authd/provider: overhaul storage of various pieces of data
Clients are stored in a dictionary referenced by id (to allow for UINT32_MAX auth clients, which is plenty). Each provider now has a data slot (this limits the number of providers to 32 for now, but that's plenty for now) which they can use to attach data to auth_clients. This consolidates data, aids in debugging, and makes it easier to just pass around auth_client structures.
This commit is contained in:
parent
238a9ed590
commit
3e875f629f
4 changed files with 121 additions and 207 deletions
|
@ -27,7 +27,8 @@
|
||||||
* Providers can either return failure immediately, immediate acceptance, or
|
* Providers can either return failure immediately, immediate acceptance, or
|
||||||
* do work in the background (calling set_provider to signal this).
|
* do work in the background (calling set_provider to signal this).
|
||||||
*
|
*
|
||||||
* A dictionary is provided in auth_client for storage of provider-specific data.
|
* Provider-specific data for each client can be kept in an index of the data
|
||||||
|
* struct member (using the provider's ID).
|
||||||
*
|
*
|
||||||
* All providers must implement at a minimum a perform_provider function. You
|
* All providers must implement at a minimum a perform_provider function. You
|
||||||
* don't have to implement the others if you don't need them.
|
* don't have to implement the others if you don't need them.
|
||||||
|
@ -49,11 +50,15 @@
|
||||||
rb_dlink_list auth_providers;
|
rb_dlink_list auth_providers;
|
||||||
|
|
||||||
/* Clients waiting */
|
/* Clients waiting */
|
||||||
struct auth_client auth_clients[MAX_CLIENTS];
|
struct Dictionary *auth_clients;
|
||||||
|
|
||||||
/* Load a provider */
|
/* Load a provider */
|
||||||
void load_provider(struct auth_provider *provider)
|
void load_provider(struct auth_provider *provider)
|
||||||
{
|
{
|
||||||
|
if(rb_dlink_list_length(&auth_providers) >= MAX_PROVIDERS)
|
||||||
|
/* XXX should probably warn here */
|
||||||
|
return;
|
||||||
|
|
||||||
provider->init();
|
provider->init();
|
||||||
rb_dlinkAdd(provider, &provider->node, &auth_providers);
|
rb_dlinkAdd(provider, &provider->node, &auth_providers);
|
||||||
}
|
}
|
||||||
|
@ -67,6 +72,7 @@ void unload_provider(struct auth_provider *provider)
|
||||||
/* Initalise all providers */
|
/* Initalise all providers */
|
||||||
void init_providers(void)
|
void init_providers(void)
|
||||||
{
|
{
|
||||||
|
auth_clients = rb_dictionary_create("pending auth clients", rb_uint32cmp);
|
||||||
load_provider(&rdns_provider);
|
load_provider(&rdns_provider);
|
||||||
load_provider(&ident_provider);
|
load_provider(&ident_provider);
|
||||||
}
|
}
|
||||||
|
@ -75,17 +81,15 @@ void init_providers(void)
|
||||||
void destroy_providers(void)
|
void destroy_providers(void)
|
||||||
{
|
{
|
||||||
rb_dlink_node *ptr;
|
rb_dlink_node *ptr;
|
||||||
|
struct DictionaryIter iter;
|
||||||
|
struct auth_client *auth;
|
||||||
struct auth_provider *provider;
|
struct auth_provider *provider;
|
||||||
|
|
||||||
/* Cancel outstanding connections */
|
/* Cancel outstanding connections */
|
||||||
for (size_t i = 0; i < MAX_CLIENTS; i++)
|
DICTIONARY_FOREACH(auth, &iter, auth_clients)
|
||||||
{
|
{
|
||||||
if(auth_clients[i].cid)
|
/* TBD - is this the right thing? */
|
||||||
{
|
reject_client(auth, 0, "Authentication system is down... try reconnecting in a few seconds");
|
||||||
/* TBD - is this the right thing? */
|
|
||||||
reject_client(&auth_clients[i], 0,
|
|
||||||
"Authentication system is down... try reconnecting in a few seconds");
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
