Wrap up authd preclient stuff in its own struct

This commit is contained in:
Elizabeth Myers 2016-04-10 09:20:51 -05:00
parent 02fa4362cd
commit 154dc91ef0
4 changed files with 47 additions and 41 deletions

View file

@ -41,9 +41,9 @@ struct Blacklist;
/* we store ipv6 ips for remote clients, so this needs to be v6 always */
#define HOSTIPLEN 53 /* sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255.ipv6") */
#define PASSWDLEN 128
#define CIPHERKEYLEN 64 /* 512bit */
#define CLIENT_BUFSIZE 512 /* must be at least 512 bytes */
#define PASSWDLEN 128
#define CIPHERKEYLEN 64 /* 512bit */
#define CLIENT_BUFSIZE 512 /* must be at least 512 bytes */
#define IDLEN 10
@ -287,18 +287,24 @@ struct LocalUser
unsigned char sasl_complete;
};
struct AuthClient
{
uint32_t cid; /* authd id */
time_t timeout; /* When to terminate authd query */
bool accepted; /* did authd accept us? */
char cause; /* rejection cause */
char *data; /* reason data */
char *reason; /* reason we were rejected */
};
struct PreClient
{
char spoofnick[NICKLEN + 1];
char spoofuser[USERLEN + 1];
char spoofhost[HOSTLEN + 1];
uint32_t authd_cid; /* authd id */
time_t authd_timeout; /* When to terminate authd query */
bool authd_accepted; /* did authd accept us? */
char authd_cause; /* rejection cause */
char *authd_data; /* reason data */
char *authd_reason; /* reason we were rejected */
struct AuthClient auth;
struct rb_sockaddr_storage lip; /* address of our side of the connection */
};

View file

@ -394,10 +394,10 @@ authd_initiate_client(struct Client *client_p)
uint16_t client_port, listen_port;
uint32_t authd_cid;
if(client_p->preClient == NULL || client_p->preClient->authd_cid != 0)
if(client_p->preClient == NULL || client_p->preClient->auth.cid != 0)
return;
authd_cid = client_p->preClient->authd_cid = generate_cid();
authd_cid = client_p->preClient->auth.cid = generate_cid();
/* Collisions are extremely unlikely, so disregard the possibility */
rb_dictionary_add(cid_clients, RB_UINT_TO_POINTER(authd_cid), client_p);
@ -411,7 +411,7 @@ authd_initiate_client(struct Client *client_p)
client_port = ntohs(GET_SS_PORT(&client_p->localClient->ip));
/* Add a bit of a fudge factor... */
client_p->preClient->authd_timeout = rb_current_time() + ConfigFileEntry.connect_timeout + 10;
client_p->preClient->auth.timeout = rb_current_time() + ConfigFileEntry.connect_timeout + 10;
rb_helper_write(authd_helper, "C %x %s %hu %s %hu", authd_cid, listen_ipaddr, listen_port, client_ipaddr, client_port);
}
@ -423,7 +423,7 @@ authd_initiate_client(struct Client *client_p)
static inline void
authd_decide_client(struct Client *client_p, const char *ident, const char *host, bool accept, char cause, const char *data, const char *reason)
{
if(client_p->preClient == NULL || client_p->preClient->authd_cid == 0)
if(client_p->preClient == NULL || client_p->preClient->auth.cid == 0)
return;
if(*ident != '*')
@ -437,13 +437,13 @@ authd_decide_client(struct Client *client_p, const char *ident, const char *host
if(*host != '*')
rb_strlcpy(client_p->host, host, sizeof(client_p->host));
rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(client_p->preClient->authd_cid));
rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(client_p->preClient->auth.cid));
client_p->preClient->authd_accepted = accept;
client_p->preClient->authd_cause = cause;
client_p->preClient->authd_data = (data == NULL ? NULL : rb_strdup(data));
client_p->preClient->authd_reason = (reason == NULL ? NULL : rb_strdup(reason));
client_p->preClient->authd_cid = 0;
client_p->preClient->auth.accepted = accept;
client_p->preClient->auth.cause = cause;
client_p->preClient->auth.data = (data == NULL ? NULL : rb_strdup(data));
client_p->preClient->auth.reason = (reason == NULL ? NULL : rb_strdup(reason));
client_p->preClient->auth.cid = 0;
/*
* When a client has auth'ed, we want to start reading what it sends
@ -477,16 +477,16 @@ authd_abort_client(struct Client *client_p)
if(client_p == NULL || client_p->preClient == NULL)
return;
if(client_p->preClient->authd_cid == 0)
if(client_p->preClient->auth.cid == 0)
return;
rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(client_p->preClient->authd_cid));
rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(client_p->preClient->auth.cid));
if(authd_helper != NULL)
rb_helper_write(authd_helper, "E %x", client_p->preClient->authd_cid);
rb_helper_write(authd_helper, "E %x", client_p->preClient->auth.cid);
client_p->preClient->authd_accepted = true;
client_p->preClient->authd_cid = 0;
client_p->preClient->auth.accepted = true;
client_p->preClient->auth.cid = 0;
}
static void
@ -497,7 +497,7 @@ timeout_dead_authd_clients(void *notused __unused)
RB_DICTIONARY_FOREACH(client_p, &iter, cid_clients)
{
if(client_p->preClient->authd_timeout < rb_current_time())
if(client_p->preClient->auth.timeout < rb_current_time())
authd_abort_client(client_p);
}
}

View file

@ -258,10 +258,10 @@ free_pre_client(struct Client *client_p)
if(client_p->preClient == NULL)
return;
s_assert(client_p->preClient->authd_cid == 0);
s_assert(client_p->preClient->auth.cid == 0);
rb_free(client_p->preClient->authd_data);
rb_free(client_p->preClient->authd_reason);
rb_free(client_p->preClient->auth.data);
rb_free(client_p->preClient->auth.reason);
rb_bh_free(pclient_heap, client_p->preClient);
client_p->preClient = NULL;
@ -456,7 +456,7 @@ check_unknowns_list(rb_dlink_list * list)
continue;
/* Still querying with authd */
if(client_p->preClient != NULL && client_p->preClient->authd_cid != 0)
if(client_p->preClient != NULL && client_p->preClient->auth.cid != 0)
continue;
/*

View file

@ -252,7 +252,7 @@ register_local_user(struct Client *client_p, struct Client *source_p)
return -1;
/* Waiting on authd */
if(source_p->preClient->authd_cid)
if(source_p->preClient->auth.cid)
return -1;
client_p->localClient->last = rb_current_time();
@ -420,7 +420,7 @@ register_local_user(struct Client *client_p, struct Client *source_p)
}
/* authd rejection check */
if(source_p->preClient->authd_accepted == false)
if(source_p->preClient->auth.accepted == false)
{
struct blacklist_stats *stats;
rb_dlink_list varlist = { NULL, NULL, 0 };
@ -429,26 +429,26 @@ register_local_user(struct Client *client_p, struct Client *source_p)
substitution_append_var(&varlist, "nick", source_p->name);
substitution_append_var(&varlist, "ip", source_p->sockhost);
substitution_append_var(&varlist, "host", source_p->host);
substitution_append_var(&varlist, "dnsbl-host", source_p->preClient->authd_data);
substitution_append_var(&varlist, "dnsbl-host", source_p->preClient->auth.data);
substitution_append_var(&varlist, "network-name", ServerInfo.network_name);
reason = substitution_parse(source_p->preClient->authd_reason, &varlist);
reason = substitution_parse(source_p->preClient->auth.reason, &varlist);
switch(source_p->preClient->authd_cause)
switch(source_p->preClient->auth.cause)
{
case 'B': /* Blacklists */
if((stats = rb_dictionary_retrieve(bl_stats, source_p->preClient->authd_data)) != NULL)
if((stats = rb_dictionary_retrieve(bl_stats, source_p->preClient->auth.data)) != NULL)
stats->hits++;
if(IsExemptKline(source_p) || IsConfExemptDNSBL(aconf))
{
sendto_one_notice(source_p, ":*** Your IP address %s is listed in %s, but you are exempt",
source_p->sockhost, source_p->preClient->authd_data);
source_p->sockhost, source_p->preClient->auth.data);
}
else
{
sendto_realops_snomask(SNO_REJ, L_NETWIDE,
"Listed on DNSBL %s: %s (%s@%s) [%s] [%s]",
source_p->preClient->authd_data,
source_p->preClient->auth.data,
source_p->name,
source_p->username, source_p->host,
IsIPSpoof(source_p) ? "255.255.255.255" : source_p->sockhost,
@ -460,7 +460,7 @@ register_local_user(struct Client *client_p, struct Client *source_p)
me.name, source_p->name, reason);
sendto_one_notice(source_p, ":*** Your IP address %s is listed in %s",
source_p->sockhost, source_p->preClient->authd_data);
source_p->sockhost, source_p->preClient->auth.data);
add_reject(source_p, NULL, NULL);
exit_client(client_p, source_p, &me, "*** Banned (DNS blacklist)");
substitution_free(&varlist);
@ -471,13 +471,13 @@ register_local_user(struct Client *client_p, struct Client *source_p)
if(IsExemptKline(source_p) || IsConfExemptProxy(aconf))
{
sendto_one_notice(source_p, ":*** Your IP address %s has been detected as an open proxy (ip:port %s), but you are exempt",
source_p->sockhost, source_p->preClient->authd_data);
source_p->sockhost, source_p->preClient->auth.data);
}
else
{
sendto_realops_snomask(SNO_REJ, L_NETWIDE,
"Open proxy %s: %s (%s@%s) [%s] [%s]",
source_p->preClient->authd_data,
source_p->preClient->auth.data,
source_p->name,
source_p->username, source_p->host,
IsIPSpoof(source_p) ? "255.255.255.255" : source_p->sockhost,
@ -489,7 +489,7 @@ register_local_user(struct Client *client_p, struct Client *source_p)
me.name, source_p->name, reason);
sendto_one_notice(source_p, ":*** Your IP address %s has been detected as an open proxy (ip:port %s)",
source_p->sockhost, source_p->preClient->authd_data);
source_p->sockhost, source_p->preClient->auth.data);
add_reject(source_p, NULL, NULL);
exit_client(client_p, source_p, &me, "*** Banned (Open proxy)");
substitution_free(&varlist);