diff options
| author | Alexander Barton <alex@barton.de> | 2012-08-29 17:24:19 +0200 |
|---|---|---|
| committer | Alexander Barton <alex@barton.de> | 2012-08-29 17:24:19 +0200 |
| commit | 01b62202b2caa1b8161e62f149a9d6f705713869 (patch) | |
| tree | 94f1290d1b725a1371ccd6a95fb6c1a87838e1a6 /src | |
| parent | b68bb560e9140c0ec783ea02773aef50d11ac06d (diff) | |
| download | ngircd-01b62202b2caa1b8161e62f149a9d6f705713869.tar.gz ngircd-01b62202b2caa1b8161e62f149a9d6f705713869.zip | |
New function Conn_StartLogin() to finish connection initialization
Conn_StartLogin() is called after the connection has been established and fully innitialized, including the SSL handshake, for example. Up to this patch, the "NoticeAuth" option broke the SSL handshake ...
Diffstat (limited to 'src')
| -rw-r--r-- | src/ngircd/conn-ssl.c | 2 | ||||
| -rw-r--r-- | src/ngircd/conn.c | 72 | ||||
| -rw-r--r-- | src/ngircd/conn.h | 4 |
3 files changed, 55 insertions, 23 deletions
diff --git a/src/ngircd/conn-ssl.c b/src/ngircd/conn-ssl.c index 5d44b30f..8f7b70af 100644 --- a/src/ngircd/conn-ssl.c +++ b/src/ngircd/conn-ssl.c @@ -625,6 +625,8 @@ ConnectAccept( CONNECTION *c, bool connect) #endif /* _GNUTLS */ Conn_OPTION_DEL(c, (CONN_SSL_WANT_WRITE|CONN_SSL_WANT_READ|CONN_SSL_CONNECT)); ConnSSL_LogCertInfo(c); + + Conn_StartLogin(CONNECTION2ID(c)); return 1; } diff --git a/src/ngircd/conn.c b/src/ngircd/conn.c index 8fd162b7..81a0f450 100644 --- a/src/ngircd/conn.c +++ b/src/ngircd/conn.c @@ -88,7 +88,7 @@ static bool Handle_Write PARAMS(( CONN_ID Idx )); static bool Conn_Write PARAMS(( CONN_ID Idx, char *Data, size_t Len )); -static int New_Connection PARAMS(( int Sock )); +static int New_Connection PARAMS(( int Sock, bool IsSSL )); static CONN_ID Socket2Index PARAMS(( int Sock )); static void Read_Request PARAMS(( CONN_ID Idx )); static unsigned int Handle_Buffer PARAMS(( CONN_ID Idx )); @@ -134,7 +134,7 @@ static void cb_listen(int sock, short irrelevant) { (void) irrelevant; - (void) New_Connection(sock); + (void) New_Connection(sock, false); } @@ -152,7 +152,7 @@ cb_listen_ssl(int sock, short irrelevant) int fd; (void) irrelevant; - fd = New_Connection(sock); + fd = New_Connection(sock, true); if (fd < 0) return; io_event_setcb(My_Connections[fd].sock, cb_clientserver_ssl); @@ -1362,17 +1362,18 @@ Count_Connections(ng_ipaddr_t *a) * Initialize new client connection on a listening socket. * * @param Sock Listening socket descriptor. + * @param IsSSL true if this socket expects SSL-encrypted data. * @returns Accepted socket descriptor or -1 on error. */ static int -New_Connection(int Sock) +New_Connection(int Sock, bool IsSSL) { #ifdef TCPWRAP struct request_info req; #endif ng_ipaddr_t new_addr; char ip_str[NG_INET_ADDRSTRLEN]; - int new_sock, new_sock_len, identsock; + int new_sock, new_sock_len; CLIENT *c; long cnt; @@ -1492,31 +1493,56 @@ New_Connection(int Sock) Log(LOG_INFO, "Accepted connection %d from %s:%d on socket %d.", new_sock, My_Connections[new_sock].host, ng_ipaddr_getport(&new_addr), Sock); + Account_Connection(); + +#ifdef SSL_SUPPORT + /* Delay connection initalization until SSL handshake is finished */ + if (!IsSSL) +#endif + Conn_StartLogin(new_sock); + + return new_sock; +} /* New_Connection */ + + +/** + * Finish connection initialization, start resolver subprocess. + * + * @param Idx Connection index. + */ +GLOBAL void +Conn_StartLogin(CONN_ID Idx) +{ + int ident_sock = -1; + + assert(Idx >= 0); + + /* Nothing to do if DNS (and resolver subprocess) is disabled */ + if (!Conf_DNS) + return; - identsock = new_sock; #ifdef IDENTAUTH - if (!Conf_Ident) - identsock = -1; + /* Should we make an IDENT request? */ + if (Conf_Ident) + ident_sock = My_Connections[Idx].sock; #endif - if (Conf_DNS) { - if (Conf_NoticeAuth) { + + if (Conf_NoticeAuth) { + /* Send "NOTICE AUTH" messages to the client */ #ifdef IDENTAUTH - if (Conf_Ident) - (void)Conn_WriteStr(new_sock, - "NOTICE AUTH :*** Looking up your hostname and checking ident"); - else + if (Conf_Ident) + (void)Conn_WriteStr(Idx, + "NOTICE AUTH :*** Looking up your hostname and checking ident"); + else #endif - (void)Conn_WriteStr(new_sock, - "NOTICE AUTH :*** Looking up your hostname"); - (void)Handle_Write(new_sock); - } - Resolve_Addr(&My_Connections[new_sock].proc_stat, &new_addr, - identsock, cb_Read_Resolver_Result); + (void)Conn_WriteStr(Idx, + "NOTICE AUTH :*** Looking up your hostname"); + (void)Handle_Write(Idx); } - Account_Connection(); - return new_sock; -} /* New_Connection */ + Resolve_Addr(&My_Connections[Idx].proc_stat, &My_Connections[Idx].addr, + ident_sock, cb_Read_Resolver_Result); +} /** diff --git a/src/ngircd/conn.h b/src/ngircd/conn.h index 4a8b6777..e42a2ae6 100644 --- a/src/ngircd/conn.h +++ b/src/ngircd/conn.h @@ -101,6 +101,8 @@ GLOBAL CONNECTION *My_Connections; GLOBAL CONN_ID Pool_Size; GLOBAL long WCounter; +#define CONNECTION2ID(x) (long)(x - My_Connections) + #endif /* CONN_MODULE */ @@ -112,6 +114,8 @@ GLOBAL void Conn_CloseAllSockets PARAMS((int ExceptOf)); GLOBAL unsigned int Conn_InitListeners PARAMS(( void )); GLOBAL void Conn_ExitListeners PARAMS(( void )); +GLOBAL void Conn_StartLogin PARAMS((CONN_ID Idx)); + GLOBAL void Conn_Handler PARAMS(( void )); GLOBAL bool Conn_WriteStr PARAMS(( CONN_ID Idx, const char *Format, ... )); |