* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
* Please read the file COPYING, README and AUTHORS for more information.
- *
- * Login and logout
*/
-
#include "portab.h"
+/**
+ * @file
+ * Login and logout
+ */
+
#include "imp.h"
#include <assert.h>
#include <stdio.h>
#endif
/**
- * Handler for the IRC command "PASS".
+ * Handler for the IRC "PASS" command.
+ *
* See RFC 2813 section 4.1.1, and RFC 2812 section 3.1.1.
+ *
+ * @param Client The client from which this command has been received.
+ * @param Req Request structure with prefix and all parameters.
+ * @returns CONNECTED or DISCONNECTED.
*/
GLOBAL bool
IRC_PASS( CLIENT *Client, REQUEST *Req )
if (type && strcmp(type, PROTOIRCPLUS) == 0) {
/* The peer seems to be a server which supports the
* IRC+ protocol (see doc/Protocol.txt). */
- serverver = ptr + 1;
- flags = strchr(serverver, ':');
+ serverver = ptr ? ptr + 1 : "?";
+ flags = strchr(ptr ? serverver : impl, ':');
if (flags) {
*flags = '\0';
flags++;
} else
flags = "";
Log(LOG_INFO,
- "Peer announces itself as %s-%s using protocol %d.%d/IRC+ (flags: \"%s\").",
- impl, serverver, protohigh, protolow, flags);
+ "Peer on conenction %d announces itself as %s-%s using protocol %d.%d/IRC+ (flags: \"%s\").",
+ Client_Conn(Client), impl, serverver,
+ protohigh, protolow, flags);
} else {
/* The peer seems to be a server supporting the
* "original" IRC protocol (RFC 2813). */
else
flags = "";
Log(LOG_INFO,
- "Peer announces itself as \"%s\" using protocol %d.%d (flags: \"%s\").",
- impl, protohigh, protolow, flags);
+ "Peer on connection %d announces itself as \"%s\" using protocol %d.%d (flags: \"%s\").",
+ Client_Conn(Client), impl,
+ protohigh, protolow, flags);
}
Client_SetFlags(Client, flags);
}
/**
- * IRC "NICK" command.
+ * Handler for the IRC "NICK" command.
+ *
+ * See RFC 2812, 3.1.2 "Nick message", and RFC 2813, 4.1.3 "Nick".
+ *
* This function implements the IRC command "NICK" which is used to register
* with the server, to change already registered nicknames and to introduce
* new users which are connected to other servers.
+ *
+ * @param Client The client from which this command has been received.
+ * @param Req Request structure with prefix and all parameters.
+ * @returns CONNECTED or DISCONNECTED.
*/
GLOBAL bool
IRC_NICK( CLIENT *Client, REQUEST *Req )
/* Register new nickname of this client */
Client_SetID( target, Req->argv[0] );
+#ifndef STRICT_RFC
+ if (Conf_AuthPing) {
+ Conn_SetAuthPing(Client_Conn(Client), random());
+ IRC_WriteStrClient(Client, "PING :%ld",
+ Conn_GetAuthPing(Client_Conn(Client)));
+ LogDebug("Connection %d: sent AUTH PING %ld ...",
+ Client_Conn(Client),
+ Conn_GetAuthPing(Client_Conn(Client)));
+ }
+#endif
+
/* If we received a valid USER command already then
* register the new client! */
if( Client_Type( Client ) == CLIENT_GOTUSER )
/**
- * Handler for the IRC command "USER".
+ * Handler for the IRC "USER" command.
+ *
+ * See RFC 2812, 3.1.3 "User message".
+ *
+ * @param Client The client from which this command has been received.
+ * @param Req Request structure with prefix and all parameters.
+ * @returns CONNECTED or DISCONNECTED.
*/
GLOBAL bool
IRC_USER(CLIENT * Client, REQUEST * Req)
/**
- * Handler for the IRC command "SERVICE".
+ * Handler for the IRC "SERVICE" command.
+ *
* This function implements IRC Services registration using the SERVICE command
* defined in RFC 2812 3.1.6 and RFC 2813 4.1.4.
+ *
* At the moment ngIRCd doesn't support directly linked services, so this
* function returns ERR_ERRONEUSNICKNAME when the SERVICE command has not been
* received from a peer server.
+ *
+ * @param Client The client from which this command has been received.
+ * @param Req Request structure with prefix and all parameters.
+ * @returns CONNECTED or DISCONNECTED..
*/
GLOBAL bool
IRC_SERVICE(CLIENT *Client, REQUEST *Req)
/**
- * Handler for the IRC command "WEBIRC".
- * Syntax: WEBIRC <password> <username> <real-hostname> <real-IP-address>
+ * Handler for the IRC "WEBIRC" command.
+ *
+ * See doc/Protocol.txt, section II.4:
+ * "Update webchat/proxy client information".
+ *
+ * @param Client The client from which this command has been received.
+ * @param Req Request structure with prefix and all parameters.
+ * @returns CONNECTED or DISCONNECTED.
*/
GLOBAL bool
IRC_WEBIRC(CLIENT *Client, REQUEST *Req)
} /* IRC_WEBIRC */
+/**
+ * Handler for the IRC "QUIT" command.
+ *
+ * See RFC 2812, 3.1.7 "Quit", and RFC 2813, 4.1.5 "Quit".
+ *
+ * @param Client The client from which this command has been received.
+ * @param Req Request structure with prefix and all parameters.
+ * @returns CONNECTED or DISCONNECTED.
+ */
GLOBAL bool
IRC_QUIT( CLIENT *Client, REQUEST *Req )
{
} /* IRC_QUIT */
+#ifndef STRICT_RFC
+
+/**
+ * Handler for HTTP command, e.g. GET and POST
+ *
+ * We handle these commands here to avoid the quite long timeout when
+ * some user tries to access this IRC daemon using an web browser ...
+ *
+ * @param Client The client from which this command has been received.
+ * @param Req Request structure with prefix and all parameters.
+ * @returns CONNECTED or DISCONNECTED.
+ */
+GLOBAL bool
+IRC_QUIT_HTTP( CLIENT *Client, REQUEST *Req )
+{
+ Req->argc = 1;
+ Req->argv[0] = "Oops, HTTP request received? This is IRC!";
+ return IRC_QUIT(Client, Req);
+} /* IRC_QUIT_HTTP */
+
+#endif
+
+
+/**
+ * Handler for the IRC "PING" command.
+ *
+ * See RFC 2812, 3.7.2 "Ping message".
+ *
+ * @param Client The client from which this command has been received.
+ * @param Req Request structure with prefix and all parameters.
+ * @returns CONNECTED or DISCONNECTED.
+ */
GLOBAL bool
IRC_PING(CLIENT *Client, REQUEST *Req)
{
} /* IRC_PING */
+/**
+ * Handler for the IRC "PONG" command.
+ *
+ * See RFC 2812, 3.7.3 "Pong message".
+ *
+ * @param Client The client from which this command has been received.
+ * @param Req Request structure with prefix and all parameters.
+ * @returns CONNECTED or DISCONNECTED.
+ */
GLOBAL bool
IRC_PONG(CLIENT *Client, REQUEST *Req)
{
CLIENT *target, *from;
+ CONN_ID conn;
+#ifndef STRICT_RFC
+ long auth_ping;
+#endif
char *s;
assert(Client != NULL);
assert(Req != NULL);
/* Wrong number of arguments? */
- if (Req->argc < 1)
- return IRC_WriteStrClient(Client, ERR_NOORIGIN_MSG,
- Client_ID(Client));
- if (Req->argc > 2)
- return IRC_WriteStrClient(Client, ERR_NEEDMOREPARAMS_MSG,
- Client_ID(Client), Req->command);
+ if (Req->argc < 1) {
+ if (Client_Type(Client) == CLIENT_USER)
+ return IRC_WriteStrClient(Client, ERR_NOORIGIN_MSG,
+ Client_ID(Client));
+ else
+ return CONNECTED;
+ }
+ if (Req->argc > 2) {
+ if (Client_Type(Client) == CLIENT_USER)
+ return IRC_WriteStrClient(Client,
+ ERR_NEEDMOREPARAMS_MSG,
+ Client_ID(Client),
+ Req->command);
+ else
+ return CONNECTED;
+ }
/* Forward? */
if (Req->argc == 2 && Client_Type(Client) == CLIENT_SERVER) {
/* The connection timestamp has already been updated when the data has
* been read from so socket, so we don't need to update it here. */
+
+ conn = Client_Conn(Client);
+
+#ifndef STRICT_RFC
+ /* Check authentication PING-PONG ... */
+ auth_ping = Conn_GetAuthPing(conn);
+ if (auth_ping) {
+ LogDebug("AUTH PONG: waiting for token \"%ld\", got \"%s\" ...",
+ auth_ping, Req->argv[0]);
+ if (auth_ping == atoi(Req->argv[0])) {
+ Conn_SetAuthPing(conn, 0);
+ if (Client_Type(Client) == CLIENT_WAITAUTHPING)
+ Hello_User(Client);
+ } else
+ if (!IRC_WriteStrClient(Client,
+ "To connect, type /QUOTE PONG %ld",
+ auth_ping))
+ return DISCONNECTED;
+ }
+#endif
+
#ifdef DEBUG
- if (Client_Conn(Client) > NONE)
+ if (conn > NONE)
Log(LOG_DEBUG,
- "Connection %d: received PONG. Lag: %ld seconds.",
- Client_Conn(Client),
+ "Connection %d: received PONG. Lag: %ld seconds.", conn,
time(NULL) - Conn_LastPing(Client_Conn(Client)));
else
Log(LOG_DEBUG,
- "Connection %d: received PONG.", Client_Conn(Client));
+ "Connection %d: received PONG.", conn);
#endif
return CONNECTED;
} /* IRC_PONG */
+/**
+ * Initiate client registration.
+ *
+ * This function is called after the daemon received the required NICK and
+ * USER commands of a new client. If the daemon is compiled with support for
+ * PAM, the authentication sub-processs is forked; otherwise the global server
+ * password is checked.
+ *
+ * @param Client The client logging in.
+ * @returns CONNECTED or DISCONNECTED.
+ */
static bool
Hello_User(CLIENT * Client)
{
#ifdef PAM
int pipefd[2], result;
- CONN_ID conn;
pid_t pid;
+#endif
+ CONN_ID conn;
assert(Client != NULL);
conn = Client_Conn(Client);
- pid = Proc_Fork(Conn_GetProcStat(conn), pipefd, cb_Read_Auth_Result);
+#ifndef STRICT_RFC
+ if (Conf_AuthPing) {
+ /* Did we receive the "auth PONG" already? */
+ if (Conn_GetAuthPing(conn)) {
+ Client_SetType(Client, CLIENT_WAITAUTHPING);
+ LogDebug("Connection %d: Waiting for AUTH PONG ...", conn);
+ return CONNECTED;
+ }
+ }
+#endif
+
+#ifdef PAM
+ if (!Conf_PAM) {
+ /* Don't do any PAM authentication at all, instead emulate
+ * the beahiour of the daemon compiled without PAM support:
+ * because there can't be any "server password", all
+ * passwords supplied are classified as "wrong". */
+ if(Client_Password(Client)[0] == '\0')
+ return Hello_User_PostAuth(Client);
+ Reject_Client(Client);
+ return DISCONNECTED;
+ }
+
+ /* Fork child process for PAM authentication; and make sure that the
+ * process timeout is set higher than the login timeout! */
+ pid = Proc_Fork(Conn_GetProcStat(conn), pipefd,
+ cb_Read_Auth_Result, Conf_PongTimeout + 1);
if (pid > 0) {
LogDebug("Authenticator for connection %d created (PID %d).",
conn, pid);
return CONNECTED;
} else {
/* Sub process */
- signal(SIGTERM, Proc_GenericSignalHandler);
Log_Init_Subprocess("Auth");
- if (Conf_NoPAM) {
- result = (Client_Password(Client)[0] == '\0');
- } else
- result = PAM_Authenticate(Client);
- write(pipefd[1], &result, sizeof(result));
+ result = PAM_Authenticate(Client);
+ if (write(pipefd[1], &result, sizeof(result)) != sizeof(result))
+ Log_Subprocess(LOG_ERR,
+ "Failed to pipe result to parent!");
Log_Exit_Subprocess("Auth");
exit(0);
}
#else
- assert(Client != NULL);
-
/* Check global server password ... */
if (strcmp(Client_Password(Client), Conf_ServerPwd) != 0) {
/* Bad password! */
/**
* Read result of the authenticatior sub-process from pipe
+ *
+ * @param r_fd File descriptor of the pipe.
+ * @param events (ignored IO specification)
*/
static void
cb_Read_Auth_Result(int r_fd, UNUSED short events)
if (len == 0)
return;
- /* Make sure authenticator sub-process is dead now ... */
- Proc_Kill(proc);
-
if (len != sizeof(result)) {
Log(LOG_CRIT, "Auth: Got malformed result!");
Reject_Client(client);
return;
}
- if (result == true)
+ if (result == true) {
+ Client_SetUser(client, Client_OrigUser(client), true);
(void)Hello_User_PostAuth(client);
- else
+ } else
Reject_Client(client);
}
#endif
+/**
+ * Reject a client because of wrong password.
+ *
+ * This function is called either when the global server password or a password
+ * checked using PAM has been wrong.
+ *
+ * @param Client The client to reject.
+ */
static void
Reject_Client(CLIENT *Client)
{
}
+/**
+ * Finish client registration.
+ *
+ * Introduce the new client to the network and send all "hello messages"
+ * to it after authentication has been succeeded.
+ *
+ * @param Client The client logging in.
+ * @returns CONNECTED or DISCONNECTED.
+ */
static bool
Hello_User_PostAuth(CLIENT *Client)
{
}
+/**
+ * Kill all users with a specific nick name in the network.
+ *
+ * @param Nick Nick name.
+ * @param Reason Reason for the KILL.
+ */
static void
Kill_Nick( char *Nick, char *Reason )
{
} /* Kill_Nick */
+/**
+ * Introduce a new user or service client in the network.
+ *
+ * @param From Remote server introducing the client or NULL (local).
+ * @param Client New client.
+ * @param Type Type of the client (CLIENT_USER or CLIENT_SERVICE).
+ */
static void
Introduce_Client(CLIENT *From, CLIENT *Client, int Type)
{
} /* Introduce_Client */
+/**
+ * Introduce a new user or service client to a remote server.
+ *
+ * This function differentiates between RFC1459 and RFC2813 server links and
+ * generates the appropriate commands to register the new user or service.
+ *
+ * @param To The remote server to inform.
+ * @param Prefix Prefix for the generated commands.
+ * @param data CLIENT structure of the new client.
+ */
static void
cb_introduceClient(CLIENT *To, CLIENT *Prefix, void *data)
{