]>
Commit | Line | Data |
---|---|---|
8d99443b VY |
1 | /* |
2 | * ssld.c: The ircd-ratbox ssl/zlib helper daemon thingy | |
3 | * Copyright (C) 2007 Aaron Sethman <androsyn@ratbox.org> | |
4 | * Copyright (C) 2007 ircd-ratbox development team | |
5 | * | |
6 | * This program is free software; you can redistribute it and/or modify | |
7 | * it under the terms of the GNU General Public License as published by | |
8 | * the Free Software Foundation; either version 2 of the License, or | |
9 | * (at your option) any later version. | |
10 | * | |
11 | * This program is distributed in the hope that it will be useful, | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
14 | * GNU General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU General Public License | |
17 | * along with this program; if not, write to the Free Software | |
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 | |
19 | * USA | |
8d99443b VY |
20 | */ |
21 | ||
22 | ||
23 | #include "stdinc.h" | |
24 | ||
25 | #ifdef HAVE_LIBZ | |
26 | #include <zlib.h> | |
27 | #endif | |
28 | ||
29 | #define MAXPASSFD 4 | |
30 | #ifndef READBUF_SIZE | |
31 | #define READBUF_SIZE 16384 | |
32 | #endif | |
33 | ||
34 | static void setup_signals(void); | |
3202e249 | 35 | static pid_t ppid; |
8d99443b | 36 | |
408a29c6 AC |
37 | static inline uint32_t |
38 | buf_to_uint32(uint8_t *buf) | |
8d99443b | 39 | { |
408a29c6 | 40 | uint32_t x; |
4b6a4d47 | 41 | memcpy(&x, buf, sizeof(x)); |
8d99443b VY |
42 | return x; |
43 | } | |
44 | ||
3202e249 | 45 | static inline void |
408a29c6 | 46 | uint32_to_buf(uint8_t *buf, uint32_t x) |
8d99443b | 47 | { |
4b6a4d47 | 48 | memcpy(buf, &x, sizeof(x)); |
8d99443b VY |
49 | return; |
50 | } | |
51 | ||
8d99443b VY |
52 | typedef struct _mod_ctl_buf |
53 | { | |
54 | rb_dlink_node node; | |
85e9bf41 | 55 | uint8_t *buf; |
8d99443b VY |
56 | size_t buflen; |
57 | rb_fde_t *F[MAXPASSFD]; | |
58 | int nfds; | |
59 | } mod_ctl_buf_t; | |
60 | ||
61 | typedef struct _mod_ctl | |
62 | { | |
63 | rb_dlink_node node; | |
64 | int cli_count; | |
65 | rb_fde_t *F; | |
66 | rb_fde_t *F_pipe; | |
67 | rb_dlink_list readq; | |
68 | rb_dlink_list writeq; | |
69 | } mod_ctl_t; | |
70 | ||
71 | static mod_ctl_t *mod_ctl; | |
72 | ||
73 | ||
74 | #ifdef HAVE_LIBZ | |
75 | typedef struct _zlib_stream | |
76 | { | |
77 | z_stream instream; | |
78 | z_stream outstream; | |
79 | } zlib_stream_t; | |
80 | #endif | |
81 | ||
82 | typedef struct _conn | |
83 | { | |
84 | rb_dlink_node node; | |
85 | mod_ctl_t *ctl; | |
86 | rawbuf_head_t *modbuf_out; | |
87 | rawbuf_head_t *plainbuf_out; | |
88 | ||
408a29c6 | 89 | uint32_t id; |
8d99443b VY |
90 | |
91 | rb_fde_t *mod_fd; | |
92 | rb_fde_t *plain_fd; | |
94356462 AC |
93 | uint64_t mod_out; |
94 | uint64_t mod_in; | |
95 | uint64_t plain_in; | |
96 | uint64_t plain_out; | |
7edb4f16 | 97 | uint8_t flags; |
8d99443b VY |
98 | void *stream; |
99 | } conn_t; | |
100 | ||
101 | #define FLAG_SSL 0x01 | |
102 | #define FLAG_ZIP 0x02 | |
103 | #define FLAG_CORK 0x04 | |
104 | #define FLAG_DEAD 0x08 | |
3202e249 VY |
105 | #define FLAG_SSL_W_WANTS_R 0x10 /* output needs to wait until input possible */ |
106 | #define FLAG_SSL_R_WANTS_W 0x20 /* input needs to wait until output possible */ | |
07c2bb75 | 107 | #define FLAG_ZIPSSL 0x40 |
8d99443b VY |
108 | |
109 | #define IsSSL(x) ((x)->flags & FLAG_SSL) | |
110 | #define IsZip(x) ((x)->flags & FLAG_ZIP) | |
111 | #define IsCork(x) ((x)->flags & FLAG_CORK) | |
112 | #define IsDead(x) ((x)->flags & FLAG_DEAD) | |
73d6283c VY |
113 | #define IsSSLWWantsR(x) ((x)->flags & FLAG_SSL_W_WANTS_R) |
114 | #define IsSSLRWantsW(x) ((x)->flags & FLAG_SSL_R_WANTS_W) | |
07c2bb75 | 115 | #define IsZipSSL(x) ((x)->flags & FLAG_ZIPSSL) |
8d99443b VY |
116 | |
117 | #define SetSSL(x) ((x)->flags |= FLAG_SSL) | |
118 | #define SetZip(x) ((x)->flags |= FLAG_ZIP) | |
119 | #define SetCork(x) ((x)->flags |= FLAG_CORK) | |
120 | #define SetDead(x) ((x)->flags |= FLAG_DEAD) | |
73d6283c VY |
121 | #define SetSSLWWantsR(x) ((x)->flags |= FLAG_SSL_W_WANTS_R) |
122 | #define SetSSLRWantsW(x) ((x)->flags |= FLAG_SSL_R_WANTS_W) | |
8d99443b | 123 | |
8d99443b | 124 | #define ClearCork(x) ((x)->flags &= ~FLAG_CORK) |
73d6283c VY |
125 | #define ClearSSLWWantsR(x) ((x)->flags &= ~FLAG_SSL_W_WANTS_R) |
126 | #define ClearSSLRWantsW(x) ((x)->flags &= ~FLAG_SSL_R_WANTS_W) | |
8d99443b VY |
127 | |
128 | #define NO_WAIT 0x0 | |
129 | #define WAIT_PLAIN 0x1 | |
130 | ||
4b6a4d47 VY |
131 | #define HASH_WALK_SAFE(i, max, ptr, next, table) for(i = 0; i < max; i++) { RB_DLINK_FOREACH_SAFE(ptr, next, table[i].head) |
132 | #define HASH_WALK_END } | |
8d99443b VY |
133 | #define CONN_HASH_SIZE 2000 |
134 | #define connid_hash(x) (&connid_hash_table[(x % CONN_HASH_SIZE)]) | |
135 | ||
4b6a4d47 VY |
136 | |
137 | ||
8d99443b VY |
138 | static rb_dlink_list connid_hash_table[CONN_HASH_SIZE]; |
139 | static rb_dlink_list dead_list; | |
140 | ||
3202e249 | 141 | static void conn_mod_read_cb(rb_fde_t *fd, void *data); |
8d99443b VY |
142 | static void conn_mod_write_sendq(rb_fde_t *, void *data); |
143 | static void conn_plain_write_sendq(rb_fde_t *, void *data); | |
144 | static void mod_write_ctl(rb_fde_t *, void *data); | |
3202e249 | 145 | static void conn_plain_read_cb(rb_fde_t *fd, void *data); |
e99f6122 | 146 | static void conn_plain_read_shutdown_cb(rb_fde_t *fd, void *data); |
