#include "s_newconf.h"
#include "s_stats.h"
#include "send.h"
-#include "s_auth.h"
+#include "authproc.h"
#include "reject.h"
-#include "s_conf.h"
#include "hostmask.h"
#include "sslproc.h"
+#include "wsproc.h"
#include "hash.h"
#include "s_assert.h"
#include "logger.h"
-#ifndef INADDR_NONE
-#define INADDR_NONE ((unsigned int) 0xffffffff)
-#endif
-
-#if defined(NO_IN6ADDR_ANY) && defined(RB_IPV6)
+#if defined(NO_IN6ADDR_ANY)
static const struct in6_addr in6addr_any =
{ { { 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 } } };
#endif
static struct Listener *ListenerPollList = NULL;
static int accept_precallback(rb_fde_t *F, struct sockaddr *addr, rb_socklen_t addrlen, void *data);
static void accept_callback(rb_fde_t *F, int status, struct sockaddr *addr, rb_socklen_t addrlen, void *data);
+static SSL_OPEN_CB accept_sslcallback;
static struct Listener *
make_listener(struct rb_sockaddr_storage *addr)
static uint16_t
get_listener_port(const struct Listener *listener)
{
-#ifdef RB_IPV6
- if(GET_SS_FAMILY(&listener->addr) == AF_INET6)
- return ntohs(((const struct sockaddr_in6 *)&listener->addr)->sin6_port);
- else
-#endif
- return ntohs(((const struct sockaddr_in *)&listener->addr)->sin_port);
+ return ntohs(GET_SS_PORT(&listener->addr));
}
/*
* inetport - create a listener socket in the AF_INET or AF_INET6 domain,
* bind it to the port given in 'port' and listen to it
* returns true (1) if successful false (0) on error.
- *
- * If the operating system has a define for SOMAXCONN, use it, otherwise
- * use CHARYBDIS_SOMAXCONN
*/
-#ifdef SOMAXCONN
-#undef CHARYBDIS_SOMAXCONN
-#define CHARYBDIS_SOMAXCONN SOMAXCONN
-#endif
static int
inetport(struct Listener *listener)
F = rb_socket(GET_SS_FAMILY(&listener->addr), SOCK_STREAM, 0, "Listener socket");
-#ifdef RB_IPV6
if(GET_SS_FAMILY(&listener->addr) == AF_INET6)
{
struct sockaddr_in6 *in6 = (struct sockaddr_in6 *)&listener->addr;
rb_inet_ntop(AF_INET6, &in6->sin6_addr, listener->vhost, sizeof(listener->vhost));
listener->name = listener->vhost;
}
- } else
-#endif
- {
+ } else {
struct sockaddr_in *in = (struct sockaddr_in *)&listener->addr;
if(in->sin_addr.s_addr != INADDR_ANY)
{
/*
* XXX - we don't want to do all this crap for a listener
* set_sock_opts(listener);
+ *
+ * FIXME - doesn't this belong in librb? --Elizafox
*/
if(setsockopt(rb_get_fd(F), SOL_SOCKET, SO_REUSEADDR, (char *) &opt, sizeof(opt)))
{
return 0;
}
- /*
- * Bind a port to listen for new connections if port is non-null,
- * else assume it is already open and try get something from it.
- */
-
+ /* FIXME - doesn't this belong in librb? --Elizafox */
if(bind(rb_get_fd(F), (struct sockaddr *) &listener->addr, GET_SS_LEN(&listener->addr)))
{
errstr = strerror(rb_get_sockerr(F));
return 0;
}
- if(rb_listen(F, CHARYBDIS_SOMAXCONN, listener->defer_accept))
+ if(rb_listen(F, SOMAXCONN, listener->defer_accept))
{
errstr = strerror(rb_get_sockerr(F));
sendto_realops_snomask(SNO_GENERAL, L_ALL,
}
break;
}
-#ifdef RB_IPV6
case AF_INET6:
{
struct sockaddr_in6 *in6 = (struct sockaddr_in6 *)addr;
break;
}
-#endif
default:
break;
* the format "255.255.255.255"
*/
void
-add_listener(int port, const char *vhost_ip, int family, int ssl, int defer_accept)
+add_listener(int port, const char *vhost_ip, int family, int ssl, int defer_accept, int wsock)
{
struct Listener *listener;
struct rb_sockaddr_storage vaddr;
if(rb_inet_pton(family, vhost_ip, &((struct sockaddr_in *)&vaddr)->sin_addr) <= 0)
return;
}
-#ifdef RB_IPV6
else
{
if(rb_inet_pton(family, vhost_ip, &((struct sockaddr_in6 *)&vaddr)->sin6_addr) <= 0)
return;
}
-#endif
} else
{
switch(family)
case AF_INET:
((struct sockaddr_in *)&vaddr)->sin_addr.s_addr = INADDR_ANY;
break;
-#ifdef RB_IPV6
case AF_INET6:
memcpy(&((struct sockaddr_in6 *)&vaddr)->sin6_addr, &in6addr_any, sizeof(struct in6_addr));
break;
default:
return;
-#endif
}
}
switch(family)
{
case AF_INET:
SET_SS_LEN(&vaddr, sizeof(struct sockaddr_in));
- ((struct sockaddr_in *)&vaddr)->sin_port = htons(port);
+ SET_SS_FAMILY(&vaddr, AF_INET);
+ SET_SS_PORT(&vaddr, htons(port));
break;
-#ifdef RB_IPV6
case AF_INET6:
SET_SS_LEN(&vaddr, sizeof(struct sockaddr_in6));
- ((struct sockaddr_in6 *)&vaddr)->sin6_port = htons(port);
+ SET_SS_FAMILY(&vaddr, AF_INET6);
+ SET_SS_PORT(&vaddr, htons(port));
break;
-#endif
default:
break;
}
listener->F = NULL;
listener->ssl = ssl;
listener->defer_accept = defer_accept;
+ listener->wsock = wsock;
if(inetport(listener))
listener->active = 1;
}
}
-#define DLINE_WARNING "ERROR :You have been D-lined.\r\n"
-
/*
* add_connection - creates a client which has just connected to us on
* the given fd. The sockhost field is initialized with the ip# of the host.
add_connection(struct Listener *listener, rb_fde_t *F, struct sockaddr *sai, struct sockaddr *lai)
{
struct Client *new_client;
+ bool defer = false;
s_assert(NULL != listener);
/*
* the client has already been checked out in accept_connection
*/
new_client = make_client(NULL);
+ new_client->localClient->F = F;
+
+ memcpy(&new_client->localClient->ip, sai, sizeof(struct rb_sockaddr_storage));
+ memcpy(&new_client->preClient->lip, lai, sizeof(struct rb_sockaddr_storage));
+
+ /*
+ * copy address to 'sockhost' as a string, copy it to host too
+ * so we have something valid to put into error messages...
+ */
+ rb_inet_ntop_sock((struct sockaddr *)&new_client->localClient->ip, new_client->sockhost,
+ sizeof(new_client->sockhost));
+
+ rb_strlcpy(new_client->host, new_client->sockhost, sizeof(new_client->host));
if (listener->ssl)
{
rb_fde_t *xF[2];
if(rb_socketpair(AF_UNIX, SOCK_STREAM, 0, &xF[0], &xF[1], "Incoming ssld Connection") == -1)
{
- free_client(new_client);
+ SetIOError(new_client);
+ exit_client(new_client, new_client, new_client, "Fatal Error");
return;
}
- new_client->localClient->ssl_ctl = start_ssld_accept(F, xF[1], new_client->localClient->connid); /* this will close F for us */
+ new_client->localClient->ssl_callback = accept_sslcallback;
+ defer = true;
+ new_client->localClient->ssl_ctl = start_ssld_accept(F, xF[1], connid_get(new_client)); /* this will close F for us */
if(new_client->localClient->ssl_ctl == NULL)
{
- free_client(new_client);
+ SetIOError(new_client);
+ exit_client(new_client, new_client, new_client, "Service Unavailable");
return;
}
F = xF[0];
+ new_client->localClient->F = F;
SetSSL(new_client);
}
- memcpy(&new_client->localClient->ip, sai, sizeof(struct rb_sockaddr_storage));
- memcpy(&new_client->preClient->lip, lai, sizeof(struct rb_sockaddr_storage));
-
- /*
- * copy address to 'sockhost' as a string, copy it to host too
- * so we have something valid to put into error messages...
- */
- rb_inet_ntop_sock((struct sockaddr *)&new_client->localClient->ip, new_client->sockhost,
- sizeof(new_client->sockhost));
-
-
- rb_strlcpy(new_client->host, new_client->sockhost, sizeof(new_client->host));
+ if (listener->wsock)
+ {
+ rb_fde_t *xF[2];
+ if(rb_socketpair(AF_UNIX, SOCK_STREAM, 0, &xF[0], &xF[1], "Incoming wsockd Connection") == -1)
+ {
+ SetIOError(new_client);
+ exit_client(new_client, new_client, new_client, "Fatal Error");
+ return;
+ }
+ new_client->localClient->ws_ctl = start_wsockd_accept(F, xF[1], connid_get(new_client)); /* this will close F for us */
+ if(new_client->localClient->ws_ctl == NULL)
+ {
+ SetIOError(new_client);
+ exit_client(new_client, new_client, new_client, "Service Unavailable");
+ return;
+ }
+ F = xF[0];
+ new_client->localClient->F = F;
+ }
- new_client->localClient->F = F;
new_client->localClient->listener = listener;
++listener->ref_count;
- start_auth(new_client);
+ authd_initiate_client(new_client, defer);
+}
+
+static int
+accept_sslcallback(struct Client *client_p, int status)
+{
+ authd_deferred_client(client_p);
+ return 0; /* use default handler if status != RB_OK */
}
static const char *toofast = "ERROR :Reconnecting too fast, throttled.\r\n";
return 0;
}
- if(check_reject(F, addr))
+ if(check_reject(F, addr)) {
+ /* Reject the connection without closing the socket
+ * because it is now on the delay_exit list. */
return 0;
+ }
if(throttle_add(addr))
{