ssld: integrate some cleanups from ratbox 3.1

This commit is contained in:
William Pitcock 2015-12-10 23:40:24 -06:00
parent d44660305f
commit 408a29c65a

View file

@ -36,16 +36,16 @@
static void setup_signals(void); static void setup_signals(void);
static pid_t ppid; static pid_t ppid;
static inline int32_t static inline uint32_t
buf_to_int32(uint8_t *buf) buf_to_uint32(uint8_t *buf)
{ {
int32_t x; uint32_t x;
memcpy(&x, buf, sizeof(x)); memcpy(&x, buf, sizeof(x));
return x; return x;
} }
static inline void static inline void
int32_to_buf(uint8_t *buf, int32_t x) uint32_to_buf(uint8_t *buf, uint32_t x)
{ {
memcpy(buf, &x, sizeof(x)); memcpy(buf, &x, sizeof(x));
return; return;
@ -93,7 +93,7 @@ typedef struct _conn
rawbuf_head_t *modbuf_out; rawbuf_head_t *modbuf_out;
rawbuf_head_t *plainbuf_out; rawbuf_head_t *plainbuf_out;
int32_t id; uint32_t id;
rb_fde_t *mod_fd; rb_fde_t *mod_fd;
rb_fde_t *plain_fd; rb_fde_t *plain_fd;
@ -182,7 +182,7 @@ ssld_free(void *unused, void *ptr)
#endif #endif
static conn_t * static conn_t *
conn_find_by_id(int32_t id) conn_find_by_id(uint32_t id)
{ {
rb_dlink_node *ptr; rb_dlink_node *ptr;
conn_t *conn; conn_t *conn;
@ -197,7 +197,7 @@ conn_find_by_id(int32_t id)
} }
static void static void
conn_add_id_hash(conn_t * conn, int32_t id) conn_add_id_hash(conn_t * conn, uint32_t id)
{ {
conn->id = id; conn->id = id;
rb_dlinkAdd(conn, &conn->node, connid_hash(id)); rb_dlinkAdd(conn, &conn->node, connid_hash(id));
@ -248,7 +248,7 @@ close_conn(conn_t * conn, int wait_plain, const char *fmt, ...)
rb_close(conn->mod_fd); rb_close(conn->mod_fd);
SetDead(conn); SetDead(conn);
if(conn->id >= 0 && !IsZipSSL(conn)) if(!IsZipSSL(conn))
rb_dlinkDelete(&conn->node, connid_hash(conn->id)); rb_dlinkDelete(&conn->node, connid_hash(conn->id));
if(!wait_plain || fmt == NULL) if(!wait_plain || fmt == NULL)
@ -264,7 +264,7 @@ close_conn(conn_t * conn, int wait_plain, const char *fmt, ...)
va_end(ap); va_end(ap);
buf[0] = 'D'; buf[0] = 'D';
int32_to_buf(&buf[1], conn->id); uint32_to_buf(&buf[1], conn->id);
rb_strlcpy((char *) &buf[5], reason, sizeof(buf) - 5); rb_strlcpy((char *) &buf[5], reason, sizeof(buf) - 5);
len = (strlen(reason) + 1) + 5; len = (strlen(reason) + 1) + 5;
mod_cmd_write_queue(conn->ctl, buf, len); mod_cmd_write_queue(conn->ctl, buf, len);
@ -660,25 +660,59 @@ maxconn(void)
return MAXCONNECTIONS; return MAXCONNECTIONS;
} }
static void
ssl_send_cipher(conn_t *conn)
{
#if 0
size_t len;
char buf[512];
char cstring[256];
const char *p;
if(!IsSSL(conn))
return;
p = rb_ssl_get_cipher(conn->mod_fd);
if(p == NULL)
return;
rb_strlcpy(cstring, p, sizeof(cstring));
buf[0] = 'C';
uint32_to_buf(&buf[1], conn->id);
strcpy(&buf[5], cstring);
len = (strlen(cstring) + 1) + 5;
mod_cmd_write_queue(conn->ctl, buf, len);
#endif
}
static void
ssl_send_certfp(conn_t *conn)
{
uint8_t buf[9 + RB_SSL_CERTFP_LEN];
int len = rb_get_ssl_certfp(conn->mod_fd, &buf[9], certfp_method);
if (!len)
return;
lrb_assert(len <= RB_SSL_CERTFP_LEN);
buf[0] = 'F';
uint32_to_buf(&buf[1], conn->id);
uint32_to_buf(&buf[5], len);
mod_cmd_write_queue(conn->ctl, buf, 9 + len);
}
static void static void
ssl_process_accept_cb(rb_fde_t *F, int status, struct sockaddr *addr, rb_socklen_t len, void *data) ssl_process_accept_cb(rb_fde_t *F, int status, struct sockaddr *addr, rb_socklen_t len, void *data)
{ {
conn_t *conn = data; conn_t *conn = data;
uint8_t buf[9 + RB_SSL_CERTFP_LEN];
if(status == RB_OK) if(status == RB_OK)
{ {
int len = rb_get_ssl_certfp(F, &buf[9], certfp_method);
if(len)
{
lrb_assert(len <= RB_SSL_CERTFP_LEN);
buf[0] = 'F';
int32_to_buf(&buf[1], conn->id);
int32_to_buf(&buf[5], len);
mod_cmd_write_queue(conn->ctl, buf, 9 + len);
}
conn_mod_read_cb(conn->mod_fd, conn); conn_mod_read_cb(conn->mod_fd, conn);
conn_plain_read_cb(conn->plain_fd, conn); conn_plain_read_cb(conn->plain_fd, conn);
ssl_send_cipher(conn);
ssl_send_certfp(conn);
return; return;
} }
/* ircd doesn't care about the reason for this */ /* ircd doesn't care about the reason for this */
@ -690,21 +724,13 @@ static void
ssl_process_connect_cb(rb_fde_t *F, int status, void *data) ssl_process_connect_cb(rb_fde_t *F, int status, void *data)
{ {
conn_t *conn = data; conn_t *conn = data;
uint8_t buf[9 + RB_SSL_CERTFP_LEN];
if(status == RB_OK) if(status == RB_OK)
{ {
int len = rb_get_ssl_certfp(F, &buf[9], certfp_method);
if(len)
{
lrb_assert(len <= RB_SSL_CERTFP_LEN);
buf[0] = 'F';
int32_to_buf(&buf[1], conn->id);
int32_to_buf(&buf[5], len);
mod_cmd_write_queue(conn->ctl, buf, 9 + len);
}
conn_mod_read_cb(conn->mod_fd, conn); conn_mod_read_cb(conn->mod_fd, conn);
conn_plain_read_cb(conn->plain_fd, conn); conn_plain_read_cb(conn->plain_fd, conn);
ssl_send_cipher(conn);
ssl_send_certfp(conn);
} }
else if(status == RB_ERR_TIMEOUT) else if(status == RB_ERR_TIMEOUT)
close_conn(conn, WAIT_PLAIN, "SSL handshake timed out"); close_conn(conn, WAIT_PLAIN, "SSL handshake timed out");
@ -729,13 +755,11 @@ static void
ssl_process_accept(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) ssl_process_accept(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
{ {
conn_t *conn; conn_t *conn;
int32_t id; uint32_t id;
conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]); conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]);
id = buf_to_int32(&ctlb->buf[1]); id = buf_to_uint32(&ctlb->buf[1]);
if(id >= 0)
conn_add_id_hash(conn, id); conn_add_id_hash(conn, id);
SetSSL(conn); SetSSL(conn);
@ -753,19 +777,17 @@ ssl_process_accept(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
static void static void
ssl_change_certfp_method(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) ssl_change_certfp_method(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
{ {
certfp_method = buf_to_int32(&ctlb->buf[1]); certfp_method = buf_to_uint32(&ctlb->buf[1]);
} }
static void static void
ssl_process_connect(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb) ssl_process_connect(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
{ {
conn_t *conn; conn_t *conn;
int32_t id; uint32_t id;
conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]); conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]);
id = buf_to_int32(&ctlb->buf[1]); id = buf_to_uint32(&ctlb->buf[1]);
if(id >= 0)
conn_add_id_hash(conn, id); conn_add_id_hash(conn, id);
SetSSL(conn); SetSSL(conn);
@ -785,12 +807,9 @@ process_stats(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
char outstat[512]; char outstat[512];
conn_t *conn; conn_t *conn;
uint8_t *odata; uint8_t *odata;
int32_t id; uint32_t id;
id = buf_to_int32(&ctlb->buf[1]); id = buf_to_uint32(&ctlb->buf[1]);
if(id < 0)
return;
odata = &ctlb->buf[5]; odata = &ctlb->buf[5];
conn = conn_find_by_id(id); conn = conn_find_by_id(id);
@ -810,10 +829,9 @@ process_stats(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
static void static void
change_connid(mod_ctl_t *ctl, mod_ctl_buf_t *ctlb) change_connid(mod_ctl_t *ctl, mod_ctl_buf_t *ctlb)
{ {
int32_t id = buf_to_int32(&ctlb->buf[1]); uint32_t id = buf_to_uint32(&ctlb->buf[1]);
int32_t newid = buf_to_int32(&ctlb->buf[5]); uint32_t newid = buf_to_uint32(&ctlb->buf[5]);
conn_t *conn = conn_find_by_id(id); conn_t *conn = conn_find_by_id(id);
if(conn->id >= 0)
rb_dlinkDelete(&conn->node, connid_hash(conn->id)); rb_dlinkDelete(&conn->node, connid_hash(conn->id));
SetZipSSL(conn); SetZipSSL(conn);
conn->id = newid; conn->id = newid;
@ -825,11 +843,11 @@ zlib_process(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
{ {
uint8_t level; uint8_t level;
size_t recvqlen; size_t recvqlen;
size_t hdr = (sizeof(uint8_t) * 2) + sizeof(int32_t); size_t hdr = (sizeof(uint8_t) * 2) + sizeof(uint32_t);
void *recvq_start; void *recvq_start;
z_stream *instream, *outstream; z_stream *instream, *outstream;
conn_t *conn; conn_t *conn;
int32_t id; uint32_t id;
conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]); conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]);
if(rb_get_type(conn->mod_fd) == RB_FD_UNKNOWN) if(rb_get_type(conn->mod_fd) == RB_FD_UNKNOWN)
@ -838,7 +856,7 @@ zlib_process(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
if(rb_get_type(conn->plain_fd) == RB_FD_UNKNOWN) if(rb_get_type(conn->plain_fd) == RB_FD_UNKNOWN)
rb_set_type(conn->plain_fd, RB_FD_SOCKET); rb_set_type(conn->plain_fd, RB_FD_SOCKET);
id = buf_to_int32(&ctlb->buf[1]); id = buf_to_uint32(&ctlb->buf[1]);
conn_add_id_hash(conn, id); conn_add_id_hash(conn, id);
level = (uint8_t)ctlb->buf[5]; level = (uint8_t)ctlb->buf[5];
@ -865,7 +883,7 @@ zlib_process(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
outstream->data_type = Z_ASCII; outstream->data_type = Z_ASCII;
if(level > 9) if(level > 9)
level = Z_DEFAULT_COMPRESSION; level = (uint8_t) Z_DEFAULT_COMPRESSION;
deflateInit(&((zlib_stream_t *) conn->stream)->outstream, level); deflateInit(&((zlib_stream_t *) conn->stream)->outstream, level);
if(recvqlen > 0) if(recvqlen > 0)
@ -918,14 +936,12 @@ send_nossl_support(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
{ {
static const char *nossl_cmd = "N"; static const char *nossl_cmd = "N";
conn_t *conn; conn_t *conn;
int32_t id; uint32_t id;
if(ctlb != NULL) if(ctlb != NULL)
{ {
conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]); conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]);
id = buf_to_int32(&ctlb->buf[1]); id = buf_to_uint32(&ctlb->buf[1]);
if(id >= 0)
conn_add_id_hash(conn, id); conn_add_id_hash(conn, id);
close_conn(conn, WAIT_PLAIN, "libratbox reports no SSL/TLS support"); close_conn(conn, WAIT_PLAIN, "libratbox reports no SSL/TLS support");
} }
@ -944,13 +960,11 @@ send_nozlib_support(mod_ctl_t * ctl, mod_ctl_buf_t * ctlb)
{ {
static const char *nozlib_cmd = "z"; static const char *nozlib_cmd = "z";
conn_t *conn; conn_t *conn;
int32_t id; uint32_t id;
if(ctlb != NULL) if(ctlb != NULL)
{ {
conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]); conn = make_conn(ctl, ctlb->F[0], ctlb->F[1]);
id = buf_to_int32(&ctlb->buf[1]); id = buf_to_uint32(&ctlb->buf[1]);
if(id >= 0)
conn_add_id_hash(conn, id); conn_add_id_hash(conn, id);
close_conn(conn, WAIT_PLAIN, "libratbox reports no zlib support"); close_conn(conn, WAIT_PLAIN, "libratbox reports no zlib support");
} }