Add help extban.

[irc/rqf/shadowircd.git] / ssld / ssld.c

diff --git a/ssld/ssld.c b/ssld/ssld.c
index 526069691bc5d822cae5d647206e0e30b6f694d8..a6c6b5f9399ea2331b98314bc0313f6cbd86b25d 100644 (file)
--- a/ssld/ssld.c
+++ b/ssld/ssld.c
@@ -127,6 +127,7 @@ typedef struct _conn
 #define FLAG_DEAD      0x08
 #define FLAG_SSL_W_WANTS_R 0x10        /* output needs to wait until input possible */
 #define FLAG_SSL_R_WANTS_W 0x20        /* input needs to wait until output possible */
+#define FLAG_ZIPSSL    0x40
 
 #define IsSSL(x) ((x)->flags & FLAG_SSL)
 #define IsZip(x) ((x)->flags & FLAG_ZIP)
@@ -134,6 +135,7 @@ typedef struct _conn
 #define IsDead(x) ((x)->flags & FLAG_DEAD)
 #define IsSSLWWantsR(x) ((x)->flags & FLAG_SSL_W_WANTS_R)
 #define IsSSLRWantsW(x) ((x)->flags & FLAG_SSL_R_WANTS_W)
+#define IsZipSSL(x)    ((x)->flags & FLAG_ZIPSSL)
 
 #define SetSSL(x) ((x)->flags |= FLAG_SSL)
 #define SetZip(x) ((x)->flags |= FLAG_ZIP)
@@ -141,6 +143,7 @@ typedef struct _conn
 #define SetDead(x) ((x)->flags |= FLAG_DEAD)
 #define SetSSLWWantsR(x) ((x)->flags |= FLAG_SSL_W_WANTS_R)
 #define SetSSLRWantsW(x) ((x)->flags |= FLAG_SSL_R_WANTS_W)
+#define SetZipSSL(x)   ((x)->flags |= FLAG_ZIPSSL)
 
 #define ClearSSL(x) ((x)->flags &= ~FLAG_SSL)
 #define ClearZip(x) ((x)->flags &= ~FLAG_ZIP)
@@ -148,6 +151,7 @@ typedef struct _conn
 #define ClearDead(x) ((x)->flags &= ~FLAG_DEAD)
 #define ClearSSLWWantsR(x) ((x)->flags &= ~FLAG_SSL_W_WANTS_R)
 #define ClearSSLRWantsW(x) ((x)->flags &= ~FLAG_SSL_R_WANTS_W)
+#define ClearZipSSL(x) ((x)->flags &= ~FLAG_ZIPSSL)
 
 #define NO_WAIT 0x0
 #define WAIT_PLAIN 0x1
@@ -167,6 +171,7 @@ static void conn_mod_write_sendq(rb_fde_t *, void *data);
 static void conn_plain_write_sendq(rb_fde_t *, void *data);
 static void mod_write_ctl(rb_fde_t *, void *data);
 static void conn_plain_read_cb(rb_fde_t *fd, void *data);
+static void conn_plain_read_shutdown_cb(rb_fde_t *fd, void *data);
 static void mod_cmd_write_queue(mod_ctl_t * ctl, const void *data, size_t len);
 static const char *remote_closed = "Remote host closed the connection";
 static int ssl_ok;
@@ -258,16 +263,17 @@ close_conn(conn_t * conn, int wait_plain, const char *fmt, ...)
        rb_close(conn->mod_fd);
        SetDead(conn);
 
+       if(conn->id >= 0 && !IsZipSSL(conn))
+               rb_dlinkDelete(&conn->node, connid_hash(conn->id));
+
        if(!wait_plain || fmt == NULL)
        {
                rb_close(conn->plain_fd);
-
-               if(conn->id >= 0)
-                       rb_dlinkDelete(&conn->node, connid_hash(conn->id));
                rb_dlinkAdd(conn, &conn->node, &dead_list);
                return;
        }
-       rb_setselect(conn->plain_fd, RB_SELECT_WRITE | RB_SELECT_READ, NULL, NULL);
+       rb_setselect(conn->plain_fd, RB_SELECT_READ, conn_plain_read_shutdown_cb, conn);
+       rb_setselect(conn->plain_fd, RB_SELECT_WRITE, NULL, NULL);
        va_start(ap, fmt);
        rb_vsnprintf(reason, sizeof(reason), fmt, ap);
        va_end(ap);
@@ -537,6 +543,34 @@ conn_plain_read_cb(rb_fde_t *fd, void *data)
        }
 }
 
+static void
+conn_plain_read_shutdown_cb(rb_fde_t *fd, void *data)
+{
+       conn_t *conn = data;
+       int length = 0;
+
+       if(conn == NULL)
+               return;
+
+       while(1)
+       {
+               length = rb_read(conn->plain_fd, inbuf, sizeof(inbuf));
+
+               if(length == 0 || (length < 0 && !rb_ignore_errno(errno)))
+               {
+                       rb_close(conn->plain_fd);
+                       rb_dlinkAdd(conn, &conn->node, &dead_list);
+                       return;
+               }
+
+               if(length < 0)
+               {
+                       rb_setselect(conn->plain_fd, RB_SELECT_READ, conn_plain_read_shutdown_cb, conn);
+                       return;
+               }
+       }
+}
+
 static void
 conn_mod_read_cb(rb_fde_t *fd, void *data)
 {
@@ -645,8 +679,16 @@ static void
 ssl_process_accept_cb(rb_fde_t *F, int status, struct sockaddr *addr, rb_socklen_t len, void *data)
 {
        conn_t *conn = data;
+       char buf[5 + RB_SSL_CERTFP_LEN];
+
        if(status == RB_OK)
        {
+               if(rb_get_ssl_certfp(F, &buf[5]))
+               {
+                       buf[0] = 'F';
+                       int32_to_buf(&buf[1], conn->id);
+                       mod_cmd_write_queue(conn->ctl, buf, sizeof buf);
+               }
                conn_mod_read_cb(conn->mod_fd, conn);
                conn_plain_read_cb(conn->plain_fd, conn);
                return;
@@ -674,6 +716,16 @@ ssl_process_connect_cb(rb_fde_t *F, int status, void *data)
 }
 
 
+static void
+cleanup_bad_message(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
+{
+       int i;
+
+       /* XXX should log this somehow */
+       for (i = 0; i < ctlb->nfds; i++)
+               rb_close(ctlb->F[i]);
+}
+
 static void
 ssl_process_accept(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
 {
@@ -750,6 +802,18 @@ process_stats(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
        mod_cmd_write_queue(ctl, outstat, strlen(outstat) + 1); /* +1 is so we send the \0 as well */
 }
 
+static void
+change_connid(mod_ctl_t *ctl, mod_ctl_buf_t *ctlb)
+{
+       int32_t id = buf_to_int32(&ctlb->buf[1]);
+       int32_t newid = buf_to_int32(&ctlb->buf[5]);
+       conn_t *conn = conn_find_by_id(id);
+       if(conn->id >= 0)
+               rb_dlinkDelete(&conn->node, connid_hash(conn->id));
+       SetZipSSL(conn);
+       conn->id = newid;
+}
+
 #ifdef HAVE_LIBZ
 static void
 zlib_process(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
@@ -902,6 +966,12 @@ mod_process_cmd_recv(mod_ctl_t * ctl)
                {
                case 'A':
                        {
+                               if (ctl_buf->nfds != 2 || ctl_buf->buflen != 5)
+                               {
+                                       cleanup_bad_message(ctl, ctl_buf);
+                                       break;
+                               }
+
                                if(!ssl_ok)
                                {
                                        send_nossl_support(ctl, ctl_buf);
@@ -912,6 +982,12 @@ mod_process_cmd_recv(mod_ctl_t * ctl)
                        }
                case 'C':
                        {
+                               if (ctl_buf->nfds != 2 || ctl_buf->buflen != 5)
+                               {
+                                       cleanup_bad_message(ctl, ctl_buf);
+                                       break;
+                               }
+
                                if(!ssl_ok)
                                {
                                        send_nossl_support(ctl, ctl_buf);
@@ -939,15 +1015,27 @@ mod_process_cmd_recv(mod_ctl_t * ctl)
                                process_stats(ctl, ctl_buf);
                                break;
                        }
+               case 'Y':
+                       {
+                               change_connid(ctl, ctl_buf);
+                               break;
+                       }
+
 #ifdef HAVE_LIBZ
                case 'Z':
                        {
+                               if (ctl_buf->nfds != 2 || ctl_buf->buflen < 6)
+                               {
+                                       cleanup_bad_message(ctl, ctl_buf);
+                                       break;
+                               }
+
                                /* just zlib only */
                                zlib_process(ctl, ctl_buf);
                                break;
                        }
 #else
-               case 'Y':
+                       
                case 'Z':
                        send_nozlib_support(ctl, ctl_buf);
                        break;
@@ -972,6 +1060,7 @@ mod_read_ctl(rb_fde_t *F, void *data)
        mod_ctl_buf_t *ctl_buf;
        mod_ctl_t *ctl = data;
        int retlen;
+       int i;
 
        do
        {
@@ -989,6 +1078,9 @@ mod_read_ctl(rb_fde_t *F, void *data)
                {
                        ctl_buf->buflen = retlen;
                        rb_dlinkAddTail(ctl_buf, &ctl_buf->node, &ctl->readq);
+                       for (i = 0; i < MAXPASSFD && ctl_buf->F[i] != NULL; i++)
+                               ;
+                       ctl_buf->nfds = i;
                }
        }
        while(retlen > 0);
@@ -1025,8 +1117,9 @@ mod_write_ctl(rb_fde_t *F, void *data)
                if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno)))
                        exit(0);
 
-               rb_setselect(ctl->F, RB_SELECT_WRITE, mod_write_ctl, ctl);
        }
+       if(rb_dlink_list_length(&ctl->writeq) > 0)
+               rb_setselect(ctl->F, RB_SELECT_WRITE, mod_write_ctl, ctl);
 }
 
 
@@ -1076,6 +1169,7 @@ main(int argc, char **argv)
                        close(x);
        }
        x = open("/dev/null", O_RDWR);
+
        if(x >= 0)
        {
                if(ctlfd != 0 && pipefd != 0)