2 * ngIRCd -- The Next Generation IRC Daemon
3 * Copyright (c)2001-2010 Alexander Barton <alex@barton.de>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 * Please read the file COPYING, README and AUTHORS for more information.
11 * Connection management
33 #include <sys/socket.h>
35 #include <sys/types.h>
37 #include <netinet/in.h>
39 #ifdef HAVE_NETINET_IP_H
40 # ifdef HAVE_NETINET_IN_SYSTM_H
41 # include <netinet/in_systm.h>
43 # include <netinet/ip.h>
47 # include <stdint.h> /* e.g. for Mac OS X */
51 # include <tcpd.h> /* for TCP Wrappers */
67 #include "conn-func.h"
69 #include "ng_ipaddr.h"
75 # include "rendezvous.h"
81 #define SERVER_WAIT (NONE - 1)
83 #define MAX_COMMANDS 3
84 #define MAX_COMMANDS_SERVER 10
87 static bool Handle_Write PARAMS(( CONN_ID Idx ));
88 static bool Conn_Write PARAMS(( CONN_ID Idx, char *Data, size_t Len ));
89 static int New_Connection PARAMS(( int Sock ));
90 static CONN_ID Socket2Index PARAMS(( int Sock ));
91 static void Read_Request PARAMS(( CONN_ID Idx ));
92 static unsigned int Handle_Buffer PARAMS(( CONN_ID Idx ));
93 static void Check_Connections PARAMS(( void ));
94 static void Check_Servers PARAMS(( void ));
95 static void Init_Conn_Struct PARAMS(( CONN_ID Idx ));
96 static bool Init_Socket PARAMS(( int Sock ));
97 static void New_Server PARAMS(( int Server, ng_ipaddr_t *dest ));
98 static void Simple_Message PARAMS(( int Sock, const char *Msg ));
99 static int NewListener PARAMS(( const char *listen_addr, UINT16 Port ));
100 static void Account_Connection PARAMS((void));
103 static array My_Listeners;
104 static array My_ConnArray;
105 static size_t NumConnections, NumConnectionsMax, NumConnectionsAccepted;
108 int allow_severity = LOG_INFO;
109 int deny_severity = LOG_ERR;
112 static void server_login PARAMS((CONN_ID idx));
115 extern struct SSLOptions Conf_SSLOptions;
116 static void cb_connserver_login_ssl PARAMS((int sock, short what));
117 static void cb_clientserver_ssl PARAMS((int sock, short what));
119 static void cb_Read_Resolver_Result PARAMS((int sock, UNUSED short what));
120 static void cb_Connect_to_Server PARAMS((int sock, UNUSED short what));
121 static void cb_clientserver PARAMS((int sock, short what));
125 * IO callback for listening sockets: handle new connections. This callback
126 * gets called when a new non-SSL connection should be accepted.
127 * @param sock Socket descriptor
128 * @param irrelevant (ignored IO specification)
131 cb_listen(int sock, short irrelevant)
134 (void) New_Connection(sock);
140 * IO callback for listening SSL sockets: handle new connections. This callback
141 * gets called when a new SSL-enabled connection should be accepted.
142 * @param sock Socket descriptor
143 * @param irrelevant (ignored IO specification)
146 cb_listen_ssl(int sock, short irrelevant)
151 fd = New_Connection(sock);
154 io_event_setcb(My_Connections[fd].sock, cb_clientserver_ssl);
160 * IO callback for new outgoing non-SSL server connections.
161 * @param sock Socket descriptor
162 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
165 cb_connserver(int sock, UNUSED short what)
167 int res, err, server;
169 CONN_ID idx = Socket2Index( sock );
172 LogDebug("cb_connserver wants to write on unknown socket?!");
177 assert(what & IO_WANTWRITE);
179 /* Make sure that the server is still configured; it could have been
180 * removed in the meantime! */
181 server = Conf_GetServer(idx);
183 Log(LOG_ERR, "Connection on socket %d to \"%s\" aborted!",
184 sock, My_Connections[idx].host);
185 Conn_Close(idx, "Connection aborted!", NULL, false);
189 /* connect() finished, get result. */
190 sock_len = (socklen_t)sizeof(err);
191 res = getsockopt(My_Connections[idx].sock, SOL_SOCKET, SO_ERROR,
193 assert(sock_len == sizeof(err));
195 /* Error while connecting? */
196 if ((res != 0) || (err != 0)) {
198 Log(LOG_CRIT, "getsockopt (connection %d): %s!",
199 idx, strerror(errno));
202 "Can't connect socket to \"%s:%d\" (connection %d): %s!",
203 My_Connections[idx].host, Conf_Server[server].port,
206 Conn_Close(idx, "Can't connect!", NULL, false);
208 if (ng_ipaddr_af(&Conf_Server[server].dst_addr[0])) {
209 /* more addresses to try... */
210 New_Server(res, &Conf_Server[server].dst_addr[0]);
211 /* connection to dst_addr[0] is now in progress, so
212 * remove this address... */
213 Conf_Server[server].dst_addr[0] =
214 Conf_Server[server].dst_addr[1];
215 memset(&Conf_Server[server].dst_addr[1], 0,
216 sizeof(Conf_Server[server].dst_addr[1]));
221 /* connect() succeeded, remove all additional addresses */
222 memset(&Conf_Server[server].dst_addr, 0,
223 sizeof(Conf_Server[server].dst_addr));
225 Conn_OPTION_DEL( &My_Connections[idx], CONN_ISCONNECTING );
227 if ( Conn_OPTION_ISSET( &My_Connections[idx], CONN_SSL_CONNECT )) {
228 io_event_setcb( sock, cb_connserver_login_ssl );
229 io_event_add( sock, IO_WANTWRITE|IO_WANTREAD );
238 * Login to a remote server.
239 * @param idx Connection index
242 server_login(CONN_ID idx)
244 Log( LOG_INFO, "Connection %d with \"%s:%d\" established. Now logging in ...", idx,
245 My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port );
247 io_event_setcb( My_Connections[idx].sock, cb_clientserver);
248 io_event_add( My_Connections[idx].sock, IO_WANTREAD|IO_WANTWRITE);
250 /* Send PASS and SERVER command to peer */
251 Conn_WriteStr( idx, "PASS %s %s", Conf_Server[Conf_GetServer( idx )].pwd_out, NGIRCd_ProtoID );
252 Conn_WriteStr( idx, "SERVER %s :%s", Conf_ServerName, Conf_ServerInfo );
258 * IO callback for new outgoing SSL-enabled server connections.
259 * @param sock Socket descriptor
260 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
263 cb_connserver_login_ssl(int sock, short unused)
265 CONN_ID idx = Socket2Index(sock);
273 switch (ConnSSL_Connect( &My_Connections[idx])) {
275 case 0: LogDebug("ConnSSL_Connect: not ready");
278 Log(LOG_ERR, "SSL connection on socket %d failed!", sock);
279 Conn_Close(idx, "Can't connect!", NULL, false);
283 Log( LOG_INFO, "SSL connection %d with \"%s:%d\" established.", idx,
284 My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port );
292 * IO callback for established non-SSL client and server connections.
293 * @param sock Socket descriptor
294 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
297 cb_clientserver(int sock, short what)
299 CONN_ID idx = Socket2Index(sock);
308 if (what & IO_WANTREAD
309 || (Conn_OPTION_ISSET(&My_Connections[idx], CONN_SSL_WANT_WRITE))) {
310 /* if TLS layer needs to write additional data, call
311 * Read_Request() instead so that SSL/TLS can continue */
315 if (what & IO_WANTREAD)
318 if (what & IO_WANTWRITE)
325 * IO callback for established SSL-enabled client and server connections.
326 * @param sock Socket descriptor
327 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
330 cb_clientserver_ssl(int sock, short what)
332 CONN_ID idx = Socket2Index(sock);
341 switch (ConnSSL_Accept(&My_Connections[idx])) {
345 return; /* EAGAIN: callback will be invoked again by IO layer */
347 Conn_Close(idx, "SSL accept error, closing socket", "SSL accept error", false);
350 if (what & IO_WANTREAD)
353 if (what & IO_WANTWRITE)
356 io_event_setcb(sock, cb_clientserver); /* SSL handshake completed */
362 * Initialite connecion module.
369 /* Speicher fuer Verbindungs-Pool anfordern */
370 Pool_Size = CONNECTION_POOL;
371 if ((Conf_MaxConnections > 0) &&
372 (Pool_Size > Conf_MaxConnections))
373 Pool_Size = Conf_MaxConnections;
375 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)Pool_Size)) {
376 Log(LOG_EMERG, "Can't allocate memory! [Conn_Init]");
380 /* FIXME: My_Connetions/Pool_Size is needed by other parts of the
381 * code; remove them! */
382 My_Connections = (CONNECTION*) array_start(&My_ConnArray);
384 LogDebug("Allocated connection pool for %d items (%ld bytes).",
385 array_length(&My_ConnArray, sizeof(CONNECTION)),
386 array_bytes(&My_ConnArray));
388 assert(array_length(&My_ConnArray, sizeof(CONNECTION)) >= (size_t)Pool_Size);
390 array_free( &My_Listeners );
392 for (i = 0; i < Pool_Size; i++)
398 * Clean up connection module.
405 Conn_ExitListeners();
407 LogDebug("Shutting down all connections ..." );
408 for( idx = 0; idx < Pool_Size; idx++ ) {
409 if( My_Connections[idx].sock > NONE ) {
410 Conn_Close( idx, NULL, NGIRCd_SignalRestart ?
411 "Server going down (restarting)":"Server going down", true );
415 array_free(&My_ConnArray);
416 My_Connections = NULL;
418 io_library_shutdown();
423 * Close all sockets (file descriptors) of open connections.
424 * This is useful in forked child processes, for example, to make sure that
425 * they don't hold connections open that the main process wants to close.
428 Conn_CloseAllSockets(void)
432 for(idx = 0; idx < Pool_Size; idx++) {
433 if(My_Connections[idx].sock > NONE)
434 close(My_Connections[idx].sock);
440 ports_initlisteners(array *a, const char *listen_addr, void (*func)(int,short))
442 unsigned int created = 0;
447 len = array_length(a, sizeof (UINT16));
448 port = array_start(a);
450 fd = NewListener(listen_addr, *port);
455 if (!io_event_create( fd, IO_WANTREAD, func )) {
456 Log( LOG_ERR, "io_event_create(): Could not add listening fd %d (port %u): %s!",
457 fd, (unsigned int) *port, strerror(errno));
470 * Initialize all listening sockets.
471 * @return Number of created listening sockets
474 Conn_InitListeners( void )
476 /* Initialize ports on which the server should accept connections */
477 unsigned int created = 0;
478 char *copy, *listen_addr;
480 if (!io_library_init(CONNECTION_POOL)) {
481 Log(LOG_EMERG, "Cannot initialize IO routines: %s", strerror(errno));
485 assert(Conf_ListenAddress);
487 /* can't use Conf_ListenAddress directly, see below */
488 copy = strdup(Conf_ListenAddress);
490 Log(LOG_CRIT, "Cannot copy %s: %s", Conf_ListenAddress, strerror(errno));
493 listen_addr = strtok(copy, ",");
495 while (listen_addr) {
496 ngt_TrimStr(listen_addr);
498 created += ports_initlisteners(&Conf_ListenPorts, listen_addr, cb_listen);
500 created += ports_initlisteners(&Conf_SSLOptions.ListenPorts, listen_addr, cb_listen_ssl);
504 listen_addr = strtok(NULL, ",");
507 /* Can't free() Conf_ListenAddress here: on REHASH, if the config file
508 * cannot be re-loaded, we'd end up with a NULL Conf_ListenAddress.
509 * Instead, free() takes place in conf.c, before the config file
510 * is being parsed. */
514 } /* Conn_InitListeners */
518 Conn_ExitListeners( void )
520 /* Close down all listening sockets */
524 Rendezvous_UnregisterListeners( );
527 arraylen = array_length(&My_Listeners, sizeof (int));
529 "Shutting down all listening sockets (%d total) ...", arraylen);
530 fd = array_start(&My_Listeners);
535 LogDebug("Listening socket %d closed.", *fd );
538 array_free(&My_Listeners);
539 } /* Conn_ExitListeners */
543 InitSinaddrListenAddr(ng_ipaddr_t *addr, const char *listen_addrstr, UINT16 Port)
547 ret = ng_ipaddr_init(addr, listen_addrstr, Port);
549 assert(listen_addrstr);
550 Log(LOG_CRIT, "Can't bind to [%s]:%u: can't convert ip address \"%s\"",
551 listen_addrstr, Port, listen_addrstr);
558 set_v6_only(int af, int sock)
560 #if defined(IPV6_V6ONLY) && defined(WANT_IPV6)
566 if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, (socklen_t)sizeof(on)))
567 Log(LOG_ERR, "Could not set IPV6_V6ONLY: %s", strerror(errno));
575 /* return new listening port file descriptor or -1 on failure */
577 NewListener(const char *listen_addr, UINT16 Port)
579 /* Create new listening socket on specified port */
583 char name[CLIENT_ID_LEN], *info;
585 if (!InitSinaddrListenAddr(&addr, listen_addr, Port))
588 af = ng_ipaddr_af(&addr);
589 sock = socket(af, SOCK_STREAM, 0);
591 Log(LOG_CRIT, "Can't create socket (af %d) : %s!", af, strerror(errno));
595 set_v6_only(af, sock);
597 if (!Init_Socket(sock))
600 if (bind(sock, (struct sockaddr *)&addr, ng_ipaddr_salen(&addr)) != 0) {
601 Log(LOG_CRIT, "Can't bind socket to address %s:%d - %s",
602 ng_ipaddr_tostr(&addr), Port, strerror(errno));
607 if( listen( sock, 10 ) != 0 ) {
608 Log( LOG_CRIT, "Can't listen on socket: %s!", strerror( errno ));
613 /* keep fd in list so we can close it when ngircd restarts/shuts down */
614 if (!array_catb( &My_Listeners,(char*) &sock, sizeof(int) )) {
615 Log( LOG_CRIT, "Can't add socket to My_Listeners array: %s!", strerror( errno ));
620 Log(LOG_INFO, "Now listening on [%s]:%d (socket %d).", ng_ipaddr_tostr(&addr), Port, sock);
623 /* Get best server description text */
624 if( ! Conf_ServerInfo[0] ) info = Conf_ServerName;
627 /* Use server info string */
629 if( Conf_ServerInfo[0] == '[' )
631 /* Cut off leading hostname part in "[]" */
632 info = strchr( Conf_ServerInfo, ']' );
636 while( *info == ' ' ) info++;
639 if( ! info ) info = Conf_ServerInfo;
642 /* Add port number to description if non-standard */
644 snprintf(name, sizeof name, "%s (port %u)", info,
647 strlcpy(name, info, sizeof name);
649 /* Register service */
650 Rendezvous_Register( name, MDNS_TYPE, Port );
658 * SSL/TLS connections require extra treatment:
659 * When either CONN_SSL_WANT_WRITE or CONN_SSL_WANT_READ is set, we
660 * need to take care of that first, before checking read/write buffers.
661 * For instance, while we might have data in our write buffer, the
662 * TLS/SSL protocol might need to read internal data first for TLS/SSL
665 * If this function returns true, such a condition is met and we have
666 * to reverse the condition (check for read even if we've data to write,
667 * do not check for read but writeability even if write-buffer is empty).
670 SSL_WantRead(const CONNECTION *c)
672 if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_READ)) {
673 io_event_add(c->sock, IO_WANTREAD);
679 SSL_WantWrite(const CONNECTION *c)
681 if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_WRITE)) {
682 io_event_add(c->sock, IO_WANTWRITE);
689 SSL_WantRead(UNUSED const CONNECTION *c) { return false; }
691 SSL_WantWrite(UNUSED const CONNECTION *c) { return false; }
696 * "Main Loop": Loop until shutdown or restart is signalled.
697 * This function loops until a shutdown or restart of ngIRCd is signalled and
698 * calls io_dispatch() to check for readable and writable sockets every second.
699 * It checks for status changes on pending connections (e. g. when a hostname
700 * has been resolved), checks for "penalties" and timeouts, and handles the
707 unsigned int wdatalen, bytes_processed;
711 while (!NGIRCd_SignalQuit && !NGIRCd_SignalRestart) {
715 Rendezvous_Handler();
718 /* Should the configuration be reloaded? */
719 if (NGIRCd_SignalRehash)
722 /* Check configured servers and established links */
726 /* Look for non-empty read buffers ... */
727 for (i = 0; i < Pool_Size; i++) {
728 if ((My_Connections[i].sock > NONE)
729 && (array_bytes(&My_Connections[i].rbuf) > 0)
730 && (My_Connections[i].delaytime <= t)) {
731 /* ... and try to handle the received data */
732 bytes_processed = Handle_Buffer(i);
733 /* if we processed data, and there might be
734 * more commands in the input buffer, do not
735 * try to read any more data now */
736 if (bytes_processed &&
737 array_bytes(&My_Connections[i].rbuf) > 2) {
739 ("Throttling connection %d: command limit reached!",
741 Conn_SetPenalty(i, 1);
746 /* Look for non-empty write buffers ... */
747 for (i = 0; i < Pool_Size; i++) {
748 if (My_Connections[i].sock <= NONE)
751 wdatalen = (unsigned int)array_bytes(&My_Connections[i].wbuf);
754 array_bytes(&My_Connections[i].zip.wbuf) > 0)
759 if (SSL_WantRead(&My_Connections[i]))
761 io_event_add(My_Connections[i].sock,
766 /* Check from which sockets we possibly could read ... */
767 for (i = 0; i < Pool_Size; i++) {
768 if (My_Connections[i].sock <= NONE)
771 if (SSL_WantWrite(&My_Connections[i]))
772 continue; /* TLS/SSL layer needs to write data; deal with this first */
774 if (Proc_InProgress(&My_Connections[i].proc_stat)) {
775 /* Wait for completion of forked subprocess
776 * and ignore the socket in the meantime ... */
777 io_event_del(My_Connections[i].sock,
782 if (Conn_OPTION_ISSET(&My_Connections[i], CONN_ISCONNECTING))
783 /* Wait for completion of connect() ... */
786 if (My_Connections[i].delaytime > t) {
787 /* There is a "penalty time" set: ignore socket! */
788 io_event_del(My_Connections[i].sock,
793 io_event_add(My_Connections[i].sock, IO_WANTREAD);
796 /* Set the timeout for reading from the network to 1 second,
797 * which is the granularity with witch we handle "penalty
798 * times" for example.
799 * Note: tv_sec/usec are undefined(!) after io_dispatch()
800 * returns, so we have to set it beforce each call to it! */
804 /* Wait for activity ... */
805 i = io_dispatch(&tv);
806 if (i == -1 && errno != EINTR) {
807 Log(LOG_EMERG, "Conn_Handler(): io_dispatch(): %s!",
809 Log(LOG_ALERT, "%s exiting due to fatal errors!",
815 if (NGIRCd_SignalQuit)
816 Log(LOG_NOTICE | LOG_snotice, "Server going down NOW!");
817 else if (NGIRCd_SignalRestart)
818 Log(LOG_NOTICE | LOG_snotice, "Server restarting NOW!");
823 * Write a text string into the socket of a connection.
824 * This function automatically appends CR+LF to the string and validates that
825 * the result is a valid IRC message (oversized messages are shortened, for
826 * example). Then it calls the Conn_Write() function to do the actual sending.
827 * @param Idx Index fo the connection.
828 * @param Format Format string, see printf().
829 * @return true on success, false otherwise.
833 Conn_WriteStr(CONN_ID Idx, const char *Format, ...)
836 Conn_WriteStr(Idx, Format, va_alist)
842 char buffer[COMMAND_LEN];
847 assert( Idx > NONE );
848 assert( Format != NULL );
851 va_start( ap, Format );
855 if (vsnprintf( buffer, COMMAND_LEN - 2, Format, ap ) >= COMMAND_LEN - 2 ) {
857 * The string that should be written to the socket is longer
858 * than the allowed size of COMMAND_LEN bytes (including both
859 * the CR and LF characters). This can be caused by the
860 * IRC_WriteXXX() functions when the prefix of this server had
861 * to be added to an already "quite long" command line which
862 * has been received from a regular IRC client, for example.
864 * We are not allowed to send such "oversized" messages to
865 * other servers and clients, see RFC 2812 2.3 and 2813 3.3
866 * ("these messages SHALL NOT exceed 512 characters in length,
867 * counting all characters including the trailing CR-LF").
869 * So we have a big problem here: we should send more bytes
870 * to the network than we are allowed to and we don't know
871 * the originator (any more). The "old" behaviour of blaming
872 * the receiver ("next hop") is a bad idea (it could be just
873 * an other server only routing the message!), so the only
874 * option left is to shorten the string and to hope that the
875 * result is still somewhat useful ...
879 strcpy (buffer + sizeof(buffer) - strlen(CUT_TXTSUFFIX) - 2 - 1,
885 Log(LOG_DEBUG, " -> connection %d: '%s'.", Idx, buffer);
888 len = strlcat( buffer, "\r\n", sizeof( buffer ));
889 ok = Conn_Write(Idx, buffer, len);
890 My_Connections[Idx].msg_out++;
894 } /* Conn_WriteStr */
898 * Append Data to the outbound write buffer of a connection.
899 * @param Idx Index of the connection.
900 * @param Data pointer to the data.
901 * @param Len length of Data.
902 * @return true on success, false otherwise.
905 Conn_Write( CONN_ID Idx, char *Data, size_t Len )
908 size_t writebuf_limit = WRITEBUFFER_LEN;
909 assert( Idx > NONE );
910 assert( Data != NULL );
913 c = Conn_GetClient(Idx);
916 /* Servers do get special write buffer limits, so they can generate
917 * all the messages that are required while peering. */
918 if (Client_Type(c) == CLIENT_SERVER)
919 writebuf_limit = WRITEBUFFER_SLINK_LEN;
921 /* Is the socket still open? A previous call to Conn_Write()
922 * may have closed the connection due to a fatal error.
923 * In this case it is sufficient to return an error, as well. */
924 if( My_Connections[Idx].sock <= NONE ) {
925 LogDebug("Skipped write on closed socket (connection %d).", Idx);
930 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
932 * Zip_Buffer() does all the dirty work for us: it flushes
933 * the (pre-)compression buffers if required and handles
934 * all error conditions. */
935 if (!Zip_Buffer(Idx, Data, Len))
941 /* Uncompressed link:
942 * Check if outbound buffer has enough space for the data. */
943 if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
945 /* Buffer is full, flush it. Handle_Write deals with
946 * low-level errors, if any. */
947 if (!Handle_Write(Idx))
951 /* When the write buffer is still too big after flushing it,
952 * the connection will be killed. */
953 if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
956 "Write buffer overflow (connection %d, size %lu byte)!",
958 (unsigned long)array_bytes(&My_Connections[Idx].wbuf));
959 Conn_Close(Idx, "Write buffer overflow!", NULL, false);
963 /* Copy data to write buffer */
964 if (!array_catb(&My_Connections[Idx].wbuf, Data, Len))
967 My_Connections[Idx].bytes_out += Len;
970 /* Adjust global write counter */
978 Conn_Close( CONN_ID Idx, const char *LogMsg, const char *FwdMsg, bool InformClient )
980 /* Close connection. Open pipes of asyncronous resolver
981 * sub-processes are closed down. */
987 double in_z_k, out_z_k;
991 assert( Idx > NONE );
993 /* Is this link already shutting down? */
994 if( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ISCLOSING )) {
995 /* Conn_Close() has been called recursively for this link;
996 * probabe reason: Handle_Write() failed -- see below. */
997 LogDebug("Recursive request to close connection: %d", Idx );
1001 assert( My_Connections[Idx].sock > NONE );
1003 /* Mark link as "closing" */
1004 Conn_OPTION_ADD( &My_Connections[Idx], CONN_ISCLOSING );
1006 port = ng_ipaddr_getport(&My_Connections[Idx].addr);
1007 Log(LOG_INFO, "Shutting down connection %d (%s) with %s:%d ...", Idx,
1008 LogMsg ? LogMsg : FwdMsg, My_Connections[Idx].host, port);
1010 /* Search client, if any */
1011 c = Conn_GetClient( Idx );
1013 /* Should the client be informed? */
1016 /* Send statistics to client if registered as user: */
1017 if ((c != NULL) && (Client_Type(c) == CLIENT_USER)) {
1019 ":%s NOTICE %s :%sConnection statistics: client %.1f kb, server %.1f kb.",
1020 Client_ID(Client_ThisServer()), Client_ID(c),
1022 (double)My_Connections[Idx].bytes_in / 1024,
1023 (double)My_Connections[Idx].bytes_out / 1024);
1026 /* Send ERROR to client (see RFC 2812, section 3.1.7) */
1028 Conn_WriteStr(Idx, "ERROR :%s", FwdMsg);
1030 Conn_WriteStr(Idx, "ERROR :Closing connection.");
1033 /* Try to write out the write buffer. Note: Handle_Write() eventually
1034 * removes the CLIENT structure associated with this connection if an
1035 * error occurs! So we have to re-check if there is still an valid
1036 * CLIENT structure after calling Handle_Write() ...*/
1037 (void)Handle_Write( Idx );
1039 /* Search client, if any (re-check!) */
1040 c = Conn_GetClient( Idx );
1042 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
1043 Log(LOG_INFO, "SSL connection %d shutting down ...", Idx);
1044 ConnSSL_Free(&My_Connections[Idx]);
1047 /* Shut down socket */
1048 if (! io_close(My_Connections[Idx].sock)) {
1049 /* Oops, we can't close the socket!? This is ... ugly! */
1051 "Error closing connection %d (socket %d) with %s:%d - %s! (ignored)",
1052 Idx, My_Connections[Idx].sock, My_Connections[Idx].host,
1053 port, strerror(errno));
1056 /* Mark socket as invalid: */
1057 My_Connections[Idx].sock = NONE;
1059 /* If there is still a client, unregister it now */
1061 Client_Destroy(c, LogMsg, FwdMsg, true);
1063 /* Calculate statistics and log information */
1064 in_k = (double)My_Connections[Idx].bytes_in / 1024;
1065 out_k = (double)My_Connections[Idx].bytes_out / 1024;
1067 if (Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP)) {
1068 in_z_k = (double)My_Connections[Idx].zip.bytes_in / 1024;
1069 out_z_k = (double)My_Connections[Idx].zip.bytes_out / 1024;
1070 /* Make sure that no division by zero can occur during
1071 * the calculation of in_p and out_p: in_z_k and out_z_k
1072 * are non-zero, that's guaranteed by the protocol until
1073 * compression can be enabled. */
1078 in_p = (int)(( in_k * 100 ) / in_z_k );
1079 out_p = (int)(( out_k * 100 ) / out_z_k );
1081 "Connection %d with %s:%d closed (in: %.1fk/%.1fk/%d%%, out: %.1fk/%.1fk/%d%%).",
1082 Idx, My_Connections[Idx].host, port,
1083 in_k, in_z_k, in_p, out_k, out_z_k, out_p);
1089 "Connection %d with %s:%d closed (in: %.1fk, out: %.1fk).",
1090 Idx, My_Connections[Idx].host, port,
1094 /* Servers: Modify time of next connect attempt? */
1095 Conf_UnsetServer( Idx );
1098 /* Clean up zlib, if link was compressed */
1099 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
1100 inflateEnd( &My_Connections[Idx].zip.in );
1101 deflateEnd( &My_Connections[Idx].zip.out );
1102 array_free(&My_Connections[Idx].zip.rbuf);
1103 array_free(&My_Connections[Idx].zip.wbuf);
1107 array_free(&My_Connections[Idx].rbuf);
1108 array_free(&My_Connections[Idx].wbuf);
1110 /* Clean up connection structure (=free it) */
1111 Init_Conn_Struct( Idx );
1113 assert(NumConnections > 0);
1116 LogDebug("Shutdown of connection %d completed, %ld connection%s left.",
1117 Idx, NumConnections, NumConnections != 1 ? "s" : "");
1124 return NumConnections;
1131 return NumConnectionsMax;
1132 } /* Conn_CountMax */
1136 Conn_CountAccepted(void)
1138 return NumConnectionsAccepted;
1139 } /* Conn_CountAccepted */
1143 Conn_SyncServerStruct( void )
1145 /* Synchronize server structures (connection IDs):
1146 * connections <-> configuration */
1152 for( i = 0; i < Pool_Size; i++ ) {
1153 /* Established connection? */
1154 if (My_Connections[i].sock < 0)
1157 /* Server connection? */
1158 client = Conn_GetClient( i );
1159 if(( ! client ) || ( Client_Type( client ) != CLIENT_SERVER )) continue;
1161 for( c = 0; c < MAX_SERVERS; c++ )
1163 /* Configured server? */
1164 if( ! Conf_Server[c].host[0] ) continue;
1167 if( strcmp( Conf_Server[c].name, Client_ID( client )) == 0 )
1168 Conf_Server[c].conn_id = i;
1171 } /* SyncServerStruct */
1175 * Send out data of write buffer; connect new sockets.
1178 Handle_Write( CONN_ID Idx )
1183 assert( Idx > NONE );
1184 if ( My_Connections[Idx].sock < 0 ) {
1185 LogDebug("Handle_Write() on closed socket, connection %d", Idx);
1188 assert( My_Connections[Idx].sock > NONE );
1190 wdatalen = array_bytes(&My_Connections[Idx].wbuf );
1193 if (wdatalen == 0) {
1194 /* Write buffer is empty, so we try to flush the compression
1195 * buffer and get some data to work with from there :-) */
1196 if (!Zip_Flush(Idx))
1199 /* Now the write buffer most probably has changed: */
1200 wdatalen = array_bytes(&My_Connections[Idx].wbuf);
1204 if (wdatalen == 0) {
1205 /* Still no data, fine. */
1206 io_event_del(My_Connections[Idx].sock, IO_WANTWRITE );
1211 ("Handle_Write() called for connection %d, %ld bytes pending ...",
1215 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
1216 len = ConnSSL_Write(&My_Connections[Idx], array_start(&My_Connections[Idx].wbuf), wdatalen);
1220 len = write(My_Connections[Idx].sock,
1221 array_start(&My_Connections[Idx].wbuf), wdatalen );
1224 if (errno == EAGAIN || errno == EINTR)
1227 Log(LOG_ERR, "Write error on connection %d (socket %d): %s!",
1228 Idx, My_Connections[Idx].sock, strerror(errno));
1229 Conn_Close(Idx, "Write error!", NULL, false);
1233 /* move any data not yet written to beginning */
1234 array_moveleft(&My_Connections[Idx].wbuf, 1, (size_t)len);
1237 } /* Handle_Write */
1241 Count_Connections(ng_ipaddr_t *a)
1246 for (i = 0; i < Pool_Size; i++) {
1247 if (My_Connections[i].sock <= NONE)
1249 if (ng_ipaddr_ipequal(&My_Connections[i].addr, a))
1253 } /* Count_Connections */
1257 * Initialize new client connection on a listening socket.
1258 * @param Sock Listening socket descriptor
1259 * @return Accepted socket descriptor or -1 on error
1262 New_Connection(int Sock)
1265 struct request_info req;
1267 ng_ipaddr_t new_addr;
1268 char ip_str[NG_INET_ADDRSTRLEN];
1269 int new_sock, new_sock_len, identsock;
1273 assert(Sock > NONE);
1275 new_sock_len = (int)sizeof(new_addr);
1276 new_sock = accept(Sock, (struct sockaddr *)&new_addr,
1277 (socklen_t *)&new_sock_len);
1279 Log(LOG_CRIT, "Can't accept connection: %s!", strerror(errno));
1282 NumConnectionsAccepted++;
1284 if (!ng_ipaddr_tostr_r(&new_addr, ip_str)) {
1285 Log(LOG_CRIT, "fd %d: Can't convert IP address!", new_sock);
1286 Simple_Message(new_sock, "ERROR :Internal Server Error");
1292 /* Validate socket using TCP Wrappers */
1293 request_init(&req, RQ_DAEMON, PACKAGE_NAME, RQ_FILE, new_sock,
1294 RQ_CLIENT_SIN, &new_addr, NULL);
1296 if (!hosts_access(&req)) {
1298 "Refused connection from %s (by TCP Wrappers)!", ip_str);
1299 Simple_Message(new_sock, "ERROR :Connection refused");
1305 if (!Init_Socket(new_sock))
1308 /* Check global connection limit */
1309 if ((Conf_MaxConnections > 0) &&
1310 (NumConnections >= (size_t) Conf_MaxConnections)) {
1311 Log(LOG_ALERT, "Can't accept connection: limit (%d) reached!",
1312 Conf_MaxConnections);
1313 Simple_Message(new_sock, "ERROR :Connection limit reached");
1318 /* Check IP-based connection limit */
1319 cnt = Count_Connections(&new_addr);
1320 if ((Conf_MaxConnectionsIP > 0) && (cnt >= Conf_MaxConnectionsIP)) {
1321 /* Access denied, too many connections from this IP address! */
1323 "Refused connection from %s: too may connections (%ld) from this IP address!",
1325 Simple_Message(new_sock,
1326 "ERROR :Connection refused, too many connections from your IP address!");
1331 if (new_sock >= Pool_Size) {
1332 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION),
1333 (size_t) new_sock)) {
1335 "Can't allocate memory! [New_Connection]");
1336 Simple_Message(new_sock, "ERROR: Internal error");
1340 LogDebug("Bumped connection pool to %ld items (internal: %ld items, %ld bytes)",
1341 new_sock, array_length(&My_ConnArray,
1342 sizeof(CONNECTION)), array_bytes(&My_ConnArray));
1344 /* Adjust pointer to new block */
1345 My_Connections = array_start(&My_ConnArray);
1346 while (Pool_Size <= new_sock)
1347 Init_Conn_Struct(Pool_Size++);
1350 /* register callback */
1351 if (!io_event_create(new_sock, IO_WANTREAD, cb_clientserver)) {
1353 "Can't accept connection: io_event_create failed!");
1354 Simple_Message(new_sock, "ERROR :Internal error");
1359 c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWN, false);
1362 "Can't accept connection: can't create client structure!");
1363 Simple_Message(new_sock, "ERROR :Internal error");
1368 Init_Conn_Struct(new_sock);
1369 My_Connections[new_sock].sock = new_sock;
1370 My_Connections[new_sock].addr = new_addr;
1371 My_Connections[new_sock].client = c;
1373 /* Set initial hostname to IP address. This becomes overwritten when
1374 * the DNS lookup is enabled and succeeds, but is used otherwise. */
1375 if (ng_ipaddr_af(&new_addr) != AF_INET)
1376 snprintf(My_Connections[new_sock].host,
1377 sizeof(My_Connections[new_sock].host), "[%s]", ip_str);
1379 strlcpy(My_Connections[new_sock].host, ip_str,
1380 sizeof(My_Connections[new_sock].host));
1382 Client_SetHostname(c, My_Connections[new_sock].host);
1384 Log(LOG_INFO, "Accepted connection %d from %s:%d on socket %d.",
1385 new_sock, My_Connections[new_sock].host,
1386 ng_ipaddr_getport(&new_addr), Sock);
1388 identsock = new_sock;
1394 Resolve_Addr(&My_Connections[new_sock].proc_stat, &new_addr,
1395 identsock, cb_Read_Resolver_Result);
1397 Account_Connection();
1399 } /* New_Connection */
1403 Account_Connection(void)
1406 if (NumConnections > NumConnectionsMax)
1407 NumConnectionsMax = NumConnections;
1408 LogDebug("Total number of connections now %lu (max %lu).",
1409 NumConnections, NumConnectionsMax);
1410 } /* Account_Connection */
1414 Socket2Index( int Sock )
1416 assert( Sock >= 0 );
1418 if( Sock >= Pool_Size || My_Connections[Sock].sock != Sock ) {
1419 /* the Connection was already closed again, likely due to
1421 LogDebug("Socket2Index: can't get connection for socket %d!", Sock);
1425 } /* Socket2Index */
1429 * Read data from the network to the read buffer. If an error occures,
1430 * the socket of this connection will be shut down.
1433 Read_Request( CONN_ID Idx )
1436 static const unsigned int maxbps = COMMAND_LEN / 2;
1437 char readbuf[READBUFFER_LEN];
1440 assert( Idx > NONE );
1441 assert( My_Connections[Idx].sock > NONE );
1444 if ((array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN) ||
1445 (array_bytes(&My_Connections[Idx].zip.rbuf) >= READBUFFER_LEN))
1447 if (array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN)
1450 /* Read buffer is full */
1452 "Receive buffer overflow (connection %d): %d bytes!",
1453 Idx, array_bytes(&My_Connections[Idx].rbuf));
1454 Conn_Close( Idx, "Receive buffer overflow!", NULL, false );
1459 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL))
1460 len = ConnSSL_Read( &My_Connections[Idx], readbuf, sizeof(readbuf));
1463 len = read(My_Connections[Idx].sock, readbuf, sizeof(readbuf));
1465 Log(LOG_INFO, "%s:%u (%s) is closing the connection ...",
1466 My_Connections[Idx].host,
1467 (unsigned int) ng_ipaddr_getport(&My_Connections[Idx].addr),
1468 ng_ipaddr_tostr(&My_Connections[Idx].addr));
1470 "Socket closed!", "Client closed connection",
1476 if( errno == EAGAIN ) return;
1477 Log(LOG_ERR, "Read error on connection %d (socket %d): %s!",
1478 Idx, My_Connections[Idx].sock, strerror(errno));
1479 Conn_Close(Idx, "Read error!", "Client closed connection",
1484 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
1485 if (!array_catb(&My_Connections[Idx].zip.rbuf, readbuf,
1488 "Could not append recieved data to zip input buffer (connn %d): %d bytes!",
1490 Conn_Close(Idx, "Receive buffer overflow!", NULL,
1497 if (!array_catb( &My_Connections[Idx].rbuf, readbuf, len)) {
1498 Log( LOG_ERR, "Could not append recieved data to input buffer (connn %d): %d bytes!", Idx, len );
1499 Conn_Close( Idx, "Receive buffer overflow!", NULL, false );
1503 /* Update connection statistics */
1504 My_Connections[Idx].bytes_in += len;
1506 /* Update timestamp of last data received if this connection is
1507 * registered as a user, server or service connection. Don't update
1508 * otherwise, so users have at least Conf_PongTimeout seconds time to
1509 * register with the IRC server -- see Check_Connections().
1510 * Update "lastping", too, if time shifted backwards ... */
1511 c = Conn_GetClient(Idx);
1512 if (c && (Client_Type(c) == CLIENT_USER
1513 || Client_Type(c) == CLIENT_SERVER
1514 || Client_Type(c) == CLIENT_SERVICE)) {
1516 if (My_Connections[Idx].lastdata != t)
1517 My_Connections[Idx].bps = 0;
1519 My_Connections[Idx].lastdata = t;
1520 if (My_Connections[Idx].lastping > t)
1521 My_Connections[Idx].lastping = t;
1524 /* Look at the data in the (read-) buffer of this connection */
1525 My_Connections[Idx].bps += Handle_Buffer(Idx);
1526 if (Client_Type(c) != CLIENT_SERVER
1527 && My_Connections[Idx].bps >= maxbps) {
1528 LogDebug("Throttling connection %d: BPS exceeded! (%u >= %u)",
1529 Idx, My_Connections[Idx].bps, maxbps);
1530 Conn_SetPenalty(Idx, 1);
1532 } /* Read_Request */
1536 * Handle all data in the connection read-buffer.
1537 * Data is processed until no complete command is left in the read buffer,
1538 * or MAX_COMMANDS[_SERVER] commands were processed.
1539 * When a fatal error occurs, the connection is shut down.
1540 * @param Idx Index of the connection.
1541 * @return number of bytes processed.
1544 Handle_Buffer(CONN_ID Idx)
1547 char *ptr1, *ptr2, *first_eol;
1555 unsigned int i, maxcmd = MAX_COMMANDS, len_processed = 0;
1558 c = Conn_GetClient(Idx);
1561 /* Servers do get special command limits, so they can process
1562 * all the messages that are required while peering. */
1563 if (Client_Type(c) == CLIENT_SERVER)
1564 maxcmd = MAX_COMMANDS_SERVER;
1566 starttime = time(NULL);
1567 for (i=0; i < maxcmd; i++) {
1569 if (My_Connections[Idx].delaytime > starttime)
1572 /* Unpack compressed data, if compression is in use */
1573 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
1574 /* When unzipping fails, Unzip_Buffer() shuts
1575 * down the connection itself */
1576 if (!Unzip_Buffer(Idx))
1581 if (0 == array_bytes(&My_Connections[Idx].rbuf))
1584 /* Make sure that the buffer is NULL terminated */
1585 if (!array_cat0_temporary(&My_Connections[Idx].rbuf)) {
1586 Conn_Close(Idx, NULL,
1587 "Can't allocate memory [Handle_Buffer]",
1592 /* RFC 2812, section "2.3 Messages", 5th paragraph:
1593 * "IRC messages are always lines of characters terminated
1594 * with a CR-LF (Carriage Return - Line Feed) pair [...]". */
1596 ptr = strstr(array_start(&My_Connections[Idx].rbuf), "\r\n");
1599 /* Check for non-RFC-compliant request (only CR or LF)?
1600 * Unfortunately, there are quite a few clients out there
1601 * that do this -- e. g. mIRC, BitchX, and Trillian :-( */
1602 ptr1 = strchr(array_start(&My_Connections[Idx].rbuf), '\r');
1603 ptr2 = strchr(array_start(&My_Connections[Idx].rbuf), '\n');
1605 /* Check if there is a single CR or LF _before_ the
1606 * corerct CR+LF line terminator: */
1607 first_eol = ptr1 < ptr2 ? ptr1 : ptr2;
1608 if (first_eol < ptr) {
1609 /* Single CR or LF before CR+LF found */
1613 } else if (ptr1 || ptr2) {
1614 /* No CR+LF terminated command found, but single
1615 * CR or LF found ... */
1617 ptr = ptr1 < ptr2 ? ptr1 : ptr2;
1619 ptr = ptr1 ? ptr1 : ptr2;
1627 /* Complete (=line terminated) request found, handle it! */
1630 len = ptr - (char *)array_start(&My_Connections[Idx].rbuf) + delta;
1632 if (len > (COMMAND_LEN - 1)) {
1633 /* Request must not exceed 512 chars (incl. CR+LF!),
1634 * see RFC 2812. Disconnect Client if this happens. */
1636 "Request too long (connection %d): %d bytes (max. %d expected)!",
1637 Idx, array_bytes(&My_Connections[Idx].rbuf),
1639 Conn_Close(Idx, NULL, "Request too long", true);
1643 len_processed += (unsigned int)len;
1645 /* Request is empty (only '\r\n', '\r' or '\n');
1646 * delta is 2 ('\r\n') or 1 ('\r' or '\n'), see above */
1647 array_moveleft(&My_Connections[Idx].rbuf, 1, len);
1651 /* remember if stream is already compressed */
1652 old_z = My_Connections[Idx].options & CONN_ZIP;
1655 My_Connections[Idx].msg_in++;
1657 (Idx, (char *)array_start(&My_Connections[Idx].rbuf)))
1658 return 0; /* error -> connection has been closed */
1660 array_moveleft(&My_Connections[Idx].rbuf, 1, len);
1661 LogDebug("Connection %d: %d bytes left in read buffer.",
1662 Idx, array_bytes(&My_Connections[Idx].rbuf));
1664 if ((!old_z) && (My_Connections[Idx].options & CONN_ZIP) &&
1665 (array_bytes(&My_Connections[Idx].rbuf) > 0)) {
1666 /* The last command activated socket compression.
1667 * Data that was read after that needs to be copied
1668 * to the unzip buffer for decompression: */
1670 (&My_Connections[Idx].zip.rbuf,
1671 &My_Connections[Idx].rbuf)) {
1672 Conn_Close(Idx, NULL,
1673 "Can't allocate memory [Handle_Buffer]",
1678 array_trunc(&My_Connections[Idx].rbuf);
1680 ("Moved already received data (%u bytes) to uncompression buffer.",
1681 array_bytes(&My_Connections[Idx].zip.rbuf));
1685 return len_processed;
1686 } /* Handle_Buffer */
1690 * Check whether established connections are still alive or not.
1691 * If not, play PING-PONG first; and if that doesn't help either,
1692 * disconnect the respective peer.
1695 Check_Connections(void)
1701 for (i = 0; i < Pool_Size; i++) {
1702 if (My_Connections[i].sock < 0)
1705 c = Conn_GetClient(i);
1706 if (c && ((Client_Type(c) == CLIENT_USER)
1707 || (Client_Type(c) == CLIENT_SERVER)
1708 || (Client_Type(c) == CLIENT_SERVICE))) {
1709 /* connected User, Server or Service */
1710 if (My_Connections[i].lastping >
1711 My_Connections[i].lastdata) {
1712 /* We already sent a ping */
1713 if (My_Connections[i].lastping <
1714 time(NULL) - Conf_PongTimeout) {
1717 ("Connection %d: Ping timeout: %d seconds.",
1718 i, Conf_PongTimeout);
1719 snprintf(msg, sizeof(msg), "Ping timeout: %d seconds", Conf_PongTimeout);
1720 Conn_Close(i, NULL, msg, true);
1722 } else if (My_Connections[i].lastdata <
1723 time(NULL) - Conf_PingTimeout) {
1724 /* We need to send a PING ... */
1725 LogDebug("Connection %d: sending PING ...", i);
1726 My_Connections[i].lastping = time(NULL);
1727 Conn_WriteStr(i, "PING :%s",
1728 Client_ID(Client_ThisServer()));
1731 /* The connection is not fully established yet, so
1732 * we don't do the PING-PONG game here but instead
1733 * disconnect the client after "a short time" if it's
1734 * still not registered. */
1736 if (My_Connections[i].lastdata <
1737 time(NULL) - Conf_PongTimeout) {
1739 ("Unregistered connection %d timed out ...",
1741 Conn_Close(i, NULL, "Timeout", false);
1745 } /* Check_Connections */
1749 * Check if further server links should be established.
1757 time_now = time(NULL);
1759 /* Check all configured servers */
1760 for (i = 0; i < MAX_SERVERS; i++) {
1761 if (Conf_Server[i].conn_id > NONE)
1762 continue; /* Already connected */
1763 if (!Conf_Server[i].host[0] || !Conf_Server[i].port > 0)
1764 continue; /* No host and/or port configured */
1765 if (Conf_Server[i].flags & CONF_SFLAG_DISABLED)
1766 continue; /* Disabled configuration entry */
1767 if (Conf_Server[i].lasttry > (time_now - Conf_ConnectRetry))
1768 continue; /* We have to wait a little bit ... */
1770 /* Is there already a connection in this group? */
1771 if (Conf_Server[i].group > NONE) {
1772 for (n = 0; n < MAX_SERVERS; n++) {
1775 if ((Conf_Server[n].conn_id != NONE) &&
1776 (Conf_Server[n].group == Conf_Server[i].group))
1779 if (n < MAX_SERVERS)
1783 /* Okay, try to connect now */
1784 Conf_Server[i].lasttry = time_now;
1785 Conf_Server[i].conn_id = SERVER_WAIT;
1786 assert(Proc_GetPipeFd(&Conf_Server[i].res_stat) < 0);
1787 Resolve_Name(&Conf_Server[i].res_stat, Conf_Server[i].host,
1788 cb_Connect_to_Server);
1790 } /* Check_Servers */
1794 New_Server( int Server , ng_ipaddr_t *dest)
1796 /* Establish new server link */
1797 char ip_str[NG_INET_ADDRSTRLEN];
1798 int af_dest, res, new_sock;
1801 assert( Server > NONE );
1803 if (!ng_ipaddr_tostr_r(dest, ip_str)) {
1804 Log(LOG_WARNING, "New_Server: Could not convert IP to string");
1808 Log( LOG_INFO, "Establishing connection to \"%s\", %s, port %d ... ",
1809 Conf_Server[Server].host, ip_str, Conf_Server[Server].port );
1811 af_dest = ng_ipaddr_af(dest);
1812 new_sock = socket(af_dest, SOCK_STREAM, 0);
1814 Log( LOG_CRIT, "Can't create socket (af %d) : %s!", af_dest, strerror( errno ));
1818 if (!Init_Socket(new_sock))
1821 /* is a bind address configured? */
1822 res = ng_ipaddr_af(&Conf_Server[Server].bind_addr);
1823 /* if yes, bind now. If it fails, warn and let connect() pick a source address */
1824 if (res && bind(new_sock, (struct sockaddr *) &Conf_Server[Server].bind_addr,
1825 ng_ipaddr_salen(&Conf_Server[Server].bind_addr)))
1827 ng_ipaddr_tostr_r(&Conf_Server[Server].bind_addr, ip_str);
1828 Log(LOG_WARNING, "Can't bind socket to %s: %s!", ip_str, strerror(errno));
1830 ng_ipaddr_setport(dest, Conf_Server[Server].port);
1831 res = connect(new_sock, (struct sockaddr *) dest, ng_ipaddr_salen(dest));
1832 if(( res != 0 ) && ( errno != EINPROGRESS )) {
1833 Log( LOG_CRIT, "Can't connect socket: %s!", strerror( errno ));
1838 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)new_sock)) {
1840 "Cannot allocate memory for server connection (socket %d)",
1846 My_Connections = array_start(&My_ConnArray);
1848 assert(My_Connections[new_sock].sock <= 0);
1850 Init_Conn_Struct(new_sock);
1852 ng_ipaddr_tostr_r(dest, ip_str);
1853 c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWNSERVER, false);
1855 Log( LOG_ALERT, "Can't establish connection: can't create client structure!" );
1860 /* Conn_Close() decrements this counter again */
1861 Account_Connection();
1862 Client_SetIntroducer( c, c );
1863 Client_SetToken( c, TOKEN_OUTBOUND );
1865 /* Register connection */
1866 Conf_Server[Server].conn_id = new_sock;
1867 My_Connections[new_sock].sock = new_sock;
1868 My_Connections[new_sock].addr = *dest;
1869 My_Connections[new_sock].client = c;
1870 strlcpy( My_Connections[new_sock].host, Conf_Server[Server].host,
1871 sizeof(My_Connections[new_sock].host ));
1873 /* Register new socket */
1874 if (!io_event_create( new_sock, IO_WANTWRITE, cb_connserver)) {
1875 Log( LOG_ALERT, "io_event_create(): could not add fd %d", strerror(errno));
1876 Conn_Close( new_sock, "io_event_create() failed", NULL, false );
1877 Init_Conn_Struct( new_sock );
1878 Conf_Server[Server].conn_id = NONE;
1881 if (Conf_Server[Server].SSLConnect && !ConnSSL_PrepareConnect( &My_Connections[new_sock],
1882 &Conf_Server[Server] ))
1884 Log(LOG_ALERT, "Could not initialize SSL for outgoing connection");
1885 Conn_Close( new_sock, "Could not initialize SSL for outgoing connection", NULL, false );
1886 Init_Conn_Struct( new_sock );
1887 Conf_Server[Server].conn_id = NONE;
1891 LogDebug("Registered new connection %d on socket %d (%ld in total).",
1892 new_sock, My_Connections[new_sock].sock, NumConnections);
1893 Conn_OPTION_ADD( &My_Connections[new_sock], CONN_ISCONNECTING );
1898 * Initialize connection structure.
1901 Init_Conn_Struct(CONN_ID Idx)
1903 time_t now = time(NULL);
1905 memset(&My_Connections[Idx], 0, sizeof(CONNECTION));
1906 My_Connections[Idx].sock = -1;
1907 My_Connections[Idx].signon = now;
1908 My_Connections[Idx].lastdata = now;
1909 My_Connections[Idx].lastprivmsg = now;
1910 Proc_InitStruct(&My_Connections[Idx].proc_stat);
1911 } /* Init_Conn_Struct */
1915 Init_Socket( int Sock )
1917 /* Initialize socket (set options) */
1921 if (!io_setnonblock(Sock)) {
1922 Log( LOG_CRIT, "Can't enable non-blocking mode for socket: %s!", strerror( errno ));
1927 /* Don't block this port after socket shutdown */
1929 if( setsockopt( Sock, SOL_SOCKET, SO_REUSEADDR, &value, (socklen_t)sizeof( value )) != 0 )
1931 Log( LOG_ERR, "Can't set socket option SO_REUSEADDR: %s!", strerror( errno ));
1932 /* ignore this error */
1935 /* Set type of service (TOS) */
1936 #if defined(IPPROTO_IP) && defined(IPTOS_LOWDELAY)
1937 value = IPTOS_LOWDELAY;
1938 LogDebug("Setting IP_TOS on socket %d to IPTOS_LOWDELAY.", Sock);
1939 if (setsockopt(Sock, IPPROTO_IP, IP_TOS, &value,
1940 (socklen_t) sizeof(value))) {
1941 Log(LOG_ERR, "Can't set socket option IP_TOS: %s!",
1943 /* ignore this error */
1952 cb_Connect_to_Server(int fd, UNUSED short events)
1954 /* Read result of resolver sub-process from pipe and start connection */
1957 ng_ipaddr_t dest_addrs[4]; /* we can handle at most 3; but we read up to
1958 four so we can log the 'more than we can handle'
1959 condition. First result is tried immediately, rest
1960 is saved for later if needed. */
1962 LogDebug("Resolver: Got forward lookup callback on fd %d, events %d", fd, events);
1964 for (i=0; i < MAX_SERVERS; i++) {
1965 if (Proc_GetPipeFd(&Conf_Server[i].res_stat) == fd )
1969 if( i >= MAX_SERVERS) {
1970 /* Ops, no matching server found?! */
1972 LogDebug("Resolver: Got Forward Lookup callback for unknown server!?");
1976 /* Read result from pipe */
1977 len = Proc_Read(&Conf_Server[i].res_stat, dest_addrs, sizeof(dest_addrs));
1981 assert((len % sizeof(ng_ipaddr_t)) == 0);
1983 LogDebug("Got result from resolver: %u structs (%u bytes).", len/sizeof(ng_ipaddr_t), len);
1985 memset(&Conf_Server[i].dst_addr, 0, sizeof(Conf_Server[i].dst_addr));
1986 if (len > sizeof(ng_ipaddr_t)) {
1987 /* more than one address for this hostname, remember them
1988 * in case first address is unreachable/not available */
1989 len -= sizeof(ng_ipaddr_t);
1990 if (len > sizeof(Conf_Server[i].dst_addr)) {
1991 len = sizeof(Conf_Server[i].dst_addr);
1993 "Notice: Resolver returned more IP Addresses for host than we can handle, additional addresses dropped.");
1995 memcpy(&Conf_Server[i].dst_addr, &dest_addrs[1], len);
1998 New_Server(i, dest_addrs);
1999 } /* cb_Read_Forward_Lookup */
2003 cb_Read_Resolver_Result( int r_fd, UNUSED short events )
2005 /* Read result of resolver sub-process from pipe and update the
2006 * apropriate connection/client structure(s): hostname and/or
2007 * IDENT user name.*/
2014 char readbuf[HOST_LEN + 2 + CLIENT_USER_LEN];
2016 char readbuf[HOST_LEN + 1];
2019 LogDebug("Resolver: Got callback on fd %d, events %d", r_fd, events );
2020 i = Conn_GetFromProc(r_fd);
2022 /* Ops, none found? Probably the connection has already
2023 * been closed!? We'll ignore that ... */
2025 LogDebug("Resolver: Got callback for unknown connection!?");
2029 /* Read result from pipe */
2030 len = Proc_Read(&My_Connections[i].proc_stat, readbuf, sizeof readbuf -1);
2034 readbuf[len] = '\0';
2035 identptr = strchr(readbuf, '\n');
2036 assert(identptr != NULL);
2038 Log( LOG_CRIT, "Resolver: Got malformed result!");
2043 LogDebug("Got result from resolver: \"%s\" (%u bytes read).", readbuf, len);
2044 /* Okay, we got a complete result: this is a host name for outgoing
2045 * connections and a host name and IDENT user name (if enabled) for
2046 * incoming connections.*/
2047 assert ( My_Connections[i].sock >= 0 );
2048 /* Incoming connection. Search client ... */
2049 c = Conn_GetClient( i );
2050 assert( c != NULL );
2052 /* Only update client information of unregistered clients.
2053 * Note: user commands (e. g. WEBIRC) are always read _after_ reading
2054 * the resolver results, so we don't have to worry to override settings
2055 * from these commands here. */
2056 if(Client_Type(c) == CLIENT_UNKNOWN) {
2057 strlcpy(My_Connections[i].host, readbuf,
2058 sizeof(My_Connections[i].host));
2059 Client_SetHostname(c, readbuf);
2063 Log(LOG_INFO, "IDENT lookup for connection %d: \"%s\".", i, identptr);
2064 Client_SetUser(c, identptr, true);
2066 Log(LOG_INFO, "IDENT lookup for connection %d: no result.", i);
2071 else Log( LOG_DEBUG, "Resolver: discarding result for already registered connection %d.", i );
2073 } /* cb_Read_Resolver_Result */
2077 * Write a "simple" (error) message to a socket.
2078 * The message is sent without using the connection write buffers, without
2079 * compression/encryption, and even without any error reporting. It is
2080 * designed for error messages of e.g. New_Connection(). */
2082 Simple_Message(int Sock, const char *Msg)
2084 char buf[COMMAND_LEN];
2087 assert(Sock > NONE);
2088 assert(Msg != NULL);
2090 strlcpy(buf, Msg, sizeof buf - 2);
2091 len = strlcat(buf, "\r\n", sizeof buf);
2092 if (write(Sock, buf, len) < 0) {
2093 /* Because this function most probably got called to log
2094 * an error message, any write error is ignored here to
2095 * avoid an endless loop. But casting the result of write()
2096 * to "void" doesn't satisfy the GNU C code attribute
2097 * "warn_unused_result" which is used by some versions of
2098 * glibc (e.g. 2.11.1), therefore this silly error
2099 * "handling" code here :-( */
2102 } /* Simple_Error */
2106 * Get CLIENT structure that belongs to a local connection identified by its
2107 * index number. Each connection belongs to a client by definition, so it is
2108 * not required that the caller checks for NULL return values.
2109 * @param Idx Connection index number
2110 * @return Pointer to CLIENT structure
2113 Conn_GetClient( CONN_ID Idx )
2118 c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
2120 return c ? c->client : NULL;
2124 * Get PROC_STAT sub-process structure of a connection.
2125 * @param Idx Connection index number
2126 * @return PROC_STAT structure
2129 Conn_GetProcStat(CONN_ID Idx)
2134 c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
2136 return &c->proc_stat;
2137 } /* Conn_GetProcStat */
2141 * Get CONN_ID from file descriptor associated to a subprocess structure.
2142 * @param fd File descriptor
2143 * @return CONN_ID or NONE (-1)
2146 Conn_GetFromProc(int fd)
2151 for (i = 0; i < Pool_Size; i++) {
2152 if ((My_Connections[i].sock != NONE)
2153 && (Proc_GetPipeFd(&My_Connections[i].proc_stat) == fd))
2157 } /* Conn_GetFromProc */
2163 * Get information about used SSL chiper.
2164 * @param Idx Connection index number
2165 * @param buf Buffer for returned information text
2166 * @param len Size of return buffer "buf"
2167 * @return true on success, false otherwise
2170 Conn_GetCipherInfo(CONN_ID Idx, char *buf, size_t len)
2174 assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
2175 return ConnSSL_GetCipherInfo(&My_Connections[Idx], buf, len);
2180 * Check if a connection is SSL-enabled or not.
2181 * @param Idx Connection index number
2182 * @return true if connection is SSL-enabled, false otherwise.
2185 Conn_UsesSSL(CONN_ID Idx)
2189 assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
2190 return Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL);