2 * ngIRCd -- The Next Generation IRC Daemon
3 * Copyright (c)2001-2009 Alexander Barton (alex@barton.de)
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 * Please read the file COPYING, README and AUTHORS for more information.
11 * Connection management
33 #include <sys/socket.h>
35 #include <sys/types.h>
37 #include <netinet/in.h>
39 #ifdef HAVE_NETINET_IP_H
40 # ifdef HAVE_NETINET_IN_SYSTM_H
41 # include <netinet/in_systm.h>
43 # include <netinet/ip.h>
47 # include <stdint.h> /* e.g. for Mac OS X */
51 # include <tcpd.h> /* for TCP Wrappers */
67 #include "conn-func.h"
73 # include "rendezvous.h"
79 #define SERVER_WAIT (NONE - 1)
81 #define MAX_COMMANDS 3
82 #define MAX_COMMANDS_SERVER 10
85 static bool Handle_Write PARAMS(( CONN_ID Idx ));
86 static bool Conn_Write PARAMS(( CONN_ID Idx, char *Data, size_t Len ));
87 static int New_Connection PARAMS(( int Sock ));
88 static CONN_ID Socket2Index PARAMS(( int Sock ));
89 static void Read_Request PARAMS(( CONN_ID Idx ));
90 static unsigned int Handle_Buffer PARAMS(( CONN_ID Idx ));
91 static void Check_Connections PARAMS(( void ));
92 static void Check_Servers PARAMS(( void ));
93 static void Init_Conn_Struct PARAMS(( CONN_ID Idx ));
94 static bool Init_Socket PARAMS(( int Sock ));
95 static void New_Server PARAMS(( int Server, ng_ipaddr_t *dest ));
96 static void Simple_Message PARAMS(( int Sock, const char *Msg ));
97 static int NewListener PARAMS(( const char *listen_addr, UINT16 Port ));
99 static array My_Listeners;
100 static array My_ConnArray;
101 static size_t NumConnections;
104 int allow_severity = LOG_INFO;
105 int deny_severity = LOG_ERR;
108 static void server_login PARAMS((CONN_ID idx));
111 extern struct SSLOptions Conf_SSLOptions;
112 static void cb_connserver_login_ssl PARAMS((int sock, short what));
113 static void cb_clientserver_ssl PARAMS((int sock, short what));
115 static void cb_Read_Resolver_Result PARAMS((int sock, UNUSED short what));
116 static void cb_Connect_to_Server PARAMS((int sock, UNUSED short what));
117 static void cb_clientserver PARAMS((int sock, short what));
121 * IO callback for listening sockets: handle new connections. This callback
122 * gets called when a new non-SSL connection should be accepted.
123 * @param sock Socket descriptor
124 * @param irrelevant (ignored IO specification)
127 cb_listen(int sock, short irrelevant)
130 (void) New_Connection(sock);
136 * IO callback for listening SSL sockets: handle new connections. This callback
137 * gets called when a new SSL-enabled connection should be accepted.
138 * @param sock Socket descriptor
139 * @param irrelevant (ignored IO specification)
142 cb_listen_ssl(int sock, short irrelevant)
147 fd = New_Connection(sock);
150 io_event_setcb(My_Connections[fd].sock, cb_clientserver_ssl);
156 * IO callback for new outgoing non-SSL server connections.
157 * @param sock Socket descriptor
158 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
161 cb_connserver(int sock, UNUSED short what)
163 int res, err, server;
165 CONN_ID idx = Socket2Index( sock );
168 LogDebug("cb_connserver wants to write on unknown socket?!");
173 assert(what & IO_WANTWRITE);
175 /* Make sure that the server is still configured; it could have been
176 * removed in the meantime! */
177 server = Conf_GetServer(idx);
179 Log(LOG_ERR, "Connection on socket %d to \"%s\" aborted!",
180 sock, My_Connections[idx].host);
181 Conn_Close(idx, "Connection aborted!", NULL, false);
185 /* connect() finished, get result. */
186 sock_len = (socklen_t)sizeof(err);
187 res = getsockopt(My_Connections[idx].sock, SOL_SOCKET, SO_ERROR,
189 assert(sock_len == sizeof(err));
191 /* Error while connecting? */
192 if ((res != 0) || (err != 0)) {
194 Log(LOG_CRIT, "getsockopt (connection %d): %s!",
195 idx, strerror(errno));
198 "Can't connect socket to \"%s:%d\" (connection %d): %s!",
199 My_Connections[idx].host, Conf_Server[server].port,
202 Conn_Close(idx, "Can't connect!", NULL, false);
204 if (ng_ipaddr_af(&Conf_Server[server].dst_addr[0])) {
205 /* more addresses to try... */
206 New_Server(res, &Conf_Server[server].dst_addr[0]);
207 /* connection to dst_addr[0] is now in progress, so
208 * remove this address... */
209 Conf_Server[server].dst_addr[0] =
210 Conf_Server[server].dst_addr[1];
211 memset(&Conf_Server[server].dst_addr[1], 0,
212 sizeof(Conf_Server[server].dst_addr[1]));
217 /* connect() succeeded, remove all additional addresses */
218 memset(&Conf_Server[server].dst_addr, 0,
219 sizeof(Conf_Server[server].dst_addr));
221 Conn_OPTION_DEL( &My_Connections[idx], CONN_ISCONNECTING );
223 if ( Conn_OPTION_ISSET( &My_Connections[idx], CONN_SSL_CONNECT )) {
224 io_event_setcb( sock, cb_connserver_login_ssl );
225 io_event_add( sock, IO_WANTWRITE|IO_WANTREAD );
234 * Login to a remote server.
235 * @param idx Connection index
238 server_login(CONN_ID idx)
240 Log( LOG_INFO, "Connection %d with \"%s:%d\" established. Now logging in ...", idx,
241 My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port );
243 io_event_setcb( My_Connections[idx].sock, cb_clientserver);
244 io_event_add( My_Connections[idx].sock, IO_WANTREAD|IO_WANTWRITE);
246 /* Send PASS and SERVER command to peer */
247 Conn_WriteStr( idx, "PASS %s %s", Conf_Server[Conf_GetServer( idx )].pwd_out, NGIRCd_ProtoID );
248 Conn_WriteStr( idx, "SERVER %s :%s", Conf_ServerName, Conf_ServerInfo );
254 * IO callback for new outgoing SSL-enabled server connections.
255 * @param sock Socket descriptor
256 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
259 cb_connserver_login_ssl(int sock, short unused)
261 CONN_ID idx = Socket2Index(sock);
269 switch (ConnSSL_Connect( &My_Connections[idx])) {
271 case 0: LogDebug("ConnSSL_Connect: not ready");
274 Log(LOG_ERR, "SSL connection on socket %d failed!", sock);
275 Conn_Close(idx, "Can't connect!", NULL, false);
279 Log( LOG_INFO, "SSL connection %d with \"%s:%d\" established.", idx,
280 My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port );
288 * IO callback for established non-SSL client and server connections.
289 * @param sock Socket descriptor
290 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
293 cb_clientserver(int sock, short what)
295 CONN_ID idx = Socket2Index(sock);
304 if (what & IO_WANTREAD
305 || (Conn_OPTION_ISSET(&My_Connections[idx], CONN_SSL_WANT_WRITE))) {
306 /* if TLS layer needs to write additional data, call
307 * Read_Request() instead so that SSL/TLS can continue */
311 if (what & IO_WANTREAD)
314 if (what & IO_WANTWRITE)
321 * IO callback for established SSL-enabled client and server connections.
