]>
Commit | Line | Data |
---|---|---|
212380e3 AC |
1 | /* |
2 | * ircd-ratbox: A slightly useful ircd. | |
3 | * s_auth.c: Functions for querying a users ident. | |
4 | * | |
5 | * Copyright (C) 1990 Jarkko Oikarinen and University of Oulu, Co Center | |
6 | * Copyright (C) 1996-2002 Hybrid Development Team | |
7 | * Copyright (C) 2002-2005 ircd-ratbox development team | |
8 | * | |
9 | * This program is free software; you can redistribute it and/or modify | |
10 | * it under the terms of the GNU General Public License as published by | |
11 | * the Free Software Foundation; either version 2 of the License, or | |
12 | * (at your option) any later version. | |
13 | * | |
14 | * This program is distributed in the hope that it will be useful, | |
15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
17 | * GNU General Public License for more details. | |
18 | * | |
19 | * You should have received a copy of the GNU General Public License | |
20 | * along with this program; if not, write to the Free Software | |
21 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 | |
22 | * USA | |
23 | * | |
6fcb8629 | 24 | * $Id: s_auth.c 3354 2007-04-03 09:21:31Z nenolod $ */ |
212380e3 AC |
25 | |
26 | /* | |
27 | * Changes: | |
28 | * July 6, 1999 - Rewrote most of the code here. When a client connects | |
29 | * to the server and passes initial socket validation checks, it | |
30 | * is owned by this module (auth) which returns it to the rest of the | |
31 | * server when dns and auth queries are finished. Until the client is | |
32 | * released, the server does not know it exists and does not process | |
33 | * any messages from it. | |
34 | * --Bleep Thomas Helvey <tomh@inxpress.net> | |
35 | */ | |
36 | #include "stdinc.h" | |
37 | #include "config.h" | |
212380e3 AC |
38 | #include "s_auth.h" |
39 | #include "s_conf.h" | |
40 | #include "client.h" | |
41 | #include "common.h" | |
212380e3 AC |
42 | #include "irc_string.h" |
43 | #include "sprintf_irc.h" | |
44 | #include "ircd.h" | |
45 | #include "numeric.h" | |
46 | #include "packet.h" | |
47 | #include "res.h" | |
212380e3 AC |
48 | #include "s_log.h" |
49 | #include "s_stats.h" | |
50 | #include "send.h" | |
212380e3 AC |
51 | #include "hook.h" |
52 | #include "blacklist.h" | |
53 | ||
54 | /* | |
55 | * a bit different approach | |
56 | * this replaces the original sendheader macros | |
57 | */ | |
58 | ||
59 | static const char *HeaderMessages[] = | |
60 | { | |
5366977b AC |
61 | ":*** Looking up your hostname...", |
62 | ":*** Found your hostname", | |
63 | ":*** Couldn't look up your hostname", | |
64 | ":*** Checking Ident", | |
65 | ":*** Got Ident response", | |
66 | ":*** No Ident response", | |
67 | ":*** Your hostname is too long, ignoring hostname", | |
68 | ":*** Your forward and reverse DNS do not match, ignoring hostname", | |
69 | ":*** Cannot verify hostname validity, ignoring hostname", | |
212380e3 AC |
70 | }; |
71 | ||
72 | typedef enum | |
73 | { | |
74 | REPORT_DO_DNS, | |
75 | REPORT_FIN_DNS, | |
76 | REPORT_FAIL_DNS, | |
77 | REPORT_DO_ID, | |
78 | REPORT_FIN_ID, | |
79 | REPORT_FAIL_ID, | |
80 | REPORT_HOST_TOOLONG, | |
81 | REPORT_HOST_MISMATCH, | |
82 | REPORT_HOST_UNKNOWN | |
83 | } | |
84 | ReportType; | |
85 | ||
5366977b | 86 | #define sendheader(c, r) sendto_one_notice(c, HeaderMessages[(r)]) |
212380e3 | 87 | |
330fc5c1 | 88 | static rb_dlink_list auth_poll_list; |
398b6a73 | 89 | static rb_bh *auth_heap; |
212380e3 AC |
