2 * ngIRCd -- The Next Generation IRC Daemon
3 * Copyright (c)2001-2010 Alexander Barton <alex@barton.de>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 * Please read the file COPYING, README and AUTHORS for more information.
11 * Connection management
33 #include <sys/socket.h>
35 #include <sys/types.h>
37 #include <netinet/in.h>
39 #ifdef HAVE_NETINET_IP_H
40 # ifdef HAVE_NETINET_IN_SYSTM_H
41 # include <netinet/in_systm.h>
43 # include <netinet/ip.h>
47 # include <stdint.h> /* e.g. for Mac OS X */
51 # include <tcpd.h> /* for TCP Wrappers */
67 #include "conn-func.h"
69 #include "ng_ipaddr.h"
75 # include "rendezvous.h"
81 #define SERVER_WAIT (NONE - 1)
83 #define MAX_COMMANDS 3
84 #define MAX_COMMANDS_SERVER 10
87 static bool Handle_Write PARAMS(( CONN_ID Idx ));
88 static bool Conn_Write PARAMS(( CONN_ID Idx, char *Data, size_t Len ));
89 static int New_Connection PARAMS(( int Sock ));
90 static CONN_ID Socket2Index PARAMS(( int Sock ));
91 static void Read_Request PARAMS(( CONN_ID Idx ));
92 static unsigned int Handle_Buffer PARAMS(( CONN_ID Idx ));
93 static void Check_Connections PARAMS(( void ));
94 static void Check_Servers PARAMS(( void ));
95 static void Init_Conn_Struct PARAMS(( CONN_ID Idx ));
96 static bool Init_Socket PARAMS(( int Sock ));
97 static void New_Server PARAMS(( int Server, ng_ipaddr_t *dest ));
98 static void Simple_Message PARAMS(( int Sock, const char *Msg ));
99 static int NewListener PARAMS(( const char *listen_addr, UINT16 Port ));
100 static void Account_Connection PARAMS((void));
103 static array My_Listeners;
104 static array My_ConnArray;
105 static size_t NumConnections, NumConnectionsMax, NumConnectionsAccepted;
108 int allow_severity = LOG_INFO;
109 int deny_severity = LOG_ERR;
112 static void server_login PARAMS((CONN_ID idx));
115 extern struct SSLOptions Conf_SSLOptions;
116 static void cb_connserver_login_ssl PARAMS((int sock, short what));
117 static void cb_clientserver_ssl PARAMS((int sock, short what));
119 static void cb_Read_Resolver_Result PARAMS((int sock, UNUSED short what));
120 static void cb_Connect_to_Server PARAMS((int sock, UNUSED short what));
121 static void cb_clientserver PARAMS((int sock, short what));
125 * IO callback for listening sockets: handle new connections. This callback
126 * gets called when a new non-SSL connection should be accepted.
127 * @param sock Socket descriptor
128 * @param irrelevant (ignored IO specification)
131 cb_listen(int sock, short irrelevant)
134 (void) New_Connection(sock);
140 * IO callback for listening SSL sockets: handle new connections. This callback
141 * gets called when a new SSL-enabled connection should be accepted.
142 * @param sock Socket descriptor
143 * @param irrelevant (ignored IO specification)
146 cb_listen_ssl(int sock, short irrelevant)
151 fd = New_Connection(sock);
154 io_event_setcb(My_Connections[fd].sock, cb_clientserver_ssl);
160 * IO callback for new outgoing non-SSL server connections.
161 * @param sock Socket descriptor
162 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
165 cb_connserver(int sock, UNUSED short what)
167 int res, err, server;
169 CONN_ID idx = Socket2Index( sock );
172 LogDebug("cb_connserver wants to write on unknown socket?!");
177 assert(what & IO_WANTWRITE);
179 /* Make sure that the server is still configured; it could have been
180 * removed in the meantime! */
181 server = Conf_GetServer(idx);
183 Log(LOG_ERR, "Connection on socket %d to \"%s\" aborted!",
184 sock, My_Connections[idx].host);
185 Conn_Close(idx, "Connection aborted!", NULL, false);
189 /* connect() finished, get result. */
190 sock_len = (socklen_t)sizeof(err);
191 res = getsockopt(My_Connections[idx].sock, SOL_SOCKET, SO_ERROR,
193 assert(sock_len == sizeof(err));
195 /* Error while connecting? */
196 if ((res != 0) || (err != 0)) {
198 Log(LOG_CRIT, "getsockopt (connection %d): %s!",
199 idx, strerror(errno));
202 "Can't connect socket to \"%s:%d\" (connection %d): %s!",
203 My_Connections[idx].host, Conf_Server[server].port,
206 Conn_Close(idx, "Can't connect!", NULL, false);
208 if (ng_ipaddr_af(&Conf_Server[server].dst_addr[0])) {
209 /* more addresses to try... */
210 New_Server(res, &Conf_Server[server].dst_addr[0]);
211 /* connection to dst_addr[0] is now in progress, so
212 * remove this address... */
213 Conf_Server[server].dst_addr[0] =
214 Conf_Server[server].dst_addr[1];
215 memset(&Conf_Server[server].dst_addr[1], 0,
216 sizeof(Conf_Server[server].dst_addr[1]));
221 /* connect() succeeded, remove all additional addresses */
222 memset(&Conf_Server[server].dst_addr, 0,
223 sizeof(Conf_Server[server].dst_addr));
225 Conn_OPTION_DEL( &My_Connections[idx], CONN_ISCONNECTING );
227 if ( Conn_OPTION_ISSET( &My_Connections[idx], CONN_SSL_CONNECT )) {
228 io_event_setcb( sock, cb_connserver_login_ssl );
229 io_event_add( sock, IO_WANTWRITE|IO_WANTREAD );
238 * Login to a remote server.
239 * @param idx Connection index
242 server_login(CONN_ID idx)
244 Log( LOG_INFO, "Connection %d with \"%s:%d\" established. Now logging in ...", idx,
245 My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port );
247 io_event_setcb( My_Connections[idx].sock, cb_clientserver);
248 io_event_add( My_Connections[idx].sock, IO_WANTREAD|IO_WANTWRITE);
250 /* Send PASS and SERVER command to peer */
251 Conn_WriteStr( idx, "PASS %s %s", Conf_Server[Conf_GetServer( idx )].pwd_out, NGIRCd_ProtoID );
252 Conn_WriteStr( idx, "SERVER %s :%s", Conf_ServerName, Conf_ServerInfo );
258 * IO callback for new outgoing SSL-enabled server connections.
259 * @param sock Socket descriptor
260 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
263 cb_connserver_login_ssl(int sock, short unused)
265 CONN_ID idx = Socket2Index(sock);
273 switch (ConnSSL_Connect( &My_Connections[idx])) {
275 case 0: LogDebug("ConnSSL_Connect: not ready");
278 Log(LOG_ERR, "SSL connection on socket %d failed!", sock);
279 Conn_Close(idx, "Can't connect!", NULL, false);
283 Log( LOG_INFO, "SSL connection %d with \"%s:%d\" established.", idx,
284 My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port );
292 * IO callback for established non-SSL client and server connections.
293 * @param sock Socket descriptor
294 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
297 cb_clientserver(int sock, short what)
299 CONN_ID idx = Socket2Index(sock);
308 if (what & IO_WANTREAD
309 || (Conn_OPTION_ISSET(&My_Connections[idx], CONN_SSL_WANT_WRITE))) {
310 /* if TLS layer needs to write additional data, call
311 * Read_Request() instead so that SSL/TLS can continue */
315 if (what & IO_WANTREAD)
318 if (what & IO_WANTWRITE)
325 * IO callback for established SSL-enabled client and server connections.
326 * @param sock Socket descriptor
327 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
330 cb_clientserver_ssl(int sock, short what)
332 CONN_ID idx = Socket2Index(sock);
341 switch (ConnSSL_Accept(&My_Connections[idx])) {
345 return; /* EAGAIN: callback will be invoked again by IO layer */
347 Conn_Close(idx, "SSL accept error, closing socket", "SSL accept error", false);
350 if (what & IO_WANTREAD)
353 if (what & IO_WANTWRITE)
356 io_event_setcb(sock, cb_clientserver); /* SSL handshake completed */
362 * Initialite connecion module.
369 /* Speicher fuer Verbindungs-Pool anfordern */
370 Pool_Size = CONNECTION_POOL;
371 if ((Conf_MaxConnections > 0) &&
372 (Pool_Size > Conf_MaxConnections))
373 Pool_Size = Conf_MaxConnections;
375 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)Pool_Size)) {
376 Log(LOG_EMERG, "Can't allocate memory! [Conn_Init]");
380 /* FIXME: My_Connetions/Pool_Size is needed by other parts of the
381 * code; remove them! */
382 My_Connections = (CONNECTION*) array_start(&My_ConnArray);
384 LogDebug("Allocated connection pool for %d items (%ld bytes).",
385 array_length(&My_ConnArray, sizeof(CONNECTION)),
386 array_bytes(&My_ConnArray));
388 assert(array_length(&My_ConnArray, sizeof(CONNECTION)) >= (size_t)Pool_Size);
390 array_free( &My_Listeners );
392 for (i = 0; i < Pool_Size; i++)
398 * Clean up connection module.
405 Conn_ExitListeners();
407 LogDebug("Shutting down all connections ..." );
408 for( idx = 0; idx < Pool_Size; idx++ ) {
409 if( My_Connections[idx].sock > NONE ) {
410 Conn_Close( idx, NULL, NGIRCd_SignalRestart ?
411 "Server going down (restarting)":"Server going down", true );
415 array_free(&My_ConnArray);
416 My_Connections = NULL;
418 io_library_shutdown();
423 ports_initlisteners(array *a, const char *listen_addr, void (*func)(int,short))
425 unsigned int created = 0;
430 len = array_length(a, sizeof (UINT16));
431 port = array_start(a);
433 fd = NewListener(listen_addr, *port);
438 if (!io_event_create( fd, IO_WANTREAD, func )) {
439 Log( LOG_ERR, "io_event_create(): Could not add listening fd %d (port %u): %s!",
440 fd, (unsigned int) *port, strerror(errno));
453 * Initialize all listening sockets.
454 * @return Number of created listening sockets
457 Conn_InitListeners( void )
459 /* Initialize ports on which the server should accept connections */
460 unsigned int created = 0;
461 char *copy, *listen_addr;
463 if (!io_library_init(CONNECTION_POOL)) {
464 Log(LOG_EMERG, "Cannot initialize IO routines: %s", strerror(errno));
468 assert(Conf_ListenAddress);
470 /* can't use Conf_ListenAddress directly, see below */
471 copy = strdup(Conf_ListenAddress);
473 Log(LOG_CRIT, "Cannot copy %s: %s", Conf_ListenAddress, strerror(errno));
476 listen_addr = strtok(copy, ",");
478 while (listen_addr) {
479 ngt_TrimStr(listen_addr);
481 created += ports_initlisteners(&Conf_ListenPorts, listen_addr, cb_listen);
483 created += ports_initlisteners(&Conf_SSLOptions.ListenPorts, listen_addr, cb_listen_ssl);
487 listen_addr = strtok(NULL, ",");
490 /* Can't free() Conf_ListenAddress here: on REHASH, if the config file
491 * cannot be re-loaded, we'd end up with a NULL Conf_ListenAddress.
492 * Instead, free() takes place in conf.c, before the config file
493 * is being parsed. */
497 } /* Conn_InitListeners */
501 Conn_ExitListeners( void )
503 /* Close down all listening sockets */
507 Rendezvous_UnregisterListeners( );
510 arraylen = array_length(&My_Listeners, sizeof (int));
512 "Shutting down all listening sockets (%d total) ...", arraylen);
513 fd = array_start(&My_Listeners);
518 LogDebug("Listening socket %d closed.", *fd );
521 array_free(&My_Listeners);
522 } /* Conn_ExitListeners */
526 InitSinaddrListenAddr(ng_ipaddr_t *addr, const char *listen_addrstr, UINT16 Port)
530 ret = ng_ipaddr_init(addr, listen_addrstr, Port);
532 assert(listen_addrstr);
533 Log(LOG_CRIT, "Can't bind to [%s]:%u: can't convert ip address \"%s\"",
534 listen_addrstr, Port, listen_addrstr);
541 set_v6_only(int af, int sock)
543 #if defined(IPV6_V6ONLY) && defined(WANT_IPV6)
549 if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, (socklen_t)sizeof(on)))
550 Log(LOG_ERR, "Could not set IPV6_V6ONLY: %s", strerror(errno));
558 /* return new listening port file descriptor or -1 on failure */
560 NewListener(const char *listen_addr, UINT16 Port)
562 /* Create new listening socket on specified port */
566 char name[CLIENT_ID_LEN], *info;
568 if (!InitSinaddrListenAddr(&addr, listen_addr, Port))
571 af = ng_ipaddr_af(&addr);
572 sock = socket(af, SOCK_STREAM, 0);
574 Log(LOG_CRIT, "Can't create socket (af %d) : %s!", af, strerror(errno));
578 set_v6_only(af, sock);
580 if (!Init_Socket(sock))
583 if (bind(sock, (struct sockaddr *)&addr, ng_ipaddr_salen(&addr)) != 0) {
584 Log(LOG_CRIT, "Can't bind socket to address %s:%d - %s",
585 ng_ipaddr_tostr(&addr), Port, strerror(errno));
590 if( listen( sock, 10 ) != 0 ) {
591 Log( LOG_CRIT, "Can't listen on socket: %s!", strerror( errno ));
596 /* keep fd in list so we can close it when ngircd restarts/shuts down */
597 if (!array_catb( &My_Listeners,(char*) &sock, sizeof(int) )) {
598 Log( LOG_CRIT, "Can't add socket to My_Listeners array: %s!", strerror( errno ));
603 Log(LOG_INFO, "Now listening on [%s]:%d (socket %d).", ng_ipaddr_tostr(&addr), Port, sock);
606 /* Get best server description text */
607 if( ! Conf_ServerInfo[0] ) info = Conf_ServerName;
610 /* Use server info string */
612 if( Conf_ServerInfo[0] == '[' )
614 /* Cut off leading hostname part in "[]" */
615 info = strchr( Conf_ServerInfo, ']' );
619 while( *info == ' ' ) info++;
622 if( ! info ) info = Conf_ServerInfo;
625 /* Add port number to description if non-standard */
627 snprintf(name, sizeof name, "%s (port %u)", info,
630 strlcpy(name, info, sizeof name);
632 /* Register service */
633 Rendezvous_Register( name, MDNS_TYPE, Port );
641 * SSL/TLS connections require extra treatment:
642 * When either CONN_SSL_WANT_WRITE or CONN_SSL_WANT_READ is set, we
643 * need to take care of that first, before checking read/write buffers.
644 * For instance, while we might have data in our write buffer, the
645 * TLS/SSL protocol might need to read internal data first for TLS/SSL
648 * If this function returns true, such a condition is met and we have
649 * to reverse the condition (check for read even if we've data to write,
650 * do not check for read but writeability even if write-buffer is empty).
653 SSL_WantRead(const CONNECTION *c)
655 if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_READ)) {
656 io_event_add(c->sock, IO_WANTREAD);
662 SSL_WantWrite(const CONNECTION *c)
664 if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_WRITE)) {
665 io_event_add(c->sock, IO_WANTWRITE);
672 SSL_WantRead(UNUSED const CONNECTION *c) { return false; }
674 SSL_WantWrite(UNUSED const CONNECTION *c) { return false; }
679 * "Main Loop": Loop until shutdown or restart is signalled.
680 * This function loops until a shutdown or restart of ngIRCd is signalled and
681 * calls io_dispatch() to check for readable and writable sockets every second.
682 * It checks for status changes on pending connections (e. g. when a hostname
683 * has been resolved), checks for "penalties" and timeouts, and handles the
690 unsigned int wdatalen, bytes_processed;
694 while (!NGIRCd_SignalQuit && !NGIRCd_SignalRestart) {
698 Rendezvous_Handler();
701 /* Should the configuration be reloaded? */
702 if (NGIRCd_SignalRehash)
705 /* Check configured servers and established links */
709 /* Look for non-empty read buffers ... */
710 for (i = 0; i < Pool_Size; i++) {
711 if ((My_Connections[i].sock > NONE)
712 && (array_bytes(&My_Connections[i].rbuf) > 0)
713 && (My_Connections[i].delaytime <= t)) {
714 /* ... and try to handle the received data */
715 bytes_processed = Handle_Buffer(i);
716 /* if we processed data, and there might be
717 * more commands in the input buffer, do not
718 * try to read any more data now */
719 if (bytes_processed &&
720 array_bytes(&My_Connections[i].rbuf) > 2) {
722 ("Throttling connection %d: command limit reached!",
724 Conn_SetPenalty(i, 1);
729 /* Look for non-empty write buffers ... */
730 for (i = 0; i < Pool_Size; i++) {
731 if (My_Connections[i].sock <= NONE)
734 wdatalen = (unsigned int)array_bytes(&My_Connections[i].wbuf);
737 array_bytes(&My_Connections[i].zip.wbuf) > 0)
742 if (SSL_WantRead(&My_Connections[i]))
744 io_event_add(My_Connections[i].sock,
749 /* Check from which sockets we possibly could read ... */
750 for (i = 0; i < Pool_Size; i++) {
751 if (My_Connections[i].sock <= NONE)
754 if (SSL_WantWrite(&My_Connections[i]))
755 continue; /* TLS/SSL layer needs to write data; deal with this first */
757 if (Proc_InProgress(&My_Connections[i].proc_stat)) {
758 /* Wait for completion of forked subprocess
759 * and ignore the socket in the meantime ... */
760 io_event_del(My_Connections[i].sock,
765 if (Conn_OPTION_ISSET(&My_Connections[i], CONN_ISCONNECTING))
766 /* Wait for completion of connect() ... */
769 if (My_Connections[i].delaytime > t) {
770 /* There is a "penalty time" set: ignore socket! */
771 io_event_del(My_Connections[i].sock,
776 io_event_add(My_Connections[i].sock, IO_WANTREAD);
779 /* Set the timeout for reading from the network to 1 second,
780 * which is the granularity with witch we handle "penalty
781 * times" for example.
782 * Note: tv_sec/usec are undefined(!) after io_dispatch()
783 * returns, so we have to set it beforce each call to it! */
787 /* Wait for activity ... */
788 i = io_dispatch(&tv);
789 if (i == -1 && errno != EINTR) {
790 Log(LOG_EMERG, "Conn_Handler(): io_dispatch(): %s!",
792 Log(LOG_ALERT, "%s exiting due to fatal errors!",
798 if (NGIRCd_SignalQuit)
799 Log(LOG_NOTICE | LOG_snotice, "Server going down NOW!");
800 else if (NGIRCd_SignalRestart)
801 Log(LOG_NOTICE | LOG_snotice, "Server restarting NOW!");
806 * Write a text string into the socket of a connection.
807 * This function automatically appends CR+LF to the string and validates that
808 * the result is a valid IRC message (oversized messages are shortened, for
809 * example). Then it calls the Conn_Write() function to do the actual sending.
810 * @param Idx Index fo the connection.
811 * @param Format Format string, see printf().
812 * @return true on success, false otherwise.
816 Conn_WriteStr(CONN_ID Idx, const char *Format, ...)
819 Conn_WriteStr(Idx, Format, va_alist)
825 char buffer[COMMAND_LEN];
830 assert( Idx > NONE );
831 assert( Format != NULL );
834 va_start( ap, Format );
838 if (vsnprintf( buffer, COMMAND_LEN - 2, Format, ap ) >= COMMAND_LEN - 2 ) {
840 * The string that should be written to the socket is longer
841 * than the allowed size of COMMAND_LEN bytes (including both
842 * the CR and LF characters). This can be caused by the
843 * IRC_WriteXXX() functions when the prefix of this server had
844 * to be added to an already "quite long" command line which
845 * has been received from a regular IRC client, for example.
847 * We are not allowed to send such "oversized" messages to
848 * other servers and clients, see RFC 2812 2.3 and 2813 3.3
849 * ("these messages SHALL NOT exceed 512 characters in length,
850 * counting all characters including the trailing CR-LF").
852 * So we have a big problem here: we should send more bytes
853 * to the network than we are allowed to and we don't know
854 * the originator (any more). The "old" behaviour of blaming
855 * the receiver ("next hop") is a bad idea (it could be just
856 * an other server only routing the message!), so the only
857 * option left is to shorten the string and to hope that the
858 * result is still somewhat useful ...
862 strcpy (buffer + sizeof(buffer) - strlen(CUT_TXTSUFFIX) - 2 - 1,
868 Log(LOG_DEBUG, " -> connection %d: '%s'.", Idx, buffer);
871 len = strlcat( buffer, "\r\n", sizeof( buffer ));
872 ok = Conn_Write(Idx, buffer, len);
873 My_Connections[Idx].msg_out++;
877 } /* Conn_WriteStr */
881 * Append Data to the outbound write buffer of a connection.
882 * @param Idx Index of the connection.
883 * @param Data pointer to the data.
884 * @param Len length of Data.
885 * @return true on success, false otherwise.
888 Conn_Write( CONN_ID Idx, char *Data, size_t Len )
891 size_t writebuf_limit = WRITEBUFFER_LEN;
892 assert( Idx > NONE );
893 assert( Data != NULL );
896 c = Conn_GetClient(Idx);
899 /* Servers do get special write buffer limits, so they can generate
900 * all the messages that are required while peering. */
901 if (Client_Type(c) == CLIENT_SERVER)
902 writebuf_limit = WRITEBUFFER_SLINK_LEN;
904 /* Is the socket still open? A previous call to Conn_Write()
905 * may have closed the connection due to a fatal error.
906 * In this case it is sufficient to return an error, as well. */
907 if( My_Connections[Idx].sock <= NONE ) {
908 LogDebug("Skipped write on closed socket (connection %d).", Idx);
913 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
915 * Zip_Buffer() does all the dirty work for us: it flushes
916 * the (pre-)compression buffers if required and handles
917 * all error conditions. */
918 if (!Zip_Buffer(Idx, Data, Len))
924 /* Uncompressed link:
925 * Check if outbound buffer has enough space for the data. */
926 if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
928 /* Buffer is full, flush it. Handle_Write deals with
929 * low-level errors, if any. */
930 if (!Handle_Write(Idx))
934 /* When the write buffer is still too big after flushing it,
935 * the connection will be killed. */
936 if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
939 "Write buffer overflow (connection %d, size %lu byte)!",
941 (unsigned long)array_bytes(&My_Connections[Idx].wbuf));
942 Conn_Close(Idx, "Write buffer overflow!", NULL, false);
946 /* Copy data to write buffer */
947 if (!array_catb(&My_Connections[Idx].wbuf, Data, Len))
950 My_Connections[Idx].bytes_out += Len;
953 /* Adjust global write counter */
961 Conn_Close( CONN_ID Idx, const char *LogMsg, const char *FwdMsg, bool InformClient )
963 /* Close connection. Open pipes of asyncronous resolver
964 * sub-processes are closed down. */
970 double in_z_k, out_z_k;
974 assert( Idx > NONE );
976 /* Is this link already shutting down? */
977 if( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ISCLOSING )) {
978 /* Conn_Close() has been called recursively for this link;
979 * probabe reason: Handle_Write() failed -- see below. */
980 LogDebug("Recursive request to close connection: %d", Idx );
984 assert( My_Connections[Idx].sock > NONE );
986 /* Mark link as "closing" */
987 Conn_OPTION_ADD( &My_Connections[Idx], CONN_ISCLOSING );
989 port = ng_ipaddr_getport(&My_Connections[Idx].addr);
990 Log(LOG_INFO, "Shutting down connection %d (%s) with %s:%d ...", Idx,
991 LogMsg ? LogMsg : FwdMsg, My_Connections[Idx].host, port);
993 /* Search client, if any */
994 c = Conn_GetClient( Idx );
996 /* Should the client be informed? */
999 /* Send statistics to client if registered as user: */
1000 if ((c != NULL) && (Client_Type(c) == CLIENT_USER)) {
1002 ":%s NOTICE %s :%sConnection statistics: client %.1f kb, server %.1f kb.",
1003 Client_ID(Client_ThisServer()), Client_ID(c),
1005 (double)My_Connections[Idx].bytes_in / 1024,
1006 (double)My_Connections[Idx].bytes_out / 1024);
1009 /* Send ERROR to client (see RFC 2812, section 3.1.7) */
1011 Conn_WriteStr(Idx, "ERROR :%s", FwdMsg);
1013 Conn_WriteStr(Idx, "ERROR :Closing connection.");
1016 /* Try to write out the write buffer. Note: Handle_Write() eventually
1017 * removes the CLIENT structure associated with this connection if an
1018 * error occurs! So we have to re-check if there is still an valid
1019 * CLIENT structure after calling Handle_Write() ...*/
1020 (void)Handle_Write( Idx );
1022 /* Search client, if any (re-check!) */
1023 c = Conn_GetClient( Idx );
1025 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
1026 Log(LOG_INFO, "SSL connection %d shutting down ...", Idx);
1027 ConnSSL_Free(&My_Connections[Idx]);
1030 /* Shut down socket */
1031 if (! io_close(My_Connections[Idx].sock)) {
1032 /* Oops, we can't close the socket!? This is ... ugly! */
1034 "Error closing connection %d (socket %d) with %s:%d - %s! (ignored)",
1035 Idx, My_Connections[Idx].sock, My_Connections[Idx].host,
1036 port, strerror(errno));
1039 /* Mark socket as invalid: */
1040 My_Connections[Idx].sock = NONE;
1042 /* If there is still a client, unregister it now */
1044 Client_Destroy(c, LogMsg, FwdMsg, true);
1046 /* Calculate statistics and log information */
1047 in_k = (double)My_Connections[Idx].bytes_in / 1024;
1048 out_k = (double)My_Connections[Idx].bytes_out / 1024;
1050 if (Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP)) {
1051 in_z_k = (double)My_Connections[Idx].zip.bytes_in / 1024;
1052 out_z_k = (double)My_Connections[Idx].zip.bytes_out / 1024;
1053 /* Make sure that no division by zero can occur during
1054 * the calculation of in_p and out_p: in_z_k and out_z_k
1055 * are non-zero, that's guaranteed by the protocol until
1056 * compression can be enabled. */
1061 in_p = (int)(( in_k * 100 ) / in_z_k );
1062 out_p = (int)(( out_k * 100 ) / out_z_k );
1064 "Connection %d with %s:%d closed (in: %.1fk/%.1fk/%d%%, out: %.1fk/%.1fk/%d%%).",
1065 Idx, My_Connections[Idx].host, port,
1066 in_k, in_z_k, in_p, out_k, out_z_k, out_p);
1072 "Connection %d with %s:%d closed (in: %.1fk, out: %.1fk).",
1073 Idx, My_Connections[Idx].host, port,
1077 /* Kill possibly running subprocess */
1078 if (Proc_InProgress(&My_Connections[Idx].proc_stat))
1079 Proc_Kill(&My_Connections[Idx].proc_stat);
1081 /* Servers: Modify time of next connect attempt? */
1082 Conf_UnsetServer( Idx );
1085 /* Clean up zlib, if link was compressed */
1086 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
1087 inflateEnd( &My_Connections[Idx].zip.in );
1088 deflateEnd( &My_Connections[Idx].zip.out );
1089 array_free(&My_Connections[Idx].zip.rbuf);
1090 array_free(&My_Connections[Idx].zip.wbuf);
1094 array_free(&My_Connections[Idx].rbuf);
1095 array_free(&My_Connections[Idx].wbuf);
1097 /* Clean up connection structure (=free it) */
1098 Init_Conn_Struct( Idx );
1100 assert(NumConnections > 0);
1103 LogDebug("Shutdown of connection %d completed, %ld connection%s left.",
1104 Idx, NumConnections, NumConnections != 1 ? "s" : "");
1111 return NumConnections;
1118 return NumConnectionsMax;
1119 } /* Conn_CountMax */
1123 Conn_CountAccepted(void)
1125 return NumConnectionsAccepted;
1126 } /* Conn_CountAccepted */
1130 Conn_SyncServerStruct( void )
1132 /* Synchronize server structures (connection IDs):
1133 * connections <-> configuration */
1139 for( i = 0; i < Pool_Size; i++ ) {
1140 /* Established connection? */
1141 if (My_Connections[i].sock < 0)
1144 /* Server connection? */
1145 client = Conn_GetClient( i );
1146 if(( ! client ) || ( Client_Type( client ) != CLIENT_SERVER )) continue;
1148 for( c = 0; c < MAX_SERVERS; c++ )
1150 /* Configured server? */
1151 if( ! Conf_Server[c].host[0] ) continue;
1154 if( strcmp( Conf_Server[c].name, Client_ID( client )) == 0 )
1155 Conf_Server[c].conn_id = i;
1158 } /* SyncServerStruct */
1162 * Send out data of write buffer; connect new sockets.
1165 Handle_Write( CONN_ID Idx )
1170 assert( Idx > NONE );
1171 if ( My_Connections[Idx].sock < 0 ) {
1172 LogDebug("Handle_Write() on closed socket, connection %d", Idx);
1175 assert( My_Connections[Idx].sock > NONE );
1177 wdatalen = array_bytes(&My_Connections[Idx].wbuf );
1180 if (wdatalen == 0) {
1181 /* Write buffer is empty, so we try to flush the compression
1182 * buffer and get some data to work with from there :-) */
1183 if (!Zip_Flush(Idx))
1186 /* Now the write buffer most probably has changed: */
1187 wdatalen = array_bytes(&My_Connections[Idx].wbuf);
1191 if (wdatalen == 0) {
1192 /* Still no data, fine. */
1193 io_event_del(My_Connections[Idx].sock, IO_WANTWRITE );
1198 ("Handle_Write() called for connection %d, %ld bytes pending ...",
1202 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
1203 len = ConnSSL_Write(&My_Connections[Idx], array_start(&My_Connections[Idx].wbuf), wdatalen);
1207 len = write(My_Connections[Idx].sock,
1208 array_start(&My_Connections[Idx].wbuf), wdatalen );
1211 if (errno == EAGAIN || errno == EINTR)
1214 Log(LOG_ERR, "Write error on connection %d (socket %d): %s!",
1215 Idx, My_Connections[Idx].sock, strerror(errno));
1216 Conn_Close(Idx, "Write error!", NULL, false);
1220 /* move any data not yet written to beginning */
1221 array_moveleft(&My_Connections[Idx].wbuf, 1, (size_t)len);
1224 } /* Handle_Write */
1228 Count_Connections(ng_ipaddr_t *a)
1233 for (i = 0; i < Pool_Size; i++) {
1234 if (My_Connections[i].sock <= NONE)
1236 if (ng_ipaddr_ipequal(&My_Connections[i].addr, a))
1240 } /* Count_Connections */
1244 * Initialize new client connection on a listening socket.
1245 * @param Sock Listening socket descriptor
1246 * @return Accepted socket descriptor or -1 on error
1249 New_Connection(int Sock)
1252 struct request_info req;
1254 ng_ipaddr_t new_addr;
1255 char ip_str[NG_INET_ADDRSTRLEN];
1256 int new_sock, new_sock_len, identsock;
1260 assert(Sock > NONE);
1262 new_sock_len = (int)sizeof(new_addr);
1263 new_sock = accept(Sock, (struct sockaddr *)&new_addr,
1264 (socklen_t *)&new_sock_len);
1266 Log(LOG_CRIT, "Can't accept connection: %s!", strerror(errno));
1269 NumConnectionsAccepted++;
1271 if (!ng_ipaddr_tostr_r(&new_addr, ip_str)) {
1272 Log(LOG_CRIT, "fd %d: Can't convert IP address!", new_sock);
1273 Simple_Message(new_sock, "ERROR :Internal Server Error");
1279 /* Validate socket using TCP Wrappers */
1280 request_init(&req, RQ_DAEMON, PACKAGE_NAME, RQ_FILE, new_sock,
1281 RQ_CLIENT_SIN, &new_addr, NULL);
1283 if (!hosts_access(&req)) {
1285 "Refused connection from %s (by TCP Wrappers)!", ip_str);
1286 Simple_Message(new_sock, "ERROR :Connection refused");
1292 if (!Init_Socket(new_sock))
1295 /* Check global connection limit */
1296 if ((Conf_MaxConnections > 0) &&
1297 (NumConnections >= (size_t) Conf_MaxConnections)) {
1298 Log(LOG_ALERT, "Can't accept connection: limit (%d) reached!",
1299 Conf_MaxConnections);
1300 Simple_Message(new_sock, "ERROR :Connection limit reached");
1305 /* Check IP-based connection limit */
1306 cnt = Count_Connections(&new_addr);
1307 if ((Conf_MaxConnectionsIP > 0) && (cnt >= Conf_MaxConnectionsIP)) {
1308 /* Access denied, too many connections from this IP address! */
1310 "Refused connection from %s: too may connections (%ld) from this IP address!",
1312 Simple_Message(new_sock,
1313 "ERROR :Connection refused, too many connections from your IP address!");
1318 if (new_sock >= Pool_Size) {
1319 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION),
1320 (size_t) new_sock)) {
1322 "Can't allocate memory! [New_Connection]");
1323 Simple_Message(new_sock, "ERROR: Internal error");
1327 LogDebug("Bumped connection pool to %ld items (internal: %ld items, %ld bytes)",
1328 new_sock, array_length(&My_ConnArray,
1329 sizeof(CONNECTION)), array_bytes(&My_ConnArray));
1331 /* Adjust pointer to new block */
1332 My_Connections = array_start(&My_ConnArray);
1333 while (Pool_Size <= new_sock)
1334 Init_Conn_Struct(Pool_Size++);
1337 /* register callback */
1338 if (!io_event_create(new_sock, IO_WANTREAD, cb_clientserver)) {
1340 "Can't accept connection: io_event_create failed!");
1341 Simple_Message(new_sock, "ERROR :Internal error");
1346 c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWN, false);
1349 "Can't accept connection: can't create client structure!");
1350 Simple_Message(new_sock, "ERROR :Internal error");
1355 Init_Conn_Struct(new_sock);
1356 My_Connections[new_sock].sock = new_sock;
1357 My_Connections[new_sock].addr = new_addr;
1358 My_Connections[new_sock].client = c;
1360 /* Set initial hostname to IP address. This becomes overwritten when
1361 * the DNS lookup is enabled and succeeds, but is used otherwise. */
1362 if (ng_ipaddr_af(&new_addr) != AF_INET)
1363 snprintf(My_Connections[new_sock].host,
1364 sizeof(My_Connections[new_sock].host), "[%s]", ip_str);
1366 strlcpy(My_Connections[new_sock].host, ip_str,
1367 sizeof(My_Connections[new_sock].host));
1369 Client_SetHostname(c, My_Connections[new_sock].host);
1371 Log(LOG_INFO, "Accepted connection %d from %s:%d on socket %d.",
1372 new_sock, My_Connections[new_sock].host,
1373 ng_ipaddr_getport(&new_addr), Sock);
1375 identsock = new_sock;
1381 Resolve_Addr(&My_Connections[new_sock].proc_stat, &new_addr,
1382 identsock, cb_Read_Resolver_Result);
1384 Account_Connection();
1386 } /* New_Connection */
1390 Account_Connection(void)
1393 if (NumConnections > NumConnectionsMax)
1394 NumConnectionsMax = NumConnections;
1395 LogDebug("Total number of connections now %lu (max %lu).",
1396 NumConnections, NumConnectionsMax);
1397 } /* Account_Connection */
1401 Socket2Index( int Sock )
1403 assert( Sock >= 0 );
1405 if( Sock >= Pool_Size || My_Connections[Sock].sock != Sock ) {
1406 /* the Connection was already closed again, likely due to
1408 LogDebug("Socket2Index: can't get connection for socket %d!", Sock);
1412 } /* Socket2Index */
1416 * Read data from the network to the read buffer. If an error occures,
1417 * the socket of this connection will be shut down.
1420 Read_Request( CONN_ID Idx )
1423 static const unsigned int maxbps = COMMAND_LEN / 2;
1424 char readbuf[READBUFFER_LEN];
1427 assert( Idx > NONE );
1428 assert( My_Connections[Idx].sock > NONE );
1431 if ((array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN) ||
1432 (array_bytes(&My_Connections[Idx].zip.rbuf) >= READBUFFER_LEN))
1434 if (array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN)
1437 /* Read buffer is full */
1439 "Receive buffer overflow (connection %d): %d bytes!",
1440 Idx, array_bytes(&My_Connections[Idx].rbuf));
1441 Conn_Close( Idx, "Receive buffer overflow!", NULL, false );
1446 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL))
1447 len = ConnSSL_Read( &My_Connections[Idx], readbuf, sizeof(readbuf));
1450 len = read(My_Connections[Idx].sock, readbuf, sizeof(readbuf));
1452 Log(LOG_INFO, "%s:%u (%s) is closing the connection ...",
1453 My_Connections[Idx].host,
1454 (unsigned int) ng_ipaddr_getport(&My_Connections[Idx].addr),
1455 ng_ipaddr_tostr(&My_Connections[Idx].addr));
1457 "Socket closed!", "Client closed connection",
1463 if( errno == EAGAIN ) return;
1464 Log(LOG_ERR, "Read error on connection %d (socket %d): %s!",
1465 Idx, My_Connections[Idx].sock, strerror(errno));
1466 Conn_Close(Idx, "Read error!", "Client closed connection",
1471 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
1472 if (!array_catb(&My_Connections[Idx].zip.rbuf, readbuf,
1475 "Could not append recieved data to zip input buffer (connn %d): %d bytes!",
1477 Conn_Close(Idx, "Receive buffer overflow!", NULL,
1484 if (!array_catb( &My_Connections[Idx].rbuf, readbuf, len)) {
1485 Log( LOG_ERR, "Could not append recieved data to input buffer (connn %d): %d bytes!", Idx, len );
1486 Conn_Close( Idx, "Receive buffer overflow!", NULL, false );
1490 /* Update connection statistics */
1491 My_Connections[Idx].bytes_in += len;
1493 /* Update timestamp of last data received if this connection is
1494 * registered as a user, server or service connection. Don't update
1495 * otherwise, so users have at least Conf_PongTimeout seconds time to
1496 * register with the IRC server -- see Check_Connections().
1497 * Set "lastping", too, so we can handle time shifts backwards ... */
1498 c = Conn_GetClient(Idx);
1499 if (c && (Client_Type(c) == CLIENT_USER
1500 || Client_Type(c) == CLIENT_SERVER
1501 || Client_Type(c) == CLIENT_SERVICE)) {
1503 if (My_Connections[Idx].lastdata != t)
1504 My_Connections[Idx].bps = 0;
1506 My_Connections[Idx].lastdata = t;
1507 My_Connections[Idx].lastping = My_Connections[Idx].lastdata;
1510 /* Look at the data in the (read-) buffer of this connection */
1511 My_Connections[Idx].bps += Handle_Buffer(Idx);
1512 if (Client_Type(c) != CLIENT_SERVER
1513 && My_Connections[Idx].bps >= maxbps) {
1514 LogDebug("Throttling connection %d: BPS exceeded! (%u >= %u)",
1515 Idx, My_Connections[Idx].bps, maxbps);
1516 Conn_SetPenalty(Idx, 1);
1518 } /* Read_Request */
1522 * Handle all data in the connection read-buffer.
1523 * Data is processed until no complete command is left in the read buffer,
1524 * or MAX_COMMANDS[_SERVER] commands were processed.
1525 * When a fatal error occurs, the connection is shut down.
1526 * @param Idx Index of the connection.
1527 * @return number of bytes processed.
1530 Handle_Buffer(CONN_ID Idx)
1533 char *ptr1, *ptr2, *first_eol;
1541 unsigned int i, maxcmd = MAX_COMMANDS, len_processed = 0;
1544 c = Conn_GetClient(Idx);
1547 /* Servers do get special command limits, so they can process
1548 * all the messages that are required while peering. */
1549 if (Client_Type(c) == CLIENT_SERVER)
1550 maxcmd = MAX_COMMANDS_SERVER;
1552 starttime = time(NULL);
1553 for (i=0; i < maxcmd; i++) {
1555 if (My_Connections[Idx].delaytime > starttime)
1558 /* Unpack compressed data, if compression is in use */
1559 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
1560 /* When unzipping fails, Unzip_Buffer() shuts
1561 * down the connection itself */
1562 if (!Unzip_Buffer(Idx))
1567 if (0 == array_bytes(&My_Connections[Idx].rbuf))
1570 /* Make sure that the buffer is NULL terminated */
1571 if (!array_cat0_temporary(&My_Connections[Idx].rbuf)) {
1572 Conn_Close(Idx, NULL,
1573 "Can't allocate memory [Handle_Buffer]",
1578 /* RFC 2812, section "2.3 Messages", 5th paragraph:
1579 * "IRC messages are always lines of characters terminated
1580 * with a CR-LF (Carriage Return - Line Feed) pair [...]". */
1582 ptr = strstr(array_start(&My_Connections[Idx].rbuf), "\r\n");
1585 /* Check for non-RFC-compliant request (only CR or LF)?
1586 * Unfortunately, there are quite a few clients out there
1587 * that do this -- e. g. mIRC, BitchX, and Trillian :-( */
1588 ptr1 = strchr(array_start(&My_Connections[Idx].rbuf), '\r');
1589 ptr2 = strchr(array_start(&My_Connections[Idx].rbuf), '\n');
1591 /* Check if there is a single CR or LF _before_ the
1592 * corerct CR+LF line terminator: */
1593 first_eol = ptr1 < ptr2 ? ptr1 : ptr2;
1594 if (first_eol < ptr) {
1595 /* Single CR or LF before CR+LF found */
1599 } else if (ptr1 || ptr2) {
1600 /* No CR+LF terminated command found, but single
1601 * CR or LF found ... */
1603 ptr = ptr1 < ptr2 ? ptr1 : ptr2;
1605 ptr = ptr1 ? ptr1 : ptr2;
1613 /* Complete (=line terminated) request found, handle it! */
1616 len = ptr - (char *)array_start(&My_Connections[Idx].rbuf) + delta;
1618 if (len > (COMMAND_LEN - 1)) {
1619 /* Request must not exceed 512 chars (incl. CR+LF!),
1620 * see RFC 2812. Disconnect Client if this happens. */
1622 "Request too long (connection %d): %d bytes (max. %d expected)!",
1623 Idx, array_bytes(&My_Connections[Idx].rbuf),
1625 Conn_Close(Idx, NULL, "Request too long", true);
1629 len_processed += (unsigned int)len;
1631 /* Request is empty (only '\r\n', '\r' or '\n');
1632 * delta is 2 ('\r\n') or 1 ('\r' or '\n'), see above */
1633 array_moveleft(&My_Connections[Idx].rbuf, 1, len);
1637 /* remember if stream is already compressed */
1638 old_z = My_Connections[Idx].options & CONN_ZIP;
1641 My_Connections[Idx].msg_in++;
1643 (Idx, (char *)array_start(&My_Connections[Idx].rbuf)))
1644 return 0; /* error -> connection has been closed */
1646 array_moveleft(&My_Connections[Idx].rbuf, 1, len);
1647 LogDebug("Connection %d: %d bytes left in read buffer.",
1648 Idx, array_bytes(&My_Connections[Idx].rbuf));
1650 if ((!old_z) && (My_Connections[Idx].options & CONN_ZIP) &&
1651 (array_bytes(&My_Connections[Idx].rbuf) > 0)) {
1652 /* The last command activated socket compression.
1653 * Data that was read after that needs to be copied
1654 * to the unzip buffer for decompression: */
1656 (&My_Connections[Idx].zip.rbuf,
1657 &My_Connections[Idx].rbuf)) {
1658 Conn_Close(Idx, NULL,
1659 "Can't allocate memory [Handle_Buffer]",
1664 array_trunc(&My_Connections[Idx].rbuf);
1666 ("Moved already received data (%u bytes) to uncompression buffer.",
1667 array_bytes(&My_Connections[Idx].zip.rbuf));
1671 return len_processed;
1672 } /* Handle_Buffer */
1676 Check_Connections(void)
1678 /* check if connections are alive. if not, play PING-PONG first.
1679 * if this doesn't help either, disconnect client. */
1684 for (i = 0; i < Pool_Size; i++) {
1685 if (My_Connections[i].sock < 0)
1688 c = Conn_GetClient(i);
1689 if (c && ((Client_Type(c) == CLIENT_USER)
1690 || (Client_Type(c) == CLIENT_SERVER)
1691 || (Client_Type(c) == CLIENT_SERVICE))) {
1692 /* connected User, Server or Service */
1693 if (My_Connections[i].lastping >
1694 My_Connections[i].lastdata) {
1695 /* We already sent a ping */
1696 if (My_Connections[i].lastping <
1697 time(NULL) - Conf_PongTimeout) {
1700 ("Connection %d: Ping timeout: %d seconds.",
1701 i, Conf_PongTimeout);
1702 snprintf(msg, sizeof(msg), "Ping timeout: %d seconds", Conf_PongTimeout);
1703 Conn_Close(i, NULL, msg, true);
1705 } else if (My_Connections[i].lastdata <
1706 time(NULL) - Conf_PingTimeout) {
1707 /* We need to send a PING ... */
1708 LogDebug("Connection %d: sending PING ...", i);
1709 My_Connections[i].lastping = time(NULL);
1710 Conn_WriteStr(i, "PING :%s",
1711 Client_ID(Client_ThisServer()));
1714 /* The connection is not fully established yet, so
1715 * we don't do the PING-PONG game here but instead
1716 * disconnect the client after "a short time" if it's
1717 * still not registered. */
1719 if (My_Connections[i].lastdata <
1720 time(NULL) - Conf_PongTimeout) {
1722 ("Unregistered connection %d timed out ...",
1724 Conn_Close(i, NULL, "Timeout", false);
1728 } /* Check_Connections */
1732 Check_Servers( void )
1734 /* Check if we can establish further server links */
1739 /* Check all configured servers */
1740 for( i = 0; i < MAX_SERVERS; i++ ) {
1741 /* Valid outgoing server which isn't already connected or disabled? */
1742 if(( ! Conf_Server[i].host[0] ) || ( ! Conf_Server[i].port > 0 ) ||
1743 ( Conf_Server[i].conn_id > NONE ) || ( Conf_Server[i].flags & CONF_SFLAG_DISABLED ))
1746 /* Is there already a connection in this group? */
1747 if( Conf_Server[i].group > NONE ) {
1748 for (n = 0; n < MAX_SERVERS; n++) {
1749 if (n == i) continue;
1750 if ((Conf_Server[n].conn_id != NONE) &&
1751 (Conf_Server[n].group == Conf_Server[i].group))
1754 if (n < MAX_SERVERS) continue;
1757 /* Check last connect attempt? */
1758 time_now = time(NULL);
1759 if( Conf_Server[i].lasttry > (time_now - Conf_ConnectRetry))
1762 /* Okay, try to connect now */
1763 Conf_Server[i].lasttry = time_now;
1764 Conf_Server[i].conn_id = SERVER_WAIT;
1765 assert(Proc_GetPipeFd(&Conf_Server[i].res_stat) < 0);
1766 Resolve_Name(&Conf_Server[i].res_stat, Conf_Server[i].host, cb_Connect_to_Server);
1768 } /* Check_Servers */
1772 New_Server( int Server , ng_ipaddr_t *dest)
1774 /* Establish new server link */
1775 char ip_str[NG_INET_ADDRSTRLEN];
1776 int af_dest, res, new_sock;
1779 assert( Server > NONE );
1781 if (!ng_ipaddr_tostr_r(dest, ip_str)) {
1782 Log(LOG_WARNING, "New_Server: Could not convert IP to string");
1786 Log( LOG_INFO, "Establishing connection to \"%s\", %s, port %d ... ",
1787 Conf_Server[Server].host, ip_str, Conf_Server[Server].port );
1789 af_dest = ng_ipaddr_af(dest);
1790 new_sock = socket(af_dest, SOCK_STREAM, 0);
1792 Log( LOG_CRIT, "Can't create socket (af %d) : %s!", af_dest, strerror( errno ));
1796 if (!Init_Socket(new_sock))
1799 /* is a bind address configured? */
1800 res = ng_ipaddr_af(&Conf_Server[Server].bind_addr);
1801 /* if yes, bind now. If it fails, warn and let connect() pick a source address */
1802 if (res && bind(new_sock, (struct sockaddr *) &Conf_Server[Server].bind_addr,
1803 ng_ipaddr_salen(&Conf_Server[Server].bind_addr)))
1805 ng_ipaddr_tostr_r(&Conf_Server[Server].bind_addr, ip_str);
1806 Log(LOG_WARNING, "Can't bind socket to %s: %s!", ip_str, strerror(errno));
1808 ng_ipaddr_setport(dest, Conf_Server[Server].port);
1809 res = connect(new_sock, (struct sockaddr *) dest, ng_ipaddr_salen(dest));
1810 if(( res != 0 ) && ( errno != EINPROGRESS )) {
1811 Log( LOG_CRIT, "Can't connect socket: %s!", strerror( errno ));
1816 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)new_sock)) {
1818 "Cannot allocate memory for server connection (socket %d)",
1824 My_Connections = array_start(&My_ConnArray);
1826 assert(My_Connections[new_sock].sock <= 0);
1828 Init_Conn_Struct(new_sock);
1830 ng_ipaddr_tostr_r(dest, ip_str);
1831 c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWNSERVER, false);
1833 Log( LOG_ALERT, "Can't establish connection: can't create client structure!" );
1838 /* Conn_Close() decrements this counter again */
1839 Account_Connection();
1840 Client_SetIntroducer( c, c );
1841 Client_SetToken( c, TOKEN_OUTBOUND );
1843 /* Register connection */
1844 Conf_Server[Server].conn_id = new_sock;
1845 My_Connections[new_sock].sock = new_sock;
1846 My_Connections[new_sock].addr = *dest;
1847 My_Connections[new_sock].client = c;
1848 strlcpy( My_Connections[new_sock].host, Conf_Server[Server].host,
1849 sizeof(My_Connections[new_sock].host ));
1851 /* Register new socket */
1852 if (!io_event_create( new_sock, IO_WANTWRITE, cb_connserver)) {
1853 Log( LOG_ALERT, "io_event_create(): could not add fd %d", strerror(errno));
1854 Conn_Close( new_sock, "io_event_create() failed", NULL, false );
1855 Init_Conn_Struct( new_sock );
1856 Conf_Server[Server].conn_id = NONE;
1859 if (Conf_Server[Server].SSLConnect && !ConnSSL_PrepareConnect( &My_Connections[new_sock],
1860 &Conf_Server[Server] ))
1862 Log(LOG_ALERT, "Could not initialize SSL for outgoing connection");
1863 Conn_Close( new_sock, "Could not initialize SSL for outgoing connection", NULL, false );
1864 Init_Conn_Struct( new_sock );
1865 Conf_Server[Server].conn_id = NONE;
1869 LogDebug("Registered new connection %d on socket %d (%ld in total).",
1870 new_sock, My_Connections[new_sock].sock, NumConnections);
1871 Conn_OPTION_ADD( &My_Connections[new_sock], CONN_ISCONNECTING );
1876 * Initialize connection structure.
1879 Init_Conn_Struct(CONN_ID Idx)
1881 time_t now = time(NULL);
1883 memset(&My_Connections[Idx], 0, sizeof(CONNECTION));
1884 My_Connections[Idx].sock = -1;
1885 My_Connections[Idx].signon = now;
1886 My_Connections[Idx].lastdata = now;
1887 My_Connections[Idx].lastprivmsg = now;
1888 Proc_InitStruct(&My_Connections[Idx].proc_stat);
1889 } /* Init_Conn_Struct */
1893 Init_Socket( int Sock )
1895 /* Initialize socket (set options) */
1899 if (!io_setnonblock(Sock)) {
1900 Log( LOG_CRIT, "Can't enable non-blocking mode for socket: %s!", strerror( errno ));
1905 /* Don't block this port after socket shutdown */
1907 if( setsockopt( Sock, SOL_SOCKET, SO_REUSEADDR, &value, (socklen_t)sizeof( value )) != 0 )
1909 Log( LOG_ERR, "Can't set socket option SO_REUSEADDR: %s!", strerror( errno ));
1910 /* ignore this error */
1913 /* Set type of service (TOS) */
1914 #if defined(IPPROTO_IP) && defined(IPTOS_LOWDELAY)
1915 value = IPTOS_LOWDELAY;
1916 LogDebug("Setting IP_TOS on socket %d to IPTOS_LOWDELAY.", Sock);
1917 if (setsockopt(Sock, IPPROTO_IP, IP_TOS, &value,
1918 (socklen_t) sizeof(value))) {
1919 Log(LOG_ERR, "Can't set socket option IP_TOS: %s!",
1921 /* ignore this error */
1930 cb_Connect_to_Server(int fd, UNUSED short events)
1932 /* Read result of resolver sub-process from pipe and start connection */
1935 ng_ipaddr_t dest_addrs[4]; /* we can handle at most 3; but we read up to
1936 four so we can log the 'more than we can handle'
1937 condition. First result is tried immediately, rest
1938 is saved for later if needed. */
1940 LogDebug("Resolver: Got forward lookup callback on fd %d, events %d", fd, events);
1942 for (i=0; i < MAX_SERVERS; i++) {
1943 if (Proc_GetPipeFd(&Conf_Server[i].res_stat) == fd )
1947 if( i >= MAX_SERVERS) {
1948 /* Ops, no matching server found?! */
1950 LogDebug("Resolver: Got Forward Lookup callback for unknown server!?");
1954 /* Read result from pipe */
1955 len = Proc_Read(&Conf_Server[i].res_stat, dest_addrs, sizeof(dest_addrs));
1959 assert((len % sizeof(ng_ipaddr_t)) == 0);
1961 LogDebug("Got result from resolver: %u structs (%u bytes).", len/sizeof(ng_ipaddr_t), len);
1963 memset(&Conf_Server[i].dst_addr, 0, sizeof(Conf_Server[i].dst_addr));
1964 if (len > sizeof(ng_ipaddr_t)) {
1965 /* more than one address for this hostname, remember them
1966 * in case first address is unreachable/not available */
1967 len -= sizeof(ng_ipaddr_t);
1968 if (len > sizeof(Conf_Server[i].dst_addr)) {
1969 len = sizeof(Conf_Server[i].dst_addr);
1971 "Notice: Resolver returned more IP Addresses for host than we can handle, additional addresses dropped.");
1973 memcpy(&Conf_Server[i].dst_addr, &dest_addrs[1], len);
1976 New_Server(i, dest_addrs);
1977 } /* cb_Read_Forward_Lookup */
1981 cb_Read_Resolver_Result( int r_fd, UNUSED short events )
1983 /* Read result of resolver sub-process from pipe and update the
1984 * apropriate connection/client structure(s): hostname and/or
1985 * IDENT user name.*/
1992 char readbuf[HOST_LEN + 2 + CLIENT_USER_LEN];
1994 char readbuf[HOST_LEN + 1];
1997 LogDebug("Resolver: Got callback on fd %d, events %d", r_fd, events );
1998 i = Conn_GetFromProc(r_fd);
2000 /* Ops, none found? Probably the connection has already
2001 * been closed!? We'll ignore that ... */
2003 LogDebug("Resolver: Got callback for unknown connection!?");
2007 /* Read result from pipe */
2008 len = Proc_Read(&My_Connections[i].proc_stat, readbuf, sizeof readbuf -1);
2012 readbuf[len] = '\0';
2013 identptr = strchr(readbuf, '\n');
2014 assert(identptr != NULL);
2016 Log( LOG_CRIT, "Resolver: Got malformed result!");
2021 LogDebug("Got result from resolver: \"%s\" (%u bytes read).", readbuf, len);
2022 /* Okay, we got a complete result: this is a host name for outgoing
2023 * connections and a host name and IDENT user name (if enabled) for
2024 * incoming connections.*/
2025 assert ( My_Connections[i].sock >= 0 );
2026 /* Incoming connection. Search client ... */
2027 c = Conn_GetClient( i );
2028 assert( c != NULL );
2030 /* Only update client information of unregistered clients.
2031 * Note: user commands (e. g. WEBIRC) are always read _after_ reading
2032 * the resolver results, so we don't have to worry to override settings
2033 * from these commands here. */
2034 if(Client_Type(c) == CLIENT_UNKNOWN) {
2035 strlcpy(My_Connections[i].host, readbuf,
2036 sizeof(My_Connections[i].host));
2037 Client_SetHostname(c, readbuf);
2041 Log(LOG_INFO, "IDENT lookup for connection %d: \"%s\".", i, identptr);
2042 Client_SetUser(c, identptr, true);
2044 Log(LOG_INFO, "IDENT lookup for connection %d: no result.", i);
2049 else Log( LOG_DEBUG, "Resolver: discarding result for already registered connection %d.", i );
2051 } /* cb_Read_Resolver_Result */
2055 * Write a "simple" (error) message to a socket.
2056 * The message is sent without using the connection write buffers, without
2057 * compression/encryption, and even without any error reporting. It is
2058 * designed for error messages of e.g. New_Connection(). */
2060 Simple_Message(int Sock, const char *Msg)
2062 char buf[COMMAND_LEN];
2065 assert(Sock > NONE);
2066 assert(Msg != NULL);
2068 strlcpy(buf, Msg, sizeof buf - 2);
2069 len = strlcat(buf, "\r\n", sizeof buf);
2070 if (write(Sock, buf, len) < 0) {
2071 /* Because this function most probably got called to log
2072 * an error message, any write error is ignored here to
2073 * avoid an endless loop. But casting the result of write()
2074 * to "void" doesn't satisfy the GNU C code attribute
2075 * "warn_unused_result" which is used by some versions of
2076 * glibc (e.g. 2.11.1), therefore this silly error
2077 * "handling" code here :-( */
2080 } /* Simple_Error */
2084 * Get CLIENT structure that belongs to a local connection identified by its
2085 * index number. Each connection belongs to a client by definition, so it is
2086 * not required that the caller checks for NULL return values.
2087 * @param Idx Connection index number
2088 * @return Pointer to CLIENT structure
2091 Conn_GetClient( CONN_ID Idx )
2096 c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
2098 return c ? c->client : NULL;
2102 * Get PROC_STAT sub-process structure of a connection.
2103 * @param Idx Connection index number
2104 * @return PROC_STAT structure
2107 Conn_GetProcStat(CONN_ID Idx)
2112 c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
2114 return &c->proc_stat;
2115 } /* Conn_GetProcStat */
2119 * Get CONN_ID from file descriptor associated to a subprocess structure.
2120 * @param fd File descriptor
2121 * @return CONN_ID or NONE (-1)
2124 Conn_GetFromProc(int fd)
2129 for (i = 0; i < Pool_Size; i++) {
2130 if ((My_Connections[i].sock != NONE)
2131 && (Proc_GetPipeFd(&My_Connections[i].proc_stat) == fd))
2135 } /* Conn_GetFromProc */
2141 * Get information about used SSL chiper.
2142 * @param Idx Connection index number
2143 * @param buf Buffer for returned information text
2144 * @param len Size of return buffer "buf"
2145 * @return true on success, false otherwise
2148 Conn_GetCipherInfo(CONN_ID Idx, char *buf, size_t len)
2152 assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
2153 return ConnSSL_GetCipherInfo(&My_Connections[Idx], buf, len);
2158 * Check if a connection is SSL-enabled or not.
2159 * @param Idx Connection index number
2160 * @return true if connection is SSL-enabled, false otherwise.
2163 Conn_UsesSSL(CONN_ID Idx)
2167 assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
2168 return Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL);