2 * ngIRCd -- The Next Generation IRC Daemon
3 * Copyright (c)2001-2010 Alexander Barton <alex@barton.de>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 * Please read the file COPYING, README and AUTHORS for more information.
11 * Connection management
33 #include <sys/socket.h>
35 #include <sys/types.h>
37 #include <netinet/in.h>
39 #ifdef HAVE_NETINET_IP_H
40 # ifdef HAVE_NETINET_IN_SYSTM_H
41 # include <netinet/in_systm.h>
43 # include <netinet/ip.h>
47 # include <stdint.h> /* e.g. for Mac OS X */
51 # include <tcpd.h> /* for TCP Wrappers */
67 #include "conn-func.h"
69 #include "ng_ipaddr.h"
76 # include "rendezvous.h"
82 #define SERVER_WAIT (NONE - 1)
84 #define MAX_COMMANDS 3
85 #define MAX_COMMANDS_SERVER 10
88 static bool Handle_Write PARAMS(( CONN_ID Idx ));
89 static bool Conn_Write PARAMS(( CONN_ID Idx, char *Data, size_t Len ));
90 static int New_Connection PARAMS(( int Sock ));
91 static CONN_ID Socket2Index PARAMS(( int Sock ));
92 static void Read_Request PARAMS(( CONN_ID Idx ));
93 static unsigned int Handle_Buffer PARAMS(( CONN_ID Idx ));
94 static void Check_Connections PARAMS(( void ));
95 static void Check_Servers PARAMS(( void ));
96 static void Init_Conn_Struct PARAMS(( CONN_ID Idx ));
97 static bool Init_Socket PARAMS(( int Sock ));
98 static void New_Server PARAMS(( int Server, ng_ipaddr_t *dest ));
99 static void Simple_Message PARAMS(( int Sock, const char *Msg ));
100 static int NewListener PARAMS(( const char *listen_addr, UINT16 Port ));
101 static void Account_Connection PARAMS((void));
104 static array My_Listeners;
105 static array My_ConnArray;
106 static size_t NumConnections, NumConnectionsMax, NumConnectionsAccepted;
109 int allow_severity = LOG_INFO;
110 int deny_severity = LOG_ERR;
113 static void server_login PARAMS((CONN_ID idx));
116 extern struct SSLOptions Conf_SSLOptions;
117 static void cb_connserver_login_ssl PARAMS((int sock, short what));
118 static void cb_clientserver_ssl PARAMS((int sock, short what));
120 static void cb_Read_Resolver_Result PARAMS((int sock, UNUSED short what));
121 static void cb_Connect_to_Server PARAMS((int sock, UNUSED short what));
122 static void cb_clientserver PARAMS((int sock, short what));
126 * IO callback for listening sockets: handle new connections. This callback
127 * gets called when a new non-SSL connection should be accepted.
128 * @param sock Socket descriptor
129 * @param irrelevant (ignored IO specification)
132 cb_listen(int sock, short irrelevant)
135 (void) New_Connection(sock);
141 * IO callback for listening SSL sockets: handle new connections. This callback
142 * gets called when a new SSL-enabled connection should be accepted.
143 * @param sock Socket descriptor
144 * @param irrelevant (ignored IO specification)
147 cb_listen_ssl(int sock, short irrelevant)
152 fd = New_Connection(sock);
155 io_event_setcb(My_Connections[fd].sock, cb_clientserver_ssl);
161 * IO callback for new outgoing non-SSL server connections.
162 * @param sock Socket descriptor
163 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
166 cb_connserver(int sock, UNUSED short what)
168 int res, err, server;
170 CONN_ID idx = Socket2Index( sock );
173 LogDebug("cb_connserver wants to write on unknown socket?!");
178 assert(what & IO_WANTWRITE);
180 /* Make sure that the server is still configured; it could have been
181 * removed in the meantime! */
182 server = Conf_GetServer(idx);
184 Log(LOG_ERR, "Connection on socket %d to \"%s\" aborted!",
185 sock, My_Connections[idx].host);
186 Conn_Close(idx, "Connection aborted!", NULL, false);
190 /* connect() finished, get result. */
191 sock_len = (socklen_t)sizeof(err);
192 res = getsockopt(My_Connections[idx].sock, SOL_SOCKET, SO_ERROR,
194 assert(sock_len == sizeof(err));
196 /* Error while connecting? */
197 if ((res != 0) || (err != 0)) {
199 Log(LOG_CRIT, "getsockopt (connection %d): %s!",
200 idx, strerror(errno));
203 "Can't connect socket to \"%s:%d\" (connection %d): %s!",
204 My_Connections[idx].host, Conf_Server[server].port,
207 Conn_Close(idx, "Can't connect!", NULL, false);
209 if (ng_ipaddr_af(&Conf_Server[server].dst_addr[0])) {
210 /* more addresses to try... */
211 New_Server(res, &Conf_Server[server].dst_addr[0]);
212 /* connection to dst_addr[0] is now in progress, so
213 * remove this address... */
214 Conf_Server[server].dst_addr[0] =
215 Conf_Server[server].dst_addr[1];
216 memset(&Conf_Server[server].dst_addr[1], 0,
217 sizeof(Conf_Server[server].dst_addr[1]));
222 /* connect() succeeded, remove all additional addresses */
223 memset(&Conf_Server[server].dst_addr, 0,
224 sizeof(Conf_Server[server].dst_addr));
226 Conn_OPTION_DEL( &My_Connections[idx], CONN_ISCONNECTING );
228 if ( Conn_OPTION_ISSET( &My_Connections[idx], CONN_SSL_CONNECT )) {
229 io_event_setcb( sock, cb_connserver_login_ssl );
230 io_event_add( sock, IO_WANTWRITE|IO_WANTREAD );
239 * Login to a remote server.
240 * @param idx Connection index
243 server_login(CONN_ID idx)
245 Log( LOG_INFO, "Connection %d with \"%s:%d\" established. Now logging in ...", idx,
246 My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port );
248 io_event_setcb( My_Connections[idx].sock, cb_clientserver);
249 io_event_add( My_Connections[idx].sock, IO_WANTREAD|IO_WANTWRITE);
251 /* Send PASS and SERVER command to peer */
252 Conn_WriteStr( idx, "PASS %s %s", Conf_Server[Conf_GetServer( idx )].pwd_out, NGIRCd_ProtoID );
253 Conn_WriteStr( idx, "SERVER %s :%s", Conf_ServerName, Conf_ServerInfo );
259 * IO callback for new outgoing SSL-enabled server connections.
260 * @param sock Socket descriptor
261 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
264 cb_connserver_login_ssl(int sock, short unused)
266 CONN_ID idx = Socket2Index(sock);
274 switch (ConnSSL_Connect( &My_Connections[idx])) {
276 case 0: LogDebug("ConnSSL_Connect: not ready");
279 Log(LOG_ERR, "SSL connection on socket %d failed!", sock);
280 Conn_Close(idx, "Can't connect!", NULL, false);
284 Log( LOG_INFO, "SSL connection %d with \"%s:%d\" established.", idx,
285 My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port );
293 * IO callback for established non-SSL client and server connections.
294 * @param sock Socket descriptor
295 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
298 cb_clientserver(int sock, short what)
300 CONN_ID idx = Socket2Index(sock);
309 if (what & IO_WANTREAD
310 || (Conn_OPTION_ISSET(&My_Connections[idx], CONN_SSL_WANT_WRITE))) {
311 /* if TLS layer needs to write additional data, call
312 * Read_Request() instead so that SSL/TLS can continue */
316 if (what & IO_WANTREAD)
319 if (what & IO_WANTWRITE)
326 * IO callback for established SSL-enabled client and server connections.