RB_DLINK_FOREACH(ptr, auth_providers.head)
|
RB_DLINK_FOREACH(ptr, auth_providers.head)
|
||||||
|
@ -112,9 +116,8 @@ void cancel_providers(struct auth_client *auth)
|
||||||
provider->cancel(auth);
|
provider->cancel(auth);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* All data should be already destroyed */
|
rb_dictionary_delete(auth_clients, RB_UINT_TO_POINTER(auth->cid));
|
||||||
rb_dictionary_destroy(auth->data, NULL, NULL);
|
rb_free(auth);
|
||||||
auth->data = NULL;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Provider is done */
|
/* Provider is done */
|
||||||
|
@ -145,7 +148,6 @@ void provider_done(struct auth_client *auth, provider_t id)
|
||||||
/* Reject a client */
|
/* Reject a client */
|
||||||
void reject_client(struct auth_client *auth, provider_t id, const char *reason)
|
void reject_client(struct auth_client *auth, provider_t id, const char *reason)
|
||||||
{
|
{
|
||||||
uint16_t cid = auth->cid;
|
|
||||||
char reject;
|
char reject;
|
||||||
|
|
||||||
switch(id)
|
switch(id)
|
||||||
|
@ -159,7 +161,6 @@ void reject_client(struct auth_client *auth, provider_t id, const char *reason)
|
||||||
case PROVIDER_BLACKLIST:
|
case PROVIDER_BLACKLIST:
|
||||||
reject = 'B';
|
reject = 'B';
|
||||||
break;
|
break;
|
||||||
case PROVIDER_NULL:
|
|
||||||
default:
|
default:
|
||||||
reject = 'N';
|
reject = 'N';
|
||||||
break;
|
break;
|
||||||
|
@ -170,19 +171,17 @@ void reject_client(struct auth_client *auth, provider_t id, const char *reason)
|
||||||
|
|
||||||
unset_provider(auth, id);
|
unset_provider(auth, id);
|
||||||
cancel_providers(auth);
|
cancel_providers(auth);
|
||||||
memset(&auth_clients[cid], 0, sizeof(struct auth_client));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Accept a client, cancel outstanding providers if any */
|
/* Accept a client, cancel outstanding providers if any */
|
||||||
void accept_client(struct auth_client *auth, provider_t id)
|
void accept_client(struct auth_client *auth, provider_t id)
|
||||||
{
|
{
|
||||||
uint16_t cid = auth->cid;
|
uint32_t cid = auth->cid;
|
||||||
|
|
||||||
rb_helper_write(authd_helper, "A %x %s %s", auth->cid, auth->username, auth->hostname);
|
rb_helper_write(authd_helper, "A %x %s %s", auth->cid, auth->username, auth->hostname);
|
||||||
|
|
||||||
unset_provider(auth, id);
|
unset_provider(auth, id);
|
||||||
cancel_providers(auth);
|
cancel_providers(auth);
|
||||||
memset(&auth_clients[cid], 0, sizeof(struct auth_client));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Send a notice to a client */
|
/* Send a notice to a client */
|
||||||
|
@ -195,20 +194,14 @@ void notice_client(struct auth_client *auth, const char *notice)
|
||||||
static void start_auth(const char *cid, const char *l_ip, const char *l_port, const char *c_ip, const char *c_port)
|
static void start_auth(const char *cid, const char *l_ip, const char *l_port, const char *c_ip, const char *c_port)
|
||||||
{
|
{
|
||||||
struct auth_provider *provider;
|
struct auth_provider *provider;
|
||||||
struct auth_client *auth;
|
struct auth_client *auth = rb_malloc(sizeof(struct auth_client));
|
||||||
long lcid = strtol(cid, NULL, 16);
|
long lcid = strtol(cid, NULL, 16);
|
||||||
char name[20];
|
|
||||||
rb_dlink_node *ptr;
|
rb_dlink_node *ptr;
|
||||||
|
|
||||||
if(lcid >= MAX_CLIENTS)
|
if(lcid >= UINT32_MAX)
|
||||||
return;
|
return;
|
||||||
|
|
||||||
auth = &auth_clients[lcid];
|
auth->cid = (uint32_t)lcid;
|
||||||
if(auth->cid != 0)
|
|
||||||
/* Shouldn't get here */
|
|
||||||
return;
|
|
||||||
|
|
||||||
auth->cid = (uint16_t)lcid;
|
|
||||||
|
|
||||||
