X-Git-Url: https://arthur.barton.de/cgi-bin/gitweb.cgi?p=ngircd-alex.git;a=blobdiff_plain;f=src%2Fngircd%2Fconn.c;h=882251bcd80f5abf8fe776ed152647649543e4b9;hp=e3f88011b178731f8a2e4c70ab2d82e4dfd09622;hb=e744936d1919269ea8d5169e850b04ce896bf6d6;hpb=29bd35bc4fa858f0ed36e39a3d00830859ce22c8 diff --git a/src/ngircd/conn.c b/src/ngircd/conn.c index e3f88011..882251bc 100644 --- a/src/ngircd/conn.c +++ b/src/ngircd/conn.c @@ -16,7 +16,7 @@ #include "portab.h" -static char UNUSED id[] = "$Id: conn.c,v 1.117 2003/02/23 12:04:05 alex Exp $"; +static char UNUSED id[] = "$Id: conn.c,v 1.119 2003/03/07 17:16:49 alex Exp $"; #include "imp.h" #include @@ -40,7 +40,11 @@ static char UNUSED id[] = "$Id: conn.c,v 1.117 2003/02/23 12:04:05 alex Exp $"; #endif #ifdef HAVE_STDINT_H -#include /* u.a. fuer Mac OS X */ +#include /* e.g. for Mac OS X */ +#endif + +#ifdef USE_TCPWRAP +#include /* for TCP Wrappers */ #endif #include "defines.h" @@ -82,11 +86,17 @@ LOCAL VOID Init_Conn_Struct PARAMS(( CONN_ID Idx )); LOCAL BOOLEAN Init_Socket PARAMS(( INT Sock )); LOCAL VOID New_Server PARAMS(( INT Server, CONN_ID Idx )); LOCAL VOID Read_Resolver_Result PARAMS(( INT r_fd )); +LOCAL VOID Simple_Message PARAMS(( INT Sock, CHAR *Msg )); LOCAL fd_set My_Listeners; LOCAL fd_set My_Sockets; LOCAL fd_set My_Connects; +#ifdef USE_TCPWRAP +INT allow_severity = LOG_INFO; +INT deny_severity = LOG_ERR; +#endif + GLOBAL VOID Conn_Init( VOID ) @@ -836,6 +846,9 @@ New_Connection( INT Sock ) /* Neue Client-Verbindung von Listen-Socket annehmen und * CLIENT-Struktur anlegen. */ +#ifdef USE_TCPWRAP + struct request_info req; +#endif struct sockaddr_in new_addr; INT new_sock, new_sock_len; RES_STAT *s; @@ -854,6 +867,19 @@ New_Connection( INT Sock ) Log( LOG_CRIT, "Can't accept connection: %s!", strerror( errno )); return; } + +#ifdef USE_TCPWRAP + /* Validate socket using TCP Wrappers */ + request_init( &req, RQ_DAEMON, PACKAGE, RQ_FILE, new_sock, RQ_CLIENT_SIN, &new_addr, NULL ); + if( ! hosts_access( &req )) + { + /* Access denied! */ + Log( deny_severity, "Refused connection from %s (by TCP Wrappers)!", inet_ntoa( new_addr.sin_addr )); + Simple_Message( new_sock, "ERROR :Connection refused" ); + close( new_sock ); + return; + } +#endif /* Socket initialisieren */ Init_Socket( new_sock ); @@ -874,6 +900,7 @@ New_Connection( INT Sock ) { /* Mehr Verbindungen duerfen wir leider nicht mehr annehmen ... */ Log( LOG_ALERT, "Can't accept connection: limit (%d) reached!", Pool_Size ); + Simple_Message( new_sock, "ERROR :Connection limit reached" ); close( new_sock ); return; } @@ -882,6 +909,7 @@ New_Connection( INT Sock ) if( new_size < Pool_Size ) { Log( LOG_ALERT, "Can't accespt connection: limit (%d) reached -- overflow!", Pool_Size ); + Simple_Message( new_sock, "ERROR :Connection limit reached" ); close( new_sock ); return; } @@ -898,6 +926,7 @@ New_Connection( INT Sock ) { /* Offenbar steht kein weiterer Sepeicher zur Verfuegung :-( */ Log( LOG_EMERG, "Can't allocate memory! [New_Connection]" ); + Simple_Message( new_sock, "ERROR: Internal error" ); close( new_sock ); return; } @@ -925,6 +954,7 @@ New_Connection( INT Sock ) if( ! c ) { Log( LOG_ALERT, "Can't accept connection: can't create client structure!" ); + Simple_Message( new_sock, "ERROR :Internal error" ); close( new_sock ); return; } @@ -1497,4 +1527,19 @@ Read_Resolver_Result( INT r_fd ) } /* Read_Resolver_Result */ +LOCAL VOID +Simple_Message( INT Sock, CHAR *Msg ) +{ + /* Write "simple" message to socket, without using compression + * or even the connection write buffers. Used e.g. for error + * messages by New_Connection(). */ + + assert( Sock > NONE ); + assert( Msg != NULL ); + + (VOID)send( Sock, Msg, strlen( Msg ), 0 ); + (VOID)send( Sock, "\r\n", 2, 0 ); +} /* Simple_Error */ + + /* -eof- */