2 * ssld.c: The ircd-ratbox ssl/zlib helper daemon thingy
3 * Copyright (C) 2007 Aaron Sethman <androsyn@ratbox.org>
4 * Copyright (C) 2007 ircd-ratbox development team
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
33 #define READBUF_SIZE 16384
36 static void setup_signals(void);
40 buf_to_int32(char *buf
)
43 memcpy(&x
, buf
, sizeof(x
));
48 int32_to_buf(char *buf
, int32_t x
)
50 memcpy(buf
, &x
, sizeof(x
));
54 static inline uint16_t
55 buf_to_uint16(char *buf
)
58 memcpy(&x
, buf
, sizeof(x
));
63 uint16_to_buf(char *buf
, uint16_t x
)
65 memcpy(buf
, &x
, sizeof(x
));
70 static char inbuf
[READBUF_SIZE
];
72 static char outbuf
[READBUF_SIZE
];
75 typedef struct _mod_ctl_buf
80 rb_fde_t
*F
[MAXPASSFD
];
84 typedef struct _mod_ctl
94 static mod_ctl_t
*mod_ctl
;
98 typedef struct _zlib_stream
109 rawbuf_head_t
*modbuf_out
;
110 rawbuf_head_t
*plainbuf_out
;
116 unsigned long long mod_out
;
117 unsigned long long mod_in
;
118 unsigned long long plain_in
;
119 unsigned long long plain_out
;
124 #define FLAG_SSL 0x01
125 #define FLAG_ZIP 0x02
126 #define FLAG_CORK 0x04
127 #define FLAG_DEAD 0x08
128 #define FLAG_SSL_W_WANTS_R 0x10 /* output needs to wait until input possible */
129 #define FLAG_SSL_R_WANTS_W 0x20 /* input needs to wait until output possible */
131 #define IsSSL(x) ((x)->flags & FLAG_SSL)
132 #define IsZip(x) ((x)->flags & FLAG_ZIP)
133 #define IsCork(x) ((x)->flags & FLAG_CORK)
134 #define IsDead(x) ((x)->flags & FLAG_DEAD)
135 #define IsSSLWWantsR(x) ((x)->flags & FLAG_SSL_W_WANTS_R)
136 #define IsSSLRWantsW(x) ((x)->flags & FLAG_SSL_R_WANTS_W)
138 #define SetSSL(x) ((x)->flags |= FLAG_SSL)
139 #define SetZip(x) ((x)->flags |= FLAG_ZIP)
140 #define SetCork(x) ((x)->flags |= FLAG_CORK)
141 #define SetDead(x) ((x)->flags |= FLAG_DEAD)
142 #define SetSSLWWantsR(x) ((x)->flags |= FLAG_SSL_W_WANTS_R)
143 #define SetSSLRWantsW(x) ((x)->flags |= FLAG_SSL_R_WANTS_W)
145 #define ClearSSL(x) ((x)->flags &= ~FLAG_SSL)
146 #define ClearZip(x) ((x)->flags &= ~FLAG_ZIP)
147 #define ClearCork(x) ((x)->flags &= ~FLAG_CORK)
148 #define ClearDead(x) ((x)->flags &= ~FLAG_DEAD)
149 #define ClearSSLWWantsR(x) ((x)->flags &= ~FLAG_SSL_W_WANTS_R)
150 #define ClearSSLRWantsW(x) ((x)->flags &= ~FLAG_SSL_R_WANTS_W)
153 #define WAIT_PLAIN 0x1
155 #define HASH_WALK_SAFE(i, max, ptr, next, table) for(i = 0; i < max; i++) { RB_DLINK_FOREACH_SAFE(ptr, next, table[i].head)
156 #define HASH_WALK_END }
157 #define CONN_HASH_SIZE 2000
158 #define connid_hash(x) (&connid_hash_table[(x % CONN_HASH_SIZE)])
162 static rb_dlink_list connid_hash_table
[CONN_HASH_SIZE
];