rb_strlcpy(auth->l_ip, l_ip, sizeof(auth->l_ip));
|
rb_strlcpy(auth->l_ip, l_ip, sizeof(auth->l_ip));
|
||||||
auth->l_port = (uint16_t)atoi(l_port); /* should be safe */
|
auth->l_port = (uint16_t)atoi(l_port); /* should be safe */
|
||||||
|
@ -216,8 +209,7 @@ static void start_auth(const char *cid, const char *l_ip, const char *l_port, co
|
||||||
rb_strlcpy(auth->c_ip, c_ip, sizeof(auth->c_ip));
|
rb_strlcpy(auth->c_ip, c_ip, sizeof(auth->c_ip));
|
||||||
auth->c_port = (uint16_t)atoi(c_port);
|
auth->c_port = (uint16_t)atoi(c_port);
|
||||||
|
|
||||||
snprintf(name, sizeof(name), "%d provider data", auth->cid);
|
rb_dictionary_add(auth_clients, RB_UINT_TO_POINTER(auth->cid), auth);
|
||||||
auth->data = rb_dictionary_create(name, rb_uint32cmp);
|
|
||||||
|
|
||||||
RB_DLINK_FOREACH(ptr, auth_providers.head)
|
RB_DLINK_FOREACH(ptr, auth_providers.head)
|
||||||
{
|
{
|
||||||
|
|
|
@ -22,17 +22,16 @@
|
||||||
#define __CHARYBDIS_AUTHD_PROVIDER_H__
|
#define __CHARYBDIS_AUTHD_PROVIDER_H__
|
||||||
|
|
||||||
#include "stdinc.h"
|
#include "stdinc.h"
|
||||||
|
#include "rb_dictionary.h"
|
||||||
|
|
||||||
/* Arbitrary limit */
|
#define MAX_PROVIDERS 32 /* This should be enough */
|
||||||
#define MAX_CLIENTS 4096
|
|
||||||
|
|
||||||
/* Registered providers */
|
/* Registered providers */
|
||||||
typedef enum
|
typedef enum
|
||||||
{
|
{
|
||||||
PROVIDER_NULL = 0x0, /* Dummy value */
|
PROVIDER_RDNS,
|
||||||
PROVIDER_RDNS = 0x1,
|
PROVIDER_IDENT,
|
||||||
PROVIDER_IDENT = 0x2,
|
PROVIDER_BLACKLIST,
|
||||||
PROVIDER_BLACKLIST = 0x4,
|
|
||||||
} provider_t;
|
} provider_t;
|
||||||
|
|
||||||
struct auth_client
|
struct auth_client
|
||||||
|
@ -48,10 +47,10 @@ struct auth_client
|
||||||
char hostname[HOSTLEN + 1]; /* Used for DNS lookup */
|
char hostname[HOSTLEN + 1]; /* Used for DNS lookup */
|
||||||
char username[USERLEN + 1]; /* Used for ident lookup */
|
char username[USERLEN + 1]; /* Used for ident lookup */
|
||||||
|
|
||||||
unsigned int providers; /* Providers at work,
|
uint32_t providers; /* Providers at work,
|
||||||
* none left when set to 0 */
|
* none left when set to 0 */
|
||||||
|
|
||||||
struct Dictionary *data; /* Provider-specific data */
|
void *data[MAX_PROVIDERS]; /* Provider-specific data slots */
|
||||||
};
|
};
|
||||||
|
|
||||||
typedef bool (*provider_init_t)(void);
|
typedef bool (*provider_init_t)(void);
|
||||||
|
@ -75,11 +74,11 @@ struct auth_provider
|
||||||
};
|
};
|
||||||
|
|
||||||
extern rb_dlink_list auth_providers;
|
extern rb_dlink_list auth_providers;
|
||||||
|
extern struct Dictionary *auth_clients;
|
||||||
|
|
||||||
extern struct auth_provider rdns_provider;
|
extern struct auth_provider rdns_provider;
|
||||||
extern struct auth_provider ident_provider;
|
extern struct auth_provider ident_provider;
|
||||||
|
|
||||||
extern struct auth_client auth_clients[MAX_CLIENTS];
|
|
||||||
|
|
||||||
void load_provider(struct auth_provider *provider);
|
void load_provider(struct auth_provider *provider);
|
||||||
void unload_provider(struct auth_provider *provider);
|
void unload_provider(struct auth_provider *provider);
|
||||||
|
|
||||||
|
@ -98,19 +97,19 @@ void handle_new_connection(int parc, char *parv[]);
|
||||||
/* Provider is operating on this auth_client (set this if you have async work to do) */
|
/* Provider is operating on this auth_client (set this if you have async work to do) */
|
||||||
static inline void set_provider(struct auth_client *auth, provider_t provider)
|
static inline void set_provider(struct auth_client *auth, provider_t provider)
|
||||||
{
|
{
|
||||||
auth->providers |= provider;
|
auth->providers |= (1 << provider);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Provider is no longer operating on this auth client (you should use provider_done) */
|
/* Provider is no longer operating on this auth client (you should use provider_done) */
|
||||||
static inline void unset_provider(struct auth_client *auth, provider_t provider)
|
static inline void unset_provider(struct auth_client *auth, provider_t provider)
|
||||||
{
|
{
|
||||||
auth->providers &= ~provider;
|
auth->providers &= ~(1 << provider);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Check if provider is operating on this auth client */
|
/* Check if provider is operating on this auth client */
|
||||||
static inline bool is_provider(struct auth_client *auth, provider_t provider)
|
static inline bool is_provider(struct auth_client *auth, provider_t provider)
|
||||||
{
|
{
|
||||||
return auth->providers & provider;
|
return auth->providers & (1 << provider);
|
||||||
}
|
}
|
||||||
|
|
||||||
#endif /* __CHARYBDIS_AUTHD_PROVIDER_H__ */
|
#endif /* __CHARYBDIS_AUTHD_PROVIDER_H__ */
|
||||||
|
|
|
@ -28,9 +28,6 @@
|
||||||
|
|
||||||
struct ident_query
|
struct ident_query
|
||||||
{
|
{
|
||||||
rb_dlink_node node;
|
|
||||||
|
|
||||||
struct auth_client *auth; /* Our client */
|
|
||||||
time_t timeout; /* Timeout interval */
|
time_t timeout; /* Timeout interval */
|
||||||
rb_fde_t *F; /* Our FD */
|
rb_fde_t *F; /* Our FD */
|
||||||
};
|
};
|
||||||
|
@ -54,12 +51,10 @@ static EVH timeout_ident_queries_event;
|
||||||
static CNCB ident_connected;
|
static CNCB ident_connected;
|
||||||
static PF read_ident_reply;
|
static PF read_ident_reply;
|
||||||
|
|
||||||
static void client_fail(struct ident_query *query, ident_message message);
|
static void client_fail(struct auth_client *auth, ident_message message);
|
||||||
static void client_success(struct ident_query *query);
|
static void client_success(struct auth_client *auth);
|
||||||
static void cleanup_query(struct ident_query *query);
|
|
||||||
static char * get_valid_ident(char *buf);
|
static char * get_valid_ident(char *buf);
|
||||||
|
|
||||||
static rb_dlink_list queries;
|
|
||||||
static struct ev_entry *timeout_ev;
|
static struct ev_entry *timeout_ev;
|
||||||
static int ident_timeout = 5;
|
static int ident_timeout = 5;
|
||||||
|
|
||||||
|
@ -72,18 +67,14 @@ bool ident_init(void)
|
||||||
|
|
||||||
void ident_destroy(void)
|
void ident_destroy(void)
|
||||||
{
|
{
|
||||||
rb_dlink_node *ptr, *nptr;
|
struct auth_client *auth;
|
||||||
|
struct DictionaryIter iter;
|
||||||
|
|
||||||
/* Nuke all ident queries */
|
/* Nuke all ident queries */
|
||||||
RB_DLINK_FOREACH_SAFE(ptr, nptr, queries.head)
|
DICTIONARY_FOREACH(auth, &iter, auth_clients)
|
||||||
{
|
{
|
||||||
struct ident_query *query = ptr->data;
|
if(auth->data[PROVIDER_IDENT] != NULL)
|
||||||
|
client_fail(auth, REPORT_FAIL);
|
||||||
notice_client(query->auth, messages[REPORT_FAIL]);
|
|
||||||
|
|
||||||
rb_close(query->F);
|
|
||||||
rb_free(query);
|
|
||||||
rb_dlinkDelete(ptr, &queries);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -94,12 +85,12 @@ bool ident_start(struct auth_client *auth)
|
||||||
int family;
|
int family;
|
||||||
rb_fde_t *F;
|
rb_fde_t *F;
|
||||||
|
|
||||||
query->auth = auth;
|
auth->data[PROVIDER_IDENT] = query;
|
||||||
query->timeout = rb_current_time() + ident_timeout;
|
query->timeout = rb_current_time() + ident_timeout;
|
||||||
|
|
||||||
if((F = rb_socket(family, SOCK_STREAM, 0, "ident")) == NULL)
|
if((F = rb_socket(family, SOCK_STREAM, 0, "ident")) == NULL)
|
||||||
{
|
{
|
||||||
client_fail(query, REPORT_FAIL);
|
client_fail(auth, REPORT_FAIL);
|
||||||
return true; /* Not a fatal error */
|
return true; /* Not a fatal error */
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -109,7 +100,7 @@ bool ident_start(struct auth_client *auth)
|
||||||
if(!rb_inet_ntop_sock((struct sockaddr *)&l_addr, auth->l_ip, sizeof(l_addr)) ||
|
if(!rb_inet_ntop_sock((struct sockaddr *)&l_addr, auth->l_ip, sizeof(l_addr)) ||
|
||||||
!rb_inet_ntop_sock((struct sockaddr *)&c_addr, auth->c_ip, sizeof(c_addr)))
|
!rb_inet_ntop_sock((struct sockaddr *)&c_addr, auth->c_ip, sizeof(c_addr)))
|
||||||
{
|
{
|
||||||
client_fail(query, REPORT_FAIL);
|
client_fail(auth, REPORT_FAIL);
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -133,52 +124,32 @@ bool ident_start(struct auth_client *auth)
|
||||||
GET_SS_LEN(&l_addr), ident_connected,
|
GET_SS_LEN(&l_addr), ident_connected,
|
||||||
query, ident_timeout);
|
query, ident_timeout);
|
||||||
|
|
||||||
rb_dlinkAdd(query, &query->node, &queries);
|
|
||||||
|
|
||||||
set_provider(auth, PROVIDER_IDENT);
|
|
||||||
notice_client(auth, messages[REPORT_LOOKUP]);
|
notice_client(auth, messages[REPORT_LOOKUP]);
|
||||||
|
set_provider(auth, PROVIDER_IDENT);
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
void ident_cancel(struct auth_client *auth)
|
void ident_cancel(struct auth_client *auth)
|
||||||
{
|
{
|
||||||
rb_dlink_node *ptr, *nptr;
|
struct ident_query *query = auth->data[PROVIDER_IDENT];
|
||||||
|
|
||||||
RB_DLINK_FOREACH_SAFE(ptr, nptr, queries.head)
|
if(query != NULL)
|
||||||
{
|
client_fail(auth, REPORT_FAIL);
|
||||||
struct ident_query *query = ptr->data;
|
|
||||||
|
|
||||||
if(query->auth == auth)
|
|
||||||
{
|
|
||||||
client_fail(query, REPORT_FAIL);
|
|
||||||
|
|
||||||
rb_close(query->F);
|
|
||||||
rb_free(query);
|
|
||||||
rb_dlinkDelete(ptr, &queries);
|
|
||||||
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Timeout outstanding queries */
|
/* Timeout outstanding queries */
|
||||||
static void timeout_ident_queries_event(void *notused)
|
static void timeout_ident_queries_event(void *notused)
|
||||||
{
|
{
|
||||||
rb_dlink_node *ptr, *nptr;
|
struct auth_client *auth;
|
||||||
|
struct DictionaryIter iter;
|
||||||
|
|
||||||
RB_DLINK_FOREACH_SAFE(ptr, nptr, queries.head)
|
DICTIONARY_FOREACH(auth, &iter, auth_clients)
|
||||||
{
|
{
|
||||||
struct ident_query *query = ptr->data;
|
struct ident_query *query = auth->data[PROVIDER_IDENT];
|
||||||
|
|
||||||
if(query->timeout < rb_current_time())
|
if(query != NULL && query->timeout < rb_current_time())
|
||||||
{
|
client_fail(auth, REPORT_FAIL);
|
||||||
client_fail(query, REPORT_FAIL);
|
|
||||||
|
|
||||||
rb_close(query->F);
|
|
||||||
rb_free(query);
|
|
||||||
rb_dlinkDelete(ptr, &queries);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -195,8 +166,8 @@ static void timeout_ident_queries_event(void *notused)
|
||||||
*/
|
*/
|
||||||
static void ident_connected(rb_fde_t *F, int error, void *data)
|
static void ident_connected(rb_fde_t *F, int error, void *data)
|
||||||
{
|
{
|
||||||
struct ident_query *query = data;
|
struct auth_client *auth = data;
|
||||||
struct auth_client *auth = query->auth;
|
struct ident_query *query = auth->data[PROVIDER_IDENT];
|
||||||
char authbuf[32];
|
char authbuf[32];
|
||||||
int authlen;
|
int authlen;
|
||||||
|
|
||||||
|
@ -204,8 +175,7 @@ static void ident_connected(rb_fde_t *F, int error, void *data)
|
||||||
if(error != RB_OK)
|
if(error != RB_OK)
|
||||||
{
|
{
|
||||||
/* We had an error during connection :( */
|
/* We had an error during connection :( */
|
||||||
client_fail(query, REPORT_FAIL);
|
client_fail(auth, REPORT_FAIL);
|
||||||
cleanup_query(query);
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -215,18 +185,18 @@ static void ident_connected(rb_fde_t *F, int error, void *data)
|
||||||
|
|
||||||
if(rb_write(query->F, authbuf, authlen) != authlen)
|
if(rb_write(query->F, authbuf, authlen) != authlen)
|
||||||
{
|
{
|
||||||
client_fail(query, REPORT_FAIL);
|
client_fail(auth, REPORT_FAIL);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
read_ident_reply(query->F, query);
|
read_ident_reply(query->F, auth);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
read_ident_reply(rb_fde_t *F, void *data)
|
read_ident_reply(rb_fde_t *F, void *data)
|
||||||
{
|
{
|
||||||
struct ident_query *query = data;
|
struct auth_client *auth = data;
|
||||||
struct auth_client *auth = query->auth;
|
struct ident_query *query = auth->data[PROVIDER_IDENT];
|
||||||
char *s = NULL;
|
char *s = NULL;
|
||||||
char *t = NULL;
|
char *t = NULL;
|
||||||
int len;
|
int len;
|
||||||
|
@ -268,51 +238,35 @@ read_ident_reply(rb_fde_t *F, void *data)
|
||||||
}
|
}
|
||||||
|
|
||||||
if(s == NULL)
|
if(s == NULL)
|
||||||
client_fail(query, REPORT_FAIL);
|
client_fail(auth, REPORT_FAIL);
|
||||||
else
|
else
|
||||||
client_success(query);
|
client_success(auth);
|
||||||
|
|
||||||
cleanup_query(query);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void client_fail(struct ident_query *query, ident_message report)
|
static void client_fail(struct auth_client *auth, ident_message report)
|
||||||
{
|
{
|
||||||
struct auth_client *auth = query->auth;
|
struct ident_query *query = auth->data[PROVIDER_IDENT];
|
||||||
|
|
||||||
if(auth)
|
rb_strlcpy(auth->username, "*", sizeof(auth->username));
|
||||||
{
|
|
||||||
rb_strlcpy(auth->username, "*", sizeof(auth->username));
|
rb_close(query->F);
|
||||||
notice_client(auth, messages[report]);
|
rb_free(query);
|
||||||
provider_done(auth, PROVIDER_IDENT);
|
auth->data[PROVIDER_IDENT] = NULL;
|
||||||
}
|
|
||||||
|
notice_client(auth, messages[report]);
|
||||||
|
provider_done(auth, PROVIDER_IDENT);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void client_success(struct ident_query *query)
|
static void client_success(struct auth_client *auth)
|
||||||
{
|
{
|
||||||
struct auth_client *auth = query->auth;
|
struct ident_query *query = auth->data[PROVIDER_IDENT];
|
||||||
|
|
||||||
if(auth)
|
rb_close(query->F);
|
||||||
{
|
rb_free(query);
|
||||||
notice_client(auth, messages[REPORT_FOUND]);
|
auth->data[PROVIDER_IDENT] = NULL;
|
||||||
provider_done(auth, PROVIDER_IDENT);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
static void cleanup_query(struct ident_query *query)
|
notice_client(auth, messages[REPORT_FOUND]);
|
||||||
{
|
provider_done(auth, PROVIDER_IDENT);
|
||||||
rb_dlink_node *ptr, *nptr;
|
|
||||||
|
|
||||||
RB_DLINK_FOREACH_SAFE(ptr, nptr, queries.head)
|
|
||||||
{
|
|
||||||
struct ident_query *query_l = ptr->data;
|
|
||||||
|
|
||||||
if(query_l == query)
|
|
||||||
{
|
|
||||||
rb_close(query->F);
|
|
||||||
rb_free(query);
|
|
||||||
rb_dlinkDelete(ptr, &queries);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* get_valid_ident
|
/* get_valid_ident
|
||||||
|
|
|
@ -29,7 +29,6 @@ struct user_query
|
||||||
{
|
{
|
||||||
rb_dlink_node node;
|
rb_dlink_node node;
|
||||||
|
|
||||||
struct auth_client *auth; /* Our client */
|
|
||||||
struct dns_query *query; /* Pending DNS query */
|
struct dns_query *query; /* Pending DNS query */
|
||||||
time_t timeout; /* When the request times out */
|
time_t timeout; /* When the request times out */
|
||||||
};
|
};
|
||||||
|
@ -51,14 +50,13 @@ typedef enum
|
||||||
REPORT_TOOLONG,
|
REPORT_TOOLONG,
|
||||||
} dns_message;
|
} dns_message;
|
||||||
|
|
||||||
static void client_fail(struct user_query *query, dns_message message);
|
static void client_fail(struct auth_client *auth, dns_message message);
|
||||||
static void client_success(struct user_query *query);
|
static void client_success(struct auth_client *auth);
|
||||||
static void get_dns_answer(const char *res, bool status, query_type type, void *data);
|
static void get_dns_answer(const char *res, bool status, query_type type, void *data);
|
||||||
|
|
||||||
static struct ev_entry *timeout_ev;
|
static struct ev_entry *timeout_ev;
|
||||||
static EVH timeout_dns_queries_event;
|
static EVH timeout_dns_queries_event;
|
||||||
static int rdns_timeout = 30;
|
static int rdns_timeout = 30;
|
||||||
static rb_dlink_list queries; /* Stored here for easy timeout */
|
|
||||||
|
|
||||||
|
|
||||||
bool client_dns_init(void)
|
bool client_dns_init(void)
|
||||||
|
@ -69,14 +67,13 @@ bool client_dns_init(void)
|
||||||
|
|
||||||
void client_dns_destroy(void)
|
void client_dns_destroy(void)
|
||||||
{
|
{
|
||||||
rb_dlink_node *ptr, *nptr;
|
struct auth_client *auth;
|
||||||
struct user_query *query;
|
struct DictionaryIter iter;
|
||||||
|
|
||||||
RB_DLINK_FOREACH_SAFE(ptr, nptr, queries.head)
|
DICTIONARY_FOREACH(auth, &iter, auth_clients)
|
||||||
{
|
{
|
||||||
client_fail(ptr->data, REPORT_FAIL);
|
if(auth->data[PROVIDER_RDNS] != NULL)
|
||||||
rb_dlinkDelete(ptr, &queries);
|
client_fail(auth, REPORT_FAIL);
|
||||||
rb_free(ptr);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
rb_event_delete(timeout_ev);
|
rb_event_delete(timeout_ev);
|
||||||
|
@ -86,10 +83,11 @@ bool client_dns_start(struct auth_client *auth)
|
||||||
{
|
{
|
||||||
struct user_query *query = rb_malloc(sizeof(struct user_query));
|
struct user_query *query = rb_malloc(sizeof(struct user_query));
|
||||||
|
|
||||||
query->auth = auth;
|
|
||||||
query->timeout = rb_current_time() + rdns_timeout;
|
query->timeout = rb_current_time() + rdns_timeout;
|
||||||
|
|
||||||
query->query = lookup_hostname(auth->c_ip, get_dns_answer, query);
|
auth->data[PROVIDER_RDNS] = query;
|
||||||
|
|
||||||
|
query->query = lookup_hostname(auth->c_ip, get_dns_answer, auth);
|
||||||
|
|
||||||
notice_client(auth, messages[REPORT_LOOKUP]);
|
notice_client(auth, messages[REPORT_LOOKUP]);
|
||||||
set_provider(auth, PROVIDER_RDNS);
|
set_provider(auth, PROVIDER_RDNS);
|
||||||
|
@ -98,104 +96,75 @@ bool client_dns_start(struct auth_client *auth)
|
||||||
|
|
||||||
void client_dns_cancel(struct auth_client *auth)
|
void client_dns_cancel(struct auth_client *auth)
|
||||||
{
|
{
|
||||||
rb_dlink_node *ptr, *nptr;
|
struct user_query *query = auth->data[PROVIDER_RDNS];
|
||||||
|
|
||||||
RB_DLINK_FOREACH_SAFE(ptr, nptr, queries.head)
|
if(query != NULL)
|
||||||
{
|
client_fail(auth, REPORT_FAIL);
|
||||||
struct user_query *query = ptr->data;
|
|
||||||
|
|
||||||
if(query->auth == auth)
|
|
||||||
{
|
|
||||||
/* Victim found */
|
|
||||||
client_fail(query, REPORT_FAIL);
|
|
||||||
rb_dlinkDelete(ptr, &queries);
|
|
||||||
rb_free(query);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
get_dns_answer(const char *res, bool status, query_type type, void *data)
|
get_dns_answer(const char *res, bool status, query_type type, void *data)
|
||||||
{
|
{
|
||||||
struct user_query *query = data;
|
struct auth_client *auth = data;
|
||||||
struct auth_client *auth = query->auth;
|
struct user_query *query = auth->data[PROVIDER_RDNS];
|
||||||
bool fail = false;
|
|
||||||
dns_message response;
|
|
||||||
rb_dlink_node *ptr, *nptr;
|
|
||||||
|
|
||||||
if(res == NULL || status == false)
|
if(query == NULL || res == NULL || status == false)
|
||||||
{
|
client_fail(auth, REPORT_FAIL);
|
||||||
response = REPORT_FAIL;
|
|
||||||
fail = true;
|
|
||||||
goto cleanup;
|
|
||||||
}
|
|
||||||
else if(strlen(res) > HOSTLEN)
|
else if(strlen(res) > HOSTLEN)
|
||||||
|
client_fail(auth, REPORT_TOOLONG);
|
||||||
|
else
|
||||||
{
|
{
|
||||||
/* Ah well. */
|
rb_strlcpy(auth->hostname, res, HOSTLEN + 1);
|
||||||
response = REPORT_TOOLONG;
|
client_success(auth);
|
||||||
fail = true;
|
|
||||||
goto cleanup;
|
|
||||||
}
|
|
||||||
|
|
||||||
rb_strlcpy(auth->hostname, res, HOSTLEN + 1);
|
|
||||||
|
|
||||||
cleanup:
|
|
||||||
/* Clean us up off the pending queries list */
|
|
||||||
RB_DLINK_FOREACH_SAFE(ptr, nptr, queries.head)
|
|
||||||
{
|
|
||||||
struct user_query *query_l = ptr->data;
|
|
||||||
|
|
||||||
if(query == query_l)
|
|
||||||
{
|
|
||||||
/* Found */
|
|
||||||
if(fail)
|
|
||||||
client_fail(query, response);
|
|
||||||
else
|
|
||||||
client_success(query);
|
|
||||||
|
|
||||||
rb_dlinkDelete(ptr, &queries);
|
|
||||||
rb_free(query);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Timeout outstanding queries */
|
/* Timeout outstanding queries */
|
||||||
static void timeout_dns_queries_event(void *notused)
|
static void timeout_dns_queries_event(void *notused)
|
||||||
{
|
{
|
||||||
rb_dlink_node *ptr, *nptr;
|
struct auth_client *auth;
|
||||||
|
struct DictionaryIter iter;
|
||||||
|
|
||||||
RB_DLINK_FOREACH_SAFE(ptr, nptr, queries.head)
|
DICTIONARY_FOREACH(auth, &iter, auth_clients)
|
||||||
{
|
{
|
||||||
struct user_query *query = ptr->data;
|
struct user_query *query = auth->data[PROVIDER_RDNS];
|
||||||
|
|
||||||
if(query->auth && query->timeout < rb_current_time())
|
if(query != NULL && query->timeout < rb_current_time())
|
||||||
{
|
{
|
||||||
client_fail(query, REPORT_FAIL);
|
client_fail(auth, REPORT_FAIL);
|
||||||
rb_dlinkDelete(ptr, &queries);
|
|
||||||
rb_free(query);
|
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
static void client_fail(struct user_query *query, dns_message report)
|
static void client_fail(struct auth_client *auth, dns_message report)
|
||||||
{
|
{
|
||||||
struct auth_client *auth = query->auth;
|
struct user_query *query = auth->data[PROVIDER_RDNS];
|
||||||
|
|
||||||
|
if(query == NULL)
|
||||||
|
return;
|
||||||
|
|
||||||
rb_strlcpy(auth->hostname, "*", sizeof(auth->hostname));
|
rb_strlcpy(auth->hostname, "*", sizeof(auth->hostname));
|
||||||
|
|
||||||
notice_client(auth, messages[report]);
|
notice_client(auth, messages[report]);
|
||||||
cancel_query(query->query);
|
cancel_query(query->query);
|
||||||
|
|
||||||
|
rb_free(query);
|
||||||
|
auth->data[PROVIDER_RDNS] = NULL;
|
||||||
|
|
||||||
provider_done(auth, PROVIDER_RDNS);
|
provider_done(auth, PROVIDER_RDNS);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void client_success(struct user_query *query)
|
static void client_success(struct auth_client *auth)
|
||||||
{
|
{
|
||||||
struct auth_client *auth = query->auth;
|
struct user_query *query = auth->data[PROVIDER_RDNS];
|
||||||
|
|
||||||
notice_client(auth, messages[REPORT_FOUND]);
|
notice_client(auth, messages[REPORT_FOUND]);
|
||||||
cancel_query(query->query);
|
cancel_query(query->query);
|
||||||
|
|
||||||
|
rb_free(query);
|
||||||
|
auth->data[PROVIDER_RDNS] = NULL;
|
||||||
|
|
||||||
provider_done(auth, PROVIDER_RDNS);
|
provider_done(auth, PROVIDER_RDNS);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue