2 * ngIRCd -- The Next Generation IRC Daemon
3 * Copyright (c)2001-2012 Alexander Barton (alex@barton.de) and Contributors.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 * Please read the file COPYING, README and AUTHORS for more information.
22 * Connection management
37 #include <sys/socket.h>
39 #include <sys/types.h>
41 #include <netinet/in.h>
43 #ifdef HAVE_NETINET_IP_H
44 # ifdef HAVE_NETINET_IN_SYSTM_H
45 # include <netinet/in_systm.h>
47 # include <netinet/ip.h>
51 # include <tcpd.h> /* for TCP Wrappers */
66 #include "conn-encoding.h"
69 #include "conn-func.h"
71 #include "ng_ipaddr.h"
79 #define SERVER_WAIT (NONE - 1)
81 #define MAX_COMMANDS 3
82 #define MAX_COMMANDS_SERVER_MIN 10
83 #define MAX_COMMANDS_SERVICE 10
86 static bool Handle_Write PARAMS(( CONN_ID Idx ));
87 static bool Conn_Write PARAMS(( CONN_ID Idx, char *Data, size_t Len ));
88 static int New_Connection PARAMS(( int Sock, bool IsSSL ));
89 static CONN_ID Socket2Index PARAMS(( int Sock ));
90 static void Read_Request PARAMS(( CONN_ID Idx ));
91 static unsigned int Handle_Buffer PARAMS(( CONN_ID Idx ));
92 static void Check_Connections PARAMS(( void ));
93 static void Check_Servers PARAMS(( void ));
94 static void Init_Conn_Struct PARAMS(( CONN_ID Idx ));
95 static bool Init_Socket PARAMS(( int Sock ));
96 static void New_Server PARAMS(( int Server, ng_ipaddr_t *dest ));
97 static void Simple_Message PARAMS(( int Sock, const char *Msg ));
98 static int NewListener PARAMS(( const char *listen_addr, UINT16 Port ));
99 static void Account_Connection PARAMS((void));
102 static array My_Listeners;
103 static array My_ConnArray;
104 static size_t NumConnections, NumConnectionsMax, NumConnectionsAccepted;
107 int allow_severity = LOG_INFO;
108 int deny_severity = LOG_ERR;
111 static void server_login PARAMS((CONN_ID idx));
114 extern struct SSLOptions Conf_SSLOptions;
115 static void cb_connserver_login_ssl PARAMS((int sock, short what));
116 static void cb_clientserver_ssl PARAMS((int sock, short what));
118 static void cb_Read_Resolver_Result PARAMS((int sock, UNUSED short what));
119 static void cb_Connect_to_Server PARAMS((int sock, UNUSED short what));
120 static void cb_clientserver PARAMS((int sock, short what));
124 * IO callback for listening sockets: handle new connections. This callback
125 * gets called when a new non-SSL connection should be accepted.
127 * @param sock Socket descriptor.
128 * @param irrelevant (ignored IO specification)
131 cb_listen(int sock, short irrelevant)
134 (void) New_Connection(sock, false);
140 * IO callback for listening SSL sockets: handle new connections. This callback
141 * gets called when a new SSL-enabled connection should be accepted.
143 * @param sock Socket descriptor.
144 * @param irrelevant (ignored IO specification)
147 cb_listen_ssl(int sock, short irrelevant)
152 fd = New_Connection(sock, true);
155 io_event_setcb(My_Connections[fd].sock, cb_clientserver_ssl);
161 * IO callback for new outgoing non-SSL server connections.
163 * @param sock Socket descriptor.
164 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...).
167 cb_connserver(int sock, UNUSED short what)
169 int res, err, server;
171 CONN_ID idx = Socket2Index( sock );
174 LogDebug("cb_connserver wants to write on unknown socket?!");
179 assert(what & IO_WANTWRITE);
181 /* Make sure that the server is still configured; it could have been
182 * removed in the meantime! */
183 server = Conf_GetServer(idx);
185 Log(LOG_ERR, "Connection on socket %d to \"%s\" aborted!",
186 sock, My_Connections[idx].host);
187 Conn_Close(idx, "Connection aborted!", NULL, false);
191 /* connect() finished, get result. */
192 sock_len = (socklen_t)sizeof(err);
193 res = getsockopt(My_Connections[idx].sock, SOL_SOCKET, SO_ERROR,
195 assert(sock_len == sizeof(err));
197 /* Error while connecting? */
198 if ((res != 0) || (err != 0)) {
200 Log(LOG_CRIT, "getsockopt (connection %d): %s!",
201 idx, strerror(errno));
204 "Can't connect socket to \"%s:%d\" (connection %d): %s!",
205 My_Connections[idx].host, Conf_Server[server].port,
208 Conn_Close(idx, "Can't connect!", NULL, false);
210 if (ng_ipaddr_af(&Conf_Server[server].dst_addr[0])) {
211 /* more addresses to try... */
212 New_Server(server, &Conf_Server[server].dst_addr[0]);
213 /* connection to dst_addr[0] is now in progress, so
214 * remove this address... */
215 Conf_Server[server].dst_addr[0] =
216 Conf_Server[server].dst_addr[1];
217 memset(&Conf_Server[server].dst_addr[1], 0,
218 sizeof(Conf_Server[server].dst_addr[1]));
223 /* connect() succeeded, remove all additional addresses */
224 memset(&Conf_Server[server].dst_addr, 0,
225 sizeof(Conf_Server[server].dst_addr));
227 Conn_OPTION_DEL( &My_Connections[idx], CONN_ISCONNECTING );
229 if ( Conn_OPTION_ISSET( &My_Connections[idx], CONN_SSL_CONNECT )) {
230 io_event_setcb( sock, cb_connserver_login_ssl );
231 io_event_add( sock, IO_WANTWRITE|IO_WANTREAD );
240 * Login to a remote server.
242 * @param idx Connection index.
245 server_login(CONN_ID idx)
248 "Connection %d (socket %d) with \"%s:%d\" established. Now logging in ...",
249 idx, My_Connections[idx].sock, My_Connections[idx].host,
250 Conf_Server[Conf_GetServer(idx)].port);
252 io_event_setcb( My_Connections[idx].sock, cb_clientserver);
253 io_event_add( My_Connections[idx].sock, IO_WANTREAD|IO_WANTWRITE);
255 /* Send PASS and SERVER command to peer */
256 Conn_WriteStr( idx, "PASS %s %s", Conf_Server[Conf_GetServer( idx )].pwd_out, NGIRCd_ProtoID );
257 Conn_WriteStr( idx, "SERVER %s :%s", Conf_ServerName, Conf_ServerInfo );
263 * IO callback for new outgoing SSL-enabled server connections.
265 * @param sock Socket descriptor.
266 * @param unused (ignored IO specification)
269 cb_connserver_login_ssl(int sock, short unused)
271 CONN_ID idx = Socket2Index(sock);
279 switch (ConnSSL_Connect( &My_Connections[idx])) {
281 case 0: LogDebug("ConnSSL_Connect: not ready");
284 Log(LOG_ERR, "SSL connection on socket %d failed!", sock);
285 Conn_Close(idx, "Can't connect!", NULL, false);
289 Log( LOG_INFO, "SSL connection %d with \"%s:%d\" established.", idx,
290 My_Connections[idx].host, Conf_Server[Conf_GetServer( idx )].port );
298 * IO callback for established non-SSL client and server connections.
300 * @param sock Socket descriptor.
301 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...).
304 cb_clientserver(int sock, short what)
306 CONN_ID idx = Socket2Index(sock);
315 if (what & IO_WANTREAD
316 || (Conn_OPTION_ISSET(&My_Connections[idx], CONN_SSL_WANT_WRITE))) {
317 /* if TLS layer needs to write additional data, call
318 * Read_Request() instead so that SSL/TLS can continue */
322 if (what & IO_WANTREAD)
325 if (what & IO_WANTWRITE)
332 * IO callback for established SSL-enabled client and server connections.
334 * @param sock Socket descriptor.
335 * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...).
338 cb_clientserver_ssl(int sock, short what)
340 CONN_ID idx = Socket2Index(sock);
349 switch (ConnSSL_Accept(&My_Connections[idx])) {
353 return; /* EAGAIN: callback will be invoked again by IO layer */
355 Conn_Close(idx, "SSL accept error, closing socket", "SSL accept error", false);
358 if (what & IO_WANTREAD)
361 if (what & IO_WANTWRITE)
364 io_event_setcb(sock, cb_clientserver); /* SSL handshake completed */
370 * Initialize connecion module.
