for(i = 0; i < count; i++)
{
ssl_ctl_t *ctl;
- rb_socketpair(AF_UNIX, SOCK_DGRAM, 0, &F1, &F2, "SSL/TLS handle passing socket");
+ if(rb_socketpair(AF_UNIX, SOCK_DGRAM, 0, &F1, &F2, "SSL/TLS handle passing socket") == -1)
+ {
+ ilog(L_MAIN, "Unable to create ssld - rb_socketpair failed: %s", strerror(errno));
+ return started;
+ }
+
rb_set_buffers(F1, READBUF_SIZE);
rb_set_buffers(F2, READBUF_SIZE);
rb_snprintf(fdarg, sizeof(fdarg), "%d", rb_get_fd(F2));
rb_setenv("CTL_FD", fdarg, 1);
- rb_pipe(&P1, &P2, "SSL/TLS pipe");
+ if(rb_pipe(&P1, &P2, "SSL/TLS pipe") == -1)
+ {
+ ilog(L_MAIN, "Unable to create ssld - rb_pipe failed: %s", strerror(errno));
+ return started;
+ }
rb_snprintf(fdarg, sizeof(fdarg), "%d", rb_get_fd(P1));
rb_setenv("CTL_PIPE", fdarg, 1);
- rb_snprintf(s_pid, sizeof(s_pid), "%d", getpid());
+ rb_snprintf(s_pid, sizeof(s_pid), "%d", (int)getpid());
rb_setenv("CTL_PPID", s_pid, 1);
#ifdef _WIN32
SetHandleInformation((HANDLE) rb_get_fd(F2), HANDLE_FLAG_INHERIT, 1);
struct Client *server;
struct ZipStats *zips;
int parc;
- char *parv[6];
+ char *parv[7];
parc = rb_string_to_array(ctl_buf->buf, parv, 6);
server = find_server(NULL, parv[1]);
if(server == NULL || server->localClient == NULL || !IsCapable(server, CAP_ZIP))
client_p = find_cli_fd_hash(fd);
if(client_p == NULL)
return;
+ if(IsAnyServer(client_p) || IsRegistered(client_p))
+ {
+ /* read any last moment ERROR, QUIT or the like -- jilles */
+ if (!strcmp(reason, "Remote host closed the connection"))
+ read_packet(client_p->localClient->F, client_p);
+ if (IsAnyDead(client_p))
+ return;
+ }
if(IsAnyServer(client_p))
{
- sendto_realops_snomask(SNO_GENERAL, L_ALL, "ssld error for %s: %s", client_p->name, reason);
+ sendto_realops_snomask(SNO_GENERAL, is_remote_connect(client_p) && !IsServer(client_p) ? L_NETWIDE : L_ALL, "ssld error for %s: %s", client_p->name, reason);
ilog(L_SERVER, "ssld error for %s: %s", log_client_name(client_p, SHOW_IP), reason);
}
exit_client(client_p, client_p, &me, reason);
}
-
static void
-ssl_process_zip_ready(ssl_ctl_t * ctl, ssl_ctl_buf_t * ctl_buf)
+ssl_process_certfp(ssl_ctl_t * ctl, ssl_ctl_buf_t * ctl_buf)
{
struct Client *client_p;
int32_t fd;
+ uint8_t *certfp;
+ char *certfp_string;
+ int i;
- if(ctl_buf->buflen < 5)
+ if(ctl_buf->buflen != 5 + RB_SSL_CERTFP_LEN)
return; /* bogus message..drop it.. XXX should warn here */
fd = buf_to_int32(&ctl_buf->buf[1]);
+ certfp = (uint8_t *)&ctl_buf->buf[5];
client_p = find_cli_fd_hash(fd);
if(client_p == NULL)
return;
-
- /* Now start sending the data that should be compressed. */
- // ClearCork(client_p);
- send_pop_queue(client_p);
- /* Start reading uncompressed data. */
- read_packet(client_p->localClient->F, client_p);
+ rb_free(client_p->certfp);
+ certfp_string = rb_malloc(RB_SSL_CERTFP_LEN * 2 + 1);
+ for(i = 0; i < RB_SSL_CERTFP_LEN; i++)
+ rb_snprintf(certfp_string + 2 * i, 3, "%02x",
+ certfp[i]);
+ client_p->certfp = certfp_string;
}
-
static void
ssl_process_cmd_recv(ssl_ctl_t * ctl)
{
case 'D':
ssl_process_dead_fd(ctl, ctl_buf);
break;
+ case 'F':
+ ssl_process_certfp(ctl, ctl_buf);
+ break;
case 'S':
ssl_process_zipstats(ctl, ctl_buf);
break;
sendto_realops_snomask(SNO_GENERAL, L_ALL, no_ssl_or_zlib);
ssl_killall();
break;
- case 'R':
- ssl_process_zip_ready(ctl, ctl_buf);
- break;
case 'z':
zlib_ok = 0;
break;
rb_fde_t *F[2];
rb_fde_t *xF1, *xF2;
char *buf;
+ char buf2[9];
void *recvq_start;
size_t hdr = (sizeof(uint8_t) * 2) + sizeof(int32_t);
/* Pass the socket to ssld. */
*buf = 'Z';
- rb_socketpair(AF_UNIX, SOCK_STREAM, 0, &xF1, &xF2, "Initial zlib socketpairs");
+ if(rb_socketpair(AF_UNIX, SOCK_STREAM, 0, &xF1, &xF2, "Initial zlib socketpairs") == -1)
+ {
+ sendto_realops_snomask(SNO_GENERAL, L_ALL, "Error creating zlib socketpair - %s", strerror(errno));
+ ilog(L_MAIN, "Error creating zlib socketpairs - %s", strerror(errno));
+ exit_client(server, server, server, "Error creating zlib socketpair");
+ return;
+ }
+
+ if(IsSSL(server))
+ {
+ /* tell ssld the new connid for the ssl part*/
+ buf2[0] = 'Y';
+ int32_to_buf(&buf2[1], rb_get_fd(server->localClient->F));
+ int32_to_buf(&buf2[5], rb_get_fd(xF2));
+ ssl_cmd_write_queue(server->localClient->ssl_ctl, NULL, 0, buf2, sizeof(buf2));
+ }
+
F[0] = server->localClient->F;
F[1] = xF1;
/* need to redo as what we did before isn't valid now */
int32_to_buf(&buf[1], rb_get_fd(server->localClient->F));
add_to_cli_fd_hash(server);
- server->localClient->ssl_ctl = which_ssld();
- server->localClient->ssl_ctl->cli_count++;
- ssl_cmd_write_queue(server->localClient->ssl_ctl, F, 2, buf, len);
+
+ server->localClient->z_ctl = which_ssld();
+ server->localClient->z_ctl->cli_count++;
+ ssl_cmd_write_queue(server->localClient->z_ctl, F, 2, buf, len);
rb_free(buf);
}
int32_to_buf(&buf[1], rb_get_fd(target_p->localClient->F));
rb_strlcpy(odata, target_p->name, (sizeof(buf) - len));
len += strlen(odata) + 1; /* Get the \0 as well */
- ssl_cmd_write_queue(target_p->localClient->ssl_ctl, NULL, 0, buf, len);
+ ssl_cmd_write_queue(target_p->localClient->z_ctl, NULL, 0, buf, len);
}
}
}