* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
* Please read the file COPYING, README and AUTHORS for more information.
- *
- * Connection management
*/
-
#define CONN_MODULE
#include "portab.h"
#include "conf-ssl.h"
#include "io.h"
+/**
+ * @file
+ * Connection management
+ */
+
#include "imp.h"
#include <assert.h>
#ifdef PROTOTYPES
/**
* IO callback for listening sockets: handle new connections. This callback
* gets called when a new non-SSL connection should be accepted.
- * @param sock Socket descriptor
- * @param irrelevant (ignored IO specification)
+ *
+ * @param sock Socket descriptor.
+ * @param irrelevant (ignored IO specification)
*/
static void
cb_listen(int sock, short irrelevant)
/**
* IO callback for listening SSL sockets: handle new connections. This callback
* gets called when a new SSL-enabled connection should be accepted.
- * @param sock Socket descriptor
- * @param irrelevant (ignored IO specification)
+ *
+ * @param sock Socket descriptor.
+ * @param irrelevant (ignored IO specification)
*/
static void
cb_listen_ssl(int sock, short irrelevant)
/**
* IO callback for new outgoing non-SSL server connections.
- * @param sock Socket descriptor
- * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
+ *
+ * @param sock Socket descriptor.
+ * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...).
*/
static void
cb_connserver(int sock, UNUSED short what)
/**
* Login to a remote server.
- * @param idx Connection index
+ *
+ * @param idx Connection index.
*/
static void
server_login(CONN_ID idx)
#ifdef SSL_SUPPORT
/**
* IO callback for new outgoing SSL-enabled server connections.
- * @param sock Socket descriptor
- * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
+ *
+ * @param sock Socket descriptor.
+ * @param unused (ignored IO specification)
*/
static void
cb_connserver_login_ssl(int sock, short unused)
/**
* IO callback for established non-SSL client and server connections.
- * @param sock Socket descriptor
- * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
+ *
+ * @param sock Socket descriptor.
+ * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...).
*/
static void
cb_clientserver(int sock, short what)
#ifdef SSL_SUPPORT
/**
* IO callback for established SSL-enabled client and server connections.
- * @param sock Socket descriptor
- * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
+ *
+ * @param sock Socket descriptor.
+ * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...).
*/
static void
cb_clientserver_ssl(int sock, short what)
}
+/**
+ * Initialize listening ports.
+ *
+ * @param a Array containing the ports the daemon should listen on.
+ * @param listen_addr Address the socket should listen on (can be "0.0.0.0").
+ * @param func IO callback function to register.
+ * @returns Number of listening sockets created.
+ */
static unsigned int
ports_initlisteners(array *a, const char *listen_addr, void (*func)(int,short))
{
/**
* Initialize all listening sockets.
- * @return Number of created listening sockets
+ *
+ * @returns Number of created listening sockets
*/
GLOBAL unsigned int
Conn_InitListeners( void )
} /* Conn_InitListeners */
+/**
+ * Shut down all listening sockets.
+ */
GLOBAL void
Conn_ExitListeners( void )
{
} /* Conn_ExitListeners */
+/**
+ * Bind a socket to a specific (source) address.
+ *
+ * @param addr Address structure.
+ * @param listen_addrstr Source address as string.
+ * @param Port Port number.
+ * @returns true on success, false otherwise.
+ */
static bool
InitSinaddrListenAddr(ng_ipaddr_t *addr, const char *listen_addrstr, UINT16 Port)
{
}
+/**
+ * Set a socket to "IPv6 only". If the given socket doesn't belong to the
+ * AF_INET6 family, or the operating system doesn't support this functionality,
+ * this function retruns silently.
+ *
+ * @param af Address family of the socket.
+ * @param sock Socket handle.
+ */
static void
set_v6_only(int af, int sock)
{
}
-/* return new listening port file descriptor or -1 on failure */
+/**
+ * Initialize new listening port.
+ *
+ * @param listen_addr Local address to bind the socet to (can be 0.0.0.0).
+ * @param Port Port number on which the new socket should be listening.
+ * @returns file descriptor of the socket or -1 on failure.
