9pfs/solanum-vs-hackint-and-charybdis
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

libratbox: add support for TCP_DEFER_ACCEPT on linux

Browse source 
This allows for some further hardening against synflooding and connection flooding
where no data is actually sent, as the kernel will simply ignore those connections
(well, as far as the ircd is concerned anyway).
This commit is contained in:
William Pitcock 2012-03-17 09:16:39 -05:00
parent 57b1cd5f6b
commit 77cb59b319
8 changed files with 49 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
libratbox/Makefile.in
View file

@ -1,4 +1,4 @@
# Makefile.in generated by automake 1.11.2 from Makefile.am. # Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@ # @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
@ -102,9 +102,11 @@ DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
distdir = $(PACKAGE)-$(VERSION) distdir = $(PACKAGE)-$(VERSION)
top_distdir = $(distdir) top_distdir = $(distdir)
am__remove_distdir = \ am__remove_distdir = \
{ test ! -d "$(distdir)" \ if test -d "$(distdir)"; then \
|| { find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \ find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \
&& rm -fr "$(distdir)"; }; } && rm -rf "$(distdir)" \
|| { sleep 5 && rm -rf "$(distdir)"; }; \
else :; fi
am__relativize = \ am__relativize = \
dir0=`pwd`; \ dir0=`pwd`; \
sed_first='s,^\([^/]*\)/.*$$,\1,'; \ sed_first='s,^\([^/]*\)/.*$$,\1,'; \
@ -563,6 +565,10 @@ dist-bzip2: distdir
tardir=$(distdir) && $(am__tar) | BZIP2=$${BZIP2--9} bzip2 -c >$(distdir).tar.bz2 tardir=$(distdir) && $(am__tar) | BZIP2=$${BZIP2--9} bzip2 -c >$(distdir).tar.bz2
$(am__remove_distdir) $(am__remove_distdir)
dist-lzip: distdir
tardir=$(distdir) && $(am__tar) | lzip -c $${LZIP_OPT--9} >$(distdir).tar.lz
$(am__remove_distdir)
dist-lzma: distdir dist-lzma: distdir
tardir=$(distdir) && $(am__tar) | lzma -9 -c >$(distdir).tar.lzma tardir=$(distdir) && $(am__tar) | lzma -9 -c >$(distdir).tar.lzma
$(am__remove_distdir) $(am__remove_distdir)
@ -599,6 +605,8 @@ distcheck: dist
bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\ bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\
*.tar.lzma*) \ *.tar.lzma*) \
lzma -dc $(distdir).tar.lzma | $(am__untar) ;;\ lzma -dc $(distdir).tar.lzma | $(am__untar) ;;\
*.tar.lz*) \
lzip -dc $(distdir).tar.lz | $(am__untar) ;;\
*.tar.xz*) \ *.tar.xz*) \
xz -dc $(distdir).tar.xz | $(am__untar) ;;\ xz -dc $(distdir).tar.xz | $(am__untar) ;;\
*.tar.Z*) \ *.tar.Z*) \
@ -786,8 +794,8 @@ uninstall-am: uninstall-pkgconfigDATA
.PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \ .PHONY: $(RECURSIVE_CLEAN_TARGETS) $(RECURSIVE_TARGETS) CTAGS GTAGS \
all all-am am--refresh check check-am clean clean-generic \ all all-am am--refresh check check-am clean clean-generic \
clean-libtool ctags ctags-recursive dist dist-all dist-bzip2 \ clean-libtool ctags ctags-recursive dist dist-all dist-bzip2 \
dist-gzip dist-lzma dist-shar dist-tarZ dist-xz dist-zip \ dist-gzip dist-lzip dist-lzma dist-shar dist-tarZ dist-xz \
distcheck distclean distclean-generic distclean-hdr \ dist-zip distcheck distclean distclean-generic distclean-hdr \
distclean-libtool distclean-tags distcleancheck distdir \ distclean-libtool distclean-tags distcleancheck distdir \
distuninstallcheck dvi dvi-am html html-am info info-am \ distuninstallcheck dvi dvi-am html html-am info info-am \
install install-am install-data install-data-am install-dvi \ install install-am install-data install-data-am install-dvi \

15
libratbox/aclocal.m4 vendored
View file

@ -1,4 +1,4 @@
# generated automatically by aclocal 1.11.2 -*- Autoconf -*- # generated automatically by aclocal 1.11.3 -*- Autoconf -*-
# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
# 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation, # 2005, 2006, 2007, 2008, 2009, 2010, 2011 Free Software Foundation,
@ -8783,7 +8783,7 @@ AC_DEFUN([AM_AUTOMAKE_VERSION],
[am__api_version='1.11' [am__api_version='1.11'
dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to
dnl require some minimum version. Point them to the right macro. dnl require some minimum version. Point them to the right macro.
m4_if([$1], [1.11.2], [], m4_if([$1], [1.11.3], [],
[AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl
]) ])
@ -8799,7 +8799,7 @@ m4_define([_AM_AUTOCONF_VERSION], [])
# Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced.
# This function is AC_REQUIREd by AM_INIT_AUTOMAKE. # This function is AC_REQUIREd by AM_INIT_AUTOMAKE.
AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION],
[AM_AUTOMAKE_VERSION([1.11.2])dnl [AM_AUTOMAKE_VERSION([1.11.3])dnl
m4_ifndef([AC_AUTOCONF_VERSION], m4_ifndef([AC_AUTOCONF_VERSION],
[m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl
_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) _AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))])
@ -9671,7 +9671,7 @@ AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
# Check how to create a tarball. -*- Autoconf -*- # Check how to create a tarball. -*- Autoconf -*-
# Copyright (C) 2004, 2005 Free Software Foundation, Inc. # Copyright (C) 2004, 2005, 2012 Free Software Foundation, Inc.
# #
# This file is free software; the Free Software Foundation # This file is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it, # gives unlimited permission to copy and/or distribute it,
@ -9693,10 +9693,11 @@ AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)])
# a tarball read from stdin. # a tarball read from stdin.
# $(am__untar) < result.tar # $(am__untar) < result.tar
AC_DEFUN([_AM_PROG_TAR], AC_DEFUN([_AM_PROG_TAR],
[# Always define AMTAR for backward compatibility. [# Always define AMTAR for backward compatibility. Yes, it's still used
AM_MISSING_PROG([AMTAR], [tar]) # in the wild :-( We should find a proper way to deprecate it ...
AC_SUBST([AMTAR], ['$${TAR-tar}'])
m4_if([$1], [v7], m4_if([$1], [v7],
[am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -'], [am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'],
[m4_case([$1], [ustar],, [pax],, [m4_case([$1], [ustar],, [pax],,
[m4_fatal([Unknown tar format])]) [m4_fatal([Unknown tar format])])
AC_MSG_CHECKING([how to create a $1 tar archive]) AC_MSG_CHECKING([how to create a $1 tar archive])

10
libratbox/configure vendored
View file

@ -2830,11 +2830,11 @@ MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"}
# We need awk for the "check" target. The system "awk" is bad on # We need awk for the "check" target. The system "awk" is bad on
# some platforms. # some platforms.
# Always define AMTAR for backward compatibility. # Always define AMTAR for backward compatibility. Yes, it's still used
# in the wild :-( We should find a proper way to deprecate it ...
AMTAR='$${TAR-tar}'
AMTAR=${AMTAR-"${am_missing_run}tar"} am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'
am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -'
@ -12882,7 +12882,7 @@ $as_echo "#define STDC_HEADERS 1" >>confdefs.h
fi fi
for ac_header in crypt.h unistd.h sys/socket.h sys/stat.h sys/time.h time.h netinet/in.h arpa/inet.h errno.h sys/uio.h spawn.h sys/poll.h sys/epoll.h sys/select.h sys/devpoll.h sys/event.h port.h signal.h sys/signalfd.h sys/timerfd.h for ac_header in crypt.h unistd.h sys/socket.h sys/stat.h sys/time.h time.h netinet/in.h arpa/inet.h errno.h sys/uio.h spawn.h sys/poll.h sys/epoll.h sys/select.h sys/devpoll.h sys/event.h port.h signal.h sys/signalfd.h sys/timerfd.h linux/tcp.h
do : do :
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"

2
libratbox/configure.ac
View file

@ -105,7 +105,7 @@ AC_TYPE_UID_T
dnl Checks for header files. dnl Checks for header files.
AC_HEADER_STDC AC_HEADER_STDC
AC_CHECK_HEADERS([crypt.h unistd.h sys/socket.h sys/stat.h sys/time.h time.h netinet/in.h arpa/inet.h errno.h sys/uio.h spawn.h sys/poll.h sys/epoll.h sys/select.h sys/devpoll.h sys/event.h port.h signal.h sys/signalfd.h sys/timerfd.h]) AC_CHECK_HEADERS([crypt.h unistd.h sys/socket.h sys/stat.h sys/time.h time.h netinet/in.h arpa/inet.h errno.h sys/uio.h spawn.h sys/poll.h sys/epoll.h sys/select.h sys/devpoll.h sys/event.h port.h signal.h sys/signalfd.h sys/timerfd.h linux/tcp.h])
AC_HEADER_TIME AC_HEADER_TIME
dnl Networking Functions dnl Networking Functions

3
libratbox/include/libratbox_config.h.in
View file

@ -69,6 +69,9 @@
/* Define to 1 if you have the `kevent' function. */ /* Define to 1 if you have the `kevent' function. */
#undef HAVE_KEVENT #undef HAVE_KEVENT
/* Define to 1 if you have the <linux/tcp.h> header file. */
#undef HAVE_LINUX_TCP_H
/* Define to 1 if you have the <memory.h> header file. */ /* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H #undef HAVE_MEMORY_H

4
libratbox/include/ratbox_lib.h
View file

@ -14,6 +14,10 @@
#include <signal.h> #include <signal.h>
#include <ctype.h> #include <ctype.h>
#ifdef HAVE_LINUX_TCP_H
# include <linux/tcp.h>
#endif
#ifdef __GNUC__ #ifdef __GNUC__
#undef alloca #undef alloca
#define alloca __builtin_alloca #define alloca __builtin_alloca

4
libratbox/src/Makefile.in
View file

@ -1,4 +1,4 @@
# Makefile.in generated by automake 1.11.2 from Makefile.am. # Makefile.in generated by automake 1.11.3 from Makefile.am.
# @configure_input@ # @configure_input@
# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, # Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002,
@ -335,7 +335,7 @@ clean-libLTLIBRARIES:
echo "rm -f \"$${dir}/so_locations\""; \ echo "rm -f \"$${dir}/so_locations\""; \
rm -f "$${dir}/so_locations"; \ rm -f "$${dir}/so_locations"; \
done done
libratbox.la: $(libratbox_la_OBJECTS) $(libratbox_la_DEPENDENCIES) libratbox.la: $(libratbox_la_OBJECTS) $(libratbox_la_DEPENDENCIES) $(EXTRA_libratbox_la_DEPENDENCIES)
$(libratbox_la_LINK) -rpath $(libdir) $(libratbox_la_OBJECTS) $(libratbox_la_LIBADD) $(LIBS) $(libratbox_la_LINK) -rpath $(libdir) $(libratbox_la_OBJECTS) $(libratbox_la_LIBADD) $(LIBS)
mostlyclean-compile: mostlyclean-compile:

14
libratbox/src/commio.c
View file

@ -763,9 +763,19 @@ mangle_mapped_sockaddr(struct sockaddr *in)
int int
rb_listen(rb_fde_t *F, int backlog) rb_listen(rb_fde_t *F, int backlog)
{ {
int result;
F->type = RB_FD_SOCKET | RB_FD_LISTEN; F->type = RB_FD_SOCKET | RB_FD_LISTEN;
/* Currently just a simple wrapper for the sake of being complete */ result = listen(F->fd, backlog);
return listen(F->fd, backlog);
#ifdef TCP_DEFER_ACCEPT
if (!result)
{
setsockopt(F->fd, IPPROTO_TCP, TCP_DEFER_ACCEPT, &backlog, sizeof(int));
}
#endif
return result;
} }
void void