377 /* Speicher fuer Verbindungs-Pool anfordern */
378 Pool_Size = CONNECTION_POOL;
379 if ((Conf_MaxConnections > 0) &&
380 (Pool_Size > Conf_MaxConnections))
381 Pool_Size = Conf_MaxConnections;
383 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)Pool_Size)) {
384 Log(LOG_EMERG, "Can't allocate memory! [Conn_Init]");
388 /* FIXME: My_Connetions/Pool_Size is needed by other parts of the
389 * code; remove them! */
390 My_Connections = (CONNECTION*) array_start(&My_ConnArray);
392 LogDebug("Allocated connection pool for %d items (%ld bytes).",
393 array_length(&My_ConnArray, sizeof(CONNECTION)),
394 array_bytes(&My_ConnArray));
396 assert(array_length(&My_ConnArray, sizeof(CONNECTION)) >= (size_t)Pool_Size);
398 array_free( &My_Listeners );
400 for (i = 0; i < Pool_Size; i++)
406 * Clean up connection module.
413 Conn_ExitListeners();
415 LogDebug("Shutting down all connections ..." );
416 for( idx = 0; idx < Pool_Size; idx++ ) {
417 if( My_Connections[idx].sock > NONE ) {
418 Conn_Close( idx, NULL, NGIRCd_SignalRestart ?
419 "Server going down (restarting)":"Server going down", true );
423 array_free(&My_ConnArray);
424 My_Connections = NULL;
426 io_library_shutdown();
431 * Close all sockets (file descriptors) of open connections.
432 * This is useful in forked child processes, for example, to make sure that
433 * they don't hold connections open that the main process wants to close.
436 Conn_CloseAllSockets(int ExceptOf)
440 for(idx = 0; idx < Pool_Size; idx++) {
441 if(My_Connections[idx].sock > NONE &&
442 My_Connections[idx].sock != ExceptOf)
443 close(My_Connections[idx].sock);
449 * Initialize listening ports.
451 * @param a Array containing the ports the daemon should listen on.
452 * @param listen_addr Address the socket should listen on (can be "0.0.0.0").
453 * @param func IO callback function to register.
454 * @returns Number of listening sockets created.
457 ports_initlisteners(array *a, const char *listen_addr, void (*func)(int,short))
459 unsigned int created = 0;
464 len = array_length(a, sizeof (UINT16));
465 port = array_start(a);
467 fd = NewListener(listen_addr, *port);
472 if (!io_event_create( fd, IO_WANTREAD, func )) {
473 Log( LOG_ERR, "io_event_create(): Could not add listening fd %d (port %u): %s!",
474 fd, (unsigned int) *port, strerror(errno));
487 * Initialize all listening sockets.
489 * @returns Number of created listening sockets
492 Conn_InitListeners( void )
494 /* Initialize ports on which the server should accept connections */
495 unsigned int created = 0;
496 char *copy, *listen_addr;
498 assert(Conf_ListenAddress);
500 /* can't use Conf_ListenAddress directly, see below */
501 copy = strdup(Conf_ListenAddress);
503 Log(LOG_CRIT, "Cannot copy %s: %s", Conf_ListenAddress, strerror(errno));
506 listen_addr = strtok(copy, ",");
508 while (listen_addr) {
509 ngt_TrimStr(listen_addr);
511 created += ports_initlisteners(&Conf_ListenPorts, listen_addr, cb_listen);
513 created += ports_initlisteners(&Conf_SSLOptions.ListenPorts, listen_addr, cb_listen_ssl);
517 listen_addr = strtok(NULL, ",");
520 /* Can't free() Conf_ListenAddress here: on REHASH, if the config file
521 * cannot be re-loaded, we'd end up with a NULL Conf_ListenAddress.
522 * Instead, free() takes place in conf.c, before the config file
523 * is being parsed. */
527 } /* Conn_InitListeners */
531 * Shut down all listening sockets.
534 Conn_ExitListeners( void )
536 /* Close down all listening sockets */
540 arraylen = array_length(&My_Listeners, sizeof (int));
542 "Shutting down all listening sockets (%d total) ...", arraylen);
543 fd = array_start(&My_Listeners);
548 LogDebug("Listening socket %d closed.", *fd );
551 array_free(&My_Listeners);
552 } /* Conn_ExitListeners */
556 * Bind a socket to a specific (source) address.
558 * @param addr Address structure.
559 * @param listen_addrstr Source address as string.
560 * @param Port Port number.
561 * @returns true on success, false otherwise.
564 InitSinaddrListenAddr(ng_ipaddr_t *addr, const char *listen_addrstr, UINT16 Port)
568 ret = ng_ipaddr_init(addr, listen_addrstr, Port);
570 assert(listen_addrstr);
571 Log(LOG_CRIT, "Can't bind to [%s]:%u: can't convert ip address \"%s\"",
572 listen_addrstr, Port, listen_addrstr);
579 * Set a socket to "IPv6 only". If the given socket doesn't belong to the
580 * AF_INET6 family, or the operating system doesn't support this functionality,
581 * this function retruns silently.
583 * @param af Address family of the socket.
584 * @param sock Socket handle.
587 set_v6_only(int af, int sock)
589 #if defined(IPV6_V6ONLY) && defined(WANT_IPV6)
595 if (setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, &on, (socklen_t)sizeof(on)))
596 Log(LOG_ERR, "Could not set IPV6_V6ONLY: %s", strerror(errno));
605 * Initialize new listening port.
607 * @param listen_addr Local address to bind the socet to (can be 0.0.0.0).
608 * @param Port Port number on which the new socket should be listening.
609 * @returns file descriptor of the socket or -1 on failure.
612 NewListener(const char *listen_addr, UINT16 Port)
614 /* Create new listening socket on specified port */
618 if (!InitSinaddrListenAddr(&addr, listen_addr, Port))
621 af = ng_ipaddr_af(&addr);
622 sock = socket(af, SOCK_STREAM, 0);
624 Log(LOG_CRIT, "Can't create socket (af %d) : %s!", af, strerror(errno));
628 set_v6_only(af, sock);
630 if (!Init_Socket(sock))
633 if (bind(sock, (struct sockaddr *)&addr, ng_ipaddr_salen(&addr)) != 0) {
634 Log(LOG_CRIT, "Can't bind socket to address %s:%d - %s",
635 ng_ipaddr_tostr(&addr), Port, strerror(errno));
640 if( listen( sock, 10 ) != 0 ) {
641 Log( LOG_CRIT, "Can't listen on socket: %s!", strerror( errno ));
646 /* keep fd in list so we can close it when ngircd restarts/shuts down */
647 if (!array_catb( &My_Listeners,(char*) &sock, sizeof(int) )) {
648 Log( LOG_CRIT, "Can't add socket to My_Listeners array: %s!", strerror( errno ));
653 Log(LOG_INFO, "Now listening on [%s]:%d (socket %d).",
654 ng_ipaddr_tostr(&addr), Port, sock);
662 * Check if SSL library needs to read SSL-protocol related data.
664 * SSL/TLS connections require extra treatment:
665 * When either CONN_SSL_WANT_WRITE or CONN_SSL_WANT_READ is set, we
666 * need to take care of that first, before checking read/write buffers.
667 * For instance, while we might have data in our write buffer, the
668 * TLS/SSL protocol might need to read internal data first for TLS/SSL
671 * If this function returns true, such a condition is met and we have
672 * to reverse the condition (check for read even if we've data to write,
673 * do not check for read but writeability even if write-buffer is empty).
675 * @param c Connection to check.
676 * @returns true if SSL-library has to read protocol data.
679 SSL_WantRead(const CONNECTION *c)
681 if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_READ)) {
682 io_event_add(c->sock, IO_WANTREAD);
689 * Check if SSL library needs to write SSL-protocol related data.
691 * Please see description of SSL_WantRead() for full description!
693 * @param c Connection to check.
694 * @returns true if SSL-library has to write protocol data.
697 SSL_WantWrite(const CONNECTION *c)
699 if (Conn_OPTION_ISSET(c, CONN_SSL_WANT_WRITE)) {
700 io_event_add(c->sock, IO_WANTWRITE);
709 SSL_WantRead(UNUSED const CONNECTION *c)
713 SSL_WantWrite(UNUSED const CONNECTION *c)
720 * "Main Loop": Loop until shutdown or restart is signalled.
722 * This function loops until a shutdown or restart of ngIRCd is signalled and
723 * calls io_dispatch() to check for readable and writable sockets every second.