+ */
static int
NewListener(const char *listen_addr, UINT16 Port)
{
#ifdef SSL_SUPPORT
-/*
+
+/**
+ * Check if SSL library needs to read SSL-protocol related data.
+ *
* SSL/TLS connections require extra treatment:
* When either CONN_SSL_WANT_WRITE or CONN_SSL_WANT_READ is set, we
* need to take care of that first, before checking read/write buffers.
* If this function returns true, such a condition is met and we have
* to reverse the condition (check for read even if we've data to write,
* do not check for read but writeability even if write-buffer is empty).
+ *
+ * @param c Connection to check.
+ * @returns true if SSL-library has to read protocol data.
*/
static bool
SSL_WantRead(const CONNECTION *c)
}
return false;
}
+
+/**
+ * Check if SSL library needs to write SSL-protocol related data.
+ *
+ * Please see description of SSL_WantRead() for full description!
+ *
+ * @param c Connection to check.
+ * @returns true if SSL-library has to write protocol data.
+ */
static bool
SSL_WantWrite(const CONNECTION *c)
{
}
return false;
}
+
#else
+
static inline bool
SSL_WantRead(UNUSED const CONNECTION *c)
{ return false; }
+
static inline bool
SSL_WantWrite(UNUSED const CONNECTION *c)
{ return false; }
+
#endif
/**
* "Main Loop": Loop until shutdown or restart is signalled.
+ *
* This function loops until a shutdown or restart of ngIRCd is signalled and
* calls io_dispatch() to check for readable and writable sockets every second.
* It checks for status changes on pending connections (e. g. when a hostname
/**
* Write a text string into the socket of a connection.
+ *
* This function automatically appends CR+LF to the string and validates that
* the result is a valid IRC message (oversized messages are shortened, for
* example). Then it calls the Conn_Write() function to do the actual sending.
- * @param Idx Index fo the connection.
- * @param Format Format string, see printf().
- * @return true on success, false otherwise.
+ *
+ * @param Idx Index fo the connection.
+ * @param Format Format string, see printf().
+ * @returns true on success, false otherwise.
*/
#ifdef PROTOTYPES
GLOBAL bool
/**
* Append Data to the outbound write buffer of a connection.
- * @param Idx Index of the connection.
- * @param Data pointer to the data.
- * @param Len length of Data.
- * @return true on success, false otherwise.
+ *
+ * @param Idx Index of the connection.
+ * @param Data pointer to the data.
+ * @param Len length of Data.
+ * @returns true on success, false otherwise.
*/
static bool
Conn_Write( CONN_ID Idx, char *Data, size_t Len )
{
CLIENT *c;
- size_t writebuf_limit = WRITEBUFFER_LEN;
+ size_t writebuf_limit = WRITEBUFFER_MAX_LEN;
assert( Idx > NONE );
assert( Data != NULL );
assert( Len > 0 );
/* Uncompressed link:
* Check if outbound buffer has enough space for the data. */
if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
- writebuf_limit) {
+ WRITEBUFFER_FLUSH_LEN) {
/* Buffer is full, flush it. Handle_Write deals with
* low-level errors, if any. */
if (!Handle_Write(Idx))
if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
writebuf_limit) {
Log(LOG_NOTICE,
- "Write buffer overflow (connection %d, size %lu byte)!",
- Idx,
+ "Write buffer space exhausted (connection %d, limit is %lu bytes, %lu bytes new, %lu bytes pending)",
+ Idx, writebuf_limit, Len,
(unsigned long)array_bytes(&My_Connections[Idx].wbuf));
- Conn_Close(Idx, "Write buffer overflow!", NULL, false);
+ Conn_Close(Idx, "Write buffer space exhausted", NULL, false);
return false;
}
} /* Conn_Write */
+/**
+ * Shut down a connection.
+ *
+ * @param Idx Connection index.
+ * @param LogMsg Message to write to the log or NULL. If no LogMsg
+ * is given, the FwdMsg is logged.
+ * @param FwdMsg Message to forward to remote servers.
+ * @param InformClient If true, inform the client on the connection which is
+ * to be shut down of the reason (FwdMsg) and send
+ * connection statistics before disconnecting it.
+ */
GLOBAL void
Conn_Close( CONN_ID Idx, const char *LogMsg, const char *FwdMsg, bool InformClient )
{
} /* Conn_Close */
+/**
+ * Get current number of connections.
+ *
+ * @returns Number of current connections.
+ */
GLOBAL long
Conn_Count(void)
{
} /* Conn_Count */
+/**
+ * Get number of maximum simultaneous connections.
+ *
+ * @returns Number of maximum simultaneous connections.
+ */
GLOBAL long
Conn_CountMax(void)
{
} /* Conn_CountMax */
+/**
+ * Get number of connections accepted since the daemon startet.
+ *
+ * @returns Number of connections accepted.
+ */
GLOBAL long
Conn_CountAccepted(void)
{
/**
* Send out data of write buffer; connect new sockets.
+ *
+ * @param Idx Connection index.
+ * @returns true on success, false otherwise.
*/
static bool
Handle_Write( CONN_ID Idx )
} /* Handle_Write */
+/**
+ * Count established connections to a specific IP address.
+ *
+ * @returns Number of established connections.
+ */
static int
Count_Connections(ng_ipaddr_t *a)
{
/**
* Initialize new client connection on a listening socket.
- * @param Sock Listening socket descriptor
- * @return Accepted socket descriptor or -1 on error
+ *
+ * @param Sock Listening socket descriptor.
+ * @returns Accepted socket descriptor or -1 on error.
*/
static int
New_Connection(int Sock)
if (!Conf_Ident)
identsock = -1;
#endif
- if (Conf_DNS)
+ if (Conf_DNS) {
+ if (Conf_NoticeAuth) {
+#ifdef IDENTAUTH
+ if (Conf_Ident)
+ (void)Conn_WriteStr(new_sock,
+ "NOTICE AUTH :*** Looking up your hostname and checking ident");
+ else
+#endif
+ (void)Conn_WriteStr(new_sock,
+ "NOTICE AUTH :*** Looking up your hostname");
+ }
Resolve_Addr(&My_Connections[new_sock].proc_stat, &new_addr,
identsock, cb_Read_Resolver_Result);
+ }
Account_Connection();
return new_sock;
} /* New_Connection */
+/**
+ * Update global connection counters.
+ */
static void
Account_Connection(void)
{
} /* Account_Connection */
+/**
+ * Translate socket handle into connection index.
+ *
+ * @param Sock Socket handle.
+ * @returns Connecion index or NONE, if no connection could be found.
+ */
static CONN_ID
Socket2Index( int Sock )
{
/**
* Read data from the network to the read buffer. If an error occures,
* the socket of this connection will be shut down.
+ *
+ * @param Idx Connection index.
*/
static void
Read_Request( CONN_ID Idx )
{
/* Read buffer is full */
Log(LOG_ERR,
- "Receive buffer overflow (connection %d): %d bytes!",
+ "Receive buffer space exhausted (connection %d): %d bytes",
Idx, array_bytes(&My_Connections[Idx].rbuf));
- Conn_Close( Idx, "Receive buffer overflow!", NULL, false );
+ Conn_Close(Idx, "Receive buffer space exhausted", NULL, false);
return;
}
Log(LOG_ERR,
"Could not append recieved data to zip input buffer (connn %d): %d bytes!",
Idx, len);
- Conn_Close(Idx, "Receive buffer overflow!", NULL,
+ Conn_Close(Idx, "Receive buffer space exhausted", NULL,
false);
return;
}
{
if (!array_catb( &My_Connections[Idx].rbuf, readbuf, len)) {
Log( LOG_ERR, "Could not append recieved data to input buffer (connn %d): %d bytes!", Idx, len );
- Conn_Close( Idx, "Receive buffer overflow!", NULL, false );
+ Conn_Close(Idx, "Receive buffer space exhausted", NULL, false );
}
}
/**
* Handle all data in the connection read-buffer.
+ *
* Data is processed until no complete command is left in the read buffer,
* or MAX_COMMANDS[_SERVER|_SERVICE] commands were processed.
* When a fatal error occurs, the connection is shut down.
- * @param Idx Index of the connection.