163 static rb_dlink_list dead_list
;
165 static void conn_mod_read_cb(rb_fde_t
*fd
, void *data
);
166 static void conn_mod_write_sendq(rb_fde_t
*, void *data
);
167 static void conn_plain_write_sendq(rb_fde_t
*, void *data
);
168 static void mod_write_ctl(rb_fde_t
*, void *data
);
169 static void conn_plain_read_cb(rb_fde_t
*fd
, void *data
);
170 static void mod_cmd_write_queue(mod_ctl_t
* ctl
, const void *data
, size_t len
);
171 static const char *remote_closed
= "Remote host closed the connection";
174 static int zlib_ok
= 1;
176 static int zlib_ok
= 0;
182 ssld_alloc(void *unused
, size_t count
, size_t size
)
184 return rb_malloc(count
* size
);
188 ssld_free(void *unused
, void *ptr
)
195 conn_find_by_id(int32_t id
)
200 RB_DLINK_FOREACH(ptr
, (connid_hash(id
))->head
)
203 if(conn
->id
== id
&& !IsDead(conn
))
210 conn_add_id_hash(conn_t
* conn
, int32_t id
)
213 rb_dlinkAdd(conn
, &conn
->node
, connid_hash(id
));
217 free_conn(conn_t
* conn
)
219 rb_free_rawbuffer(conn
->modbuf_out
);
220 rb_free_rawbuffer(conn
->plainbuf_out
);
224 zlib_stream_t
*stream
= conn
->stream
;
225 inflateEnd(&stream
->instream
);
226 deflateEnd(&stream
->outstream
);
233 clean_dead_conns(void *unused
)
236 rb_dlink_node
*ptr
, *next
;
237 RB_DLINK_FOREACH_SAFE(ptr
, next
, dead_list
.head
)
242 dead_list
.tail
= dead_list
.head
= NULL
;
247 close_conn(conn_t
* conn
, int wait_plain
, const char *fmt
, ...)
250 char reason
[128]; /* must always be under 250 bytes */
256 rb_rawbuf_flush(conn
->modbuf_out
, conn
->mod_fd
);
257 rb_rawbuf_flush(conn
->plainbuf_out
, conn
->plain_fd
);
258 rb_close(conn
->mod_fd
);
261 if(!wait_plain
|| fmt
== NULL
)
263 rb_close(conn
->plain_fd
);
266 rb_dlinkDelete(&conn
->node
, connid_hash(conn
->id
));
267 rb_dlinkAdd(conn
, &conn
->node
, &dead_list
);
270 rb_setselect(conn
->plain_fd
, RB_SELECT_WRITE
| RB_SELECT_READ
, NULL
, NULL
);
272 rb_vsnprintf(reason
, sizeof(reason
), fmt
, ap
);
276 int32_to_buf(&buf
[1], conn
->id
);
277 strcpy(&buf
[5], reason
);
278 len
= (strlen(reason
) + 1) + 5;
279 mod_cmd_write_queue(conn
->ctl
, buf
, len
);
283 make_conn(mod_ctl_t
* ctl
, rb_fde_t
*mod_fd
, rb_fde_t
*plain_fd
)
285 conn_t
*conn
= rb_malloc(sizeof(conn_t
));
287 conn
->modbuf_out
= rb_new_rawbuffer();
288 conn
->plainbuf_out
= rb_new_rawbuffer();
289 conn
->mod_fd
= mod_fd
;
290 conn
->plain_fd
= plain_fd
;
299 check_handshake_flood(void *unused
)
302 rb_dlink_node
*ptr
, *next
;
305 HASH_WALK_SAFE(i
, CONN_HASH_SIZE
, ptr
, next
, connid_hash_table
)
311 count
= rb_ssl_handshake_count(conn
->mod_fd
);
312 /* nothing needs to do this more than twice in ten seconds i don't think */
314 close_conn(conn
, WAIT_PLAIN
, "Handshake flooding");
316 rb_ssl_clear_handshake_count(conn
->mod_fd
);
321 conn_mod_write_sendq(rb_fde_t
*fd
, void *data
)
329 if(IsSSLWWantsR(conn
))
331 ClearSSLWWantsR(conn
);
332 conn_mod_read_cb(conn
->mod_fd
, conn
);
337 while((retlen
= rb_rawbuf_flush(conn
->modbuf_out
, fd
)) > 0)
338 conn
->mod_out
+= retlen
;
340 if(retlen
== 0 || (retlen
< 0 && !rb_ignore_errno(errno
)))
343 close_conn(conn
, WAIT_PLAIN
, "%s", remote_closed
);
344 if(IsSSL(conn
) && retlen
== RB_RW_SSL_ERROR
)
345 err
= rb_get_ssl_strerror(conn
->mod_fd
);
347 err
= strerror(errno
);
348 close_conn(conn
, WAIT_PLAIN
, "Write error: %s", err
);
351 if(rb_rawbuf_length(conn
->modbuf_out
) > 0)
353 if(retlen
!= RB_RW_SSL_NEED_READ
)
354 rb_setselect(conn
->mod_fd
, RB_SELECT_WRITE
, conn_mod_write_sendq
, conn
);
357 rb_setselect(conn
->mod_fd
, RB_SELECT_READ
, conn_mod_write_sendq
, conn
);
358 rb_setselect(conn
->mod_fd
, RB_SELECT_WRITE
, NULL
, NULL
);
363 rb_setselect(conn
->mod_fd
, RB_SELECT_WRITE
, NULL
, NULL
);
365 if(IsCork(conn
) && rb_rawbuf_length(conn
->modbuf_out
) == 0)
368 conn_plain_read_cb(conn
->plain_fd
, conn
);
374 conn_mod_write(conn_t
* conn
, void *data
, size_t len
)
376 if(IsDead(conn
)) /* no point in queueing to a dead man */
378 rb_rawbuf_append(conn
->modbuf_out
, data
, len
);
382 conn_plain_write(conn_t
* conn
, void *data
, size_t len
)
384 if(IsDead(conn
)) /* again no point in queueing to dead men */
386 rb_rawbuf_append(conn
->plainbuf_out
, data
, len
);
390 mod_cmd_write_queue(mod_ctl_t
* ctl
, const void *data
, size_t len
)
392 mod_ctl_buf_t
*ctl_buf
;
393 ctl_buf
= rb_malloc(sizeof(mod_ctl_buf_t
));
394 ctl_buf
->buf
= rb_malloc(len
);
395 ctl_buf
->buflen
= len
;
396 memcpy(ctl_buf
->buf
, data
, len
);
398 rb_dlinkAddTail(ctl_buf
, &ctl_buf
->node
, &ctl
->writeq
);
399 mod_write_ctl(ctl
->F
, ctl
);
404 common_zlib_deflate(conn_t
* conn
, void *buf
, size_t len
)
407 z_stream
*outstream
= &((zlib_stream_t
*) conn
->stream
)->outstream
;
408 outstream
->next_in
= buf
;
409 outstream
->avail_in
= len
;
410 outstream
->next_out
= (Bytef
*) outbuf
;
411 outstream
->avail_out
= sizeof(outbuf
);
413 ret
= deflate(outstream
, Z_SYNC_FLUSH
);
417 close_conn(conn
, WAIT_PLAIN
, "Deflate failed: %s", zError(ret
));
420 if(outstream
->avail_out
== 0)
422 /* avail_out empty */
423 close_conn(conn
, WAIT_PLAIN
, "error compressing data, avail_out == 0");
426 if(outstream
->avail_in
!= 0)
428 /* avail_in isn't empty... */
429 close_conn(conn
, WAIT_PLAIN
, "error compressing data, avail_in != 0");