90 | static EVH timeout_auth_queries_event; |
91 | ||
92 | static PF read_auth_reply; | |
93 | static CNCB auth_connect_callback; | |
94 | ||
95 | /* | |
96 | * init_auth() | |
97 | * | |
98 | * Initialise the auth code | |
99 | */ | |
100 | void | |
101 | init_auth(void) | |
102 | { | |
103 | /* This hook takes a struct Client for its argument */ | |
104 | memset(&auth_poll_list, 0, sizeof(auth_poll_list)); | |
12aea5fe | 105 | rb_event_addish("timeout_auth_queries_event", timeout_auth_queries_event, NULL, 1); |
398b6a73 | 106 | auth_heap = rb_bh_create(sizeof(struct AuthRequest), LCLIENT_HEAP_SIZE); |
212380e3 AC |
107 | } |
108 | ||
109 | /* | |
110 | * make_auth_request - allocate a new auth request | |
111 | */ | |
112 | static struct AuthRequest * | |
113 | make_auth_request(struct Client *client) | |
114 | { | |
398b6a73 | 115 | struct AuthRequest *request = rb_bh_alloc(auth_heap); |
212380e3 AC |
116 | client->localClient->auth_request = request; |
117 | request->fd = -1; | |
118 | request->client = client; | |
e3354945 | 119 | request->timeout = rb_current_time() + ConfigFileEntry.connect_timeout; |
212380e3 AC |
120 | return request; |
121 | } | |
122 | ||
123 | /* | |
124 | * free_auth_request - cleanup auth request allocations | |
125 | */ | |
126 | static void | |
127 | free_auth_request(struct AuthRequest *request) | |
128 | { | |
398b6a73 | 129 | rb_bh_free(auth_heap, request); |
212380e3 AC |
130 | } |
131 | ||
132 | /* | |
133 | * release_auth_client - release auth client from auth system | |
134 | * this adds the client into the local client lists so it can be read by | |
135 | * the main io processing loop | |
136 | */ | |
137 | static void | |
138 | release_auth_client(struct AuthRequest *auth) | |
139 | { | |
140 | struct Client *client = auth->client; | |
141 | ||
142 | if(IsDNSPending(auth) || IsDoingAuth(auth)) | |
143 | return; | |
144 | ||
145 | client->localClient->auth_request = NULL; | |
330fc5c1 | 146 | rb_dlinkDelete(&auth->node, &auth_poll_list); |
212380e3 | 147 | free_auth_request(auth); |
c5c2f506 AC |
148 | if(client->localClient->F->fd > highest_fd) |
149 | highest_fd = client->localClient->F->fd; | |
212380e3 AC |
150 | |
151 | /* | |
152 | * When a client has auth'ed, we want to start reading what it sends | |
153 | * us. This is what read_packet() does. | |
154 | * -- adrian | |
155 | */ | |
156 | client->localClient->allow_read = MAX_FLOOD; | |
b2f0da88 | 157 | rb_setflush(client->localClient->F->fd, 1000, flood_recalc, client); |
330fc5c1 | 158 | rb_dlinkAddTail(client, &client->node, &global_client_list); |
c5c2f506 | 159 | read_packet(client->localClient->F->fd, client); |
212380e3 AC |
160 | } |
161 | ||
162 | /* | |
163 | * auth_dns_callback - called when resolver query finishes | |
164 | * if the query resulted in a successful search, hp will contain | |
165 | * a non-null pointer, otherwise hp will be null. | |
166 | * set the client on it's way to a connection completion, regardless | |
167 | * of success of failure | |
168 | */ | |
169 | static void | |
170 | auth_dns_callback(void *vptr, struct DNSReply *reply) | |
171 | { | |
172 | struct AuthRequest *auth = (struct AuthRequest *) vptr; | |
173 | ClearDNSPending(auth); | |
174 | ||
175 | /* XXX: this shouldn't happen, but it does. -nenolod */ | |
176 | if(auth->client->localClient == NULL) | |
177 | { | |
178 | sendto_realops_snomask(SNO_GENERAL, L_ALL, | |
179 | "auth_dns_callback(): auth->client->localClient (%s) is NULL", get_client_name(auth->client, HIDE_IP)); | |
180 | ||
330fc5c1 | 181 | rb_dlinkDelete(&auth->node, &auth_poll_list); |
212380e3 AC |
182 | free_auth_request(auth); |
183 | ||
184 | /* and they will silently drop through and all will hopefully be ok... -nenolod */ | |
185 | return; | |
186 | } | |
187 | ||
188 | if(reply) | |
189 | { | |
190 | int good = 1; | |
191 | ||
192 | if(auth->client->localClient->ip.ss_family == AF_INET) | |
193 | { | |
194 | struct sockaddr_in *ip, *ip_fwd; | |
195 | ||
196 | ip = (struct sockaddr_in *) &auth->client->localClient->ip; | |
197 | ip_fwd = (struct sockaddr_in *) &reply->addr; | |
198 | ||
199 | if(ip->sin_addr.s_addr != ip_fwd->sin_addr.s_addr) | |
200 | { | |
201 | sendheader(auth->client, REPORT_HOST_MISMATCH); | |
202 | good = 0; | |
203 | } | |
204 | } | |
205 | #ifdef IPV6 | |
206 | else if(auth->client->localClient->ip.ss_family == AF_INET6) | |
207 | { | |
208 | struct sockaddr_in6 *ip, *ip_fwd; | |
209 | ||
210 | ip = (struct sockaddr_in6 *) &auth->client->localClient->ip; | |
211 | ip_fwd = (struct sockaddr_in6 *) &reply->addr; | |
212 | ||
213 | if(memcmp(&ip->sin6_addr, &ip_fwd->sin6_addr, sizeof(struct in6_addr)) != 0) | |
214 | { | |
215 | sendheader(auth->client, REPORT_HOST_MISMATCH); | |
216 | good = 0; | |
217 | } | |
218 | } | |
219 | #endif | |
220 | else /* can't verify it, don't know how. reject it. */ | |
221 | { | |
222 | sendheader(auth->client, REPORT_HOST_UNKNOWN); | |
223 | good = 0; | |
224 | } | |
225 | ||
226 | if(good && strlen(reply->h_name) <= HOSTLEN) | |
227 | { | |
228 | strlcpy(auth->client->host, reply->h_name, sizeof(auth->client->host)); | |
229 | sendheader(auth->client, REPORT_FIN_DNS); | |
230 | } | |
231 | else if (strlen(reply->h_name) > HOSTLEN) | |
232 | sendheader(auth->client, REPORT_HOST_TOOLONG); | |
233 | } | |
234 | else | |
235 | sendheader(auth->client, REPORT_FAIL_DNS); | |
236 | ||
237 | release_auth_client(auth); | |
238 | } | |
239 | ||
240 | /* | |
241 | * authsenderr - handle auth send errors | |
242 | */ | |
243 | static void | |
244 | auth_error(struct AuthRequest *auth) | |
245 | { | |
246 | ++ServerStats->is_abad; | |
247 | ||
b2f0da88 | 248 | rb_close(auth->fd); |
212380e3 AC |
249 | auth->fd = -1; |
250 | ||
251 | ClearAuth(auth); | |
252 | sendheader(auth->client, REPORT_FAIL_ID); | |
253 | ||
254 | release_auth_client(auth); | |
255 | } | |
256 | ||
257 | /* | |
258 | * start_auth_query - Flag the client to show that an attempt to | |
259 | * contact the ident server on | |
260 | * the client's host. The connect and subsequently the socket are all put | |
261 | * into 'non-blocking' mode. Should the connect or any later phase of the | |
262 | * identifing process fail, it is aborted and the user is given a username | |
263 | * of "unknown". | |
264 | */ | |
265 | static int | |
266 | start_auth_query(struct AuthRequest *auth) | |
267 | { | |
f7e2c5b3 VY |
268 | struct rb_sockaddr_storage localaddr; |
269 | socklen_t locallen = sizeof(struct rb_sockaddr_storage); | |
212380e3 AC |
270 | int fd; |
271 | int family; | |
272 | ||
273 | if(IsAnyDead(auth->client)) | |
274 | return 0; | |
275 | ||
276 | family = auth->client->localClient->ip.ss_family; | |
b2f0da88 | 277 | if((fd = rb_socket(family, SOCK_STREAM, 0, "ident")) == -1) |
212380e3 AC |
278 | { |
279 | report_error("creating auth stream socket %s:%s", | |
280 | get_client_name(auth->client, SHOW_IP), | |
281 | log_client_name(auth->client, SHOW_IP), errno); | |
282 | ++ServerStats->is_abad; | |
283 | return 0; | |
284 | } | |
6fcb8629 AC |
285 | |
286 | /* | |
287 | * TBD: this is a pointless arbitrary limit .. we either have a socket or not. -nenolod | |
288 | */ | |
b2f0da88 | 289 | if((rb_get_maxconnections() - 10) < fd) |
212380e3 AC |
290 | { |
291 | sendto_realops_snomask(SNO_GENERAL, L_ALL, | |
292 | "Can't allocate fd for auth on %s", | |
293 | get_client_name(auth->client, SHOW_IP)); | |
b2f0da88 | 294 | rb_close(fd); |
212380e3 AC |
295 | return 0; |
296 | } | |
297 | ||
298 | sendheader(auth->client, REPORT_DO_ID); | |
299 | ||
300 | /* | |
301 | * get the local address of the client and bind to that to | |
302 | * make the auth request. This used to be done only for | |
303 | * ifdef VIRTUAL_HOST, but needs to be done for all clients | |
304 | * since the ident request must originate from that same address-- | |
305 | * and machines with multiple IP addresses are common now | |
306 | */ | |
307 | memset(&localaddr, 0, locallen); | |
c5c2f506 | 308 | getsockname(auth->client->localClient->F->fd, |
212380e3 AC |
309 | (struct sockaddr *) &localaddr, &locallen); |
310 | ||
311 | mangle_mapped_sockaddr((struct sockaddr *)&localaddr); | |
312 | #ifdef IPV6 | |
313 | if(localaddr.ss_family == AF_INET6) | |
314 | { | |
315 | ((struct sockaddr_in6 *)&localaddr)->sin6_port = 0; | |
316 | } else | |
317 | #endif | |
318 | ((struct sockaddr_in *)&localaddr)->sin_port = 0; | |
319 | ||
320 | auth->fd = fd; | |
321 | SetAuthConnect(auth); | |
322 | ||
b2f0da88 | 323 | rb_connect_tcp(fd, auth->client->sockhost, 113, |
212380e3 AC |
324 | (struct sockaddr *) &localaddr, GET_SS_LEN(localaddr), |
325 | auth_connect_callback, auth, | |
326 | localaddr.ss_family, GlobalSetOptions.ident_timeout); | |
327 | return 1; /* We suceed here for now */ | |
328 | } | |
329 | ||
330 | /* | |
331 | * GetValidIdent - parse ident query reply from identd server | |
332 | * | |
333 | * Inputs - pointer to ident buf | |
334 | * Output - NULL if no valid ident found, otherwise pointer to name | |
335 | * Side effects - | |
336 | */ | |
337 | static char * | |
338 | GetValidIdent(char *buf) | |
339 | { | |
340 | int remp = 0; | |
341 | int locp = 0; | |
342 | char *colon1Ptr; | |
343 | char *colon2Ptr; | |
344 | char *colon3Ptr; | |
345 | char *commaPtr; | |
346 | char *remotePortString; | |
347 | ||
348 | /* All this to get rid of a sscanf() fun. */ | |
349 | remotePortString = buf; | |
350 | ||
351 | colon1Ptr = strchr(remotePortString, ':'); | |
352 | if(!colon1Ptr) | |
353 | return 0; | |
354 | ||
355 | *colon1Ptr = '\0'; | |
356 | colon1Ptr++; | |
357 | colon2Ptr = strchr(colon1Ptr, ':'); | |
358 | if(!colon2Ptr) | |
359 | return 0; | |
360 | ||
361 | *colon2Ptr = '\0'; | |
362 | colon2Ptr++; | |
363 | commaPtr = strchr(remotePortString, ','); | |
364 | ||
365 | if(!commaPtr) | |
366 | return 0; | |
367 | ||
368 | *commaPtr = '\0'; | |
369 | commaPtr++; | |
370 | ||
371 | remp = atoi(remotePortString); | |
372 | if(!remp) | |
373 | return 0; | |
374 | ||
375 | locp = atoi(commaPtr); | |
376 | if(!locp) | |
377 | return 0; | |
378 | ||
379 | /* look for USERID bordered by first pair of colons */ | |
380 | if(!strstr(colon1Ptr, "USERID")) | |
381 | return 0; | |
382 | ||
383 | colon3Ptr = strchr(colon2Ptr, ':'); | |
384 | if(!colon3Ptr) | |
385 | return 0; | |
386 | ||
387 | *colon3Ptr = '\0'; | |
388 | colon3Ptr++; | |
389 | return (colon3Ptr); | |
390 | } | |
391 | ||
392 | /* | |
393 | * start_auth - starts auth (identd) and dns queries for a client | |
394 | */ | |
395 | void | |
396 | start_auth(struct Client *client) | |
397 | { | |
398 | struct AuthRequest *auth = 0; | |
399 | s_assert(0 != client); | |
400 | if(client == NULL) | |
401 | return; | |
402 | ||
212380e3 AC |
403 | auth = make_auth_request(client); |
404 | ||
405 | auth->dns_query.ptr = auth; | |
406 | auth->dns_query.callback = auth_dns_callback; | |
407 | ||
408 | sendheader(client, REPORT_DO_DNS); | |
409 | ||
410 | /* No DNS cache now, remember? -- adrian */ | |
411 | gethost_byaddr(&client->localClient->ip, &auth->dns_query); | |
412 | ||
413 | SetDNSPending(auth); | |
414 | ||
415 | if(ConfigFileEntry.disable_auth == 0) | |
416 | start_auth_query(auth); | |
417 | ||
330fc5c1 | 418 | rb_dlinkAdd(auth, &auth->node, &auth_poll_list); |
212380e3 AC |
419 | } |
420 | ||
421 | /* | |
422 | * timeout_auth_queries - timeout resolver and identd requests | |
423 | * allow clients through if requests failed | |
424 | */ | |
425 | static void | |
426 | timeout_auth_queries_event(void *notused) | |
427 | { | |
330fc5c1 | 428 | rb_dlink_node *ptr; |
637c4932 | 429 | rb_dlink_node *next_ptr; |
212380e3 AC |
430 | struct AuthRequest *auth; |
431 | ||
637c4932 | 432 | RB_DLINK_FOREACH_SAFE(ptr, next_ptr, auth_poll_list.head) |
212380e3 AC |
433 | { |
434 | auth = ptr->data; | |
435 | ||
e3354945 | 436 | if(auth->timeout < rb_current_time()) |
212380e3 AC |
437 | { |
438 | if(auth->fd >= 0) | |
b2f0da88 | 439 | rb_close(auth->fd); |
212380e3 AC |
440 | |
441 | if(IsDoingAuth(auth)) | |
442 | { | |
443 | ClearAuth(auth); | |
444 | ++ServerStats->is_abad; | |
445 | sendheader(auth->client, REPORT_FAIL_ID); | |
446 | auth->client->localClient->auth_request = NULL; | |
447 | } | |
448 | if(IsDNSPending(auth)) | |
449 | { | |
450 | ClearDNSPending(auth); | |
451 | delete_resolver_queries(&auth->dns_query); | |
452 | sendheader(auth->client, REPORT_FAIL_DNS); | |
453 | } | |
454 | ||
e3354945 | 455 | auth->client->localClient->lasttime = rb_current_time(); |
212380e3 AC |
456 | release_auth_client(auth); |
457 | } | |
458 | } | |
459 | } | |
460 | ||
461 | /* | |
b2f0da88 | 462 | * auth_connect_callback() - deal with the result of rb_connect_tcp() |
212380e3 AC |
463 | * |
464 | * If the connection failed, we simply close the auth fd and report | |
465 | * a failure. If the connection suceeded send the ident server a query | |
466 | * giving "theirport , ourport". The write is only attempted *once* so | |
467 | * it is deemed to be a fail if the entire write doesn't write all the | |
468 | * data given. This shouldnt be a problem since the socket should have | |
469 | * a write buffer far greater than this message to store it in should | |
470 | * problems arise. -avalon | |
471 | */ | |
472 | static void | |
473 | auth_connect_callback(int fd, int error, void *data) | |
474 | { | |
475 | struct AuthRequest *auth = data; | |
476 | struct sockaddr_in us; | |
477 | struct sockaddr_in them; | |
478 | char authbuf[32]; | |
479 | socklen_t ulen = sizeof(struct sockaddr_in); | |
480 | socklen_t tlen = sizeof(struct sockaddr_in); | |
481 | ||
482 | /* Check the error */ | |
483 | if(error != COMM_OK) | |
484 | { | |
485 | /* We had an error during connection :( */ | |
486 | auth_error(auth); | |
487 | return; | |
488 | } | |
489 | ||
490 | if(getsockname | |
c5c2f506 | 491 | (auth->client->localClient->F->fd, (struct sockaddr *) &us, |
212380e3 | 492 | (socklen_t *) & ulen) |
c5c2f506 | 493 | || getpeername(auth->client->localClient->F->fd, |
212380e3 AC |
494 | (struct sockaddr *) &them, (socklen_t *) & tlen)) |
495 | { | |
496 | ilog(L_IOERROR, "auth get{sock,peer}name error for %s:%m", | |
497 | log_client_name(auth->client, SHOW_IP)); | |
498 | auth_error(auth); | |
499 | return; | |
500 | } | |
b2f0da88 | 501 | rb_snprintf(authbuf, sizeof(authbuf), "%u , %u\r\n", |
212380e3 AC |
502 | (unsigned int) ntohs(them.sin_port), (unsigned int) ntohs(us.sin_port)); |
503 | ||
504 | if(write(auth->fd, authbuf, strlen(authbuf)) == -1) | |
505 | { | |
506 | auth_error(auth); | |
507 | return; | |
508 | } | |
509 | ClearAuthConnect(auth); | |
510 | SetAuthPending(auth); | |
511 | read_auth_reply(auth->fd, auth); | |
512 | } | |
513 | ||
514 | ||
515 | /* | |
516 | * read_auth_reply - read the reply (if any) from the ident server | |
517 | * we connected to. | |
518 | * We only give it one shot, if the reply isn't good the first time | |
519 | * fail the authentication entirely. --Bleep | |
520 | */ | |
521 | #define AUTH_BUFSIZ 128 | |
522 | ||
523 | static void | |
524 | read_auth_reply(int fd, void *data) | |
525 | { | |
526 | struct AuthRequest *auth = data; | |
527 | char *s = NULL; | |
528 | char *t = NULL; | |
529 | int len; | |
530 | int count; | |
531 | char buf[AUTH_BUFSIZ + 1]; /* buffer to read auth reply into */ | |
532 | ||
533 | len = read(auth->fd, buf, AUTH_BUFSIZ); | |
534 | ||
535 | if(len < 0 && ignoreErrno(errno)) | |
536 | { | |
b2f0da88 | 537 | rb_setselect(fd, FDLIST_IDLECLIENT, COMM_SELECT_READ, read_auth_reply, auth, 0); |
212380e3 AC |
538 | return; |
539 | } | |
540 | ||
541 | if(len > 0) | |
542 | { | |
543 | buf[len] = '\0'; | |
544 | ||
545 | if((s = GetValidIdent(buf))) | |
546 | { | |
547 | t = auth->client->username; | |
548 | ||
549 | while (*s == '~' || *s == '^') | |
550 | s++; | |
551 | ||
552 | for (count = USERLEN; *s && count; s++) | |
553 | { | |
554 | if(*s == '@') | |
555 | { | |
556 | break; | |
557 | } | |
558 | if(!IsSpace(*s) && *s != ':' && *s != '[') | |
559 | { | |
560 | *t++ = *s; | |
561 | count--; | |
562 | } | |
563 | } | |
564 | *t = '\0'; | |
565 | } | |
566 | } | |
567 | ||
b2f0da88 | 568 | rb_close(auth->fd); |
212380e3 AC |
569 | auth->fd = -1; |
570 | ClearAuth(auth); | |
571 | ||
572 | if(s == NULL) | |
573 | { | |
574 | ++ServerStats->is_abad; | |
575 | strcpy(auth->client->username, "unknown"); | |
576 | sendheader(auth->client, REPORT_FAIL_ID); | |
577 | } | |
578 | else | |
579 | { | |
580 | sendheader(auth->client, REPORT_FIN_ID); | |
581 | ++ServerStats->is_asuc; | |
582 | SetGotId(auth->client); | |
583 | } | |
584 | ||
585 | release_auth_client(auth); | |
586 | } | |
587 | ||
588 | ||
589 | ||
590 | /* | |
591 | * delete_auth_queries() | |
592 | * | |
593 | */ | |
594 | void | |
595 | delete_auth_queries(struct Client *target_p) | |
596 | { | |
597 | struct AuthRequest *auth; | |
598 | ||
599 | if(target_p == NULL || target_p->localClient == NULL || | |
600 | target_p->localClient->auth_request == NULL) | |
601 | return; | |
602 | ||
603 | auth = target_p->localClient->auth_request; | |
604 | target_p->localClient->auth_request = NULL; | |
605 | ||
606 | if(IsDNSPending(auth)) | |
607 | delete_resolver_queries(&auth->dns_query); | |
608 | ||
609 | if(auth->fd >= 0) | |
b2f0da88 | 610 | rb_close(auth->fd); |
212380e3 | 611 | |
330fc5c1 | 612 | rb_dlinkDelete(&auth->node, &auth_poll_list); |
212380e3 AC |
613 | free_auth_request(auth); |
614 | } |