3202e249 | 147 | static void mod_cmd_write_queue(mod_ctl_t * ctl, const void *data, size_t len); |
8d99443b | 148 | static const char *remote_closed = "Remote host closed the connection"; |
d35870ee | 149 | static bool ssld_ssl_ok; |
cf430c1a | 150 | static int certfp_method = RB_SSL_CERTFP_METH_CERT_SHA1; |
8d99443b | 151 | #ifdef HAVE_LIBZ |
503727d1 | 152 | static bool zlib_ok = true; |
8d99443b | 153 | #else |
503727d1 | 154 | static bool zlib_ok = false; |
8d99443b | 155 | #endif |
4b6a4d47 VY |
156 | |
157 | ||
158 | #ifdef HAVE_LIBZ | |
8d99443b VY |
159 | static void * |
160 | ssld_alloc(void *unused, size_t count, size_t size) | |
161 | { | |
162 | return rb_malloc(count * size); | |
163 | } | |
164 | ||
165 | static void | |
166 | ssld_free(void *unused, void *ptr) | |
167 | { | |
3202e249 | 168 | rb_free(ptr); |
8d99443b | 169 | } |
4b6a4d47 | 170 | #endif |
8d99443b VY |
171 | |
172 | static conn_t * | |
408a29c6 | 173 | conn_find_by_id(uint32_t id) |
8d99443b VY |
174 | { |
175 | rb_dlink_node *ptr; | |
176 | conn_t *conn; | |
177 | ||
178 | RB_DLINK_FOREACH(ptr, (connid_hash(id))->head) | |
179 | { | |
180 | conn = ptr->data; | |
181 | if(conn->id == id && !IsDead(conn)) | |
182 | return conn; | |
183 | } | |
184 | return NULL; | |
185 | } | |
186 | ||
187 | static void | |
408a29c6 | 188 | conn_add_id_hash(conn_t * conn, uint32_t id) |
8d99443b VY |
189 | { |
190 | conn->id = id; | |
191 | rb_dlinkAdd(conn, &conn->node, connid_hash(id)); | |
192 | } | |
193 | ||
194 | static void | |
195 | free_conn(conn_t * conn) | |
196 | { | |
197 | rb_free_rawbuffer(conn->modbuf_out); | |
198 | rb_free_rawbuffer(conn->plainbuf_out); | |
4b6a4d47 | 199 | #ifdef HAVE_LIBZ |
8d99443b VY |
200 | if(IsZip(conn)) |
201 | { | |
202 | zlib_stream_t *stream = conn->stream; | |
203 | inflateEnd(&stream->instream); | |
3202e249 | 204 | deflateEnd(&stream->outstream); |
84b49742 | 205 | rb_free(stream); |
8d99443b | 206 | } |
4b6a4d47 | 207 | #endif |
8d99443b VY |
208 | rb_free(conn); |
209 | } | |
210 | ||
211 | static void | |
212 | clean_dead_conns(void *unused) | |
213 | { | |
214 | conn_t *conn; | |
215 | rb_dlink_node *ptr, *next; | |
216 | RB_DLINK_FOREACH_SAFE(ptr, next, dead_list.head) | |
217 | { | |
218 | conn = ptr->data; | |
219 | free_conn(conn); | |
220 | } | |
221 | dead_list.tail = dead_list.head = NULL; | |
222 | } | |
223 | ||
224 | ||
225 | static void | |
226 | close_conn(conn_t * conn, int wait_plain, const char *fmt, ...) | |
227 | { | |
228 | va_list ap; | |
3202e249 | 229 | char reason[128]; /* must always be under 250 bytes */ |
85e9bf41 | 230 | uint8_t buf[256]; |
8d99443b VY |
231 | int len; |
232 | if(IsDead(conn)) | |
233 | return; | |
3202e249 | 234 | |
8d99443b VY |
235 | rb_rawbuf_flush(conn->modbuf_out, conn->mod_fd); |
236 | rb_rawbuf_flush(conn->plainbuf_out, conn->plain_fd); | |
237 | rb_close(conn->mod_fd); | |
238 | SetDead(conn); | |
239 | ||
408a29c6 | 240 | if(!IsZipSSL(conn)) |
e99f6122 JT |
241 | rb_dlinkDelete(&conn->node, connid_hash(conn->id)); |
242 | ||
8d99443b VY |
243 | if(!wait_plain || fmt == NULL) |
244 | { | |
245 | rb_close(conn->plain_fd); | |
8d99443b VY |
246 | rb_dlinkAdd(conn, &conn->node, &dead_list); |
247 | return; | |
248 | } | |
e99f6122 JT |
249 | rb_setselect(conn->plain_fd, RB_SELECT_READ, conn_plain_read_shutdown_cb, conn); |
250 | rb_setselect(conn->plain_fd, RB_SELECT_WRITE, NULL, NULL); | |
8d99443b | 251 | va_start(ap, fmt); |
5203cba5 | 252 | vsnprintf(reason, sizeof(reason), fmt, ap); |
8d99443b VY |
253 | va_end(ap); |
254 | ||
255 | buf[0] = 'D'; | |
408a29c6 | 256 | uint32_to_buf(&buf[1], conn->id); |
85e9bf41 | 257 | rb_strlcpy((char *) &buf[5], reason, sizeof(buf) - 5); |
8d99443b VY |
258 | len = (strlen(reason) + 1) + 5; |
259 | mod_cmd_write_queue(conn->ctl, buf, len); | |
260 | } | |
261 | ||
262 | static conn_t * | |
3202e249 | 263 | make_conn(mod_ctl_t * ctl, rb_fde_t *mod_fd, rb_fde_t *plain_fd) |
8d99443b VY |
264 | { |
265 | conn_t *conn = rb_malloc(sizeof(conn_t)); | |
266 | conn->ctl = ctl; | |
267 | conn->modbuf_out = rb_new_rawbuffer(); | |
268 | conn->plainbuf_out = rb_new_rawbuffer(); | |
269 | conn->mod_fd = mod_fd; | |
270 | conn->plain_fd = plain_fd; | |
271 | conn->id = -1; | |
272 | conn->stream = NULL; | |
273 | rb_set_nb(mod_fd); | |
274 | rb_set_nb(plain_fd); | |
275 | return conn; | |
276 | } | |
277 | ||
4b6a4d47 VY |
278 | static void |
279 | check_handshake_flood(void *unused) | |
280 | { | |
281 | conn_t *conn; | |
282 | rb_dlink_node *ptr, *next; | |
283 | unsigned int count; | |
284 | int i; | |
285 | HASH_WALK_SAFE(i, CONN_HASH_SIZE, ptr, next, connid_hash_table) | |
286 | { | |
287 | conn = ptr->data; | |
288 | if(!IsSSL(conn)) | |
289 | continue; | |
3202e249 | 290 | |
4b6a4d47 VY |
291 | count = rb_ssl_handshake_count(conn->mod_fd); |
292 | /* nothing needs to do this more than twice in ten seconds i don't think */ | |
293 | if(count > 2) | |
294 | close_conn(conn, WAIT_PLAIN, "Handshake flooding"); | |
295 | else | |
296 | rb_ssl_clear_handshake_count(conn->mod_fd); | |
3202e249 VY |
297 | } |
298 | HASH_WALK_END} | |
4b6a4d47 | 299 | |
8d99443b | 300 | static void |
3202e249 | 301 | conn_mod_write_sendq(rb_fde_t *fd, void *data) |
8d99443b VY |
302 | { |
303 | conn_t *conn = data; | |
304 | const char *err; | |
305 | int retlen; | |
306 | if(IsDead(conn)) | |
307 | return; | |
308 | ||
73d6283c VY |
309 | if(IsSSLWWantsR(conn)) |
310 | { | |
311 | ClearSSLWWantsR(conn); | |
312 | conn_mod_read_cb(conn->mod_fd, conn); | |
313 | if(IsDead(conn)) | |
314 | return; | |
315 | } | |
316 | ||
3202e249 | 317 | while((retlen = rb_rawbuf_flush(conn->modbuf_out, fd)) > 0) |
8d99443b VY |
318 | conn->mod_out += retlen; |
319 | ||
320 | if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno))) | |
321 | { | |
322 | if(retlen == 0) | |
323 | close_conn(conn, WAIT_PLAIN, "%s", remote_closed); | |
324 | if(IsSSL(conn) && retlen == RB_RW_SSL_ERROR) | |
325 | err = rb_get_ssl_strerror(conn->mod_fd); | |
326 | else | |
327 | err = strerror(errno); | |
328 | close_conn(conn, WAIT_PLAIN, "Write error: %s", err); | |
329 | return; | |
330 | } | |
331 | if(rb_rawbuf_length(conn->modbuf_out) > 0) | |
332 | { | |
73d6283c VY |
333 | if(retlen != RB_RW_SSL_NEED_READ) |
334 | rb_setselect(conn->mod_fd, RB_SELECT_WRITE, conn_mod_write_sendq, conn); | |
335 | else | |
336 | { | |
337 | rb_setselect(conn->mod_fd, RB_SELECT_READ, conn_mod_write_sendq, conn); | |
338 | rb_setselect(conn->mod_fd, RB_SELECT_WRITE, NULL, NULL); | |
339 | SetSSLWWantsR(conn); | |
340 | } | |
8d99443b VY |
341 | } |
342 | else | |
343 | rb_setselect(conn->mod_fd, RB_SELECT_WRITE, NULL, NULL); | |
344 | ||
345 | if(IsCork(conn) && rb_rawbuf_length(conn->modbuf_out) == 0) | |
346 | { | |
347 | ClearCork(conn); | |
348 | conn_plain_read_cb(conn->plain_fd, conn); | |
349 | } | |
350 | ||
351 | } | |
352 | ||
353 | static void | |
354 | conn_mod_write(conn_t * conn, void *data, size_t len) | |
355 | { | |
356 | if(IsDead(conn)) /* no point in queueing to a dead man */ | |
357 | return; | |
358 | rb_rawbuf_append(conn->modbuf_out, data, len); | |
359 | } | |
360 | ||
361 | static void | |
362 | conn_plain_write(conn_t * conn, void *data, size_t len) | |
363 | { | |
364 | if(IsDead(conn)) /* again no point in queueing to dead men */ | |
365 | return; | |
366 | rb_rawbuf_append(conn->plainbuf_out, data, len); | |
367 | } | |
368 | ||
369 | static void | |
370 | mod_cmd_write_queue(mod_ctl_t * ctl, const void *data, size_t len) | |
371 | { | |
372 | mod_ctl_buf_t *ctl_buf; | |
373 | ctl_buf = rb_malloc(sizeof(mod_ctl_buf_t)); | |
374 | ctl_buf->buf = rb_malloc(len); | |
375 | ctl_buf->buflen = len; | |
376 | memcpy(ctl_buf->buf, data, len); | |
377 | ctl_buf->nfds = 0; | |
378 | rb_dlinkAddTail(ctl_buf, &ctl_buf->node, &ctl->writeq); | |
379 | mod_write_ctl(ctl->F, ctl); | |
380 | } | |
381 | ||
382 | #ifdef HAVE_LIBZ | |
383 | static void | |
384 | common_zlib_deflate(conn_t * conn, void *buf, size_t len) | |
385 | { | |
6cd1aca7 | 386 | char outbuf[READBUF_SIZE]; |
8d99443b | 387 | int ret, have; |
3202e249 | 388 | z_stream *outstream = &((zlib_stream_t *) conn->stream)->outstream; |
8d99443b VY |
389 | outstream->next_in = buf; |
390 | outstream->avail_in = len; | |
391 | outstream->next_out = (Bytef *) outbuf; | |
392 | outstream->avail_out = sizeof(outbuf); | |
393 | ||
394 | ret = deflate(outstream, Z_SYNC_FLUSH); | |
395 | if(ret != Z_OK) | |
396 | { | |
397 | /* deflate error */ | |
398 | close_conn(conn, WAIT_PLAIN, "Deflate failed: %s", zError(ret)); | |
399 | return; | |
400 | } | |
401 | if(outstream->avail_out == 0) | |
402 | { | |
403 | /* avail_out empty */ | |
404 | close_conn(conn, WAIT_PLAIN, "error compressing data, avail_out == 0"); | |
405 | return; | |
406 | } | |
407 | if(outstream->avail_in != 0) | |
408 | { | |
3202e249 | 409 | /* avail_in isn't empty... */ |
8d99443b VY |
410 | close_conn(conn, WAIT_PLAIN, "error compressing data, avail_in != 0"); |
411 | return; | |
412 | } | |
413 | have = sizeof(outbuf) - outstream->avail_out; | |
414 | conn_mod_write(conn, outbuf, have); | |
415 | } | |
416 | ||
417 | static void | |
418 | common_zlib_inflate(conn_t * conn, void *buf, size_t len) | |
419 | { | |
6cd1aca7 | 420 | char outbuf[READBUF_SIZE]; |
3202e249 VY |
421 | int ret, have = 0; |
422 | ((zlib_stream_t *) conn->stream)->instream.next_in = buf; | |
423 | ((zlib_stream_t *) conn->stream)->instream.avail_in = len; | |
424 | ((zlib_stream_t *) conn->stream)->instream.next_out = (Bytef *) outbuf; | |
425 | ((zlib_stream_t *) conn->stream)->instream.avail_out = sizeof(outbuf); | |
8d99443b | 426 | |
3202e249 | 427 | while(((zlib_stream_t *) conn->stream)->instream.avail_in) |
8d99443b | 428 | { |
3202e249 | 429 | ret = inflate(&((zlib_stream_t *) conn->stream)->instream, Z_NO_FLUSH); |
8d99443b VY |
430 | if(ret != Z_OK) |
431 | { | |
432 | if(!strncmp("ERROR ", buf, 6)) | |
433 | { | |
434 | close_conn(conn, WAIT_PLAIN, "Received uncompressed ERROR"); | |
435 | return; | |
436 | } | |
437 | close_conn(conn, WAIT_PLAIN, "Inflate failed: %s", zError(ret)); | |
438 | return; | |
439 | } | |
3202e249 | 440 | have = sizeof(outbuf) - ((zlib_stream_t *) conn->stream)->instream.avail_out; |
8d99443b | 441 | |
3202e249 | 442 | if(((zlib_stream_t *) conn->stream)->instream.avail_in) |
8d99443b VY |
443 | { |
444 | conn_plain_write(conn, outbuf, have); | |
445 | have = 0; | |
3202e249 VY |
446 | ((zlib_stream_t *) conn->stream)->instream.next_out = (Bytef *) outbuf; |
447 | ((zlib_stream_t *) conn->stream)->instream.avail_out = sizeof(outbuf); | |
8d99443b VY |
448 | } |
449 | } | |
450 | if(have == 0) | |
451 | return; | |
452 | ||