432 have
= sizeof(outbuf
) - outstream
->avail_out
;
433 conn_mod_write(conn
, outbuf
, have
);
437 common_zlib_inflate(conn_t
* conn
, void *buf
, size_t len
)
440 ((zlib_stream_t
*) conn
->stream
)->instream
.next_in
= buf
;
441 ((zlib_stream_t
*) conn
->stream
)->instream
.avail_in
= len
;
442 ((zlib_stream_t
*) conn
->stream
)->instream
.next_out
= (Bytef
*) outbuf
;
443 ((zlib_stream_t
*) conn
->stream
)->instream
.avail_out
= sizeof(outbuf
);
445 while(((zlib_stream_t
*) conn
->stream
)->instream
.avail_in
)
447 ret
= inflate(&((zlib_stream_t
*) conn
->stream
)->instream
, Z_NO_FLUSH
);
450 if(!strncmp("ERROR ", buf
, 6))
452 close_conn(conn
, WAIT_PLAIN
, "Received uncompressed ERROR");
455 close_conn(conn
, WAIT_PLAIN
, "Inflate failed: %s", zError(ret
));
458 have
= sizeof(outbuf
) - ((zlib_stream_t
*) conn
->stream
)->instream
.avail_out
;
460 if(((zlib_stream_t
*) conn
->stream
)->instream
.avail_in
)
462 conn_plain_write(conn
, outbuf
, have
);
464 ((zlib_stream_t
*) conn
->stream
)->instream
.next_out
= (Bytef
*) outbuf
;
465 ((zlib_stream_t
*) conn
->stream
)->instream
.avail_out
= sizeof(outbuf
);
471 conn_plain_write(conn
, outbuf
, have
);
476 plain_check_cork(conn_t
* conn
)
478 if(rb_rawbuf_length(conn
->modbuf_out
) >= 4096)
480 /* if we have over 4k pending outbound, don't read until
481 * we've cleared the queue */
483 rb_setselect(conn
->plain_fd
, RB_SELECT_READ
, NULL
, NULL
);
485 conn_mod_write_sendq(conn
->mod_fd
, conn
);
493 conn_plain_read_cb(rb_fde_t
*fd
, void *data
)
503 if(plain_check_cork(conn
))
511 length
= rb_read(conn
->plain_fd
, inbuf
, sizeof(inbuf
));
513 if(length
== 0 || (length
< 0 && !rb_ignore_errno(errno
)))
515 close_conn(conn
, NO_WAIT
, NULL
);
521 rb_setselect(conn
->plain_fd
, RB_SELECT_READ
, conn_plain_read_cb
, conn
);
522 conn_mod_write_sendq(conn
->mod_fd
, conn
);
525 conn
->plain_in
+= length
;
529 common_zlib_deflate(conn
, inbuf
, length
);
532 conn_mod_write(conn
, inbuf
, length
);
535 if(plain_check_cork(conn
))
541 conn_mod_read_cb(rb_fde_t
*fd
, void *data
)
544 const char *err
= remote_closed
;
551 if(IsSSLRWantsW(conn
))
553 ClearSSLRWantsW(conn
);
554 conn_mod_write_sendq(conn
->mod_fd
, conn
);
564 length
= rb_read(conn
->mod_fd
, inbuf
, sizeof(inbuf
));
566 if(length
== 0 || (length
< 0 && !rb_ignore_errno(errno
)))
570 close_conn(conn
, WAIT_PLAIN
, "%s", remote_closed
);
574 if(IsSSL(conn
) && length
== RB_RW_SSL_ERROR
)
575 err
= rb_get_ssl_strerror(conn
->mod_fd
);
577 err
= strerror(errno
);
578 close_conn(conn
, WAIT_PLAIN
, "Read error: %s", err
);
583 if(length
!= RB_RW_SSL_NEED_WRITE
)
584 rb_setselect(conn
->mod_fd
, RB_SELECT_READ
, conn_mod_read_cb
, conn
);
587 rb_setselect(conn
->mod_fd
, RB_SELECT_READ
, NULL
, NULL
);
588 rb_setselect(conn
->mod_fd
, RB_SELECT_WRITE
, conn_mod_read_cb
, conn
);
591 conn_plain_write_sendq(conn
->plain_fd
, conn
);
594 conn
->mod_in
+= length
;
597 common_zlib_inflate(conn
, inbuf
, length
);
600 conn_plain_write(conn
, inbuf
, length
);
605 conn_plain_write_sendq(rb_fde_t
*fd
, void *data
)
613 while((retlen
= rb_rawbuf_flush(conn
->plainbuf_out
, fd
)) > 0)
615 conn
->plain_out
+= retlen
;
617 if(retlen
== 0 || (retlen
< 0 && !rb_ignore_errno(errno
)))
619 close_conn(data
, NO_WAIT
, NULL
);
624 if(rb_rawbuf_length(conn
->plainbuf_out
) > 0)
625 rb_setselect(conn
->plain_fd
, RB_SELECT_WRITE
, conn_plain_write_sendq
, conn
);
627 rb_setselect(conn
->plain_fd
, RB_SELECT_WRITE
, NULL
, NULL
);
633 #if defined(RLIMIT_NOFILE) && defined(HAVE_SYS_RESOURCE_H)
636 if(!getrlimit(RLIMIT_NOFILE
, &limit
))
638 return limit
.rlim_cur
;
640 #endif /* RLIMIT_FD_MAX */
641 return MAXCONNECTIONS
;
645 ssl_process_accept_cb(rb_fde_t
*F
, int status
, struct sockaddr
*addr
, rb_socklen_t len
, void *data
)
650 conn_mod_read_cb(conn
->mod_fd
, conn
);
651 conn_plain_read_cb(conn
->plain_fd
, conn
);
654 /* ircd doesn't care about the reason for this */
655 close_conn(conn
, NO_WAIT
, 0);
660 ssl_process_connect_cb(rb_fde_t
*F
, int status
, void *data
)
665 conn_mod_read_cb(conn
->mod_fd
, conn
);
666 conn_plain_read_cb(conn
->plain_fd
, conn
);
668 else if(status
== RB_ERR_TIMEOUT
)
669 close_conn(conn
, WAIT_PLAIN
, "SSL handshake timed out");
670 else if(status
== RB_ERROR_SSL
)
671 close_conn(conn
, WAIT_PLAIN
, "%s", rb_get_ssl_strerror(conn
->mod_fd
));
673 close_conn(conn
, WAIT_PLAIN
, "SSL handshake failed");
678 ssl_process_accept(mod_ctl_t
* ctl
, mod_ctl_buf_t
* ctlb
)
683 conn
= make_conn(ctl
, ctlb
->F
[0], ctlb
->F
[1]);
685 id
= buf_to_int32(&ctlb
->buf
[1]);
688 conn_add_id_hash(conn
, id
);
691 if(rb_get_type(conn
->mod_fd
) & RB_FD_UNKNOWN
)
694 rb_set_type(conn
->mod_fd
, RB_FD_SOCKET
);
696 if(rb_get_type(conn
->mod_fd
) == RB_FD_UNKNOWN
)
697 rb_set_type(conn
->plain_fd
, RB_FD_SOCKET
);
699 rb_ssl_start_accepted(ctlb
->F
[0], ssl_process_accept_cb
, conn
, 10);
703 ssl_process_connect(mod_ctl_t
* ctl
, mod_ctl_buf_t
* ctlb
)
707 conn
= make_conn(ctl
, ctlb
->F
[0], ctlb
->F
[1]);
709 id
= buf_to_int32(&ctlb
->buf
[1]);
712 conn_add_id_hash(conn
, id
);
715 if(rb_get_type(conn
->mod_fd
) == RB_FD_UNKNOWN
)
716 rb_set_type(conn
->mod_fd
, RB_FD_SOCKET
);
718 if(rb_get_type(conn
->mod_fd
