mirrors/ngircd
1
0
Fork 0
mirror of https://github.com/osmarks/ngircd.git synced 2025-01-19 12:02:52 +00:00
Code Issues Releases Wiki Activity

Clean up conn.{c|h} a little bit

Browse Source
This commit is contained in:
Alexander Barton 2009-12-30 23:32:47 +01:00
parent c62c2d349b
commit cb6faed61c
2 changed files with 72 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

124
src/ngircd/conn.c
View File

@ -109,8 +109,8 @@ extern struct SSLOptions Conf_SSLOptions;
static void cb_connserver_login_ssl PARAMS((int sock, short what)); static void cb_connserver_login_ssl PARAMS((int sock, short what));
static void cb_clientserver_ssl PARAMS((int sock, short what)); static void cb_clientserver_ssl PARAMS((int sock, short what));
#endif #endif
static void cb_Read_Resolver_Result PARAMS(( int sock, UNUSED short what)); static void cb_Read_Resolver_Result PARAMS((int sock, UNUSED short what));
static void cb_Connect_to_Server PARAMS(( int sock, UNUSED short what)); static void cb_Connect_to_Server PARAMS((int sock, UNUSED short what));
static void cb_clientserver PARAMS((int sock, short what)); static void cb_clientserver PARAMS((int sock, short what));
static void static void
@ -128,6 +128,7 @@ static void
cb_listen_ssl(int sock, short irrelevant) cb_listen_ssl(int sock, short irrelevant)
{ {
int fd; int fd;
(void) irrelevant; (void) irrelevant;
fd = New_Connection(sock); fd = New_Connection(sock);
if (fd < 0) if (fd < 0)
@ -270,14 +271,18 @@ cb_clientserver(int sock, short what)
return; return;
} }
#ifdef SSL_SUPPORT #ifdef SSL_SUPPORT
if (what & IO_WANTREAD || (Conn_OPTION_ISSET(&My_Connections[idx], CONN_SSL_WANT_WRITE))) if (what & IO_WANTREAD
Read_Request( idx ); /* if TLS layer needs to write additional data, call Read_Request instead so SSL/TLS can continue */ || (Conn_OPTION_ISSET(&My_Connections[idx], CONN_SSL_WANT_WRITE))) {
/* if TLS layer needs to write additional data, call
* Read_Request() instead so that SSL/TLS can continue */
Read_Request(idx);
}
#else #else
if (what & IO_WANTREAD) if (what & IO_WANTREAD)
Read_Request( idx ); Read_Request(idx);
#endif #endif
if (what & IO_WANTWRITE) if (what & IO_WANTWRITE)
Handle_Write( idx ); Handle_Write(idx);
} }
@ -295,11 +300,13 @@ cb_clientserver_ssl(int sock, short what)
} }
switch (ConnSSL_Accept(&My_Connections[idx])) { switch (ConnSSL_Accept(&My_Connections[idx])) {
case 1: break; /* OK */ case 1:
case 0: return; /* EAGAIN: this callback will be invoked again by the io layer */ break; /* OK */
default: case 0:
Conn_Close( idx, "Socket closed!", "SSL accept error", false ); return; /* EAGAIN: callback will be invoked again by IO layer */
return; default:
Conn_Close(idx, "Socket closed!", "SSL accept error", false);
return;
} }
if (what & IO_WANTREAD) if (what & IO_WANTREAD)
Read_Request(idx); Read_Request(idx);
@ -433,13 +440,12 @@ Conn_InitListeners( void )
listen_addr = strtok(NULL, ","); listen_addr = strtok(NULL, ",");
} }
/* /* Can't free() Conf_ListenAddress here: on REHASH, if the config file
* can't free() Conf_ListenAddress here. On /REHASH, if the config file
* cannot be re-loaded, we'd end up with a NULL Conf_ListenAddress. * cannot be re-loaded, we'd end up with a NULL Conf_ListenAddress.
* Instead, free() takes place in conf.c, before the config file * Instead, free() takes place in conf.c, before the config file
* is being parsed. * is being parsed. */
*/
free(copy); free(copy);
return created; return created;
} /* Conn_InitListeners */ } /* Conn_InitListeners */
@ -582,6 +588,7 @@ NewListener(const char *listen_addr, UINT16 Port)
return sock; return sock;
} /* NewListener */ } /* NewListener */
#ifdef SSL_SUPPORT #ifdef SSL_SUPPORT
/* /*
* SSL/TLS connections require extra treatment: * SSL/TLS connections require extra treatment:
@ -1164,7 +1171,7 @@ Count_Connections(ng_ipaddr_t *a)
static int static int
New_Connection( int Sock ) New_Connection(int Sock)
{ {
/* Neue Client-Verbindung von Listen-Socket annehmen und /* Neue Client-Verbindung von Listen-Socket annehmen und
* CLIENT-Struktur anlegen. */ * CLIENT-Struktur anlegen. */
@ -1178,10 +1185,9 @@ New_Connection( int Sock )
CLIENT *c; CLIENT *c;
long cnt; long cnt;
assert( Sock > NONE ); assert(Sock > NONE);
/* Connection auf Listen-Socket annehmen */
new_sock_len = (int)sizeof(new_addr);
new_sock_len = (int)sizeof(new_addr);
new_sock = accept(Sock, (struct sockaddr *)&new_addr, new_sock = accept(Sock, (struct sockaddr *)&new_addr,
(socklen_t *)&new_sock_len); (socklen_t *)&new_sock_len);
if (new_sock < 0) { if (new_sock < 0) {
@ -1198,49 +1204,56 @@ New_Connection( int Sock )
#ifdef TCPWRAP #ifdef TCPWRAP
/* Validate socket using TCP Wrappers */ /* Validate socket using TCP Wrappers */
request_init( &req, RQ_DAEMON, PACKAGE_NAME, RQ_FILE, new_sock, RQ_CLIENT_SIN, &new_addr, NULL ); request_init(&req, RQ_DAEMON, PACKAGE_NAME, RQ_FILE, new_sock,
RQ_CLIENT_SIN, &new_addr, NULL);
fromhost(&req); fromhost(&req);
if (!hosts_access(&req)) { if (!hosts_access(&req)) {
Log (deny_severity, "Refused connection from %s (by TCP Wrappers)!", ip_str); Log(deny_severity,
Simple_Message( new_sock, "ERROR :Connection refused" ); "Refused connection from %s (by TCP Wrappers)!", ip_str);
close( new_sock ); Simple_Message(new_sock, "ERROR :Connection refused");
close(new_sock);
return -1; return -1;
} }
#endif #endif
/* Socket initialisieren */ if (!Init_Socket(new_sock))
if (!Init_Socket( new_sock ))
return -1; return -1;
/* Check global connection limit */
if ((Conf_MaxConnections > 0) &&
(NumConnections >= (size_t) Conf_MaxConnections)) {
Log(LOG_ALERT, "Can't accept connection: limit (%d) reached!",
Conf_MaxConnections);
Simple_Message(new_sock, "ERROR :Connection limit reached");
close(new_sock);
return -1;
}
/* Check IP-based connection limit */ /* Check IP-based connection limit */
cnt = Count_Connections(&new_addr); cnt = Count_Connections(&new_addr);
if ((Conf_MaxConnectionsIP > 0) && (cnt >= Conf_MaxConnectionsIP)) { if ((Conf_MaxConnectionsIP > 0) && (cnt >= Conf_MaxConnectionsIP)) {
/* Access denied, too many connections from this IP address! */ /* Access denied, too many connections from this IP address! */
Log( LOG_ERR, "Refused connection from %s: too may connections (%ld) from this IP address!", ip_str, cnt); Log(LOG_ERR,
Simple_Message( new_sock, "ERROR :Connection refused, too many connections from your IP address!" ); "Refused connection from %s: too may connections (%ld) from this IP address!",
close( new_sock ); ip_str, cnt);
Simple_Message(new_sock,
"ERROR :Connection refused, too many connections from your IP address!");
close(new_sock);
return -1; return -1;
} }
if ((Conf_MaxConnections > 0) && if (new_sock >= Pool_Size) {
(NumConnections >= (size_t) Conf_MaxConnections))
{
Log( LOG_ALERT, "Can't accept connection: limit (%d) reached!", Conf_MaxConnections);
Simple_Message( new_sock, "ERROR :Connection limit reached" );
close( new_sock );
return -1;
}
if( new_sock >= Pool_Size ) {
if (!array_alloc(&My_ConnArray, sizeof(CONNECTION), if (!array_alloc(&My_ConnArray, sizeof(CONNECTION),
(size_t)new_sock)) { (size_t) new_sock)) {
Log( LOG_EMERG, "Can't allocate memory! [New_Connection]" ); Log(LOG_EMERG,
Simple_Message( new_sock, "ERROR: Internal error" ); "Can't allocate memory! [New_Connection]");
close( new_sock ); Simple_Message(new_sock, "ERROR: Internal error");
close(new_sock);
return -1; return -1;
} }
LogDebug("Bumped connection pool to %ld items (internal: %ld items, %ld bytes)", LogDebug("Bumped connection pool to %ld items (internal: %ld items, %ld bytes)",
new_sock, array_length(&My_ConnArray, sizeof(CONNECTION)), array_bytes(&My_ConnArray)); new_sock, array_length(&My_ConnArray,
sizeof(CONNECTION)), array_bytes(&My_ConnArray));
/* Adjust pointer to new block */ /* Adjust pointer to new block */
My_Connections = array_start(&My_ConnArray); My_Connections = array_start(&My_ConnArray);
@ -1249,22 +1262,24 @@ New_Connection( int Sock )
} }
/* register callback */ /* register callback */
if (!io_event_create( new_sock, IO_WANTREAD, cb_clientserver)) { if (!io_event_create(new_sock, IO_WANTREAD, cb_clientserver)) {
Log(LOG_ALERT, "Can't accept connection: io_event_create failed!"); Log(LOG_ALERT,
"Can't accept connection: io_event_create failed!");
Simple_Message(new_sock, "ERROR :Internal error"); Simple_Message(new_sock, "ERROR :Internal error");
close(new_sock); close(new_sock);
return -1; return -1;
} }
c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWN, false ); c = Client_NewLocal(new_sock, ip_str, CLIENT_UNKNOWN, false);
if( ! c ) { if (!c) {
Log(LOG_ALERT, "Can't accept connection: can't create client structure!"); Log(LOG_ALERT,
"Can't accept connection: can't create client structure!");
Simple_Message(new_sock, "ERROR :Internal error"); Simple_Message(new_sock, "ERROR :Internal error");
io_close(new_sock); io_close(new_sock);
return -1; return -1;
} }
Init_Conn_Struct( new_sock ); Init_Conn_Struct(new_sock);
My_Connections[new_sock].sock = new_sock; My_Connections[new_sock].sock = new_sock;
My_Connections[new_sock].addr = new_addr; My_Connections[new_sock].addr = new_addr;
My_Connections[new_sock].client = c; My_Connections[new_sock].client = c;
@ -1292,6 +1307,10 @@ New_Connection( int Sock )
if (!Conf_NoDNS) if (!Conf_NoDNS)
Resolve_Addr(&My_Connections[new_sock].res_stat, &new_addr, Resolve_Addr(&My_Connections[new_sock].res_stat, &new_addr,
identsock, cb_Read_Resolver_Result); identsock, cb_Read_Resolver_Result);
/* ngIRCd waits up to 4 seconds for the result of the asynchronous
* DNS and IDENT resolver subprocess using the "penalty" mechanism.
* If there are results earlier, the delay is aborted. */
Conn_SetPenalty(new_sock, 4); Conn_SetPenalty(new_sock, 4);
return new_sock; return new_sock;
} /* New_Connection */ } /* New_Connection */
@ -1825,7 +1844,6 @@ Init_Socket( int Sock )
} /* Init_Socket */ } /* Init_Socket */
static void static void
cb_Connect_to_Server(int fd, UNUSED short events) cb_Connect_to_Server(int fd, UNUSED short events)
{ {
@ -1979,15 +1997,14 @@ Conn_GetClient( CONN_ID Idx )
* If none is found, return NULL. * If none is found, return NULL.
*/ */
CONNECTION *c; CONNECTION *c;
assert( Idx >= 0 );
assert(Idx >= 0);
c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx); c = array_get(&My_ConnArray, sizeof (CONNECTION), (size_t)Idx);
assert(c != NULL); assert(c != NULL);
return c ? c->client : NULL; return c ? c->client : NULL;
} }
#ifdef SSL_SUPPORT #ifdef SSL_SUPPORT
/* we cannot access My_Connections in irc-info.c */ /* we cannot access My_Connections in irc-info.c */
GLOBAL bool GLOBAL bool
@ -2008,6 +2025,7 @@ Conn_UsesSSL(CONN_ID Idx)
assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION))); assert(Idx < (int) array_length(&My_ConnArray, sizeof(CONNECTION)));
return Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL); return Conn_OPTION_ISSET(&My_Connections[Idx], CONN_SSL);
} }
#endif #endif

2
src/ngircd/conn.h
View File

@ -88,7 +88,7 @@ typedef struct _Connection
ZIPDATA zip; /* Compression information */ ZIPDATA zip; /* Compression information */
#endif /* ZLIB */ #endif /* ZLIB */
#ifdef SSL_SUPPORT #ifdef SSL_SUPPORT
struct ConnSSL_State ssl_state; /* SSL/GNUTLS state information */ struct ConnSSL_State ssl_state; /* SSL/GNUTLS state information */
#endif #endif
} CONNECTION; } CONNECTION;