]>
Commit | Line | Data |
---|---|---|
212380e3 AC |
1 | /* |
2 | * ircd-ratbox: A slightly useful ircd. | |
3 | * s_auth.c: Functions for querying a users ident. | |
4 | * | |
5 | * Copyright (C) 1990 Jarkko Oikarinen and University of Oulu, Co Center | |
6 | * Copyright (C) 1996-2002 Hybrid Development Team | |
7 | * Copyright (C) 2002-2005 ircd-ratbox development team | |
8 | * | |
9 | * This program is free software; you can redistribute it and/or modify | |
10 | * it under the terms of the GNU General Public License as published by | |
11 | * the Free Software Foundation; either version 2 of the License, or | |
12 | * (at your option) any later version. | |
13 | * | |
14 | * This program is distributed in the hope that it will be useful, | |
15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
17 | * GNU General Public License for more details. | |
18 | * | |
19 | * You should have received a copy of the GNU General Public License | |
20 | * along with this program; if not, write to the Free Software | |
21 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 | |
22 | * USA | |
23 | * | |
6fcb8629 | 24 | * $Id: s_auth.c 3354 2007-04-03 09:21:31Z nenolod $ */ |
212380e3 AC |
25 | |
26 | /* | |
27 | * Changes: | |
28 | * July 6, 1999 - Rewrote most of the code here. When a client connects | |
29 | * to the server and passes initial socket validation checks, it | |
30 | * is owned by this module (auth) which returns it to the rest of the | |
31 | * server when dns and auth queries are finished. Until the client is | |
32 | * released, the server does not know it exists and does not process | |
33 | * any messages from it. | |
34 | * --Bleep Thomas Helvey <tomh@inxpress.net> | |
35 | */ | |
36 | #include "stdinc.h" | |
37 | #include "config.h" | |
212380e3 AC |
38 | #include "s_auth.h" |
39 | #include "s_conf.h" | |
40 | #include "client.h" | |
41 | #include "common.h" | |
4562c604 | 42 | #include "match.h" |
212380e3 AC |
43 | #include "ircd.h" |
44 | #include "numeric.h" | |
45 | #include "packet.h" | |
1d02144f | 46 | #include "dns.h" |
4016731b | 47 | #include "logger.h" |
212380e3 AC |
48 | #include "s_stats.h" |
49 | #include "send.h" | |
212380e3 AC |
50 | #include "hook.h" |
51 | #include "blacklist.h" | |
77d3d2db | 52 | #include "s_assert.h" |
212380e3 | 53 | |
1a530728 JT |
54 | struct AuthRequest |
55 | { | |
56 | rb_dlink_node node; | |
57 | struct Client *client; /* pointer to client struct for request */ | |
1d02144f | 58 | uint16_t dns_id; /* DNS Query */ |
1a530728 JT |
59 | unsigned int flags; /* current state of request */ |
60 | rb_fde_t *F; /* file descriptor for auth queries */ | |
61 | time_t timeout; /* time when query expires */ | |
d0ebe1bc JT |
62 | uint16_t lport; |
63 | uint16_t rport; | |
1a530728 JT |
64 | }; |
65 | ||
66 | /* | |
67 | * flag values for AuthRequest | |
68 | * NAMESPACE: AM_xxx - Authentication Module | |
69 | */ | |
70 | #define AM_AUTH_CONNECTING (1 << 0) | |
71 | #define AM_AUTH_PENDING (1 << 1) | |
72 | #define AM_DNS_PENDING (1 << 2) | |
73 | ||
74 | #define SetDNSPending(x) ((x)->flags |= AM_DNS_PENDING) | |
75 | #define ClearDNSPending(x) ((x)->flags &= ~AM_DNS_PENDING) | |
76 | #define IsDNSPending(x) ((x)->flags & AM_DNS_PENDING) | |
77 | ||
78 | #define SetAuthConnect(x) ((x)->flags |= AM_AUTH_CONNECTING) | |
79 | #define ClearAuthConnect(x) ((x)->flags &= ~AM_AUTH_CONNECTING) | |
80 | #define IsAuthConnect(x) ((x)->flags & AM_AUTH_CONNECTING) | |
81 | ||
82 | #define SetAuthPending(x) ((x)->flags |= AM_AUTH_PENDING) | |
83 | #define ClearAuthPending(x) ((x)->flags &= AM_AUTH_PENDING) | |
84 | #define IsAuthPending(x) ((x)->flags & AM_AUTH_PENDING) | |
85 | ||
86 | #define ClearAuth(x) ((x)->flags &= ~(AM_AUTH_PENDING | AM_AUTH_CONNECTING)) | |
87 | #define IsDoingAuth(x) ((x)->flags & (AM_AUTH_PENDING | AM_AUTH_CONNECTING)) | |
88 | ||
212380e3 AC |
89 | /* |
90 | * a bit different approach | |
91 | * this replaces the original sendheader macros | |
92 | */ | |
93 | ||
94 | static const char *HeaderMessages[] = | |
95 | { | |
5366977b AC |
96 | ":*** Looking up your hostname...", |
97 | ":*** Found your hostname", | |
98 | ":*** Couldn't look up your hostname", | |
99 | ":*** Checking Ident", | |
100 | ":*** Got Ident response", | |
101 | ":*** No Ident response", | |
102 | ":*** Your hostname is too long, ignoring hostname", | |
103 | ":*** Your forward and reverse DNS do not match, ignoring hostname", | |
104 | ":*** Cannot verify hostname validity, ignoring hostname", | |
212380e3 AC |
105 | }; |
106 | ||
107 | typedef enum | |
108 | { | |
109 | REPORT_DO_DNS, | |
110 | REPORT_FIN_DNS, | |
111 | REPORT_FAIL_DNS, | |
112 | REPORT_DO_ID, | |
113 | REPORT_FIN_ID, | |
114 | REPORT_FAIL_ID, | |
115 | REPORT_HOST_TOOLONG, | |
116 | REPORT_HOST_MISMATCH, | |
117 | REPORT_HOST_UNKNOWN | |
118 | } | |
119 | ReportType; | |
120 | ||
55abcbb2 | 121 | #define sendheader(c, r) sendto_one_notice(c, "%s", HeaderMessages[(r)]) |
212380e3 | 122 | |
330fc5c1 | 123 | static rb_dlink_list auth_poll_list; |
398b6a73 | 124 | static rb_bh *auth_heap; |
212380e3 AC |
125 | static EVH timeout_auth_queries_event; |
126 | ||
127 | static PF read_auth_reply; | |
128 | static CNCB auth_connect_callback; | |
129 | ||
130 | /* | |
131 | * init_auth() | |
132 | * | |
133 | * Initialise the auth code | |
134 | */ | |
135 | void | |
136 | init_auth(void) | |
137 | { | |
138 | /* This hook takes a struct Client for its argument */ | |
139 | memset(&auth_poll_list, 0, sizeof(auth_poll_list)); | |
12aea5fe | 140 | rb_event_addish("timeout_auth_queries_event", timeout_auth_queries_event, NULL, 1); |
c6f49c9a | 141 | auth_heap = rb_bh_create(sizeof(struct AuthRequest), LCLIENT_HEAP_SIZE, "auth_heap"); |
212380e3 AC |
142 | } |
143 | ||
144 | /* | |
145 | * make_auth_request - allocate a new auth request | |
146 | */ | |
147 | static struct AuthRequest * | |
148 | make_auth_request(struct Client *client) | |
149 | { | |
398b6a73 | 150 | struct AuthRequest *request = rb_bh_alloc(auth_heap); |
212380e3 | 151 | client->localClient->auth_request = request; |
c6f49c9a | 152 | request->F = NULL; |
212380e3 | 153 | request->client = client; |
e3354945 | 154 | request->timeout = rb_current_time() + ConfigFileEntry.connect_timeout; |
212380e3 AC |
155 | return request; |
156 | } | |
157 | ||
158 | /* | |
159 | * free_auth_request - cleanup auth request allocations | |
160 | */ | |
161 | static void | |
162 | free_auth_request(struct AuthRequest *request) | |
163 | { | |
398b6a73 | 164 | rb_bh_free(auth_heap, request); |
212380e3 AC |
165 | } |
166 | ||
167 | /* | |
168 | * release_auth_client - release auth client from auth system | |
169 | * this adds the client into the local client lists so it can be read by | |
170 | * the main io processing loop | |
171 | */ | |
172 | static void | |
173 | release_auth_client(struct AuthRequest *auth) | |
174 | { | |
175 | struct Client *client = auth->client; | |
55abcbb2 | 176 | |
212380e3 AC |
177 | if(IsDNSPending(auth) || IsDoingAuth(auth)) |
178 | return; | |
179 | ||
180 | client->localClient->auth_request = NULL; | |
330fc5c1 | 181 | rb_dlinkDelete(&auth->node, &auth_poll_list); |
55abcbb2 | 182 | free_auth_request(auth); |
212380e3 AC |
183 | |
184 | /* | |
185 | * When a client has auth'ed, we want to start reading what it sends | |
186 | * us. This is what read_packet() does. | |
187 | * -- adrian | |
188 | */ | |
330fc5c1 | 189 | rb_dlinkAddTail(client, &client->node, &global_client_list); |
c6f49c9a | 190 | read_packet(client->localClient->F, client); |
212380e3 AC |
191 | } |
192 | ||
193 | /* | |
194 | * auth_dns_callback - called when resolver query finishes | |
195 | * if the query resulted in a successful search, hp will contain | |
196 | * a non-null pointer, otherwise hp will be null. | |
197 | * set the client on it's way to a connection completion, regardless | |
198 | * of success of failure | |
199 | */ | |
200 | static void | |
1d02144f | 201 | auth_dns_callback(const char *result, int status, int aftype, void *vptr) |
212380e3 AC |
202 | { |
203 | struct AuthRequest *auth = (struct AuthRequest *) vptr; | |
204 | ClearDNSPending(auth); | |
205 | ||
206 | /* XXX: this shouldn't happen, but it does. -nenolod */ | |
207 | if(auth->client->localClient == NULL) | |
208 | { | |
209 | sendto_realops_snomask(SNO_GENERAL, L_ALL, | |
210 | "auth_dns_callback(): auth->client->localClient (%s) is NULL", get_client_name(auth->client, HIDE_IP)); | |
211 | ||
330fc5c1 | 212 | rb_dlinkDelete(&auth->node, &auth_poll_list); |
212380e3 AC |
213 | free_auth_request(auth); |
214 | ||
215 | /* and they will silently drop through and all will hopefully be ok... -nenolod */ | |
216 | return; | |
217 | } | |
218 | ||
1d02144f | 219 | if(result != NULL && status) |
212380e3 AC |
220 | { |
221 | int good = 1; | |
222 | ||
1d02144f | 223 | if(good && strlen(result) <= HOSTLEN) |
212380e3 | 224 | { |
1d02144f | 225 | rb_strlcpy(auth->client->host, result, sizeof(auth->client->host)); |
212380e3 AC |
226 | sendheader(auth->client, REPORT_FIN_DNS); |
227 | } | |
1d02144f | 228 | else if (strlen(result) > HOSTLEN) |
212380e3 AC |
229 | sendheader(auth->client, REPORT_HOST_TOOLONG); |
230 | } | |
231 | else | |
232 | sendheader(auth->client, REPORT_FAIL_DNS); | |
233 | ||
234 | release_auth_client(auth); | |
235 | } | |
236 | ||
237 | /* | |
238 | * authsenderr - handle auth send errors | |
239 | */ | |
240 | static void | |
241 | auth_error(struct AuthRequest *auth) | |
242 | { | |
47adde3d | 243 | ++ServerStats.is_abad; |
212380e3 | 244 | |
c6f49c9a JT |
245 | rb_close(auth->F); |
246 | auth->F = NULL; | |
212380e3 AC |
247 | |
248 | ClearAuth(auth); | |
249 | sendheader(auth->client, REPORT_FAIL_ID); | |
55abcbb2 | 250 | |
212380e3 AC |
251 | release_auth_client(auth); |
252 | } | |
253 | ||
254 | /* | |
55abcbb2 | 255 | * start_auth_query - Flag the client to show that an attempt to |
212380e3 AC |
256 | * contact the ident server on |
257 | * the client's host. The connect and subsequently the socket are all put | |
258 | * into 'non-blocking' mode. Should the connect or any later phase of the | |
259 | * identifing process fail, it is aborted and the user is given a username | |
260 | * of "unknown". | |
261 | */ | |
262 | static int | |
263 | start_auth_query(struct AuthRequest *auth) | |
264 | { | |
c6f49c9a | 265 | struct rb_sockaddr_storage localaddr, destaddr; |
c6f49c9a | 266 | rb_fde_t *F; |
212380e3 | 267 | int family; |
55abcbb2 | 268 | |
212380e3 AC |
269 | if(IsAnyDead(auth->client)) |
270 | return 0; | |
55abcbb2 | 271 | |
212380e3 | 272 | family = auth->client->localClient->ip.ss_family; |
c6f49c9a | 273 | if((F = rb_socket(family, SOCK_STREAM, 0, "ident")) == NULL) |
212380e3 | 274 | { |
825ddf13 | 275 | ilog_error("creating auth stream socket"); |
47adde3d | 276 | ++ServerStats.is_abad; |
212380e3 AC |
277 | return 0; |
278 | } | |
6fcb8629 AC |
279 | |
280 | /* | |
281 | * TBD: this is a pointless arbitrary limit .. we either have a socket or not. -nenolod | |
282 | */ | |
c6f49c9a | 283 | if((maxconnections - 10) < rb_get_fd(F)) |
212380e3 AC |
284 | { |
285 | sendto_realops_snomask(SNO_GENERAL, L_ALL, | |
286 | "Can't allocate fd for auth on %s", | |
287 | get_client_name(auth->client, SHOW_IP)); | |
c6f49c9a | 288 | rb_close(F); |
212380e3 AC |
289 | return 0; |
290 | } | |
291 | ||
292 | sendheader(auth->client, REPORT_DO_ID); | |
293 | ||
55abcbb2 | 294 | /* |
212380e3 AC |
295 | * get the local address of the client and bind to that to |
296 | * make the auth request. This used to be done only for | |
297 | * ifdef VIRTUAL_HOST, but needs to be done for all clients | |
298 | * since the ident request must originate from that same address-- | |
299 | * and machines with multiple IP addresses are common now | |
300 | */ | |
3540120a | 301 | localaddr = auth->client->preClient->lip; |
55abcbb2 | 302 | |
c6f49c9a | 303 | /* XXX mangle_mapped_sockaddr((struct sockaddr *)&localaddr); */ |
ccda6e3f | 304 | #ifdef RB_IPV6 |
212380e3 AC |
305 | if(localaddr.ss_family == AF_INET6) |
306 | { | |
d0ebe1bc | 307 | auth->lport = ntohs(((struct sockaddr_in6 *)&localaddr)->sin6_port); |
212380e3 | 308 | ((struct sockaddr_in6 *)&localaddr)->sin6_port = 0; |
d0ebe1bc JT |
309 | } |
310 | else | |
212380e3 | 311 | #endif |
d0ebe1bc JT |
312 | { |
313 | auth->lport = ntohs(((struct sockaddr_in *)&localaddr)->sin_port); | |
314 | ((struct sockaddr_in *)&localaddr)->sin_port = 0; | |
315 | } | |
c6f49c9a JT |
316 | |
317 | destaddr = auth->client->localClient->ip; | |
ccda6e3f | 318 | #ifdef RB_IPV6 |
c6f49c9a JT |
319 | if(localaddr.ss_family == AF_INET6) |
320 | { | |
d0ebe1bc | 321 | auth->rport = ntohs(((struct sockaddr_in6 *)&destaddr)->sin6_port); |
e33c4818 | 322 | ((struct sockaddr_in6 *)&destaddr)->sin6_port = htons(113); |
d0ebe1bc JT |
323 | } |
324 | else | |
c6f49c9a | 325 | #endif |
d0ebe1bc JT |
326 | { |
327 | auth->rport = ntohs(((struct sockaddr_in *)&destaddr)->sin_port); | |
328 | ((struct sockaddr_in *)&destaddr)->sin_port = htons(113); | |
329 | } | |
55abcbb2 | 330 | |
c6f49c9a | 331 | auth->F = F; |
212380e3 AC |
332 | SetAuthConnect(auth); |
333 | ||
c6f49c9a JT |
334 | rb_connect_tcp(F, (struct sockaddr *)&destaddr, |
335 | (struct sockaddr *) &localaddr, GET_SS_LEN(&localaddr), | |
55abcbb2 | 336 | auth_connect_callback, auth, |
c6f49c9a | 337 | GlobalSetOptions.ident_timeout); |
212380e3 AC |
338 | return 1; /* We suceed here for now */ |
339 | } | |
340 | ||
341 | /* | |
342 | * GetValidIdent - parse ident query reply from identd server | |
55abcbb2 | 343 | * |
212380e3 AC |
344 | * Inputs - pointer to ident buf |
345 | * Output - NULL if no valid ident found, otherwise pointer to name | |
346 | * Side effects - | |
347 | */ | |
348 | static char * | |
349 | GetValidIdent(char *buf) | |
350 | { | |
351 | int remp = 0; | |
352 | int locp = 0; | |
353 | char *colon1Ptr; | |
354 | char *colon2Ptr; | |
355 | char *colon3Ptr; | |
356 | char *commaPtr; | |
357 | char *remotePortString; | |
358 | ||
359 | /* All this to get rid of a sscanf() fun. */ | |
360 | remotePortString = buf; | |
361 | ||
362 | colon1Ptr = strchr(remotePortString, ':'); | |
363 | if(!colon1Ptr) | |
364 | return 0; | |
365 | ||
366 | *colon1Ptr = '\0'; | |
367 | colon1Ptr++; | |
368 | colon2Ptr = strchr(colon1Ptr, ':'); | |
369 | if(!colon2Ptr) | |
370 | return 0; | |
371 | ||
372 | *colon2Ptr = '\0'; | |
373 | colon2Ptr++; | |
374 | commaPtr = strchr(remotePortString, ','); | |
375 | ||
376 | if(!commaPtr) | |
377 | return 0; | |
378 | ||
379 | *commaPtr = '\0'; | |
380 | commaPtr++; | |
381 | ||
382 | remp = atoi(remotePortString); | |
383 | if(!remp) | |
384 | return 0; | |
385 | ||
386 | locp = atoi(commaPtr); | |
387 | if(!locp) | |
388 | return 0; | |
389 | ||
390 | /* look for USERID bordered by first pair of colons */ | |
391 | if(!strstr(colon1Ptr, "USERID")) | |
392 | return 0; | |
393 | ||
394 | colon3Ptr = strchr(colon2Ptr, ':'); | |
395 | if(!colon3Ptr) | |
396 | return 0; | |
397 | ||
398 | *colon3Ptr = '\0'; | |
399 | colon3Ptr++; | |
400 | return (colon3Ptr); | |
401 | } | |
402 | ||
403 | /* | |
404 | * start_auth - starts auth (identd) and dns queries for a client | |
405 | */ | |
406 | void | |
407 | start_auth(struct Client *client) | |
408 | { | |
409 | struct AuthRequest *auth = 0; | |
410 | s_assert(0 != client); | |
411 | if(client == NULL) | |
412 | return; | |
413 | ||
212380e3 AC |
414 | auth = make_auth_request(client); |
415 | ||
212380e3 AC |
416 | sendheader(client, REPORT_DO_DNS); |
417 | ||
418 | /* No DNS cache now, remember? -- adrian */ | |
1d02144f | 419 | auth->dns_id = lookup_ip(client->sockhost, GET_SS_FAMILY(&client->localClient->ip), auth_dns_callback, auth); |
212380e3 AC |
420 | |
421 | SetDNSPending(auth); | |
422 | ||
423 | if(ConfigFileEntry.disable_auth == 0) | |
424 | start_auth_query(auth); | |
425 | ||
330fc5c1 | 426 | rb_dlinkAdd(auth, &auth->node, &auth_poll_list); |
212380e3 AC |
427 | } |
428 | ||
429 | /* | |
430 | * timeout_auth_queries - timeout resolver and identd requests | |
431 | * allow clients through if requests failed | |
432 | */ | |
433 | static void | |
434 | timeout_auth_queries_event(void *notused) | |
435 | { | |
330fc5c1 | 436 | rb_dlink_node *ptr; |
637c4932 | 437 | rb_dlink_node *next_ptr; |
212380e3 AC |
438 | struct AuthRequest *auth; |
439 | ||
637c4932 | 440 | RB_DLINK_FOREACH_SAFE(ptr, next_ptr, auth_poll_list.head) |
212380e3 AC |
441 | { |
442 | auth = ptr->data; | |
443 | ||
e3354945 | 444 | if(auth->timeout < rb_current_time()) |
212380e3 | 445 | { |
c6f49c9a JT |
446 | if(auth->F != NULL) |
447 | rb_close(auth->F); | |
212380e3 AC |
448 | |
449 | if(IsDoingAuth(auth)) | |
450 | { | |
451 | ClearAuth(auth); | |
47adde3d | 452 | ++ServerStats.is_abad; |
212380e3 AC |
453 | sendheader(auth->client, REPORT_FAIL_ID); |
454 | auth->client->localClient->auth_request = NULL; | |
455 | } | |
456 | if(IsDNSPending(auth)) | |
457 | { | |
458 | ClearDNSPending(auth); | |
1d02144f | 459 | cancel_lookup(auth->dns_id); |
212380e3 AC |
460 | sendheader(auth->client, REPORT_FAIL_DNS); |
461 | } | |
462 | ||
e3354945 | 463 | auth->client->localClient->lasttime = rb_current_time(); |
212380e3 AC |
464 | release_auth_client(auth); |
465 | } | |
466 | } | |
467 | } | |
468 | ||
469 | /* | |
b2f0da88 | 470 | * auth_connect_callback() - deal with the result of rb_connect_tcp() |
212380e3 AC |
471 | * |
472 | * If the connection failed, we simply close the auth fd and report | |
473 | * a failure. If the connection suceeded send the ident server a query | |
474 | * giving "theirport , ourport". The write is only attempted *once* so | |
475 | * it is deemed to be a fail if the entire write doesn't write all the | |
476 | * data given. This shouldnt be a problem since the socket should have | |
477 | * a write buffer far greater than this message to store it in should | |
478 | * problems arise. -avalon | |
479 | */ | |
480 | static void | |
c6f49c9a | 481 | auth_connect_callback(rb_fde_t *F, int error, void *data) |
212380e3 AC |
482 | { |
483 | struct AuthRequest *auth = data; | |
212380e3 | 484 | char authbuf[32]; |
9279ad64 | 485 | int authlen; |
212380e3 AC |
486 | |
487 | /* Check the error */ | |
c6f49c9a | 488 | if(error != RB_OK) |
212380e3 AC |
489 | { |
490 | /* We had an error during connection :( */ | |
491 | auth_error(auth); | |
492 | return; | |
493 | } | |
494 | ||
5203cba5 | 495 | snprintf(authbuf, sizeof(authbuf), "%u , %u\r\n", |
d0ebe1bc | 496 | auth->rport, auth->lport); |
9279ad64 | 497 | authlen = strlen(authbuf); |
212380e3 | 498 | |
9279ad64 | 499 | if(rb_write(auth->F, authbuf, authlen) != authlen) |
212380e3 AC |
500 | { |
501 | auth_error(auth); | |
502 | return; | |
503 | } | |
504 | ClearAuthConnect(auth); | |
505 | SetAuthPending(auth); | |
c6f49c9a | 506 | read_auth_reply(auth->F, auth); |
212380e3 AC |
507 | } |
508 | ||
509 | ||
510 | /* | |
55abcbb2 | 511 | * read_auth_reply - read the reply (if any) from the ident server |
212380e3 AC |
512 | * we connected to. |
513 | * We only give it one shot, if the reply isn't good the first time | |
514 | * fail the authentication entirely. --Bleep | |
515 | */ | |
516 | #define AUTH_BUFSIZ 128 | |
517 | ||
518 | static void | |
c6f49c9a | 519 | read_auth_reply(rb_fde_t *F, void *data) |
212380e3 AC |
520 | { |
521 | struct AuthRequest *auth = data; | |
522 | char *s = NULL; | |
523 | char *t = NULL; | |
524 | int len; | |
525 | int count; | |
526 | char buf[AUTH_BUFSIZ + 1]; /* buffer to read auth reply into */ | |
527 | ||
dd1b211f | 528 | len = rb_read(F, buf, AUTH_BUFSIZ); |
212380e3 | 529 | |
c6f49c9a | 530 | if(len < 0 && rb_ignore_errno(errno)) |
212380e3 | 531 | { |
c6f49c9a | 532 | rb_setselect(F, RB_SELECT_READ, read_auth_reply, auth); |
212380e3 AC |
533 | return; |
534 | } | |
535 | ||
536 | if(len > 0) | |
537 | { | |
538 | buf[len] = '\0'; | |
539 | ||
540 | if((s = GetValidIdent(buf))) | |
541 | { | |
542 | t = auth->client->username; | |
543 | ||
544 | while (*s == '~' || *s == '^') | |
545 | s++; | |
546 | ||
547 | for (count = USERLEN; *s && count; s++) | |
548 | { | |
549 | if(*s == '@') | |
550 | { | |
551 | break; | |
552 | } | |
553 | if(!IsSpace(*s) && *s != ':' && *s != '[') | |
554 | { | |
555 | *t++ = *s; | |
556 | count--; | |
557 | } | |
558 | } | |
559 | *t = '\0'; | |
560 | } | |
561 | } | |
562 | ||
c6f49c9a JT |
563 | rb_close(auth->F); |
564 | auth->F = NULL; | |
212380e3 AC |
565 | ClearAuth(auth); |
566 | ||
567 | if(s == NULL) | |
568 | { | |
47adde3d | 569 | ++ServerStats.is_abad; |
212380e3 AC |
570 | strcpy(auth->client->username, "unknown"); |
571 | sendheader(auth->client, REPORT_FAIL_ID); | |
572 | } | |
573 | else | |
574 | { | |
575 | sendheader(auth->client, REPORT_FIN_ID); | |
47adde3d | 576 | ++ServerStats.is_asuc; |
212380e3 AC |
577 | SetGotId(auth->client); |
578 | } | |
579 | ||
580 | release_auth_client(auth); | |
581 | } | |
582 | ||
583 | ||
584 | ||
585 | /* | |
586 | * delete_auth_queries() | |
587 | * | |
588 | */ | |
589 | void | |
590 | delete_auth_queries(struct Client *target_p) | |
591 | { | |
592 | struct AuthRequest *auth; | |
593 | ||
594 | if(target_p == NULL || target_p->localClient == NULL || | |
595 | target_p->localClient->auth_request == NULL) | |
596 | return; | |
55abcbb2 | 597 | |
212380e3 AC |
598 | auth = target_p->localClient->auth_request; |
599 | target_p->localClient->auth_request = NULL; | |
600 | ||
601 | if(IsDNSPending(auth)) | |
1d02144f | 602 | cancel_lookup(auth->dns_id); |
212380e3 | 603 | |
c6f49c9a JT |
604 | if(auth->F != NULL) |
605 | rb_close(auth->F); | |
55abcbb2 | 606 | |
330fc5c1 | 607 | rb_dlinkDelete(&auth->node, &auth_poll_list); |
212380e3 AC |
608 | free_auth_request(auth); |
609 | } |