]>
Commit | Line | Data |
---|---|---|
8d99443b VY |
1 | /* |
2 | * ssld.c: The ircd-ratbox ssl/zlib helper daemon thingy | |
3 | * Copyright (C) 2007 Aaron Sethman <androsyn@ratbox.org> | |
4 | * Copyright (C) 2007 ircd-ratbox development team | |
5 | * | |
6 | * This program is free software; you can redistribute it and/or modify | |
7 | * it under the terms of the GNU General Public License as published by | |
8 | * the Free Software Foundation; either version 2 of the License, or | |
9 | * (at your option) any later version. | |
10 | * | |
11 | * This program is distributed in the hope that it will be useful, | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
14 | * GNU General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU General Public License | |
17 | * along with this program; if not, write to the Free Software | |
18 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 | |
19 | * USA | |
20 | * | |
3202e249 | 21 | * $Id$ |
8d99443b VY |
22 | */ |
23 | ||
24 | ||
25 | #include "stdinc.h" | |
26 | ||
27 | #ifdef HAVE_LIBZ | |
28 | #include <zlib.h> | |
29 | #endif | |
30 | ||
31 | #define MAXPASSFD 4 | |
32 | #ifndef READBUF_SIZE | |
33 | #define READBUF_SIZE 16384 | |
34 | #endif | |
35 | ||
36 | static void setup_signals(void); | |
3202e249 | 37 | static pid_t ppid; |
8d99443b | 38 | |
408a29c6 AC |
39 | static inline uint32_t |
40 | buf_to_uint32(uint8_t *buf) | |
8d99443b | 41 | { |
408a29c6 | 42 | uint32_t x; |
4b6a4d47 | 43 | memcpy(&x, buf, sizeof(x)); |
8d99443b VY |
44 | return x; |
45 | } | |
46 | ||
3202e249 | 47 | static inline void |
408a29c6 | 48 | uint32_to_buf(uint8_t *buf, uint32_t x) |
8d99443b | 49 | { |
4b6a4d47 | 50 | memcpy(buf, &x, sizeof(x)); |
8d99443b VY |
51 | return; |
52 | } | |
53 | ||
8d99443b | 54 | static char inbuf[READBUF_SIZE]; |
4b6a4d47 | 55 | #ifdef HAVE_LIBZ |
8d99443b | 56 | static char outbuf[READBUF_SIZE]; |
4b6a4d47 | 57 | #endif |
8d99443b VY |
58 | |
59 | typedef struct _mod_ctl_buf | |
60 | { | |
61 | rb_dlink_node node; | |
85e9bf41 | 62 | uint8_t *buf; |
8d99443b VY |
63 | size_t buflen; |
64 | rb_fde_t *F[MAXPASSFD]; | |
65 | int nfds; | |
66 | } mod_ctl_buf_t; | |
67 | ||
68 | typedef struct _mod_ctl | |
69 | { | |
70 | rb_dlink_node node; | |
71 | int cli_count; | |
72 | rb_fde_t *F; | |
73 | rb_fde_t *F_pipe; | |
74 | rb_dlink_list readq; | |
75 | rb_dlink_list writeq; | |
76 | } mod_ctl_t; | |
77 | ||
78 | static mod_ctl_t *mod_ctl; | |
79 | ||
80 | ||
81 | #ifdef HAVE_LIBZ | |
82 | typedef struct _zlib_stream | |
83 | { | |
84 | z_stream instream; | |
85 | z_stream outstream; | |
86 | } zlib_stream_t; | |
87 | #endif | |
88 | ||
89 | typedef struct _conn | |
90 | { | |
91 | rb_dlink_node node; | |
92 | mod_ctl_t *ctl; | |
93 | rawbuf_head_t *modbuf_out; | |
94 | rawbuf_head_t *plainbuf_out; | |
95 | ||
408a29c6 | 96 | uint32_t id; |
8d99443b VY |
97 | |
98 | rb_fde_t *mod_fd; | |
99 | rb_fde_t *plain_fd; | |
100 | unsigned long long mod_out; | |
101 | unsigned long long mod_in; | |
102 | unsigned long long plain_in; | |
103 | unsigned long long plain_out; | |
7edb4f16 | 104 | uint8_t flags; |
8d99443b VY |
105 | void *stream; |
106 | } conn_t; | |
107 | ||
108 | #define FLAG_SSL 0x01 | |
109 | #define FLAG_ZIP 0x02 | |
110 | #define FLAG_CORK 0x04 | |
111 | #define FLAG_DEAD 0x08 | |
3202e249 VY |
112 | #define FLAG_SSL_W_WANTS_R 0x10 /* output needs to wait until input possible */ |
113 | #define FLAG_SSL_R_WANTS_W 0x20 /* input needs to wait until output possible */ | |
07c2bb75 | 114 | #define FLAG_ZIPSSL 0x40 |
8d99443b VY |
115 | |
116 | #define IsSSL(x) ((x)->flags & FLAG_SSL) | |
117 | #define IsZip(x) ((x)->flags & FLAG_ZIP) | |
118 | #define IsCork(x) ((x)->flags & FLAG_CORK) | |
119 | #define IsDead(x) ((x)->flags & FLAG_DEAD) | |
73d6283c VY |
120 | #define IsSSLWWantsR(x) ((x)->flags & FLAG_SSL_W_WANTS_R) |
121 | #define IsSSLRWantsW(x) ((x)->flags & FLAG_SSL_R_WANTS_W) | |
07c2bb75 | 122 | #define IsZipSSL(x) ((x)->flags & FLAG_ZIPSSL) |
8d99443b VY |
123 | |
124 | #define SetSSL(x) ((x)->flags |= FLAG_SSL) | |
125 | #define SetZip(x) ((x)->flags |= FLAG_ZIP) | |
126 | #define SetCork(x) ((x)->flags |= FLAG_CORK) | |
127 | #define SetDead(x) ((x)->flags |= FLAG_DEAD) | |
73d6283c VY |
128 | #define SetSSLWWantsR(x) ((x)->flags |= FLAG_SSL_W_WANTS_R) |
129 | #define SetSSLRWantsW(x) ((x)->flags |= FLAG_SSL_R_WANTS_W) | |
07c2bb75 | 130 | #define SetZipSSL(x) ((x)->flags |= FLAG_ZIPSSL) |
8d99443b VY |
131 | |
132 | #define ClearSSL(x) ((x)->flags &= ~FLAG_SSL) | |
133 | #define ClearZip(x) ((x)->flags &= ~FLAG_ZIP) | |
134 | #define ClearCork(x) ((x)->flags &= ~FLAG_CORK) | |
135 | #define ClearDead(x) ((x)->flags &= ~FLAG_DEAD) | |
73d6283c VY |
136 | #define ClearSSLWWantsR(x) ((x)->flags &= ~FLAG_SSL_W_WANTS_R) |
137 | #define ClearSSLRWantsW(x) ((x)->flags &= ~FLAG_SSL_R_WANTS_W) | |
07c2bb75 | 138 | #define ClearZipSSL(x) ((x)->flags &= ~FLAG_ZIPSSL) |
8d99443b VY |
139 | |
140 | #define NO_WAIT 0x0 | |
141 | #define WAIT_PLAIN 0x1 | |
142 | ||
4b6a4d47 VY |
143 | #define HASH_WALK_SAFE(i, max, ptr, next, table) for(i = 0; i < max; i++) { RB_DLINK_FOREACH_SAFE(ptr, next, table[i].head) |
144 | #define HASH_WALK_END } | |
8d99443b VY |
145 | #define CONN_HASH_SIZE 2000 |
146 | #define connid_hash(x) (&connid_hash_table[(x % CONN_HASH_SIZE)]) | |
147 | ||
4b6a4d47 VY |
148 | |
149 | ||
8d99443b VY |
150 | static rb_dlink_list connid_hash_table[CONN_HASH_SIZE]; |
151 | static rb_dlink_list dead_list; | |
152 | ||
3202e249 | 153 | static void conn_mod_read_cb(rb_fde_t *fd, void *data); |
8d99443b VY |
154 | static void conn_mod_write_sendq(rb_fde_t *, void *data); |
155 | static void conn_plain_write_sendq(rb_fde_t *, void *data); | |
156 | static void mod_write_ctl(rb_fde_t *, void *data); | |
3202e249 | 157 | static void conn_plain_read_cb(rb_fde_t *fd, void *data); |
e99f6122 | 158 | static void conn_plain_read_shutdown_cb(rb_fde_t *fd, void *data); |
3202e249 | 159 | static void mod_cmd_write_queue(mod_ctl_t * ctl, const void *data, size_t len); |
8d99443b VY |
160 | static const char *remote_closed = "Remote host closed the connection"; |
161 | static int ssl_ok; | |
e6bbb410 | 162 | static int certfp_method = RB_SSL_CERTFP_METH_SHA1; |
8d99443b VY |
163 | #ifdef HAVE_LIBZ |
164 | static int zlib_ok = 1; | |
165 | #else | |
166 | static int zlib_ok = 0; | |
167 | #endif | |
4b6a4d47 VY |
168 | |
169 | ||
170 | #ifdef HAVE_LIBZ | |
8d99443b VY |
171 | static void * |
172 | ssld_alloc(void *unused, size_t count, size_t size) | |
173 | { | |
174 | return rb_malloc(count * size); | |
175 | } | |
176 | ||
177 | static void | |
178 | ssld_free(void *unused, void *ptr) | |
179 | { | |
3202e249 | 180 | rb_free(ptr); |
8d99443b | 181 | } |
4b6a4d47 | 182 | #endif |
8d99443b VY |
183 | |
184 | static conn_t * | |
408a29c6 | 185 | conn_find_by_id(uint32_t id) |
8d99443b VY |
186 | { |
187 | rb_dlink_node *ptr; | |
188 | conn_t *conn; | |
189 | ||
190 | RB_DLINK_FOREACH(ptr, (connid_hash(id))->head) | |
191 | { | |
192 | conn = ptr->data; | |
193 | if(conn->id == id && !IsDead(conn)) | |
194 | return conn; | |
195 | } | |
196 | return NULL; | |
197 | } | |
198 | ||
199 | static void | |
408a29c6 | 200 | conn_add_id_hash(conn_t * conn, uint32_t id) |
8d99443b VY |
201 | { |
202 | conn->id = id; | |
203 | rb_dlinkAdd(conn, &conn->node, connid_hash(id)); | |
204 | } | |
205 | ||
206 | static void | |
207 | free_conn(conn_t * conn) | |
208 | { | |
209 | rb_free_rawbuffer(conn->modbuf_out); | |
210 | rb_free_rawbuffer(conn->plainbuf_out); | |
4b6a4d47 | 211 | #ifdef HAVE_LIBZ |
8d99443b VY |
212 | if(IsZip(conn)) |
213 | { | |
214 | zlib_stream_t *stream = conn->stream; | |
215 | inflateEnd(&stream->instream); | |
3202e249 | 216 | deflateEnd(&stream->outstream); |
8d99443b | 217 | } |
4b6a4d47 | 218 | #endif |
8d99443b VY |
219 | rb_free(conn); |
220 | } | |
221 | ||
222 | static void | |
223 | clean_dead_conns(void *unused) | |
224 | { | |
225 | conn_t *conn; | |
226 | rb_dlink_node *ptr, *next; | |
227 | RB_DLINK_FOREACH_SAFE(ptr, next, dead_list.head) | |
228 | { | |
229 | conn = ptr->data; | |
230 | free_conn(conn); | |
231 | } | |
232 | dead_list.tail = dead_list.head = NULL; | |
233 | } | |
234 | ||
235 | ||
236 | static void | |
237 | close_conn(conn_t * conn, int wait_plain, const char *fmt, ...) | |
238 | { | |
239 | va_list ap; | |
3202e249 | 240 | char reason[128]; /* must always be under 250 bytes */ |
85e9bf41 | 241 | uint8_t buf[256]; |
8d99443b VY |
242 | int len; |
243 | if(IsDead(conn)) | |
244 | return; | |
3202e249 | 245 | |
8d99443b VY |
246 | rb_rawbuf_flush(conn->modbuf_out, conn->mod_fd); |
247 | rb_rawbuf_flush(conn->plainbuf_out, conn->plain_fd); | |
248 | rb_close(conn->mod_fd); | |
249 | SetDead(conn); | |
250 | ||
408a29c6 | 251 | if(!IsZipSSL(conn)) |
e99f6122 JT |
252 | rb_dlinkDelete(&conn->node, connid_hash(conn->id)); |
253 | ||
8d99443b VY |
254 | if(!wait_plain || fmt == NULL) |
255 | { | |
256 | rb_close(conn->plain_fd); | |
8d99443b VY |
257 | rb_dlinkAdd(conn, &conn->node, &dead_list); |
258 | return; | |
259 | } | |
e99f6122 JT |
260 | rb_setselect(conn->plain_fd, RB_SELECT_READ, conn_plain_read_shutdown_cb, conn); |
261 | rb_setselect(conn->plain_fd, RB_SELECT_WRITE, NULL, NULL); | |
8d99443b VY |
262 | va_start(ap, fmt); |
263 | rb_vsnprintf(reason, sizeof(reason), fmt, ap); | |
264 | va_end(ap); | |
265 | ||
266 | buf[0] = 'D'; | |
408a29c6 | 267 | uint32_to_buf(&buf[1], conn->id); |
85e9bf41 | 268 | rb_strlcpy((char *) &buf[5], reason, sizeof(buf) - 5); |
8d99443b VY |
269 | len = (strlen(reason) + 1) + 5; |
270 | mod_cmd_write_queue(conn->ctl, buf, len); | |
271 | } | |
272 | ||
273 | static conn_t * | |
3202e249 | 274 | make_conn(mod_ctl_t * ctl, rb_fde_t *mod_fd, rb_fde_t *plain_fd) |
8d99443b VY |
275 | { |
276 | conn_t *conn = rb_malloc(sizeof(conn_t)); | |
277 | conn->ctl = ctl; | |
278 | conn->modbuf_out = rb_new_rawbuffer(); | |
279 | conn->plainbuf_out = rb_new_rawbuffer(); | |
280 | conn->mod_fd = mod_fd; | |
281 | conn->plain_fd = plain_fd; | |
282 | conn->id = -1; | |
283 | conn->stream = NULL; | |
284 | rb_set_nb(mod_fd); | |
285 | rb_set_nb(plain_fd); | |
286 | return conn; | |
287 | } | |
288 | ||
4b6a4d47 VY |
289 | static void |
290 | check_handshake_flood(void *unused) | |
291 | { | |
292 | conn_t *conn; | |
293 | rb_dlink_node *ptr, *next; | |
294 | unsigned int count; | |
295 | int i; | |
296 | HASH_WALK_SAFE(i, CONN_HASH_SIZE, ptr, next, connid_hash_table) | |
297 | { | |
298 | conn = ptr->data; | |
299 | if(!IsSSL(conn)) | |
300 | continue; | |
3202e249 | 301 | |
4b6a4d47 VY |
302 | count = rb_ssl_handshake_count(conn->mod_fd); |
303 | /* nothing needs to do this more than twice in ten seconds i don't think */ | |
304 | if(count > 2) | |
305 | close_conn(conn, WAIT_PLAIN, "Handshake flooding"); | |
306 | else | |
307 | rb_ssl_clear_handshake_count(conn->mod_fd); | |
3202e249 VY |
308 | } |
309 | HASH_WALK_END} | |
4b6a4d47 | 310 | |
8d99443b | 311 | static void |
3202e249 | 312 | conn_mod_write_sendq(rb_fde_t *fd, void *data) |
8d99443b VY |
313 | { |
314 | conn_t *conn = data; | |
315 | const char *err; | |
316 | int retlen; | |
317 | if(IsDead(conn)) | |
318 | return; | |
319 | ||
73d6283c VY |
320 | if(IsSSLWWantsR(conn)) |
321 | { | |
322 | ClearSSLWWantsR(conn); | |
323 | conn_mod_read_cb(conn->mod_fd, conn); | |
324 | if(IsDead(conn)) | |
325 | return; | |
326 | } | |
327 | ||
3202e249 | 328 | while((retlen = rb_rawbuf_flush(conn->modbuf_out, fd)) > 0) |
8d99443b VY |
329 | conn->mod_out += retlen; |
330 | ||
331 | if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno))) | |
332 | { | |
333 | if(retlen == 0) | |
334 | close_conn(conn, WAIT_PLAIN, "%s", remote_closed); | |
335 | if(IsSSL(conn) && retlen == RB_RW_SSL_ERROR) | |
336 | err = rb_get_ssl_strerror(conn->mod_fd); | |
337 | else | |
338 | err = strerror(errno); | |
339 | close_conn(conn, WAIT_PLAIN, "Write error: %s", err); | |
340 | return; | |
341 | } | |
342 | if(rb_rawbuf_length(conn->modbuf_out) > 0) | |
343 | { | |
73d6283c VY |
344 | if(retlen != RB_RW_SSL_NEED_READ) |
345 | rb_setselect(conn->mod_fd, RB_SELECT_WRITE, conn_mod_write_sendq, conn); | |
346 | else | |
347 | { | |
348 | rb_setselect(conn->mod_fd, RB_SELECT_READ, conn_mod_write_sendq, conn); | |
349 | rb_setselect(conn->mod_fd, RB_SELECT_WRITE, NULL, NULL); | |
350 | SetSSLWWantsR(conn); | |
351 | } | |
8d99443b VY |
352 | } |
353 | else | |
354 | rb_setselect(conn->mod_fd, RB_SELECT_WRITE, NULL, NULL); | |
355 | ||
356 | if(IsCork(conn) && rb_rawbuf_length(conn->modbuf_out) == 0) | |
357 | { | |
358 | ClearCork(conn); | |
359 | conn_plain_read_cb(conn->plain_fd, conn); | |
360 | } | |
361 | ||
362 | } | |
363 | ||
364 | static void | |
365 | conn_mod_write(conn_t * conn, void *data, size_t len) | |
366 | { | |
367 | if(IsDead(conn)) /* no point in queueing to a dead man */ | |
368 | return; | |
369 | rb_rawbuf_append(conn->modbuf_out, data, len); | |
370 | } | |
371 | ||
372 | static void | |
373 | conn_plain_write(conn_t * conn, void *data, size_t len) | |
374 | { | |
375 | if(IsDead(conn)) /* again no point in queueing to dead men */ | |
376 | return; | |
377 | rb_rawbuf_append(conn->plainbuf_out, data, len); | |
378 | } | |
379 | ||
380 | static void | |
381 | mod_cmd_write_queue(mod_ctl_t * ctl, const void *data, size_t len) | |
382 | { | |
383 | mod_ctl_buf_t *ctl_buf; | |
384 | ctl_buf = rb_malloc(sizeof(mod_ctl_buf_t)); | |
385 | ctl_buf->buf = rb_malloc(len); | |
386 | ctl_buf->buflen = len; | |
387 | memcpy(ctl_buf->buf, data, len); | |
388 | ctl_buf->nfds = 0; | |
389 | rb_dlinkAddTail(ctl_buf, &ctl_buf->node, &ctl->writeq); | |
390 | mod_write_ctl(ctl->F, ctl); | |
391 | } | |
392 | ||
393 | #ifdef HAVE_LIBZ | |
394 | static void | |
395 | common_zlib_deflate(conn_t * conn, void *buf, size_t len) | |
396 | { | |
397 | int ret, have; | |
3202e249 | 398 | z_stream *outstream = &((zlib_stream_t *) conn->stream)->outstream; |
8d99443b VY |
399 | outstream->next_in = buf; |
400 | outstream->avail_in = len; | |
401 | outstream->next_out = (Bytef *) outbuf; | |
402 | outstream->avail_out = sizeof(outbuf); | |
403 | ||
404 | ret = deflate(outstream, Z_SYNC_FLUSH); | |
405 | if(ret != Z_OK) | |
406 | { | |
407 | /* deflate error */ | |
408 | close_conn(conn, WAIT_PLAIN, "Deflate failed: %s", zError(ret)); | |
409 | return; | |
410 | } | |
411 | if(outstream->avail_out == 0) | |
412 | { | |
413 | /* avail_out empty */ | |
414 | close_conn(conn, WAIT_PLAIN, "error compressing data, avail_out == 0"); | |
415 | return; | |
416 | } | |
417 | if(outstream->avail_in != 0) | |
418 | { | |
3202e249 | 419 | /* avail_in isn't empty... */ |
8d99443b VY |
420 | close_conn(conn, WAIT_PLAIN, "error compressing data, avail_in != 0"); |
421 | return; | |
422 | } | |
423 | have = sizeof(outbuf) - outstream->avail_out; | |
424 | conn_mod_write(conn, outbuf, have); | |
425 | } | |
426 | ||
427 | static void | |
428 | common_zlib_inflate(conn_t * conn, void *buf, size_t len) | |
429 | { | |
3202e249 VY |
430 | int ret, have = 0; |
431 | ((zlib_stream_t *) conn->stream)->instream.next_in = buf; | |
432 | ((zlib_stream_t *) conn->stream)->instream.avail_in = len; | |
433 | ((zlib_stream_t *) conn->stream)->instream.next_out = (Bytef *) outbuf; | |
434 | ((zlib_stream_t *) conn->stream)->instream.avail_out = sizeof(outbuf); | |
8d99443b | 435 | |
3202e249 | 436 | while(((zlib_stream_t *) conn->stream)->instream.avail_in) |
8d99443b | 437 | { |
3202e249 | 438 | ret = inflate(&((zlib_stream_t *) conn->stream)->instream, Z_NO_FLUSH); |
8d99443b VY |
439 | if(ret != Z_OK) |
440 | { | |
441 | if(!strncmp("ERROR ", buf, 6)) | |
442 | { | |
443 | close_conn(conn, WAIT_PLAIN, "Received uncompressed ERROR"); | |
444 | return; | |
445 | } | |
446 | close_conn(conn, WAIT_PLAIN, "Inflate failed: %s", zError(ret)); | |
447 | return; | |
448 | } | |
3202e249 | 449 | have = sizeof(outbuf) - ((zlib_stream_t *) conn->stream)->instream.avail_out; |
8d99443b | 450 | |
3202e249 | 451 | if(((zlib_stream_t *) conn->stream)->instream.avail_in) |
8d99443b VY |
452 | { |
453 | conn_plain_write(conn, outbuf, have); | |
454 | have = 0; | |
3202e249 VY |
455 | ((zlib_stream_t *) conn->stream)->instream.next_out = (Bytef *) outbuf; |
456 | ((zlib_stream_t *) conn->stream)->instream.avail_out = sizeof(outbuf); | |
8d99443b VY |
457 | } |
458 | } | |
459 | if(have == 0) | |
460 | return; | |
461 | ||
462 | conn_plain_write(conn, outbuf, have); | |
463 | } | |
464 | #endif | |
465 | ||
466 | static int | |
467 | plain_check_cork(conn_t * conn) | |
468 | { | |
469 | if(rb_rawbuf_length(conn->modbuf_out) >= 4096) | |
470 | { | |
55abcbb2 | 471 | /* if we have over 4k pending outbound, don't read until |
8d99443b VY |
472 | * we've cleared the queue */ |
473 | SetCork(conn); | |
474 | rb_setselect(conn->plain_fd, RB_SELECT_READ, NULL, NULL); | |
475 | /* try to write */ | |
476 | conn_mod_write_sendq(conn->mod_fd, conn); | |
477 | return 1; | |
478 | } | |
479 | return 0; | |
480 | } | |
481 | ||
482 | ||
483 | static void | |
3202e249 | 484 | conn_plain_read_cb(rb_fde_t *fd, void *data) |
8d99443b VY |
485 | { |
486 | conn_t *conn = data; | |
487 | int length = 0; | |
488 | if(conn == NULL) | |
489 | return; | |
490 | ||
491 | if(IsDead(conn)) | |
492 | return; | |
493 | ||
494 | if(plain_check_cork(conn)) | |
495 | return; | |
496 | ||
3202e249 | 497 | while(1) |
8d99443b VY |
498 | { |
499 | if(IsDead(conn)) | |
500 | return; | |
501 | ||
502 | length = rb_read(conn->plain_fd, inbuf, sizeof(inbuf)); | |
503 | ||
504 | if(length == 0 || (length < 0 && !rb_ignore_errno(errno))) | |
505 | { | |
506 | close_conn(conn, NO_WAIT, NULL); | |
507 | return; | |
508 | } | |
509 | ||
510 | if(length < 0) | |
511 | { | |
512 | rb_setselect(conn->plain_fd, RB_SELECT_READ, conn_plain_read_cb, conn); | |
513 | conn_mod_write_sendq(conn->mod_fd, conn); | |
514 | return; | |
515 | } | |
516 | conn->plain_in += length; | |
517 | ||
518 | #ifdef HAVE_LIBZ | |
519 | if(IsZip(conn)) | |
520 | common_zlib_deflate(conn, inbuf, length); | |
521 | else | |
522 | #endif | |
523 | conn_mod_write(conn, inbuf, length); | |
524 | if(IsDead(conn)) | |
525 | return; | |
526 | if(plain_check_cork(conn)) | |
527 | return; | |
528 | } | |
529 | } | |
530 | ||
e99f6122 JT |
531 | static void |
532 | conn_plain_read_shutdown_cb(rb_fde_t *fd, void *data) | |
533 | { | |
534 | conn_t *conn = data; | |
535 | int length = 0; | |
536 | ||
537 | if(conn == NULL) | |
538 | return; | |
539 | ||
540 | while(1) | |
541 | { | |
542 | length = rb_read(conn->plain_fd, inbuf, sizeof(inbuf)); | |
543 | ||
544 | if(length == 0 || (length < 0 && !rb_ignore_errno(errno))) | |
545 | { | |
546 | rb_close(conn->plain_fd); | |
547 | rb_dlinkAdd(conn, &conn->node, &dead_list); | |
548 | return; | |
549 | } | |
550 | ||
551 | if(length < 0) | |
552 | { | |
553 | rb_setselect(conn->plain_fd, RB_SELECT_READ, conn_plain_read_shutdown_cb, conn); | |
554 | return; | |
555 | } | |
556 | } | |
557 | } | |
558 | ||
8d99443b | 559 | static void |
3202e249 | 560 | conn_mod_read_cb(rb_fde_t *fd, void *data) |
8d99443b VY |
561 | { |
562 | conn_t *conn = data; | |
563 | const char *err = remote_closed; | |
564 | int length; | |
565 | if(conn == NULL) | |
566 | return; | |
567 | if(IsDead(conn)) | |
568 | return; | |
569 | ||
73d6283c VY |
570 | if(IsSSLRWantsW(conn)) |
571 | { | |
572 | ClearSSLRWantsW(conn); | |
573 | conn_mod_write_sendq(conn->mod_fd, conn); | |
574 | if(IsDead(conn)) | |
575 | return; | |
576 | } | |
577 | ||
3202e249 | 578 | while(1) |
8d99443b VY |
579 | { |
580 | if(IsDead(conn)) | |
581 | return; | |
582 | ||
583 | length = rb_read(conn->mod_fd, inbuf, sizeof(inbuf)); | |
584 | ||
585 | if(length == 0 || (length < 0 && !rb_ignore_errno(errno))) | |
586 | { | |
3202e249 VY |
587 | if(length == 0) |
588 | { | |
8d99443b VY |
589 | close_conn(conn, WAIT_PLAIN, "%s", remote_closed); |
590 | return; | |
591 | } | |
592 | ||
593 | if(IsSSL(conn) && length == RB_RW_SSL_ERROR) | |
594 | err = rb_get_ssl_strerror(conn->mod_fd); | |
595 | else | |
596 | err = strerror(errno); | |
597 | close_conn(conn, WAIT_PLAIN, "Read error: %s", err); | |
598 | return; | |
599 | } | |
600 | if(length < 0) | |
601 | { | |
73d6283c VY |
602 | if(length != RB_RW_SSL_NEED_WRITE) |
603 | rb_setselect(conn->mod_fd, RB_SELECT_READ, conn_mod_read_cb, conn); | |
604 | else | |
605 | { | |
606 | rb_setselect(conn->mod_fd, RB_SELECT_READ, NULL, NULL); | |
607 | rb_setselect(conn->mod_fd, RB_SELECT_WRITE, conn_mod_read_cb, conn); | |
608 | SetSSLRWantsW(conn); | |
609 | } | |
8d99443b VY |
610 | conn_plain_write_sendq(conn->plain_fd, conn); |
611 | return; | |
3202e249 | 612 | } |
8d99443b VY |
613 | conn->mod_in += length; |
614 | #ifdef HAVE_LIBZ | |
615 | if(IsZip(conn)) | |
616 | common_zlib_inflate(conn, inbuf, length); | |
617 | else | |
618 | #endif | |
619 | conn_plain_write(conn, inbuf, length); | |
620 | } | |
621 | } | |
622 | ||
623 | static void | |
3202e249 | 624 | conn_plain_write_sendq(rb_fde_t *fd, void *data) |
8d99443b VY |
625 | { |
626 | conn_t *conn = data; | |
627 | int retlen; | |
628 | ||
629 | if(IsDead(conn)) | |
630 | return; | |
631 | ||
3202e249 | 632 | while((retlen = rb_rawbuf_flush(conn->plainbuf_out, fd)) > 0) |
8d99443b VY |
633 | { |
634 | conn->plain_out += retlen; | |
635 | } | |
636 | if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno))) | |
637 | { | |
638 | close_conn(data, NO_WAIT, NULL); | |
639 | return; | |
640 | } | |
3202e249 | 641 | |
8d99443b VY |
642 | |
643 | if(rb_rawbuf_length(conn->plainbuf_out) > 0) | |
644 | rb_setselect(conn->plain_fd, RB_SELECT_WRITE, conn_plain_write_sendq, conn); | |
645 | else | |
646 | rb_setselect(conn->plain_fd, RB_SELECT_WRITE, NULL, NULL); | |
647 | } | |
648 | ||
649 | static int | |
650 | maxconn(void) | |
651 | { | |
652 | #if defined(RLIMIT_NOFILE) && defined(HAVE_SYS_RESOURCE_H) | |
653 | struct rlimit limit; | |
654 | ||
655 | if(!getrlimit(RLIMIT_NOFILE, &limit)) | |
656 | { | |
657 | return limit.rlim_cur; | |
658 | } | |
659 | #endif /* RLIMIT_FD_MAX */ | |
660 | return MAXCONNECTIONS; | |
661 | } | |
662 | ||
408a29c6 AC |
663 | static void |
664 | ssl_send_cipher(conn_t *conn) | |
665 | { | |
408a29c6 AC |
666 | size_t len; |
667 | char buf[512]; | |
668 | char cstring[256]; | |
669 | const char *p; | |
670 | if(!IsSSL(conn)) | |
671 | return; | |
672 | ||
673 | p = rb_ssl_get_cipher(conn->mod_fd); | |
674 | ||
675 | if(p == NULL) | |
676 | return; | |
677 | ||
678 | rb_strlcpy(cstring, p, sizeof(cstring)); | |
679 | ||
680 | buf[0] = 'C'; | |
681 | uint32_to_buf(&buf[1], conn->id); | |
682 | strcpy(&buf[5], cstring); | |
683 | len = (strlen(cstring) + 1) + 5; | |
684 | mod_cmd_write_queue(conn->ctl, buf, len); | |
408a29c6 AC |
685 | } |
686 | ||
687 | static void | |
688 | ssl_send_certfp(conn_t *conn) | |
689 | { | |
690 | uint8_t buf[9 + RB_SSL_CERTFP_LEN]; | |
691 | ||
692 | int len = rb_get_ssl_certfp(conn->mod_fd, &buf[9], certfp_method); | |
693 | if (!len) | |
694 | return; | |
695 | ||
696 | lrb_assert(len <= RB_SSL_CERTFP_LEN); | |
697 | buf[0] = 'F'; | |
698 | uint32_to_buf(&buf[1], conn->id); | |
699 | uint32_to_buf(&buf[5], len); | |
700 | mod_cmd_write_queue(conn->ctl, buf, 9 + len); | |
701 | } | |
702 | ||
8d99443b | 703 | static void |
3202e249 | 704 | ssl_process_accept_cb(rb_fde_t *F, int status, struct sockaddr *addr, rb_socklen_t len, void *data) |
8d99443b VY |
705 | { |
706 | conn_t *conn = data; | |
7247337a | 707 | |
8d99443b VY |
708 | if(status == RB_OK) |
709 | { | |
710 | conn_mod_read_cb(conn->mod_fd, conn); | |
711 | conn_plain_read_cb(conn->plain_fd, conn); | |
408a29c6 AC |
712 | ssl_send_cipher(conn); |
713 | ssl_send_certfp(conn); | |
8d99443b VY |
714 | return; |
715 | } | |
a444bb78 | 716 | /* ircd doesn't care about the reason for this */ |
8d99443b VY |
717 | close_conn(conn, NO_WAIT, 0); |
718 | return; | |
719 | } | |
720 | ||
721 | static void | |
3202e249 | 722 | ssl_process_connect_cb(rb_fde_t *F, int status, void *data) |
8d99443b VY |
723 | { |
724 | conn_t *conn = data; | |
a7675ed2 | 725 | |
8d99443b VY |
726 | if(status == RB_OK) |
727 | { | |
728 | conn_mod_read_cb(conn->mod_fd, conn); | |
729 | conn_plain_read_cb(conn->plain_fd, conn); | |
408a29c6 AC |
730 | ssl_send_cipher(conn); |
731 | ssl_send_certfp(conn); | |
8d99443b | 732 | } |
a444bb78 JT |
733 | else if(status == RB_ERR_TIMEOUT) |
734 | close_conn(conn, WAIT_PLAIN, "SSL handshake timed out"); | |
735 | else if(status == RB_ERROR_SSL) | |
736 | close_conn(conn, WAIT_PLAIN, "%s", rb_get_ssl_strerror(conn->mod_fd)); | |
737 | else | |
738 | close_conn(conn, WAIT_PLAIN, "SSL handshake failed"); | |
8d99443b VY |
739 | } |
740 | ||
741 | ||
c03677e9 JT |
742 | static void |
743 | cleanup_bad_message(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) | |
744 | { | |
745 | int i; | |
746 | ||
747 | /* XXX should log this somehow */ | |
748 | for (i = 0; i < ctlb->nfds; i++) | |
749 | rb_close(ctlb->F[i]); | |
750 | } | |
751 | ||
8d99443b VY |
752 | static void |
753 | ssl_process_accept(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) | |
754 | { | |
755 | conn_t *conn; | |
408a29c6 | 756 | uint32_t id; |
8d99443b VY |
757 | |
758 | conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]); | |
759 | ||
408a29c6 AC |
760 | id = buf_to_uint32(&ctlb->buf[1]); |
761 | conn_add_id_hash(conn, id); | |
8d99443b VY |
762 | SetSSL(conn); |
763 | ||
764 | if(rb_get_type(conn->mod_fd) & RB_FD_UNKNOWN) | |
765 | { | |
3202e249 | 766 | |
8d99443b VY |
767 | rb_set_type(conn->mod_fd, RB_FD_SOCKET); |
768 | } | |
769 | if(rb_get_type(conn->mod_fd) == RB_FD_UNKNOWN) | |
770 | rb_set_type(conn->plain_fd, RB_FD_SOCKET); | |
771 | ||
772 | rb_ssl_start_accepted(ctlb->F[0], ssl_process_accept_cb, conn, 10); | |
773 | } | |
774 | ||
e6bbb410 EM |
775 | static void |
776 | ssl_change_certfp_method(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) | |
777 | { | |
408a29c6 | 778 | certfp_method = buf_to_uint32(&ctlb->buf[1]); |
e6bbb410 EM |
779 | } |
780 | ||
8d99443b VY |
781 | static void |
782 | ssl_process_connect(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) | |
783 | { | |
784 | conn_t *conn; | |
408a29c6 | 785 | uint32_t id; |
8d99443b VY |
786 | conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]); |
787 | ||
408a29c6 AC |
788 | id = buf_to_uint32(&ctlb->buf[1]); |
789 | conn_add_id_hash(conn, id); | |
8d99443b VY |
790 | SetSSL(conn); |
791 | ||
792 | if(rb_get_type(conn->mod_fd) == RB_FD_UNKNOWN) | |
793 | rb_set_type(conn->mod_fd, RB_FD_SOCKET); | |
794 | ||
795 | if(rb_get_type(conn->mod_fd) == RB_FD_UNKNOWN) | |
796 | rb_set_type(conn->plain_fd, RB_FD_SOCKET); | |
797 | ||
798 | ||
799 | rb_ssl_start_connected(ctlb->F[0], ssl_process_connect_cb, conn, 10); | |
800 | } | |
801 | ||
802 | static void | |
803 | process_stats(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) | |
804 | { | |
805 | char outstat[512]; | |
806 | conn_t *conn; | |
85e9bf41 | 807 | uint8_t *odata; |
408a29c6 | 808 | uint32_t id; |
8d99443b | 809 | |
408a29c6 | 810 | id = buf_to_uint32(&ctlb->buf[1]); |
3202e249 | 811 | |
8d99443b VY |
812 | odata = &ctlb->buf[5]; |
813 | conn = conn_find_by_id(id); | |
814 | ||
815 | if(conn == NULL) | |
816 | return; | |
817 | ||
818 | rb_snprintf(outstat, sizeof(outstat), "S %s %llu %llu %llu %llu", odata, | |
819 | conn->plain_out, conn->mod_in, conn->plain_in, conn->mod_out); | |
820 | conn->plain_out = 0; | |
821 | conn->plain_in = 0; | |
822 | conn->mod_in = 0; | |
823 | conn->mod_out = 0; | |
824 | mod_cmd_write_queue(ctl, outstat, strlen(outstat) + 1); /* +1 is so we send the \0 as well */ | |
825 | } | |
826 | ||
07c2bb75 JT |
827 | static void |
828 | change_connid(mod_ctl_t *ctl, mod_ctl_buf_t *ctlb) | |
829 | { | |
408a29c6 AC |
830 | uint32_t id = buf_to_uint32(&ctlb->buf[1]); |
831 | uint32_t newid = buf_to_uint32(&ctlb->buf[5]); | |
07c2bb75 | 832 | conn_t *conn = conn_find_by_id(id); |
408a29c6 | 833 | rb_dlinkDelete(&conn->node, connid_hash(conn->id)); |
07c2bb75 JT |
834 | SetZipSSL(conn); |
835 | conn->id = newid; | |
836 | } | |
837 | ||
8d99443b | 838 | #ifdef HAVE_LIBZ |
8d99443b VY |
839 | static void |
840 | zlib_process(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) | |
841 | { | |
7edb4f16 | 842 | uint8_t level; |
8d99443b | 843 | size_t recvqlen; |
408a29c6 | 844 | size_t hdr = (sizeof(uint8_t) * 2) + sizeof(uint32_t); |
8d99443b VY |
845 | void *recvq_start; |
846 | z_stream *instream, *outstream; | |
847 | conn_t *conn; | |
408a29c6 | 848 | uint32_t id; |
8d99443b VY |
849 | |
850 | conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]); | |
851 | if(rb_get_type(conn->mod_fd) == RB_FD_UNKNOWN) | |
852 | rb_set_type(conn->mod_fd, RB_FD_SOCKET); | |
853 | ||
854 | if(rb_get_type(conn->plain_fd) == RB_FD_UNKNOWN) | |
855 | rb_set_type(conn->plain_fd, RB_FD_SOCKET); | |
856 | ||
408a29c6 | 857 | id = buf_to_uint32(&ctlb->buf[1]); |
8d99443b VY |
858 | conn_add_id_hash(conn, id); |
859 | ||
3202e249 | 860 | level = (uint8_t)ctlb->buf[5]; |
8d99443b VY |
861 | |
862 | recvqlen = ctlb->buflen - hdr; | |
863 | recvq_start = &ctlb->buf[6]; | |
864 | ||
865 | SetZip(conn); | |
866 | conn->stream = rb_malloc(sizeof(zlib_stream_t)); | |
3202e249 VY |
867 | instream = &((zlib_stream_t *) conn->stream)->instream; |
868 | outstream = &((zlib_stream_t *) conn->stream)->outstream; | |
869 | ||
8d99443b VY |
870 | instream->total_in = 0; |
871 | instream->total_out = 0; | |
872 | instream->zalloc = (alloc_func) ssld_alloc; | |
873 | instream->zfree = (free_func) ssld_free; | |
874 | instream->data_type = Z_ASCII; | |
3202e249 | 875 | inflateInit(&((zlib_stream_t *) conn->stream)->instream); |
8d99443b VY |
876 | |
877 | outstream->total_in = 0; | |
878 | outstream->total_out = 0; | |
879 | outstream->zalloc = (alloc_func) ssld_alloc; | |
880 | outstream->zfree = (free_func) ssld_free; | |
881 | outstream->data_type = Z_ASCII; | |
882 | ||
883 | if(level > 9) | |
408a29c6 | 884 | level = (uint8_t) Z_DEFAULT_COMPRESSION; |
8d99443b | 885 | |
3202e249 | 886 | deflateInit(&((zlib_stream_t *) conn->stream)->outstream, level); |
8d99443b VY |
887 | if(recvqlen > 0) |
888 | common_zlib_inflate(conn, recvq_start, recvqlen); | |
0bd120ed | 889 | |
8d99443b VY |
890 | conn_mod_read_cb(conn->mod_fd, conn); |
891 | conn_plain_read_cb(conn->plain_fd, conn); | |
892 | return; | |
893 | ||
894 | } | |
895 | #endif | |
896 | ||
897 | static void | |
898 | init_prng(mod_ctl_t * ctl, mod_ctl_buf_t * ctl_buf) | |
899 | { | |
900 | char *path; | |
901 | prng_seed_t seed_type; | |
3202e249 VY |
902 | |
903 | seed_type = (prng_seed_t) ctl_buf->buf[1]; | |
85e9bf41 | 904 | path = (char *) &ctl_buf->buf[2]; |
8d99443b VY |
905 | rb_init_prng(path, seed_type); |
906 | } | |
907 | ||
908 | ||
909 | static void | |
910 | ssl_new_keys(mod_ctl_t * ctl, mod_ctl_buf_t * ctl_buf) | |
911 | { | |
912 | char *buf; | |
913 | char *cert, *key, *dhparam; | |
914 | ||
85e9bf41 | 915 | buf = (char *) &ctl_buf->buf[2]; |
8d99443b VY |
916 | cert = buf; |
917 | buf += strlen(cert) + 1; | |
918 | key = buf; | |
919 | buf += strlen(key) + 1; | |
920 | dhparam = buf; | |
921 | if(strlen(dhparam) == 0) | |
922 | dhparam = NULL; | |
923 | ||
924 | if(!rb_setup_ssl_server(cert, key, dhparam)) | |
925 | { | |
926 | const char *invalid = "I"; | |
927 | mod_cmd_write_queue(ctl, invalid, strlen(invalid)); | |
928 | return; | |
3202e249 | 929 | } |
8d99443b VY |
930 | } |
931 | ||
932 | static void | |
3202e249 | 933 | send_nossl_support(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) |
8d99443b VY |
934 | { |
935 | static const char *nossl_cmd = "N"; | |
936 | conn_t *conn; | |
408a29c6 | 937 | uint32_t id; |
8d99443b VY |
938 | |
939 | if(ctlb != NULL) | |
3202e249 | 940 | { |
8d99443b | 941 | conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]); |