327 * @param sock Socket descriptor
328 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
331 cb_clientserver_ssl(int sock, short what)
333 CONN_ID idx = Socket2Index(sock);
342 switch (ConnSSL_Accept(&My_Connections[idx])) {
346 return; /* EAGAIN: callback will be invoked again by IO layer */
348 Conn_Close(idx, "SSL accept error, closing socket", "SSL accept error", false);
351 if (what & IO_WANTREAD)
354 if (what & IO_WANTWRITE)
357 io_event_setcb(sock, cb_clientserver); /* SSL handshake completed */
363 * Initialite connecion module.
370 /* Speicher fuer Verbindungs-Pool anfordern */
371 Pool_Size = CONNECTION_POOL;
372 if ((Conf_MaxConnections > 0) &&
373 (Pool_Size > Conf_MaxConnections))
374 Pool_Size = Conf_MaxConnections;
376 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)Pool_Size)) {
377 Log(LOG_EMERG, "Can't allocate memory! [Conn_Init]");
381 /* FIXME: My_Connetions/Pool_Size is needed by other parts of the
382 * code; remove them! */
383 My_Connections = (CONNECTION*) array_start(&My_ConnArray);
385 LogDebug("Allocated connection pool for %d items (%ld bytes).",
386 array_length(&My_ConnArray, sizeof(CONNECTION)),
387 array_bytes(&My_ConnArray));
389 assert(array_length(&My_ConnArray, sizeof(CONNECTION)) >= (size_t)Pool_Size);
391 array_free( &My_Listeners );
393 for (i = 0; i < Pool_Size; i++)
399 * Clean up connection module.
406 Conn_ExitListeners();
408 LogDebug("Shutting down all connections ..." );
409 for( idx = 0; idx < Pool_Size; idx++ ) {
410 if( My_Connections[idx].sock > NONE ) {
411 Conn_Close( idx, NULL, NGIRCd_SignalRestart ?
412 "Server going down (restarting)":"Server going down", true );
416 array_free(&My_ConnArray);
417 My_Connections = NULL;
419 io_library_shutdown();
424 ports_initlisteners(array *a, const char *listen_addr, void (*func)(int,short))
426 unsigned int created = 0;
431 len = array_length(a, sizeof (UINT16));
432 port = array_start(a);
434 fd = NewListener(listen_addr, *port);
439 if (!io_event_create( fd, IO_WANTREAD, func )) {
440 Log( LOG_ERR, "io_event_create(): Could not add listening fd %d (port %u): %s!",
441 fd, (unsigned int) *port, strerror(errno));
454 * Initialize all listening sockets.
455 * @return Number of created listening sockets
458 Conn_InitListeners( void )
460 /* Initialize ports on which the server should accept connections */
461 unsigned int created = 0;
462 char *copy, *listen_addr;
464 if (!io_library_init(CONNECTION_POOL)) {
465 Log(LOG_EMERG, "Cannot initialize IO routines: %s", strerror(errno));
469 assert(Conf_ListenAddress);
471 /* can't use Conf_ListenAddress directly, see below */
472 copy = strdup(Conf_ListenAddress);
474 Log(LOG_CRIT, "Cannot copy %s: %s", Conf_ListenAddress, strerror(errno));
477 listen_addr = strtok(copy, ",");
479 while (listen_addr) {
480 ngt_TrimStr(listen_addr);
482 created += ports_initlisteners(&Conf_ListenPorts, listen_addr, cb_listen);
484 created += ports_initlisteners(&Conf_SSLOptions.ListenPorts, listen_addr, cb_listen_ssl);
488 listen_addr = strtok(NULL, ",");
491 /* Can't free() Conf_ListenAddress here: on REHASH, if the config file
492 * cannot be re-loaded, we'd end up with a NULL Conf_ListenAddress.
493 * Instead, free() takes place in conf.c, before the config file
494 * is being parsed. */
498 } /* Conn_InitListeners */
502 Conn_ExitListeners( void )
504 /* Close down all listening sockets */
508 Rendezvous_UnregisterListeners( );
511 arraylen = array_length(&My_Listeners, sizeof (int));
513 "Shutting down all listening sockets (%d total) ...", arraylen);
514 fd = array_start(&My_Listeners);
519 LogDebug("Listening socket %d closed.", *fd );
522 array_free(&My_Listeners);
523 } /* Conn_ExitListeners */
527 InitSinaddrListenAddr(ng_ipaddr_t *addr, const char *listen_addrstr, UINT16 Port)
531 ret = ng_ipaddr_init(addr, listen_addrstr, Port);
533 assert(listen_addrstr);
534 Log(LOG_CRIT, "Can't bind to [%s]:%u: can't convert ip address \"%s\"",
535 listen_addrstr, Port, listen_addrstr);
542 set_v6_only(int af, int sock)
544 #if defined(IPV6_V6ONLY) && defined(WANT_IPV6)
550 if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, (socklen_t)sizeof(on)))
551 Log(LOG_ERR, "Could not set IPV6_V6ONLY: %s", strerror(errno));
559 /* return new listening port file descriptor or -1 on failure */
561 NewListener(const char *listen_addr, UINT16 Port)
563 /* Create new listening socket on specified port */
567 char name[CLIENT_ID_LEN], *info;
569 if (!InitSinaddrListenAddr(&addr, listen_addr, Port))
572 af = ng_ipaddr_af(&addr);
573 sock = socket(af, SOCK_STREAM, 0);
575 Log(LOG_CRIT, "Can't create socket (af %d) : %s!", af, strerror(errno));
579 set_v6_only(af, sock);
581 if (!Init_Socket(sock))
584 if (bind(sock, (struct sockaddr *)&addr, ng_ipaddr_salen(&addr)) != 0) {
585 Log(LOG_CRIT, "Can't bind socket to address %s:%d - %s",
586 ng_ipaddr_tostr(&addr), Port, strerror(errno));
591 if( listen( sock, 10 ) != 0 ) {
592 Log( LOG_CRIT, "Can't listen on socket: %s!", strerror( errno ));
597 /* keep fd in list so we can close it when ngircd restarts/shuts down */
598 if (!array_catb( &My_Listeners,(char*) &sock, sizeof(int) )) {
599 Log( LOG_CRIT, "Can't add socket to My_Listeners array: %s!", strerror( errno ));
604 Log(LOG_INFO, "Now listening on [%s]:%d (socket %d).", ng_ipaddr_tostr(&addr), Port, sock);
607 /* Get best server description text */
608 if( ! Conf_ServerInfo[0] ) info = Conf_ServerName;
611 /* Use server info string */
613 if( Conf_ServerInfo[0] == '[' )
615 /* Cut off leading hostname part in "[]" */
616 info = strchr( Conf_ServerInfo, ']' );
620 while( *info == ' ' ) info++;
623 if( ! info ) info = Conf_ServerInfo;
626 /* Add port number to description if non-standard */
628 snprintf(name, sizeof name, "%s (port %u)", info,
631 strlcpy(name, info, sizeof name);
633 /* Register service */
634 Rendezvous_Register( name, MDNS_TYPE, Port );
642 * SSL/TLS connections require extra treatment:
643 * When either CONN_SSL_WANT_WRITE or CONN_SSL_WANT_READ is set, we
644 * need to take care of that first, before checking read/write buffers.
645 * For instance, while we might have data in our write buffer, the
646 * TLS/SSL protocol might need to read internal data first for TLS/SSL
649 * If this function returns true, such a condition is met and we have
650 * to reverse the condition (check for read even if we've data to write,
651 * do not check for read but writeability even if write-buffer is empty).
