2 * ngIRCd -- The Next Generation IRC Daemon
3 * Copyright (c)2001-2010 Alexander Barton <alex@barton.de>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 * Please read the file COPYING, README and AUTHORS for more information.
21 * Connection management
36 #include <sys/socket.h>
38 #include <sys/types.h>
40 #include <netinet/in.h>
42 #ifdef HAVE_NETINET_IP_H
43 # ifdef HAVE_NETINET_IN_SYSTM_H
44 # include <netinet/in_systm.h>
46 # include <netinet/ip.h>
50 # include <stdint.h> /* e.g. for Mac OS X */
54 # include <tcpd.h> /* for TCP Wrappers */
70 #include "conn-func.h"
72 #include "ng_ipaddr.h"
80 #define SERVER_WAIT (NONE - 1)
82 #define MAX_COMMANDS 3
83 #define MAX_COMMANDS_SERVER 10
84 #define MAX_COMMANDS_SERVICE MAX_COMMANDS_SERVER
87 static bool Handle_Write PARAMS(( CONN_ID Idx ));
88 static bool Conn_Write PARAMS(( CONN_ID Idx, char *Data, size_t Len ));
89 static int New_Connection PARAMS(( int Sock ));
90 static CONN_ID Socket2Index PARAMS(( int Sock ));
91 static void Read_Request PARAMS(( CONN_ID Idx ));
92 static unsigned int Handle_Buffer PARAMS(( CONN_ID Idx ));
93 static void Check_Connections PARAMS(( void ));
94 static void Check_Servers PARAMS(( void ));
95 static void Init_Conn_Struct PARAMS(( CONN_ID Idx ));
96 static bool Init_Socket PARAMS(( int Sock ));
97 static void New_Server PARAMS(( int Server, ng_ipaddr_t *dest ));
98 static void Simple_Message PARAMS(( int Sock, const char *Msg ));
99 static int NewListener PARAMS(( const char *listen_addr, UINT16 Port ));
100 static void Account_Connection PARAMS((void));
103 static array My_Listeners;
104 static array My_ConnArray;
105 static size_t NumConnections, NumConnectionsMax, NumConnectionsAccepted;
108 int allow_severity = LOG_INFO;
109 int deny_severity = LOG_ERR;
112 static void server_login PARAMS((CONN_ID idx));
115 extern struct SSLOptions Conf_SSLOptions;
116 static void cb_connserver_login_ssl PARAMS((int sock, short what));
117 static void cb_clientserver_ssl PARAMS((int sock, short what));
119 static void cb_Read_Resolver_Result PARAMS((int sock, UNUSED short what));
120 static void cb_Connect_to_Server PARAMS((int sock, UNUSED short what));
121 static void cb_clientserver PARAMS((int sock, short what));
125 * IO callback for listening sockets: handle new connections. This callback
126 * gets called when a new non-SSL connection should be accepted.
127 * @param sock Socket descriptor
128 * @param irrelevant (ignored IO specification)
131 cb_listen(int sock, short irrelevant)
134 (void) New_Connection(sock);
140 * IO callback for listening SSL sockets: handle new connections. This callback
141 * gets called when a new SSL-enabled connection should be accepted.
142 * @param sock Socket descriptor
143 * @param irrelevant (ignored IO specification)
146 cb_listen_ssl(int sock, short irrelevant)
151 fd = New_Connection(sock);
154 io_event_setcb(My_Connections[fd].sock, cb_clientserver_ssl);
160 * IO callback for new outgoing non-SSL server connections.
161 * @param sock Socket descriptor
162 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
165 cb_connserver(int sock, UNUSED short what)
167 int res, err, server;
169 CONN_ID idx = Socket2Index( sock );
172 LogDebug("cb_connserver wants to write on unknown socket?!");
177 assert(what & IO_WANTWRITE);
179 /* Make sure that the server is still configured; it could have been
180 * removed in the meantime! */
181 server = Conf_GetServer(idx);
183 Log(LOG_ERR, "Connection on socket %d to \"%s\" aborted!",
184 sock, My_Connections[idx].host);
185 Conn_Close(idx, "Connection aborted!", NULL, false);
189 /* connect() finished, get result. */
190 sock_len = (socklen_t)sizeof(err);
191 res = getsockopt(My_Connections[idx].sock, SOL_SOCKET, SO_ERROR,
193 assert(sock_len == sizeof(err));
195 /* Error while connecting? */
196 if ((res != 0) || (err != 0)) {
198 Log(LOG_CRIT, "getsockopt (connection %d): %s!",
199 idx, strerror(errno));
202 "Can't connect socket to \"%s:%d\" (connection %d): %s!",
203 My_Connections[idx].host, Conf_Server[server].port,
206 Conn_Close(idx, "Can't connect!", NULL, false);
208 if (ng_ipaddr_af(&Conf_Server[server].dst_addr[0])) {
209 /* more addresses to try... */
210 New_Server(server, &Conf_Server[server].dst_addr[0]);
211 /* connection to dst_addr[0] is now in progress, so
212 * remove this address... */
213 Conf_Server[server].dst_addr[0] =
214 Conf_Server[server].dst_addr[1];
215 memset(&Conf_Server[server].dst_addr[1], 0,
216 sizeof(Conf_Server[server].dst_addr[1]));
221 /* connect() succeeded, remove all additional addresses */
222 memset(&Conf_Server[server].dst_addr, 0,
223 sizeof(Conf_Server[server].dst_addr));
225 Conn_OPTION_DEL( &My_Connections[idx], CONN_ISCONNECTING );
227 if ( Conn_OPTION_ISSET( &My_Connections[idx], CONN_SSL_CONNECT )) {
228 io_event_setcb( sock, cb_connserver_login_ssl );
229 io_event_add( sock, IO_WANTWRITE|IO_WANTREAD );
238 * Login to a remote server.
239 * @param idx Connection index
242 server_login(CONN_ID idx)
245 "Connection %d (socket %d) with \"%s:%d\" established. Now logging in ...",
246 idx, My_Connections[idx].sock, My_Connections[idx].host,
247 Conf_Server[Conf_GetServer(idx)].port);
249 io_event_setcb( My_Connections[idx].sock, cb_clientserver);
250 io_event_add( My_Connections[idx].sock, IO_WANTREAD|IO_WANTWRITE);
252 /* Send PASS and SERVER command to peer */
253 Conn_WriteStr( idx, "PASS %s %s", Conf_Server[Conf_GetServer( idx )].pwd_out, NGIRCd_ProtoID );
254 Conn_WriteStr( idx, "SERVER %s :%s", Conf_ServerName, Conf_ServerInfo );
260 * IO callback for new outgoing SSL-enabled server connections.
261 * @param sock Socket descriptor
262 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
265 cb_connserver_login_ssl(int sock, short unused)
267 CONN_ID idx = Socket2Index(sock);
275 switch (ConnSSL_Connect( &My_Connections[idx])) {
277 case 0: LogDebug("ConnSSL_Connect: not ready");
280 Log(LOG_ERR, "SSL connection on socket %d failed!", sock);
281 Conn_Close(idx, "Can't connect!", NULL, false);
285 Log( LOG_INFO, "SSL connection %d with \"%s:%d\" established.", idx,
286 My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port );
294 * IO callback for established non-SSL client and server connections.
295 * @param sock Socket descriptor
296 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
299 cb_clientserver(int sock, short what)
301 CONN_ID idx = Socket2Index(sock);
310 if (what & IO_WANTREAD
311 || (Conn_OPTION_ISSET(&My_Connections[idx], CONN_SSL_WANT_WRITE))) {
312 /* if TLS layer needs to write additional data, call
313 * Read_Request() instead so that SSL/TLS can continue */
317 if (what & IO_WANTREAD)
320 if (what & IO_WANTWRITE)
327 * IO callback for established SSL-enabled client and server connections.
328 * @param sock Socket descriptor
329 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
332 cb_clientserver_ssl(int sock, short what)
334 CONN_ID idx = Socket2Index(sock);
343 switch (ConnSSL_Accept(&My_Connections[idx])) {
347 return; /* EAGAIN: callback will be invoked again by IO layer */
349 Conn_Close(idx, "SSL accept error, closing socket", "SSL accept error", false);
352 if (what & IO_WANTREAD)
355 if (what & IO_WANTWRITE)
358 io_event_setcb(sock, cb_clientserver); /* SSL handshake completed */
364 * Initialite connecion module.
371 /* Speicher fuer Verbindungs-Pool anfordern */
372 Pool_Size = CONNECTION_POOL;
373 if ((Conf_MaxConnections > 0) &&
374 (Pool_Size > Conf_MaxConnections))
375 Pool_Size = Conf_MaxConnections;
377 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)Pool_Size)) {
378 Log(LOG_EMERG, "Can't allocate memory! [Conn_Init]");
382 /* FIXME: My_Connetions/Pool_Size is needed by other parts of the
383 * code; remove them! */
384 My_Connections = (CONNECTION*) array_start(&My_ConnArray);
386 LogDebug("Allocated connection pool for %d items (%ld bytes).",
387 array_length(&My_ConnArray, sizeof(CONNECTION)),
388 array_bytes(&My_ConnArray));
390 assert(array_length(&My_ConnArray, sizeof(CONNECTION)) >= (size_t)Pool_Size);
392 array_free( &My_Listeners );
394 for (i = 0; i < Pool_Size; i++)
400 * Clean up connection module.
407 Conn_ExitListeners();
409 LogDebug("Shutting down all connections ..." );
410 for( idx = 0; idx < Pool_Size; idx++ ) {
411 if( My_Connections[idx].sock > NONE ) {
412 Conn_Close( idx, NULL, NGIRCd_SignalRestart ?
413 "Server going down (restarting)":"Server going down", true );
417 array_free(&My_ConnArray);
418 My_Connections = NULL;
420 io_library_shutdown();
425 * Close all sockets (file descriptors) of open connections.
426 * This is useful in forked child processes, for example, to make sure that
427 * they don't hold connections open that the main process wants to close.
430 Conn_CloseAllSockets(void)
434 for(idx = 0; idx < Pool_Size; idx++) {
435 if(My_Connections[idx].sock > NONE)
436 close(My_Connections[idx].sock);
442 ports_initlisteners(array *a, const char *listen_addr, void (*func)(int,short))
444 unsigned int created = 0;
449 len = array_length(a, sizeof (UINT16));
450 port = array_start(a);
452 fd = NewListener(listen_addr, *port);
457 if (!io_event_create( fd, IO_WANTREAD, func )) {
458 Log( LOG_ERR, "io_event_create(): Could not add listening fd %d (port %u): %s!",
459 fd, (unsigned int) *port, strerror(errno));
472 * Initialize all listening sockets.
473 * @return Number of created listening sockets
476 Conn_InitListeners( void )
478 /* Initialize ports on which the server should accept connections */
479 unsigned int created = 0;
480 char *copy, *listen_addr;
482 assert(Conf_ListenAddress);
484 /* can't use Conf_ListenAddress directly, see below */
485 copy = strdup(Conf_ListenAddress);
487 Log(LOG_CRIT, "Cannot copy %s: %s", Conf_ListenAddress, strerror(errno));
490 listen_addr = strtok(copy, ",");
492 while (listen_addr) {
493 ngt_TrimStr(listen_addr);
495 created += ports_initlisteners(&Conf_ListenPorts, listen_addr, cb_listen);
497 created += ports_initlisteners(&Conf_SSLOptions.ListenPorts, listen_addr, cb_listen_ssl);
501 listen_addr = strtok(NULL, ",");
504 /* Can't free() Conf_ListenAddress here: on REHASH, if the config file
505 * cannot be re-loaded, we'd end up with a NULL Conf_ListenAddress.
506 * Instead, free() takes place in conf.c, before the config file
507 * is being parsed. */
511 } /* Conn_InitListeners */
515 Conn_ExitListeners( void )
517 /* Close down all listening sockets */
521 arraylen = array_length(&My_Listeners, sizeof (int));
523 "Shutting down all listening sockets (%d total) ...", arraylen);
524 fd = array_start(&My_Listeners);
529 LogDebug("Listening socket %d closed.", *fd );
532 array_free(&My_Listeners);
533 } /* Conn_ExitListeners */
537 InitSinaddrListenAddr(ng_ipaddr_t *addr, const char *listen_addrstr, UINT16 Port)
541 ret = ng_ipaddr_init(addr, listen_addrstr, Port);
543 assert(listen_addrstr);
544 Log(LOG_CRIT, "Can't bind to [%s]:%u: can't convert ip address \"%s\"",
545 listen_addrstr, Port, listen_addrstr);
552 set_v6_only(int af, int sock)
554 #if defined(IPV6_V6ONLY) && defined(WANT_IPV6)
560 if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, (socklen_t)sizeof(on)))
561 Log(LOG_ERR, "Could not set IPV6_V6ONLY: %s", strerror(errno));
569 /* return new listening port file descriptor or -1 on failure */
571 NewListener(const char *listen_addr, UINT16 Port)
573 /* Create new listening socket on specified port */
577 if (!InitSinaddrListenAddr(&addr, listen_addr, Port))
580 af = ng_ipaddr_af(&addr);
581 sock = socket(af, SOCK_STREAM, 0);
583 Log(LOG_CRIT, "Can't create socket (af %d) : %s!", af, strerror(errno));
587 set_v6_only(af, sock);
589 if (!Init_Socket(sock))
592 if (bind(sock, (struct sockaddr *)&addr, ng_ipaddr_salen(&addr)) != 0) {
593 Log(LOG_CRIT, "Can't bind socket to address %s:%d - %s",
594 ng_ipaddr_tostr(&addr), Port, strerror(errno));
599 if( listen( sock, 10 ) != 0 ) {
600 Log( LOG_CRIT, "Can't listen on socket: %s!", strerror( errno ));
605 /* keep fd in list so we can close it when ngircd restarts/shuts down */
606 if (!array_catb( &My_Listeners,(char*) &sock, sizeof(int) )) {
607 Log( LOG_CRIT, "Can't add socket to My_Listeners array: %s!", strerror( errno ));
612 Log(LOG_INFO, "Now listening on [%s]:%d (socket %d).",
613 ng_ipaddr_tostr(&addr), Port, sock);
620 * SSL/TLS connections require extra treatment:
621 * When either CONN_SSL_WANT_WRITE or CONN_SSL_WANT_READ is set, we
622 * need to take care of that first, before checking read/write buffers.
623 * For instance, while we might have data in our write buffer, the
624 * TLS/SSL protocol might need to read internal data first for TLS/SSL
627 * If this function returns true, such a condition is met and we have
628 * to reverse the condition (check for read even if we've data to write,
629 * do not check for read but writeability even if write-buffer is empty).
632 SSL_WantRead(const CONNECTION *c)
634 if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_READ)) {
635 io_event_add(c->sock, IO_WANTREAD);
641 SSL_WantWrite(const CONNECTION *c)
643 if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_WRITE)) {
644 io_event_add(c->sock, IO_WANTWRITE);
651 SSL_WantRead(UNUSED const CONNECTION *c)
654 SSL_WantWrite(UNUSED const CONNECTION *c)
660 * "Main Loop": Loop until shutdown or restart is signalled.
661 * This function loops until a shutdown or restart of ngIRCd is signalled and
662 * calls io_dispatch() to check for readable and writable sockets every second.
663 * It checks for status changes on pending connections (e. g. when a hostname
664 * has been resolved), checks for "penalties" and timeouts, and handles the
671 unsigned int wdatalen, bytes_processed;
675 while (!NGIRCd_SignalQuit && !NGIRCd_SignalRestart) {
678 /* Check configured servers and established links */
682 /* Look for non-empty read buffers ... */
683 for (i = 0; i < Pool_Size; i++) {
684 if ((My_Connections[i].sock > NONE)
685 && (array_bytes(&My_Connections[i].rbuf) > 0)
686 && (My_Connections[i].delaytime <= t)) {
687 /* ... and try to handle the received data */
688 bytes_processed = Handle_Buffer(i);
689 /* if we processed data, and there might be
690 * more commands in the input buffer, do not
691 * try to read any more data now */
692 if (bytes_processed &&
693 array_bytes(&My_Connections[i].rbuf) > 2) {
695 ("Throttling connection %d: command limit reached!",
697 Conn_SetPenalty(i, 1);
702 /* Look for non-empty write buffers ... */
703 for (i = 0; i < Pool_Size; i++) {
704 if (My_Connections[i].sock <= NONE)
707 wdatalen = (unsigned int)array_bytes(&My_Connections[i].wbuf);
710 array_bytes(&My_Connections[i].zip.wbuf) > 0)
715 if (SSL_WantRead(&My_Connections[i]))
717 io_event_add(My_Connections[i].sock,
722 /* Check from which sockets we possibly could read ... */
723 for (i = 0; i < Pool_Size; i++) {
724 if (My_Connections[i].sock <= NONE)
727 if (SSL_WantWrite(&My_Connections[i]))
728 continue; /* TLS/SSL layer needs to write data; deal with this first */
730 if (Proc_InProgress(&My_Connections[i].proc_stat)) {
731 /* Wait for completion of forked subprocess
732 * and ignore the socket in the meantime ... */
733 io_event_del(My_Connections[i].sock,
738 if (Conn_OPTION_ISSET(&My_Connections[i], CONN_ISCONNECTING))
739 /* Wait for completion of connect() ... */
742 if (My_Connections[i].delaytime > t) {
743 /* There is a "penalty time" set: ignore socket! */
744 io_event_del(My_Connections[i].sock,
749 io_event_add(My_Connections[i].sock, IO_WANTREAD);
752 /* Set the timeout for reading from the network to 1 second,
753 * which is the granularity with witch we handle "penalty
754 * times" for example.
755 * Note: tv_sec/usec are undefined(!) after io_dispatch()
756 * returns, so we have to set it beforce each call to it! */
760 /* Wait for activity ... */
761 i = io_dispatch(&tv);
762 if (i == -1 && errno != EINTR) {
763 Log(LOG_EMERG, "Conn_Handler(): io_dispatch(): %s!",
765 Log(LOG_ALERT, "%s exiting due to fatal errors!",
771 if (NGIRCd_SignalQuit)
772 Log(LOG_NOTICE | LOG_snotice, "Server going down NOW!");
773 else if (NGIRCd_SignalRestart)
774 Log(LOG_NOTICE | LOG_snotice, "Server restarting NOW!");
779 * Write a text string into the socket of a connection.
780 * This function automatically appends CR+LF to the string and validates that
781 * the result is a valid IRC message (oversized messages are shortened, for
782 * example). Then it calls the Conn_Write() function to do the actual sending.
783 * @param Idx Index fo the connection.
784 * @param Format Format string, see printf().
785 * @return true on success, false otherwise.
789 Conn_WriteStr(CONN_ID Idx, const char *Format, ...)
792 Conn_WriteStr(Idx, Format, va_alist)
798 char buffer[COMMAND_LEN];
803 assert( Idx > NONE );
804 assert( Format != NULL );
807 va_start( ap, Format );
811 if (vsnprintf( buffer, COMMAND_LEN - 2, Format, ap ) >= COMMAND_LEN - 2 ) {
813 * The string that should be written to the socket is longer
814 * than the allowed size of COMMAND_LEN bytes (including both
815 * the CR and LF characters). This can be caused by the
816 * IRC_WriteXXX() functions when the prefix of this server had
817 * to be added to an already "quite long" command line which
818 * has been received from a regular IRC client, for example.
820 * We are not allowed to send such "oversized" messages to
821 * other servers and clients, see RFC 2812 2.3 and 2813 3.3
822 * ("these messages SHALL NOT exceed 512 characters in length,
823 * counting all characters including the trailing CR-LF").
825 * So we have a big problem here: we should send more bytes
826 * to the network than we are allowed to and we don't know
827 * the originator (any more). The "old" behaviour of blaming
828 * the receiver ("next hop") is a bad idea (it could be just
829 * an other server only routing the message!), so the only
830 * option left is to shorten the string and to hope that the
831 * result is still somewhat useful ...
835 strcpy (buffer + sizeof(buffer) - strlen(CUT_TXTSUFFIX) - 2 - 1,
841 Log(LOG_DEBUG, " -> connection %d: '%s'.", Idx, buffer);
844 len = strlcat( buffer, "\r\n", sizeof( buffer ));
845 ok = Conn_Write(Idx, buffer, len);
846 My_Connections[Idx].msg_out++;
850 } /* Conn_WriteStr */
854 * Append Data to the outbound write buffer of a connection.
855 * @param Idx Index of the connection.
856 * @param Data pointer to the data.
857 * @param Len length of Data.
858 * @return true on success, false otherwise.
861 Conn_Write( CONN_ID Idx, char *Data, size_t Len )
864 size_t writebuf_limit = WRITEBUFFER_MAX_LEN;
865 assert( Idx > NONE );
866 assert( Data != NULL );
869 c = Conn_GetClient(Idx);
872 /* Servers do get special write buffer limits, so they can generate
873 * all the messages that are required while peering. */
874 if (Client_Type(c) == CLIENT_SERVER)
875 writebuf_limit = WRITEBUFFER_SLINK_LEN;
877 /* Is the socket still open? A previous call to Conn_Write()
878 * may have closed the connection due to a fatal error.
879 * In this case it is sufficient to return an error, as well. */
880 if( My_Connections[Idx].sock <= NONE ) {
881 LogDebug("Skipped write on closed socket (connection %d).", Idx);
886 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
888 * Zip_Buffer() does all the dirty work for us: it flushes
889 * the (pre-)compression buffers if required and handles
890 * all error conditions. */
891 if (!Zip_Buffer(Idx, Data, Len))
897 /* Uncompressed link:
898 * Check if outbound buffer has enough space for the data. */
899 if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
900 WRITEBUFFER_FLUSH_LEN) {
901 /* Buffer is full, flush it. Handle_Write deals with
902 * low-level errors, if any. */
903 if (!Handle_Write(Idx))
907 /* When the write buffer is still too big after flushing it,
908 * the connection will be killed. */
909 if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
912 "Write buffer overflow (connection %d, limit is %lu bytes, %lu bytes new, %lu bytes pending)!",
913 Idx, writebuf_limit, Len,
914 (unsigned long)array_bytes(&My_Connections[Idx].wbuf));
915 Conn_Close(Idx, "Write buffer overflow!", NULL, false);
919 /* Copy data to write buffer */
920 if (!array_catb(&My_Connections[Idx].wbuf, Data, Len))
923 My_Connections[Idx].bytes_out += Len;
926 /* Adjust global write counter */
934 Conn_Close( CONN_ID Idx, const char *LogMsg, const char *FwdMsg, bool InformClient )
936 /* Close connection. Open pipes of asyncronous resolver
937 * sub-processes are closed down. */
943 double in_z_k, out_z_k;
947 assert( Idx > NONE );
949 /* Is this link already shutting down? */
950 if( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ISCLOSING )) {
951 /* Conn_Close() has been called recursively for this link;
952 * probabe reason: Handle_Write() failed -- see below. */
953 LogDebug("Recursive request to close connection: %d", Idx );
957 assert( My_Connections[Idx].sock > NONE );
959 /* Mark link as "closing" */
960 Conn_OPTION_ADD( &My_Connections[Idx], CONN_ISCLOSING );
962 port = ng_ipaddr_getport(&My_Connections[Idx].addr);
963 Log(LOG_INFO, "Shutting down connection %d (%s) with %s:%d ...", Idx,
964 LogMsg ? LogMsg : FwdMsg, My_Connections[Idx].host, port);
966 /* Search client, if any */
967 c = Conn_GetClient( Idx );
969 /* Should the client be informed? */
972 /* Send statistics to client if registered as user: */
973 if ((c != NULL) && (Client_Type(c) == CLIENT_USER)) {
975 ":%s NOTICE %s :%sConnection statistics: client %.1f kb, server %.1f kb.",
976 Client_ID(Client_ThisServer()), Client_ID(c),
978 (double)My_Connections[Idx].bytes_in / 1024,
979 (double)My_Connections[Idx].bytes_out / 1024);
982 /* Send ERROR to client (see RFC 2812, section 3.1.7) */
984 Conn_WriteStr(Idx, "ERROR :%s", FwdMsg);
986 Conn_WriteStr(Idx, "ERROR :Closing connection");
989 /* Try to write out the write buffer. Note: Handle_Write() eventually
990 * removes the CLIENT structure associated with this connection if an
991 * error occurs! So we have to re-check if there is still an valid
992 * CLIENT structure after calling Handle_Write() ...*/
993 (void)Handle_Write( Idx );
995 /* Search client, if any (re-check!) */
996 c = Conn_GetClient( Idx );
998 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
999 Log(LOG_INFO, "SSL connection %d shutting down ...", Idx);
1000 ConnSSL_Free(&My_Connections[Idx]);
1003 /* Shut down socket */
1004 if (! io_close(My_Connections[Idx].sock)) {
1005 /* Oops, we can't close the socket!? This is ... ugly! */
1007 "Error closing connection %d (socket %d) with %s:%d - %s! (ignored)",
1008 Idx, My_Connections[Idx].sock, My_Connections[Idx].host,
1009 port, strerror(errno));
1012 /* Mark socket as invalid: */
1013 My_Connections[Idx].sock = NONE;
1015 /* If there is still a client, unregister it now */
1017 Client_Destroy(c, LogMsg, FwdMsg, true);
1019 /* Calculate statistics and log information */
1020 in_k = (double)My_Connections[Idx].bytes_in / 1024;
1021 out_k = (double)My_Connections[Idx].bytes_out / 1024;
1023 if (Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP)) {
1024 in_z_k = (double)My_Connections[Idx].zip.bytes_in / 1024;
1025 out_z_k = (double)My_Connections[Idx].zip.bytes_out / 1024;
1026 /* Make sure that no division by zero can occur during
1027 * the calculation of in_p and out_p: in_z_k and out_z_k
1028 * are non-zero, that's guaranteed by the protocol until
1029 * compression can be enabled. */
1034 in_p = (int)(( in_k * 100 ) / in_z_k );
1035 out_p = (int)(( out_k * 100 ) / out_z_k );
1037 "Connection %d with %s:%d closed (in: %.1fk/%.1fk/%d%%, out: %.1fk/%.1fk/%d%%).",
1038 Idx, My_Connections[Idx].host, port,
1039 in_k, in_z_k, in_p, out_k, out_z_k, out_p);
1045 "Connection %d with %s:%d closed (in: %.1fk, out: %.1fk).",
1046 Idx, My_Connections[Idx].host, port,
1050 /* Servers: Modify time of next connect attempt? */
1051 Conf_UnsetServer( Idx );
1054 /* Clean up zlib, if link was compressed */
1055 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
1056 inflateEnd( &My_Connections[Idx].zip.in );
1057 deflateEnd( &My_Connections[Idx].zip.out );
1058 array_free(&My_Connections[Idx].zip.rbuf);
1059 array_free(&My_Connections[Idx].zip.wbuf);
1063 array_free(&My_Connections[Idx].rbuf);
1064 array_free(&My_Connections[Idx].wbuf);
1066 /* Clean up connection structure (=free it) */
1067 Init_Conn_Struct( Idx );
1069 assert(NumConnections > 0);
1072 LogDebug("Shutdown of connection %d completed, %ld connection%s left.",
1073 Idx, NumConnections, NumConnections != 1 ? "s" : "");
1080 return NumConnections;
1087 return NumConnectionsMax;
1088 } /* Conn_CountMax */
1092 Conn_CountAccepted(void)
1094 return NumConnectionsAccepted;
1095 } /* Conn_CountAccepted */
1099 * Synchronize established connections and configured server structures
1100 * after a configuration update and store the correct connection IDs, if any.
1103 Conn_SyncServerStruct(void)
1109 for (i = 0; i < Pool_Size; i++) {
1110 if (My_Connections[i].sock == NONE)
1114 client = Conn_GetClient(i);
1115 if (!client || Client_Type(client) != CLIENT_SERVER)
1118 for (c = 0; c < MAX_SERVERS; c++) {
1119 /* Configured server? */
1120 if (!Conf_Server[c].host[0])
1123 if (strcasecmp(Conf_Server[c].name, Client_ID(client)) == 0)
1124 Conf_Server[c].conn_id = i;
1127 } /* SyncServerStruct */
1131 * Send out data of write buffer; connect new sockets.
1134 Handle_Write( CONN_ID Idx )
1139 assert( Idx > NONE );
1140 if ( My_Connections[Idx].sock < 0 ) {
1141 LogDebug("Handle_Write() on closed socket, connection %d", Idx);
1144 assert( My_Connections[Idx].sock > NONE );
1146 wdatalen = array_bytes(&My_Connections[Idx].wbuf );
1149 if (wdatalen == 0) {
1150 /* Write buffer is empty, so we try to flush the compression
1151 * buffer and get some data to work with from there :-) */
1152 if (!Zip_Flush(Idx))
1155 /* Now the write buffer most probably has changed: */
1156 wdatalen = array_bytes(&My_Connections[Idx].wbuf);
1160 if (wdatalen == 0) {
1161 /* Still no data, fine. */
1162 io_event_del(My_Connections[Idx].sock, IO_WANTWRITE );
1167 ("Handle_Write() called for connection %d, %ld bytes pending ...",
1171 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
1172 len = ConnSSL_Write(&My_Connections[Idx], array_start(&My_Connections[Idx].wbuf), wdatalen);
1176 len = write(My_Connections[Idx].sock,
1177 array_start(&My_Connections[Idx].wbuf), wdatalen );
1180 if (errno == EAGAIN || errno == EINTR)
1183 Log(LOG_ERR, "Write error on connection %d (socket %d): %s!",
1184 Idx, My_Connections[Idx].sock, strerror(errno));
1185 Conn_Close(Idx, "Write error!", NULL, false);
1189 /* move any data not yet written to beginning */
1190 array_moveleft(&My_Connections[Idx].wbuf, 1, (size_t)len);
1193 } /* Handle_Write */
1197 Count_Connections(ng_ipaddr_t *a)
1202 for (i = 0; i < Pool_Size; i++) {
1203 if (My_Connections[i].sock <= NONE)
1205 if (ng_ipaddr_ipequal(&My_Connections[i].addr, a))
1209 } /* Count_Connections */
1213 * Initialize new client connection on a listening socket.
1214 * @param Sock Listening socket descriptor
1215 * @return Accepted socket descriptor or -1 on error
1218 New_Connection(int Sock)
1221 struct request_info req;
1223 ng_ipaddr_t new_addr;
1224 char ip_str[NG_INET_ADDRSTRLEN];
1225 int new_sock, new_sock_len, identsock;
1229 assert(Sock > NONE);
1231 new_sock_len = (int)sizeof(new_addr);
1232 new_sock = accept(Sock, (struct sockaddr *)&new_addr,
1233 (socklen_t *)&new_sock_len);
1235 Log(LOG_CRIT, "Can't accept connection: %s!", strerror(errno));
1238 NumConnectionsAccepted++;
1240 if (!ng_ipaddr_tostr_r(&new_addr, ip_str)) {
1241 Log(LOG_CRIT, "fd %d: Can't convert IP address!", new_sock);
1242 Simple_Message(new_sock, "ERROR :Internal Server Error");
1248 /* Validate socket using TCP Wrappers */
1249 request_init(&req, RQ_DAEMON, PACKAGE_NAME, RQ_FILE, new_sock,
1250 RQ_CLIENT_SIN, &new_addr, NULL);
1252 if (!hosts_access(&req)) {
1254 "Refused connection from %s (by TCP Wrappers)!", ip_str);
1255 Simple_Message(new_sock, "ERROR :Connection refused");
1261 if (!Init_Socket(new_sock))
1264 /* Check global connection limit */
1265 if ((Conf_MaxConnections > 0) &&
1266 (NumConnections >= (size_t) Conf_MaxConnections)) {
1267 Log(LOG_ALERT, "Can't accept connection: limit (%d) reached!",
1268 Conf_MaxConnections);
1269 Simple_Message(new_sock, "ERROR :Connection limit reached");
1274 /* Check IP-based connection limit */
1275 cnt = Count_Connections(&new_addr);
1276 if ((Conf_MaxConnectionsIP > 0) && (cnt >= Conf_MaxConnectionsIP)) {
1277 /* Access denied, too many connections from this IP address! */
1279 "Refused connection from %s: too may connections (%ld) from this IP address!",
1281 Simple_Message(new_sock,
1282 "ERROR :Connection refused, too many connections from your IP address");
1287 if (new_sock >= Pool_Size) {
1288 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION),
1289 (size_t) new_sock)) {
1291 "Can't allocate memory! [New_Connection]");
1292 Simple_Message(new_sock, "ERROR: Internal error");
1296 LogDebug("Bumped connection pool to %ld items (internal: %ld items, %ld bytes)",
1297 new_sock, array_length(&My_ConnArray,
1298 sizeof(CONNECTION)), array_bytes(&My_ConnArray));
1300 /* Adjust pointer to new block */
1301 My_Connections = array_start(&My_ConnArray);
1302 while (Pool_Size <= new_sock)
1303 Init_Conn_Struct(Pool_Size++);
1306 /* register callback */
1307 if (!io_event_create(new_sock, IO_WANTREAD, cb_clientserver)) {
1309 "Can't accept connection: io_event_create failed!");
1310 Simple_Message(new_sock, "ERROR :Internal error");
1315 c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWN, false);
1318 "Can't accept connection: can't create client structure!");
1319 Simple_Message(new_sock, "ERROR :Internal error");
1324 Init_Conn_Struct(new_sock);
1325 My_Connections[new_sock].sock = new_sock;
1326 My_Connections[new_sock].addr = new_addr;
1327 My_Connections[new_sock].client = c;
1329 /* Set initial hostname to IP address. This becomes overwritten when
1330 * the DNS lookup is enabled and succeeds, but is used otherwise. */
1331 if (ng_ipaddr_af(&new_addr) != AF_INET)
1332 snprintf(My_Connections[new_sock].host,
1333 sizeof(My_Connections[new_sock].host), "[%s]", ip_str);
1335 strlcpy(My_Connections[new_sock].host, ip_str,
1336 sizeof(My_Connections[new_sock].host));
1338 Client_SetHostname(c, My_Connections[new_sock].host);
1340 Log(LOG_INFO, "Accepted connection %d from %s:%d on socket %d.",
1341 new_sock, My_Connections[new_sock].host,
1342 ng_ipaddr_getport(&new_addr), Sock);
1344 identsock = new_sock;
1350 Resolve_Addr(&My_Connections[new_sock].proc_stat, &new_addr,
1351 identsock, cb_Read_Resolver_Result);
1353 Account_Connection();
1355 } /* New_Connection */
1359 Account_Connection(void)
1362 if (NumConnections > NumConnectionsMax)
1363 NumConnectionsMax = NumConnections;
1364 LogDebug("Total number of connections now %lu (max %lu).",
1365 NumConnections, NumConnectionsMax);
1366 } /* Account_Connection */
1370 Socket2Index( int Sock )
1372 assert( Sock >= 0 );
1374 if( Sock >= Pool_Size || My_Connections[Sock].sock != Sock ) {
1375 /* the Connection was already closed again, likely due to
1377 LogDebug("Socket2Index: can't get connection for socket %d!", Sock);
1381 } /* Socket2Index */
1385 * Read data from the network to the read buffer. If an error occures,
1386 * the socket of this connection will be shut down.
1389 Read_Request( CONN_ID Idx )
1392 static const unsigned int maxbps = COMMAND_LEN / 2;
1393 char readbuf[READBUFFER_LEN];
1396 assert( Idx > NONE );
1397 assert( My_Connections[Idx].sock > NONE );
1400 if ((array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN) ||
1401 (array_bytes(&My_Connections[Idx].zip.rbuf) >= READBUFFER_LEN))
1403 if (array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN)
1406 /* Read buffer is full */
1408 "Receive buffer overflow (connection %d): %d bytes!",
1409 Idx, array_bytes(&My_Connections[Idx].rbuf));
1410 Conn_Close( Idx, "Receive buffer overflow!", NULL, false );
1415 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL))
1416 len = ConnSSL_Read( &My_Connections[Idx], readbuf, sizeof(readbuf));
1419 len = read(My_Connections[Idx].sock, readbuf, sizeof(readbuf));
1421 Log(LOG_INFO, "%s:%u (%s) is closing the connection ...",
1422 My_Connections[Idx].host,
1423 (unsigned int) ng_ipaddr_getport(&My_Connections[Idx].addr),
1424 ng_ipaddr_tostr(&My_Connections[Idx].addr));
1426 "Socket closed!", "Client closed connection",
1432 if( errno == EAGAIN ) return;
1433 Log(LOG_ERR, "Read error on connection %d (socket %d): %s!",
1434 Idx, My_Connections[Idx].sock, strerror(errno));
1435 Conn_Close(Idx, "Read error!", "Client closed connection",
1440 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
1441 if (!array_catb(&My_Connections[Idx].zip.rbuf, readbuf,
1444 "Could not append recieved data to zip input buffer (connn %d): %d bytes!",
1446 Conn_Close(Idx, "Receive buffer overflow!", NULL,
1453 if (!array_catb( &My_Connections[Idx].rbuf, readbuf, len)) {
1454 Log( LOG_ERR, "Could not append recieved data to input buffer (connn %d): %d bytes!", Idx, len );
1455 Conn_Close( Idx, "Receive buffer overflow!", NULL, false );
1459 /* Update connection statistics */
1460 My_Connections[Idx].bytes_in += len;
1461 My_Connections[Idx].bps += Handle_Buffer(Idx);
1463 /* Make sure that there is still a valid client registered */
1464 c = Conn_GetClient(Idx);
1468 /* Update timestamp of last data received if this connection is
1469 * registered as a user, server or service connection. Don't update
1470 * otherwise, so users have at least Conf_PongTimeout seconds time to
1471 * register with the IRC server -- see Check_Connections().
1472 * Update "lastping", too, if time shifted backwards ... */
1473 if (Client_Type(c) == CLIENT_USER
1474 || Client_Type(c) == CLIENT_SERVER
1475 || Client_Type(c) == CLIENT_SERVICE) {
1477 if (My_Connections[Idx].lastdata != t)
1478 My_Connections[Idx].bps = 0;
1480 My_Connections[Idx].lastdata = t;
1481 if (My_Connections[Idx].lastping > t)
1482 My_Connections[Idx].lastping = t;
1485 /* Look at the data in the (read-) buffer of this connection */
1486 if (Client_Type(c) != CLIENT_SERVER
1487 && Client_Type(c) != CLIENT_UNKNOWNSERVER
1488 && Client_Type(c) != CLIENT_SERVICE
1489 && My_Connections[Idx].bps >= maxbps) {
1490 LogDebug("Throttling connection %d: BPS exceeded! (%u >= %u)",
1491 Idx, My_Connections[Idx].bps, maxbps);
1492 Conn_SetPenalty(Idx, 1);
1494 } /* Read_Request */
1498 * Handle all data in the connection read-buffer.
1499 * Data is processed until no complete command is left in the read buffer,
1500 * or MAX_COMMANDS[_SERVER|_SERVICE] commands were processed.
1501 * When a fatal error occurs, the connection is shut down.
1502 * @param Idx Index of the connection.
1503 * @return number of bytes processed.
1506 Handle_Buffer(CONN_ID Idx)
1509 char *ptr1, *ptr2, *first_eol;
1517 unsigned int i, maxcmd = MAX_COMMANDS, len_processed = 0;
1520 c = Conn_GetClient(Idx);
1523 /* Servers do get special command limits, so they can process
1524 * all the messages that are required while peering. */
1525 switch (Client_Type(c)) {
1527 maxcmd = MAX_COMMANDS_SERVER; break;
1528 case CLIENT_SERVICE:
1529 maxcmd = MAX_COMMANDS_SERVICE; break;
1532 starttime = time(NULL);
1533 for (i=0; i < maxcmd; i++) {
1535 if (My_Connections[Idx].delaytime > starttime)
1538 /* Unpack compressed data, if compression is in use */
1539 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
1540 /* When unzipping fails, Unzip_Buffer() shuts
1541 * down the connection itself */
1542 if (!Unzip_Buffer(Idx))
1547 if (0 == array_bytes(&My_Connections[Idx].rbuf))
1550 /* Make sure that the buffer is NULL terminated */
1551 if (!array_cat0_temporary(&My_Connections[Idx].rbuf)) {
1552 Conn_Close(Idx, NULL,
1553 "Can't allocate memory [Handle_Buffer]",
1558 /* RFC 2812, section "2.3 Messages", 5th paragraph:
1559 * "IRC messages are always lines of characters terminated
1560 * with a CR-LF (Carriage Return - Line Feed) pair [...]". */
1562 ptr = strstr(array_start(&My_Connections[Idx].rbuf), "\r\n");
1565 /* Check for non-RFC-compliant request (only CR or LF)?
1566 * Unfortunately, there are quite a few clients out there
1567 * that do this -- e. g. mIRC, BitchX, and Trillian :-( */
1568 ptr1 = strchr(array_start(&My_Connections[Idx].rbuf), '\r');
1569 ptr2 = strchr(array_start(&My_Connections[Idx].rbuf), '\n');
1571 /* Check if there is a single CR or LF _before_ the
1572 * corerct CR+LF line terminator: */
1573 first_eol = ptr1 < ptr2 ? ptr1 : ptr2;
1574 if (first_eol < ptr) {
1575 /* Single CR or LF before CR+LF found */
1579 } else if (ptr1 || ptr2) {
1580 /* No CR+LF terminated command found, but single
1581 * CR or LF found ... */
1583 ptr = ptr1 < ptr2 ? ptr1 : ptr2;
1585 ptr = ptr1 ? ptr1 : ptr2;
1593 /* Complete (=line terminated) request found, handle it! */
1596 len = ptr - (char *)array_start(&My_Connections[Idx].rbuf) + delta;
1598 if (len > (COMMAND_LEN - 1)) {
1599 /* Request must not exceed 512 chars (incl. CR+LF!),
1600 * see RFC 2812. Disconnect Client if this happens. */
1602 "Request too long (connection %d): %d bytes (max. %d expected)!",
1603 Idx, array_bytes(&My_Connections[Idx].rbuf),
1605 Conn_Close(Idx, NULL, "Request too long", true);
1609 len_processed += (unsigned int)len;
1611 /* Request is empty (only '\r\n', '\r' or '\n');
1612 * delta is 2 ('\r\n') or 1 ('\r' or '\n'), see above */
1613 array_moveleft(&My_Connections[Idx].rbuf, 1, len);
1617 /* remember if stream is already compressed */
1618 old_z = My_Connections[Idx].options & CONN_ZIP;
1621 My_Connections[Idx].msg_in++;
1623 (Idx, (char *)array_start(&My_Connections[Idx].rbuf)))
1624 return 0; /* error -> connection has been closed */
1626 array_moveleft(&My_Connections[Idx].rbuf, 1, len);
1627 LogDebug("Connection %d: %d bytes left in read buffer.",
1628 Idx, array_bytes(&My_Connections[Idx].rbuf));
1630 if ((!old_z) && (My_Connections[Idx].options & CONN_ZIP) &&
1631 (array_bytes(&My_Connections[Idx].rbuf) > 0)) {
1632 /* The last command activated socket compression.
1633 * Data that was read after that needs to be copied
1634 * to the unzip buffer for decompression: */
1636 (&My_Connections[Idx].zip.rbuf,
1637 &My_Connections[Idx].rbuf)) {
1638 Conn_Close(Idx, NULL,
1639 "Can't allocate memory [Handle_Buffer]",
1644 array_trunc(&My_Connections[Idx].rbuf);
1646 ("Moved already received data (%u bytes) to uncompression buffer.",
1647 array_bytes(&My_Connections[Idx].zip.rbuf));
1651 return len_processed;
1652 } /* Handle_Buffer */
1656 * Check whether established connections are still alive or not.
1657 * If not, play PING-PONG first; and if that doesn't help either,
1658 * disconnect the respective peer.
1661 Check_Connections(void)
1667 for (i = 0; i < Pool_Size; i++) {
1668 if (My_Connections[i].sock < 0)
1671 c = Conn_GetClient(i);
1672 if (c && ((Client_Type(c) == CLIENT_USER)
1673 || (Client_Type(c) == CLIENT_SERVER)
1674 || (Client_Type(c) == CLIENT_SERVICE))) {
1675 /* connected User, Server or Service */
1676 if (My_Connections[i].lastping >
1677 My_Connections[i].lastdata) {
1678 /* We already sent a ping */
1679 if (My_Connections[i].lastping <
1680 time(NULL) - Conf_PongTimeout) {
1683 ("Connection %d: Ping timeout: %d seconds.",
1684 i, Conf_PongTimeout);
1685 snprintf(msg, sizeof(msg), "Ping timeout: %d seconds", Conf_PongTimeout);
1686 Conn_Close(i, NULL, msg, true);
1688 } else if (My_Connections[i].lastdata <
1689 time(NULL) - Conf_PingTimeout) {
1690 /* We need to send a PING ... */
1691 LogDebug("Connection %d: sending PING ...", i);
1692 My_Connections[i].lastping = time(NULL);
1693 Conn_WriteStr(i, "PING :%s",
1694 Client_ID(Client_ThisServer()));
1697 /* The connection is not fully established yet, so
1698 * we don't do the PING-PONG game here but instead
1699 * disconnect the client after "a short time" if it's
1700 * still not registered. */
1702 if (My_Connections[i].lastdata <
1703 time(NULL) - Conf_PongTimeout) {
1705 ("Unregistered connection %d timed out ...",
1707 Conn_Close(i, NULL, "Timeout", false);
1711 } /* Check_Connections */
1715 * Check if further server links should be established.
1723 time_now = time(NULL);
1725 /* Check all configured servers */
1726 for (i = 0; i < MAX_SERVERS; i++) {
1727 if (Conf_Server[i].conn_id != NONE)
1728 continue; /* Already establishing or connected */
1729 if (!Conf_Server[i].host[0] || !Conf_Server[i].port > 0)
1730 continue; /* No host and/or port configured */
1731 if (Conf_Server[i].flags & CONF_SFLAG_DISABLED)
1732 continue; /* Disabled configuration entry */
1733 if (Conf_Server[i].lasttry > (time_now - Conf_ConnectRetry))
1734 continue; /* We have to wait a little bit ... */
1736 /* Is there already a connection in this group? */
1737 if (Conf_Server[i].group > NONE) {
1738 for (n = 0; n < MAX_SERVERS; n++) {
1741 if ((Conf_Server[n].conn_id != NONE) &&
1742 (Conf_Server[n].group == Conf_Server[i].group))
1745 if (n < MAX_SERVERS)
1749 /* Okay, try to connect now */
1751 "Preparing to establish a new server link for \"%s\" ...",
1752 Conf_Server[i].name);
1753 Conf_Server[i].lasttry = time_now;
1754 Conf_Server[i].conn_id = SERVER_WAIT;
1755 assert(Proc_GetPipeFd(&Conf_Server[i].res_stat) < 0);
1756 Resolve_Name(&Conf_Server[i].res_stat, Conf_Server[i].host,
1757 cb_Connect_to_Server);
1759 } /* Check_Servers */
1763 New_Server( int Server , ng_ipaddr_t *dest)
1765 /* Establish new server link */
1766 char ip_str[NG_INET_ADDRSTRLEN];
1767 int af_dest, res, new_sock;
1770 assert( Server > NONE );
1772 if (!ng_ipaddr_tostr_r(dest, ip_str)) {
1773 Log(LOG_WARNING, "New_Server: Could not convert IP to string");
1777 af_dest = ng_ipaddr_af(dest);
1778 new_sock = socket(af_dest, SOCK_STREAM, 0);
1781 "Establishing connection for \"%s\" to \"%s:%d\" (%s), socket %d ...",
1782 Conf_Server[Server].name, Conf_Server[Server].host,
1783 Conf_Server[Server].port, ip_str, new_sock);
1786 Log(LOG_CRIT, "Can't create socket (af %d): %s!",
1787 af_dest, strerror(errno));
1791 if (!Init_Socket(new_sock))
1794 /* is a bind address configured? */
1795 res = ng_ipaddr_af(&Conf_Server[Server].bind_addr);
1796 /* if yes, bind now. If it fails, warn and let connect() pick a source address */
1797 if (res && bind(new_sock, (struct sockaddr *) &Conf_Server[Server].bind_addr,
1798 ng_ipaddr_salen(&Conf_Server[Server].bind_addr)))
1800 ng_ipaddr_tostr_r(&Conf_Server[Server].bind_addr, ip_str);
1801 Log(LOG_WARNING, "Can't bind socket to %s: %s!", ip_str, strerror(errno));
1803 ng_ipaddr_setport(dest, Conf_Server[Server].port);
1804 res = connect(new_sock, (struct sockaddr *) dest, ng_ipaddr_salen(dest));
1805 if(( res != 0 ) && ( errno != EINPROGRESS )) {
1806 Log( LOG_CRIT, "Can't connect socket: %s!", strerror( errno ));
1811 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)new_sock)) {
1813 "Cannot allocate memory for server connection (socket %d)",
1819 My_Connections = array_start(&My_ConnArray);
1821 assert(My_Connections[new_sock].sock <= 0);
1823 Init_Conn_Struct(new_sock);
1825 ng_ipaddr_tostr_r(dest, ip_str);
1826 c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWNSERVER, false);
1828 Log( LOG_ALERT, "Can't establish connection: can't create client structure!" );
1833 /* Conn_Close() decrements this counter again */
1834 Account_Connection();
1835 Client_SetIntroducer( c, c );
1836 Client_SetToken( c, TOKEN_OUTBOUND );
1838 /* Register connection */
1839 Conf_Server[Server].conn_id = new_sock;
1840 My_Connections[new_sock].sock = new_sock;
1841 My_Connections[new_sock].addr = *dest;
1842 My_Connections[new_sock].client = c;
1843 strlcpy( My_Connections[new_sock].host, Conf_Server[Server].host,
1844 sizeof(My_Connections[new_sock].host ));
1846 /* Register new socket */
1847 if (!io_event_create( new_sock, IO_WANTWRITE, cb_connserver)) {
1848 Log( LOG_ALERT, "io_event_create(): could not add fd %d", strerror(errno));
1849 Conn_Close( new_sock, "io_event_create() failed", NULL, false );
1850 Init_Conn_Struct( new_sock );
1851 Conf_Server[Server].conn_id = NONE;
1854 if (Conf_Server[Server].SSLConnect && !ConnSSL_PrepareConnect( &My_Connections[new_sock],
1855 &Conf_Server[Server] ))
1857 Log(LOG_ALERT, "Could not initialize SSL for outgoing connection");
1858 Conn_Close( new_sock, "Could not initialize SSL for outgoing connection", NULL, false );
1859 Init_Conn_Struct( new_sock );
1860 Conf_Server[Server].conn_id = NONE;
1864 LogDebug("Registered new connection %d on socket %d (%ld in total).",
1865 new_sock, My_Connections[new_sock].sock, NumConnections);
1866 Conn_OPTION_ADD( &My_Connections[new_sock], CONN_ISCONNECTING );
1871 * Initialize connection structure.
1874 Init_Conn_Struct(CONN_ID Idx)
1876 time_t now = time(NULL);
1878 memset(&My_Connections[Idx], 0, sizeof(CONNECTION));
1879 My_Connections[Idx].sock = -1;
1880 My_Connections[Idx].signon = now;
1881 My_Connections[Idx].lastdata = now;
1882 My_Connections[Idx].lastprivmsg = now;
1883 Proc_InitStruct(&My_Connections[Idx].proc_stat);
1884 } /* Init_Conn_Struct */
1888 Init_Socket( int Sock )
1890 /* Initialize socket (set options) */
1894 if (!io_setnonblock(Sock)) {
1895 Log( LOG_CRIT, "Can't enable non-blocking mode for socket: %s!", strerror( errno ));
1900 /* Don't block this port after socket shutdown */
1902 if( setsockopt( Sock, SOL_SOCKET, SO_REUSEADDR, &value, (socklen_t)sizeof( value )) != 0 )
1904 Log( LOG_ERR, "Can't set socket option SO_REUSEADDR: %s!", strerror( errno ));
1905 /* ignore this error */
1908 /* Set type of service (TOS) */
1909 #if defined(IPPROTO_IP) && defined(IPTOS_LOWDELAY)
1910 value = IPTOS_LOWDELAY;
1911 LogDebug("Setting IP_TOS on socket %d to IPTOS_LOWDELAY.", Sock);
1912 if (setsockopt(Sock, IPPROTO_IP, IP_TOS, &value,
1913 (socklen_t) sizeof(value))) {
1914 LogDebug("Can't set socket option IP_TOS: %s!",
1916 /* ignore this error */
1925 cb_Connect_to_Server(int fd, UNUSED short events)
1927 /* Read result of resolver sub-process from pipe and start connection */
1930 ng_ipaddr_t dest_addrs[4]; /* we can handle at most 3; but we read up to
1931 four so we can log the 'more than we can handle'
1932 condition. First result is tried immediately, rest
1933 is saved for later if needed. */
1935 LogDebug("Resolver: Got forward lookup callback on fd %d, events %d", fd, events);
1937 for (i=0; i < MAX_SERVERS; i++) {
1938 if (Proc_GetPipeFd(&Conf_Server[i].res_stat) == fd )
1942 if( i >= MAX_SERVERS) {
1943 /* Ops, no matching server found?! */
1945 LogDebug("Resolver: Got Forward Lookup callback for unknown server!?");
1949 /* Read result from pipe */
1950 len = Proc_Read(&Conf_Server[i].res_stat, dest_addrs, sizeof(dest_addrs));
1952 /* Error resolving hostname: reset server structure */
1953 Conf_Server[i].conn_id = NONE;
1957 assert((len % sizeof(ng_ipaddr_t)) == 0);
1959 LogDebug("Got result from resolver: %u structs (%u bytes).", len/sizeof(ng_ipaddr_t), len);
1961 memset(&Conf_Server[i].dst_addr, 0, sizeof(Conf_Server[i].dst_addr));
1962 if (len > sizeof(ng_ipaddr_t)) {
1963 /* more than one address for this hostname, remember them
1964 * in case first address is unreachable/not available */
1965 len -= sizeof(ng_ipaddr_t);
1966 if (len > sizeof(Conf_Server[i].dst_addr)) {
1967 len = sizeof(Conf_Server[i].dst_addr);
1969 "Notice: Resolver returned more IP Addresses for host than we can handle, additional addresses dropped.");
1971 memcpy(&Conf_Server[i].dst_addr, &dest_addrs[1], len);
1974 New_Server(i, dest_addrs);
1975 } /* cb_Read_Forward_Lookup */
1979 cb_Read_Resolver_Result( int r_fd, UNUSED short events )
1981 /* Read result of resolver sub-process from pipe and update the
1982 * apropriate connection/client structure(s): hostname and/or
1983 * IDENT user name.*/
1990 char readbuf[HOST_LEN + 2 + CLIENT_USER_LEN];
1992 char readbuf[HOST_LEN + 1];
1995 LogDebug("Resolver: Got callback on fd %d, events %d", r_fd, events );
1996 i = Conn_GetFromProc(r_fd);
1998 /* Ops, none found? Probably the connection has already
1999 * been closed!? We'll ignore that ... */
2001 LogDebug("Resolver: Got callback for unknown connection!?");
2005 /* Read result from pipe */
2006 len = Proc_Read(&My_Connections[i].proc_stat, readbuf, sizeof readbuf -1);
2010 readbuf[len] = '\0';
2011 identptr = strchr(readbuf, '\n');
2012 assert(identptr != NULL);
2014 Log( LOG_CRIT, "Resolver: Got malformed result!");
2019 LogDebug("Got result from resolver: \"%s\" (%u bytes read).", readbuf, len);
2020 /* Okay, we got a complete result: this is a host name for outgoing
2021 * connections and a host name and IDENT user name (if enabled) for
2022 * incoming connections.*/
2023 assert ( My_Connections[i].sock >= 0 );
2024 /* Incoming connection. Search client ... */
2025 c = Conn_GetClient( i );
2026 assert( c != NULL );
2028 /* Only update client information of unregistered clients.
2029 * Note: user commands (e. g. WEBIRC) are always read _after_ reading
2030 * the resolver results, so we don't have to worry to override settings
2031 * from these commands here. */
2032 if(Client_Type(c) == CLIENT_UNKNOWN) {
2033 strlcpy(My_Connections[i].host, readbuf,
2034 sizeof(My_Connections[i].host));
2035 Client_SetHostname(c, readbuf);
2039 Log(LOG_INFO, "IDENT lookup for connection %d: \"%s\".", i, identptr);
2040 Client_SetUser(c, identptr, true);
2042 Log(LOG_INFO, "IDENT lookup for connection %d: no result.", i);
2047 else Log( LOG_DEBUG, "Resolver: discarding result for already registered connection %d.", i );
2049 } /* cb_Read_Resolver_Result */
2053 * Write a "simple" (error) message to a socket.
2054 * The message is sent without using the connection write buffers, without
2055 * compression/encryption, and even without any error reporting. It is
2056 * designed for error messages of e.g. New_Connection(). */
2058 Simple_Message(int Sock, const char *Msg)
2060 char buf[COMMAND_LEN];
2063 assert(Sock > NONE);
2064 assert(Msg != NULL);
2066 strlcpy(buf, Msg, sizeof buf - 2);
2067 len = strlcat(buf, "\r\n", sizeof buf);
2068 if (write(Sock, buf, len) < 0) {
2069 /* Because this function most probably got called to log
2070 * an error message, any write error is ignored here to
2071 * avoid an endless loop. But casting the result of write()
2072 * to "void" doesn't satisfy the GNU C code attribute
2073 * "warn_unused_result" which is used by some versions of
2074 * glibc (e.g. 2.11.1), therefore this silly error
2075 * "handling" code here :-( */
2078 } /* Simple_Error */
2082 * Get CLIENT structure that belongs to a local connection identified by its
2083 * index number. Each connection belongs to a client by definition, so it is
2084 * not required that the caller checks for NULL return values.
2085 * @param Idx Connection index number
2086 * @return Pointer to CLIENT structure
2089 Conn_GetClient( CONN_ID Idx )
2094 c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
2096 return c ? c->client : NULL;
2100 * Get PROC_STAT sub-process structure of a connection.
2101 * @param Idx Connection index number
2102 * @return PROC_STAT structure
2105 Conn_GetProcStat(CONN_ID Idx)
2110 c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
2112 return &c->proc_stat;
2113 } /* Conn_GetProcStat */
2117 * Get CONN_ID from file descriptor associated to a subprocess structure.
2118 * @param fd File descriptor
2119 * @return CONN_ID or NONE (-1)
2122 Conn_GetFromProc(int fd)
2127 for (i = 0; i < Pool_Size; i++) {
2128 if ((My_Connections[i].sock != NONE)
2129 && (Proc_GetPipeFd(&My_Connections[i].proc_stat) == fd))
2133 } /* Conn_GetFromProc */
2139 * Get information about used SSL chiper.
2140 * @param Idx Connection index number
2141 * @param buf Buffer for returned information text
2142 * @param len Size of return buffer "buf"
2143 * @return true on success, false otherwise
2146 Conn_GetCipherInfo(CONN_ID Idx, char *buf, size_t len)
2150 assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
2151 return ConnSSL_GetCipherInfo(&My_Connections[Idx], buf, len);
2156 * Check if a connection is SSL-enabled or not.
2157 * @param Idx Connection index number
2158 * @return true if connection is SSL-enabled, false otherwise.
2161 Conn_UsesSSL(CONN_ID Idx)
2165 assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
2166 return Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL);
2175 Conn_DebugDump(void)
2179 Log(LOG_DEBUG, "Connection status:");
2180 for (i = 0; i < Pool_Size; i++) {
2181 if (My_Connections[i].sock == NONE)
2184 " - %d: host=%s, lastdata=%ld, lastping=%ld, delaytime=%ld, flag=%d, options=%d, bps=%d, client=%s",
2185 My_Connections[i].sock, My_Connections[i].host,
2186 My_Connections[i].lastdata, My_Connections[i].lastping,
2187 My_Connections[i].delaytime, My_Connections[i].flag,
2188 My_Connections[i].options, My_Connections[i].bps,
2189 My_Connections[i].client ? Client_ID(My_Connections[i].client) : "-");
2191 } /* Conn_DumpClients */