408a29c6 AC |
942 | id = buf_to_uint32(&ctlb->buf[1]); |
943 | conn_add_id_hash(conn, id); | |
8d99443b | 944 | close_conn(conn, WAIT_PLAIN, "libratbox reports no SSL/TLS support"); |
3202e249 VY |
945 | } |
946 | mod_cmd_write_queue(ctl, nossl_cmd, strlen(nossl_cmd)); | |
8d99443b VY |
947 | } |
948 | ||
949 | static void | |
3202e249 | 950 | send_i_am_useless(mod_ctl_t * ctl) |
8d99443b VY |
951 | { |
952 | static const char *useless = "U"; | |
953 | mod_cmd_write_queue(ctl, useless, strlen(useless)); | |
954 | } | |
955 | ||
956 | static void | |
3202e249 | 957 | send_nozlib_support(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) |
8d99443b VY |
958 | { |
959 | static const char *nozlib_cmd = "z"; | |
960 | conn_t *conn; | |
408a29c6 | 961 | uint32_t id; |
8d99443b VY |
962 | if(ctlb != NULL) |
963 | { | |
964 | conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]); | |
408a29c6 AC |
965 | id = buf_to_uint32(&ctlb->buf[1]); |
966 | conn_add_id_hash(conn, id); | |
8d99443b | 967 | close_conn(conn, WAIT_PLAIN, "libratbox reports no zlib support"); |
3202e249 | 968 | } |
8d99443b VY |
969 | mod_cmd_write_queue(ctl, nozlib_cmd, strlen(nozlib_cmd)); |
970 | } | |
971 | ||
972 | static void | |
973 | mod_process_cmd_recv(mod_ctl_t * ctl) | |
974 | { | |
975 | rb_dlink_node *ptr, *next; | |
976 | mod_ctl_buf_t *ctl_buf; | |
977 | ||
978 | RB_DLINK_FOREACH_SAFE(ptr, next, ctl->readq.head) | |
979 | { | |
980 | ctl_buf = ptr->data; | |
981 | ||
982 | switch (*ctl_buf->buf) | |
983 | { | |
984 | case 'A': | |
985 | { | |
c03677e9 JT |
986 | if (ctl_buf->nfds != 2 || ctl_buf->buflen != 5) |
987 | { | |
988 | cleanup_bad_message(ctl, ctl_buf); | |
989 | break; | |
990 | } | |
991 | ||
8d99443b VY |
992 | if(!ssl_ok) |
993 | { | |
994 | send_nossl_support(ctl, ctl_buf); | |
995 | break; | |
996 | } | |
997 | ssl_process_accept(ctl, ctl_buf); | |
998 | break; | |
999 | } | |
1000 | case 'C': | |
1001 | { | |
c03677e9 JT |
1002 | if (ctl_buf->nfds != 2 || ctl_buf->buflen != 5) |
1003 | { | |
1004 | cleanup_bad_message(ctl, ctl_buf); | |
1005 | break; | |
1006 | } | |
1007 | ||
8d99443b VY |
1008 | if(!ssl_ok) |
1009 | { | |
1010 | send_nossl_support(ctl, ctl_buf); | |
1011 | break; | |
1012 | } | |
1013 | ssl_process_connect(ctl, ctl_buf); | |
1014 | break; | |
1015 | } | |
e6bbb410 EM |
1016 | case 'F': |
1017 | { | |
1018 | if (ctl_buf->nfds != 2 || ctl_buf->buflen != 5) | |
1019 | { | |
1020 | cleanup_bad_message(ctl, ctl_buf); | |
1021 | break; | |
1022 | } | |
1023 | ssl_change_certfp_method(ctl, ctl_buf); | |
1024 | break; | |
1025 | } | |
8d99443b VY |
1026 | case 'K': |
1027 | { | |
1028 | if(!ssl_ok) | |
1029 | { | |
1030 | send_nossl_support(ctl, ctl_buf); | |
1031 | break; | |
1032 | } | |
1033 | ssl_new_keys(ctl, ctl_buf); | |
1034 | break; | |
1035 | } | |
1036 | case 'I': | |
3202e249 VY |
1037 | init_prng(ctl, ctl_buf); |
1038 | break; | |
8d99443b VY |
1039 | case 'S': |
1040 | { | |
1041 | process_stats(ctl, ctl_buf); | |
1042 | break; | |
1043 | } | |
07c2bb75 JT |
1044 | case 'Y': |
1045 | { | |
1046 | change_connid(ctl, ctl_buf); | |
1047 | break; | |
1048 | } | |
1049 | ||
8d99443b VY |
1050 | #ifdef HAVE_LIBZ |
1051 | case 'Z': | |
1052 | { | |
c03677e9 JT |
1053 | if (ctl_buf->nfds != 2 || ctl_buf->buflen < 6) |
1054 | { | |
1055 | cleanup_bad_message(ctl, ctl_buf); | |
1056 | break; | |
1057 | } | |
1058 | ||
8d99443b VY |
1059 | /* just zlib only */ |
1060 | zlib_process(ctl, ctl_buf); | |
1061 | break; | |
1062 | } | |
1063 | #else | |
55abcbb2 | 1064 | |
8d99443b | 1065 | case 'Z': |
21192997 | 1066 | send_nozlib_support(ctl, ctl_buf); |
8d99443b | 1067 | break; |
3202e249 | 1068 | |
8d99443b VY |
1069 | #endif |
1070 | default: | |
1071 | break; | |
1072 | /* Log unknown commands */ | |
1073 | } | |
1074 | rb_dlinkDelete(ptr, &ctl->readq); | |
1075 | rb_free(ctl_buf->buf); | |
1076 | rb_free(ctl_buf); | |
1077 | } | |
1078 | ||
1079 | } | |
1080 | ||
1081 | ||
1082 | ||
1083 | static void | |
3202e249 | 1084 | mod_read_ctl(rb_fde_t *F, void *data) |
8d99443b VY |
1085 | { |
1086 | mod_ctl_buf_t *ctl_buf; | |
1087 | mod_ctl_t *ctl = data; | |
1088 | int retlen; | |
c03677e9 | 1089 | int i; |
8d99443b VY |
1090 | |
1091 | do | |
1092 | { | |
1093 | ctl_buf = rb_malloc(sizeof(mod_ctl_buf_t)); | |
1094 | ctl_buf->buf = rb_malloc(READBUF_SIZE); | |
1095 | ctl_buf->buflen = READBUF_SIZE; | |
1096 | retlen = rb_recv_fd_buf(ctl->F, ctl_buf->buf, ctl_buf->buflen, ctl_buf->F, | |
1097 | MAXPASSFD); | |
1098 | if(retlen <= 0) | |
1099 | { | |
1100 | rb_free(ctl_buf->buf); | |
1101 | rb_free(ctl_buf); | |
1102 | } | |
1103 | else | |
1104 | { | |
1105 | ctl_buf->buflen = retlen; | |
1106 | rb_dlinkAddTail(ctl_buf, &ctl_buf->node, &ctl->readq); | |
c03677e9 JT |
1107 | for (i = 0; i < MAXPASSFD && ctl_buf->F[i] != NULL; i++) |
1108 | ; | |
1109 | ctl_buf->nfds = i; | |
8d99443b VY |
1110 | } |
1111 | } | |
3202e249 | 1112 | while(retlen > 0); |
8d99443b VY |
1113 | |
1114 | if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno))) | |
1115 | exit(0); | |
1116 | ||
1117 | mod_process_cmd_recv(ctl); | |
1118 | rb_setselect(ctl->F, RB_SELECT_READ, mod_read_ctl, ctl); | |
1119 | } | |
1120 | ||
1121 | static void | |
3202e249 | 1122 | mod_write_ctl(rb_fde_t *F, void *data) |
8d99443b VY |
1123 | { |
1124 | mod_ctl_t *ctl = data; | |
1125 | mod_ctl_buf_t *ctl_buf; | |
1126 | rb_dlink_node *ptr, *next; | |
1127 | int retlen, x; | |
1128 | ||
1129 | RB_DLINK_FOREACH_SAFE(ptr, next, ctl->writeq.head) | |
1130 | { | |
1131 | ctl_buf = ptr->data; | |
1132 | retlen = rb_send_fd_buf(ctl->F, ctl_buf->F, ctl_buf->nfds, ctl_buf->buf, | |
3202e249 | 1133 | ctl_buf->buflen, ppid); |
8d99443b VY |
1134 | if(retlen > 0) |
1135 | { | |
1136 | rb_dlinkDelete(ptr, &ctl->writeq); | |
3202e249 | 1137 | for(x = 0; x < ctl_buf->nfds; x++) |
8d99443b VY |
1138 | rb_close(ctl_buf->F[x]); |
1139 | rb_free(ctl_buf->buf); | |
1140 | rb_free(ctl_buf); | |
1141 | ||
1142 | } | |
1143 | if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno))) | |
3202e249 VY |
1144 | exit(0); |
1145 | ||
8d99443b | 1146 | } |
464b7606 JT |
1147 | if(rb_dlink_list_length(&ctl->writeq) > 0) |
1148 | rb_setselect(ctl->F, RB_SELECT_WRITE, mod_write_ctl, ctl); | |
8d99443b VY |
1149 | } |
1150 | ||
1151 | ||
1152 | static void | |
3202e249 | 1153 | read_pipe_ctl(rb_fde_t *F, void *data) |
8d99443b VY |
1154 | { |
1155 | int retlen; | |
3202e249 | 1156 | while((retlen = rb_read(F, inbuf, sizeof(inbuf))) > 0) |
8d99443b VY |
1157 | { |
1158 | ;; /* we don't do anything with the pipe really, just care if the other process dies.. */ | |
1159 | } | |
1160 | if(retlen == 0 || (retlen < 0 && !rb_ignore_errno(errno))) | |
1161 | exit(0); | |
1162 | rb_setselect(F, RB_SELECT_READ, read_pipe_ctl, NULL); | |
1163 | ||
1164 | } | |
1165 | ||
1166 | int | |
1167 | main(int argc, char **argv) | |
1168 | { | |
3202e249 | 1169 | const char *s_ctlfd, *s_pipe, *s_pid; |
8d99443b VY |
1170 | int ctlfd, pipefd, x, maxfd; |
1171 | maxfd = maxconn(); | |
3202e249 | 1172 | |
8d99443b VY |
1173 | s_ctlfd = getenv("CTL_FD"); |
1174 | s_pipe = getenv("CTL_PIPE"); | |
3202e249 | 1175 | s_pid = getenv("CTL_PPID"); |
8d99443b | 1176 | |
3202e249 | 1177 | if(s_ctlfd == NULL || s_pipe == NULL || s_pid == NULL) |
8d99443b | 1178 | { |
3202e249 VY |
1179 | fprintf(stderr, |
1180 | "This is ircd-ratbox ssld. You know you aren't supposed to run me directly?\n"); | |
1181 | fprintf(stderr, | |
1182 | "You get an Id tag for this: $Id$\n"); | |
8d99443b VY |
1183 | fprintf(stderr, "Have a nice life\n"); |
1184 | exit(1); | |
1185 | } | |
1186 | ||
1187 | ctlfd = atoi(s_ctlfd); | |
1188 | pipefd = atoi(s_pipe); | |
3202e249 VY |
1189 | ppid = atoi(s_pid); |
1190 | x = 0; | |
1191 | #ifndef _WIN32 | |
1192 | for(x = 0; x < maxfd; x++) | |
8d99443b VY |
1193 | { |
1194 | if(x != ctlfd && x != pipefd && x > 2) | |
1195 | close(x); | |
1196 | } | |
8d99443b | 1197 | x = open("/dev/null", O_RDWR); |
464b7606 | 1198 | |
8d99443b VY |
1199 | if(x >= 0) |
1200 | { | |
1201 | if(ctlfd != 0 && pipefd != 0) | |
1202 | dup2(x, 0); | |
1203 | if(ctlfd != 1 && pipefd != 1) | |
1204 | dup2(x, 1); | |
1205 | if(ctlfd != 2 && pipefd != 2) | |
1206 | dup2(x, 2); | |
1207 | if(x > 2) | |
1208 | close(x); | |
1209 | } | |
3202e249 | 1210 | #endif |
8d99443b VY |
1211 | setup_signals(); |
1212 | rb_lib_init(NULL, NULL, NULL, 0, maxfd, 1024, 4096); | |
1213 | rb_init_rawbuffers(1024); | |
3202e249 | 1214 | ssl_ok = rb_supports_ssl(); |
8d99443b VY |
1215 | mod_ctl = rb_malloc(sizeof(mod_ctl_t)); |
1216 | mod_ctl->F = rb_open(ctlfd, RB_FD_SOCKET, "ircd control socket"); | |
1217 | mod_ctl->F_pipe = rb_open(pipefd, RB_FD_PIPE, "ircd pipe"); | |
1218 | rb_set_nb(mod_ctl->F); | |
1219 | rb_set_nb(mod_ctl->F_pipe); | |
1220 | rb_event_addish("clean_dead_conns", clean_dead_conns, NULL, 10); | |
4b6a4d47 | 1221 | rb_event_add("check_handshake_flood", check_handshake_flood, NULL, 10); |
8d99443b VY |
1222 | read_pipe_ctl(mod_ctl->F_pipe, NULL); |
1223 | mod_read_ctl(mod_ctl->F, mod_ctl); | |
1224 | if(!zlib_ok && !ssl_ok) | |
1225 | { | |
1226 | /* this is really useless... */ | |
1227 | send_i_am_useless(mod_ctl); | |
1228 | /* sleep until the ircd kills us */ | |
3202e249 | 1229 | rb_sleep(2 << 30, 0); |
8d99443b VY |
1230 | exit(1); |
1231 | } | |
1232 | ||
1233 | if(!zlib_ok) | |
1234 | send_nozlib_support(mod_ctl, NULL); | |
1235 | if(!ssl_ok) | |
1236 | send_nossl_support(mod_ctl, NULL); | |
1237 | rb_lib_loop(0); | |
1238 | return 0; | |
1239 | } | |
1240 | ||
1241 | ||
3202e249 | 1242 | #ifndef _WIN32 |
8d99443b VY |
1243 | static void |
1244 | dummy_handler(int sig) | |
1245 | { | |
1246 | return; | |
1247 | } | |
3202e249 | 1248 | #endif |
8d99443b VY |
1249 | |
1250 | static void | |
1251 | setup_signals() | |
1252 | { | |
3202e249 | 1253 | #ifndef _WIN32 |
8d99443b VY |
1254 | struct sigaction act; |
1255 | ||
1256 | act.sa_flags = 0; | |
1257 | act.sa_handler = SIG_IGN; | |
1258 | sigemptyset(&act.sa_mask); | |
1259 | sigaddset(&act.sa_mask, SIGPIPE); | |
1260 | sigaddset(&act.sa_mask, SIGALRM); | |
1261 | #ifdef SIGTRAP | |
1262 | sigaddset(&act.sa_mask, SIGTRAP); | |
1263 | #endif | |
1264 | ||
1265 | #ifdef SIGWINCH | |
1266 | sigaddset(&act.sa_mask, SIGWINCH); | |
1267 | sigaction(SIGWINCH, &act, 0); | |
1268 | #endif | |
1269 | sigaction(SIGPIPE, &act, 0); | |
1270 | #ifdef SIGTRAP | |
1271 | sigaction(SIGTRAP, &act, 0); | |
1272 | #endif | |
1273 | ||
1274 | act.sa_handler = dummy_handler; | |
1275 | sigaction(SIGALRM, &act, 0); | |
3202e249 | 1276 | #endif |
8d99443b | 1277 | } |