654 SSL_WantRead(const CONNECTION *c)
656 if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_READ)) {
657 io_event_add(c->sock, IO_WANTREAD);
663 SSL_WantWrite(const CONNECTION *c)
665 if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_WRITE)) {
666 io_event_add(c->sock, IO_WANTWRITE);
673 SSL_WantRead(UNUSED const CONNECTION *c) { return false; }
675 SSL_WantWrite(UNUSED const CONNECTION *c) { return false; }
680 * "Main Loop": Loop until shutdown or restart is signalled.
681 * This function loops until a shutdown or restart of ngIRCd is signalled and
682 * calls io_dispatch() to check for readable and writable sockets every second.
683 * It checks for status changes on pending connections (e. g. when a hostname
684 * has been resolved), checks for "penalties" and timeouts, and handles the
691 unsigned int wdatalen, bytes_processed;
695 while (!NGIRCd_SignalQuit && !NGIRCd_SignalRestart) {
699 Rendezvous_Handler();
702 /* Should the configuration be reloaded? */
703 if (NGIRCd_SignalRehash)
706 /* Check configured servers and established links */
710 /* Look for non-empty read buffers ... */
711 for (i = 0; i < Pool_Size; i++) {
712 if ((My_Connections[i].sock > NONE)
713 && (array_bytes(&My_Connections[i].rbuf) > 0)
714 && (My_Connections[i].delaytime <= t)) {
715 /* ... and try to handle the received data */
716 bytes_processed = Handle_Buffer(i);
717 /* if we processed data, and there might be
718 * more commands in the input buffer, do not
719 * try to read any more data now */
720 if (bytes_processed &&
721 array_bytes(&My_Connections[i].rbuf) > 2) {
723 ("Throttling connection %d: command limit reached!",
725 Conn_SetPenalty(i, 1);
730 /* Look for non-empty write buffers ... */
731 for (i = 0; i < Pool_Size; i++) {
732 if (My_Connections[i].sock <= NONE)
735 wdatalen = (unsigned int)array_bytes(&My_Connections[i].wbuf);
738 array_bytes(&My_Connections[i].zip.wbuf) > 0)
743 if (SSL_WantRead(&My_Connections[i]))
745 io_event_add(My_Connections[i].sock,
750 /* Check from which sockets we possibly could read ... */
751 for (i = 0; i < Pool_Size; i++) {
752 if (My_Connections[i].sock <= NONE)
755 if (SSL_WantWrite(&My_Connections[i]))
756 continue; /* TLS/SSL layer needs to write data; deal with this first */
758 if (Proc_InProgress(&My_Connections[i].proc_stat)) {
759 /* Wait for completion of forked subprocess
760 * and ignore the socket in the meantime ... */
761 io_event_del(My_Connections[i].sock,
766 if (Conn_OPTION_ISSET(&My_Connections[i], CONN_ISCONNECTING))
767 /* Wait for completion of connect() ... */
770 if (My_Connections[i].delaytime > t) {
771 /* There is a "penalty time" set: ignore socket! */
772 io_event_del(My_Connections[i].sock,
777 io_event_add(My_Connections[i].sock, IO_WANTREAD);
780 /* Set the timeout for reading from the network to 1 second,
781 * which is the granularity with witch we handle "penalty
782 * times" for example.
783 * Note: tv_sec/usec are undefined(!) after io_dispatch()
784 * returns, so we have to set it beforce each call to it! */
788 /* Wait for activity ... */
789 i = io_dispatch(&tv);
790 if (i == -1 && errno != EINTR) {
791 Log(LOG_EMERG, "Conn_Handler(): io_dispatch(): %s!",
793 Log(LOG_ALERT, "%s exiting due to fatal errors!",
799 if (NGIRCd_SignalQuit)
800 Log(LOG_NOTICE | LOG_snotice, "Server going down NOW!");
801 else if (NGIRCd_SignalRestart)
802 Log(LOG_NOTICE | LOG_snotice, "Server restarting NOW!");
807 * Write a text string into the socket of a connection.
808 * This function automatically appends CR+LF to the string and validates that
809 * the result is a valid IRC message (oversized messages are shortened, for
810 * example). Then it calls the Conn_Write() function to do the actual sending.
811 * @param Idx Index fo the connection.
812 * @param Format Format string, see printf().
813 * @return true on success, false otherwise.
817 Conn_WriteStr(CONN_ID Idx, const char *Format, ...)
820 Conn_WriteStr(Idx, Format, va_alist)
826 char buffer[COMMAND_LEN];
831 assert( Idx > NONE );
832 assert( Format != NULL );
835 va_start( ap, Format );
839 if (vsnprintf( buffer, COMMAND_LEN - 2, Format, ap ) >= COMMAND_LEN - 2 ) {
841 * The string that should be written to the socket is longer
842 * than the allowed size of COMMAND_LEN bytes (including both
843 * the CR and LF characters). This can be caused by the
844 * IRC_WriteXXX() functions when the prefix of this server had
845 * to be added to an already "quite long" command line which
846 * has been received from a regular IRC client, for example.
848 * We are not allowed to send such "oversized" messages to
849 * other servers and clients, see RFC 2812 2.3 and 2813 3.3
850 * ("these messages SHALL NOT exceed 512 characters in length,
851 * counting all characters including the trailing CR-LF").
853 * So we have a big problem here: we should send more bytes
854 * to the network than we are allowed to and we don't know
855 * the originator (any more). The "old" behaviour of blaming
856 * the receiver ("next hop") is a bad idea (it could be just
857 * an other server only routing the message!), so the only
858 * option left is to shorten the string and to hope that the
859 * result is still somewhat useful ...
863 strcpy (buffer + sizeof(buffer) - strlen(CUT_TXTSUFFIX) - 2 - 1,
869 Log(LOG_DEBUG, " -> connection %d: '%s'.", Idx, buffer);
872 len = strlcat( buffer, "\r\n", sizeof( buffer ));
873 ok = Conn_Write(Idx, buffer, len);
874 My_Connections[Idx].msg_out++;
878 } /* Conn_WriteStr */
882 * Append Data to the outbound write buffer of a connection.
883 * @param Idx Index of the connection.
884 * @param Data pointer to the data.
885 * @param Len length of Data.
886 * @return true on success, false otherwise.
889 Conn_Write( CONN_ID Idx, char *Data, size_t Len )
892 size_t writebuf_limit = WRITEBUFFER_LEN;
893 assert( Idx > NONE );
894 assert( Data != NULL );
897 c = Conn_GetClient(Idx);
900 /* Servers do get special write buffer limits, so they can generate
901 * all the messages that are required while peering. */
902 if (Client_Type(c) == CLIENT_SERVER)
903 writebuf_limit = WRITEBUFFER_SLINK_LEN;
905 /* Is the socket still open? A previous call to Conn_Write()
906 * may have closed the connection due to a fatal error.
907 * In this case it is sufficient to return an error, as well. */
908 if( My_Connections[Idx].sock <= NONE ) {
909 LogDebug("Skipped write on closed socket (connection %d).", Idx);
914 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
916 * Zip_Buffer() does all the dirty work for us: it flushes
917 * the (pre-)compression buffers if required and handles
918 * all error conditions. */
919 if (!Zip_Buffer(Idx, Data, Len))
925 /* Uncompressed link:
926 * Check if outbound buffer has enough space for the data. */
927 if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
929 /* Buffer is full, flush it. Handle_Write deals with
930 * low-level errors, if any. */
931 if (!Handle_Write(Idx))
935 /* When the write buffer is still too big after flushing it,
936 * the connection will be killed. */
937 if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
940 "Write buffer overflow (connection %d, size %lu byte)!",
942 (unsigned long)array_bytes(&My_Connections[Idx].wbuf));
943 Conn_Close(Idx, "Write buffer overflow!", NULL, false);
947 /* Copy data to write buffer */
948 if (!array_catb(&My_Connections[Idx].wbuf, Data, Len))
951 My_Connections[Idx].bytes_out += Len;
954 /* Adjust global write counter */
962 Conn_Close( CONN_ID Idx, const char *LogMsg, const char *FwdMsg, bool InformClient )
964 /* Close connection. Open pipes of asyncronous resolver
965 * sub-processes are closed down. */
971 double in_z_k, out_z_k;
975 assert( Idx > NONE );
977 /* Is this link already shutting down? */
978 if( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ISCLOSING )) {
979 /* Conn_Close() has been called recursively for this link;
980 * probabe reason: Handle_Write() failed -- see below. */
981 LogDebug("Recursive request to close connection: %d", Idx );
985 assert( My_Connections[Idx].sock > NONE );
987 /* Mark link as "closing" */
988 Conn_OPTION_ADD( &My_Connections[Idx], CONN_ISCLOSING );
990 port = ng_ipaddr_getport(&My_Connections[Idx].addr);
991 Log(LOG_INFO, "Shutting down connection %d (%s) with %s:%d ...", Idx,
992 LogMsg ? LogMsg : FwdMsg, My_Connections[Idx].host, port);
994 /* Search client, if any */
995 c = Conn_GetClient( Idx );
997 /* Should the client be informed? */
1000 /* Send statistics to client if registered as user: */
1001 if ((c != NULL) && (Client_Type(c) == CLIENT_USER)) {
1003 ":%s NOTICE %s :%sConnection statistics: client %.1f kb, server %.1f kb.",
1004 Client_ID(Client_ThisServer()), Client_ID(c),
1006 (double)My_Connections[Idx].bytes_in / 1024,
1007 (double)My_Connections[Idx].bytes_out / 1024);
1010 /* Send ERROR to client (see RFC 2812, section 3.1.7) */
1012 Conn_WriteStr(Idx, "ERROR :%s", FwdMsg);
1014 Conn_WriteStr(Idx, "ERROR :Closing connection.");
1017 /* Try to write out the write buffer. Note: Handle_Write() eventually
1018 * removes the CLIENT structure associated with this connection if an
1019 * error occurs! So we have to re-check if there is still an valid
1020 * CLIENT structure after calling Handle_Write() ...*/
1021 (void)Handle_Write( Idx );
1023 /* Search client, if any (re-check!) */
1024 c = Conn_GetClient( Idx );
1026 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
1027 Log(LOG_INFO, "SSL connection %d shutting down ...", Idx);
1028 ConnSSL_Free(&My_Connections[Idx]);
1031 /* Shut down socket */
1032 if (! io_close(My_Connections[Idx].sock)) {
1033 /* Oops, we can't close the socket!? This is ... ugly! */
1035 "Error closing connection %d (socket %d) with %s:%d - %s! (ignored)",
1036 Idx, My_Connections[Idx].sock, My_Connections[Idx].host,
1037 port, strerror(errno));
1040 /* Mark socket as invalid: */
1041 My_Connections[Idx].sock = NONE;
1043 /* If there is still a client, unregister it now */
1045 Client_Destroy(c, LogMsg, FwdMsg, true);
1047 /* Calculate statistics and log information */
1048 in_k = (double)My_Connections[Idx].bytes_in / 1024;
1049 out_k = (double)My_Connections[Idx].bytes_out / 1024;
1051 if (Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP)) {
1052 in_z_k = (double)My_Connections[Idx].zip.bytes_in / 1024;
1053 out_z_k = (double)My_Connections[Idx].zip.bytes_out / 1024;
1054 /* Make sure that no division by zero can occur during
1055 * the calculation of in_p and out_p: in_z_k and out_z_k
1056 * are non-zero, that's guaranteed by the protocol until
1057 * compression can be enabled. */
1062 in_p = (int)(( in_k * 100 ) / in_z_k );
1063 out_p = (int)(( out_k * 100 ) / out_z_k );
1065 "Connection %d with %s:%d closed (in: %.1fk/%.1fk/%d%%, out: %.1fk/%.1fk/%d%%).",
1066 Idx, My_Connections[Idx].host, port,
1067 in_k, in_z_k, in_p, out_k, out_z_k, out_p);
1073 "Connection %d with %s:%d closed (in: %.1fk, out: %.1fk).",
1074 Idx, My_Connections[Idx].host, port,
1078 /* Kill possibly running subprocess */
1079 if (Proc_InProgress(&My_Connections[Idx].proc_stat))
1080 Proc_Kill(&My_Connections[Idx].proc_stat);
1082 /* Servers: Modify time of next connect attempt? */
1083 Conf_UnsetServer( Idx );
1086 /* Clean up zlib, if link was compressed */
1087 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
1088 inflateEnd( &My_Connections[Idx].zip.in );
1089 deflateEnd( &My_Connections[Idx].zip.out );
1090 array_free(&My_Connections[Idx].zip.rbuf);
1091 array_free(&My_Connections[Idx].zip.wbuf);
1095 array_free(&My_Connections[Idx].rbuf);
1096 array_free(&My_Connections[Idx].wbuf);
1098 /* Clean up connection structure (=free it) */
1099 Init_Conn_Struct( Idx );
1101 assert(NumConnections > 0);
1104 LogDebug("Shutdown of connection %d completed, %ld connection%s left.",
1105 Idx, NumConnections, NumConnections != 1 ? "s" : "");
1112 return NumConnections;
1119 return NumConnectionsMax;
1120 } /* Conn_CountMax */
1124 Conn_CountAccepted(void)
1126 return NumConnectionsAccepted;
1127 } /* Conn_CountAccepted */
1131 Conn_SyncServerStruct( void )
1133 /* Synchronize server structures (connection IDs):
1134 * connections <-> configuration */
1140 for( i = 0; i < Pool_Size; i++ ) {
1141 /* Established connection? */
1142 if (My_Connections[i].sock < 0)
1145 /* Server connection? */
1146 client = Conn_GetClient( i );
1147 if(( ! client ) || ( Client_Type( client ) != CLIENT_SERVER )) continue;
1149 for( c = 0; c < MAX_SERVERS; c++ )
1151 /* Configured server? */
1152 if( ! Conf_Server[c].host[0] ) continue;
1155 if( strcmp( Conf_Server[c].name, Client_ID( client )) == 0 )
1156 Conf_Server[c].conn_id = i;
1159 } /* SyncServerStruct */
1163 * Send out data of write buffer; connect new sockets.