) == RB_FD_UNKNOWN
)
719 rb_set_type(conn
->plain_fd
, RB_FD_SOCKET
);
722 rb_ssl_start_connected(ctlb
->F
[0], ssl_process_connect_cb
, conn
, 10);
726 process_stats(mod_ctl_t
* ctl
, mod_ctl_buf_t
* ctlb
)
733 id
= buf_to_int32(&ctlb
->buf
[1]);
738 odata
= &ctlb
->buf
[5];
739 conn
= conn_find_by_id(id
);
744 rb_snprintf(outstat
, sizeof(outstat
), "S %s %llu %llu %llu %llu", odata
,
745 conn
->plain_out
, conn
->mod_in
, conn
->plain_in
, conn
->mod_out
);
750 mod_cmd_write_queue(ctl
, outstat
, strlen(outstat
) + 1); /* +1 is so we send the \0 as well */
755 zlib_process(mod_ctl_t
* ctl
, mod_ctl_buf_t
* ctlb
)
759 size_t hdr
= (sizeof(uint8_t) * 2) + sizeof(int32_t);
761 z_stream
*instream
, *outstream
;
765 conn
= make_conn(ctl
, ctlb
->F
[0], ctlb
->F
[1]);
766 if(rb_get_type(conn
->mod_fd
) == RB_FD_UNKNOWN
)
767 rb_set_type(conn
->mod_fd
, RB_FD_SOCKET
);
769 if(rb_get_type(conn
->plain_fd
) == RB_FD_UNKNOWN
)
770 rb_set_type(conn
->plain_fd
, RB_FD_SOCKET
);
772 id
= buf_to_int32(&ctlb
->buf
[1]);
773 conn_add_id_hash(conn
, id
);
775 level
= (uint8_t)ctlb
->buf
[5];
777 recvqlen
= ctlb
->buflen
- hdr
;
778 recvq_start
= &ctlb
->buf
[6];
781 conn
->stream
= rb_malloc(sizeof(zlib_stream_t
));
782 instream
= &((zlib_stream_t
*) conn
->stream
)->instream
;
783 outstream
= &((zlib_stream_t
*) conn
->stream
)->outstream
;
785 instream
->total_in
= 0;
786 instream
->total_out
= 0;
787 instream
->zalloc
= (alloc_func
) ssld_alloc
;
788 instream
->zfree
= (free_func
) ssld_free
;
789 instream
->data_type
= Z_ASCII
;
790 inflateInit(&((zlib_stream_t
*) conn
->stream
)->instream
);
792 outstream
->total_in
= 0;
793 outstream
->total_out
= 0;
794 outstream
->zalloc
= (alloc_func
) ssld_alloc
;
795 outstream
->zfree
= (free_func
) ssld_free
;
796 outstream
->data_type
= Z_ASCII
;
799 level
= Z_DEFAULT_COMPRESSION
;
801 deflateInit(&((zlib_stream_t
*) conn
->stream
)->outstream
, level
);
803 common_zlib_inflate(conn
, recvq_start
, recvqlen
);
805 conn_mod_read_cb(conn
->mod_fd
, conn
);
806 conn_plain_read_cb(conn
->plain_fd
, conn
);
813 init_prng(mod_ctl_t
* ctl
, mod_ctl_buf_t
* ctl_buf
)
816 prng_seed_t seed_type
;
818 seed_type
= (prng_seed_t
) ctl_buf
->buf
[1];
819 path
= &ctl_buf
->buf
[2];
820 rb_init_prng(path
, seed_type
);
825 ssl_new_keys(mod_ctl_t
* ctl
, mod_ctl_buf_t
* ctl_buf
)
828 char *cert
, *key
, *dhparam
;
830 buf
= &ctl_buf
->buf
[2];
832 buf
+= strlen(cert
) + 1;
834 buf
+= strlen(key
) + 1;
836 if(strlen(dhparam
) == 0)
839 if(!rb_setup_ssl_server(cert
, key
, dhparam
))
841 const char *invalid
= "I";
842 mod_cmd_write_queue(ctl
, invalid
, strlen(invalid
));
848 send_nossl_support(mod_ctl_t
* ctl
, mod_ctl_buf_t
* ctlb
)
850 static const char *nossl_cmd
= "N";
856 conn
= make_conn(ctl
, ctlb
->F
[0], ctlb
->F
[1]);
857 id
= buf_to_int32(&ctlb
->buf
[1]);
860 conn_add_id_hash(conn
, id
);
861 close_conn(conn
, WAIT_PLAIN
, "libratbox reports no SSL/TLS support");
863 mod_cmd_write_queue(ctl
, nossl_cmd
, strlen(nossl_cmd
));
867 send_i_am_useless(mod_ctl_t
* ctl
)
869 static const char *useless
= "U";
870 mod_cmd_write_queue(ctl
, useless
, strlen(useless
));
874 send_nozlib_support(mod_ctl_t
* ctl
, mod_ctl_buf_t
* ctlb
)
876 static const char *nozlib_cmd
= "z";
881 conn
= make_conn(ctl
, ctlb
->F
[0], ctlb
->F
[1]);
882 id
= buf_to_int32(&ctlb
->buf
[1]);
885 conn_add_id_hash(conn
, id
);
886 close_conn(conn
, WAIT_PLAIN
, "libratbox reports no zlib support");
888 mod_cmd_write_queue(ctl
, nozlib_cmd
, strlen(nozlib_cmd
));
892 mod_process_cmd_recv(mod_ctl_t
* ctl
)
894 rb_dlink_node
*ptr
, *next
;
895 mod_ctl_buf_t
*ctl_buf
;
897 RB_DLINK_FOREACH_SAFE(ptr
, next
, ctl
->readq
.head
)
901 switch (*ctl_buf
->buf
)
907 send_nossl_support(ctl
, ctl_buf
);
910 ssl_process_accept(ctl
, ctl_buf
);
917 send_nossl_support(ctl
, ctl_buf
);
920 ssl_process_connect(ctl
, ctl_buf
);
928 send_nossl_support(ctl
, ctl_buf
);
931 ssl_new_keys(ctl
, ctl_buf
);
935 init_prng(ctl
, ctl_buf
);
939 process_stats(ctl
, ctl_buf
);
946 zlib_process(ctl
, ctl_buf
);
952 send_nozlib_support(ctl
, ctl_buf
);
958 /* Log unknown commands */
960 rb_dlinkDelete(ptr
, &ctl
->readq
);
961 rb_free(ctl_buf
->buf
);
970 mod_read_ctl(rb_fde_t
*F
, void *data
)
972 mod_ctl_buf_t
*ctl_buf
;
973 mod_ctl_t
*ctl
= data
;
978 ctl_buf
= rb_malloc(sizeof(mod_ctl_buf_t
));
979 ctl_buf
->buf
= rb_malloc(READBUF_SIZE
);
980 ctl_buf
->buflen
= READBUF_SIZE
;
981 retlen
= rb_recv_fd_buf(ctl
->F
, ctl_buf
->buf
, ctl_buf
->buflen
, ctl_buf
->F
,
985 rb_free(ctl_buf
->buf
);
990 ctl_buf
->buflen
= retlen
;
991 rb_dlinkAddTail(ctl_buf
, &ctl_buf
->node
, &ctl
->readq
);
996 if(retlen
== 0 || (retlen
< 0 && !rb_ignore_errno(errno
)))
999 mod_process_cmd_recv(ctl
);
1000 rb_setselect(ctl
->F
, RB_SELECT_READ
, mod_read_ctl
, ctl
);
1004 mod_write_ctl(rb_fde_t
*F
, void *data
)
1006 mod_ctl_t
*ctl
= data
;
1007 mod_ctl_buf_t
*ctl_buf
;
1008 rb_dlink_node
*ptr
, *next
;
1011 RB_DLINK_FOREACH_SAFE(ptr
, next
, ctl
->writeq
.head
)
1013 ctl_buf
= ptr
->data
;
1014 retlen
= rb_send_fd_buf(ctl
->F
, ctl_buf
->F
, ctl_buf
->nfds
, ctl_buf
->buf
,
1015 ctl_buf
->buflen
, ppid
);
1018 rb_dlinkDelete(ptr
, &ctl
->writeq
);
1019 for(x
= 0; x
< ctl_buf
->nfds
; x
++)
1020 rb_close(ctl_buf
->F
[x
]);
1021 rb_free(ctl_buf
->buf
);
1025 if(retlen
== 0 || (retlen
< 0 && !rb_ignore_errno(errno
)))
1028 rb_setselect(ctl
->F
, RB_SELECT_WRITE
, mod_write_ctl
, ctl
);
1034 read_pipe_ctl(rb_fde_t
*F
, void *data
)
1037 while((retlen
= rb_read(F
, inbuf
, sizeof(inbuf
))) > 0)
1039 ;; /* we don't do anything with the pipe really, just care if the other process dies.. */
1041 if(retlen
== 0 || (retlen
< 0 && !rb_ignore_errno(errno
)))
1043 rb_setselect(F
, RB_SELECT_READ
, read_pipe_ctl
, NULL
);
1048 main(int argc
, char **argv
)
1050 const char *s_ctlfd
, *s_pipe
, *s_pid
;
1051 int ctlfd
, pipefd
, x
, maxfd
;
1054 s_ctlfd
= getenv("CTL_FD");
1055 s_pipe
= getenv("CTL_PIPE");
1056 s_pid
= getenv("CTL_PPID");
1058 if(s_ctlfd
== NULL
|| s_pipe
== NULL
|| s_pid
== NULL
)
1061 "This is ircd-ratbox ssld. You know you aren't supposed to run me directly?\n");
1063 "You get an Id tag for this: $Id$\n");
1064 fprintf(stderr
, "Have a nice life\n");
1068 ctlfd
= atoi(s_ctlfd
);
1069 pipefd
= atoi(s_pipe
);
1073 for(x
= 0; x
< maxfd
; x
++)
1075 if(x
!= ctlfd
&& x
!= pipefd
&& x
> 2)
1078 x
= open("/dev/null", O_RDWR
);
1081 if(ctlfd
!= 0 && pipefd
!= 0)
1083 if(ctlfd
!= 1 && pipefd
!= 1)
1085 if(ctlfd
!= 2 && pipefd
!= 2)
1092 rb_lib_init(NULL
, NULL
, NULL
, 0, maxfd
, 1024, 4096);
1093 rb_init_rawbuffers(1024);
1094 ssl_ok
= rb_supports_ssl();
1095 mod_ctl
= rb_malloc(sizeof(mod_ctl_t
));
1096 mod_ctl
->F
= rb_open(ctlfd
, RB_FD_SOCKET
, "ircd control socket");
1097 mod_ctl
->F_pipe
= rb_open(pipefd
, RB_FD_PIPE
, "ircd pipe");
1098 rb_set_nb(mod_ctl
->F
);
1099 rb_set_nb(mod_ctl
->F_pipe
);
1100 rb_event_addish("clean_dead_conns", clean_dead_conns
, NULL
, 10);
1101 rb_event_add("check_handshake_flood", check_handshake_flood
, NULL
, 10);
1102 read_pipe_ctl(mod_ctl
->F_pipe
, NULL
);
1103 mod_read_ctl(mod_ctl
->F
, mod_ctl
);
1104 if(!zlib_ok
&& !ssl_ok
)
1106 /* this is really useless... */
1107 send_i_am_useless(mod_ctl
);
1108 /* sleep until the ircd kills us */
1109 rb_sleep(2 << 30, 0);
1114 send_nozlib_support(mod_ctl
, NULL
);
1116 send_nossl_support(mod_ctl
, NULL
);
1124 dummy_handler(int sig
)
1134 struct sigaction act
;
1137 act
.sa_handler
= SIG_IGN
;
1138 sigemptyset(&act
.sa_mask
);
1139 sigaddset(&act
.sa_mask
, SIGPIPE
);
1140 sigaddset(&act
.sa_mask
, SIGALRM
);
1142 sigaddset(&act
.sa_mask
, SIGTRAP
);
1146 sigaddset(&act
.sa_mask
, SIGWINCH
);
1147 sigaction(SIGWINCH
, &act
, 0);
1149 sigaction(SIGPIPE
, &act
, 0);
1151 sigaction(SIGTRAP
, &act
, 0);
1154 act
.sa_handler
= dummy_handler
;
1155 sigaction(SIGALRM
, &act
, 0);