2 * ngIRCd -- The Next Generation IRC Daemon
3 * Copyright (c)2001-2009 Alexander Barton (alex@barton.de)
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 * Please read the file COPYING, README and AUTHORS for more information.
11 * Connection management
33 #include <sys/socket.h>
35 #include <sys/types.h>
37 #include <netinet/in.h>
39 #ifdef HAVE_NETINET_IP_H
40 # include <netinet/in_systm.h>
41 # include <netinet/ip.h>
45 # include <stdint.h> /* e.g. for Mac OS X */
49 # include <tcpd.h> /* for TCP Wrappers */
65 #include "conn-func.h"
71 # include "rendezvous.h"
77 #define SERVER_WAIT (NONE - 1)
79 #define MAX_COMMANDS 3
80 #define MAX_COMMANDS_SERVER 10
83 static bool Handle_Write PARAMS(( CONN_ID Idx ));
84 static bool Conn_Write PARAMS(( CONN_ID Idx, char *Data, size_t Len ));
85 static int New_Connection PARAMS(( int Sock ));
86 static CONN_ID Socket2Index PARAMS(( int Sock ));
87 static void Read_Request PARAMS(( CONN_ID Idx ));
88 static unsigned int Handle_Buffer PARAMS(( CONN_ID Idx ));
89 static void Check_Connections PARAMS(( void ));
90 static void Check_Servers PARAMS(( void ));
91 static void Init_Conn_Struct PARAMS(( CONN_ID Idx ));
92 static bool Init_Socket PARAMS(( int Sock ));
93 static void New_Server PARAMS(( int Server, ng_ipaddr_t *dest ));
94 static void Simple_Message PARAMS(( int Sock, const char *Msg ));
95 static int NewListener PARAMS(( const char *listen_addr, UINT16 Port ));
97 static array My_Listeners;
98 static array My_ConnArray;
99 static size_t NumConnections;
102 int allow_severity = LOG_INFO;
103 int deny_severity = LOG_ERR;
106 static void server_login PARAMS((CONN_ID idx));
109 extern struct SSLOptions Conf_SSLOptions;
110 static void cb_connserver_login_ssl PARAMS((int sock, short what));
111 static void cb_clientserver_ssl PARAMS((int sock, short what));
113 static void cb_Read_Resolver_Result PARAMS((int sock, UNUSED short what));
114 static void cb_Connect_to_Server PARAMS((int sock, UNUSED short what));
115 static void cb_clientserver PARAMS((int sock, short what));
119 * IO callback for listening sockets: handle new connections. This callback
120 * gets called when a new non-SSL connection should be accepted.
121 * @param sock Socket descriptor
122 * @param irrelevant (ignored IO specification)
125 cb_listen(int sock, short irrelevant)
128 (void) New_Connection(sock);
134 * IO callback for listening SSL sockets: handle new connections. This callback
135 * gets called when a new SSL-enabled connection should be accepted.
136 * @param sock Socket descriptor
137 * @param irrelevant (ignored IO specification)
140 cb_listen_ssl(int sock, short irrelevant)
145 fd = New_Connection(sock);
148 io_event_setcb(My_Connections[fd].sock, cb_clientserver_ssl);
154 * IO callback for new outgoing non-SSL server connections.
155 * @param sock Socket descriptor
156 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
159 cb_connserver(int sock, UNUSED short what)
161 int res, err, server;
163 CONN_ID idx = Socket2Index( sock );
166 LogDebug("cb_connserver wants to write on unknown socket?!");
171 assert(what & IO_WANTWRITE);
173 /* Make sure that the server is still configured; it could have been
174 * removed in the meantime! */
175 server = Conf_GetServer(idx);
177 Log(LOG_ERR, "Connection on socket %d to \"%s\" aborted!",
178 sock, My_Connections[idx].host);
179 Conn_Close(idx, "Connection aborted!", NULL, false);
183 /* connect() finished, get result. */
184 sock_len = (socklen_t)sizeof(err);
185 res = getsockopt(My_Connections[idx].sock, SOL_SOCKET, SO_ERROR,
187 assert(sock_len == sizeof(err));
189 /* Error while connecting? */
190 if ((res != 0) || (err != 0)) {
192 Log(LOG_CRIT, "getsockopt (connection %d): %s!",
193 idx, strerror(errno));
196 "Can't connect socket to \"%s:%d\" (connection %d): %s!",
197 My_Connections[idx].host, Conf_Server[server].port,
200 Conn_Close(idx, "Can't connect!", NULL, false);
202 if (ng_ipaddr_af(&Conf_Server[server].dst_addr[0])) {
203 /* more addresses to try... */
204 New_Server(res, &Conf_Server[server].dst_addr[0]);
205 /* connection to dst_addr[0] is now in progress, so
206 * remove this address... */
207 Conf_Server[server].dst_addr[0] =
208 Conf_Server[server].dst_addr[1];
209 memset(&Conf_Server[server].dst_addr[1], 0,
210 sizeof(Conf_Server[server].dst_addr[1]));
215 /* connect() succeeded, remove all additional addresses */
216 memset(&Conf_Server[server].dst_addr, 0,
217 sizeof(Conf_Server[server].dst_addr));
219 Conn_OPTION_DEL( &My_Connections[idx], CONN_ISCONNECTING );
221 if ( Conn_OPTION_ISSET( &My_Connections[idx], CONN_SSL_CONNECT )) {
222 io_event_setcb( sock, cb_connserver_login_ssl );
223 io_event_add( sock, IO_WANTWRITE|IO_WANTREAD );
232 * Login to a remote server.
233 * @param idx Connection index
236 server_login(CONN_ID idx)
238 Log( LOG_INFO, "Connection %d with \"%s:%d\" established. Now logging in ...", idx,
239 My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port );
241 io_event_setcb( My_Connections[idx].sock, cb_clientserver);
242 io_event_add( My_Connections[idx].sock, IO_WANTREAD|IO_WANTWRITE);
244 /* Send PASS and SERVER command to peer */
245 Conn_WriteStr( idx, "PASS %s %s", Conf_Server[Conf_GetServer( idx )].pwd_out, NGIRCd_ProtoID );
246 Conn_WriteStr( idx, "SERVER %s :%s", Conf_ServerName, Conf_ServerInfo );
252 * IO callback for new outgoing SSL-enabled server connections.
253 * @param sock Socket descriptor
254 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
257 cb_connserver_login_ssl(int sock, short unused)
259 CONN_ID idx = Socket2Index(sock);
267 switch (ConnSSL_Connect( &My_Connections[idx])) {
269 case 0: LogDebug("ConnSSL_Connect: not ready");
272 Log(LOG_ERR, "SSL connection on socket %d failed!", sock);
273 Conn_Close(idx, "Can't connect!", NULL, false);
277 Log( LOG_INFO, "SSL connection %d with \"%s:%d\" established.", idx,
278 My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port );
286 * IO callback for established non-SSL client and server connections.
287 * @param sock Socket descriptor
288 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
291 cb_clientserver(int sock, short what)
293 CONN_ID idx = Socket2Index(sock);
302 if (what & IO_WANTREAD
303 || (Conn_OPTION_ISSET(&My_Connections[idx], CONN_SSL_WANT_WRITE))) {
304 /* if TLS layer needs to write additional data, call
305 * Read_Request() instead so that SSL/TLS can continue */
309 if (what & IO_WANTREAD)
312 if (what & IO_WANTWRITE)
319 * IO callback for established SSL-enabled client and server connections.
320 * @param sock Socket descriptor
321 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
324 cb_clientserver_ssl(int sock, short what)
326 CONN_ID idx = Socket2Index(sock);
335 switch (ConnSSL_Accept(&My_Connections[idx])) {
339 return; /* EAGAIN: callback will be invoked again by IO layer */
341 Conn_Close(idx, "Socket closed!", "SSL accept error", false);
344 if (what & IO_WANTREAD)
347 if (what & IO_WANTWRITE)
350 io_event_setcb(sock, cb_clientserver); /* SSL handshake completed */
356 * Initialite connecion module.
363 /* Speicher fuer Verbindungs-Pool anfordern */
364 Pool_Size = CONNECTION_POOL;
365 if ((Conf_MaxConnections > 0) &&
366 (Pool_Size > Conf_MaxConnections))
367 Pool_Size = Conf_MaxConnections;
369 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)Pool_Size)) {
370 Log( LOG_EMERG, "Can't allocate memory! [Conn_Init]" );
374 /* FIXME: My_Connetions/Pool_Size is needed by other parts of the
375 * code; remove them! */
376 My_Connections = (CONNECTION*) array_start(&My_ConnArray);
378 LogDebug("Allocated connection pool for %d items (%ld bytes).",
379 array_length(&My_ConnArray, sizeof( CONNECTION )), array_bytes(&My_ConnArray));
381 assert( array_length(&My_ConnArray, sizeof( CONNECTION )) >= (size_t) Pool_Size);
383 array_free( &My_Listeners );
385 /* Connection-Struktur initialisieren */
386 for( i = 0; i < Pool_Size; i++ ) Init_Conn_Struct( i );
388 /* Global write counter */
394 * Clean up connection module.
401 Conn_ExitListeners();
403 LogDebug("Shutting down all connections ..." );
404 for( idx = 0; idx < Pool_Size; idx++ ) {
405 if( My_Connections[idx].sock > NONE ) {
406 Conn_Close( idx, NULL, NGIRCd_SignalRestart ?
407 "Server going down (restarting)":"Server going down", true );
411 array_free(&My_ConnArray);
412 My_Connections = NULL;
414 io_library_shutdown();
419 ports_initlisteners(array *a, const char *listen_addr, void (*func)(int,short))
421 unsigned int created = 0;
426 len = array_length(a, sizeof (UINT16));
427 port = array_start(a);
429 fd = NewListener(listen_addr, *port);
434 if (!io_event_create( fd, IO_WANTREAD, func )) {
435 Log( LOG_ERR, "io_event_create(): Could not add listening fd %d (port %u): %s!",
436 fd, (unsigned int) *port, strerror(errno));
449 * Initialize all listening sockets.
450 * @return Number of created listening sockets
453 Conn_InitListeners( void )
455 /* Initialize ports on which the server should accept connections */
456 unsigned int created = 0;
457 char *copy, *listen_addr;
459 if (!io_library_init(CONNECTION_POOL)) {
460 Log(LOG_EMERG, "Cannot initialize IO routines: %s", strerror(errno));
464 assert(Conf_ListenAddress);
466 /* can't use Conf_ListenAddress directly, see below */
467 copy = strdup(Conf_ListenAddress);
469 Log(LOG_CRIT, "Cannot copy %s: %s", Conf_ListenAddress, strerror(errno));
472 listen_addr = strtok(copy, ",");
474 while (listen_addr) {
475 ngt_TrimStr(listen_addr);
477 created += ports_initlisteners(&Conf_ListenPorts, listen_addr, cb_listen);
479 created += ports_initlisteners(&Conf_SSLOptions.ListenPorts, listen_addr, cb_listen_ssl);
483 listen_addr = strtok(NULL, ",");
486 /* Can't free() Conf_ListenAddress here: on REHASH, if the config file
487 * cannot be re-loaded, we'd end up with a NULL Conf_ListenAddress.
488 * Instead, free() takes place in conf.c, before the config file
489 * is being parsed. */
493 } /* Conn_InitListeners */
497 Conn_ExitListeners( void )
499 /* Close down all listening sockets */
503 Rendezvous_UnregisterListeners( );
506 arraylen = array_length(&My_Listeners, sizeof (int));
508 "Shutting down all listening sockets (%d total) ...", arraylen);
509 fd = array_start(&My_Listeners);
514 LogDebug("Listening socket %d closed.", *fd );
517 array_free(&My_Listeners);
518 } /* Conn_ExitListeners */
522 InitSinaddrListenAddr(ng_ipaddr_t *addr, const char *listen_addrstr, UINT16 Port)
526 ret = ng_ipaddr_init(addr, listen_addrstr, Port);
528 assert(listen_addrstr);
529 Log(LOG_CRIT, "Can't bind to [%s]:%u: can't convert ip address \"%s\"",
530 listen_addrstr, Port, listen_addrstr);
537 set_v6_only(int af, int sock)
539 #if defined(IPV6_V6ONLY) && defined(WANT_IPV6)
545 if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, (socklen_t)sizeof(on)))
546 Log(LOG_ERR, "Could not set IPV6_V6ONLY: %s", strerror(errno));
554 /* return new listening port file descriptor or -1 on failure */
556 NewListener(const char *listen_addr, UINT16 Port)
558 /* Create new listening socket on specified port */
562 char name[CLIENT_ID_LEN], *info;
564 if (!InitSinaddrListenAddr(&addr, listen_addr, Port))
567 af = ng_ipaddr_af(&addr);
568 sock = socket(af, SOCK_STREAM, 0);
570 Log(LOG_CRIT, "Can't create socket (af %d) : %s!", af, strerror(errno));
574 set_v6_only(af, sock);
576 if (!Init_Socket(sock))
579 if (bind(sock, (struct sockaddr *)&addr, ng_ipaddr_salen(&addr)) != 0) {
580 Log(LOG_CRIT, "Can't bind socket to address %s:%d - %s",
581 ng_ipaddr_tostr(&addr), Port, strerror(errno));
586 if( listen( sock, 10 ) != 0 ) {
587 Log( LOG_CRIT, "Can't listen on socket: %s!", strerror( errno ));
592 /* keep fd in list so we can close it when ngircd restarts/shuts down */
593 if (!array_catb( &My_Listeners,(char*) &sock, sizeof(int) )) {
594 Log( LOG_CRIT, "Can't add socket to My_Listeners array: %s!", strerror( errno ));
599 Log(LOG_INFO, "Now listening on [%s]:%d (socket %d).", ng_ipaddr_tostr(&addr), Port, sock);
602 /* Get best server description text */
603 if( ! Conf_ServerInfo[0] ) info = Conf_ServerName;
606 /* Use server info string */
608 if( Conf_ServerInfo[0] == '[' )
610 /* Cut off leading hostname part in "[]" */
611 info = strchr( Conf_ServerInfo, ']' );
615 while( *info == ' ' ) info++;
618 if( ! info ) info = Conf_ServerInfo;
621 /* Add port number to description if non-standard */
623 snprintf(name, sizeof name, "%s (port %u)", info,
626 strlcpy(name, info, sizeof name);
628 /* Register service */
629 Rendezvous_Register( name, MDNS_TYPE, Port );
637 * SSL/TLS connections require extra treatment:
638 * When either CONN_SSL_WANT_WRITE or CONN_SSL_WANT_READ is set, we
639 * need to take care of that first, before checking read/write buffers.
640 * For instance, while we might have data in our write buffer, the
641 * TLS/SSL protocol might need to read internal data first for TLS/SSL
644 * If this function returns true, such a condition is met and we have
645 * to reverse the condition (check for read even if we've data to write,
646 * do not check for read but writeability even if write-buffer is empty).
649 SSL_WantRead(const CONNECTION *c)
651 if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_READ)) {
652 io_event_add(c->sock, IO_WANTREAD);
658 SSL_WantWrite(const CONNECTION *c)
660 if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_WRITE)) {
661 io_event_add(c->sock, IO_WANTWRITE);
668 SSL_WantRead(UNUSED const CONNECTION *c) { return false; }
670 SSL_WantWrite(UNUSED const CONNECTION *c) { return false; }
675 * "Main Loop": Loop until shutdown or restart is signalled.
676 * This function loops until a shutdown or restart of ngIRCd is signalled and
677 * calls io_dispatch() to check for readable and writable sockets every second.
678 * It checks for status changes on pending connections (e. g. when a hostname
679 * has been resolved), checks for "penalties" and timeouts, and handles the
686 unsigned int wdatalen, bytes_processed;
690 while (!NGIRCd_SignalQuit && !NGIRCd_SignalRestart) {
694 Rendezvous_Handler();
697 /* Should the configuration be reloaded? */
698 if (NGIRCd_SignalRehash)
701 /* Check configured servers and established links */
705 /* Look for non-empty read buffers ... */
706 for (i = 0; i < Pool_Size; i++) {
707 if ((My_Connections[i].sock > NONE)
708 && (array_bytes(&My_Connections[i].rbuf) > 0)
709 && (My_Connections[i].delaytime <= t)) {
710 /* ... and try to handle the received data */
711 bytes_processed = Handle_Buffer(i);
712 /* if we processed data, and there might be
713 * more commands in the input buffer, do not
714 * try to read any more data now */
715 if (bytes_processed &&
716 array_bytes(&My_Connections[i].rbuf) > 2) {
718 ("Throttling connection %d: command limit reached!",
720 Conn_SetPenalty(i, 1);
725 /* Look for non-empty write buffers ... */
726 for (i = 0; i < Pool_Size; i++) {
727 if (My_Connections[i].sock <= NONE)
730 wdatalen = (unsigned int)array_bytes(&My_Connections[i].wbuf);
733 array_bytes(&My_Connections[i].zip.wbuf) > 0)
738 if (SSL_WantRead(&My_Connections[i]))
740 io_event_add(My_Connections[i].sock,
745 /* Check from which sockets we possibly could read ... */
746 for (i = 0; i < Pool_Size; i++) {
747 if (My_Connections[i].sock <= NONE)
750 if (SSL_WantWrite(&My_Connections[i]))
751 continue; /* TLS/SSL layer needs to write data; deal with this first */
753 if (Resolve_INPROGRESS(&My_Connections[i].res_stat)) {
754 /* Wait for completion of resolver sub-process ... */
755 io_event_del(My_Connections[i].sock,
760 if (Conn_OPTION_ISSET(&My_Connections[i], CONN_ISCONNECTING))
761 /* Wait for completion of connect() ... */
764 if (My_Connections[i].delaytime > t) {
765 /* There is a "penalty time" set: ignore socket! */
766 io_event_del(My_Connections[i].sock,
770 io_event_add(My_Connections[i].sock, IO_WANTREAD);
773 /* Set the timeout for reading from the network to 1 second,
774 * which is the granularity with witch we handle "penalty
775 * times" for example.
776 * Note: tv_sec/usec are undefined(!) after io_dispatch()
777 * returns, so we have to set it beforce each call to it! */
781 /* Wait for activity ... */
782 i = io_dispatch(&tv);
783 if (i == -1 && errno != EINTR) {
784 Log(LOG_EMERG, "Conn_Handler(): io_dispatch(): %s!",
786 Log(LOG_ALERT, "%s exiting due to fatal errors!",
792 if (NGIRCd_SignalQuit)
793 Log(LOG_NOTICE | LOG_snotice, "Server going down NOW!");
794 else if (NGIRCd_SignalRestart)
795 Log(LOG_NOTICE | LOG_snotice, "Server restarting NOW!");
800 * Write a text string into the socket of a connection.
801 * This function automatically appends CR+LF to the string and validates that
802 * the result is a valid IRC message (oversized messages are shortened, for
803 * example). Then it calls the Conn_Write() function to do the actual sending.
804 * @param Idx Index fo the connection.
805 * @param Format Format string, see printf().
806 * @return true on success, false otherwise.
810 Conn_WriteStr( CONN_ID Idx, char *Format, ... )
813 Conn_WriteStr( Idx, Format, va_alist )
819 char buffer[COMMAND_LEN];
824 assert( Idx > NONE );
825 assert( Format != NULL );
828 va_start( ap, Format );
832 if (vsnprintf( buffer, COMMAND_LEN - 2, Format, ap ) >= COMMAND_LEN - 2 ) {
834 * The string that should be written to the socket is longer
835 * than the allowed size of COMMAND_LEN bytes (including both
836 * the CR and LF characters). This can be caused by the
837 * IRC_WriteXXX() functions when the prefix of this server had
838 * to be added to an already "quite long" command line which
839 * has been received from a regular IRC client, for example.
841 * We are not allowed to send such "oversized" messages to
842 * other servers and clients, see RFC 2812 2.3 and 2813 3.3
843 * ("these messages SHALL NOT exceed 512 characters in length,
844 * counting all characters including the trailing CR-LF").
846 * So we have a big problem here: we should send more bytes
847 * to the network than we are allowed to and we don't know
848 * the originator (any more). The "old" behaviour of blaming
849 * the receiver ("next hop") is a bad idea (it could be just
850 * an other server only routing the message!), so the only
851 * option left is to shorten the string and to hope that the
852 * result is still somewhat useful ...
856 strcpy (buffer + sizeof(buffer) - strlen(CUT_TXTSUFFIX) - 2 - 1,
862 Log(LOG_DEBUG, " -> connection %d: '%s'.", Idx, buffer);
865 len = strlcat( buffer, "\r\n", sizeof( buffer ));
866 ok = Conn_Write(Idx, buffer, len);
867 My_Connections[Idx].msg_out++;
871 } /* Conn_WriteStr */
875 * Append Data to the outbound write buffer of a connection.
876 * @param Idx Index of the connection.
877 * @param Data pointer to the data.
878 * @param Len length of Data.
879 * @return true on success, false otherwise.
882 Conn_Write( CONN_ID Idx, char *Data, size_t Len )
885 size_t writebuf_limit = WRITEBUFFER_LEN;
886 assert( Idx > NONE );
887 assert( Data != NULL );
890 c = Conn_GetClient(Idx);
893 /* Servers do get special write buffer limits, so they can generate
894 * all the messages that are required while peering. */
895 if (Client_Type(c) == CLIENT_SERVER)
896 writebuf_limit = WRITEBUFFER_SLINK_LEN;
898 /* Is the socket still open? A previous call to Conn_Write()
899 * may have closed the connection due to a fatal error.
900 * In this case it is sufficient to return an error, as well. */
901 if( My_Connections[Idx].sock <= NONE ) {
902 LogDebug("Skipped write on closed socket (connection %d).", Idx);
907 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
909 * Zip_Buffer() does all the dirty work for us: it flushes
910 * the (pre-)compression buffers if required and handles
911 * all error conditions. */
912 if (!Zip_Buffer(Idx, Data, Len))
918 /* Uncompressed link:
919 * Check if outbound buffer has enough space for the data. */
920 if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
922 /* Buffer is full, flush it. Handle_Write deals with
923 * low-level errors, if any. */
924 if (!Handle_Write(Idx))
928 /* When the write buffer is still too big after flushing it,
929 * the connection will be killed. */
930 if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
933 "Write buffer overflow (connection %d, size %lu byte)!",
935 (unsigned long)array_bytes(&My_Connections[Idx].wbuf));
936 Conn_Close(Idx, "Write buffer overflow!", NULL, false);
940 /* Copy data to write buffer */
941 if (!array_catb(&My_Connections[Idx].wbuf, Data, Len))
944 My_Connections[Idx].bytes_out += Len;
947 /* Adjust global write counter */
955 Conn_Close( CONN_ID Idx, const char *LogMsg, const char *FwdMsg, bool InformClient )
957 /* Close connection. Open pipes of asyncronous resolver
958 * sub-processes are closed down. */
964 double in_z_k, out_z_k;
968 assert( Idx > NONE );
970 /* Is this link already shutting down? */
971 if( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ISCLOSING )) {
972 /* Conn_Close() has been called recursively for this link;
973 * probabe reason: Handle_Write() failed -- see below. */
974 LogDebug("Recursive request to close connection: %d", Idx );
978 assert( My_Connections[Idx].sock > NONE );
980 /* Mark link as "closing" */
981 Conn_OPTION_ADD( &My_Connections[Idx], CONN_ISCLOSING );
983 port = ng_ipaddr_getport(&My_Connections[Idx].addr);
984 Log(LOG_INFO, "Shutting down connection %d (%s) with %s:%d ...", Idx,
985 LogMsg ? LogMsg : FwdMsg, My_Connections[Idx].host, port);
987 /* Search client, if any */
988 c = Conn_GetClient( Idx );
990 /* Should the client be informed? */
993 /* Send statistics to client if registered as user: */
994 if ((c != NULL) && (Client_Type(c) == CLIENT_USER)) {
996 ":%s NOTICE %s :%sConnection statistics: client %.1f kb, server %.1f kb.",
997 Client_ID(Client_ThisServer()), Client_ID(c),
999 (double)My_Connections[Idx].bytes_in / 1024,
1000 (double)My_Connections[Idx].bytes_out / 1024);
1003 /* Send ERROR to client (see RFC 2812, section 3.1.7) */
1005 Conn_WriteStr(Idx, "ERROR :%s", FwdMsg);
1007 Conn_WriteStr(Idx, "ERROR :Closing connection.");
1010 /* Try to write out the write buffer. Note: Handle_Write() eventually
1011 * removes the CLIENT structure associated with this connection if an
1012 * error occurs! So we have to re-check if there is still an valid
1013 * CLIENT structure after calling Handle_Write() ...*/
1014 (void)Handle_Write( Idx );
1016 /* Search client, if any (re-check!) */
1017 c = Conn_GetClient( Idx );
1019 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
1020 Log(LOG_INFO, "SSL connection %d shutting down ...", Idx);
1021 ConnSSL_Free(&My_Connections[Idx]);
1024 /* Shut down socket */
1025 if (! io_close(My_Connections[Idx].sock)) {
1026 /* Oops, we can't close the socket!? This is ... ugly! */
1028 "Error closing connection %d (socket %d) with %s:%d - %s! (ignored)",
1029 Idx, My_Connections[Idx].sock, My_Connections[Idx].host,
1030 port, strerror(errno));
1033 /* Mark socket as invalid: */
1034 My_Connections[Idx].sock = NONE;
1036 /* If there is still a client, unregister it now */
1038 Client_Destroy(c, LogMsg, FwdMsg, true);
1040 /* Calculate statistics and log information */
1041 in_k = (double)My_Connections[Idx].bytes_in / 1024;
1042 out_k = (double)My_Connections[Idx].bytes_out / 1024;
1044 if (Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP)) {
1045 in_z_k = (double)My_Connections[Idx].zip.bytes_in / 1024;
1046 out_z_k = (double)My_Connections[Idx].zip.bytes_out / 1024;
1047 /* Make sure that no division by zero can occur during
1048 * the calculation of in_p and out_p: in_z_k and out_z_k
1049 * are non-zero, that's guaranteed by the protocol until
1050 * compression can be enabled. */
1055 in_p = (int)(( in_k * 100 ) / in_z_k );
1056 out_p = (int)(( out_k * 100 ) / out_z_k );
1058 "Connection %d with %s:%d closed (in: %.1fk/%.1fk/%d%%, out: %.1fk/%.1fk/%d%%).",
1059 Idx, My_Connections[Idx].host, port,
1060 in_k, in_z_k, in_p, out_k, out_z_k, out_p);
1066 "Connection %d with %s:%d closed (in: %.1fk, out: %.1fk).",
1067 Idx, My_Connections[Idx].host, port,
1071 /* cancel running resolver */
1072 if (Resolve_INPROGRESS(&My_Connections[Idx].res_stat))
1073 Resolve_Shutdown(&My_Connections[Idx].res_stat);
1075 /* Servers: Modify time of next connect attempt? */
1076 Conf_UnsetServer( Idx );
1079 /* Clean up zlib, if link was compressed */
1080 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
1081 inflateEnd( &My_Connections[Idx].zip.in );
1082 deflateEnd( &My_Connections[Idx].zip.out );
1083 array_free(&My_Connections[Idx].zip.rbuf);
1084 array_free(&My_Connections[Idx].zip.wbuf);
1088 array_free(&My_Connections[Idx].rbuf);
1089 array_free(&My_Connections[Idx].wbuf);
1091 /* Clean up connection structure (=free it) */
1092 Init_Conn_Struct( Idx );
1094 assert(NumConnections > 0);
1097 LogDebug("Shutdown of connection %d completed, %ld connection%s left.",
1098 Idx, NumConnections, NumConnections != 1 ? "s" : "");
1103 Conn_SyncServerStruct( void )
1105 /* Synchronize server structures (connection IDs):
1106 * connections <-> configuration */
1112 for( i = 0; i < Pool_Size; i++ ) {
1113 /* Established connection? */
1114 if (My_Connections[i].sock < 0)
1117 /* Server connection? */
1118 client = Conn_GetClient( i );
1119 if(( ! client ) || ( Client_Type( client ) != CLIENT_SERVER )) continue;
1121 for( c = 0; c < MAX_SERVERS; c++ )
1123 /* Configured server? */
1124 if( ! Conf_Server[c].host[0] ) continue;
1127 if( strcmp( Conf_Server[c].name, Client_ID( client )) == 0 )
1128 Conf_Server[c].conn_id = i;
1131 } /* SyncServerStruct */
1135 * Send out data of write buffer; connect new sockets.
1138 Handle_Write( CONN_ID Idx )
1143 assert( Idx > NONE );
1144 if ( My_Connections[Idx].sock < 0 ) {
1145 LogDebug("Handle_Write() on closed socket, connection %d", Idx);
1148 assert( My_Connections[Idx].sock > NONE );
1150 wdatalen = array_bytes(&My_Connections[Idx].wbuf );
1153 if (wdatalen == 0) {
1154 /* Write buffer is empty, so we try to flush the compression
1155 * buffer and get some data to work with from there :-) */
1156 if (!Zip_Flush(Idx))
1159 /* Now the write buffer most probably has changed: */
1160 wdatalen = array_bytes(&My_Connections[Idx].wbuf);
1164 if (wdatalen == 0) {
1165 /* Still no data, fine. */
1166 io_event_del(My_Connections[Idx].sock, IO_WANTWRITE );
1171 ("Handle_Write() called for connection %d, %ld bytes pending ...",
1175 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
1176 len = ConnSSL_Write(&My_Connections[Idx], array_start(&My_Connections[Idx].wbuf), wdatalen);
1180 len = write(My_Connections[Idx].sock,
1181 array_start(&My_Connections[Idx].wbuf), wdatalen );
1184 if (errno == EAGAIN || errno == EINTR)
1187 Log(LOG_ERR, "Write error on connection %d (socket %d): %s!",
1188 Idx, My_Connections[Idx].sock, strerror(errno));
1189 Conn_Close(Idx, "Write error!", NULL, false);
1193 /* move any data not yet written to beginning */
1194 array_moveleft(&My_Connections[Idx].wbuf, 1, (size_t)len);
1197 } /* Handle_Write */
1201 Count_Connections(ng_ipaddr_t *a)
1206 for (i = 0; i < Pool_Size; i++) {
1207 if (My_Connections[i].sock <= NONE)
1209 if (ng_ipaddr_ipequal(&My_Connections[i].addr, a))
1213 } /* Count_Connections */
1217 * Initialize new client connection on a listening socket.
1218 * @param Sock Listening socket descriptor
1219 * @return Accepted socket descriptor or -1 on error
1222 New_Connection(int Sock)
1225 struct request_info req;
1227 ng_ipaddr_t new_addr;
1228 char ip_str[NG_INET_ADDRSTRLEN];
1229 int new_sock, new_sock_len, identsock;
1233 assert(Sock > NONE);
1235 new_sock_len = (int)sizeof(new_addr);
1236 new_sock = accept(Sock, (struct sockaddr *)&new_addr,
1237 (socklen_t *)&new_sock_len);
1239 Log(LOG_CRIT, "Can't accept connection: %s!", strerror(errno));
1243 if (!ng_ipaddr_tostr_r(&new_addr, ip_str)) {
1244 Log(LOG_CRIT, "fd %d: Can't convert IP address!", new_sock);
1245 Simple_Message(new_sock, "ERROR :Internal Server Error");
1251 /* Validate socket using TCP Wrappers */
1252 request_init(&req, RQ_DAEMON, PACKAGE_NAME, RQ_FILE, new_sock,
1253 RQ_CLIENT_SIN, &new_addr, NULL);
1255 if (!hosts_access(&req)) {
1257 "Refused connection from %s (by TCP Wrappers)!", ip_str);
1258 Simple_Message(new_sock, "ERROR :Connection refused");
1264 if (!Init_Socket(new_sock))
1267 /* Check global connection limit */
1268 if ((Conf_MaxConnections > 0) &&
1269 (NumConnections >= (size_t) Conf_MaxConnections)) {
1270 Log(LOG_ALERT, "Can't accept connection: limit (%d) reached!",
1271 Conf_MaxConnections);
1272 Simple_Message(new_sock, "ERROR :Connection limit reached");
1277 /* Check IP-based connection limit */
1278 cnt = Count_Connections(&new_addr);
1279 if ((Conf_MaxConnectionsIP > 0) && (cnt >= Conf_MaxConnectionsIP)) {
1280 /* Access denied, too many connections from this IP address! */
1282 "Refused connection from %s: too may connections (%ld) from this IP address!",
1284 Simple_Message(new_sock,
1285 "ERROR :Connection refused, too many connections from your IP address!");
1290 if (new_sock >= Pool_Size) {
1291 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION),
1292 (size_t) new_sock)) {
1294 "Can't allocate memory! [New_Connection]");
1295 Simple_Message(new_sock, "ERROR: Internal error");
1299 LogDebug("Bumped connection pool to %ld items (internal: %ld items, %ld bytes)",
1300 new_sock, array_length(&My_ConnArray,
1301 sizeof(CONNECTION)), array_bytes(&My_ConnArray));
1303 /* Adjust pointer to new block */
1304 My_Connections = array_start(&My_ConnArray);
1305 while (Pool_Size <= new_sock)
1306 Init_Conn_Struct(Pool_Size++);
1309 /* register callback */
1310 if (!io_event_create(new_sock, IO_WANTREAD, cb_clientserver)) {
1312 "Can't accept connection: io_event_create failed!");
1313 Simple_Message(new_sock, "ERROR :Internal error");
1318 c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWN, false);
1321 "Can't accept connection: can't create client structure!");
1322 Simple_Message(new_sock, "ERROR :Internal error");
1327 Init_Conn_Struct(new_sock);
1328 My_Connections[new_sock].sock = new_sock;
1329 My_Connections[new_sock].addr = new_addr;
1330 My_Connections[new_sock].client = c;
1332 /* Set initial hostname to IP address. This becomes overwritten when
1333 * the DNS lookup is enabled and succeeds, but is used otherwise. */
1334 if (ng_ipaddr_af(&new_addr) != AF_INET)
1335 snprintf(My_Connections[new_sock].host,
1336 sizeof(My_Connections[new_sock].host), "[%s]", ip_str);
1338 strlcpy(My_Connections[new_sock].host, ip_str,
1339 sizeof(My_Connections[new_sock].host));
1341 Client_SetHostname(c, My_Connections[new_sock].host);
1343 Log(LOG_INFO, "Accepted connection %d from %s:%d on socket %d.",
1344 new_sock, My_Connections[new_sock].host,
1345 ng_ipaddr_getport(&new_addr), Sock);
1347 identsock = new_sock;
1353 Resolve_Addr(&My_Connections[new_sock].res_stat, &new_addr,
1354 identsock, cb_Read_Resolver_Result);
1356 /* ngIRCd waits up to 4 seconds for the result of the asynchronous
1357 * DNS and IDENT resolver subprocess using the "penalty" mechanism.
1358 * If there are results earlier, the delay is aborted. */
1359 Conn_SetPenalty(new_sock, 4);
1362 LogDebug("Total number of connections now %ld.", NumConnections);
1364 } /* New_Connection */
1368 Socket2Index( int Sock )
1370 assert( Sock >= 0 );
1372 if( Sock >= Pool_Size || My_Connections[Sock].sock != Sock ) {
1373 /* the Connection was already closed again, likely due to
1375 LogDebug("Socket2Index: can't get connection for socket %d!", Sock);
1379 } /* Socket2Index */
1383 * Read data from the network to the read buffer. If an error occures,
1384 * the socket of this connection will be shut down.
1387 Read_Request( CONN_ID Idx )
1390 static const unsigned int maxbps = COMMAND_LEN / 2;
1391 char readbuf[READBUFFER_LEN];
1394 assert( Idx > NONE );
1395 assert( My_Connections[Idx].sock > NONE );
1398 if ((array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN) ||
1399 (array_bytes(&My_Connections[Idx].zip.rbuf) >= READBUFFER_LEN))
1401 if (array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN)
1404 /* Read buffer is full */
1406 "Receive buffer overflow (connection %d): %d bytes!",
1407 Idx, array_bytes(&My_Connections[Idx].rbuf));
1408 Conn_Close( Idx, "Receive buffer overflow!", NULL, false );
1413 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL))
1414 len = ConnSSL_Read( &My_Connections[Idx], readbuf, sizeof(readbuf));
1417 len = read(My_Connections[Idx].sock, readbuf, sizeof(readbuf));
1419 Log(LOG_INFO, "%s:%u (%s) is closing the connection ...",
1420 My_Connections[Idx].host,
1421 (unsigned int) ng_ipaddr_getport(&My_Connections[Idx].addr),
1422 ng_ipaddr_tostr(&My_Connections[Idx].addr));
1424 "Socket closed!", "Client closed connection",
1430 if( errno == EAGAIN ) return;
1431 Log(LOG_ERR, "Read error on connection %d (socket %d): %s!",
1432 Idx, My_Connections[Idx].sock, strerror(errno));
1433 Conn_Close(Idx, "Read error!", "Client closed connection",
1438 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
1439 if (!array_catb(&My_Connections[Idx].zip.rbuf, readbuf,
1442 "Could not append recieved data to zip input buffer (connn %d): %d bytes!",
1444 Conn_Close(Idx, "Receive buffer overflow!", NULL,
1451 if (!array_catb( &My_Connections[Idx].rbuf, readbuf, len)) {
1452 Log( LOG_ERR, "Could not append recieved data to input buffer (connn %d): %d bytes!", Idx, len );
1453 Conn_Close( Idx, "Receive buffer overflow!", NULL, false );
1457 /* Update connection statistics */
1458 My_Connections[Idx].bytes_in += len;
1460 /* Update timestamp of last data received if this connection is
1461 * registered as a user, server or service connection. Don't update
1462 * otherwise, so users have at least Conf_PongTimeout seconds time to
1463 * register with the IRC server -- see Check_Connections().
1464 * Set "lastping", too, so we can handle time shifts backwards ... */
1465 c = Conn_GetClient(Idx);
1466 if (c && (Client_Type(c) == CLIENT_USER
1467 || Client_Type(c) == CLIENT_SERVER
1468 || Client_Type(c) == CLIENT_SERVICE)) {
1470 if (My_Connections[Idx].lastdata != t)
1471 My_Connections[Idx].bps = 0;
1473 My_Connections[Idx].lastdata = t;
1474 My_Connections[Idx].lastping = My_Connections[Idx].lastdata;
1477 /* Look at the data in the (read-) buffer of this connection */
1478 My_Connections[Idx].bps += Handle_Buffer(Idx);
1479 if (Client_Type(c) != CLIENT_SERVER
1480 && My_Connections[Idx].bps >= maxbps) {
1481 LogDebug("Throttling connection %d: BPS exceeded! (%u >= %u)",
1482 Idx, My_Connections[Idx].bps, maxbps);
1483 Conn_SetPenalty(Idx, 1);
1485 } /* Read_Request */
1489 * Handle all data in the connection read-buffer.
1490 * Data is processed until no complete command is left in the read buffer,
1491 * or MAX_COMMANDS[_SERVER] commands were processed.
1492 * When a fatal error occurs, the connection is shut down.
1493 * @param Idx Index of the connection.
1494 * @return number of bytes processed.
1497 Handle_Buffer(CONN_ID Idx)
1500 char *ptr1, *ptr2, *first_eol;
1508 unsigned int i, maxcmd = MAX_COMMANDS, len_processed = 0;
1511 c = Conn_GetClient(Idx);
1514 /* Servers do get special command limits, so they can process
1515 * all the messages that are required while peering. */
1516 if (Client_Type(c) == CLIENT_SERVER)
1517 maxcmd = MAX_COMMANDS_SERVER;
1519 starttime = time(NULL);
1520 for (i=0; i < maxcmd; i++) {
1522 if (My_Connections[Idx].delaytime > starttime)
1525 /* Unpack compressed data, if compression is in use */
1526 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
1527 /* When unzipping fails, Unzip_Buffer() shuts
1528 * down the connection itself */
1529 if (!Unzip_Buffer(Idx))
1534 if (0 == array_bytes(&My_Connections[Idx].rbuf))
1537 /* Make sure that the buffer is NULL terminated */
1538 if (!array_cat0_temporary(&My_Connections[Idx].rbuf)) {
1539 Conn_Close(Idx, NULL,
1540 "Can't allocate memory [Handle_Buffer]",
1545 /* RFC 2812, section "2.3 Messages", 5th paragraph:
1546 * "IRC messages are always lines of characters terminated
1547 * with a CR-LF (Carriage Return - Line Feed) pair [...]". */
1549 ptr = strstr(array_start(&My_Connections[Idx].rbuf), "\r\n");
1552 /* Check for non-RFC-compliant request (only CR or LF)?
1553 * Unfortunately, there are quite a few clients out there
1554 * that do this -- e. g. mIRC, BitchX, and Trillian :-( */
1555 ptr1 = strchr(array_start(&My_Connections[Idx].rbuf), '\r');
1556 ptr2 = strchr(array_start(&My_Connections[Idx].rbuf), '\n');
1558 /* Check if there is a single CR or LF _before_ the
1559 * corerct CR+LF line terminator: */
1560 first_eol = ptr1 < ptr2 ? ptr1 : ptr2;
1561 if (first_eol < ptr) {
1562 /* Single CR or LF before CR+LF found */
1566 } else if (ptr1 || ptr2) {
1567 /* No CR+LF terminated command found, but single
1568 * CR or LF found ... */
1570 ptr = ptr1 < ptr2 ? ptr1 : ptr2;
1572 ptr = ptr1 ? ptr1 : ptr2;
1580 /* Complete (=line terminated) request found, handle it! */
1583 len = ptr - (char *)array_start(&My_Connections[Idx].rbuf) + delta;
1585 if (len > (COMMAND_LEN - 1)) {
1586 /* Request must not exceed 512 chars (incl. CR+LF!),
1587 * see RFC 2812. Disconnect Client if this happens. */
1589 "Request too long (connection %d): %d bytes (max. %d expected)!",
1590 Idx, array_bytes(&My_Connections[Idx].rbuf),
1592 Conn_Close(Idx, NULL, "Request too long", true);
1596 len_processed += (unsigned int)len;
1598 /* Request is empty (only '\r\n', '\r' or '\n');
1599 * delta is 2 ('\r\n') or 1 ('\r' or '\n'), see above */
1600 array_moveleft(&My_Connections[Idx].rbuf, 1, len);
1604 /* remember if stream is already compressed */
1605 old_z = My_Connections[Idx].options & CONN_ZIP;
1608 My_Connections[Idx].msg_in++;
1610 (Idx, (char *)array_start(&My_Connections[Idx].rbuf)))
1611 return 0; /* error -> connection has been closed */
1613 array_moveleft(&My_Connections[Idx].rbuf, 1, len);
1614 LogDebug("Connection %d: %d bytes left in read buffer.",
1615 Idx, array_bytes(&My_Connections[Idx].rbuf));
1617 if ((!old_z) && (My_Connections[Idx].options & CONN_ZIP) &&
1618 (array_bytes(&My_Connections[Idx].rbuf) > 0)) {
1619 /* The last command activated socket compression.
1620 * Data that was read after that needs to be copied
1621 * to the unzip buffer for decompression: */
1623 (&My_Connections[Idx].zip.rbuf,
1624 &My_Connections[Idx].rbuf)) {
1625 Conn_Close(Idx, NULL,
1626 "Can't allocate memory [Handle_Buffer]",
1631 array_trunc(&My_Connections[Idx].rbuf);
1633 ("Moved already received data (%u bytes) to uncompression buffer.",
1634 array_bytes(&My_Connections[Idx].zip.rbuf));
1638 return len_processed;
1639 } /* Handle_Buffer */
1643 Check_Connections(void)
1645 /* check if connections are alive. if not, play PING-PONG first.
1646 * if this doesn't help either, disconnect client. */
1651 for (i = 0; i < Pool_Size; i++) {
1652 if (My_Connections[i].sock < 0)
1655 c = Conn_GetClient(i);
1656 if (c && ((Client_Type(c) == CLIENT_USER)
1657 || (Client_Type(c) == CLIENT_SERVER)
1658 || (Client_Type(c) == CLIENT_SERVICE))) {
1659 /* connected User, Server or Service */
1660 if (My_Connections[i].lastping >
1661 My_Connections[i].lastdata) {
1662 /* We already sent a ping */
1663 if (My_Connections[i].lastping <
1664 time(NULL) - Conf_PongTimeout) {
1667 ("Connection %d: Ping timeout: %d seconds.",
1668 i, Conf_PongTimeout);
1669 snprintf(msg, sizeof(msg), "Ping timeout: %d seconds", Conf_PongTimeout);
1670 Conn_Close(i, NULL, msg, true);
1672 } else if (My_Connections[i].lastdata <
1673 time(NULL) - Conf_PingTimeout) {
1674 /* We need to send a PING ... */
1675 LogDebug("Connection %d: sending PING ...", i);
1676 My_Connections[i].lastping = time(NULL);
1677 Conn_WriteStr(i, "PING :%s",
1678 Client_ID(Client_ThisServer()));
1681 /* The connection is not fully established yet, so
1682 * we don't do the PING-PONG game here but instead
1683 * disconnect the client after "a short time" if it's
1684 * still not registered. */
1686 if (My_Connections[i].lastdata <
1687 time(NULL) - Conf_PongTimeout) {
1689 ("Unregistered connection %d timed out ...",
1691 Conn_Close(i, NULL, "Timeout", false);
1695 } /* Check_Connections */
1699 Check_Servers( void )
1701 /* Check if we can establish further server links */
1706 /* Check all configured servers */
1707 for( i = 0; i < MAX_SERVERS; i++ ) {
1708 /* Valid outgoing server which isn't already connected or disabled? */
1709 if(( ! Conf_Server[i].host[0] ) || ( ! Conf_Server[i].port > 0 ) ||
1710 ( Conf_Server[i].conn_id > NONE ) || ( Conf_Server[i].flags & CONF_SFLAG_DISABLED ))
1713 /* Is there already a connection in this group? */
1714 if( Conf_Server[i].group > NONE ) {
1715 for (n = 0; n < MAX_SERVERS; n++) {
1716 if (n == i) continue;
1717 if ((Conf_Server[n].conn_id != NONE) &&
1718 (Conf_Server[n].group == Conf_Server[i].group))
1721 if (n < MAX_SERVERS) continue;
1724 /* Check last connect attempt? */
1725 time_now = time(NULL);
1726 if( Conf_Server[i].lasttry > (time_now - Conf_ConnectRetry))
1729 /* Okay, try to connect now */
1730 Conf_Server[i].lasttry = time_now;
1731 Conf_Server[i].conn_id = SERVER_WAIT;
1732 assert(Resolve_Getfd(&Conf_Server[i].res_stat) < 0);
1733 Resolve_Name(&Conf_Server[i].res_stat, Conf_Server[i].host, cb_Connect_to_Server);
1735 } /* Check_Servers */
1739 New_Server( int Server , ng_ipaddr_t *dest)
1741 /* Establish new server link */
1742 char ip_str[NG_INET_ADDRSTRLEN];
1743 int af_dest, res, new_sock;
1746 assert( Server > NONE );
1748 if (!ng_ipaddr_tostr_r(dest, ip_str)) {
1749 Log(LOG_WARNING, "New_Server: Could not convert IP to string");
1753 Log( LOG_INFO, "Establishing connection to \"%s\", %s, port %d ... ",
1754 Conf_Server[Server].host, ip_str, Conf_Server[Server].port );
1756 af_dest = ng_ipaddr_af(dest);
1757 new_sock = socket(af_dest, SOCK_STREAM, 0);
1759 Log( LOG_CRIT, "Can't create socket (af %d) : %s!", af_dest, strerror( errno ));
1763 if (!Init_Socket(new_sock))
1766 /* is a bind address configured? */
1767 res = ng_ipaddr_af(&Conf_Server[Server].bind_addr);
1768 /* if yes, bind now. If it fails, warn and let connect() pick a source address */
1769 if (res && bind(new_sock, (struct sockaddr *) &Conf_Server[Server].bind_addr,
1770 ng_ipaddr_salen(&Conf_Server[Server].bind_addr)))
1772 ng_ipaddr_tostr_r(&Conf_Server[Server].bind_addr, ip_str);
1773 Log(LOG_WARNING, "Can't bind socket to %s: %s!", ip_str, strerror(errno));
1775 ng_ipaddr_setport(dest, Conf_Server[Server].port);
1776 res = connect(new_sock, (struct sockaddr *) dest, ng_ipaddr_salen(dest));
1777 if(( res != 0 ) && ( errno != EINPROGRESS )) {
1778 Log( LOG_CRIT, "Can't connect socket: %s!", strerror( errno ));
1783 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)new_sock)) {
1785 "Cannot allocate memory for server connection (socket %d)",
1791 My_Connections = array_start(&My_ConnArray);
1793 assert(My_Connections[new_sock].sock <= 0);
1795 Init_Conn_Struct(new_sock);
1797 ng_ipaddr_tostr_r(dest, ip_str);
1798 c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWNSERVER, false);
1800 Log( LOG_ALERT, "Can't establish connection: can't create client structure!" );
1805 /* Conn_Close() decrements this counter again */
1807 Client_SetIntroducer( c, c );
1808 Client_SetToken( c, TOKEN_OUTBOUND );
1810 /* Register connection */
1811 Conf_Server[Server].conn_id = new_sock;
1812 My_Connections[new_sock].sock = new_sock;
1813 My_Connections[new_sock].addr = *dest;
1814 My_Connections[new_sock].client = c;
1815 strlcpy( My_Connections[new_sock].host, Conf_Server[Server].host,
1816 sizeof(My_Connections[new_sock].host ));
1818 /* Register new socket */
1819 if (!io_event_create( new_sock, IO_WANTWRITE, cb_connserver)) {
1820 Log( LOG_ALERT, "io_event_create(): could not add fd %d", strerror(errno));
1821 Conn_Close( new_sock, "io_event_create() failed", NULL, false );
1822 Init_Conn_Struct( new_sock );
1823 Conf_Server[Server].conn_id = NONE;
1826 if (Conf_Server[Server].SSLConnect && !ConnSSL_PrepareConnect( &My_Connections[new_sock],
1827 &Conf_Server[Server] ))
1829 Log(LOG_ALERT, "Could not initialize SSL for outgoing connection");
1830 Conn_Close( new_sock, "Could not initialize SSL for outgoing connection", NULL, false );
1831 Init_Conn_Struct( new_sock );
1832 Conf_Server[Server].conn_id = NONE;
1836 LogDebug("Registered new connection %d on socket %d (%ld in total).",
1837 new_sock, My_Connections[new_sock].sock, NumConnections);
1838 Conn_OPTION_ADD( &My_Connections[new_sock], CONN_ISCONNECTING );
1843 * Initialize connection structure.
1846 Init_Conn_Struct(CONN_ID Idx)
1848 time_t now = time(NULL);
1850 memset(&My_Connections[Idx], 0, sizeof(CONNECTION));
1851 My_Connections[Idx].sock = -1;
1852 My_Connections[Idx].signon = now;
1853 My_Connections[Idx].lastdata = now;
1854 My_Connections[Idx].lastprivmsg = now;
1855 Resolve_Init(&My_Connections[Idx].res_stat);
1856 } /* Init_Conn_Struct */
1860 Init_Socket( int Sock )
1862 /* Initialize socket (set options) */
1866 if (!io_setnonblock(Sock)) {
1867 Log( LOG_CRIT, "Can't enable non-blocking mode for socket: %s!", strerror( errno ));
1872 /* Don't block this port after socket shutdown */
1874 if( setsockopt( Sock, SOL_SOCKET, SO_REUSEADDR, &value, (socklen_t)sizeof( value )) != 0 )
1876 Log( LOG_ERR, "Can't set socket option SO_REUSEADDR: %s!", strerror( errno ));
1877 /* ignore this error */
1880 /* Set type of service (TOS) */
1881 #if defined(IPPROTO_IP) && defined(IPTOS_LOWDELAY)
1882 value = IPTOS_LOWDELAY;
1883 LogDebug("Setting IP_TOS on socket %d to IPTOS_LOWDELAY.", Sock);
1884 if (setsockopt(Sock, IPPROTO_IP, IP_TOS, &value,
1885 (socklen_t) sizeof(value))) {
1886 Log(LOG_ERR, "Can't set socket option IP_TOS: %s!",
1888 /* ignore this error */
1897 cb_Connect_to_Server(int fd, UNUSED short events)
1899 /* Read result of resolver sub-process from pipe and start connection */
1902 ng_ipaddr_t dest_addrs[4]; /* we can handle at most 3; but we read up to
1903 four so we can log the 'more than we can handle'
1904 condition. First result is tried immediately, rest
1905 is saved for later if needed. */
1907 LogDebug("Resolver: Got forward lookup callback on fd %d, events %d", fd, events);
1909 for (i=0; i < MAX_SERVERS; i++) {
1910 if (Resolve_Getfd(&Conf_Server[i].res_stat) == fd )
1914 if( i >= MAX_SERVERS) {
1915 /* Ops, no matching server found?! */
1917 LogDebug("Resolver: Got Forward Lookup callback for unknown server!?");
1921 /* Read result from pipe */
1922 len = Resolve_Read(&Conf_Server[i].res_stat, dest_addrs, sizeof(dest_addrs));
1926 assert((len % sizeof(ng_ipaddr_t)) == 0);
1928 LogDebug("Got result from resolver: %u structs (%u bytes).", len/sizeof(ng_ipaddr_t), len);
1930 memset(&Conf_Server[i].dst_addr, 0, sizeof(Conf_Server[i].dst_addr));
1931 if (len > sizeof(ng_ipaddr_t)) {
1932 /* more than one address for this hostname, remember them
1933 * in case first address is unreachable/not available */
1934 len -= sizeof(ng_ipaddr_t);
1935 if (len > sizeof(Conf_Server[i].dst_addr)) {
1936 len = sizeof(Conf_Server[i].dst_addr);
1938 "Notice: Resolver returned more IP Addresses for host than we can handle, additional addresses dropped.");
1940 memcpy(&Conf_Server[i].dst_addr, &dest_addrs[1], len);
1943 New_Server(i, dest_addrs);
1944 } /* cb_Read_Forward_Lookup */
1948 cb_Read_Resolver_Result( int r_fd, UNUSED short events )
1950 /* Read result of resolver sub-process from pipe and update the
1951 * apropriate connection/client structure(s): hostname and/or
1952 * IDENT user name.*/
1959 char readbuf[HOST_LEN + 2 + CLIENT_USER_LEN];
1961 char readbuf[HOST_LEN + 1];
1964 LogDebug("Resolver: Got callback on fd %d, events %d", r_fd, events );
1966 /* Search associated connection ... */
1967 for( i = 0; i < Pool_Size; i++ ) {
1968 if(( My_Connections[i].sock != NONE )
1969 && ( Resolve_Getfd(&My_Connections[i].res_stat) == r_fd ))
1972 if( i >= Pool_Size ) {
1973 /* Ops, none found? Probably the connection has already
1974 * been closed!? We'll ignore that ... */
1976 LogDebug("Resolver: Got callback for unknown connection!?");
1980 /* Read result from pipe */
1981 len = Resolve_Read(&My_Connections[i].res_stat, readbuf, sizeof readbuf -1);
1985 readbuf[len] = '\0';
1986 identptr = strchr(readbuf, '\n');
1987 assert(identptr != NULL);
1989 Log( LOG_CRIT, "Resolver: Got malformed result!");
1994 LogDebug("Got result from resolver: \"%s\" (%u bytes read).", readbuf, len);
1995 /* Okay, we got a complete result: this is a host name for outgoing
1996 * connections and a host name and IDENT user name (if enabled) for
1997 * incoming connections.*/
1998 assert ( My_Connections[i].sock >= 0 );
1999 /* Incoming connection. Search client ... */
2000 c = Conn_GetClient( i );
2001 assert( c != NULL );
2003 /* Only update client information of unregistered clients.
2004 * Note: user commands (e. g. WEBIRC) are always read _after_ reading
2005 * the resolver results, so we don't have to worry to override settings
2006 * from these commands here. */
2007 if(Client_Type(c) == CLIENT_UNKNOWN) {
2008 strlcpy(My_Connections[i].host, readbuf,
2009 sizeof(My_Connections[i].host));
2010 Client_SetHostname(c, readbuf);
2014 Log(LOG_INFO, "IDENT lookup for connection %d: \"%s\".", i, identptr);
2015 Client_SetUser(c, identptr, true);
2017 Log(LOG_INFO, "IDENT lookup for connection %d: no result.", i);
2022 else Log( LOG_DEBUG, "Resolver: discarding result for already registered connection %d.", i );
2024 /* Reset penalty time */
2025 Conn_ResetPenalty( i );
2026 } /* cb_Read_Resolver_Result */
2030 * Write a "simple" (error) message to a socket.
2031 * The message is sent without using the connection write buffers, without
2032 * compression/encryption, and even without any error reporting. It is
2033 * designed for error messages of e.g. New_Connection(). */
2035 Simple_Message(int Sock, const char *Msg)
2037 char buf[COMMAND_LEN];
2040 assert(Sock > NONE);
2041 assert(Msg != NULL);
2043 strlcpy(buf, Msg, sizeof buf - 2);
2044 len = strlcat(buf, "\r\n", sizeof buf);
2045 if (write(Sock, buf, len) < 0) {
2046 /* Because this function most probably got called to log
2047 * an error message, any write error is ignored here to
2048 * avoid an endless loop. But casting the result of write()
2049 * to "void" doesn't satisfy the GNU C code attribute
2050 * "warn_unused_result" which is used by some versions of
2051 * glibc (e.g. 2.11.1), therefore this silly error
2052 * "handling" code here :-( */
2055 } /* Simple_Error */
2059 * Get CLIENT structure that belongs to a local connection identified by its
2060 * index number. Each connection belongs to a client by definition, so it is
2061 * not required that the caller checks for NULL return values.
2062 * @param Idx Connection index number
2063 * @return Pointer to CLIENT structure
2066 Conn_GetClient( CONN_ID Idx )
2071 c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
2073 return c ? c->client : NULL;
2080 * Get information about used SSL chiper.
2081 * @param Idx Connection index number
2082 * @param buf Buffer for returned information text
2083 * @param len Size of return buffer "buf"
2084 * @return true on success, false otherwise
2087 Conn_GetCipherInfo(CONN_ID Idx, char *buf, size_t len)
2091 assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
2092 return ConnSSL_GetCipherInfo(&My_Connections[Idx], buf, len);
2097 * Check if a connection is SSL-enabled or not.
2098 * @param Idx Connection index number
2099 * @return true if connection is SSL-enabled, false otherwise.
2102 Conn_UsesSSL(CONN_ID Idx)
2106 assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
2107 return Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL);