X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=src%2Fngircd%2Fconn.c;h=01253a2a19dba746ead7a8edc8b1bca34985c263;hb=15dfdaac823c5927b096b2980753a6198a6a7741;hp=be306e5f9a954238d001ec8ed470f412db2097c8;hpb=5c6875d7686e1b4dbf1a82b6d159bd5f18da4a52;p=ngircd-alex.git diff --git a/src/ngircd/conn.c b/src/ngircd/conn.c index be306e5f..01253a2a 100644 --- a/src/ngircd/conn.c +++ b/src/ngircd/conn.c @@ -128,7 +128,7 @@ time_t idle_t = 0; * Get number of sockets available from systemd(8). * * ngIRCd needs to implement its own sd_listen_fds(3) function and can't - * use the one provided by systemd itself, becaus the sockets will be + * use the one provided by systemd itself, because the sockets will be * used in a forked child process with a new PID, and this would trigger * an error in the standard implementation. * @@ -139,7 +139,7 @@ static int my_sd_listen_fds(void) { const char *e; - long count; + int count; /* Check if LISTEN_PID exists; but we ignore the result, because * normally ngircd forks a child before checking this, and therefore @@ -151,7 +151,7 @@ my_sd_listen_fds(void) e = getenv("LISTEN_FDS"); if (!e || !*e) return -1; - count = atol(e); + count = atoi(e); unsetenv("LISTEN_FDS"); return count; @@ -367,13 +367,13 @@ cb_clientserver(int sock, short what) #ifdef SSL_SUPPORT /** - * IO callback for established SSL-enabled client and server connections. + * IO callback for new SSL-enabled client and server connections. * * @param sock Socket descriptor. * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...). */ static void -cb_clientserver_ssl(int sock, short what) +cb_clientserver_ssl(int sock, UNUSED short what) { CONN_ID idx = Socket2Index(sock); @@ -390,14 +390,11 @@ cb_clientserver_ssl(int sock, short what) case 0: return; /* EAGAIN: callback will be invoked again by IO layer */ default: - Conn_Close(idx, "SSL accept error, closing socket", "SSL accept error", false); + Conn_Close(idx, + "SSL accept error, closing socket", "SSL accept error", + false); return; } - if (what & IO_WANTREAD) - Read_Request(idx); - - if (what & IO_WANTWRITE) - Handle_Write(idx); io_event_setcb(sock, cb_clientserver); /* SSL handshake completed */ } @@ -405,14 +402,13 @@ cb_clientserver_ssl(int sock, short what) /** - * Initialize connecion module. + * Initialize connection module. */ GLOBAL void Conn_Init( void ) { CONN_ID i; - /* Speicher fuer Verbindungs-Pool anfordern */ Pool_Size = CONNECTION_POOL; if ((Conf_MaxConnections > 0) && (Pool_Size > Conf_MaxConnections)) @@ -588,7 +584,8 @@ Conn_InitListeners( void ) continue; } Log(LOG_INFO, - "Initialized socket %d from systemd.", fd); + "Initialized socket %d from systemd(8): %s:%d.", fd, + ng_ipaddr_tostr(&addr), ng_ipaddr_getport(&addr)); created++; } return created; @@ -855,8 +852,7 @@ Conn_Handler(void) /* Look for non-empty read buffers ... */ for (i = 0; i < Pool_Size; i++) { if ((My_Connections[i].sock > NONE) - && (array_bytes(&My_Connections[i].rbuf) > 0) - && (My_Connections[i].delaytime <= t)) { + && (array_bytes(&My_Connections[i].rbuf) > 0)) { /* ... and try to handle the received data */ bytes_processed = Handle_Buffer(i); /* if we processed data, and there might be @@ -926,7 +922,7 @@ Conn_Handler(void) * which is the granularity with witch we handle "penalty * times" for example. * Note: tv_sec/usec are undefined(!) after io_dispatch() - * returns, so we have to set it beforce each call to it! */ + * returns, so we have to set it before each call to it! */ tv.tv_usec = 0; tv.tv_sec = 1; @@ -1011,7 +1007,7 @@ va_dcl * * So we have a big problem here: we should send more bytes * to the network than we are allowed to and we don't know - * the originator (any more). The "old" behaviour of blaming + * the originator (any more). The "old" behavior of blaming * the receiver ("next hop") is a bad idea (it could be just * an other server only routing the message!), so the only * option left is to shorten the string and to hope that the @@ -1712,7 +1708,7 @@ Socket2Index( int Sock ) /** - * Read data from the network to the read buffer. If an error occures, + * Read data from the network to the read buffer. If an error occurs, * the socket of this connection will be shut down. * * @param Idx Connection index. @@ -1861,7 +1857,7 @@ Handle_Buffer(CONN_ID Idx) maxcmd = (int)(Client_UserCount() / 5) + MAX_COMMANDS_SERVER_MIN; /* Allow servers to handle even more commands while peering - * to speed up server login and network synchronisation. */ + * to speed up server login and network synchronization. */ if (Conn_LastPing(Idx) == 0) maxcmd *= 5; break; @@ -2355,7 +2351,7 @@ cb_Connect_to_Server(int fd, UNUSED short events) /** * Read results of a resolver sub-process from the pipe and update the - * apropriate connection/client structure(s): hostname and/or IDENT user name. + * appropriate connection/client structure(s): hostname and/or IDENT user name. * * @param r_fd File descriptor of the pipe to the sub-process. * @param events (ignored IO specification) @@ -2582,7 +2578,7 @@ Conn_SetAuthPing(CONN_ID Idx, long ID) #ifdef SSL_SUPPORT /** - * Get information about used SSL chiper. + * Get information about used SSL cipher. * * @param Idx Connection index number. * @param buf Buffer for returned information text. @@ -2614,6 +2610,45 @@ Conn_UsesSSL(CONN_ID Idx) return Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL); } + +GLOBAL char * +Conn_GetCertFp(CONN_ID Idx) +{ + if (Idx < 0) + return NULL; + assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION))); + return ConnSSL_GetCertFp(&My_Connections[Idx]); +} + + +GLOBAL bool +Conn_SetCertFp(CONN_ID Idx, const char *fingerprint) +{ + if (Idx < 0) + return false; + assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION))); + return ConnSSL_SetCertFp(&My_Connections[Idx], fingerprint); +} +#else +GLOBAL bool +Conn_UsesSSL(UNUSED CONN_ID Idx) +{ + return false; +} + + +GLOBAL char * +Conn_GetCertFp(UNUSED CONN_ID Idx) +{ + return NULL; +} + + +GLOBAL bool +Conn_SetCertFp(UNUSED CONN_ID Idx, UNUSED const char *fingerprint) +{ + return true; +} #endif