- * @return number of bytes processed.
+ *
+ * @param Idx Index of the connection.
+ * @returns Number of bytes processed.
*/
static unsigned int
Handle_Buffer(CONN_ID Idx)
CLIENT *c;
c = Conn_GetClient(Idx);
- assert( c != NULL);
+ starttime = time(NULL);
+
+ assert(c != NULL);
/* Servers do get special command limits, so they can process
* all the messages that are required while peering. */
switch (Client_Type(c)) {
case CLIENT_SERVER:
- maxcmd = MAX_COMMANDS_SERVER; break;
+ /* Allow servers to send more commands in the first 10 secods
+ * to speed up server login and network synchronisation. */
+ if (starttime - Client_StartTime(c) < 10)
+ maxcmd = MAX_COMMANDS_SERVER * 5;
+ else
+ maxcmd = MAX_COMMANDS_SERVER;
+ break;
case CLIENT_SERVICE:
maxcmd = MAX_COMMANDS_SERVICE; break;
}
- starttime = time(NULL);
for (i=0; i < maxcmd; i++) {
/* Check penalty */
if (My_Connections[Idx].delaytime > starttime)
} /* Check_Servers */
+/**
+ * Establish a new outgoing server connection.
+ *
+ * @param Server Configuration index of the server.
+ * @param dest Destination IP address to connect to.
+ */
static void
New_Server( int Server , ng_ipaddr_t *dest)
{
return;
}
+ if (!io_event_create( new_sock, IO_WANTWRITE, cb_connserver)) {
+ Log(LOG_ALERT, "io_event_create(): could not add fd %d", strerror(errno));
+ close(new_sock);
+ return;
+ }
+
My_Connections = array_start(&My_ConnArray);
assert(My_Connections[new_sock].sock <= 0);
c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWNSERVER, false);
if (!c) {
Log( LOG_ALERT, "Can't establish connection: can't create client structure!" );
- close( new_sock );
+ io_close(new_sock);
return;
}
strlcpy( My_Connections[new_sock].host, Conf_Server[Server].host,
sizeof(My_Connections[new_sock].host ));
- /* Register new socket */
- if (!io_event_create( new_sock, IO_WANTWRITE, cb_connserver)) {
- Log( LOG_ALERT, "io_event_create(): could not add fd %d", strerror(errno));
- Conn_Close( new_sock, "io_event_create() failed", NULL, false );
- Init_Conn_Struct( new_sock );
- Conf_Server[Server].conn_id = NONE;
- }
#ifdef SSL_SUPPORT
if (Conf_Server[Server].SSLConnect && !ConnSSL_PrepareConnect( &My_Connections[new_sock],
&Conf_Server[Server] ))
/**
* Initialize connection structure.
+ *
+ * @param Idx Connection index.
*/
static void
Init_Conn_Struct(CONN_ID Idx)
} /* Init_Conn_Struct */
+/**
+ * Initialize options of a new socket.
+ *
+ * For example, we try to set socket options SO_REUSEADDR and IPTOS_LOWDELAY.
+ * The socket is automatically closed if a fatal error is encountered.
+ *
+ * @param Sock Socket handle.
+ * @returns false if socket was closed due to fatal error.
+ */
static bool
Init_Socket( int Sock )
{
- /* Initialize socket (set options) */
-
int value;
if (!io_setnonblock(Sock)) {
} /* Init_Socket */
+/**
+ * Read results of a resolver sub-process and try to initiate a new server
+ * connection.
+ *
+ * @param fd File descriptor of the pipe to the sub-process.
+ * @param events (ignored IO specification)
+ */
static void
cb_Connect_to_Server(int fd, UNUSED short events)
{
} /* cb_Read_Forward_Lookup */
+/**
+ * Read results of a resolver sub-process from the pipe and update the
+ * apropriate connection/client structure(s): hostname and/or IDENT user name.
+ *
+ * @param r_fd File descriptor of the pipe to the sub-process.
+ * @param events (ignored IO specification)
+ */
static void
cb_Read_Resolver_Result( int r_fd, UNUSED short events )
{
- /* Read result of resolver sub-process from pipe and update the
- * apropriate connection/client structure(s): hostname and/or
- * IDENT user name.*/
-
CLIENT *c;
CONN_ID i;
size_t len;
strlcpy(My_Connections[i].host, readbuf,
sizeof(My_Connections[i].host));
Client_SetHostname(c, readbuf);
+ if (Conf_NoticeAuth)
+ (void)Conn_WriteStr(i,
+ "NOTICE AUTH :*** Found your hostname");
#ifdef IDENTAUTH
++identptr;
if (*identptr) {
Log(LOG_INFO, "IDENT lookup for connection %d: \"%s\".", i, identptr);
Client_SetUser(c, identptr, true);
+ if (Conf_NoticeAuth)
+ (void)Conn_WriteStr(i,
+ "NOTICE AUTH :*** Got ident response");
} else {
Log(LOG_INFO, "IDENT lookup for connection %d: no result.", i);
+ if (Conf_NoticeAuth && Conf_Ident)
+ (void)Conn_WriteStr(i,
+ "NOTICE AUTH :*** No ident response");
}
#endif
}
/**
* Write a "simple" (error) message to a socket.
+ *
* The message is sent without using the connection write buffers, without
* compression/encryption, and even without any error reporting. It is
- * designed for error messages of e.g. New_Connection(). */
+ * designed for error messages of e.g. New_Connection().
+ *
+ * @param Sock Socket handle.
+ * @param Msg Message string to send.
+ */
static void
Simple_Message(int Sock, const char *Msg)
{
* Get CLIENT structure that belongs to a local connection identified by its
* index number. Each connection belongs to a client by definition, so it is
* not required that the caller checks for NULL return values.
- * @param Idx Connection index number
- * @return Pointer to CLIENT structure
+ *
+ * @param Idx Connection index number.
+ * @returns Pointer to CLIENT structure.
*/
GLOBAL CLIENT *
Conn_GetClient( CONN_ID Idx )
/**
* Get PROC_STAT sub-process structure of a connection.
- * @param Idx Connection index number
- * @return PROC_STAT structure
+ *
+ * @param Idx Connection index number.
+ * @returns PROC_STAT structure.
*/
GLOBAL PROC_STAT *
Conn_GetProcStat(CONN_ID Idx)
/**
* Get CONN_ID from file descriptor associated to a subprocess structure.
- * @param fd File descriptor
- * @return CONN_ID or NONE (-1)
+ *
+ * @param fd File descriptor.
+ * @returns CONN_ID or NONE (-1).
*/
GLOBAL CONN_ID
Conn_GetFromProc(int fd)
} /* Conn_GetFromProc */
+#ifndef STRICT_RFC
+
+GLOBAL long
+Conn_GetAuthPing(CONN_ID Idx)
+{
+ assert (Idx != NONE);
+ return My_Connections[Idx].auth_ping;
+} /* Conn_GetAuthPing */
+
+GLOBAL void
+Conn_SetAuthPing(CONN_ID Idx, long ID)
+{
+ assert (Idx != NONE);
+ My_Connections[Idx].auth_ping = ID;
+} /* Conn_SetAuthPing */
+
+#endif
+
+
#ifdef SSL_SUPPORT
/**
* Get information about used SSL chiper.
- * @param Idx Connection index number
- * @param buf Buffer for returned information text
- * @param len Size of return buffer "buf"
- * @return true on success, false otherwise
+ *
+ * @param Idx Connection index number.
+ * @param buf Buffer for returned information text.
+ * @param len Size of return buffer "buf".
+ * @returns true on success, false otherwise.
*/
GLOBAL bool
Conn_GetCipherInfo(CONN_ID Idx, char *buf, size_t len)
/**
* Check if a connection is SSL-enabled or not.
- * @param Idx Connection index number
- * @return true if connection is SSL-enabled, false otherwise.
+ *
+ * @param Idx Connection index number.
+ * @return true if connection is SSL-enabled, false otherwise.
*/
GLOBAL bool
Conn_UsesSSL(CONN_ID Idx)
#ifdef DEBUG
+/**
+ * Dump internal state of the "connection module".
+ */
GLOBAL void
Conn_DebugDump(void)
{