From 154dc91ef07acb1c55ff21e9c1c23fd4588b7bff Mon Sep 17 00:00:00 2001 From: Elizabeth Myers Date: Sun, 10 Apr 2016 09:20:51 -0500 Subject: [PATCH] Wrap up authd preclient stuff in its own struct --- include/client.h | 24 +++++++++++++++--------- ircd/authproc.c | 32 ++++++++++++++++---------------- ircd/client.c | 8 ++++---- ircd/s_user.c | 24 ++++++++++++------------ 4 files changed, 47 insertions(+), 41 deletions(-) diff --git a/include/client.h b/include/client.h index a7ebc696..bb4096bd 100644 --- a/include/client.h +++ b/include/client.h @@ -41,9 +41,9 @@ struct Blacklist; /* we store ipv6 ips for remote clients, so this needs to be v6 always */ #define HOSTIPLEN 53 /* sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255.ipv6") */ -#define PASSWDLEN 128 -#define CIPHERKEYLEN 64 /* 512bit */ -#define CLIENT_BUFSIZE 512 /* must be at least 512 bytes */ +#define PASSWDLEN 128 +#define CIPHERKEYLEN 64 /* 512bit */ +#define CLIENT_BUFSIZE 512 /* must be at least 512 bytes */ #define IDLEN 10 @@ -287,18 +287,24 @@ struct LocalUser unsigned char sasl_complete; }; +struct AuthClient +{ + uint32_t cid; /* authd id */ + time_t timeout; /* When to terminate authd query */ + bool accepted; /* did authd accept us? */ + char cause; /* rejection cause */ + char *data; /* reason data */ + char *reason; /* reason we were rejected */ + +}; + struct PreClient { char spoofnick[NICKLEN + 1]; char spoofuser[USERLEN + 1]; char spoofhost[HOSTLEN + 1]; - uint32_t authd_cid; /* authd id */ - time_t authd_timeout; /* When to terminate authd query */ - bool authd_accepted; /* did authd accept us? */ - char authd_cause; /* rejection cause */ - char *authd_data; /* reason data */ - char *authd_reason; /* reason we were rejected */ + struct AuthClient auth; struct rb_sockaddr_storage lip; /* address of our side of the connection */ }; diff --git a/ircd/authproc.c b/ircd/authproc.c index 2fe51e5d..2a0da431 100644 --- a/ircd/authproc.c +++ b/ircd/authproc.c @@ -394,10 +394,10 @@ authd_initiate_client(struct Client *client_p) uint16_t client_port, listen_port; uint32_t authd_cid; - if(client_p->preClient == NULL || client_p->preClient->authd_cid != 0) + if(client_p->preClient == NULL || client_p->preClient->auth.cid != 0) return; - authd_cid = client_p->preClient->authd_cid = generate_cid(); + authd_cid = client_p->preClient->auth.cid = generate_cid(); /* Collisions are extremely unlikely, so disregard the possibility */ rb_dictionary_add(cid_clients, RB_UINT_TO_POINTER(authd_cid), client_p); @@ -411,7 +411,7 @@ authd_initiate_client(struct Client *client_p) client_port = ntohs(GET_SS_PORT(&client_p->localClient->ip)); /* Add a bit of a fudge factor... */ - client_p->preClient->authd_timeout = rb_current_time() + ConfigFileEntry.connect_timeout + 10; + client_p->preClient->auth.timeout = rb_current_time() + ConfigFileEntry.connect_timeout + 10; rb_helper_write(authd_helper, "C %x %s %hu %s %hu", authd_cid, listen_ipaddr, listen_port, client_ipaddr, client_port); } @@ -423,7 +423,7 @@ authd_initiate_client(struct Client *client_p) static inline void authd_decide_client(struct Client *client_p, const char *ident, const char *host, bool accept, char cause, const char *data, const char *reason) { - if(client_p->preClient == NULL || client_p->preClient->authd_cid == 0) + if(client_p->preClient == NULL || client_p->preClient->auth.cid == 0) return; if(*ident != '*') @@ -437,13 +437,13 @@ authd_decide_client(struct Client *client_p, const char *ident, const char *host if(*host != '*') rb_strlcpy(client_p->host, host, sizeof(client_p->host)); - rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(client_p->preClient->authd_cid)); + rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(client_p->preClient->auth.cid)); - client_p->preClient->authd_accepted = accept; - client_p->preClient->authd_cause = cause; - client_p->preClient->authd_data = (data == NULL ? NULL : rb_strdup(data)); - client_p->preClient->authd_reason = (reason == NULL ? NULL : rb_strdup(reason)); - client_p->preClient->authd_cid = 0; + client_p->preClient->auth.accepted = accept; + client_p->preClient->auth.cause = cause; + client_p->preClient->auth.data = (data == NULL ? NULL : rb_strdup(data)); + client_p->preClient->auth.reason = (reason == NULL ? NULL : rb_strdup(reason)); + client_p->preClient->auth.cid = 0; /* * When a client has auth'ed, we want to start reading what it sends @@ -477,16 +477,16 @@ authd_abort_client(struct Client *client_p) if(client_p == NULL || client_p->preClient == NULL) return; - if(client_p->preClient->authd_cid == 0) + if(client_p->preClient->auth.cid == 0) return; - rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(client_p->preClient->authd_cid)); + rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(client_p->preClient->auth.cid)); if(authd_helper != NULL) - rb_helper_write(authd_helper, "E %x", client_p->preClient->authd_cid); + rb_helper_write(authd_helper, "E %x", client_p->preClient->auth.cid); - client_p->preClient->authd_accepted = true; - client_p->preClient->authd_cid = 0; + client_p->preClient->auth.accepted = true; + client_p->preClient->auth.cid = 0; } static void @@ -497,7 +497,7 @@ timeout_dead_authd_clients(void *notused __unused) RB_DICTIONARY_FOREACH(client_p, &iter, cid_clients) { - if(client_p->preClient->authd_timeout < rb_current_time()) + if(client_p->preClient->auth.timeout < rb_current_time()) authd_abort_client(client_p); } } diff --git a/ircd/client.c b/ircd/client.c index de0be150..00794a6f 100644 --- a/ircd/client.c +++ b/ircd/client.c @@ -258,10 +258,10 @@ free_pre_client(struct Client *client_p) if(client_p->preClient == NULL) return; - s_assert(client_p->preClient->authd_cid == 0); + s_assert(client_p->preClient->auth.cid == 0); - rb_free(client_p->preClient->authd_data); - rb_free(client_p->preClient->authd_reason); + rb_free(client_p->preClient->auth.data); + rb_free(client_p->preClient->auth.reason); rb_bh_free(pclient_heap, client_p->preClient); client_p->preClient = NULL; @@ -456,7 +456,7 @@ check_unknowns_list(rb_dlink_list * list) continue; /* Still querying with authd */ - if(client_p->preClient != NULL && client_p->preClient->authd_cid != 0) + if(client_p->preClient != NULL && client_p->preClient->auth.cid != 0) continue; /* diff --git a/ircd/s_user.c b/ircd/s_user.c index b695b41f..ebe3eeaf 100644 --- a/ircd/s_user.c +++ b/ircd/s_user.c @@ -252,7 +252,7 @@ register_local_user(struct Client *client_p, struct Client *source_p) return -1; /* Waiting on authd */ - if(source_p->preClient->authd_cid) + if(source_p->preClient->auth.cid) return -1; client_p->localClient->last = rb_current_time(); @@ -420,7 +420,7 @@ register_local_user(struct Client *client_p, struct Client *source_p) } /* authd rejection check */ - if(source_p->preClient->authd_accepted == false) + if(source_p->preClient->auth.accepted == false) { struct blacklist_stats *stats; rb_dlink_list varlist = { NULL, NULL, 0 }; @@ -429,26 +429,26 @@ register_local_user(struct Client *client_p, struct Client *source_p) substitution_append_var(&varlist, "nick", source_p->name); substitution_append_var(&varlist, "ip", source_p->sockhost); substitution_append_var(&varlist, "host", source_p->host); - substitution_append_var(&varlist, "dnsbl-host", source_p->preClient->authd_data); + substitution_append_var(&varlist, "dnsbl-host", source_p->preClient->auth.data); substitution_append_var(&varlist, "network-name", ServerInfo.network_name); - reason = substitution_parse(source_p->preClient->authd_reason, &varlist); + reason = substitution_parse(source_p->preClient->auth.reason, &varlist); - switch(source_p->preClient->authd_cause) + switch(source_p->preClient->auth.cause) { case 'B': /* Blacklists */ - if((stats = rb_dictionary_retrieve(bl_stats, source_p->preClient->authd_data)) != NULL) + if((stats = rb_dictionary_retrieve(bl_stats, source_p->preClient->auth.data)) != NULL) stats->hits++; if(IsExemptKline(source_p) || IsConfExemptDNSBL(aconf)) { sendto_one_notice(source_p, ":*** Your IP address %s is listed in %s, but you are exempt", - source_p->sockhost, source_p->preClient->authd_data); + source_p->sockhost, source_p->preClient->auth.data); } else { sendto_realops_snomask(SNO_REJ, L_NETWIDE, "Listed on DNSBL %s: %s (%s@%s) [%s] [%s]", - source_p->preClient->authd_data, + source_p->preClient->auth.data, source_p->name, source_p->username, source_p->host, IsIPSpoof(source_p) ? "255.255.255.255" : source_p->sockhost, @@ -460,7 +460,7 @@ register_local_user(struct Client *client_p, struct Client *source_p) me.name, source_p->name, reason); sendto_one_notice(source_p, ":*** Your IP address %s is listed in %s", - source_p->sockhost, source_p->preClient->authd_data); + source_p->sockhost, source_p->preClient->auth.data); add_reject(source_p, NULL, NULL); exit_client(client_p, source_p, &me, "*** Banned (DNS blacklist)"); substitution_free(&varlist); @@ -471,13 +471,13 @@ register_local_user(struct Client *client_p, struct Client *source_p) if(IsExemptKline(source_p) || IsConfExemptProxy(aconf)) { sendto_one_notice(source_p, ":*** Your IP address %s has been detected as an open proxy (ip:port %s), but you are exempt", - source_p->sockhost, source_p->preClient->authd_data); + source_p->sockhost, source_p->preClient->auth.data); } else { sendto_realops_snomask(SNO_REJ, L_NETWIDE, "Open proxy %s: %s (%s@%s) [%s] [%s]", - source_p->preClient->authd_data, + source_p->preClient->auth.data, source_p->name, source_p->username, source_p->host, IsIPSpoof(source_p) ? "255.255.255.255" : source_p->sockhost, @@ -489,7 +489,7 @@ register_local_user(struct Client *client_p, struct Client *source_p) me.name, source_p->name, reason); sendto_one_notice(source_p, ":*** Your IP address %s has been detected as an open proxy (ip:port %s)", - source_p->sockhost, source_p->preClient->authd_data); + source_p->sockhost, source_p->preClient->auth.data); add_reject(source_p, NULL, NULL); exit_client(client_p, source_p, &me, "*** Banned (Open proxy)"); substitution_free(&varlist);