322 * @param sock Socket descriptor
323 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...)
326 cb_clientserver_ssl(int sock, short what)
328 CONN_ID idx = Socket2Index(sock);
337 switch (ConnSSL_Accept(&My_Connections[idx])) {
341 return; /* EAGAIN: callback will be invoked again by IO layer */
343 Conn_Close(idx, "Socket closed!", "SSL accept error", false);
346 if (what & IO_WANTREAD)
349 if (what & IO_WANTWRITE)
352 io_event_setcb(sock, cb_clientserver); /* SSL handshake completed */
358 * Initialite connecion module.
365 /* Speicher fuer Verbindungs-Pool anfordern */
366 Pool_Size = CONNECTION_POOL;
367 if ((Conf_MaxConnections > 0) &&
368 (Pool_Size > Conf_MaxConnections))
369 Pool_Size = Conf_MaxConnections;
371 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)Pool_Size)) {
372 Log( LOG_EMERG, "Can't allocate memory! [Conn_Init]" );
376 /* FIXME: My_Connetions/Pool_Size is needed by other parts of the
377 * code; remove them! */
378 My_Connections = (CONNECTION*) array_start(&My_ConnArray);
380 LogDebug("Allocated connection pool for %d items (%ld bytes).",
381 array_length(&My_ConnArray, sizeof( CONNECTION )), array_bytes(&My_ConnArray));
383 assert( array_length(&My_ConnArray, sizeof( CONNECTION )) >= (size_t) Pool_Size);
385 array_free( &My_Listeners );
387 /* Connection-Struktur initialisieren */
388 for( i = 0; i < Pool_Size; i++ ) Init_Conn_Struct( i );
390 /* Global write counter */
396 * Clean up connection module.
403 Conn_ExitListeners();
405 LogDebug("Shutting down all connections ..." );
406 for( idx = 0; idx < Pool_Size; idx++ ) {
407 if( My_Connections[idx].sock > NONE ) {
408 Conn_Close( idx, NULL, NGIRCd_SignalRestart ?
409 "Server going down (restarting)":"Server going down", true );
413 array_free(&My_ConnArray);
414 My_Connections = NULL;
416 io_library_shutdown();
421 ports_initlisteners(array *a, const char *listen_addr, void (*func)(int,short))
423 unsigned int created = 0;
428 len = array_length(a, sizeof (UINT16));
429 port = array_start(a);
431 fd = NewListener(listen_addr, *port);
436 if (!io_event_create( fd, IO_WANTREAD, func )) {
437 Log( LOG_ERR, "io_event_create(): Could not add listening fd %d (port %u): %s!",
438 fd, (unsigned int) *port, strerror(errno));
451 * Initialize all listening sockets.
452 * @return Number of created listening sockets
455 Conn_InitListeners( void )
457 /* Initialize ports on which the server should accept connections */
458 unsigned int created = 0;
459 char *copy, *listen_addr;
461 if (!io_library_init(CONNECTION_POOL)) {
462 Log(LOG_EMERG, "Cannot initialize IO routines: %s", strerror(errno));
466 assert(Conf_ListenAddress);
468 /* can't use Conf_ListenAddress directly, see below */
469 copy = strdup(Conf_ListenAddress);
471 Log(LOG_CRIT, "Cannot copy %s: %s", Conf_ListenAddress, strerror(errno));
474 listen_addr = strtok(copy, ",");
476 while (listen_addr) {
477 ngt_TrimStr(listen_addr);
479 created += ports_initlisteners(&Conf_ListenPorts, listen_addr, cb_listen);
481 created += ports_initlisteners(&Conf_SSLOptions.ListenPorts, listen_addr, cb_listen_ssl);
485 listen_addr = strtok(NULL, ",");
488 /* Can't free() Conf_ListenAddress here: on REHASH, if the config file
489 * cannot be re-loaded, we'd end up with a NULL Conf_ListenAddress.
490 * Instead, free() takes place in conf.c, before the config file
491 * is being parsed. */
495 } /* Conn_InitListeners */
499 Conn_ExitListeners( void )
501 /* Close down all listening sockets */
505 Rendezvous_UnregisterListeners( );
508 arraylen = array_length(&My_Listeners, sizeof (int));
510 "Shutting down all listening sockets (%d total) ...", arraylen);
511 fd = array_start(&My_Listeners);
516 LogDebug("Listening socket %d closed.", *fd );
519 array_free(&My_Listeners);
520 } /* Conn_ExitListeners */
524 InitSinaddrListenAddr(ng_ipaddr_t *addr, const char *listen_addrstr, UINT16 Port)
528 ret = ng_ipaddr_init(addr, listen_addrstr, Port);
530 assert(listen_addrstr);
531 Log(LOG_CRIT, "Can't bind to [%s]:%u: can't convert ip address \"%s\"",
532 listen_addrstr, Port, listen_addrstr);
539 set_v6_only(int af, int sock)
541 #if defined(IPV6_V6ONLY) && defined(WANT_IPV6)
547 if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, (socklen_t)sizeof(on)))
548 Log(LOG_ERR, "Could not set IPV6_V6ONLY: %s", strerror(errno));
556 /* return new listening port file descriptor or -1 on failure */
558 NewListener(const char *listen_addr, UINT16 Port)
560 /* Create new listening socket on specified port */
564 char name[CLIENT_ID_LEN], *info;
566 if (!InitSinaddrListenAddr(&addr, listen_addr, Port))
569 af = ng_ipaddr_af(&addr);
570 sock = socket(af, SOCK_STREAM, 0);
572 Log(LOG_CRIT, "Can't create socket (af %d) : %s!", af, strerror(errno));
576 set_v6_only(af, sock);
578 if (!Init_Socket(sock))
581 if (bind(sock, (struct sockaddr *)&addr, ng_ipaddr_salen(&addr)) != 0) {
582 Log(LOG_CRIT, "Can't bind socket to address %s:%d - %s",
583 ng_ipaddr_tostr(&addr), Port, strerror(errno));
588 if( listen( sock, 10 ) != 0 ) {
589 Log( LOG_CRIT, "Can't listen on socket: %s!", strerror( errno ));
594 /* keep fd in list so we can close it when ngircd restarts/shuts down */
595 if (!array_catb( &My_Listeners,(char*) &sock, sizeof(int) )) {
596 Log( LOG_CRIT, "Can't add socket to My_Listeners array: %s!", strerror( errno ));
601 Log(LOG_INFO, "Now listening on [%s]:%d (socket %d).", ng_ipaddr_tostr(&addr), Port, sock);
604 /* Get best server description text */
605 if( ! Conf_ServerInfo[0] ) info = Conf_ServerName;
608 /* Use server info string */
610 if( Conf_ServerInfo[0] == '[' )
612 /* Cut off leading hostname part in "[]" */
613 info = strchr( Conf_ServerInfo, ']' );
617 while( *info == ' ' ) info++;
620 if( ! info ) info = Conf_ServerInfo;
623 /* Add port number to description if non-standard */
625 snprintf(name, sizeof name, "%s (port %u)", info,
628 strlcpy(name, info, sizeof name);
630 /* Register service */
631 Rendezvous_Register( name, MDNS_TYPE, Port );
639 * SSL/TLS connections require extra treatment:
640 * When either CONN_SSL_WANT_WRITE or CONN_SSL_WANT_READ is set, we
641 * need to take care of that first, before checking read/write buffers.
642 * For instance, while we might have data in our write buffer, the
643 * TLS/SSL protocol might need to read internal data first for TLS/SSL
646 * If this function returns true, such a condition is met and we have
647 * to reverse the condition (check for read even if we've data to write,
648 * do not check for read but writeability even if write-buffer is empty).
651 SSL_WantRead(const CONNECTION *c)
653 if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_READ)) {
654 io_event_add(c->sock, IO_WANTREAD);
660 SSL_WantWrite(const CONNECTION *c)
662 if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_WRITE)) {
663 io_event_add(c->sock, IO_WANTWRITE);
670 SSL_WantRead(UNUSED const CONNECTION *c) { return false; }
672 SSL_WantWrite(UNUSED const CONNECTION *c) { return false; }
677 * "Main Loop": Loop until shutdown or restart is signalled.
678 * This function loops until a shutdown or restart of ngIRCd is signalled and
679 * calls io_dispatch() to check for readable and writable sockets every second.
680 * It checks for status changes on pending connections (e. g. when a hostname
681 * has been resolved), checks for "penalties" and timeouts, and handles the
688 unsigned int wdatalen, bytes_processed;
692 while (!NGIRCd_SignalQuit && !NGIRCd_SignalRestart) {
696 Rendezvous_Handler();
699 /* Should the configuration be reloaded? */
700 if (NGIRCd_SignalRehash)
703 /* Check configured servers and established links */
707 /* Look for non-empty read buffers ... */
708 for (i = 0; i < Pool_Size; i++) {
709 if ((My_Connections[i].sock > NONE)
710 && (array_bytes(&My_Connections[i].rbuf) > 0)
711 && (My_Connections[i].delaytime <= t)) {
712 /* ... and try to handle the received data */
713 bytes_processed = Handle_Buffer(i);
714 /* if we processed data, and there might be
715 * more commands in the input buffer, do not
716 * try to read any more data now */
717 if (bytes_processed &&
718 array_bytes(&My_Connections[i].rbuf) > 2) {
720 ("Throttling connection %d: command limit reached!",
722 Conn_SetPenalty(i, 1);
727 /* Look for non-empty write buffers ... */
728 for (i = 0; i < Pool_Size; i++) {
729 if (My_Connections[i].sock <= NONE)
732 wdatalen = (unsigned int)array_bytes(&My_Connections[i].wbuf);
735 array_bytes(&My_Connections[i].zip.wbuf) > 0)
740 if (SSL_WantRead(&My_Connections[i]))
742 io_event_add(My_Connections[i].sock,
747 /* Check from which sockets we possibly could read ... */
748 for (i = 0; i < Pool_Size; i++) {
749 if (My_Connections[i].sock <= NONE)
752 if (SSL_WantWrite(&My_Connections[i]))
753 continue; /* TLS/SSL layer needs to write data; deal with this first */
755 if (Resolve_INPROGRESS(&My_Connections[i].res_stat)) {
756 /* Wait for completion of resolver sub-process ... */
757 io_event_del(My_Connections[i].sock,
762 if (Conn_OPTION_ISSET(&My_Connections[i], CONN_ISCONNECTING))
763 /* Wait for completion of connect() ... */
766 if (My_Connections[i].delaytime > t) {
767 /* There is a "penalty time" set: ignore socket! */
768 io_event_del(My_Connections[i].sock,
772 io_event_add(My_Connections[i].sock, IO_WANTREAD);
775 /* Set the timeout for reading from the network to 1 second,
776 * which is the granularity with witch we handle "penalty
777 * times" for example.
778 * Note: tv_sec/usec are undefined(!) after io_dispatch()
779 * returns, so we have to set it beforce each call to it! */
783 /* Wait for activity ... */
784 i = io_dispatch(&tv);
785 if (i == -1 && errno != EINTR) {
786 Log(LOG_EMERG, "Conn_Handler(): io_dispatch(): %s!",
788 Log(LOG_ALERT, "%s exiting due to fatal errors!",
794 if (NGIRCd_SignalQuit)
795 Log(LOG_NOTICE | LOG_snotice, "Server going down NOW!");
796 else if (NGIRCd_SignalRestart)
797 Log(LOG_NOTICE | LOG_snotice, "Server restarting NOW!");
802 * Write a text string into the socket of a connection.
803 * This function automatically appends CR+LF to the string and validates that
804 * the result is a valid IRC message (oversized messages are shortened, for
805 * example). Then it calls the Conn_Write() function to do the actual sending.
806 * @param Idx Index fo the connection.
807 * @param Format Format string, see printf().
808 * @return true on success, false otherwise.
812 Conn_WriteStr( CONN_ID Idx, char *Format, ... )
815 Conn_WriteStr( Idx, Format, va_alist )
821 char buffer[COMMAND_LEN];
826 assert( Idx > NONE );
827 assert( Format != NULL );
830 va_start( ap, Format );
834 if (vsnprintf( buffer, COMMAND_LEN - 2, Format, ap ) >= COMMAND_LEN - 2 ) {
836 * The string that should be written to the socket is longer
837 * than the allowed size of COMMAND_LEN bytes (including both
838 * the CR and LF characters). This can be caused by the
839 * IRC_WriteXXX() functions when the prefix of this server had
840 * to be added to an already "quite long" command line which
841 * has been received from a regular IRC client, for example.
843 * We are not allowed to send such "oversized" messages to
844 * other servers and clients, see RFC 2812 2.3 and 2813 3.3
845 * ("these messages SHALL NOT exceed 512 characters in length,
846 * counting all characters including the trailing CR-LF").
848 * So we have a big problem here: we should send more bytes
849 * to the network than we are allowed to and we don't know
850 * the originator (any more). The "old" behaviour of blaming
851 * the receiver ("next hop") is a bad idea (it could be just
852 * an other server only routing the message!), so the only
853 * option left is to shorten the string and to hope that the
854 * result is still somewhat useful ...
858 strcpy (buffer + sizeof(buffer) - strlen(CUT_TXTSUFFIX) - 2 - 1,
864 Log(LOG_DEBUG, " -> connection %d: '%s'.", Idx, buffer);
867 len = strlcat( buffer, "\r\n", sizeof( buffer ));
868 ok = Conn_Write(Idx, buffer, len);
869 My_Connections[Idx].msg_out++;
873 } /* Conn_WriteStr */
877 * Append Data to the outbound write buffer of a connection.
878 * @param Idx Index of the connection.
879 * @param Data pointer to the data.
880 * @param Len length of Data.
881 * @return true on success, false otherwise.
884 Conn_Write( CONN_ID Idx, char *Data, size_t Len )
887 size_t writebuf_limit = WRITEBUFFER_LEN;
888 assert( Idx > NONE );
889 assert( Data != NULL );
892 c = Conn_GetClient(Idx);
895 /* Servers do get special write buffer limits, so they can generate
896 * all the messages that are required while peering. */
897 if (Client_Type(c) == CLIENT_SERVER)
898 writebuf_limit = WRITEBUFFER_SLINK_LEN;
900 /* Is the socket still open? A previous call to Conn_Write()
901 * may have closed the connection due to a fatal error.
902 * In this case it is sufficient to return an error, as well. */
903 if( My_Connections[Idx].sock <= NONE ) {
904 LogDebug("Skipped write on closed socket (connection %d).", Idx);
909 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
911 * Zip_Buffer() does all the dirty work for us: it flushes
912 * the (pre-)compression buffers if required and handles
913 * all error conditions. */
914 if (!Zip_Buffer(Idx, Data, Len))
920 /* Uncompressed link:
921 * Check if outbound buffer has enough space for the data. */
922 if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
924 /* Buffer is full, flush it. Handle_Write deals with
925 * low-level errors, if any. */
926 if (!Handle_Write(Idx))
930 /* When the write buffer is still too big after flushing it,
931 * the connection will be killed. */
932 if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
935 "Write buffer overflow (connection %d, size %lu byte)!",
937 (unsigned long)array_bytes(&My_Connections[Idx].wbuf));
938 Conn_Close(Idx, "Write buffer overflow!", NULL, false);
942 /* Copy data to write buffer */
943 if (!array_catb(&My_Connections[Idx].wbuf, Data, Len))
946 My_Connections[Idx].bytes_out += Len;
949 /* Adjust global write counter */
957 Conn_Close( CONN_ID Idx, const char *LogMsg, const char *FwdMsg, bool InformClient )
959 /* Close connection. Open pipes of asyncronous resolver
960 * sub-processes are closed down. */
966 double in_z_k, out_z_k;
970 assert( Idx > NONE );
972 /* Is this link already shutting down? */
973 if( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ISCLOSING )) {
974 /* Conn_Close() has been called recursively for this link;
975 * probabe reason: Handle_Write() failed -- see below. */
976 LogDebug("Recursive request to close connection: %d", Idx );
980 assert( My_Connections[Idx].sock > NONE );
982 /* Mark link as "closing" */
983 Conn_OPTION_ADD( &My_Connections[Idx], CONN_ISCLOSING );
985 port = ng_ipaddr_getport(&My_Connections[Idx].addr);
986 Log(LOG_INFO, "Shutting down connection %d (%s) with %s:%d ...", Idx,
987 LogMsg ? LogMsg : FwdMsg, My_Connections[Idx].host, port);
989 /* Search client, if any */
990 c = Conn_GetClient( Idx );
992 /* Should the client be informed? */
995 /* Send statistics to client if registered as user: */
996 if ((c != NULL) && (Client_Type(c) == CLIENT_USER)) {
998 ":%s NOTICE %s :%sConnection statistics: client %.1f kb, server %.1f kb.",
999 Client_ID(Client_ThisServer()), Client_ID(c),
1001 (double)My_Connections[Idx].bytes_in / 1024,
1002 (double)My_Connections[Idx].bytes_out / 1024);
1005 /* Send ERROR to client (see RFC 2812, section 3.1.7) */
1007 Conn_WriteStr(Idx, "ERROR :%s", FwdMsg);
1009 Conn_WriteStr(Idx, "ERROR :Closing connection.");
1012 /* Try to write out the write buffer. Note: Handle_Write() eventually
1013 * removes the CLIENT structure associated with this connection if an
1014 * error occurs! So we have to re-check if there is still an valid
1015 * CLIENT structure after calling Handle_Write() ...*/
1016 (void)Handle_Write( Idx );
1018 /* Search client, if any (re-check!) */
1019 c = Conn_GetClient( Idx );
1021 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
1022 Log(LOG_INFO, "SSL connection %d shutting down ...", Idx);
1023 ConnSSL_Free(&My_Connections[Idx]);
1026 /* Shut down socket */
1027 if (! io_close(My_Connections[Idx].sock)) {
1028 /* Oops, we can't close the socket!? This is ... ugly! */
1030 "Error closing connection %d (socket %d) with %s:%d - %s! (ignored)",
1031 Idx, My_Connections[Idx].sock, My_Connections[Idx].host,
1032 port, strerror(errno));
1035 /* Mark socket as invalid: */
1036 My_Connections[Idx].sock = NONE;
1038 /* If there is still a client, unregister it now */
1040 Client_Destroy(c, LogMsg, FwdMsg, true);
1042 /* Calculate statistics and log information */
1043 in_k = (double)My_Connections[Idx].bytes_in / 1024;
1044 out_k = (double)My_Connections[Idx].bytes_out / 1024;
1046 if (Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP)) {
1047 in_z_k = (double)My_Connections[Idx].zip.bytes_in / 1024;
1048 out_z_k = (double)My_Connections[Idx].zip.bytes_out / 1024;
1049 /* Make sure that no division by zero can occur during
1050 * the calculation of in_p and out_p: in_z_k and out_z_k
1051 * are non-zero, that's guaranteed by the protocol until
1052 * compression can be enabled. */
1057 in_p = (int)(( in_k * 100 ) / in_z_k );
1058 out_p = (int)(( out_k * 100 ) / out_z_k );
1060 "Connection %d with %s:%d closed (in: %.1fk/%.1fk/%d%%, out: %.1fk/%.1fk/%d%%).",
1061 Idx, My_Connections[Idx].host, port,
1062 in_k, in_z_k, in_p, out_k, out_z_k, out_p);
1068 "Connection %d with %s:%d closed (in: %.1fk, out: %.1fk).",
1069 Idx, My_Connections[Idx].host, port,
1073 /* cancel running resolver */
1074 if (Resolve_INPROGRESS(&My_Connections[Idx].res_stat))
1075 Resolve_Shutdown(&My_Connections[Idx].res_stat);
1077 /* Servers: Modify time of next connect attempt? */
1078 Conf_UnsetServer( Idx );
1081 /* Clean up zlib, if link was compressed */
1082 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
1083 inflateEnd( &My_Connections[Idx].zip.in );
1084 deflateEnd( &My_Connections[Idx].zip.out );
1085 array_free(&My_Connections[Idx].zip.rbuf);
1086 array_free(&My_Connections[Idx].zip.wbuf);
1090 array_free(&My_Connections[Idx].rbuf);
1091 array_free(&My_Connections[Idx].wbuf);
1093 /* Clean up connection structure (=free it) */
1094 Init_Conn_Struct( Idx );
1096 assert(NumConnections > 0);
1099 LogDebug("Shutdown of connection %d completed, %ld connection%s left.",
1100 Idx, NumConnections, NumConnections != 1 ? "s" : "");
1105 Conn_SyncServerStruct( void )
1107 /* Synchronize server structures (connection IDs):
1108 * connections <-> configuration */
1114 for( i = 0; i < Pool_Size; i++ ) {
1115 /* Established connection? */
1116 if (My_Connections[i].sock < 0)
1119 /* Server connection? */
1120 client = Conn_GetClient( i );
1121 if(( ! client ) || ( Client_Type( client ) != CLIENT_SERVER )) continue;
1123 for( c = 0; c < MAX_SERVERS; c++ )
1125 /* Configured server? */
1126 if( ! Conf_Server[c].host[0] ) continue;
1129 if( strcmp( Conf_Server[c].name, Client_ID( client )) == 0 )
1130 Conf_Server[c].conn_id = i;
1133 } /* SyncServerStruct */
1137 * Send out data of write buffer; connect new sockets.
1140 Handle_Write( CONN_ID Idx )
1145 assert( Idx > NONE );
1146 if ( My_Connections[Idx].sock < 0 ) {
1147 LogDebug("Handle_Write() on closed socket, connection %d", Idx);
1150 assert( My_Connections[Idx].sock > NONE );
1152 wdatalen = array_bytes(&My_Connections[Idx].wbuf );
1155 if (wdatalen == 0) {
1156 /* Write buffer is empty, so we try to flush the compression
1157 * buffer and get some data to work with from there :-) */
1158 if (!Zip_Flush(Idx))
1161 /* Now the write buffer most probably has changed: */
1162 wdatalen = array_bytes(&My_Connections[Idx].wbuf);
1166 if (wdatalen == 0) {
1167 /* Still no data, fine. */
1168 io_event_del(My_Connections[Idx].sock, IO_WANTWRITE );
1173 ("Handle_Write() called for connection %d, %ld bytes pending ...",
1177 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
1178 len = ConnSSL_Write(&My_Connections[Idx], array_start(&My_Connections[Idx].wbuf), wdatalen);
1182 len = write(My_Connections[Idx].sock,
1183 array_start(&My_Connections[Idx].wbuf), wdatalen );
1186 if (errno == EAGAIN || errno == EINTR)
1189 Log(LOG_ERR, "Write error on connection %d (socket %d): %s!",
1190 Idx, My_Connections[Idx].sock, strerror(errno));
1191 Conn_Close(Idx, "Write error!", NULL, false);
1195 /* move any data not yet written to beginning */
1196 array_moveleft(&My_Connections[Idx].wbuf, 1, (size_t)len);
1199 } /* Handle_Write */
1203 Count_Connections(ng_ipaddr_t *a)
1208 for (i = 0; i < Pool_Size; i++) {
1209 if (My_Connections[i].sock <= NONE)
1211 if (ng_ipaddr_ipequal(&My_Connections[i].addr, a))
1215 } /* Count_Connections */
1219 * Initialize new client connection on a listening socket.
1220 * @param Sock Listening socket descriptor
1221 * @return Accepted socket descriptor or -1 on error
1224 New_Connection(int Sock)
1227 struct request_info req;
1229 ng_ipaddr_t new_addr;
1230 char ip_str[NG_INET_ADDRSTRLEN];
1231 int new_sock, new_sock_len, identsock;
1235 assert(Sock > NONE);
1237 new_sock_len = (int)sizeof(new_addr);
1238 new_sock = accept(Sock, (struct sockaddr *)&new_addr,
1239 (socklen_t *)&new_sock_len);
1241 Log(LOG_CRIT, "Can't accept connection: %s!", strerror(errno));
1245 if (!ng_ipaddr_tostr_r(&new_addr, ip_str)) {
1246 Log(LOG_CRIT, "fd %d: Can't convert IP address!", new_sock);
1247 Simple_Message(new_sock, "ERROR :Internal Server Error");
1253 /* Validate socket using TCP Wrappers */
1254 request_init(&req, RQ_DAEMON, PACKAGE_NAME, RQ_FILE, new_sock,
1255 RQ_CLIENT_SIN, &new_addr, NULL);
1257 if (!hosts_access(&req)) {
1259 "Refused connection from %s (by TCP Wrappers)!", ip_str);
1260 Simple_Message(new_sock, "ERROR :Connection refused");
1266 if (!Init_Socket(new_sock))
1269 /* Check global connection limit */
1270 if ((Conf_MaxConnections > 0) &&
1271 (NumConnections >= (size_t) Conf_MaxConnections)) {
1272 Log(LOG_ALERT, "Can't accept connection: limit (%d) reached!",
1273 Conf_MaxConnections);
1274 Simple_Message(new_sock, "ERROR :Connection limit reached");
1279 /* Check IP-based connection limit */
1280 cnt = Count_Connections(&new_addr);
1281 if ((Conf_MaxConnectionsIP > 0) && (cnt >= Conf_MaxConnectionsIP)) {
1282 /* Access denied, too many connections from this IP address! */
1284 "Refused connection from %s: too may connections (%ld) from this IP address!",
1286 Simple_Message(new_sock,
1287 "ERROR :Connection refused, too many connections from your IP address!");
1292 if (new_sock >= Pool_Size) {
1293 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION),
1294 (size_t) new_sock)) {
1296 "Can't allocate memory! [New_Connection]");
1297 Simple_Message(new_sock, "ERROR: Internal error");
1301 LogDebug("Bumped connection pool to %ld items (internal: %ld items, %ld bytes)",
1302 new_sock, array_length(&My_ConnArray,
1303 sizeof(CONNECTION)), array_bytes(&My_ConnArray));
1305 /* Adjust pointer to new block */
1306 My_Connections = array_start(&My_ConnArray);
1307 while (Pool_Size <= new_sock)
1308 Init_Conn_Struct(Pool_Size++);
1311 /* register callback */
1312 if (!io_event_create(new_sock, IO_WANTREAD, cb_clientserver)) {
1314 "Can't accept connection: io_event_create failed!");
1315 Simple_Message(new_sock, "ERROR :Internal error");
1320 c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWN, false);
1323 "Can't accept connection: can't create client structure!");
1324 Simple_Message(new_sock, "ERROR :Internal error");
1329 Init_Conn_Struct(new_sock);
1330 My_Connections[new_sock].sock = new_sock;
1331 My_Connections[new_sock].addr = new_addr;
1332 My_Connections[new_sock].client = c;
1334 /* Set initial hostname to IP address. This becomes overwritten when
1335 * the DNS lookup is enabled and succeeds, but is used otherwise. */
1336 if (ng_ipaddr_af(&new_addr) != AF_INET)
1337 snprintf(My_Connections[new_sock].host,
1338 sizeof(My_Connections[new_sock].host), "[%s]", ip_str);
1340 strlcpy(My_Connections[new_sock].host, ip_str,
1341 sizeof(My_Connections[new_sock].host));
1343 Client_SetHostname(c, My_Connections[new_sock].host);
1345 Log(LOG_INFO, "Accepted connection %d from %s:%d on socket %d.",
1346 new_sock, My_Connections[new_sock].host,
1347 ng_ipaddr_getport(&new_addr), Sock);
1349 identsock = new_sock;
1355 Resolve_Addr(&My_Connections[new_sock].res_stat, &new_addr,
1356 identsock, cb_Read_Resolver_Result);
1358 /* ngIRCd waits up to 4 seconds for the result of the asynchronous
1359 * DNS and IDENT resolver subprocess using the "penalty" mechanism.
1360 * If there are results earlier, the delay is aborted. */
1361 Conn_SetPenalty(new_sock, 4);
1364 LogDebug("Total number of connections now %ld.", NumConnections);
1366 } /* New_Connection */
1370 Socket2Index( int Sock )
1372 assert( Sock >= 0 );
1374 if( Sock >= Pool_Size || My_Connections[Sock].sock != Sock ) {
1375 /* the Connection was already closed again, likely due to
1377 LogDebug("Socket2Index: can't get connection for socket %d!", Sock);
1381 } /* Socket2Index */
1385 * Read data from the network to the read buffer. If an error occures,
1386 * the socket of this connection will be shut down.
1389 Read_Request( CONN_ID Idx )
1392 static const unsigned int maxbps = COMMAND_LEN / 2;
1393 char readbuf[READBUFFER_LEN];
1396 assert( Idx > NONE );
1397 assert( My_Connections[Idx].sock > NONE );
1400 if ((array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN) ||
1401 (array_bytes(&My_Connections[Idx].zip.rbuf) >= READBUFFER_LEN))
1403 if (array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN)
1406 /* Read buffer is full */
1408 "Receive buffer overflow (connection %d): %d bytes!",
1409 Idx, array_bytes(&My_Connections[Idx].rbuf));
1410 Conn_Close( Idx, "Receive buffer overflow!", NULL, false );
1415 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL))
1416 len = ConnSSL_Read( &My_Connections[Idx], readbuf, sizeof(readbuf));
1419 len = read(My_Connections[Idx].sock, readbuf, sizeof(readbuf));
1421 Log(LOG_INFO, "%s:%u (%s) is closing the connection ...",
1422 My_Connections[Idx].host,
1423 (unsigned int) ng_ipaddr_getport(&My_Connections[Idx].addr),
1424 ng_ipaddr_tostr(&My_Connections[Idx].addr));
1426 "Socket closed!", "Client closed connection",
1432 if( errno == EAGAIN ) return;
1433 Log(LOG_ERR, "Read error on connection %d (socket %d): %s!",
1434 Idx, My_Connections[Idx].sock, strerror(errno));
1435 Conn_Close(Idx, "Read error!", "Client closed connection",
1440 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
1441 if (!array_catb(&My_Connections[Idx].zip.rbuf, readbuf,
1444 "Could not append recieved data to zip input buffer (connn %d): %d bytes!",
1446 Conn_Close(Idx, "Receive buffer overflow!", NULL,
1453 if (!array_catb( &My_Connections[Idx].rbuf, readbuf, len)) {
1454 Log( LOG_ERR, "Could not append recieved data to input buffer (connn %d): %d bytes!", Idx, len );
1455 Conn_Close( Idx, "Receive buffer overflow!", NULL, false );
1459 /* Update connection statistics */
1460 My_Connections[Idx].bytes_in += len;
1462 /* Update timestamp of last data received if this connection is
1463 * registered as a user, server or service connection. Don't update
1464 * otherwise, so users have at least Conf_PongTimeout seconds time to
1465 * register with the IRC server -- see Check_Connections().
1466 * Set "lastping", too, so we can handle time shifts backwards ... */
1467 c = Conn_GetClient(Idx);
1468 if (c && (Client_Type(c) == CLIENT_USER
1469 || Client_Type(c) == CLIENT_SERVER
1470 || Client_Type(c) == CLIENT_SERVICE)) {
1472 if (My_Connections[Idx].lastdata != t)
1473 My_Connections[Idx].bps = 0;
1475 My_Connections[Idx].lastdata = t;
1476 My_Connections[Idx].lastping = My_Connections[Idx].lastdata;
1479 /* Look at the data in the (read-) buffer of this connection */
1480 My_Connections[Idx].bps += Handle_Buffer(Idx);
1481 if (Client_Type(c) != CLIENT_SERVER
1482 && My_Connections[Idx].bps >= maxbps) {
1483 LogDebug("Throttling connection %d: BPS exceeded! (%u >= %u)",
1484 Idx, My_Connections[Idx].bps, maxbps);
1485 Conn_SetPenalty(Idx, 1);
1487 } /* Read_Request */
1491 * Handle all data in the connection read-buffer.
1492 * Data is processed until no complete command is left in the read buffer,
1493 * or MAX_COMMANDS[_SERVER] commands were processed.
1494 * When a fatal error occurs, the connection is shut down.
1495 * @param Idx Index of the connection.
1496 * @return number of bytes processed.
1499 Handle_Buffer(CONN_ID Idx)
1502 char *ptr1, *ptr2, *first_eol;
1510 unsigned int i, maxcmd = MAX_COMMANDS, len_processed = 0;
1513 c = Conn_GetClient(Idx);
1516 /* Servers do get special command limits, so they can process
1517 * all the messages that are required while peering. */
1518 if (Client_Type(c) == CLIENT_SERVER)
1519 maxcmd = MAX_COMMANDS_SERVER;
1521 starttime = time(NULL);
1522 for (i=0; i < maxcmd; i++) {
1524 if (My_Connections[Idx].delaytime > starttime)
1527 /* Unpack compressed data, if compression is in use */
1528 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
1529 /* When unzipping fails, Unzip_Buffer() shuts
1530 * down the connection itself */
1531 if (!Unzip_Buffer(Idx))
1536 if (0 == array_bytes(&My_Connections[Idx].rbuf))
1539 /* Make sure that the buffer is NULL terminated */
1540 if (!array_cat0_temporary(&My_Connections[Idx].rbuf)) {
1541 Conn_Close(Idx, NULL,
1542 "Can't allocate memory [Handle_Buffer]",
1547 /* RFC 2812, section "2.3 Messages", 5th paragraph:
1548 * "IRC messages are always lines of characters terminated
1549 * with a CR-LF (Carriage Return - Line Feed) pair [...]". */
1551 ptr = strstr(array_start(&My_Connections[Idx].rbuf), "\r\n");
1554 /* Check for non-RFC-compliant request (only CR or LF)?
1555 * Unfortunately, there are quite a few clients out there
1556 * that do this -- e. g. mIRC, BitchX, and Trillian :-( */
1557 ptr1 = strchr(array_start(&My_Connections[Idx].rbuf), '\r');
1558 ptr2 = strchr(array_start(&My_Connections[Idx].rbuf), '\n');
1560 /* Check if there is a single CR or LF _before_ the
1561 * corerct CR+LF line terminator: */
1562 first_eol = ptr1 < ptr2 ? ptr1 : ptr2;
1563 if (first_eol < ptr) {
1564 /* Single CR or LF before CR+LF found */
1568 } else if (ptr1 || ptr2) {
1569 /* No CR+LF terminated command found, but single
1570 * CR or LF found ... */
1572 ptr = ptr1 < ptr2 ? ptr1 : ptr2;
1574 ptr = ptr1 ? ptr1 : ptr2;
1582 /* Complete (=line terminated) request found, handle it! */
1585 len = ptr - (char *)array_start(&My_Connections[Idx].rbuf) + delta;
1587 if (len > (COMMAND_LEN - 1)) {
1588 /* Request must not exceed 512 chars (incl. CR+LF!),
1589 * see RFC 2812. Disconnect Client if this happens. */
1591 "Request too long (connection %d): %d bytes (max. %d expected)!",
1592 Idx, array_bytes(&My_Connections[Idx].rbuf),
1594 Conn_Close(Idx, NULL, "Request too long", true);
1598 len_processed += (unsigned int)len;
1600 /* Request is empty (only '\r\n', '\r' or '\n');
1601 * delta is 2 ('\r\n') or 1 ('\r' or '\n'), see above */
1602 array_moveleft(&My_Connections[Idx].rbuf, 1, len);
1606 /* remember if stream is already compressed */
1607 old_z = My_Connections[Idx].options & CONN_ZIP;
1610 My_Connections[Idx].msg_in++;
1612 (Idx, (char *)array_start(&My_Connections[Idx].rbuf)))
1613 return 0; /* error -> connection has been closed */
1615 array_moveleft(&My_Connections[Idx].rbuf, 1, len);
1616 LogDebug("Connection %d: %d bytes left in read buffer.",
1617 Idx, array_bytes(&My_Connections[Idx].rbuf));
1619 if ((!old_z) && (My_Connections[Idx].options & CONN_ZIP) &&
1620 (array_bytes(&My_Connections[Idx].rbuf) > 0)) {
1621 /* The last command activated socket compression.
1622 * Data that was read after that needs to be copied
1623 * to the unzip buffer for decompression: */
1625 (&My_Connections[Idx].zip.rbuf,
1626 &My_Connections[Idx].rbuf)) {
1627 Conn_Close(Idx, NULL,
1628 "Can't allocate memory [Handle_Buffer]",
1633 array_trunc(&My_Connections[Idx].rbuf);
1635 ("Moved already received data (%u bytes) to uncompression buffer.",
1636 array_bytes(&My_Connections[Idx].zip.rbuf));
1640 return len_processed;
1641 } /* Handle_Buffer */
1645 Check_Connections(void)
1647 /* check if connections are alive. if not, play PING-PONG first.
1648 * if this doesn't help either, disconnect client. */
1653 for (i = 0; i < Pool_Size; i++) {
1654 if (My_Connections[i].sock < 0)
1657 c = Conn_GetClient(i);
1658 if (c && ((Client_Type(c) == CLIENT_USER)
1659 || (Client_Type(c) == CLIENT_SERVER)
1660 || (Client_Type(c) == CLIENT_SERVICE))) {
1661 /* connected User, Server or Service */
1662 if (My_Connections[i].lastping >
1663 My_Connections[i].lastdata) {
1664 /* We already sent a ping */
1665 if (My_Connections[i].lastping <
1666 time(NULL) - Conf_PongTimeout) {
1669 ("Connection %d: Ping timeout: %d seconds.",
1670 i, Conf_PongTimeout);
1671 snprintf(msg, sizeof(msg), "Ping timeout: %d seconds", Conf_PongTimeout);
1672 Conn_Close(i, NULL, msg, true);
1674 } else if (My_Connections[i].lastdata <
1675 time(NULL) - Conf_PingTimeout) {
1676 /* We need to send a PING ... */
1677 LogDebug("Connection %d: sending PING ...", i);
1678 My_Connections[i].lastping = time(NULL);
1679 Conn_WriteStr(i, "PING :%s",
1680 Client_ID(Client_ThisServer()));
1683 /* The connection is not fully established yet, so
1684 * we don't do the PING-PONG game here but instead
1685 * disconnect the client after "a short time" if it's
1686 * still not registered. */
1688 if (My_Connections[i].lastdata <
1689 time(NULL) - Conf_PongTimeout) {
1691 ("Unregistered connection %d timed out ...",
1693 Conn_Close(i, NULL, "Timeout", false);
1697 } /* Check_Connections */
1701 Check_Servers( void )
1703 /* Check if we can establish further server links */
1708 /* Check all configured servers */
1709 for( i = 0; i < MAX_SERVERS; i++ ) {
1710 /* Valid outgoing server which isn't already connected or disabled? */
1711 if(( ! Conf_Server[i].host[0] ) || ( ! Conf_Server[i].port > 0 ) ||
1712 ( Conf_Server[i].conn_id > NONE ) || ( Conf_Server[i].flags & CONF_SFLAG_DISABLED ))
1715 /* Is there already a connection in this group? */
1716 if( Conf_Server[i].group > NONE ) {
1717 for (n = 0; n < MAX_SERVERS; n++) {
1718 if (n == i) continue;
1719 if ((Conf_Server[n].conn_id != NONE) &&
1720 (Conf_Server[n].group == Conf_Server[i].group))
1723 if (n < MAX_SERVERS) continue;
1726 /* Check last connect attempt? */
1727 time_now = time(NULL);
1728 if( Conf_Server[i].lasttry > (time_now - Conf_ConnectRetry))
1731 /* Okay, try to connect now */
1732 Conf_Server[i].lasttry = time_now;
1733 Conf_Server[i].conn_id = SERVER_WAIT;
1734 assert(Resolve_Getfd(&Conf_Server[i].res_stat) < 0);
1735 Resolve_Name(&Conf_Server[i].res_stat, Conf_Server[i].host, cb_Connect_to_Server);
1737 } /* Check_Servers */
1741 New_Server( int Server , ng_ipaddr_t *dest)
1743 /* Establish new server link */
1744 char ip_str[NG_INET_ADDRSTRLEN];
1745 int af_dest, res, new_sock;
1748 assert( Server > NONE );
1750 if (!ng_ipaddr_tostr_r(dest, ip_str)) {
1751 Log(LOG_WARNING, "New_Server: Could not convert IP to string");
1755 Log( LOG_INFO, "Establishing connection to \"%s\", %s, port %d ... ",
1756 Conf_Server[Server].host, ip_str, Conf_Server[Server].port );
1758 af_dest = ng_ipaddr_af(dest);
1759 new_sock = socket(af_dest, SOCK_STREAM, 0);
1761 Log( LOG_CRIT, "Can't create socket (af %d) : %s!", af_dest, strerror( errno ));
1765 if (!Init_Socket(new_sock))
1768 /* is a bind address configured? */
1769 res = ng_ipaddr_af(&Conf_Server[Server].bind_addr);
1770 /* if yes, bind now. If it fails, warn and let connect() pick a source address */
1771 if (res && bind(new_sock, (struct sockaddr *) &Conf_Server[Server].bind_addr,
1772 ng_ipaddr_salen(&Conf_Server[Server].bind_addr)))
1774 ng_ipaddr_tostr_r(&Conf_Server[Server].bind_addr, ip_str);
1775 Log(LOG_WARNING, "Can't bind socket to %s: %s!", ip_str, strerror(errno));
1777 ng_ipaddr_setport(dest, Conf_Server[Server].port);
1778 res = connect(new_sock, (struct sockaddr *) dest, ng_ipaddr_salen(dest));
1779 if(( res != 0 ) && ( errno != EINPROGRESS )) {
1780 Log( LOG_CRIT, "Can't connect socket: %s!", strerror( errno ));
1785 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)new_sock)) {
1787 "Cannot allocate memory for server connection (socket %d)",
1793 My_Connections = array_start(&My_ConnArray);
1795 assert(My_Connections[new_sock].sock <= 0);
1797 Init_Conn_Struct(new_sock);
1799 ng_ipaddr_tostr_r(dest, ip_str);
1800 c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWNSERVER, false);
1802 Log( LOG_ALERT, "Can't establish connection: can't create client structure!" );
1807 /* Conn_Close() decrements this counter again */
1809 Client_SetIntroducer( c, c );
1810 Client_SetToken( c, TOKEN_OUTBOUND );
1812 /* Register connection */
1813 Conf_Server[Server].conn_id = new_sock;
1814 My_Connections[new_sock].sock = new_sock;
1815 My_Connections[new_sock].addr = *dest;
1816 My_Connections[new_sock].client = c;
1817 strlcpy( My_Connections[new_sock].host, Conf_Server[Server].host,
1818 sizeof(My_Connections[new_sock].host ));
1820 /* Register new socket */
1821 if (!io_event_create( new_sock, IO_WANTWRITE, cb_connserver)) {
1822 Log( LOG_ALERT, "io_event_create(): could not add fd %d", strerror(errno));
1823 Conn_Close( new_sock, "io_event_create() failed", NULL, false );
1824 Init_Conn_Struct( new_sock );
1825 Conf_Server[Server].conn_id = NONE;
1828 if (Conf_Server[Server].SSLConnect && !ConnSSL_PrepareConnect( &My_Connections[new_sock],
1829 &Conf_Server[Server] ))
1831 Log(LOG_ALERT, "Could not initialize SSL for outgoing connection");
1832 Conn_Close( new_sock, "Could not initialize SSL for outgoing connection", NULL, false );
1833 Init_Conn_Struct( new_sock );
1834 Conf_Server[Server].conn_id = NONE;
1838 LogDebug("Registered new connection %d on socket %d (%ld in total).",
1839 new_sock, My_Connections[new_sock].sock, NumConnections);
1840 Conn_OPTION_ADD( &My_Connections[new_sock], CONN_ISCONNECTING );
1845 * Initialize connection structure.
1848 Init_Conn_Struct(CONN_ID Idx)
1850 time_t now = time(NULL);
1852 memset(&My_Connections[Idx], 0, sizeof(CONNECTION));
1853 My_Connections[Idx].sock = -1;
1854 My_Connections[Idx].signon = now;
1855 My_Connections[Idx].lastdata = now;
1856 My_Connections[Idx].lastprivmsg = now;
1857 Resolve_Init(&My_Connections[Idx].res_stat);
1858 } /* Init_Conn_Struct */
1862 Init_Socket( int Sock )
1864 /* Initialize socket (set options) */
1868 if (!io_setnonblock(Sock)) {
1869 Log( LOG_CRIT, "Can't enable non-blocking mode for socket: %s!", strerror( errno ));
1874 /* Don't block this port after socket shutdown */
1876 if( setsockopt( Sock, SOL_SOCKET, SO_REUSEADDR, &value, (socklen_t)sizeof( value )) != 0 )
1878 Log( LOG_ERR, "Can't set socket option SO_REUSEADDR: %s!", strerror( errno ));
1879 /* ignore this error */
1882 /* Set type of service (TOS) */
1883 #if defined(IPPROTO_IP) && defined(IPTOS_LOWDELAY)
1884 value = IPTOS_LOWDELAY;
1885 LogDebug("Setting IP_TOS on socket %d to IPTOS_LOWDELAY.", Sock);
1886 if (setsockopt(Sock, IPPROTO_IP, IP_TOS, &value,
1887 (socklen_t) sizeof(value))) {
1888 Log(LOG_ERR, "Can't set socket option IP_TOS: %s!",
1890 /* ignore this error */
1899 cb_Connect_to_Server(int fd, UNUSED short events)
1901 /* Read result of resolver sub-process from pipe and start connection */
1904 ng_ipaddr_t dest_addrs[4]; /* we can handle at most 3; but we read up to
1905 four so we can log the 'more than we can handle'
1906 condition. First result is tried immediately, rest
1907 is saved for later if needed. */
1909 LogDebug("Resolver: Got forward lookup callback on fd %d, events %d", fd, events);
1911 for (i=0; i < MAX_SERVERS; i++) {
1912 if (Resolve_Getfd(&Conf_Server[i].res_stat) == fd )
1916 if( i >= MAX_SERVERS) {
1917 /* Ops, no matching server found?! */
1919 LogDebug("Resolver: Got Forward Lookup callback for unknown server!?");
1923 /* Read result from pipe */
1924 len = Resolve_Read(&Conf_Server[i].res_stat, dest_addrs, sizeof(dest_addrs));
1928 assert((len % sizeof(ng_ipaddr_t)) == 0);
1930 LogDebug("Got result from resolver: %u structs (%u bytes).", len/sizeof(ng_ipaddr_t), len);
1932 memset(&Conf_Server[i].dst_addr, 0, sizeof(Conf_Server[i].dst_addr));
1933 if (len > sizeof(ng_ipaddr_t)) {
1934 /* more than one address for this hostname, remember them
1935 * in case first address is unreachable/not available */
1936 len -= sizeof(ng_ipaddr_t);
1937 if (len > sizeof(Conf_Server[i].dst_addr)) {
1938 len = sizeof(Conf_Server[i].dst_addr);
1940 "Notice: Resolver returned more IP Addresses for host than we can handle, additional addresses dropped.");
1942 memcpy(&Conf_Server[i].dst_addr, &dest_addrs[1], len);
1945 New_Server(i, dest_addrs);
1946 } /* cb_Read_Forward_Lookup */
1950 cb_Read_Resolver_Result( int r_fd, UNUSED short events )
1952 /* Read result of resolver sub-process from pipe and update the
1953 * apropriate connection/client structure(s): hostname and/or
1954 * IDENT user name.*/
1961 char readbuf[HOST_LEN + 2 + CLIENT_USER_LEN];
1963 char readbuf[HOST_LEN + 1];
1966 LogDebug("Resolver: Got callback on fd %d, events %d", r_fd, events );
1968 /* Search associated connection ... */
1969 for( i = 0; i < Pool_Size; i++ ) {
1970 if(( My_Connections[i].sock != NONE )
1971 && ( Resolve_Getfd(&My_Connections[i].res_stat) == r_fd ))
1974 if( i >= Pool_Size ) {
1975 /* Ops, none found? Probably the connection has already
1976 * been closed!? We'll ignore that ... */
1978 LogDebug("Resolver: Got callback for unknown connection!?");
1982 /* Read result from pipe */
1983 len = Resolve_Read(&My_Connections[i].res_stat, readbuf, sizeof readbuf -1);
1987 readbuf[len] = '\0';
1988 identptr = strchr(readbuf, '\n');
1989 assert(identptr != NULL);
1991 Log( LOG_CRIT, "Resolver: Got malformed result!");
1996 LogDebug("Got result from resolver: \"%s\" (%u bytes read).", readbuf, len);
1997 /* Okay, we got a complete result: this is a host name for outgoing
1998 * connections and a host name and IDENT user name (if enabled) for
1999 * incoming connections.*/
2000 assert ( My_Connections[i].sock >= 0 );
2001 /* Incoming connection. Search client ... */
2002 c = Conn_GetClient( i );
2003 assert( c != NULL );
2005 /* Only update client information of unregistered clients.
2006 * Note: user commands (e. g. WEBIRC) are always read _after_ reading
2007 * the resolver results, so we don't have to worry to override settings
2008 * from these commands here. */
2009 if(Client_Type(c) == CLIENT_UNKNOWN) {
2010 strlcpy(My_Connections[i].host, readbuf,
2011 sizeof(My_Connections[i].host));
2012 Client_SetHostname(c, readbuf);
2016 Log(LOG_INFO, "IDENT lookup for connection %d: \"%s\".", i, identptr);
2017 Client_SetUser(c, identptr, true);
2019 Log(LOG_INFO, "IDENT lookup for connection %d: no result.", i);
2024 else Log( LOG_DEBUG, "Resolver: discarding result for already registered connection %d.", i );
2026 /* Reset penalty time */
2027 Conn_ResetPenalty( i );
2028 } /* cb_Read_Resolver_Result */
2032 * Write a "simple" (error) message to a socket.
2033 * The message is sent without using the connection write buffers, without
2034 * compression/encryption, and even without any error reporting. It is
2035 * designed for error messages of e.g. New_Connection(). */
2037 Simple_Message(int Sock, const char *Msg)
2039 char buf[COMMAND_LEN];
2042 assert(Sock > NONE);
2043 assert(Msg != NULL);
2045 strlcpy(buf, Msg, sizeof buf - 2);
2046 len = strlcat(buf, "\r\n", sizeof buf);
2047 if (write(Sock, buf, len) < 0) {
2048 /* Because this function most probably got called to log
2049 * an error message, any write error is ignored here to
2050 * avoid an endless loop. But casting the result of write()
2051 * to "void" doesn't satisfy the GNU C code attribute
2052 * "warn_unused_result" which is used by some versions of
2053 * glibc (e.g. 2.11.1), therefore this silly error
2054 * "handling" code here :-( */
2057 } /* Simple_Error */
2061 * Get CLIENT structure that belongs to a local connection identified by its
2062 * index number. Each connection belongs to a client by definition, so it is
2063 * not required that the caller checks for NULL return values.
2064 * @param Idx Connection index number
2065 * @return Pointer to CLIENT structure
2068 Conn_GetClient( CONN_ID Idx )
2073 c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
2075 return c ? c->client : NULL;
2082 * Get information about used SSL chiper.
2083 * @param Idx Connection index number
2084 * @param buf Buffer for returned information text
2085 * @param len Size of return buffer "buf"
2086 * @return true on success, false otherwise
2089 Conn_GetCipherInfo(CONN_ID Idx, char *buf, size_t len)
2093 assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
2094 return ConnSSL_GetCipherInfo(&My_Connections[Idx], buf, len);
2099 * Check if a connection is SSL-enabled or not.
2100 * @param Idx Connection index number
2101 * @return true if connection is SSL-enabled, false otherwise.
2104 Conn_UsesSSL(CONN_ID Idx)
2108 assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
2109 return Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL);