/* send_linebuf()
*
* inputs - client to send to, linebuf to attach
* outputs -
* side effects - linebuf is attached to client
*/
static int
_send_linebuf(struct Client *to, buf_head_t *linebuf)
{
if(IsMe(to))
{
sendto_realops_snomask(SNO_GENERAL, L_ALL, "Trying to send message to myself!");
return 0;
}
if(!MyConnect(to) || IsIOError(to))
return 0;
if(linebuf_len(&to->localClient->buf_sendq) > get_sendq(to))
{
if(IsServer(to))
{
sendto_realops_snomask(SNO_GENERAL, L_ALL,
"Max SendQ limit exceeded for %s: %u > %lu",
get_server_name(to, HIDE_IP),
linebuf_len(&to->localClient->buf_sendq),
get_sendq(to));
ilog(L_SERVER, "Max SendQ limit exceeded for %s: %u > %lu",
log_client_name(to, SHOW_IP),
linebuf_len(&to->localClient->buf_sendq),
get_sendq(to));
}
if(IsClient(to))
to->flags |= FLAGS_SENDQEX;
dead_link(to);
return -1;
}
else
{
/* just attach the linebuf to the sendq instead of
* generating a new one
*/
linebuf_attach(&to->localClient->buf_sendq, linebuf);
}
/*
** Update statistics. The following is slightly incorrect
** because it counts messages even if queued, but bytes
** only really sent. Queued bytes get updated in SendQueued.
*/
to->localClient->sendM += 1;
me.localClient->sendM += 1;
if(linebuf_len(&to->localClient->buf_sendq) > 0)
send_queued_write(to->localClient->fd, to);
return 0;
}
/*
** send_message
** Internal utility which appends given buffer to the sockets
** sendq.
*/
static void
send_message(struct Client *to, char *buf, int len)
{
#ifdef INVARIANTS
if (IsMe(to))
{
sendto_realops_flags(UMODE_ALL, L_ALL,
"Trying to send message to myself!");
return;
}
#endif
if (HasUmode(to, UMODE_NOCOLOUR))
strip_colour(buf);
if (dbuf_length(&to->localClient->buf_sendq) + len > get_sendq(to))
{
if (IsServer(to))
sendto_realops_flags(UMODE_ALL, L_ALL,
"Max SendQ limit exceeded for %s: %lu > %lu",
get_client_name(to, HIDE_IP),
(unsigned long)(dbuf_length(&to->localClient->buf_sendq) + len),
get_sendq(to));
if (IsClient(to))
SetSendQExceeded(to);
dead_link_on_write(to, 0);
return;
}
dbuf_put(&to->localClient->buf_sendq, buf, len);
/*
** Update statistics. The following is slightly incorrect
** because it counts messages even if queued, but bytes
** only really sent. Queued bytes get updated in SendQueued.
*/
to->localClient->sendM += 1;
me.localClient->sendM += 1;
if (dbuf_length(&to->localClient->buf_sendq) >
(IsServer(to) ? (unsigned int) 1024 : (unsigned int) 4096))
send_queued_write(to);
}
/*
* close_connection
* Close the physical connection. This function must make
* MyConnect(client_p) == FALSE, and set client_p->from == NULL.
*/
void
close_connection(struct Client *client_p)
{
struct ConfItem *conf;
struct AccessItem *aconf;
struct ClassItem *aclass;
assert(NULL != client_p);
if (!IsDead(client_p))
{
/* attempt to flush any pending dbufs. Evil, but .. -- adrian */
/* there is still a chance that we might send data to this socket
* even if it is marked as blocked (COMM_SELECT_READ handler is called
* before COMM_SELECT_WRITE). Let's try, nothing to lose.. -adx
*/
ClearSendqBlocked(client_p);
send_queued_write(client_p);
}
if (IsServer(client_p))
{
++ServerStats.is_sv;
ServerStats.is_sbs += client_p->localClient->send.bytes;
ServerStats.is_sbr += client_p->localClient->recv.bytes;
ServerStats.is_sti += CurrentTime - client_p->firsttime;
/* XXX Does this even make any sense at all anymore?
* scheduling a 'quick' reconnect could cause a pile of
* nick collides under TSora protocol... -db
*/
/*
* If the connection has been up for a long amount of time, schedule
* a 'quick' reconnect, else reset the next-connect cycle.
*/
if ((conf = find_conf_exact(SERVER_TYPE,
client_p->name, client_p->username,
client_p->host)))
{
/*
* Reschedule a faster reconnect, if this was a automatically
* connected configuration entry. (Note that if we have had
* a rehash in between, the status has been changed to
* CONF_ILLEGAL). But only do this if it was a "good" link.
*/
aconf = (struct AccessItem *)map_to_conf(conf);
aclass = (struct ClassItem *)map_to_conf(aconf->class_ptr);
aconf->hold = time(NULL);
aconf->hold += (aconf->hold - client_p->since > HANGONGOODLINK) ?
HANGONRETRYDELAY : ConFreq(aclass);
if (nextconnect > aconf->hold)
nextconnect = aconf->hold;
}
}
else if (IsClient(client_p))
{
++ServerStats.is_cl;
ServerStats.is_cbs += client_p->localClient->send.bytes;
ServerStats.is_cbr += client_p->localClient->recv.bytes;
ServerStats.is_cti += CurrentTime - client_p->firsttime;
}
else
++ServerStats.is_ni;
#ifdef HAVE_LIBCRYPTO
if (client_p->localClient->fd.ssl)
{
SSL_set_shutdown(client_p->localClient->fd.ssl, SSL_RECEIVED_SHUTDOWN);
if (!SSL_shutdown(client_p->localClient->fd.ssl))
SSL_shutdown(client_p->localClient->fd.ssl);
}
#endif
if (client_p->localClient->fd.flags.open)
fd_close(&client_p->localClient->fd);
if (HasServlink(client_p))
{
if (client_p->localClient->ctrlfd.flags.open)
fd_close(&client_p->localClient->ctrlfd);
}
dbuf_clear(&client_p->localClient->buf_sendq);
dbuf_clear(&client_p->localClient->buf_recvq);
MyFree(client_p->localClient->passwd);
detach_conf(client_p, CONF_TYPE);
client_p->from = NULL; /* ...this should catch them! >:) --msa */
}
/*
* cryptlink_serv - CRYPTLINK SERV message handler
* parv[0] == CRYPTLINK
* parv[1] == SERV
* parv[2] == server name
* parv[3] == keyphrase
* parv[4] == :server info (M-line)
*/
static void
cryptlink_serv(struct Client *client_p, struct Client *source_p,
int parc, char *parv[])
{
char info[REALLEN + 1];
char *name;
struct Client *target_p;
char *key = client_p->localClient->out_key;
unsigned char *b64_key;
struct ConfItem *conf;
struct AccessItem *aconf;
char *encrypted;
const char *p;
int enc_len;
/*
if (client_p->name[0] != 0)
return;
*/
if ((parc < 5) || (*parv[4] == '\0'))
{
cryptlink_error(client_p, "SERV", "Invalid params",
"CRYPTLINK SERV - Invalid params");
return;
}
if ((name = parse_cryptserv_args(client_p, parv, parc, info, key)) == NULL)
{
cryptlink_error(client_p, "SERV", "Invalid params",
"CRYPTLINK SERV - Invalid params");
return;
}
/* CRYPTLINK SERV support => TS support */
client_p->tsinfo = TS_DOESTS;
if (bogus_host(name))
{
exit_client(client_p, client_p, "Bogus server name");
return;
}
/* Now we just have to call check_server and everything should be
* checked for us... -A1kmm. */
switch (check_server(name, client_p, CHECK_SERVER_CRYPTLINK))
{
case -1:
if (ConfigFileEntry.warn_no_nline)
{
cryptlink_error(client_p, "SERV",
"Unauthorized server connection attempt: No entry for server",
NULL);
}
exit_client(client_p, client_p, "Invalid server name");
return;
break;
case -2:
cryptlink_error(client_p, "SERV",
"Unauthorized server connection attempt: CRYPTLINK not "
"enabled on remote server",
"CRYPTLINK not enabled");
return;
break;
case -3:
cryptlink_error(client_p, "SERV",
"Unauthorized server connection attempt: Invalid host",
"Invalid host");
return;
break;
}
if ((target_p = find_server(name)))
{
/*
* This link is trying feed me a server that I already have
* access through another path -- multiple paths not accepted
* currently, kill this link immediately!!
*
* Rather than KILL the link which introduced it, KILL the
* youngest of the two links. -avalon
*
* Definitely don't do that here. This is from an unregistered
* connect - A1kmm.
*/
cryptlink_error(client_p, "SERV",
"Attempt to re-introduce existing server",
"Server Exists");
return;
}
if (ServerInfo.hub && IsCapable(client_p, CAP_LL))
{
if (IsCapable(client_p, CAP_HUB))
{
ClearCap(client_p,CAP_LL);
sendto_realops_flags(UMODE_ALL, L_ALL,
"*** LazyLinks to a hub from a hub, that's a no-no.");
}
else
{
client_p->localClient->serverMask = nextFreeMask();
if(!client_p->localClient->serverMask)
{
sendto_realops_flags(UMODE_ALL, L_ALL,
"serverMask is full!");
/* try and negotiate a non LL connect */
ClearCap(client_p,CAP_LL);
}
}
}
else if (IsCapable(client_p, CAP_LL))
{
if (!IsCapable(client_p, CAP_HUB))
{
ClearCap(client_p,CAP_LL);
sendto_realops_flags(UMODE_ALL, L_ALL,
"*** LazyLinks to a leaf from a leaf, that's a no-no.");
}
}
conf = find_conf_name(&client_p->localClient->confs,
name, SERVER_TYPE);
if (conf == NULL)
{
cryptlink_error(client_p, "AUTH",
"Lost C-line for server",
"Lost C-line" );
return;
}
/*
* if we are connecting (Handshake), we already have the name from the
* connect {} block in client_p->name
*/
strlcpy(client_p->name, name, sizeof(client_p->name));
p = info;
if (!strncmp(info, "(H)", 3))
{
SetHidden(client_p);
if ((p = strchr(info, ' ')) != NULL)
{
p++;
if (*p == '\0')
p = "(Unknown Location)";
}
else
p = "(Unknown Location)";
}
strlcpy(client_p->info, p, sizeof(client_p->info));
client_p->hopcount = 0;
aconf = (struct AccessItem *)map_to_conf(conf);
if (!(client_p->localClient->out_cipher ||
(client_p->localClient->out_cipher = check_cipher(client_p, aconf))))
{
cryptlink_error(client_p, "AUTH",
"Couldn't find compatible cipher",
"Couldn't find compatible cipher");
return;
}
encrypted = MyMalloc(RSA_size(ServerInfo.rsa_private_key));
enc_len = RSA_public_encrypt(client_p->localClient->out_cipher->keylen,
(unsigned char *)key,
(unsigned char *)encrypted,
aconf->rsa_public_key,
RSA_PKCS1_PADDING);
if (enc_len <= 0)
{
report_crypto_errors();
MyFree(encrypted);
cryptlink_error(client_p, "AUTH",
"Couldn't encrypt data",
"Couldn't encrypt data");
return;
}
base64_block(&b64_key, encrypted, enc_len);
MyFree(encrypted);
if (!IsWaitAuth(client_p))
{
cryptlink_init(client_p, conf, NULL);
}
sendto_one(client_p, "CRYPTLINK AUTH %s %s",
client_p->localClient->out_cipher->name,
b64_key);
/* needed for old servers that can't shove data back into slink */
send_queued_write(client_p);
SetCryptOut(client_p);
MyFree(b64_key);
}