453 | conn_plain_write(conn, outbuf, have); | |
454 | } | |
455 | #endif | |
456 | ||
25a89965 | 457 | static bool |
8d99443b VY |
458 | plain_check_cork(conn_t * conn) |
459 | { | |
460 | if(rb_rawbuf_length(conn->modbuf_out) >= 4096) | |
461 | { | |
55abcbb2 | 462 | /* if we have over 4k pending outbound, don't read until |
8d99443b VY |
463 | * we've cleared the queue */ |
464 | SetCork(conn); | |
465 | rb_setselect(conn->plain_fd, RB_SELECT_READ, NULL, NULL); | |
466 | /* try to write */ | |
467 | conn_mod_write_sendq(conn->mod_fd, conn); | |
25a89965 | 468 | return true; |
8d99443b | 469 | } |
25a89965 | 470 | return false; |
8d99443b VY |
471 | } |
472 | ||
473 | ||
474 | static void | |
3202e249 | 475 | conn_plain_read_cb(rb_fde_t *fd, void *data) |
8d99443b | 476 | { |
6cd1aca7 | 477 | char inbuf[READBUF_SIZE]; |
8d99443b VY |
478 | conn_t *conn = data; |
479 | int length = 0; | |
480 | if(conn == NULL) | |
481 | return; | |
482 | ||
483 | if(IsDead(conn)) | |
484 | return; | |
485 | ||
486 | if(plain_check_cork(conn)) | |
487 | return; | |
488 | ||
3202e249 | 489 | while(1) |
8d99443b VY |
490 | { |
491 | if(IsDead(conn)) | |
492 | return; | |
493 | ||
494 | length = rb_read(conn->plain_fd, inbuf, sizeof(inbuf)); | |
495 | ||
496 | if(length == 0 || (length < 0 && !rb_ignore_errno(errno))) | |
497 | { | |
498 | close_conn(conn, NO_WAIT, NULL); | |
499 | return; | |
500 | } | |
501 | ||
502 | if(length < 0) | |
503 | { | |
504 | rb_setselect(conn->plain_fd, RB_SELECT_READ, conn_plain_read_cb, conn); | |
505 | conn_mod_write_sendq(conn->mod_fd, conn); | |
506 | return; | |
507 | } | |
508 | conn->plain_in += length; | |
509 | ||
510 | #ifdef HAVE_LIBZ | |
511 | if(IsZip(conn)) | |
512 | common_zlib_deflate(conn, inbuf, length); | |
513 | else | |
514 | #endif | |
515 | conn_mod_write(conn, inbuf, length); | |
516 | if(IsDead(conn)) | |
517 | return; | |
518 | if(plain_check_cork(conn)) | |
519 | return; | |
520 | } | |
521 | } | |
522 | ||
e99f6122 JT |
523 | static void |
524 | conn_plain_read_shutdown_cb(rb_fde_t *fd, void *data) | |
525 | { | |
6cd1aca7 | 526 | char inbuf[READBUF_SIZE]; |
e99f6122 JT |
527 | conn_t *conn = data; |
528 | int length = 0; | |
529 | ||
530 | if(conn == NULL) | |
531 | return; | |
532 | ||
533 | while(1) | |
534 | { | |
535 | length = rb_read(conn->plain_fd, inbuf, sizeof(inbuf)); | |
536 | ||
537 | if(length == 0 || (length < 0 && !rb_ignore_errno(errno))) | |
538 | { | |
539 | rb_close(conn->plain_fd); | |
540 | rb_dlinkAdd(conn, &conn->node, &dead_list); | |
541 | return; | |
542 | } | |
543 | ||
544 | if(length < 0) | |
545 | { | |
546 | rb_setselect(conn->plain_fd, RB_SELECT_READ, conn_plain_read_shutdown_cb, conn); | |
547 | return; | |
548 | } | |
549 | } | |
550 | } | |
551 | ||
8d99443b | 552 | static void |
3202e249 | 553 | conn_mod_read_cb(rb_fde_t *fd, void *data) |
8d99443b | 554 | { |
6cd1aca7 | 555 | char inbuf[READBUF_SIZE]; |
8d99443b VY |
556 | conn_t *conn = data; |
557 | const char *err = remote_closed; | |
558 | int length; | |
559 | if(conn == NULL) | |
560 | return; | |
561 | if(IsDead(conn)) | |
562 | return; | |
563 | ||
73d6283c VY |
564 | if(IsSSLRWantsW(conn)) |
565 | { | |
566 | ClearSSLRWantsW(conn); | |
567 | conn_mod_write_sendq(conn->mod_fd, conn); | |
568 | if(IsDead(conn)) | |
569 | return; | |
570 | } | |
571 | ||
3202e249 | 572 | while(1) |
8d99443b VY |
573 | { |
574 | if(IsDead(conn)) | |
575 | return; | |
576 | ||
577 | length = rb_read(conn->mod_fd, inbuf, sizeof(inbuf)); | |
578 | ||
579 | if(length == 0 || (length < 0 && !rb_ignore_errno(errno))) | |
580 | { | |
3202e249 VY |
581 | if(length == 0) |
582 | { | |
8d99443b VY |
583 | close_conn(conn, WAIT_PLAIN, "%s", remote_closed); |
584 | return; | |
585 | } | |
586 | ||
587 | if(IsSSL(conn) && length == RB_RW_SSL_ERROR) | |
588 | err = rb_get_ssl_strerror(conn->mod_fd); | |
589 | else | |
590 | err = strerror(errno); | |
591 | close_conn(conn, WAIT_PLAIN, "Read error: %s", err); | |
592 | return; | |
593 | } | |
594 | if(length < 0) | |
595 | { | |
73d6283c VY |
596 | if(length != RB_RW_SSL_NEED_WRITE) |
597 | rb_setselect(conn->mod_fd, RB_SELECT_READ, conn_mod_read_cb, conn); | |
598 | else | |
599 | { | |
600 | rb_setselect(conn->mod_fd, RB_SELECT_READ, NULL, NULL); | |
601 | rb_setselect(conn->mod_fd, RB_SELECT_WRITE, conn_mod_read_cb, conn); | |
602 | SetSSLRWantsW(conn); | |
603 | } | |
8d99443b VY |
604 | conn_plain_write_sendq(conn->plain_fd, conn); |
605 | return; | |
3202e249 | 606 | } |
8d99443b VY |
607 | conn->mod_in += length; |
608 | #ifdef HAVE_LIBZ | |
609 | if(IsZip(conn)) | |
610 | common_zlib_inflate(conn, inbuf, length); | |
611 | else | |
612 | #endif | |
613 | conn_plain_write(conn, inbuf, length); | |
614 | } | |
615 | } | |
616 | ||
617 | static void | |
3202e249 | 618 | conn_plain_write_sendq(rb_fde_t *fd, void *data) |
8d99443b VY |
619 | { |
620 | conn_t *conn = data; | |
621 | int retlen; | |
622 | ||
623 | if(IsDead(conn)) | |
624 | return; | |
625 | ||
3202e249 | 626 | while((retlen = rb_rawbuf_flush(conn->plainbuf_out, fd)) > 0) |
8d99443b VY |
627 | { |
628 | conn->plain_out += retlen; | |
629 | } | |
630 | if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno))) | |
631 | { | |
632 | close_conn(data, NO_WAIT, NULL); | |
633 | return; | |
634 | } | |
3202e249 | 635 | |
8d99443b VY |
636 | |
637 | if(rb_rawbuf_length(conn->plainbuf_out) > 0) | |
638 | rb_setselect(conn->plain_fd, RB_SELECT_WRITE, conn_plain_write_sendq, conn); | |
639 | else | |
640 | rb_setselect(conn->plain_fd, RB_SELECT_WRITE, NULL, NULL); | |
641 | } | |
642 | ||
643 | static int | |
644 | maxconn(void) | |
645 | { | |
646 | #if defined(RLIMIT_NOFILE) && defined(HAVE_SYS_RESOURCE_H) | |
647 | struct rlimit limit; | |
648 | ||
649 | if(!getrlimit(RLIMIT_NOFILE, &limit)) | |
650 | { | |
651 | return limit.rlim_cur; | |
652 | } | |
653 | #endif /* RLIMIT_FD_MAX */ | |
654 | return MAXCONNECTIONS; | |
655 | } | |
656 | ||
408a29c6 AC |
657 | static void |
658 | ssl_send_cipher(conn_t *conn) | |
659 | { | |
408a29c6 | 660 | size_t len; |
74ff144d | 661 | uint8_t buf[512]; |
408a29c6 AC |
662 | char cstring[256]; |
663 | const char *p; | |
664 | if(!IsSSL(conn)) | |
665 | return; | |
666 | ||
667 | p = rb_ssl_get_cipher(conn->mod_fd); | |
668 | ||
669 | if(p == NULL) | |
670 | return; | |
671 | ||
672 | rb_strlcpy(cstring, p, sizeof(cstring)); | |
673 | ||
674 | buf[0] = 'C'; | |
675 | uint32_to_buf(&buf[1], conn->id); | |
74ff144d | 676 | strcpy((char *) &buf[5], cstring); |
408a29c6 AC |
677 | len = (strlen(cstring) + 1) + 5; |
678 | mod_cmd_write_queue(conn->ctl, buf, len); | |
408a29c6 AC |
679 | } |
680 | ||
681 | static void | |
682 | ssl_send_certfp(conn_t *conn) | |
683 | { | |
dc986b54 | 684 | uint8_t buf[13 + RB_SSL_CERTFP_LEN]; |
408a29c6 | 685 | |
dc986b54 | 686 | int len = rb_get_ssl_certfp(conn->mod_fd, &buf[13], certfp_method); |
408a29c6 AC |
687 | if (!len) |
688 | return; | |
689 | ||
690 | lrb_assert(len <= RB_SSL_CERTFP_LEN); | |
691 | buf[0] = 'F'; | |
692 | uint32_to_buf(&buf[1], conn->id); | |
dc986b54 SA |
693 | uint32_to_buf(&buf[5], certfp_method); |
694 | uint32_to_buf(&buf[9], len); | |
695 | mod_cmd_write_queue(conn->ctl, buf, 13 + len); | |
408a29c6 AC |
696 | } |
697 | ||
4fbb7362 SA |
698 | static void |
699 | ssl_send_open(conn_t *conn) | |
700 | { | |
701 | uint8_t buf[5]; | |
702 | ||
703 | buf[0] = 'O'; | |
704 | uint32_to_buf(&buf[1], conn->id); | |
705 | mod_cmd_write_queue(conn->ctl, buf, 5); | |
706 | } | |
707 | ||
8d99443b | 708 | static void |
3202e249 | 709 | ssl_process_accept_cb(rb_fde_t *F, int status, struct sockaddr *addr, rb_socklen_t len, void *data) |
8d99443b VY |
710 | { |
711 | conn_t *conn = data; | |
7247337a | 712 | |
8d99443b VY |
713 | if(status == RB_OK) |
714 | { | |
408a29c6 AC |
715 | ssl_send_cipher(conn); |
716 | ssl_send_certfp(conn); | |
4fbb7362 | 717 | ssl_send_open(conn); |
fbbc6aeb SA |
718 | conn_mod_read_cb(conn->mod_fd, conn); |
719 | conn_plain_read_cb(conn->plain_fd, conn); | |
8d99443b VY |
720 | return; |
721 | } | |
a444bb78 | 722 | /* ircd doesn't care about the reason for this */ |
8d99443b VY |
723 | close_conn(conn, NO_WAIT, 0); |
724 | return; | |
725 | } | |
726 | ||
727 | static void | |
3202e249 | 728 | ssl_process_connect_cb(rb_fde_t *F, int status, void *data) |
8d99443b VY |
729 | { |
730 | conn_t *conn = data; | |
a7675ed2 | 731 | |
8d99443b VY |
732 | if(status == RB_OK) |
733 | { | |
408a29c6 AC |
734 | ssl_send_cipher(conn); |
735 | ssl_send_certfp(conn); | |
4fbb7362 | 736 | ssl_send_open(conn); |
fbbc6aeb SA |
737 | conn_mod_read_cb(conn->mod_fd, conn); |
738 | conn_plain_read_cb(conn->plain_fd, conn); | |
8d99443b | 739 | } |
a444bb78 JT |
740 | else if(status == RB_ERR_TIMEOUT) |
741 | close_conn(conn, WAIT_PLAIN, "SSL handshake timed out"); | |
742 | else if(status == RB_ERROR_SSL) | |
743 | close_conn(conn, WAIT_PLAIN, "%s", rb_get_ssl_strerror(conn->mod_fd)); | |
744 | else | |
745 | close_conn(conn, WAIT_PLAIN, "SSL handshake failed"); | |
8d99443b VY |
746 | } |
747 | ||
748 | ||
c03677e9 JT |
749 | static void |
750 | cleanup_bad_message(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) | |
751 | { | |
752 | int i; | |
753 | ||
754 | /* XXX should log this somehow */ | |
755 | for (i = 0; i < ctlb->nfds; i++) | |
756 | rb_close(ctlb->F[i]); | |
757 | } | |
758 | ||
8d99443b VY |
759 | static void |
760 | ssl_process_accept(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) | |
761 | { | |
762 | conn_t *conn; | |
408a29c6 | 763 | uint32_t id; |
8d99443b VY |
764 | |
765 | conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]); | |
766 | ||
408a29c6 AC |
767 | id = buf_to_uint32(&ctlb->buf[1]); |
768 | conn_add_id_hash(conn, id); | |
8d99443b VY |
769 | SetSSL(conn); |
770 | ||
771 | if(rb_get_type(conn->mod_fd) & RB_FD_UNKNOWN) | |
8d99443b | 772 | rb_set_type(conn->mod_fd, RB_FD_SOCKET); |
a5ddb7df AC |
773 | |
774 | if(rb_get_type(conn->plain_fd) == RB_FD_UNKNOWN) | |
8d99443b VY |
775 | rb_set_type(conn->plain_fd, RB_FD_SOCKET); |
776 | ||
777 | rb_ssl_start_accepted(ctlb->F[0], ssl_process_accept_cb, conn, 10); | |
778 | } | |
779 | ||
e6bbb410 EM |
780 | static void |
781 | ssl_change_certfp_method(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) | |
782 | { | |
408a29c6 | 783 | certfp_method = buf_to_uint32(&ctlb->buf[1]); |
e6bbb410 EM |
784 | } |
785 | ||
8d99443b VY |
786 | static void |
787 | ssl_process_connect(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) | |
788 | { | |
789 | conn_t *conn; | |
408a29c6 | 790 | uint32_t id; |
8d99443b VY |
791 | conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]); |
792 | ||
408a29c6 AC |
793 | id = buf_to_uint32(&ctlb->buf[1]); |
794 | conn_add_id_hash(conn, id); | |
8d99443b VY |
795 | SetSSL(conn); |
796 | ||
797 | if(rb_get_type(conn->mod_fd) == RB_FD_UNKNOWN) | |
798 | rb_set_type(conn->mod_fd, RB_FD_SOCKET); | |
799 | ||
a5ddb7df | 800 | if(rb_get_type(conn->plain_fd) == RB_FD_UNKNOWN) |
8d99443b VY |
801 | rb_set_type(conn->plain_fd, RB_FD_SOCKET); |
802 | ||
803 | ||
804 | rb_ssl_start_connected(ctlb->F[0], ssl_process_connect_cb, conn, 10); | |
805 | } | |
806 | ||
807 | static void | |
808 | process_stats(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) | |
809 | { | |
810 | char outstat[512]; | |
811 | conn_t *conn; | |
85e9bf41 | 812 | uint8_t *odata; |
408a29c6 | 813 | uint32_t id; |
8d99443b | 814 | |
408a29c6 | 815 | id = buf_to_uint32(&ctlb->buf[1]); |
3202e249 | 816 | |
8d99443b VY |
817 | odata = &ctlb->buf[5]; |
818 | conn = conn_find_by_id(id); | |
819 | ||
820 | if(conn == NULL) | |
821 | return; | |
822 | ||
5203cba5 | 823 | snprintf(outstat, sizeof(outstat), "S %s %llu %llu %llu %llu", odata, |
26b83fa0 SA |
824 | (unsigned long long)conn->plain_out, |
825 | (unsigned long long)conn->mod_in, | |
826 | (unsigned long long)conn->plain_in, | |
827 | (unsigned long long)conn->mod_out); | |
8d99443b VY |
828 | conn->plain_out = 0; |
829 | conn->plain_in = 0; | |
830 | conn->mod_in = 0; | |
831 | conn->mod_out = 0; | |
832 | mod_cmd_write_queue(ctl, outstat, strlen(outstat) + 1); /* +1 is so we send the \0 as well */ | |
833 | } | |
834 | ||
835 | #ifdef HAVE_LIBZ | |
8d99443b VY |
836 | static void |
837 | zlib_process(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) | |
838 | { | |
7edb4f16 | 839 | uint8_t level; |
8d99443b | 840 | size_t recvqlen; |
408a29c6 | 841 | size_t hdr = (sizeof(uint8_t) * 2) + sizeof(uint32_t); |
8d99443b VY |
842 | void *recvq_start; |
843 | z_stream *instream, *outstream; | |
844 | conn_t *conn; | |
408a29c6 | 845 | uint32_t id; |
8d99443b VY |
846 | |
847 | conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]); | |
848 | if(rb_get_type(conn->mod_fd) == RB_FD_UNKNOWN) | |
849 | rb_set_type(conn->mod_fd, RB_FD_SOCKET); | |
850 | ||
851 | if(rb_get_type(conn->plain_fd) == RB_FD_UNKNOWN) | |
852 | rb_set_type(conn->plain_fd, RB_FD_SOCKET); | |
853 | ||
408a29c6 | 854 | id = buf_to_uint32(&ctlb->buf[1]); |
8d99443b VY |
855 | conn_add_id_hash(conn, id); |
856 | ||
3202e249 | 857 | level = (uint8_t)ctlb->buf[5]; |
8d99443b VY |
858 | |
859 | recvqlen = ctlb->buflen - hdr; | |
860 | recvq_start = &ctlb->buf[6]; | |
861 | ||
862 | SetZip(conn); | |
863 | conn->stream = rb_malloc(sizeof(zlib_stream_t)); | |
3202e249 VY |
864 | instream = &((zlib_stream_t *) conn->stream)->instream; |
865 | outstream = &((zlib_stream_t *) conn->stream)->outstream; | |
866 | ||
8d99443b VY |
867 | instream->total_in = 0; |
868 | instream->total_out = 0; | |
869 | instream->zalloc = (alloc_func) ssld_alloc; | |
870 | instream->zfree = (free_func) ssld_free; | |
871 | instream->data_type = Z_ASCII; | |
3202e249 | 872 | inflateInit(&((zlib_stream_t *) conn->stream)->instream); |
8d99443b VY |
873 | |
874 | outstream->total_in = 0; | |
875 | outstream->total_out = 0; | |
876 | outstream->zalloc = (alloc_func) ssld_alloc; | |
877 | outstream->zfree = (free_func) ssld_free; | |
878 | outstream->data_type = Z_ASCII; | |
879 | ||
880 | if(level > 9) | |
408a29c6 | 881 | level = (uint8_t) Z_DEFAULT_COMPRESSION; |
8d99443b | 882 | |
3202e249 | 883 | deflateInit(&((zlib_stream_t *) conn->stream)->outstream, level); |
8d99443b VY |
884 | if(recvqlen > 0) |
885 | common_zlib_inflate(conn, recvq_start, recvqlen); | |
0bd120ed | 886 | |
8d99443b VY |
887 | conn_mod_read_cb(conn->mod_fd, conn); |
888 | conn_plain_read_cb(conn->plain_fd, conn); | |
889 | return; | |
890 | ||
891 | } | |
892 | #endif | |
893 | ||
8d99443b VY |
894 | static void |
895 | ssl_new_keys(mod_ctl_t * ctl, mod_ctl_buf_t * ctl_buf) | |
896 | { | |
897 | char *buf; | |
c1725bda | 898 | char *cert, *key, *dhparam, *cipher_list; |
8d99443b | 899 | |
85e9bf41 | 900 | buf = (char *) &ctl_buf->buf[2]; |
8d99443b VY |
901 | cert = buf; |
902 | buf += strlen(cert) + 1; | |
903 | key = buf; | |
904 | buf += strlen(key) + 1; | |
905 | dhparam = buf; | |
c1725bda AC |
906 | buf += strlen(dhparam) + 1; |
907 | cipher_list = buf; | |
f5960b83 AJ |
908 | if(strlen(key) == 0) |
909 | key = cert; | |
f831e926 AJ |
910 | if(strlen(dhparam) == 0) |
911 | dhparam = NULL; | |
c1725bda AC |
912 | if(strlen(cipher_list) == 0) |
913 | cipher_list = NULL; | |
8d99443b | 914 | |
c1725bda | 915 | if(!rb_setup_ssl_server(cert, key, dhparam, cipher_list)) |
8d99443b VY |
916 | { |
917 | const char *invalid = "I"; | |
918 | mod_cmd_write_queue(ctl, invalid, strlen(invalid)); | |
919 | return; | |
3202e249 | 920 | } |
8d99443b VY |
921 | } |
922 | ||
923 | static void | |
3202e249 | 924 | send_nossl_support(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) |
8d99443b VY |
925 | { |
926 | static const char *nossl_cmd = "N"; | |
927 | conn_t *conn; | |
408a29c6 | 928 | uint32_t id; |
8d99443b VY |
929 | |
930 | if(ctlb != NULL) | |
3202e249 | 931 | { |
8d99443b | 932 | conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]); |
408a29c6 AC |
933 | id = buf_to_uint32(&ctlb->buf[1]); |
934 | conn_add_id_hash(conn, id); | |
8d99443b | 935 | close_conn(conn, WAIT_PLAIN, "libratbox reports no SSL/TLS support"); |
3202e249 VY |
936 | } |
937 | mod_cmd_write_queue(ctl, nossl_cmd, strlen(nossl_cmd)); | |
8d99443b VY |
938 | } |
939 | ||
940 | static void | |
3202e249 | 941 | send_i_am_useless(mod_ctl_t * ctl) |
8d99443b VY |
942 | { |
943 | static const char *useless = "U"; | |
944 | mod_cmd_write_queue(ctl, useless, strlen(useless)); | |
945 | } | |
946 | ||
e9ffc3c1 SA |
947 | static void |
948 | send_version(mod_ctl_t * ctl) | |
949 | { | |
950 | char version[256] = { 'V', 0 }; | |
951 | strncpy(&version[1], rb_lib_version(), sizeof(version) - 2); | |
952 | mod_cmd_write_queue(ctl, version, strlen(version)); | |
953 | } | |
954 | ||
8d99443b | 955 | static void |
3202e249 | 956 | send_nozlib_support(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) |
8d99443b VY |
957 | { |
958 | static const char *nozlib_cmd = "z"; | |
959 | conn_t *conn; | |
408a29c6 | 960 | uint32_t id; |
8d99443b VY |
961 | if(ctlb != NULL) |
962 | { | |
963 | conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]); | |
408a29c6 AC |
964 | id = buf_to_uint32(&ctlb->buf[1]); |
965 | conn_add_id_hash(conn, id); | |
8d99443b | 966 | close_conn(conn, WAIT_PLAIN, "libratbox reports no zlib support"); |
3202e249 | 967 | } |
8d99443b VY |
968 | mod_cmd_write_queue(ctl, nozlib_cmd, strlen(nozlib_cmd)); |
969 | } | |
970 | ||
971 | static void | |
972 | mod_process_cmd_recv(mod_ctl_t * ctl) | |
973 | { | |
974 | rb_dlink_node *ptr, *next; | |
975 | mod_ctl_buf_t *ctl_buf; | |
976 | ||
977 | RB_DLINK_FOREACH_SAFE(ptr, next, ctl->readq.head) | |
978 | { | |
979 | ctl_buf = ptr->data; | |
980 | ||
981 | switch (*ctl_buf->buf) | |
982 | { | |
983 | case 'A': | |
984 | { | |
c03677e9 JT |
985 | if (ctl_buf->nfds != 2 || ctl_buf->buflen != 5) |
986 | { | |
987 | cleanup_bad_message(ctl, ctl_buf); | |
988 | break; | |
989 | } | |
990 | ||
d35870ee | 991 | if(!ssld_ssl_ok) |
8d99443b VY |
992 | { |
993 | send_nossl_support(ctl, ctl_buf); | |
994 | break; | |
995 | } | |
996 | ssl_process_accept(ctl, ctl_buf); | |
997 | break; | |
998 | } | |
999 | case 'C': | |
1000 | { | |
9e98a842 | 1001 | if (ctl_buf->buflen != 5) |
c03677e9 JT |
1002 | { |
1003 | cleanup_bad_message(ctl, ctl_buf); | |
1004 | break; | |
1005 | } | |
1006 | ||
d35870ee | 1007 | if(!ssld_ssl_ok) |
8d99443b VY |
1008 | { |
1009 | send_nossl_support(ctl, ctl_buf); | |
1010 | break; | |
1011 | } | |
1012 | ssl_process_connect(ctl, ctl_buf); | |
1013 | break; | |
1014 | } | |
e6bbb410 EM |
1015 | case 'F': |
1016 | { | |
5a9fa2e2 | 1017 | if (ctl_buf->buflen != 5) |
e6bbb410 EM |
1018 | { |
1019 | cleanup_bad_message(ctl, ctl_buf); | |
1020 | break; | |
1021 | } | |
1022 | ssl_change_certfp_method(ctl, ctl_buf); | |
1023 | break; | |
1024 | } | |
8d99443b VY |
1025 | case 'K': |
1026 | { | |
d35870ee | 1027 | if(!ssld_ssl_ok) |
8d99443b VY |
1028 | { |
1029 | send_nossl_support(ctl, ctl_buf); | |
1030 | break; | |
1031 | } | |
1032 | ssl_new_keys(ctl, ctl_buf); | |
1033 | break; | |
1034 | } | |
8d99443b VY |
1035 | case 'S': |
1036 | { | |
1037 | process_stats(ctl, ctl_buf); | |
1038 | break; | |
1039 | } | |
07c2bb75 | 1040 | |
8d99443b VY |
1041 | #ifdef HAVE_LIBZ |
1042 | case 'Z': | |
1043 | { | |
c03677e9 JT |
1044 | if (ctl_buf->nfds != 2 || ctl_buf->buflen < 6) |
1045 | { | |
1046 | cleanup_bad_message(ctl, ctl_buf); | |
1047 | break; | |
1048 | } | |
1049 | ||
8d99443b VY |
1050 | /* just zlib only */ |
1051 | zlib_process(ctl, ctl_buf); | |
1052 | break; | |
1053 | } | |
1054 | #else | |
55abcbb2 | 1055 | |
8d99443b | 1056 | case 'Z': |
21192997 | 1057 | send_nozlib_support(ctl, ctl_buf); |
8d99443b | 1058 | break; |
3202e249 | 1059 | |
8d99443b VY |
1060 | #endif |
1061 | default: | |
1062 | break; | |
1063 | /* Log unknown commands */ | |
1064 | } | |
1065 | rb_dlinkDelete(ptr, &ctl->readq); | |
1066 | rb_free(ctl_buf->buf); | |
1067 | rb_free(ctl_buf); | |
1068 | } | |
1069 | ||
1070 | } | |
1071 | ||
1072 | ||
1073 | ||
1074 | static void | |
3202e249 | 1075 | mod_read_ctl(rb_fde_t *F, void *data) |
8d99443b VY |
1076 | { |
1077 | mod_ctl_buf_t *ctl_buf; | |
1078 | mod_ctl_t *ctl = data; | |
1079 | int retlen; | |
c03677e9 | 1080 | int i; |
8d99443b VY |
1081 | |
1082 | do | |
1083 | { | |
1084 | ctl_buf = rb_malloc(sizeof(mod_ctl_buf_t)); | |
1085 | ctl_buf->buf = rb_malloc(READBUF_SIZE); | |
1086 | ctl_buf->buflen = READBUF_SIZE; | |
1087 | retlen = rb_recv_fd_buf(ctl->F, ctl_buf->buf, ctl_buf->buflen, ctl_buf->F, | |
1088 | MAXPASSFD); | |
1089 | if(retlen <= 0) | |
1090 | { | |
1091 | rb_free(ctl_buf->buf); | |
1092 | rb_free(ctl_buf); | |
1093 | } | |
1094 | else | |
1095 | { | |
1096 | ctl_buf->buflen = retlen; | |
1097 | rb_dlinkAddTail(ctl_buf, &ctl_buf->node, &ctl->readq); | |
c03677e9 JT |
1098 | for (i = 0; i < MAXPASSFD && ctl_buf->F[i] != NULL; i++) |
1099 | ; | |
1100 | ctl_buf->nfds = i; | |
8d99443b VY |
1101 | } |
1102 | } | |
3202e249 | 1103 | while(retlen > 0); |
8d99443b VY |
1104 | |
1105 | if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno))) | |
1106 | exit(0); | |
1107 | ||
1108 | mod_process_cmd_recv(ctl); | |
1109 | rb_setselect(ctl->F, RB_SELECT_READ, mod_read_ctl, ctl); | |
1110 | } | |
1111 | ||
1112 | static void | |
3202e249 | 1113 | mod_write_ctl(rb_fde_t *F, void *data) |
8d99443b VY |
1114 | { |
1115 | mod_ctl_t *ctl = data; | |
1116 | mod_ctl_buf_t *ctl_buf; | |
1117 | rb_dlink_node *ptr, *next; | |
1118 | int retlen, x; | |
1119 | ||
1120 | RB_DLINK_FOREACH_SAFE(ptr, next, ctl->writeq.head) | |
1121 | { | |
1122 | ctl_buf = ptr->data; | |
1123 | retlen = rb_send_fd_buf(ctl->F, ctl_buf->F, ctl_buf->nfds, ctl_buf->buf, | |
3202e249 | 1124 | ctl_buf->buflen, ppid); |
8d99443b VY |
1125 | if(retlen > 0) |
1126 | { | |
1127 | rb_dlinkDelete(ptr, &ctl->writeq); | |
3202e249 | 1128 | for(x = 0; x < ctl_buf->nfds; x++) |
8d99443b VY |
1129 | rb_close(ctl_buf->F[x]); |
1130 | rb_free(ctl_buf->buf); | |
1131 | rb_free(ctl_buf); | |
1132 | ||
1133 | } | |
1134 | if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno))) | |
3202e249 VY |
1135 | exit(0); |
1136 | ||
8d99443b | 1137 | } |
464b7606 JT |
1138 | if(rb_dlink_list_length(&ctl->writeq) > 0) |
1139 | rb_setselect(ctl->F, RB_SELECT_WRITE, mod_write_ctl, ctl); | |
8d99443b VY |
1140 | } |
1141 | ||
1142 | ||
1143 | static void | |
3202e249 | 1144 | read_pipe_ctl(rb_fde_t *F, void *data) |
8d99443b | 1145 | { |
6cd1aca7 | 1146 | char inbuf[READBUF_SIZE]; |
8d99443b | 1147 | int retlen; |
3202e249 | 1148 | while((retlen = rb_read(F, inbuf, sizeof(inbuf))) > 0) |
8d99443b VY |
1149 | { |
1150 | ;; /* we don't do anything with the pipe really, just care if the other process dies.. */ | |
1151 | } | |
1152 | if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno))) | |
1153 | exit(0); | |
1154 | rb_setselect(F, RB_SELECT_READ, read_pipe_ctl, NULL); | |
1155 | ||
1156 | } | |
1157 | ||
1158 | int | |
1159 | main(int argc, char **argv) | |
1160 | { | |
3202e249 | 1161 | const char *s_ctlfd, *s_pipe, *s_pid; |
8d99443b VY |
1162 | int ctlfd, pipefd, x, maxfd; |
1163 | maxfd = maxconn(); | |
3202e249 | 1164 | |
8d99443b VY |
1165 | s_ctlfd = getenv("CTL_FD"); |
1166 | s_pipe = getenv("CTL_PIPE"); | |
3202e249 | 1167 | s_pid = getenv("CTL_PPID"); |
8d99443b | 1168 | |
3202e249 | 1169 | if(s_ctlfd == NULL || s_pipe == NULL || s_pid == NULL) |
8d99443b | 1170 | { |
3202e249 | 1171 | fprintf(stderr, |
4dbb75ee | 1172 | "This is the charybdis ssld for internal ircd use.\n"); |
3202e249 | 1173 | fprintf(stderr, |
4dbb75ee | 1174 | "You aren't supposed to run me directly. Exiting.\n"); |
8d99443b VY |
1175 | exit(1); |
1176 | } | |
1177 | ||
1178 | ctlfd = atoi(s_ctlfd); | |
1179 | pipefd = atoi(s_pipe); | |
3202e249 VY |
1180 | ppid = atoi(s_pid); |
1181 | x = 0; | |
1182 | #ifndef _WIN32 | |
1183 | for(x = 0; x < maxfd; x++) | |
8d99443b VY |
1184 | { |
1185 | if(x != ctlfd && x != pipefd && x > 2) | |
1186 | close(x); | |
1187 | } | |
8d99443b | 1188 | x = open("/dev/null", O_RDWR); |
464b7606 | 1189 | |
8d99443b VY |
1190 | if(x >= 0) |
1191 | { | |
1192 | if(ctlfd != 0 && pipefd != 0) | |
1193 | dup2(x, 0); | |
1194 | if(ctlfd != 1 && pipefd != 1) | |
1195 | dup2(x, 1); | |
1196 | if(ctlfd != 2 && pipefd != 2) | |
1197 | dup2(x, 2); | |
1198 | if(x > 2) | |
1199 | close(x); | |
1200 | } | |
3202e249 | 1201 | #endif |
8d99443b VY |
1202 | setup_signals(); |
1203 | rb_lib_init(NULL, NULL, NULL, 0, maxfd, 1024, 4096); | |
1204 | rb_init_rawbuffers(1024); | |
19d1853f | 1205 | rb_init_prng(NULL, RB_PRNG_DEFAULT); |
d35870ee | 1206 | ssld_ssl_ok = rb_supports_ssl(); |
8d99443b VY |
1207 | mod_ctl = rb_malloc(sizeof(mod_ctl_t)); |
1208 | mod_ctl->F = rb_open(ctlfd, RB_FD_SOCKET, "ircd control socket"); | |
1209 | mod_ctl->F_pipe = rb_open(pipefd, RB_FD_PIPE, "ircd pipe"); | |
1210 | rb_set_nb(mod_ctl->F); | |
1211 | rb_set_nb(mod_ctl->F_pipe); | |
1212 | rb_event_addish("clean_dead_conns", clean_dead_conns, NULL, 10); | |
4b6a4d47 | 1213 | rb_event_add("check_handshake_flood", check_handshake_flood, NULL, 10); |
8d99443b VY |
1214 | read_pipe_ctl(mod_ctl->F_pipe, NULL); |
1215 | mod_read_ctl(mod_ctl->F, mod_ctl); | |
e9ffc3c1 | 1216 | send_version(mod_ctl); |
d35870ee | 1217 | if(!zlib_ok && !ssld_ssl_ok) |
8d99443b VY |
1218 | { |
1219 | /* this is really useless... */ | |
1220 | send_i_am_useless(mod_ctl); | |
1221 | /* sleep until the ircd kills us */ | |
1187d611 | 1222 | rb_sleep(1 << 30, 0); |
8d99443b VY |
1223 | exit(1); |
1224 | } | |
1225 | ||
1226 | if(!zlib_ok) | |
1227 | send_nozlib_support(mod_ctl, NULL); | |
d35870ee | 1228 | if(!ssld_ssl_ok) |
8d99443b VY |
1229 | send_nossl_support(mod_ctl, NULL); |
1230 | rb_lib_loop(0); | |
1231 | return 0; | |
1232 | } | |
1233 | ||
1234 | ||
3202e249 | 1235 | #ifndef _WIN32 |
8d99443b VY |
1236 | static void |
1237 | dummy_handler(int sig) | |
1238 | { | |
1239 | return; | |
1240 | } | |
3202e249 | 1241 | #endif |
8d99443b VY |
1242 | |
1243 | static void | |
1244 | setup_signals() | |
1245 | { | |
3202e249 | 1246 | #ifndef _WIN32 |
8d99443b VY |
1247 | struct sigaction act; |
1248 | ||
1249 | act.sa_flags = 0; | |
1250 | act.sa_handler = SIG_IGN; | |
1251 | sigemptyset(&act.sa_mask); | |
1252 | sigaddset(&act.sa_mask, SIGPIPE); | |
1253 | sigaddset(&act.sa_mask, SIGALRM); | |
1254 | #ifdef SIGTRAP | |
1255 | sigaddset(&act.sa_mask, SIGTRAP); | |
1256 | #endif | |
1257 | ||
1258 | #ifdef SIGWINCH | |
1259 | sigaddset(&act.sa_mask, SIGWINCH); | |
1260 | sigaction(SIGWINCH, &act, 0); | |
1261 | #endif | |
1262 | sigaction(SIGPIPE, &act, 0); | |
1263 | #ifdef SIGTRAP | |
1264 | sigaction(SIGTRAP, &act, 0); | |
1265 | #endif | |
1266 | ||
1267 | act.sa_handler = dummy_handler; | |
1268 | sigaction(SIGALRM, &act, 0); | |
3202e249 | 1269 | #endif |
8d99443b | 1270 | } |