724 * It checks for status changes on pending connections (e. g. when a hostname
725 * has been resolved), checks for "penalties" and timeouts, and handles the
732 unsigned int wdatalen, bytes_processed;
736 while (!NGIRCd_SignalQuit && !NGIRCd_SignalRestart) {
739 /* Check configured servers and established links */
743 /* Expire outdated class/list items */
746 /* Look for non-empty read buffers ... */
747 for (i = 0; i < Pool_Size; i++) {
748 if ((My_Connections[i].sock > NONE)
749 && (array_bytes(&My_Connections[i].rbuf) > 0)
750 && (My_Connections[i].delaytime <= t)) {
751 /* ... and try to handle the received data */
752 bytes_processed = Handle_Buffer(i);
753 /* if we processed data, and there might be
754 * more commands in the input buffer, do not
755 * try to read any more data now */
756 if (bytes_processed &&
757 array_bytes(&My_Connections[i].rbuf) > 2) {
759 ("Throttling connection %d: command limit reached!",
761 Conn_SetPenalty(i, 1);
766 /* Look for non-empty write buffers ... */
767 for (i = 0; i < Pool_Size; i++) {
768 if (My_Connections[i].sock <= NONE)
771 wdatalen = (unsigned int)array_bytes(&My_Connections[i].wbuf);
774 array_bytes(&My_Connections[i].zip.wbuf) > 0)
779 if (SSL_WantRead(&My_Connections[i]))
781 io_event_add(My_Connections[i].sock,
786 /* Check from which sockets we possibly could read ... */
787 for (i = 0; i < Pool_Size; i++) {
788 if (My_Connections[i].sock <= NONE)
791 if (SSL_WantWrite(&My_Connections[i]))
792 continue; /* TLS/SSL layer needs to write data; deal with this first */
794 if (Proc_InProgress(&My_Connections[i].proc_stat)) {
795 /* Wait for completion of forked subprocess
796 * and ignore the socket in the meantime ... */
797 io_event_del(My_Connections[i].sock,
802 if (Conn_OPTION_ISSET(&My_Connections[i], CONN_ISCONNECTING))
803 /* Wait for completion of connect() ... */
806 if (My_Connections[i].delaytime > t) {
807 /* There is a "penalty time" set: ignore socket! */
808 io_event_del(My_Connections[i].sock,
813 io_event_add(My_Connections[i].sock, IO_WANTREAD);
816 /* Set the timeout for reading from the network to 1 second,
817 * which is the granularity with witch we handle "penalty
818 * times" for example.
819 * Note: tv_sec/usec are undefined(!) after io_dispatch()
820 * returns, so we have to set it beforce each call to it! */
824 /* Wait for activity ... */
825 i = io_dispatch(&tv);
826 if (i == -1 && errno != EINTR) {
827 Log(LOG_EMERG, "Conn_Handler(): io_dispatch(): %s!",
829 Log(LOG_ALERT, "%s exiting due to fatal errors!",
835 if (NGIRCd_SignalQuit)
836 Log(LOG_NOTICE | LOG_snotice, "Server going down NOW!");
837 else if (NGIRCd_SignalRestart)
838 Log(LOG_NOTICE | LOG_snotice, "Server restarting NOW!");
843 * Write a text string into the socket of a connection.
845 * This function automatically appends CR+LF to the string and validates that
846 * the result is a valid IRC message (oversized messages are shortened, for
847 * example). Then it calls the Conn_Write() function to do the actual sending.
849 * @param Idx Index fo the connection.
850 * @param Format Format string, see printf().
851 * @returns true on success, false otherwise.
855 Conn_WriteStr(CONN_ID Idx, const char *Format, ...)
858 Conn_WriteStr(Idx, Format, va_alist)
864 char buffer[COMMAND_LEN];
872 assert( Idx > NONE );
873 assert( Format != NULL );
876 va_start( ap, Format );
880 if (vsnprintf( buffer, COMMAND_LEN - 2, Format, ap ) >= COMMAND_LEN - 2 ) {
882 * The string that should be written to the socket is longer
883 * than the allowed size of COMMAND_LEN bytes (including both
884 * the CR and LF characters). This can be caused by the
885 * IRC_WriteXXX() functions when the prefix of this server had
886 * to be added to an already "quite long" command line which
887 * has been received from a regular IRC client, for example.
889 * We are not allowed to send such "oversized" messages to
890 * other servers and clients, see RFC 2812 2.3 and 2813 3.3
891 * ("these messages SHALL NOT exceed 512 characters in length,
892 * counting all characters including the trailing CR-LF").
894 * So we have a big problem here: we should send more bytes
895 * to the network than we are allowed to and we don't know
896 * the originator (any more). The "old" behaviour of blaming
897 * the receiver ("next hop") is a bad idea (it could be just
898 * an other server only routing the message!), so the only
899 * option left is to shorten the string and to hope that the
900 * result is still somewhat useful ...
904 strcpy (buffer + sizeof(buffer) - strlen(CUT_TXTSUFFIX) - 2 - 1,
909 ptr = strchr(buffer + 1, ':');
912 message = Conn_EncodingTo(Idx, ptr);
914 strlcpy(ptr, message, sizeof(buffer) - (ptr - buffer));
920 Log(LOG_DEBUG, " -> connection %d: '%s'.", Idx, buffer);
923 len = strlcat( buffer, "\r\n", sizeof( buffer ));
924 ok = Conn_Write(Idx, buffer, len);
925 My_Connections[Idx].msg_out++;
929 } /* Conn_WriteStr */
932 Conn_Password( CONN_ID Idx )
934 assert( Idx > NONE );
935 if (My_Connections[Idx].pwd == NULL)
938 return My_Connections[Idx].pwd;
939 } /* Conn_Password */
942 Conn_SetPassword( CONN_ID Idx, const char *Pwd )
944 assert( Idx > NONE );
946 if (My_Connections[Idx].pwd)
947 free(My_Connections[Idx].pwd);
949 My_Connections[Idx].pwd = strdup(Pwd);
950 if (My_Connections[Idx].pwd == NULL) {
951 Log(LOG_EMERG, "Can't allocate memory! [Conn_SetPassword]");
954 } /* Conn_SetPassword */
957 * Append Data to the outbound write buffer of a connection.
959 * @param Idx Index of the connection.
960 * @param Data pointer to the data.
961 * @param Len length of Data.
962 * @returns true on success, false otherwise.
965 Conn_Write( CONN_ID Idx, char *Data, size_t Len )
968 size_t writebuf_limit = WRITEBUFFER_MAX_LEN;
969 assert( Idx > NONE );
970 assert( Data != NULL );
973 /* Is the socket still open? A previous call to Conn_Write()
974 * may have closed the connection due to a fatal error.
975 * In this case it is sufficient to return an error, as well. */
976 if (My_Connections[Idx].sock <= NONE) {
977 LogDebug("Skipped write on closed socket (connection %d).", Idx);
981 /* Make sure that there still exists a CLIENT structure associated
982 * with this connection and check if this is a server or not: */
983 c = Conn_GetClient(Idx);
985 /* Servers do get special write buffer limits, so they can
986 * generate all the messages that are required while peering. */
987 if (Client_Type(c) == CLIENT_SERVER)
988 writebuf_limit = WRITEBUFFER_SLINK_LEN;
990 LogDebug("Write on socket without client (connection %d)!?", Idx);
993 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
995 * Zip_Buffer() does all the dirty work for us: it flushes
996 * the (pre-)compression buffers if required and handles
997 * all error conditions. */
998 if (!Zip_Buffer(Idx, Data, Len))
1004 /* Uncompressed link:
1005 * Check if outbound buffer has enough space for the data. */
1006 if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
1007 WRITEBUFFER_FLUSH_LEN) {
1008 /* Buffer is full, flush it. Handle_Write deals with
1009 * low-level errors, if any. */
1010 if (!Handle_Write(Idx))
1014 /* When the write buffer is still too big after flushing it,
1015 * the connection will be killed. */
1016 if (array_bytes(&My_Connections[Idx].wbuf) + Len >=
1019 "Write buffer space exhausted (connection %d, limit is %lu bytes, %lu bytes new, %lu bytes pending)",
1020 Idx, writebuf_limit, Len,
1021 (unsigned long)array_bytes(&My_Connections[Idx].wbuf));
1022 Conn_Close(Idx, "Write buffer space exhausted", NULL, false);
1026 /* Copy data to write buffer */
1027 if (!array_catb(&My_Connections[Idx].wbuf, Data, Len))
1030 My_Connections[Idx].bytes_out += Len;
1033 /* Adjust global write counter */
1041 * Shut down a connection.
1043 * @param Idx Connection index.
1044 * @param LogMsg Message to write to the log or NULL. If no LogMsg
1045 * is given, the FwdMsg is logged.
1046 * @param FwdMsg Message to forward to remote servers.
1047 * @param InformClient If true, inform the client on the connection which is
1048 * to be shut down of the reason (FwdMsg) and send
1049 * connection statistics before disconnecting it.
1052 Conn_Close( CONN_ID Idx, const char *LogMsg, const char *FwdMsg, bool InformClient )
1054 /* Close connection. Open pipes of asynchronous resolver
1055 * sub-processes are closed down. */
1061 double in_z_k, out_z_k;
1065 assert( Idx > NONE );
1067 /* Is this link already shutting down? */
1068 if( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ISCLOSING )) {
1069 /* Conn_Close() has been called recursively for this link;
1070 * probabe reason: Handle_Write() failed -- see below. */
1071 LogDebug("Recursive request to close connection: %d", Idx );
1075 assert( My_Connections[Idx].sock > NONE );
1077 /* Mark link as "closing" */
1078 Conn_OPTION_ADD( &My_Connections[Idx], CONN_ISCLOSING );
1080 port = ng_ipaddr_getport(&My_Connections[Idx].addr);
1081 Log(LOG_INFO, "Shutting down connection %d (%s) with %s:%d ...", Idx,
1082 LogMsg ? LogMsg : FwdMsg, My_Connections[Idx].host, port);
1084 /* Search client, if any */
1085 c = Conn_GetClient( Idx );
1087 /* Should the client be informed? */
1090 /* Send statistics to client if registered as user: */
1091 if ((c != NULL) && (Client_Type(c) == CLIENT_USER)) {
1093 ":%s NOTICE %s :%sConnection statistics: client %.1f kb, server %.1f kb.",
1094 Client_ID(Client_ThisServer()), Client_ID(c),
1096 (double)My_Connections[Idx].bytes_in / 1024,
1097 (double)My_Connections[Idx].bytes_out / 1024);
1100 /* Send ERROR to client (see RFC 2812, section 3.1.7) */
1102 Conn_WriteStr(Idx, "ERROR :%s", FwdMsg);
1104 Conn_WriteStr(Idx, "ERROR :Closing connection");
1107 /* Try to write out the write buffer. Note: Handle_Write() eventually
1108 * removes the CLIENT structure associated with this connection if an
1109 * error occurs! So we have to re-check if there is still an valid
1110 * CLIENT structure after calling Handle_Write() ...*/
1111 (void)Handle_Write( Idx );
1113 /* Search client, if any (re-check!) */
1114 c = Conn_GetClient( Idx );
1116 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
1117 Log(LOG_INFO, "SSL connection %d shutting down ...", Idx);
1118 ConnSSL_Free(&My_Connections[Idx]);
1121 /* Shut down socket */
1122 if (! io_close(My_Connections[Idx].sock)) {
1123 /* Oops, we can't close the socket!? This is ... ugly! */
1125 "Error closing connection %d (socket %d) with %s:%d - %s! (ignored)",
1126 Idx, My_Connections[Idx].sock, My_Connections[Idx].host,
1127 port, strerror(errno));
1130 /* Mark socket as invalid: */
1131 My_Connections[Idx].sock = NONE;
1133 /* If there is still a client, unregister it now */
1135 Client_Destroy(c, LogMsg, FwdMsg, true);
1137 /* Calculate statistics and log information */
1138 in_k = (double)My_Connections[Idx].bytes_in / 1024;
1139 out_k = (double)My_Connections[Idx].bytes_out / 1024;
1141 if (Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP)) {
1142 in_z_k = (double)My_Connections[Idx].zip.bytes_in / 1024;
1143 out_z_k = (double)My_Connections[Idx].zip.bytes_out / 1024;
1144 /* Make sure that no division by zero can occur during
1145 * the calculation of in_p and out_p: in_z_k and out_z_k
1146 * are non-zero, that's guaranteed by the protocol until
1147 * compression can be enabled. */
1152 in_p = (int)(( in_k * 100 ) / in_z_k );
1153 out_p = (int)(( out_k * 100 ) / out_z_k );
1155 "Connection %d with %s:%d closed (in: %.1fk/%.1fk/%d%%, out: %.1fk/%.1fk/%d%%).",
1156 Idx, My_Connections[Idx].host, port,
1157 in_k, in_z_k, in_p, out_k, out_z_k, out_p);
1163 "Connection %d with %s:%d closed (in: %.1fk, out: %.1fk).",
1164 Idx, My_Connections[Idx].host, port,
1168 /* Servers: Modify time of next connect attempt? */
1169 Conf_UnsetServer( Idx );
1172 /* Clean up zlib, if link was compressed */
1173 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_ZIP )) {
1174 inflateEnd( &My_Connections[Idx].zip.in );
1175 deflateEnd( &My_Connections[Idx].zip.out );
1176 array_free(&My_Connections[Idx].zip.rbuf);
1177 array_free(&My_Connections[Idx].zip.wbuf);
1181 array_free(&My_Connections[Idx].rbuf);
1182 array_free(&My_Connections[Idx].wbuf);
1183 if (My_Connections[Idx].pwd != NULL)
1184 free(My_Connections[Idx].pwd);
1186 /* Clean up connection structure (=free it) */
1187 Init_Conn_Struct( Idx );
1189 assert(NumConnections > 0);
1192 LogDebug("Shutdown of connection %d completed, %ld connection%s left.",
1193 Idx, NumConnections, NumConnections != 1 ? "s" : "");
1198 * Get current number of connections.
1200 * @returns Number of current connections.
1205 return NumConnections;
1210 * Get number of maximum simultaneous connections.
1212 * @returns Number of maximum simultaneous connections.
1217 return NumConnectionsMax;
1218 } /* Conn_CountMax */
1222 * Get number of connections accepted since the daemon startet.
1224 * @returns Number of connections accepted.
1227 Conn_CountAccepted(void)
1229 return NumConnectionsAccepted;
1230 } /* Conn_CountAccepted */
1234 * Synchronize established connections and configured server structures
1235 * after a configuration update and store the correct connection IDs, if any.
1238 Conn_SyncServerStruct(void)
1244 for (i = 0; i < Pool_Size; i++) {
1245 if (My_Connections[i].sock == NONE)
1249 client = Conn_GetClient(i);
1250 if (!client || Client_Type(client) != CLIENT_SERVER)
1253 for (c = 0; c < MAX_SERVERS; c++) {
1254 /* Configured server? */
1255 if (!Conf_Server[c].host[0])
1258 if (strcasecmp(Conf_Server[c].name, Client_ID(client)) == 0)
1259 Conf_Server[c].conn_id = i;
1262 } /* SyncServerStruct */
1266 * Get IP address string of a connection.
1268 * @param Idx Connection index.
1269 * @return Pointer to a global buffer containing the IP address as string.
1272 Conn_GetIPAInfo(CONN_ID Idx)
1275 return ng_ipaddr_tostr(&My_Connections[Idx].addr);
1280 * Send out data of write buffer; connect new sockets.
1282 * @param Idx Connection index.
1283 * @returns true on success, false otherwise.
1286 Handle_Write( CONN_ID Idx )
1291 assert( Idx > NONE );
1292 if ( My_Connections[Idx].sock < 0 ) {
1293 LogDebug("Handle_Write() on closed socket, connection %d", Idx);
1296 assert( My_Connections[Idx].sock > NONE );
1298 wdatalen = array_bytes(&My_Connections[Idx].wbuf );
1301 if (wdatalen == 0) {
1302 /* Write buffer is empty, so we try to flush the compression
1303 * buffer and get some data to work with from there :-) */
1304 if (!Zip_Flush(Idx))
1307 /* Now the write buffer most probably has changed: */
1308 wdatalen = array_bytes(&My_Connections[Idx].wbuf);
1312 if (wdatalen == 0) {
1313 /* Still no data, fine. */
1314 io_event_del(My_Connections[Idx].sock, IO_WANTWRITE );
1320 ("Handle_Write() called for connection %d, %ld bytes pending ...",
1325 if ( Conn_OPTION_ISSET( &My_Connections[Idx], CONN_SSL )) {
1326 len = ConnSSL_Write(&My_Connections[Idx], array_start(&My_Connections[Idx].wbuf), wdatalen);
1330 len = write(My_Connections[Idx].sock,
1331 array_start(&My_Connections[Idx].wbuf), wdatalen );
1334 if (errno == EAGAIN || errno == EINTR)
1337 Log(LOG_ERR, "Write error on connection %d (socket %d): %s!",
1338 Idx, My_Connections[Idx].sock, strerror(errno));
1339 Conn_Close(Idx, "Write error!", NULL, false);
1343 /* move any data not yet written to beginning */
1344 array_moveleft(&My_Connections[Idx].wbuf, 1, (size_t)len);
1347 } /* Handle_Write */
1351 * Count established connections to a specific IP address.
1353 * @returns Number of established connections.
1356 Count_Connections(ng_ipaddr_t *a)
1361 for (i = 0; i < Pool_Size; i++) {
1362 if (My_Connections[i].sock <= NONE)
1364 if (ng_ipaddr_ipequal(&My_Connections[i].addr, a))
1368 } /* Count_Connections */
1372 * Initialize new client connection on a listening socket.
1374 * @param Sock Listening socket descriptor.
1375 * @param IsSSL true if this socket expects SSL-encrypted data.
1376 * @returns Accepted socket descriptor or -1 on error.
1379 New_Connection(int Sock, UNUSED bool IsSSL)
1382 struct request_info req;
1384 ng_ipaddr_t new_addr;
1385 char ip_str[NG_INET_ADDRSTRLEN];
1386 int new_sock, new_sock_len;
1390 assert(Sock > NONE);
1392 LogDebug("Accepting new connection on socket %d ...", Sock);
1394 new_sock_len = (int)sizeof(new_addr);
1395 new_sock = accept(Sock, (struct sockaddr *)&new_addr,
1396 (socklen_t *)&new_sock_len);
1398 Log(LOG_CRIT, "Can't accept connection: %s!", strerror(errno));
1401 NumConnectionsAccepted++;
1403 if (!ng_ipaddr_tostr_r(&new_addr, ip_str)) {
1404 Log(LOG_CRIT, "fd %d: Can't convert IP address!", new_sock);
1405 Simple_Message(new_sock, "ERROR :Internal Server Error");
1411 /* Validate socket using TCP Wrappers */
1412 request_init(&req, RQ_DAEMON, PACKAGE_NAME, RQ_FILE, new_sock,
1413 RQ_CLIENT_SIN, &new_addr, NULL);
1415 if (!hosts_access(&req)) {
1417 "Refused connection from %s (by TCP Wrappers)!", ip_str);
1418 Simple_Message(new_sock, "ERROR :Connection refused");
1424 if (!Init_Socket(new_sock))
1427 /* Check global connection limit */
1428 if ((Conf_MaxConnections > 0) &&
1429 (NumConnections >= (size_t) Conf_MaxConnections)) {
1430 Log(LOG_ALERT, "Can't accept connection: limit (%d) reached!",
1431 Conf_MaxConnections);
1432 Simple_Message(new_sock, "ERROR :Connection limit reached");
1437 /* Check IP-based connection limit */
1438 cnt = Count_Connections(&new_addr);
1439 if ((Conf_MaxConnectionsIP > 0) && (cnt >= Conf_MaxConnectionsIP)) {
1440 /* Access denied, too many connections from this IP address! */
1442 "Refused connection from %s: too may connections (%ld) from this IP address!",
1444 Simple_Message(new_sock,
1445 "ERROR :Connection refused, too many connections from your IP address");
1450 if (new_sock >= Pool_Size) {
1451 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION),
1452 (size_t) new_sock)) {
1454 "Can't allocate memory! [New_Connection]");
1455 Simple_Message(new_sock, "ERROR: Internal error");
1459 LogDebug("Bumped connection pool to %ld items (internal: %ld items, %ld bytes)",
1460 new_sock, array_length(&My_ConnArray,
1461 sizeof(CONNECTION)), array_bytes(&My_ConnArray));
1463 /* Adjust pointer to new block */
1464 My_Connections = array_start(&My_ConnArray);
1465 while (Pool_Size <= new_sock)
1466 Init_Conn_Struct(Pool_Size++);
1469 /* register callback */
1470 if (!io_event_create(new_sock, IO_WANTREAD, cb_clientserver)) {
1472 "Can't accept connection: io_event_create failed!");
1473 Simple_Message(new_sock, "ERROR :Internal error");
1478 c = Client_NewLocal(new_sock, NULL, CLIENT_UNKNOWN, false);
1481 "Can't accept connection: can't create client structure!");
1482 Simple_Message(new_sock, "ERROR :Internal error");
1487 Init_Conn_Struct(new_sock);
1488 My_Connections[new_sock].sock = new_sock;
1489 My_Connections[new_sock].addr = new_addr;
1490 My_Connections[new_sock].client = c;
1492 /* Set initial hostname to IP address. This becomes overwritten when
1493 * the DNS lookup is enabled and succeeds, but is used otherwise. */
1494 if (ng_ipaddr_af(&new_addr) != AF_INET)
1495 snprintf(My_Connections[new_sock].host,
1496 sizeof(My_Connections[new_sock].host), "[%s]", ip_str);
1498 strlcpy(My_Connections[new_sock].host, ip_str,
1499 sizeof(My_Connections[new_sock].host));
1501 Client_SetHostname(c, My_Connections[new_sock].host);
1503 Log(LOG_INFO, "Accepted connection %d from %s:%d on socket %d.",
1504 new_sock, My_Connections[new_sock].host,
1505 ng_ipaddr_getport(&new_addr), Sock);
1506 Account_Connection();
1509 /* Delay connection initalization until SSL handshake is finished */
1512 Conn_StartLogin(new_sock);
1515 } /* New_Connection */
1519 * Finish connection initialization, start resolver subprocess.
1521 * @param Idx Connection index.
1524 Conn_StartLogin(CONN_ID Idx)
1526 int ident_sock = -1;
1530 /* Nothing to do if DNS (and resolver subprocess) is disabled */
1535 /* Should we make an IDENT request? */
1537 ident_sock = My_Connections[Idx].sock;
1540 if (Conf_NoticeAuth) {
1541 /* Send "NOTICE AUTH" messages to the client */
1544 (void)Conn_WriteStr(Idx,
1545 "NOTICE AUTH :*** Looking up your hostname and checking ident");
1548 (void)Conn_WriteStr(Idx,
1549 "NOTICE AUTH :*** Looking up your hostname");
1550 (void)Handle_Write(Idx);
1553 Resolve_Addr(&My_Connections[Idx].proc_stat, &My_Connections[Idx].addr,
1554 ident_sock, cb_Read_Resolver_Result);
1559 * Update global connection counters.
1562 Account_Connection(void)
1565 if (NumConnections > NumConnectionsMax)
1566 NumConnectionsMax = NumConnections;
1567 LogDebug("Total number of connections now %lu (max %lu).",
1568 NumConnections, NumConnectionsMax);
1569 } /* Account_Connection */
1573 * Translate socket handle into connection index.
1575 * @param Sock Socket handle.
1576 * @returns Connecion index or NONE, if no connection could be found.
1579 Socket2Index( int Sock )
1581 assert( Sock >= 0 );
1583 if( Sock >= Pool_Size || My_Connections[Sock].sock != Sock ) {
1584 /* the Connection was already closed again, likely due to
1586 LogDebug("Socket2Index: can't get connection for socket %d!", Sock);
1590 } /* Socket2Index */
1594 * Read data from the network to the read buffer. If an error occures,
1595 * the socket of this connection will be shut down.
1597 * @param Idx Connection index.
1600 Read_Request( CONN_ID Idx )
1603 static const unsigned int maxbps = COMMAND_LEN / 2;
1604 char readbuf[READBUFFER_LEN];
1607 assert( Idx > NONE );
1608 assert( My_Connections[Idx].sock > NONE );
1611 if ((array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN) ||
1612 (array_bytes(&My_Connections[Idx].zip.rbuf) >= READBUFFER_LEN))
1614 if (array_bytes(&My_Connections[Idx].rbuf) >= READBUFFER_LEN)
1617 /* Read buffer is full */
1619 "Receive buffer space exhausted (connection %d): %d bytes",
1620 Idx, array_bytes(&My_Connections[Idx].rbuf));
1621 Conn_Close(Idx, "Receive buffer space exhausted", NULL, false);
1626 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL))
1627 len = ConnSSL_Read( &My_Connections[Idx], readbuf, sizeof(readbuf));
1630 len = read(My_Connections[Idx].sock, readbuf, sizeof(readbuf));
1632 Log(LOG_INFO, "%s:%u (%s) is closing the connection ...",
1633 My_Connections[Idx].host,
1634 (unsigned int) ng_ipaddr_getport(&My_Connections[Idx].addr),
1635 ng_ipaddr_tostr(&My_Connections[Idx].addr));
1637 "Socket closed!", "Client closed connection",
1643 if( errno == EAGAIN ) return;
1644 Log(LOG_ERR, "Read error on connection %d (socket %d): %s!",
1645 Idx, My_Connections[Idx].sock, strerror(errno));
1646 Conn_Close(Idx, "Read error!", "Client closed connection",
1651 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
1652 if (!array_catb(&My_Connections[Idx].zip.rbuf, readbuf,
1655 "Could not append received data to zip input buffer (connection %d): %d bytes!",
1657 Conn_Close(Idx, "Receive buffer space exhausted", NULL,
1664 if (!array_catb( &My_Connections[Idx].rbuf, readbuf, len)) {
1666 "Could not append received data to input buffer (connection %d): %d bytes!",
1668 Conn_Close(Idx, "Receive buffer space exhausted", NULL, false );
1672 /* Update connection statistics */
1673 My_Connections[Idx].bytes_in += len;
1674 My_Connections[Idx].bps += Handle_Buffer(Idx);
1676 /* Make sure that there is still a valid client registered */
1677 c = Conn_GetClient(Idx);
1681 /* Update timestamp of last data received if this connection is
1682 * registered as a user, server or service connection. Don't update
1683 * otherwise, so users have at least Conf_PongTimeout seconds time to
1684 * register with the IRC server -- see Check_Connections().
1685 * Update "lastping", too, if time shifted backwards ... */
1686 if (Client_Type(c) == CLIENT_USER
1687 || Client_Type(c) == CLIENT_SERVER
1688 || Client_Type(c) == CLIENT_SERVICE) {
1690 if (My_Connections[Idx].lastdata != t)
1691 My_Connections[Idx].bps = 0;
1693 My_Connections[Idx].lastdata = t;
1694 if (My_Connections[Idx].lastping > t)
1695 My_Connections[Idx].lastping = t;
1698 /* Look at the data in the (read-) buffer of this connection */
1699 if (Client_Type(c) != CLIENT_SERVER
1700 && Client_Type(c) != CLIENT_UNKNOWNSERVER
1701 && Client_Type(c) != CLIENT_SERVICE
1702 && My_Connections[Idx].bps >= maxbps) {
1703 LogDebug("Throttling connection %d: BPS exceeded! (%u >= %u)",
1704 Idx, My_Connections[Idx].bps, maxbps);
1705 Conn_SetPenalty(Idx, 1);
1707 } /* Read_Request */
1711 * Handle all data in the connection read-buffer.
1713 * Data is processed until no complete command is left in the read buffer,
1714 * or MAX_COMMANDS[_SERVER|_SERVICE] commands were processed.
1715 * When a fatal error occurs, the connection is shut down.
1717 * @param Idx Index of the connection.
1718 * @returns Number of bytes processed.
1721 Handle_Buffer(CONN_ID Idx)
1724 char *ptr1, *ptr2, *first_eol;
1732 unsigned int i, maxcmd = MAX_COMMANDS, len_processed = 0;
1735 c = Conn_GetClient(Idx);
1736 starttime = time(NULL);
1740 /* Servers get special command limits that depend on the user count */
1741 switch (Client_Type(c)) {
1743 maxcmd = (int)(Client_UserCount() / 5)
1744 + MAX_COMMANDS_SERVER_MIN;
1745 /* Allow servers to handle even more commands while peering
1746 * to speed up server login and network synchronisation. */
1747 if (Conn_LastPing(Idx) == 0)
1750 case CLIENT_SERVICE:
1751 maxcmd = MAX_COMMANDS_SERVICE; break;
1754 for (i=0; i < maxcmd; i++) {
1756 if (My_Connections[Idx].delaytime > starttime)
1759 /* Unpack compressed data, if compression is in use */
1760 if (Conn_OPTION_ISSET(&My_Connections[Idx], CONN_ZIP)) {
1761 /* When unzipping fails, Unzip_Buffer() shuts
1762 * down the connection itself */
1763 if (!Unzip_Buffer(Idx))
1768 if (0 == array_bytes(&My_Connections[Idx].rbuf))
1771 /* Make sure that the buffer is NULL terminated */
1772 if (!array_cat0_temporary(&My_Connections[Idx].rbuf)) {
1773 Conn_Close(Idx, NULL,
1774 "Can't allocate memory [Handle_Buffer]",
1779 /* RFC 2812, section "2.3 Messages", 5th paragraph:
1780 * "IRC messages are always lines of characters terminated
1781 * with a CR-LF (Carriage Return - Line Feed) pair [...]". */
1783 ptr = strstr(array_start(&My_Connections[Idx].rbuf), "\r\n");
1786 /* Check for non-RFC-compliant request (only CR or LF)?
1787 * Unfortunately, there are quite a few clients out there
1788 * that do this -- e. g. mIRC, BitchX, and Trillian :-( */
1789 ptr1 = strchr(array_start(&My_Connections[Idx].rbuf), '\r');
1790 ptr2 = strchr(array_start(&My_Connections[Idx].rbuf), '\n');
1792 /* Check if there is a single CR or LF _before_ the
1793 * corerct CR+LF line terminator: */
1794 first_eol = ptr1 < ptr2 ? ptr1 : ptr2;
1795 if (first_eol < ptr) {
1796 /* Single CR or LF before CR+LF found */
1800 } else if (ptr1 || ptr2) {
1801 /* No CR+LF terminated command found, but single
1802 * CR or LF found ... */
1804 ptr = ptr1 < ptr2 ? ptr1 : ptr2;
1806 ptr = ptr1 ? ptr1 : ptr2;
1814 /* Complete (=line terminated) request found, handle it! */
1817 len = ptr - (char *)array_start(&My_Connections[Idx].rbuf) + delta;
1819 if (len > (COMMAND_LEN - 1)) {
1820 /* Request must not exceed 512 chars (incl. CR+LF!),
1821 * see RFC 2812. Disconnect Client if this happens. */
1823 "Request too long (connection %d): %d bytes (max. %d expected)!",
1824 Idx, array_bytes(&My_Connections[Idx].rbuf),
1826 Conn_Close(Idx, NULL, "Request too long", true);
1830 len_processed += (unsigned int)len;
1832 /* Request is empty (only '\r\n', '\r' or '\n');
1833 * delta is 2 ('\r\n') or 1 ('\r' or '\n'), see above */
1834 array_moveleft(&My_Connections[Idx].rbuf, 1, len);
1838 /* remember if stream is already compressed */
1839 old_z = My_Connections[Idx].options & CONN_ZIP;
1842 My_Connections[Idx].msg_in++;
1844 (Idx, (char *)array_start(&My_Connections[Idx].rbuf)))
1845 return 0; /* error -> connection has been closed */
1847 array_moveleft(&My_Connections[Idx].rbuf, 1, len);
1849 LogDebug("Connection %d: %d bytes left in read buffer.",
1850 Idx, array_bytes(&My_Connections[Idx].rbuf));
1853 if ((!old_z) && (My_Connections[Idx].options & CONN_ZIP) &&
1854 (array_bytes(&My_Connections[Idx].rbuf) > 0)) {
1855 /* The last command activated socket compression.
1856 * Data that was read after that needs to be copied
1857 * to the unzip buffer for decompression: */
1859 (&My_Connections[Idx].zip.rbuf,
1860 &My_Connections[Idx].rbuf)) {
1861 Conn_Close(Idx, NULL,
1862 "Can't allocate memory [Handle_Buffer]",
1867 array_trunc(&My_Connections[Idx].rbuf);
1869 ("Moved already received data (%u bytes) to uncompression buffer.",
1870 array_bytes(&My_Connections[Idx].zip.rbuf));
1874 return len_processed;
1875 } /* Handle_Buffer */
1879 * Check whether established connections are still alive or not.
1880 * If not, play PING-PONG first; and if that doesn't help either,
1881 * disconnect the respective peer.
1884 Check_Connections(void)
1890 for (i = 0; i < Pool_Size; i++) {
1891 if (My_Connections[i].sock < 0)
1894 c = Conn_GetClient(i);
1895 if (c && ((Client_Type(c) == CLIENT_USER)
1896 || (Client_Type(c) == CLIENT_SERVER)
1897 || (Client_Type(c) == CLIENT_SERVICE))) {
1898 /* connected User, Server or Service */
1899 if (My_Connections[i].lastping >
1900 My_Connections[i].lastdata) {
1901 /* We already sent a ping */
1902 if (My_Connections[i].lastping <
1903 time(NULL) - Conf_PongTimeout) {
1905 snprintf(msg, sizeof(msg),
1906 "Ping timeout: %d seconds",
1908 LogDebug("Connection %d: %s.", i, msg);
1909 Conn_Close(i, NULL, msg, true);
1911 } else if (My_Connections[i].lastdata <
1912 time(NULL) - Conf_PingTimeout) {
1913 /* We need to send a PING ... */
1914 LogDebug("Connection %d: sending PING ...", i);
1916 Conn_WriteStr(i, "PING :%s",
1917 Client_ID(Client_ThisServer()));
1920 /* The connection is not fully established yet, so
1921 * we don't do the PING-PONG game here but instead
1922 * disconnect the client after "a short time" if it's
1923 * still not registered. */
1925 if (My_Connections[i].lastdata <
1926 time(NULL) - Conf_PongTimeout) {
1928 ("Unregistered connection %d timed out ...",
1930 Conn_Close(i, NULL, "Timeout", false);
1934 } /* Check_Connections */
1938 * Check if further server links should be established.
1946 time_now = time(NULL);
1948 /* Check all configured servers */
1949 for (i = 0; i < MAX_SERVERS; i++) {
1950 if (Conf_Server[i].conn_id != NONE)
1951 continue; /* Already establishing or connected */
1952 if (!Conf_Server[i].host[0] || !Conf_Server[i].port > 0)
1953 continue; /* No host and/or port configured */
1954 if (Conf_Server[i].flags & CONF_SFLAG_DISABLED)
1955 continue; /* Disabled configuration entry */
1956 if (Conf_Server[i].lasttry > (time_now - Conf_ConnectRetry))
1957 continue; /* We have to wait a little bit ... */
1959 /* Is there already a connection in this group? */
1960 if (Conf_Server[i].group > NONE) {
1961 for (n = 0; n < MAX_SERVERS; n++) {
1964 if ((Conf_Server[n].conn_id != NONE) &&
1965 (Conf_Server[n].group == Conf_Server[i].group))
1968 if (n < MAX_SERVERS)
1972 /* Okay, try to connect now */
1974 "Preparing to establish a new server link for \"%s\" ...",
1975 Conf_Server[i].name);
1976 Conf_Server[i].lasttry = time_now;
1977 Conf_Server[i].conn_id = SERVER_WAIT;
1978 assert(Proc_GetPipeFd(&Conf_Server[i].res_stat) < 0);
1979 Resolve_Name(&Conf_Server[i].res_stat, Conf_Server[i].host,
1980 cb_Connect_to_Server);
1982 } /* Check_Servers */
1986 * Establish a new outgoing server connection.
1988 * @param Server Configuration index of the server.
1989 * @param dest Destination IP address to connect to.
1992 New_Server( int Server , ng_ipaddr_t *dest)
1994 /* Establish new server link */
1995 char ip_str[NG_INET_ADDRSTRLEN];
1996 int af_dest, res, new_sock;
1999 assert( Server > NONE );
2001 /* Make sure that the remote server hasn't re-linked to this server
2002 * asynchronously on its own */
2003 if (Conf_Server[Server].conn_id > NONE) {
2005 "Connection to \"%s\" meanwhile re-established, aborting preparation.");
2009 if (!ng_ipaddr_tostr_r(dest, ip_str)) {
2010 Log(LOG_WARNING, "New_Server: Could not convert IP to string");
2014 af_dest = ng_ipaddr_af(dest);
2015 new_sock = socket(af_dest, SOCK_STREAM, 0);
2018 "Establishing connection for \"%s\" to \"%s:%d\" (%s), socket %d ...",
2019 Conf_Server[Server].name, Conf_Server[Server].host,
2020 Conf_Server[Server].port, ip_str, new_sock);
2023 Log(LOG_CRIT, "Can't create socket (af %d): %s!",
2024 af_dest, strerror(errno));
2028 if (!Init_Socket(new_sock))
2031 /* is a bind address configured? */
2032 res = ng_ipaddr_af(&Conf_Server[Server].bind_addr);
2033 /* if yes, bind now. If it fails, warn and let connect() pick a source address */
2034 if (res && bind(new_sock, (struct sockaddr *) &Conf_Server[Server].bind_addr,
2035 ng_ipaddr_salen(&Conf_Server[Server].bind_addr)))
2037 ng_ipaddr_tostr_r(&Conf_Server[Server].bind_addr, ip_str);
2038 Log(LOG_WARNING, "Can't bind socket to %s: %s!", ip_str, strerror(errno));
2040 ng_ipaddr_setport(dest, Conf_Server[Server].port);
2041 res = connect(new_sock, (struct sockaddr *) dest, ng_ipaddr_salen(dest));
2042 if(( res != 0 ) && ( errno != EINPROGRESS )) {
2043 Log( LOG_CRIT, "Can't connect socket: %s!", strerror( errno ));
2048 if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), (size_t)new_sock)) {
2050 "Cannot allocate memory for server connection (socket %d)",
2056 if (!io_event_create( new_sock, IO_WANTWRITE, cb_connserver)) {
2057 Log(LOG_ALERT, "io_event_create(): could not add fd %d", strerror(errno));
2062 My_Connections = array_start(&My_ConnArray);
2064 assert(My_Connections[new_sock].sock <= 0);
2066 Init_Conn_Struct(new_sock);
2068 ng_ipaddr_tostr_r(dest, ip_str);
2069 c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWNSERVER, false);
2071 Log( LOG_ALERT, "Can't establish connection: can't create client structure!" );
2076 /* Conn_Close() decrements this counter again */
2077 Account_Connection();
2078 Client_SetIntroducer( c, c );
2079 Client_SetToken( c, TOKEN_OUTBOUND );
2081 /* Register connection */
2082 Conf_SetServer(Server, new_sock);
2083 My_Connections[new_sock].sock = new_sock;
2084 My_Connections[new_sock].addr = *dest;
2085 My_Connections[new_sock].client = c;
2086 strlcpy( My_Connections[new_sock].host, Conf_Server[Server].host,
2087 sizeof(My_Connections[new_sock].host ));
2090 if (Conf_Server[Server].SSLConnect && !ConnSSL_PrepareConnect( &My_Connections[new_sock],
2091 &Conf_Server[Server] ))
2093 Log(LOG_ALERT, "Could not initialize SSL for outgoing connection");
2094 Conn_Close( new_sock, "Could not initialize SSL for outgoing connection", NULL, false );
2095 Init_Conn_Struct( new_sock );
2096 Conf_Server[Server].conn_id = NONE;
2100 LogDebug("Registered new connection %d on socket %d (%ld in total).",
2101 new_sock, My_Connections[new_sock].sock, NumConnections);
2102 Conn_OPTION_ADD( &My_Connections[new_sock], CONN_ISCONNECTING );
2107 * Initialize connection structure.
2109 * @param Idx Connection index.
2112 Init_Conn_Struct(CONN_ID Idx)
2114 time_t now = time(NULL);
2116 memset(&My_Connections[Idx], 0, sizeof(CONNECTION));
2117 My_Connections[Idx].sock = -1;
2118 My_Connections[Idx].signon = now;
2119 My_Connections[Idx].lastdata = now;
2120 My_Connections[Idx].lastprivmsg = now;
2121 Proc_InitStruct(&My_Connections[Idx].proc_stat);
2124 My_Connections[Idx].iconv_from = (iconv_t)(-1);
2125 My_Connections[Idx].iconv_to = (iconv_t)(-1);
2127 } /* Init_Conn_Struct */
2131 * Initialize options of a new socket.
2133 * For example, we try to set socket options SO_REUSEADDR and IPTOS_LOWDELAY.
2134 * The socket is automatically closed if a fatal error is encountered.
2136 * @param Sock Socket handle.
2137 * @returns false if socket was closed due to fatal error.
2140 Init_Socket( int Sock )
2144 if (!io_setnonblock(Sock)) {
2145 Log( LOG_CRIT, "Can't enable non-blocking mode for socket: %s!", strerror( errno ));
2150 /* Don't block this port after socket shutdown */
2152 if( setsockopt( Sock, SOL_SOCKET, SO_REUSEADDR, &value, (socklen_t)sizeof( value )) != 0 )
2154 Log( LOG_ERR, "Can't set socket option SO_REUSEADDR: %s!", strerror( errno ));
2155 /* ignore this error */
2158 /* Set type of service (TOS) */
2159 #if defined(IPPROTO_IP) && defined(IPTOS_LOWDELAY)
2160 value = IPTOS_LOWDELAY;
2161 if (setsockopt(Sock, IPPROTO_IP, IP_TOS, &value,
2162 (socklen_t) sizeof(value))) {
2163 LogDebug("Can't set socket option IP_TOS: %s!",
2165 /* ignore this error */
2167 LogDebug("IP_TOS on socket %d has been set to IPTOS_LOWDELAY.",
2176 * Read results of a resolver sub-process and try to initiate a new server
2179 * @param fd File descriptor of the pipe to the sub-process.
2180 * @param events (ignored IO specification)
2183 cb_Connect_to_Server(int fd, UNUSED short events)
2185 /* Read result of resolver sub-process from pipe and start connection */
2188 ng_ipaddr_t dest_addrs[4]; /* we can handle at most 3; but we read up to
2189 four so we can log the 'more than we can handle'
2190 condition. First result is tried immediately, rest
2191 is saved for later if needed. */
2193 LogDebug("Resolver: Got forward lookup callback on fd %d, events %d", fd, events);
2195 for (i=0; i < MAX_SERVERS; i++) {
2196 if (Proc_GetPipeFd(&Conf_Server[i].res_stat) == fd )
2200 if( i >= MAX_SERVERS) {
2201 /* Ops, no matching server found?! */
2203 LogDebug("Resolver: Got Forward Lookup callback for unknown server!?");
2207 /* Read result from pipe */
2208 len = Proc_Read(&Conf_Server[i].res_stat, dest_addrs, sizeof(dest_addrs));
2209 Proc_Close(&Conf_Server[i].res_stat);
2211 /* Error resolving hostname: reset server structure */
2212 Conf_Server[i].conn_id = NONE;
2216 assert((len % sizeof(ng_ipaddr_t)) == 0);
2218 LogDebug("Got result from resolver: %u structs (%u bytes).", len/sizeof(ng_ipaddr_t), len);
2220 memset(&Conf_Server[i].dst_addr, 0, sizeof(Conf_Server[i].dst_addr));
2221 if (len > sizeof(ng_ipaddr_t)) {
2222 /* more than one address for this hostname, remember them
2223 * in case first address is unreachable/not available */
2224 len -= sizeof(ng_ipaddr_t);
2225 if (len > sizeof(Conf_Server[i].dst_addr)) {
2226 len = sizeof(Conf_Server[i].dst_addr);
2228 "Notice: Resolver returned more IP Addresses for host than we can handle, additional addresses dropped.");
2230 memcpy(&Conf_Server[i].dst_addr, &dest_addrs[1], len);
2233 New_Server(i, dest_addrs);
2234 } /* cb_Read_Forward_Lookup */
2238 * Read results of a resolver sub-process from the pipe and update the
2239 * apropriate connection/client structure(s): hostname and/or IDENT user name.
2241 * @param r_fd File descriptor of the pipe to the sub-process.
2242 * @param events (ignored IO specification)
2245 cb_Read_Resolver_Result( int r_fd, UNUSED short events )
2252 char readbuf[HOST_LEN + 2 + CLIENT_USER_LEN];
2255 char readbuf[HOST_LEN + 1];
2258 LogDebug("Resolver: Got callback on fd %d, events %d", r_fd, events );
2259 i = Conn_GetFromProc(r_fd);
2261 /* Ops, none found? Probably the connection has already
2262 * been closed!? We'll ignore that ... */
2264 LogDebug("Resolver: Got callback for unknown connection!?");
2268 /* Read result from pipe */
2269 len = Proc_Read(&My_Connections[i].proc_stat, readbuf, sizeof readbuf -1);
2270 Proc_Close(&My_Connections[i].proc_stat);
2274 readbuf[len] = '\0';
2275 identptr = strchr(readbuf, '\n');
2276 assert(identptr != NULL);
2278 Log( LOG_CRIT, "Resolver: Got malformed result!");
2283 LogDebug("Got result from resolver: \"%s\" (%u bytes read).", readbuf, len);
2284 /* Okay, we got a complete result: this is a host name for outgoing
2285 * connections and a host name and IDENT user name (if enabled) for
2286 * incoming connections.*/
2287 assert ( My_Connections[i].sock >= 0 );
2288 /* Incoming connection. Search client ... */
2289 c = Conn_GetClient( i );
2290 assert( c != NULL );
2292 /* Only update client information of unregistered clients.
2293 * Note: user commands (e. g. WEBIRC) are always read _after_ reading
2294 * the resolver results, so we don't have to worry to override settings
2295 * from these commands here. */
2296 if(Client_Type(c) == CLIENT_UNKNOWN) {
2297 strlcpy(My_Connections[i].host, readbuf,
2298 sizeof(My_Connections[i].host));
2299 Client_SetHostname(c, readbuf);
2300 if (Conf_NoticeAuth)
2301 (void)Conn_WriteStr(i,
2302 "NOTICE AUTH :*** Found your hostname: %s",
2303 My_Connections[i].host);
2309 if ((*ptr < '0' || *ptr > '9') &&
2310 (*ptr < 'A' || *ptr > 'Z') &&
2311 (*ptr < 'a' || *ptr > 'z'))
2316 /* Erroneous IDENT reply */
2318 "Got invalid IDENT reply for connection %d! Ignored.",
2322 "IDENT lookup for connection %d: \"%s\".",
2324 Client_SetUser(c, identptr, true);
2326 if (Conf_NoticeAuth) {
2327 (void)Conn_WriteStr(i,
2328 "NOTICE AUTH :*** Got %sident response%s%s",
2329 *ptr ? "invalid " : "",
2331 *ptr ? "" : identptr);
2334 Log(LOG_INFO, "IDENT lookup for connection %d: no result.", i);
2335 if (Conf_NoticeAuth && Conf_Ident)
2336 (void)Conn_WriteStr(i,
2337 "NOTICE AUTH :*** No ident response");
2341 if (Conf_NoticeAuth)
2342 (void)Handle_Write(i);
2344 Class_HandleServerBans(c);
2347 else Log( LOG_DEBUG, "Resolver: discarding result for already registered connection %d.", i );
2349 } /* cb_Read_Resolver_Result */
2353 * Write a "simple" (error) message to a socket.
2355 * The message is sent without using the connection write buffers, without
2356 * compression/encryption, and even without any error reporting. It is
2357 * designed for error messages of e.g. New_Connection().
2359 * @param Sock Socket handle.
2360 * @param Msg Message string to send.
2363 Simple_Message(int Sock, const char *Msg)
2365 char buf[COMMAND_LEN];
2368 assert(Sock > NONE);
2369 assert(Msg != NULL);
2371 strlcpy(buf, Msg, sizeof buf - 2);
2372 len = strlcat(buf, "\r\n", sizeof buf);
2373 if (write(Sock, buf, len) < 0) {
2374 /* Because this function most probably got called to log
2375 * an error message, any write error is ignored here to
2376 * avoid an endless loop. But casting the result of write()
2377 * to "void" doesn't satisfy the GNU C code attribute
2378 * "warn_unused_result" which is used by some versions of
2379 * glibc (e.g. 2.11.1), therefore this silly error
2380 * "handling" code here :-( */
2383 } /* Simple_Error */
2387 * Get CLIENT structure that belongs to a local connection identified by its
2388 * index number. Each connection belongs to a client by definition, so it is
2389 * not required that the caller checks for NULL return values.
2391 * @param Idx Connection index number.
2392 * @returns Pointer to CLIENT structure.
2395 Conn_GetClient( CONN_ID Idx )
2400 c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
2402 return c ? c->client : NULL;
2406 * Get PROC_STAT sub-process structure of a connection.
2408 * @param Idx Connection index number.
2409 * @returns PROC_STAT structure.
2412 Conn_GetProcStat(CONN_ID Idx)
2417 c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
2419 return &c->proc_stat;
2420 } /* Conn_GetProcStat */
2424 * Get CONN_ID from file descriptor associated to a subprocess structure.
2426 * @param fd File descriptor.
2427 * @returns CONN_ID or NONE (-1).
2430 Conn_GetFromProc(int fd)
2435 for (i = 0; i < Pool_Size; i++) {
2436 if ((My_Connections[i].sock != NONE)
2437 && (Proc_GetPipeFd(&My_Connections[i].proc_stat) == fd))
2441 } /* Conn_GetFromProc */
2447 Conn_GetAuthPing(CONN_ID Idx)
2449 assert (Idx != NONE);
2450 return My_Connections[Idx].auth_ping;
2451 } /* Conn_GetAuthPing */
2454 Conn_SetAuthPing(CONN_ID Idx, long ID)
2456 assert (Idx != NONE);
2457 My_Connections[Idx].auth_ping = ID;
2458 } /* Conn_SetAuthPing */
2466 * Get information about used SSL chiper.
2468 * @param Idx Connection index number.
2469 * @param buf Buffer for returned information text.
2470 * @param len Size of return buffer "buf".
2471 * @returns true on success, false otherwise.
2474 Conn_GetCipherInfo(CONN_ID Idx, char *buf, size_t len)
2478 assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
2479 return ConnSSL_GetCipherInfo(&My_Connections[Idx], buf, len);
2484 * Check if a connection is SSL-enabled or not.
2486 * @param Idx Connection index number.
2487 * @return true if connection is SSL-enabled, false otherwise.
2490 Conn_UsesSSL(CONN_ID Idx)
2494 assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
2495 return Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL);
2504 * Dump internal state of the "connection module".
2507 Conn_DebugDump(void)
2511 Log(LOG_DEBUG, "Connection status:");
2512 for (i = 0; i < Pool_Size; i++) {
2513 if (My_Connections[i].sock == NONE)
2516 " - %d: host=%s, lastdata=%ld, lastping=%ld, delaytime=%ld, flag=%d, options=%d, bps=%d, client=%s",
2517 My_Connections[i].sock, My_Connections[i].host,
2518 My_Connections[i].lastdata, My_Connections[i].lastping,
2519 My_Connections[i].delaytime, My_Connections[i].flag,
2520 My_Connections[i].options, My_Connections[i].bps,
2521 My_Connections[i].client ? Client_ID(My_Connections[i].client) : "-");
2523 } /* Conn_DumpClients */