ssld: integrate some cleanups from ratbox 3.1

This commit is contained in:
William Pitcock 2015-12-10 23:40:24 -06:00
parent d44660305f
commit 408a29c65a

View file

@ -36,16 +36,16 @@
static void setup_signals(void);
static pid_t ppid;
static inline int32_t
buf_to_int32(uint8_t *buf)
static inline uint32_t
buf_to_uint32(uint8_t *buf)
{
int32_t x;
uint32_t x;
memcpy(&x, buf, sizeof(x));
return x;
}
static inline void
int32_to_buf(uint8_t *buf, int32_t x)
uint32_to_buf(uint8_t *buf, uint32_t x)
{
memcpy(buf, &x, sizeof(x));
return;
@ -93,7 +93,7 @@ typedef struct _conn
rawbuf_head_t *modbuf_out;
rawbuf_head_t *plainbuf_out;
int32_t id;
uint32_t id;
rb_fde_t *mod_fd;
rb_fde_t *plain_fd;
@ -182,7 +182,7 @@ ssld_free(void *unused, void *ptr)
#endif
static conn_t *
conn_find_by_id(int32_t id)
conn_find_by_id(uint32_t id)
{
rb_dlink_node *ptr;
conn_t *conn;
@ -197,7 +197,7 @@ conn_find_by_id(int32_t id)
}
static void
conn_add_id_hash(conn_t * conn, int32_t id)
conn_add_id_hash(conn_t * conn, uint32_t id)
{
conn->id = id;
rb_dlinkAdd(conn, &conn->node, connid_hash(id));
@ -248,7 +248,7 @@ close_conn(conn_t * conn, int wait_plain, const char *fmt, ...)
rb_close(conn->mod_fd);
SetDead(conn);
if(conn->id >= 0 && !IsZipSSL(conn))
if(!IsZipSSL(conn))
rb_dlinkDelete(&conn->node, connid_hash(conn->id));
if(!wait_plain || fmt == NULL)
@ -264,7 +264,7 @@ close_conn(conn_t * conn, int wait_plain, const char *fmt, ...)
va_end(ap);
buf[0] = 'D';
int32_to_buf(&buf[1], conn->id);
uint32_to_buf(&buf[1], conn->id);
rb_strlcpy((char *) &buf[5], reason, sizeof(buf) - 5);
len = (strlen(reason) + 1) + 5;
mod_cmd_write_queue(conn->ctl, buf, len);
@ -660,25 +660,59 @@ maxconn(void)
return MAXCONNECTIONS;
}
static void
ssl_send_cipher(conn_t *conn)
{
#if 0
size_t len;
char buf[512];
char cstring[256];
const char *p;
if(!IsSSL(conn))
return;
p = rb_ssl_get_cipher(conn->mod_fd);
if(p == NULL)
return;
rb_strlcpy(cstring, p, sizeof(cstring));
buf[0] = 'C';
uint32_to_buf(&buf[1], conn->id);
strcpy(&buf[5], cstring);
len = (strlen(cstring) + 1) + 5;
mod_cmd_write_queue(conn->ctl, buf, len);
#endif
}
static void
ssl_send_certfp(conn_t *conn)
{
uint8_t buf[9 + RB_SSL_CERTFP_LEN];
int len = rb_get_ssl_certfp(conn->mod_fd, &buf[9], certfp_method);
if (!len)
return;
lrb_assert(len <= RB_SSL_CERTFP_LEN);
buf[0] = 'F';
uint32_to_buf(&buf[1], conn->id);
uint32_to_buf(&buf[5], len);
mod_cmd_write_queue(conn->ctl, buf, 9 + len);
}
static void
ssl_process_accept_cb(rb_fde_t *F, int status, struct sockaddr *addr, rb_socklen_t len, void *data)
{
conn_t *conn = data;
uint8_t buf[9 + RB_SSL_CERTFP_LEN];
if(status == RB_OK)
{
int len = rb_get_ssl_certfp(F, &buf[9], certfp_method);
if(len)
{
lrb_assert(len <= RB_SSL_CERTFP_LEN);
buf[0] = 'F';
int32_to_buf(&buf[1], conn->id);
int32_to_buf(&buf[5], len);
mod_cmd_write_queue(conn->ctl, buf, 9 + len);
}
conn_mod_read_cb(conn->mod_fd, conn);
conn_plain_read_cb(conn->plain_fd, conn);
ssl_send_cipher(conn);
ssl_send_certfp(conn);
return;
}
/* ircd doesn't care about the reason for this */
@ -690,21 +724,13 @@ static void
ssl_process_connect_cb(rb_fde_t *F, int status, void *data)
{
conn_t *conn = data;
uint8_t buf[9 + RB_SSL_CERTFP_LEN];
if(status == RB_OK)
{
int len = rb_get_ssl_certfp(F, &buf[9], certfp_method);
if(len)
{
lrb_assert(len <= RB_SSL_CERTFP_LEN);
buf[0] = 'F';
int32_to_buf(&buf[1], conn->id);
int32_to_buf(&buf[5], len);
mod_cmd_write_queue(conn->ctl, buf, 9 + len);
}
conn_mod_read_cb(conn->mod_fd, conn);
conn_plain_read_cb(conn->plain_fd, conn);
ssl_send_cipher(conn);
ssl_send_certfp(conn);
}
else if(status == RB_ERR_TIMEOUT)
close_conn(conn, WAIT_PLAIN, "SSL handshake timed out");
@ -729,14 +755,12 @@ static void
ssl_process_accept(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
{
conn_t *conn;
int32_t id;
uint32_t id;
conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]);
id = buf_to_int32(&ctlb->buf[1]);
if(id >= 0)
conn_add_id_hash(conn, id);
id = buf_to_uint32(&ctlb->buf[1]);
conn_add_id_hash(conn, id);
SetSSL(conn);
if(rb_get_type(conn->mod_fd) & RB_FD_UNKNOWN)
@ -753,20 +777,18 @@ ssl_process_accept(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
static void
ssl_change_certfp_method(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
{
certfp_method = buf_to_int32(&ctlb->buf[1]);
certfp_method = buf_to_uint32(&ctlb->buf[1]);
}
static void
ssl_process_connect(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
{
conn_t *conn;
int32_t id;
uint32_t id;
conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]);
id = buf_to_int32(&ctlb->buf[1]);
if(id >= 0)
conn_add_id_hash(conn, id);
id = buf_to_uint32(&ctlb->buf[1]);
conn_add_id_hash(conn, id);
SetSSL(conn);
if(rb_get_type(conn->mod_fd) == RB_FD_UNKNOWN)
@ -785,12 +807,9 @@ process_stats(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
char outstat[512];
conn_t *conn;
uint8_t *odata;
int32_t id;
uint32_t id;
id = buf_to_int32(&ctlb->buf[1]);
if(id < 0)
return;
id = buf_to_uint32(&ctlb->buf[1]);
odata = &ctlb->buf[5];
conn = conn_find_by_id(id);
@ -810,11 +829,10 @@ process_stats(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
static void
change_connid(mod_ctl_t *ctl, mod_ctl_buf_t *ctlb)
{
int32_t id = buf_to_int32(&ctlb->buf[1]);
int32_t newid = buf_to_int32(&ctlb->buf[5]);
uint32_t id = buf_to_uint32(&ctlb->buf[1]);
uint32_t newid = buf_to_uint32(&ctlb->buf[5]);
conn_t *conn = conn_find_by_id(id);
if(conn->id >= 0)
rb_dlinkDelete(&conn->node, connid_hash(conn->id));
rb_dlinkDelete(&conn->node, connid_hash(conn->id));
SetZipSSL(conn);
conn->id = newid;
}
@ -825,11 +843,11 @@ zlib_process(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
{
uint8_t level;
size_t recvqlen;
size_t hdr = (sizeof(uint8_t) * 2) + sizeof(int32_t);
size_t hdr = (sizeof(uint8_t) * 2) + sizeof(uint32_t);
void *recvq_start;
z_stream *instream, *outstream;
conn_t *conn;
int32_t id;
uint32_t id;
conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]);
if(rb_get_type(conn->mod_fd) == RB_FD_UNKNOWN)
@ -838,7 +856,7 @@ zlib_process(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
if(rb_get_type(conn->plain_fd) == RB_FD_UNKNOWN)
rb_set_type(conn->plain_fd, RB_FD_SOCKET);
id = buf_to_int32(&ctlb->buf[1]);
id = buf_to_uint32(&ctlb->buf[1]);
conn_add_id_hash(conn, id);
level = (uint8_t)ctlb->buf[5];
@ -865,7 +883,7 @@ zlib_process(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
outstream->data_type = Z_ASCII;
if(level > 9)
level = Z_DEFAULT_COMPRESSION;
level = (uint8_t) Z_DEFAULT_COMPRESSION;
deflateInit(&((zlib_stream_t *) conn->stream)->outstream, level);
if(recvqlen > 0)
@ -918,15 +936,13 @@ send_nossl_support(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
{
static const char *nossl_cmd = "N";
conn_t *conn;
int32_t id;
uint32_t id;
if(ctlb != NULL)
{
conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]);
id = buf_to_int32(&ctlb->buf[1]);
if(id >= 0)
conn_add_id_hash(conn, id);
id = buf_to_uint32(&ctlb->buf[1]);
conn_add_id_hash(conn, id);
close_conn(conn, WAIT_PLAIN, "libratbox reports no SSL/TLS support");
}
mod_cmd_write_queue(ctl, nossl_cmd, strlen(nossl_cmd));
@ -944,14 +960,12 @@ send_nozlib_support(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
{
static const char *nozlib_cmd = "z";
conn_t *conn;
int32_t id;
uint32_t id;
if(ctlb != NULL)
{
conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]);
id = buf_to_int32(&ctlb->buf[1]);
if(id >= 0)
conn_add_id_hash(conn, id);
id = buf_to_uint32(&ctlb->buf[1]);
conn_add_id_hash(conn, id);
close_conn(conn, WAIT_PLAIN, "libratbox reports no zlib support");
}
mod_cmd_write_queue(ctl, nozlib_cmd, strlen(nozlib_cmd));