_out empty */
420 close_conn(conn, WAIT_PLAIN, "error compressing data, avail_out == 0");
421 return;
422 }
423 if(outstream->avail_in != 0)
424 {
425 /* avail_in isn't empty...*/
426 close_conn(conn, WAIT_PLAIN, "error compressing data, avail_in != 0");
427 return;
428 }
429 have = sizeof(outbuf) - outstream->avail_out;
430 conn_mod_write(conn, outbuf, have);
431 }
432
433 static void
434 common_zlib_inflate(conn_t * conn, void *buf, size_t len)
435 {
436 int ret, have;
437 ((zlib_stream_t *)conn->stream)->instream.next_in = buf;
438 ((zlib_stream_t *)conn->stream)->instream.avail_in = len;
439 ((zlib_stream_t *)conn->stream)->instream.next_out = (Bytef *) outbuf;
440 ((zlib_stream_t *)conn->stream)->instream.avail_out = sizeof(outbuf);
441
442 while (((zlib_stream_t *)conn->stream)->instream.avail_in)
443 {
444 ret = inflate(&((zlib_stream_t *)conn->stream)->instream, Z_NO_FLUSH);
445 if(ret != Z_OK)
446 {
447 if(!strncmp("ERROR ", buf, 6))
448 {
449 close_conn(conn, WAIT_PLAIN, "Received uncompressed ERROR");
450 return;
451 }
452 close_conn(conn, WAIT_PLAIN, "Inflate failed: %s", zError(ret));
453 return;
454 }
455 have = sizeof(outbuf) - ((zlib_stream_t *)conn->stream)->instream.avail_out;
456
457 if(((zlib_stream_t *)conn->stream)->instream.avail_in)
458 {
459 conn_plain_write(conn, outbuf, have);
460 have = 0;
461 ((zlib_stream_t *)conn->stream)->instream.next_out = (Bytef *) outbuf;
462 ((zlib_stream_t *)conn->stream)->instream.avail_out = sizeof(outbuf);
463 }
464 }
465 if(have == 0)
466 return;
467
468 conn_plain_write(conn, outbuf, have);
469 }
470 #endif
471
472 static int
473 plain_check_cork(conn_t * conn)
474 {
475 if(rb_rawbuf_length(conn->modbuf_out) >= 4096)
476 {
477 /* if we have over 4k pending outbound, don't read until
478 * we've cleared the queue */
479 SetCork(conn);
480 rb_setselect(conn->plain_fd, RB_SELECT_READ, NULL, NULL);
481 /* try to write */
482 conn_mod_write_sendq(conn->mod_fd, conn);
483 return 1;
484 }
485 return 0;
486 }
487
488
489 static void
490 conn_plain_read_cb(rb_fde_t * fd, void *data)
491 {
492 conn_t *conn = data;
493 int length = 0;
494 if(conn == NULL)
495 return;
496
497 if(IsDead(conn))
498 return;
499
500 if(plain_check_cork(conn))
501 return;
502
503 while (1)
504 {
505 if(IsDead(conn))
506 return;
507
508 length = rb_read(conn->plain_fd, inbuf, sizeof(inbuf));
509
510 if(length == 0 || (length < 0 && !rb_ignore_errno(errno)))
511 {
512 close_conn(conn, NO_WAIT, NULL);
513 return;
514 }
515
516 if(length < 0)
517 {
518 rb_setselect(conn->plain_fd, RB_SELECT_READ, conn_plain_read_cb, conn);
519 conn_mod_write_sendq(conn->mod_fd, conn);
520 return;
521 }
522 conn->plain_in += length;
523
524 #ifdef HAVE_LIBZ
525 if(IsZip(conn))
526 common_zlib_deflate(conn, inbuf, length);
527 else
528 #endif
529 conn_mod_write(conn, inbuf, length);
530 if(IsDead(conn))
531 return;
532 if(plain_check_cork(conn))
533 return;
534 }
535 }
536
537 static void
538 conn_mod_read_cb(rb_fde_t * fd, void *data)
539 {
540 conn_t *conn = data;
541 const char *err = remote_closed;
542 int length;
543 if(conn == NULL)
544 return;
545 if(IsDead(conn))
546 return;
547
548 if(IsSSLRWantsW(conn))
549 {
550 ClearSSLRWantsW(conn);
551 conn_mod_write_sendq(conn->mod_fd, conn);
552 if(IsDead(conn))
553 return;
554 }
555
556 while (1)
557 {
558 if(IsDead(conn))
559 return;
560
561 length = rb_read(conn->mod_fd, inbuf, sizeof(inbuf));
562
563 if(length == 0 || (length < 0 && !rb_ignore_errno(errno)))
564 {
565 if(length == 0) {
566 close_conn(conn, WAIT_PLAIN, "%s", remote_closed);
567 return;
568 }
569
570 if(IsSSL(conn) && length == RB_RW_SSL_ERROR)
571 err = rb_get_ssl_strerror(conn->mod_fd);
572 else
573 err = strerror(errno);
574 close_conn(conn, WAIT_PLAIN, "Read error: %s", err);
575 return;
576 }
577 if(length < 0)
578 {
579 if(length != RB_RW_SSL_NEED_WRITE)
580 rb_setselect(conn->mod_fd, RB_SELECT_READ, conn_mod_read_cb, conn);
581 else
582 {
583 rb_setselect(conn->mod_fd, RB_SELECT_READ, NULL, NULL);
584 rb_setselect(conn->mod_fd, RB_SELECT_WRITE, conn_mod_read_cb, conn);
585 SetSSLRWantsW(conn);
586 }
587 conn_plain_write_sendq(conn->plain_fd, conn);
588 return;
589 }
590 conn->mod_in += length;
591 #ifdef HAVE_LIBZ
592 if(IsZip(conn))
593 common_zlib_inflate(conn, inbuf, length);
594 else
595 #endif
596 conn_plain_write(conn, inbuf, length);
597 }
598 }
599
600 static void
601 conn_plain_write_sendq(rb_fde_t * fd, void *data)
602 {
603 conn_t *conn = data;
604 int retlen;
605
606 if(IsDead(conn))
607 return;
608
609 while ((retlen = rb_rawbuf_flush(conn->plainbuf_out, fd)) > 0)
610 {
611 conn->plain_out += retlen;
612 }
613 if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno)))
614 {
615 close_conn(data, NO_WAIT, NULL);
616 return;
617 }
618
619
620 if(rb_rawbuf_length(conn->plainbuf_out) > 0)
621 rb_setselect(conn->plain_fd, RB_SELECT_WRITE, conn_plain_write_sendq, conn);
622 else
623 rb_setselect(conn->plain_fd, RB_SELECT_WRITE, NULL, NULL);
624 }
625
626 static int
627 maxconn(void)
628 {
629 #if defined(RLIMIT_NOFILE) && defined(HAVE_SYS_RESOURCE_H)
630 struct rlimit limit;
631
632 if(!getrlimit(RLIMIT_NOFILE, &limit))
633 {
634 return limit.rlim_cur;
635 }
636 #endif /* RLIMIT_FD_MAX */
637 return MAXCONNECTIONS;
638 }
639
640 static void
641 ssl_process_accept_cb(rb_fde_t * F, int status, struct sockaddr *addr, rb_socklen_t len, void *data)
642 {
643 conn_t *conn = data;
644 if(status == RB_OK)
645 {
646 conn_mod_read_cb(conn->mod_fd, conn);
647 conn_plain_read_cb(conn->plain_fd, conn);
648 return;
649 }
650 close_conn(conn, NO_WAIT, 0);
651 return;
652 }
653
654 static void
655 ssl_process_connect_cb(rb_fde_t * F, int status, void *data)
656 {
657 conn_t *conn = data;
658 if(status == RB_OK)
659 {
660 conn_mod_read_cb(conn->mod_fd, conn);
661 conn_plain_read_cb(conn->plain_fd, conn);
662 return;
663 }
664 close_conn(conn, NO_WAIT, 0);
665 return;
666 }
667
668
669 static void
670 ssl_process_accept(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
671 {
672 conn_t *conn;
673 rb_int32_t id;
674
675 conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]);
676
677 id = buf_to_int32(&ctlb->buf[1]);
678
679 if(id >= 0)
680 conn_add_id_hash(conn, id);
681 SetSSL(conn);
682
683 if(rb_get_type(conn->mod_fd) & RB_FD_UNKNOWN)
684 {
685
686 rb_set_type(conn->mod_fd, RB_FD_SOCKET);
687 }
688 if(rb_get_type(conn->mod_fd) == RB_FD_UNKNOWN)
689 rb_set_type(conn->plain_fd, RB_FD_SOCKET);
690
691 rb_ssl_start_accepted(ctlb->F[0], ssl_process_accept_cb, conn, 10);
692 }
693
694 static void
695 ssl_process_connect(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
696 {
697 conn_t *conn;
698 rb_int32_t id;
699 conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]);
700
701 id = buf_to_int32(&ctlb->buf[1]);
702
703 if(id >= 0)
704 conn_add_id_hash(conn, id);
705 SetSSL(conn);
706
707 if(rb_get_type(conn->mod_fd) == RB_FD_UNKNOWN)
708 rb_set_type(conn->mod_fd, RB_FD_SOCKET);
709
710 if(rb_get_type(conn->mod_fd) == RB_FD_UNKNOWN)
711 rb_set_type(conn->plain_fd, RB_FD_SOCKET);
712
713
714 rb_ssl_start_connected(ctlb->F[0], ssl_process_connect_cb, conn, 10);
715 }
716
717 static void
718 process_stats(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
719 {
720 char outstat[512];
721 conn_t *conn;
722 const char *odata;
723 rb_int32_t id;
724
725 id = buf_to_int32(&ctlb->buf[1]);
726
727 if(id < 0)
728 return;
729
730 odata = &ctlb->buf[5];
731 conn = conn_find_by_id(id);
732
733 if(conn == NULL)
734 return;
735
736 rb_snprintf(outstat, sizeof(outstat), "S %s %llu %llu %llu %llu", odata,
737 conn->plain_out, conn->mod_in, conn->plain_in, conn->mod_out);
738 conn->plain_out = 0;
739 conn->plain_in = 0;
740 conn->mod_in = 0;
741 conn->mod_out = 0;
742 mod_cmd_write_queue(ctl, outstat, strlen(outstat) + 1); /* +1 is so we send the \0 as well */
743 }
744
745 #ifdef HAVE_LIBZ
746 static void
747 zlib_send_zip_ready(mod_ctl_t *ctl, conn_t *conn)
748 {
749 char buf[5];
750
751 buf[0] = 'R';
752 int32_to_buf(&buf[1], conn->id);
753 mod_cmd_write_queue(conn->ctl, buf, sizeof(buf));
754 }
755
756 static void
757 zlib_process(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
758 {
759 rb_uint8_t level;
760 size_t recvqlen;
761 size_t hdr = (sizeof(rb_uint8_t) * 2) + sizeof(rb_int32_t);
762 void *recvq_start;
763 z_stream *instream, *outstream;
764 conn_t *conn;
765 rb_int32_t id;
766
767 conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]);
768 if(rb_get_type(conn->mod_fd) == RB_FD_UNKNOWN)
769 rb_set_type(conn->mod_fd, RB_FD_SOCKET);
770
771 if(rb_get_type(conn->plain_fd) == RB_FD_UNKNOWN)
772 rb_set_type(conn->plain_fd, RB_FD_SOCKET);
773
774 id = buf_to_int32(&ctlb->buf[1]);
775 conn_add_id_hash(conn, id);
776
777 level = (rb_uint8_t) ctlb->buf[5];
778
779 recvqlen = ctlb->buflen - hdr;
780 recvq_start = &ctlb->buf[6];
781
782 SetZip(conn);
783 conn->stream = rb_malloc(sizeof(zlib_stream_t));
784 instream = &((zlib_stream_t *)conn->stream)->instream;
785 outstream = &((zlib_stream_t *)conn->stream)->outstream;
786
787 instream->total_in = 0;
788 instream->total_out = 0;
789 instream->zalloc = (alloc_func) ssld_alloc;
790 instream->zfree = (free_func) ssld_free;
791 instream->data_type = Z_ASCII;
792 inflateInit(&((zlib_stream_t *)conn->stream)->instream);
793
794 outstream->total_in = 0;
795 outstream->total_out = 0;
796 outstream->zalloc = (alloc_func) ssld_alloc;
797 outstream->zfree = (free_func) ssld_free;
798 outstream->data_type = Z_ASCII;
799
800 if(level > 9)
801 level = Z_DEFAULT_COMPRESSION;
802
803 deflateInit(&((zlib_stream_t *)conn->stream)->outstream, level);
804 if(recvqlen > 0)
805 common_zlib_inflate(conn, recvq_start, recvqlen);
806 zlib_send_zip_ready(ctl, conn);
807 conn_mod_read_cb(conn->mod_fd, conn);
808 conn_plain_read_cb(conn->plain_fd, conn);
809 return;
810
811 }
812 #endif
813
814 static void
815 init_prng(mod_ctl_t * ctl, mod_ctl_buf_t * ctl_buf)
816 {
817 char *path;
818 prng_seed_t seed_type;
819
820 seed_type = (prng_seed_t)ctl_buf->buf[1];
821 path = &ctl_buf->buf[2];
822 rb_init_prng(path, seed_type);
823 }
824
825
826 static void
827 ssl_new_keys(mod_ctl_t * ctl, mod_ctl_buf_t * ctl_buf)
828 {
829 char *buf;
830 char *cert, *key, *dhparam;
831
832 buf = &ctl_buf->buf[2];
833 cert = buf;
834 buf += strlen(cert) + 1;
835 key = buf;
836 buf += strlen(key) + 1;
837 dhparam = buf;
838 if(strlen(dhparam) == 0)
839 dhparam = NULL;
840
841 if(!rb_setup_ssl_server(cert, key, dhparam))
842 {
843 const char *invalid = "I";
844 mod_cmd_write_queue(ctl, invalid, strlen(invalid));
845 return;
846 }
847 }
848
849 static void
850 send_nossl_support(mod_ctl_t *ctl, mod_ctl_buf_t *ctlb)
851 {
852 static const char *nossl_cmd = "N";
853 conn_t *conn;
854 rb_int32_t id;
855
856 if(ctlb != NULL)
857 {
858 conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]);
859 id = buf_to_int32(&ctlb->buf[1]);
860
861 if(id >= 0)
862 conn_add_id_hash(conn, id);
863 close_conn(conn, WAIT_PLAIN, "libratbox reports no SSL/TLS support");
864 }
865 mod_cmd_write_queue(ctl, nossl_cmd, strlen(nossl_cmd));
866 }
867
868 static void
869 send_i_am_useless(mod_ctl_t *ctl)
870 {
871 static const char *useless = "U";
872 mod_cmd_write_queue(ctl, useless, strlen(useless));
873 }
874
875 static void
876 send_nozlib_support(mod_ctl_t *ctl, mod_ctl_buf_t *ctlb)
877 {
878 static const char *nozlib_cmd = "z";
879 conn_t *conn;
880 rb_int32_t id;
881 if(ctlb != NULL)
882 {
883 conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]);
884 id = buf_to_int32(&ctlb->buf[1]);
885
886 if(id >= 0)
887 conn_add_id_hash(conn, id);
888 close_conn(conn, WAIT_PLAIN, "libratbox reports no zlib support");
889 }
890 mod_cmd_write_queue(ctl, nozlib_cmd, strlen(nozlib_cmd));
891 }
892
893 static void
894 mod_process_cmd_recv(mod_ctl_t * ctl)
895 {
896 rb_dlink_node *ptr, *next;
897 mod_ctl_buf_t *ctl_buf;
898
899 RB_DLINK_FOREACH_SAFE(ptr, next, ctl->readq.head)
900 {
901 ctl_buf = ptr->data;
902
903 switch (*ctl_buf->buf)
904 {
905 case 'A':
906 {
907 if(!ssl_ok)
908 {
909 send_nossl_support(ctl, ctl_buf);
910 break;
911 }
912 ssl_process_accept(ctl, ctl_buf);
913 break;
914 }
915 case 'C':
916 {
917 if(!ssl_ok)
918 {
919 send_nossl_support(ctl, ctl_buf);
920 break;
921 }
922 ssl_process_connect(ctl, ctl_buf);
923 break;
924 }
925
926 case 'K':
927 {
928 if(!ssl_ok)
929 {
930 send_nossl_support(ctl, ctl_buf);
931 break;
932 }
933 ssl_new_keys(ctl, ctl_buf);
934 break;
935 }
936 case 'I':
937 init_prng(ctl, ctl_buf);
938 break;
939 case 'S':
940 {
941 process_stats(ctl, ctl_buf);
942 break;
943 }
944 #ifdef HAVE_LIBZ
945 case 'Z':
946 {
947 /* just zlib only */
948 zlib_process(ctl, ctl_buf);
949 break;
950 }
951 #else
952 case 'Y':
953 case 'Z':
954 send_nozlib_support(ctl, ctl_buf);
955 break;
956
957 #endif
958 default:
959 break;
960 /* Log unknown commands */
961 }
962 rb_dlinkDelete(ptr, &ctl->readq);
963 rb_free(ctl_buf->buf);
964 rb_free(ctl_buf);
965 }
966
967 }
968
969
970
971 static void
972 mod_read_ctl(rb_fde_t * F, void *data)
973 {
974 mod_ctl_buf_t *ctl_buf;
975 mod_ctl_t *ctl = data;
976 int retlen;
977
978 do
979 {
980 ctl_buf = rb_malloc(sizeof(mod_ctl_buf_t));
981 ctl_buf->buf = rb_malloc(READBUF_SIZE);
982 ctl_buf->buflen = READBUF_SIZE;
983 retlen = rb_recv_fd_buf(ctl->F, ctl_buf->buf, ctl_buf->buflen, ctl_buf->F,
984 MAXPASSFD);
985 if(retlen <= 0)
986 {
987 rb_free(ctl_buf->buf);
988 rb_free(ctl_buf);
989 }
990 else
991 {
992 ctl_buf->buflen = retlen;
993 rb_dlinkAddTail(ctl_buf, &ctl_buf->node, &ctl->readq);
994 }
995 }
996 while (retlen > 0);
997
998 if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno)))
999 exit(0);
1000
1001 mod_process_cmd_recv(ctl);
1002 rb_setselect(ctl->F, RB_SELECT_READ, mod_read_ctl, ctl);
1003 }
1004
1005 static void
1006 mod_write_ctl(rb_fde_t * F, void *data)
1007 {
1008 mod_ctl_t *ctl = data;
1009 mod_ctl_buf_t *ctl_buf;
1010 rb_dlink_node *ptr, *next;
1011 int retlen, x;
1012
1013 RB_DLINK_FOREACH_SAFE(ptr, next, ctl->writeq.head)
1014 {
1015 ctl_buf = ptr->data;
1016 retlen = rb_send_fd_buf(ctl->F, ctl_buf->F, ctl_buf->nfds, ctl_buf->buf,
1017 ctl_buf->buflen);
1018 if(retlen > 0)
1019 {
1020 rb_dlinkDelete(ptr, &ctl->writeq);
1021 for (x = 0; x < ctl_buf->nfds; x++)
1022 rb_close(ctl_buf->F[x]);
1023 rb_free(ctl_buf->buf);
1024 rb_free(ctl_buf);
1025
1026 }
1027 if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno)))
1028 exit(0);
1029
1030 rb_setselect(ctl->F, RB_SELECT_WRITE, mod_write_ctl, ctl);
1031 }
1032 }
1033
1034
1035 static void
1036 read_pipe_ctl(rb_fde_t * F, void *data)
1037 {
1038 int retlen;
1039 while ((retlen = rb_read(F, inbuf, sizeof(inbuf))) > 0)
1040 {
1041 ;; /* we don't do anything with the pipe really, just care if the other process dies.. */
1042 }
1043 if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno)))
1044 exit(0);
1045 rb_setselect(F, RB_SELECT_READ, read_pipe_ctl, NULL);
1046
1047 }
1048
1049 int
1050 main(int argc, char **argv)
1051 {
1052 const char *s_ctlfd, *s_pipe;
1053 int ctlfd, pipefd, x, maxfd;
1054 maxfd = maxconn();
1055 s_ctlfd = getenv("CTL_FD");
1056 s_pipe = getenv("CTL_PIPE");
1057
1058 if(s_ctlfd == NULL || s_pipe == NULL)
1059 {
1060 fprintf(stderr, "This is ircd-ratbox ssld. You know you aren't supposed to run me directly?\n");
1061 fprintf(stderr, "You get an Id tag for this: $Id: ssld.c 25594 2008-06-25 14:58:47Z androsyn $\n");
1062 fprintf(stderr, "Have a nice life\n");
1063 exit(1);
1064 }
1065
1066 ctlfd = atoi(s_ctlfd);
1067 pipefd = atoi(s_pipe);
1068
1069 for (x = 0; x < maxfd; x++)
1070 {
1071 if(x != ctlfd && x != pipefd && x > 2)
1072 close(x);
1073 }
1074
1075 #if 0
1076 x = open("/dev/null", O_RDWR);
1077 if(x >= 0)
1078 {
1079 if(ctlfd != 0 && pipefd != 0)
1080 dup2(x, 0);
1081 if(ctlfd != 1 && pipefd != 1)
1082 dup2(x, 1);
1083 if(ctlfd != 2 && pipefd != 2)
1084 dup2(x, 2);
1085 if(x > 2)
1086 close(x);
1087 }
1088 #endif
1089 setup_signals();
1090 rb_lib_init(NULL, NULL, NULL, 0, maxfd, 1024, 4096);
1091 rb_init_rawbuffers(1024);
1092 ssl_ok = rb_supports_ssl();
1093
1094 mod_ctl = rb_malloc(sizeof(mod_ctl_t));
1095 mod_ctl->F = rb_open(ctlfd, RB_FD_SOCKET, "ircd control socket");
1096 mod_ctl->F_pipe = rb_open(pipefd, RB_FD_PIPE, "ircd pipe");
1097 rb_set_nb(mod_ctl->F);
1098 rb_set_nb(mod_ctl->F_pipe);
1099 rb_event_addish("clean_dead_conns", clean_dead_conns, NULL, 10);
1100 rb_event_add("check_handshake_flood", check_handshake_flood, NULL, 10);
1101 read_pipe_ctl(mod_ctl->F_pipe, NULL);
1102 mod_read_ctl(mod_ctl->F, mod_ctl);
1103 if(!zlib_ok && !ssl_ok)
1104 {
1105 /* this is really useless... */
1106 send_i_am_useless(mod_ctl);
1107 /* sleep until the ircd kills us */
1108 rb_sleep(2<<30, 0);
1109 exit(1);
1110 }
1111
1112 if(!zlib_ok)
1113 send_nozlib_support(mod_ctl, NULL);
1114 if(!ssl_ok)
1115 send_nossl_support(mod_ctl, NULL);
1116 rb_lib_loop(0);
1117 return 0;
1118 }
1119
1120
1121
1122 static void
1123 dummy_handler(int sig)
1124 {
1125 return;
1126 }
1127
1128 static void
1129 setup_signals()
1130 {
1131 struct sigaction act;
1132
1133 act.sa_flags = 0;
1134 act.sa_handler = SIG_IGN;
1135 sigemptyset(&act.sa_mask);
1136 sigaddset(&act.sa_mask, SIGPIPE);
1137 sigaddset(&act.sa_mask, SIGALRM);
1138 #ifdef SIGTRAP
1139 sigaddset(&act.sa_mask, SIGTRAP);
1140 #endif
1141
1142 #ifdef SIGWINCH
1143 sigaddset(&act.sa_mask, SIGWINCH);
1144 sigaction(SIGWINCH, &act, 0);
1145 #endif
1146 sigaction(SIGPIPE, &act, 0);
1147 #ifdef SIGTRAP
1148 sigaction(SIGTRAP, &act, 0);
1149 #endif
1150
1151 act.sa_handler = dummy_handler;
1152 sigaction(SIGALRM, &act, 0);
1153 }
1154
Unnamed repository; edit this file 'description' to name the repository.