authd: Cleanup

[solanum.git] / authd / providers / ident.c

diff --git a/authd/providers/ident.c b/authd/providers/ident.c
index 30708e4038ce2b24fbc73691e36e052ea928b2e2..357bc74de69ce91ef320e2be83186f798e474d4e 100644 (file)
--- a/authd/providers/ident.c
+++ b/authd/providers/ident.c
@@ -42,9 +42,11 @@ struct ident_query
 /* Goinked from old s_auth.c --Elizafox */
 static const char *messages[] =
 {
-       ":*** Checking Ident",
-       ":*** Got Ident response",
-       ":*** No Ident response",
+       "*** Checking Ident",
+       "*** Got Ident response",
+       "*** No Ident response",
+       "*** Cannot verify ident validity, ignoring ident",
+       "*** Ident disabled, not checking ident",
 };
 
 typedef enum
@@ -52,6 +54,8 @@ typedef enum
        REPORT_LOOKUP,
        REPORT_FOUND,
        REPORT_FAIL,
+       REPORT_INVALID,
+       REPORT_DISABLED,
 } ident_message;
 
 static EVH timeout_ident_queries_event;
@@ -64,11 +68,12 @@ static char * get_valid_ident(char *buf);
 
 static struct ev_entry *timeout_ev;
 static int ident_timeout = 5;
+static bool ident_enable = true;
 
 
 /* Timeout outstanding queries */
 static void
-timeout_ident_queries_event(void *notused)
+timeout_ident_queries_event(void *notused __unused)
 {
        struct auth_client *auth;
        rb_dictionary_iter iter;
@@ -94,13 +99,21 @@ timeout_ident_queries_event(void *notused)
  * problems arise. -avalon
  */
 static void
-ident_connected(rb_fde_t *F, int error, void *data)
+ident_connected(rb_fde_t *F __unused, int error, void *data)
 {
        struct auth_client *auth = data;
-       struct ident_query *query = auth->data[PROVIDER_IDENT];
+       struct ident_query *query;
        char authbuf[32];
        int authlen;
 
+       if(auth == NULL)
+               return;
+
+       query = auth->data[PROVIDER_IDENT];
+
+       if(query == NULL)
+               return;
+
        /* Check the error */
        if(error != RB_OK)
        {
@@ -126,25 +139,32 @@ static void
 read_ident_reply(rb_fde_t *F, void *data)
 {
        struct auth_client *auth = data;
-       struct ident_query *query = auth->data[PROVIDER_IDENT];
+       struct ident_query *query;
+       char buf[IDENT_BUFSIZE + 1];    /* buffer to read auth reply into */
+       ident_message message = REPORT_FAIL;
        char *s = NULL;
        char *t = NULL;
-       int len;
+       ssize_t len;
        int count;
-       char buf[IDENT_BUFSIZE + 1];    /* buffer to read auth reply into */
+
+       if(auth == NULL)
+               return;
+
+       query = auth->data[PROVIDER_IDENT];
+
+       if(query == NULL)
+               return;
 
        len = rb_read(F, buf, IDENT_BUFSIZE);
        if(len < 0 && rb_ignore_errno(errno))
        {
-               rb_setselect(F, RB_SELECT_READ, read_ident_reply, query);
+               rb_setselect(F, RB_SELECT_READ, read_ident_reply, auth);
                return;
        }
 
        if(len > 0)
        {
-               buf[len] = '\0';
-
-               if((s = get_valid_ident(buf)))
+               if((s = get_valid_ident(buf)) != NULL)
                {
                        t = auth->username;
 
@@ -153,10 +173,9 @@ read_ident_reply(rb_fde_t *F, void *data)
 
                        for (count = USERLEN; *s && count; s++)
                        {
-                               if(*s == '@')
-                               {
+                               if(*s == '@' || *s == '\r' || *s == '\n')
                                        break;
-                               }
+
                                if(*s != ' ' && *s != ':' && *s != '[')
                                {
                                        *t++ = *s;
@@ -165,10 +184,12 @@ read_ident_reply(rb_fde_t *F, void *data)
                        }
                        *t = '\0';
                }
+               else
+                       message = REPORT_INVALID;
        }
 
        if(s == NULL)
-               client_fail(auth, REPORT_FAIL);
+               client_fail(auth, message);
        else
                client_success(auth);
 }
@@ -178,9 +199,14 @@ client_fail(struct auth_client *auth, ident_message report)
 {
        struct ident_query *query = auth->data[PROVIDER_IDENT];
 
+       if(query == NULL)
+               return;
+
        rb_strlcpy(auth->username, "*", sizeof(auth->username));
 
-       rb_close(query->F);
+       if(query->F != NULL)
+               rb_close(query->F);
+
        rb_free(query);
        auth->data[PROVIDER_IDENT] = NULL;
 
@@ -193,7 +219,12 @@ client_success(struct auth_client *auth)
 {
        struct ident_query *query = auth->data[PROVIDER_IDENT];
 
-       rb_close(query->F);
+       if(query == NULL)
+               return;
+
+       if(query->F != NULL)
+               rb_close(query->F);
+
        rb_free(query);
        auth->data[PROVIDER_IDENT] = NULL;
 
@@ -226,39 +257,39 @@ get_valid_ident(char *buf)
 
        colon1Ptr = strchr(remotePortString, ':');
        if(!colon1Ptr)
-               return 0;
+               return NULL;
 
        *colon1Ptr = '\0';
        colon1Ptr++;
        colon2Ptr = strchr(colon1Ptr, ':');
        if(!colon2Ptr)
-               return 0;
+               return NULL;
 
        *colon2Ptr = '\0';
        colon2Ptr++;
        commaPtr = strchr(remotePortString, ',');
 
        if(!commaPtr)
-               return 0;
+               return NULL;
 
        *commaPtr = '\0';
        commaPtr++;
 
        remp = atoi(remotePortString);
        if(!remp)
-               return 0;
+               return NULL;
 
        locp = atoi(commaPtr);
        if(!locp)
-               return 0;
+               return NULL;
 
        /* look for USERID bordered by first pair of colons */
        if(!strstr(colon1Ptr, "USERID"))
-               return 0;
+               return NULL;
 
        colon3Ptr = strchr(colon2Ptr, ':');
        if(!colon3Ptr)
-               return 0;
+               return NULL;
 
        *colon3Ptr = '\0';
        colon3Ptr++;
@@ -292,6 +323,18 @@ static bool ident_start(struct auth_client *auth)
        struct rb_sockaddr_storage l_addr, c_addr;
        int family = GET_SS_FAMILY(&auth->c_addr);
 
+       if(auth->data[PROVIDER_IDENT] != NULL)
+       {
+               set_provider_done(auth, PROVIDER_IDENT); /* for blacklists */
+               return true;
+       }
+       else if(!ident_enable)
+       {
+               notice_client(auth->cid, messages[REPORT_DISABLED]);
+               set_provider_done(auth, PROVIDER_IDENT);
+               return true;
+       }
+
        notice_client(auth->cid, messages[REPORT_LOOKUP]);
 
        auth->data[PROVIDER_IDENT] = query;
@@ -326,7 +369,7 @@ static bool ident_start(struct auth_client *auth)
        rb_connect_tcp(query->F, (struct sockaddr *)&c_addr,
                        (struct sockaddr *)&l_addr,
                        GET_SS_LEN(&l_addr), ident_connected,
-                       query, ident_timeout);
+                       auth, ident_timeout);
 
        set_provider_on(auth, PROVIDER_IDENT);
 
@@ -343,7 +386,7 @@ ident_cancel(struct auth_client *auth)
 }
 
 static void
-add_conf_ident_timeout(const char *key, int parc, const char **parv)
+add_conf_ident_timeout(const char *key __unused, int parc __unused, const char **parv)
 {
        int timeout = atoi(parv[0]);
 
@@ -356,9 +399,16 @@ add_conf_ident_timeout(const char *key, int parc, const char **parv)
        ident_timeout = timeout;
 }
 
+static void
+set_ident_enabled(const char *key __unused, int parc __unused, const char **parv)
+{
+       ident_enable = (*parv[0] == '1');
+}
+
 struct auth_opts_handler ident_options[] =
 {
        { "ident_timeout", 1, add_conf_ident_timeout },
+       { "ident_enabled", 1, set_ident_enabled },
        { NULL, 0, NULL },
 };