1166 Handle_Write( CONN_ID Idx )
1171 assert( Idx > NONE );
1172 if ( My_Connections[Idx].sock < 0 ) {
1173 LogDebug("Handle_Write() on closed socket, connection %d", Idx);
1176 assert( My_Connections[Idx].sock > NONE );
1178 wdatalen = array_bytes(&My_Connections[Idx].wbuf );
1181 if (wdatalen == 0) {
1182 /* Write buffer is empty, so we try to flush the compression
1183 * buffer and get some data to work with from there :-) */
1184 if (!Zip_Flush(Idx))
1187 /* Now the write buffer most probably has changed: */
1188 wdatalen = array_bytes(&My_Connections[Idx].wbuf);
1192 if (wdatalen == 0) {
1193 /* Still no data, fine. */
1194 io_event_del(My_Connections[Idx].sock, IO_WANTWRITE );
1199 ("Handle_Write() called for connection %d, %ld bytes pending ...",
1203 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
1204 len = ConnSSL_Write(&My_Connections[Idx], array_start(&My_Connections[Idx].wbuf), wdatalen);
1208 len = write(My_Connections[Idx].sock,
1209 array_start(&My_Connections[Idx].wbuf), wdatalen );
1212 if (errno == EAGAIN || errno == EINTR)
1215 Log(LOG_ERR, "Write error on connection %d (socket %d): %s!",
1216 Idx, My_Connections[Idx].sock, strerror(errno));
1217 Conn_Close(Idx, "Write error!", NULL, false);
1221 /* move any data not yet written to beginning */
1222 array_moveleft(&My_Connections[Idx].wbuf, 1, (size_t)len);
1225 } /* Handle_Write */
1229 Count_Connections(ng_ipaddr_t *a)
1234 for (i = 0; i < Pool_Size; i++) {
1235 if (My_Connections[i].sock <= NONE)
1237 if (ng_ipaddr_ipequal(&My_Connections[i].addr, a))
1241 } /* Count_Connections */
1245 * Initialize new client connection on a listening socket.
1246 * @param Sock Listening socket descriptor
1247 * @return Accepted socket descriptor or -1 on error
1250 New_Connection(int Sock)
1253 struct request_info req;
1255 ng_ipaddr_t new_addr;
1256 char ip_str[NG_INET_ADDRSTRLEN];
1257 int new_sock, new_sock_len, identsock;
1261 assert(Sock > NONE);
1263 new_sock_len = (int)sizeof(new_addr);
1264 new_sock = accept(Sock, (struct sockaddr *)&new_addr,
1265 (socklen_t *)&new_sock_len);
1267 Log(LOG_CRIT, "Can't accept connection: %s!", strerror(errno));
1270 NumConnectionsAccepted++;
1272 if (!ng_ipaddr_tostr_r(&new_addr, ip_str)) {
1273 Log(LOG_CRIT, "fd %d: Can't convert IP address!", new_sock);
1274 Simple_Message(new_sock, "ERROR :Internal Server Error");
1280 /* Validate socket using TCP Wrappers */
1281 request_init(&req, RQ_DAEMON, PACKAGE_NAME, RQ_FILE, new_sock,
1282 RQ_CLIENT_SIN, &new_addr, NULL);
1284 if (!hosts_access(&req)) {
1286 "Refused connection from %s (by TCP Wrappers)!", ip_str);
1287 Simple_Message(new_sock, "ERROR :Connection refused");
1293 if (!Init_Socket(new_sock))
1296 /* Check global connection limit */
1297 if ((Conf_MaxConnections > 0) &&
1298 (NumConnections >= (size_t) Conf_MaxConnections)) {
1299 Log(LOG_ALERT, "Can't accept connection: limit (%d) reached!",
1300 Conf_MaxConnections);
1301 Simple_Message(new_sock, "ERROR :Connection limit reached");
1306 /* Check IP-based connection limit */
1307 cnt = Count_Connections(&new_addr);
1308 if ((Conf_MaxConnectionsIP > 0) && (cnt >= Conf_MaxConnectionsIP)) {
1309 /* Access denied, too many connections from this IP address! */
1311 "Refused connection from %s: too may connections (%ld) from this IP address!",
1313 Simple_Message(new_sock,
1314 "ERROR :Connection refused, too many connections from your IP address!");
1319 if (new_sock >= Pool_Size) {
1320 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION),
1321 (size_t) new_sock)) {
1323 "Can't allocate memory! [New_Connection]");
1324 Simple_Message(new_sock, "ERROR: Internal error");
1328 LogDebug("Bumped connection pool to %ld items (internal: %ld items, %ld bytes)",
1329 new_sock, array_length(&My_ConnArray,
1330 sizeof(CONNECTION)), array_bytes(&My_ConnArray));
1332 /* Adjust pointer to new block */
1333 My_Connections = array_start(&My_ConnArray);
1334 while (Pool_Size <= new_sock)
1335 Init_Conn_Struct(Pool_Size++);
1338 /* register callback */
1339 if (!io_event_create(new_sock, IO_WANTREAD, cb_clientserver)) {
1341 "Can't accept connection: io_event_create failed!");
1342 Simple_Message(new_sock, "ERROR :Internal error");
1347 c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWN, false);
1350 "Can't accept connection: can't create client structure!");
1351 Simple_Message(new_sock, "ERROR :Internal error");
1356 Init_Conn_Struct(new_sock);
1357 My_Connections[new_sock].sock = new_sock;
1358 My_Connections[new_sock].addr = new_addr;
1359 My_Connections[new_sock].client = c;
1361 /* Set initial hostname to IP address. This becomes overwritten when
1362 * the DNS lookup is enabled and succeeds, but is used otherwise. */
1363 if (ng_ipaddr_af(&new_addr) != AF_INET)
1364 snprintf(My_Connections[new_sock].host,
1365 sizeof(My_Connections[new_sock].host), "[%s]", ip_str);
1367 strlcpy(My_Connections[new_sock].host, ip_str,
1368 sizeof(My_Connections[new_sock].host));
1370 Client_SetHostname(c, My_Connections[new_sock].host);
1372 Log(LOG_INFO, "Accepted connection %d from %s:%d on socket %d.",
1373 new_sock, My_Connections[new_sock].host,
1374 ng_ipaddr_getport(&new_addr), Sock);
1376 identsock = new_sock;
1382 Resolve_Addr(&My_Connections[new_sock].proc_stat, &new_addr,
1383 identsock, cb_Read_Resolver_Result);
1385 /* ngIRCd waits up to 4 seconds for the result of the asynchronous
1386 * DNS and IDENT resolver subprocess using the "penalty" mechanism.
1387 * If there are results earlier, the delay is aborted. */
1388 Conn_SetPenalty(new_sock, 4);
1390 Account_Connection();
1392 } /* New_Connection */
1396 Account_Connection(void)
1399 if (NumConnections > NumConnectionsMax)
1400 NumConnectionsMax = NumConnections;
1401 LogDebug("Total number of connections now %lu (max %lu).",
1402 NumConnections, NumConnectionsMax);
1403 } /* Account_Connection */
1407 Socket2Index( int Sock )
1409 assert( Sock >= 0 );
1411 if( Sock >= Pool_Size || My_Connections[Sock].sock != Sock ) {
1412 /* the Connection was already closed again, likely due to
1414 LogDebug("Socket2Index: can't get connection for socket %d!", Sock);
1418 } /* Socket2Index */
1422 * Read data from the network to the read buffer. If an error occures,
1423 * the socket of this connection will be shut down.
1426 Read_Request( CONN_ID Idx )
1429 static const unsigned int maxbps = COMMAND_LEN / 2;
1430 char readbuf[READBUFFER_LEN];
1433 assert( Idx > NONE );
1434 assert( My_Connections[Idx].sock > NONE );
1437 if ((array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN) ||
1438 (array_bytes(&My_Connections[Idx].zip.rbuf) >= READBUFFER_LEN))
1440 if (array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN)
1443 /* Read buffer is full */
1445 "Receive buffer overflow (connection %d): %d bytes!",
1446 Idx, array_bytes(&My_Connections[Idx].rbuf));
1447 Conn_Close( Idx, "Receive buffer overflow!", NULL, false );
1452 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL))
1453 len = ConnSSL_Read( &My_Connections[Idx], readbuf, sizeof(readbuf));
1456 len = read(My_Connections[Idx].sock, readbuf, sizeof(readbuf));
1458 Log(LOG_INFO, "%s:%u (%s) is closing the connection ...",
1459 My_Connections[Idx].host,
1460 (unsigned int) ng_ipaddr_getport(&My_Connections[Idx].addr),
1461 ng_ipaddr_tostr(&My_Connections[Idx].addr));
1463 "Socket closed!", "Client closed connection",
1469 if( errno == EAGAIN ) return;
1470 Log(LOG_ERR, "Read error on connection %d (socket %d): %s!",
1471 Idx, My_Connections[Idx].sock, strerror(errno));
1472 Conn_Close(Idx, "Read error!", "Client closed connection",
1477 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
1478 if (!array_catb(&My_Connections[Idx].zip.rbuf, readbuf,
1481 "Could not append recieved data to zip input buffer (connn %d): %d bytes!",
1483 Conn_Close(Idx, "Receive buffer overflow!", NULL,
1490 if (!array_catb( &My_Connections[Idx].rbuf, readbuf, len)) {
1491 Log( LOG_ERR, "Could not append recieved data to input buffer (connn %d): %d bytes!", Idx, len );
1492 Conn_Close( Idx, "Receive buffer overflow!", NULL, false );
1496 /* Update connection statistics */
1497 My_Connections[Idx].bytes_in += len;
1499 /* Update timestamp of last data received if this connection is
1500 * registered as a user, server or service connection. Don't update
1501 * otherwise, so users have at least Conf_PongTimeout seconds time to
1502 * register with the IRC server -- see Check_Connections().
1503 * Set "lastping", too, so we can handle time shifts backwards ... */
1504 c = Conn_GetClient(Idx);
1505 if (c && (Client_Type(c) == CLIENT_USER
1506 || Client_Type(c) == CLIENT_SERVER
1507 || Client_Type(c) == CLIENT_SERVICE)) {
1509 if (My_Connections[Idx].lastdata != t)
1510 My_Connections[Idx].bps = 0;
1512 My_Connections[Idx].lastdata = t;
1513 My_Connections[Idx].lastping = My_Connections[Idx].lastdata;
1516 /* Look at the data in the (read-) buffer of this connection */
1517 My_Connections[Idx].bps += Handle_Buffer(Idx);
1518 if (Client_Type(c) != CLIENT_SERVER
1519 && My_Connections[Idx].bps >= maxbps) {
1520 LogDebug("Throttling connection %d: BPS exceeded! (%u >= %u)",
1521 Idx, My_Connections[Idx].bps, maxbps);
1522 Conn_SetPenalty(Idx, 1);
1524 } /* Read_Request */
1528 * Handle all data in the connection read-buffer.
1529 * Data is processed until no complete command is left in the read buffer,
1530 * or MAX_COMMANDS[_SERVER] commands were processed.
1531 * When a fatal error occurs, the connection is shut down.
1532 * @param Idx Index of the connection.
1533 * @return number of bytes processed.
1536 Handle_Buffer(CONN_ID Idx)
1539 char *ptr1, *ptr2, *first_eol;
1547 unsigned int i, maxcmd = MAX_COMMANDS, len_processed = 0;
1550 c = Conn_GetClient(Idx);
1553 /* Servers do get special command limits, so they can process
1554 * all the messages that are required while peering. */
1555 if (Client_Type(c) == CLIENT_SERVER)
1556 maxcmd = MAX_COMMANDS_SERVER;
1558 starttime = time(NULL);
1559 for (i=0; i < maxcmd; i++) {
1561 if (My_Connections[Idx].delaytime > starttime)
1564 /* Unpack compressed data, if compression is in use */
1565 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
1566 /* When unzipping fails, Unzip_Buffer() shuts
1567 * down the connection itself */
1568 if (!Unzip_Buffer(Idx))
1573 if (0 == array_bytes(&My_Connections[Idx].rbuf))
1576 /* Make sure that the buffer is NULL terminated */
1577 if (!array_cat0_temporary(&My_Connections[Idx].rbuf)) {
1578 Conn_Close(Idx, NULL,
1579 "Can't allocate memory [Handle_Buffer]",
1584 /* RFC 2812, section "2.3 Messages", 5th paragraph:
1585 * "IRC messages are always lines of characters terminated
1586 * with a CR-LF (Carriage Return - Line Feed) pair [...]". */
1588 ptr = strstr(array_start(&My_Connections[Idx].rbuf), "\r\n");
1591 /* Check for non-RFC-compliant request (only CR or LF)?
1592 * Unfortunately, there are quite a few clients out there
1593 * that do this -- e. g. mIRC, BitchX, and Trillian :-( */
1594 ptr1 = strchr(array_start(&My_Connections[Idx].rbuf), '\r');
1595 ptr2 = strchr(array_start(&My_Connections[Idx].rbuf), '\n');
1597 /* Check if there is a single CR or LF _before_ the
1598 * corerct CR+LF line terminator: */
1599 first_eol = ptr1 < ptr2 ? ptr1 : ptr2;
1600 if (first_eol < ptr) {
1601 /* Single CR or LF before CR+LF found */
1605 } else if (ptr1 || ptr2) {
1606 /* No CR+LF terminated command found, but single
1607 * CR or LF found ... */
1609 ptr = ptr1 < ptr2 ? ptr1 : ptr2;
1611 ptr = ptr1 ? ptr1 : ptr2;
1619 /* Complete (=line terminated) request found, handle it! */
1622 len = ptr - (char *)array_start(&My_Connections[Idx].rbuf) + delta;
1624 if (len > (COMMAND_LEN - 1)) {
1625 /* Request must not exceed 512 chars (incl. CR+LF!),
1626 * see RFC 2812. Disconnect Client if this happens. */
1628 "Request too long (connection %d): %d bytes (max. %d expected)!",
1629 Idx, array_bytes(&My_Connections[Idx].rbuf),
1631 Conn_Close(Idx, NULL, "Request too long", true);
1635 len_processed += (unsigned int)len;
1637 /* Request is empty (only '\r\n', '\r' or '\n');
1638 * delta is 2 ('\r\n') or 1 ('\r' or '\n'), see above */
1639 array_moveleft(&My_Connections[Idx].rbuf, 1, len);
1643 /* remember if stream is already compressed */
1644 old_z = My_Connections[Idx].options & CONN_ZIP;
1647 My_Connections[Idx].msg_in++;
1649 (Idx, (char *)array_start(&My_Connections[Idx].rbuf)))
1650 return 0; /* error -> connection has been closed */
1652 array_moveleft(&My_Connections[Idx].rbuf, 1, len);
1653 LogDebug("Connection %d: %d bytes left in read buffer.",
1654 Idx, array_bytes(&My_Connections[Idx].rbuf));
1656 if ((!old_z) && (My_Connections[Idx].options & CONN_ZIP) &&
1657 (array_bytes(&My_Connections[Idx].rbuf) > 0)) {
1658 /* The last command activated socket compression.
1659 * Data that was read after that needs to be copied
1660 * to the unzip buffer for decompression: */
1662 (&My_Connections[Idx].zip.rbuf,
1663 &My_Connections[Idx].rbuf)) {
1664 Conn_Close(Idx, NULL,
1665 "Can't allocate memory [Handle_Buffer]",
1670 array_trunc(&My_Connections[Idx].rbuf);
1672 ("Moved already received data (%u bytes) to uncompression buffer.",
1673 array_bytes(&My_Connections[Idx].zip.rbuf));
1677 return len_processed;
1678 } /* Handle_Buffer */
1682 Check_Connections(void)
1684 /* check if connections are alive. if not, play PING-PONG first.
1685 * if this doesn't help either, disconnect client. */
1690 for (i = 0; i < Pool_Size; i++) {
1691 if (My_Connections[i].sock < 0)
1694 c = Conn_GetClient(i);
1695 if (c && ((Client_Type(c) == CLIENT_USER)
1696 || (Client_Type(c) == CLIENT_SERVER)
1697 || (Client_Type(c) == CLIENT_SERVICE))) {
1698 /* connected User, Server or Service */
1699 if (My_Connections[i].lastping >
1700 My_Connections[i].lastdata) {
1701 /* We already sent a ping */
1702 if (My_Connections[i].lastping <
1703 time(NULL) - Conf_PongTimeout) {
1706 ("Connection %d: Ping timeout: %d seconds.",
1707 i, Conf_PongTimeout);
1708 snprintf(msg, sizeof(msg), "Ping timeout: %d seconds", Conf_PongTimeout);
1709 Conn_Close(i, NULL, msg, true);
1711 } else if (My_Connections[i].lastdata <
1712 time(NULL) - Conf_PingTimeout) {
1713 /* We need to send a PING ... */
1714 LogDebug("Connection %d: sending PING ...", i);
1715 My_Connections[i].lastping = time(NULL);
1716 Conn_WriteStr(i, "PING :%s",
1717 Client_ID(Client_ThisServer()));
1720 /* The connection is not fully established yet, so
1721 * we don't do the PING-PONG game here but instead
1722 * disconnect the client after "a short time" if it's
1723 * still not registered. */
1725 if (My_Connections[i].lastdata <
1726 time(NULL) - Conf_PongTimeout) {
1728 ("Unregistered connection %d timed out ...",
1730 Conn_Close(i, NULL, "Timeout", false);
1734 } /* Check_Connections */
1738 Check_Servers( void )
1740 /* Check if we can establish further server links */
1745 /* Check all configured servers */
1746 for( i = 0; i < MAX_SERVERS; i++ ) {
1747 /* Valid outgoing server which isn't already connected or disabled? */
1748 if(( ! Conf_Server[i].host[0] ) || ( ! Conf_Server[i].port > 0 ) ||
1749 ( Conf_Server[i].conn_id > NONE ) || ( Conf_Server[i].flags & CONF_SFLAG_DISABLED ))
1752 /* Is there already a connection in this group? */
1753 if( Conf_Server[i].group > NONE ) {
1754 for (n = 0; n < MAX_SERVERS; n++) {
1755 if (n == i) continue;
1756 if ((Conf_Server[n].conn_id != NONE) &&
1757 (Conf_Server[n].group == Conf_Server[i].group))
1760 if (n < MAX_SERVERS) continue;
1763 /* Check last connect attempt? */
1764 time_now = time(NULL);
1765 if( Conf_Server[i].lasttry > (time_now - Conf_ConnectRetry))
1768 /* Okay, try to connect now */
1769 Conf_Server[i].lasttry = time_now;
1770 Conf_Server[i].conn_id = SERVER_WAIT;
1771 assert(Proc_GetPipeFd(&Conf_Server[i].res_stat) < 0);
1772 Resolve_Name(&Conf_Server[i].res_stat, Conf_Server[i].host, cb_Connect_to_Server);
1774 } /* Check_Servers */
1778 New_Server( int Server , ng_ipaddr_t *dest)
1780 /* Establish new server link */
1781 char ip_str[NG_INET_ADDRSTRLEN];
1782 int af_dest, res, new_sock;
1785 assert( Server > NONE );
1787 if (!ng_ipaddr_tostr_r(dest, ip_str)) {
1788 Log(LOG_WARNING, "New_Server: Could not convert IP to string");
1792 Log( LOG_INFO, "Establishing connection to \"%s\", %s, port %d ... ",
1793 Conf_Server[Server].host, ip_str, Conf_Server[Server].port );
1795 af_dest = ng_ipaddr_af(dest);
1796 new_sock = socket(af_dest, SOCK_STREAM, 0);
1798 Log( LOG_CRIT, "Can't create socket (af %d) : %s!", af_dest, strerror( errno ));
1802 if (!Init_Socket(new_sock))
1805 /* is a bind address configured? */
1806 res = ng_ipaddr_af(&Conf_Server[Server].bind_addr);
1807 /* if yes, bind now. If it fails, warn and let connect() pick a source address */
1808 if (res && bind(new_sock, (struct sockaddr *) &Conf_Server[Server].bind_addr,
1809 ng_ipaddr_salen(&Conf_Server[Server].bind_addr)))
1811 ng_ipaddr_tostr_r(&Conf_Server[Server].bind_addr, ip_str);
1812 Log(LOG_WARNING, "Can't bind socket to %s: %s!", ip_str, strerror(errno));
1814 ng_ipaddr_setport(dest, Conf_Server[Server].port);
1815 res = connect(new_sock, (struct sockaddr *) dest, ng_ipaddr_salen(dest));
1816 if(( res != 0 ) && ( errno != EINPROGRESS )) {
1817 Log( LOG_CRIT, "Can't connect socket: %s!", strerror( errno ));
1822 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)new_sock)) {
1824 "Cannot allocate memory for server connection (socket %d)",
1830 My_Connections = array_start(&My_ConnArray);
1832 assert(My_Connections[new_sock].sock <= 0);
1834 Init_Conn_Struct(new_sock);
1836 ng_ipaddr_tostr_r(dest, ip_str);
1837 c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWNSERVER, false);
1839 Log( LOG_ALERT, "Can't establish connection: can't create client structure!" );
1844 /* Conn_Close() decrements this counter again */
1845 Account_Connection();
1846 Client_SetIntroducer( c, c );
1847 Client_SetToken( c, TOKEN_OUTBOUND );
1849 /* Register connection */
1850 Conf_Server[Server].conn_id = new_sock;
1851 My_Connections[new_sock].sock = new_sock;
1852 My_Connections[new_sock].addr = *dest;
1853 My_Connections[new_sock].client = c;
1854 strlcpy( My_Connections[new_sock].host, Conf_Server[Server].host,
1855 sizeof(My_Connections[new_sock].host ));
1857 /* Register new socket */
1858 if (!io_event_create( new_sock, IO_WANTWRITE, cb_connserver)) {
1859 Log( LOG_ALERT, "io_event_create(): could not add fd %d", strerror(errno));
1860 Conn_Close( new_sock, "io_event_create() failed", NULL, false );
1861 Init_Conn_Struct( new_sock );
1862 Conf_Server[Server].conn_id = NONE;
1865 if (Conf_Server[Server].SSLConnect && !ConnSSL_PrepareConnect( &My_Connections[new_sock],
1866 &Conf_Server[Server] ))
1868 Log(LOG_ALERT, "Could not initialize SSL for outgoing connection");
1869 Conn_Close( new_sock, "Could not initialize SSL for outgoing connection", NULL, false );
1870 Init_Conn_Struct( new_sock );
1871 Conf_Server[Server].conn_id = NONE;
1875 LogDebug("Registered new connection %d on socket %d (%ld in total).",
1876 new_sock, My_Connections[new_sock].sock, NumConnections);
1877 Conn_OPTION_ADD( &My_Connections[new_sock], CONN_ISCONNECTING );
1882 * Initialize connection structure.
1885 Init_Conn_Struct(CONN_ID Idx)
1887 time_t now = time(NULL);
1889 memset(&My_Connections[Idx], 0, sizeof(CONNECTION));
1890 My_Connections[Idx].sock = -1;
1891 My_Connections[Idx].signon = now;
1892 My_Connections[Idx].lastdata = now;
1893 My_Connections[Idx].lastprivmsg = now;
1894 Proc_InitStruct(&My_Connections[Idx].proc_stat);
1895 } /* Init_Conn_Struct */
1899 Init_Socket( int Sock )
1901 /* Initialize socket (set options) */
1905 if (!io_setnonblock(Sock)) {
1906 Log( LOG_CRIT, "Can't enable non-blocking mode for socket: %s!", strerror( errno ));
1911 /* Don't block this port after socket shutdown */
1913 if( setsockopt( Sock, SOL_SOCKET, SO_REUSEADDR, &value, (socklen_t)sizeof( value )) != 0 )
1915 Log( LOG_ERR, "Can't set socket option SO_REUSEADDR: %s!", strerror( errno ));
1916 /* ignore this error */
1919 /* Set type of service (TOS) */
1920 #if defined(IPPROTO_IP) && defined(IPTOS_LOWDELAY)
1921 value = IPTOS_LOWDELAY;
1922 LogDebug("Setting IP_TOS on socket %d to IPTOS_LOWDELAY.", Sock);
1923 if (setsockopt(Sock, IPPROTO_IP, IP_TOS, &value,
1924 (socklen_t) sizeof(value))) {
1925 Log(LOG_ERR, "Can't set socket option IP_TOS: %s!",
1927 /* ignore this error */
1936 cb_Connect_to_Server(int fd, UNUSED short events)
1938 /* Read result of resolver sub-process from pipe and start connection */
1941 ng_ipaddr_t dest_addrs[4]; /* we can handle at most 3; but we read up to
1942 four so we can log the 'more than we can handle'
1943 condition. First result is tried immediately, rest
1944 is saved for later if needed. */
1946 LogDebug("Resolver: Got forward lookup callback on fd %d, events %d", fd, events);
1948 for (i=0; i < MAX_SERVERS; i++) {
1949 if (Proc_GetPipeFd(&Conf_Server[i].res_stat) == fd )
1953 if( i >= MAX_SERVERS) {
1954 /* Ops, no matching server found?! */
1956 LogDebug("Resolver: Got Forward Lookup callback for unknown server!?");
1960 /* Read result from pipe */
1961 len = Resolve_Read(&Conf_Server[i].res_stat, dest_addrs, sizeof(dest_addrs));
1965 assert((len % sizeof(ng_ipaddr_t)) == 0);
1967 LogDebug("Got result from resolver: %u structs (%u bytes).", len/sizeof(ng_ipaddr_t), len);
1969 memset(&Conf_Server[i].dst_addr, 0, sizeof(Conf_Server[i].dst_addr));
1970 if (len > sizeof(ng_ipaddr_t)) {
1971 /* more than one address for this hostname, remember them
1972 * in case first address is unreachable/not available */
1973 len -= sizeof(ng_ipaddr_t);
1974 if (len > sizeof(Conf_Server[i].dst_addr)) {
1975 len = sizeof(Conf_Server[i].dst_addr);
1977 "Notice: Resolver returned more IP Addresses for host than we can handle, additional addresses dropped.");
1979 memcpy(&Conf_Server[i].dst_addr, &dest_addrs[1], len);
1982 New_Server(i, dest_addrs);
1983 } /* cb_Read_Forward_Lookup */
1987 cb_Read_Resolver_Result( int r_fd, UNUSED short events )
1989 /* Read result of resolver sub-process from pipe and update the
1990 * apropriate connection/client structure(s): hostname and/or
1991 * IDENT user name.*/
1998 char readbuf[HOST_LEN + 2 + CLIENT_USER_LEN];
2000 char readbuf[HOST_LEN + 1];
2003 LogDebug("Resolver: Got callback on fd %d, events %d", r_fd, events );
2005 /* Search associated connection ... */
2006 for( i = 0; i < Pool_Size; i++ ) {
2007 if(( My_Connections[i].sock != NONE )
2008 && (Proc_GetPipeFd(&My_Connections[i].proc_stat) == r_fd))
2011 if( i >= Pool_Size ) {
2012 /* Ops, none found? Probably the connection has already
2013 * been closed!? We'll ignore that ... */
2015 LogDebug("Resolver: Got callback for unknown connection!?");
2019 /* Read result from pipe */
2020 len = Resolve_Read(&My_Connections[i].proc_stat, readbuf, sizeof readbuf -1);
2024 readbuf[len] = '\0';
2025 identptr = strchr(readbuf, '\n');
2026 assert(identptr != NULL);
2028 Log( LOG_CRIT, "Resolver: Got malformed result!");
2033 LogDebug("Got result from resolver: \"%s\" (%u bytes read).", readbuf, len);
2034 /* Okay, we got a complete result: this is a host name for outgoing
2035 * connections and a host name and IDENT user name (if enabled) for
2036 * incoming connections.*/
2037 assert ( My_Connections[i].sock >= 0 );
2038 /* Incoming connection. Search client ... */
2039 c = Conn_GetClient( i );
2040 assert( c != NULL );
2042 /* Only update client information of unregistered clients.
2043 * Note: user commands (e. g. WEBIRC) are always read _after_ reading
2044 * the resolver results, so we don't have to worry to override settings
2045 * from these commands here. */
2046 if(Client_Type(c) == CLIENT_UNKNOWN) {
2047 strlcpy(My_Connections[i].host, readbuf,
2048 sizeof(My_Connections[i].host));
2049 Client_SetHostname(c, readbuf);
2053 Log(LOG_INFO, "IDENT lookup for connection %d: \"%s\".", i, identptr);
2054 Client_SetUser(c, identptr, true);
2056 Log(LOG_INFO, "IDENT lookup for connection %d: no result.", i);
2061 else Log( LOG_DEBUG, "Resolver: discarding result for already registered connection %d.", i );
2063 /* Reset penalty time */
2064 Conn_ResetPenalty( i );
2065 } /* cb_Read_Resolver_Result */
2069 * Write a "simple" (error) message to a socket.
2070 * The message is sent without using the connection write buffers, without
2071 * compression/encryption, and even without any error reporting. It is
2072 * designed for error messages of e.g. New_Connection(). */
2074 Simple_Message(int Sock, const char *Msg)
2076 char buf[COMMAND_LEN];
2079 assert(Sock > NONE);
2080 assert(Msg != NULL);
2082 strlcpy(buf, Msg, sizeof buf - 2);
2083 len = strlcat(buf, "\r\n", sizeof buf);
2084 if (write(Sock, buf, len) < 0) {
2085 /* Because this function most probably got called to log
2086 * an error message, any write error is ignored here to
2087 * avoid an endless loop. But casting the result of write()
2088 * to "void" doesn't satisfy the GNU C code attribute
2089 * "warn_unused_result" which is used by some versions of
2090 * glibc (e.g. 2.11.1), therefore this silly error
2091 * "handling" code here :-( */
2094 } /* Simple_Error */
2098 * Get CLIENT structure that belongs to a local connection identified by its
2099 * index number. Each connection belongs to a client by definition, so it is
2100 * not required that the caller checks for NULL return values.
2101 * @param Idx Connection index number
2102 * @return Pointer to CLIENT structure
2105 Conn_GetClient( CONN_ID Idx )
2110 c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
2112 return c ? c->client : NULL;
2119 * Get information about used SSL chiper.
2120 * @param Idx Connection index number
2121 * @param buf Buffer for returned information text
2122 * @param len Size of return buffer "buf"
2123 * @return true on success, false otherwise
2126 Conn_GetCipherInfo(CONN_ID Idx, char *buf, size_t len)
2130 assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
2131 return ConnSSL_GetCipherInfo(&My_Connections[Idx], buf, len);
2136 * Check if a connection is SSL-enabled or not.
2137 * @param Idx Connection index number
2138 * @return true if connection is SSL-enabled, false otherwise.
2141 Conn_UsesSSL(CONN_ID Idx)
2145 assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
2146 return Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL);