vulpineawoo/solanum
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

provider: make blacklist queries come after ident/rdns.

Browse source
This commit is contained in:
Elizabeth Myers 2016-03-25 20:46:58 -05:00
parent 460032e61f
commit a7d5aea119
5 changed files with 63 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
authd/provider.c
View file

@ -116,7 +116,7 @@ void cancel_providers(struct auth_client *auth)
{ {
provider = ptr->data; provider = ptr->data;
if(provider->cancel && is_provider(auth, provider->id)) if(provider->cancel && is_provider_on(auth, provider->id))
/* Cancel if required */ /* Cancel if required */
provider->cancel(auth); provider->cancel(auth);
} }
@ -131,7 +131,8 @@ void provider_done(struct auth_client *auth, provider_t id)
rb_dlink_node *ptr; rb_dlink_node *ptr;
struct auth_provider *provider; struct auth_provider *provider;
unset_provider(auth, id); set_provider_off(auth, id);
set_provider_done(auth, id);
if(!auth->providers) if(!auth->providers)
{ {
@ -144,7 +145,7 @@ void provider_done(struct auth_client *auth, provider_t id)
{ {
provider = ptr->data; provider = ptr->data;
if(provider->completed && is_provider(auth, provider->id)) if(provider->completed && is_provider_on(auth, provider->id))
/* Notify pending clients who asked for it */ /* Notify pending clients who asked for it */
provider->completed(auth, id); provider->completed(auth, id);
} }
@ -174,7 +175,7 @@ void reject_client(struct auth_client *auth, provider_t id, const char *reason)
/* TODO send back ident */ /* TODO send back ident */
rb_helper_write(authd_helper, "R %x %c :%s", auth->cid, reject, reason); rb_helper_write(authd_helper, "R %x %c :%s", auth->cid, reject, reason);
unset_provider(auth, id); set_provider_off(auth, id);
cancel_providers(auth); cancel_providers(auth);
} }
@ -185,7 +186,7 @@ void accept_client(struct auth_client *auth, provider_t id)
rb_helper_write(authd_helper, "A %x %s %s", auth->cid, auth->username, auth->hostname); rb_helper_write(authd_helper, "A %x %s %s", auth->cid, auth->username, auth->hostname);
unset_provider(auth, id); set_provider_off(auth, id);
cancel_providers(auth); cancel_providers(auth);
} }

18
authd/provider.h
View file

@ -59,6 +59,7 @@ struct auth_client
uint32_t providers; /* Providers at work, uint32_t providers; /* Providers at work,
* none left when set to 0 */ * none left when set to 0 */
uint32_t providers_done; /* Providers completed */
void *data[MAX_PROVIDERS]; /* Provider-specific data slots */ void *data[MAX_PROVIDERS]; /* Provider-specific data slots */
}; };
@ -108,21 +109,32 @@ void warn_opers(notice_level_t level, const char *fmt, ...);
void handle_new_connection(int parc, char *parv[]); void handle_new_connection(int parc, char *parv[]);
/* Provider is operating on this auth_client (set this if you have async work to do) */ /* Provider is operating on this auth_client (set this if you have async work to do) */
static inline void set_provider(struct auth_client *auth, provider_t provider) static inline void set_provider_on(struct auth_client *auth, provider_t provider)
{ {
auth->providers |= (1 << provider); auth->providers |= (1 << provider);
} }
/* Provider is no longer operating on this auth client (you should use provider_done) */ /* Provider is no longer operating on this auth client (you should use provider_done) */
static inline void unset_provider(struct auth_client *auth, provider_t provider) static inline void set_provider_off(struct auth_client *auth, provider_t provider)
{ {
auth->providers &= ~(1 << provider); auth->providers &= ~(1 << provider);
} }
/* Set the provider to done (you should use provider_done) */
static inline void set_provider_done(struct auth_client *auth, provider_t provider)
{
auth->providers_done |= (1 << provider);
}
/* Check if provider is operating on this auth client */ /* Check if provider is operating on this auth client */
static inline bool is_provider(struct auth_client *auth, provider_t provider) static inline bool is_provider_on(struct auth_client *auth, provider_t provider)
{ {
return auth->providers & (1 << provider); return auth->providers & (1 << provider);
} }
static inline bool is_provider_done(struct auth_client *auth, provider_t provider)
{
return auth->providers_done & (1 << provider);
}
#endif /* __CHARYBDIS_AUTHD_PROVIDER_H__ */ #endif /* __CHARYBDIS_AUTHD_PROVIDER_H__ */

54
authd/providers/blacklist.c
View file

@ -308,13 +308,27 @@ timeout_blacklist_queries_event(void *notused)
} }
} }
static inline void
lookup_all_blacklists(struct auth_client *auth)
{
struct blacklist_user *bluser = auth->data[PROVIDER_BLACKLIST];
rb_dlink_node *ptr;
RB_DLINK_FOREACH(ptr, blacklist_list.head)
{
struct blacklist *bl = (struct blacklist *)ptr->data;
if (!bl->delete)
initiate_blacklist_dnsquery(bl, auth);
}
bluser->timeout = rb_current_time() + blacklist_timeout;
}
/* public interfaces */ /* public interfaces */
static bool static bool
blacklists_start(struct auth_client *auth) blacklists_start(struct auth_client *auth)
{ {
struct blacklist_user *bluser;
rb_dlink_node *nptr;
if(auth->data[PROVIDER_BLACKLIST] != NULL) if(auth->data[PROVIDER_BLACKLIST] != NULL)
return true; return true;
@ -322,22 +336,32 @@ blacklists_start(struct auth_client *auth)
/* Nothing to do... */ /* Nothing to do... */
return true; return true;
bluser = auth->data[PROVIDER_BLACKLIST] = rb_malloc(sizeof(struct blacklist_user)); auth->data[PROVIDER_BLACKLIST] = rb_malloc(sizeof(struct blacklist_user));
RB_DLINK_FOREACH(nptr, blacklist_list.head) if(is_provider_done(auth, PROVIDER_RDNS) && is_provider_done(auth, PROVIDER_IDENT))
{ /* This probably can't happen but let's handle this case anyway */
struct blacklist *bl = (struct blacklist *) nptr->data; lookup_all_blacklists(auth);
if (!bl->delete) set_provider_on(auth, PROVIDER_BLACKLIST);
initiate_blacklist_dnsquery(bl, auth);
}
bluser->timeout = rb_current_time() + blacklist_timeout;
set_provider(auth, PROVIDER_BLACKLIST);
return true; return true;
} }
/* This is called every time a provider is completed */
static void
blacklists_initiate(struct auth_client *auth, provider_t provider)
{
struct blacklist_user *bluser = auth->data[PROVIDER_BLACKLIST];
if(bluser == NULL || is_provider_done(auth, PROVIDER_BLACKLIST) || rb_dlink_list_length(&bluser->queries))
/* Nothing to do */
return;
else if(!is_provider_done(auth, PROVIDER_RDNS) && !is_provider_done(auth, PROVIDER_IDENT))
/* Don't start until we've completed these */
return;
else
lookup_all_blacklists(auth);
}
static void static void
blacklists_cancel(struct auth_client *auth) blacklists_cancel(struct auth_client *auth)
{ {
@ -400,5 +424,5 @@ struct auth_provider blacklist_provider =
.destroy = blacklists_destroy, .destroy = blacklists_destroy,
.start = blacklists_start, .start = blacklists_start,
.cancel = blacklists_cancel, .cancel = blacklists_cancel,
.completed = NULL, .completed = blacklists_initiate,
}; };

2
authd/providers/ident.c
View file

@ -121,7 +121,7 @@ bool ident_start(struct auth_client *auth)
query, ident_timeout); query, ident_timeout);
notice_client(auth, messages[REPORT_LOOKUP]); notice_client(auth, messages[REPORT_LOOKUP]);
set_provider(auth, PROVIDER_IDENT); set_provider_on(auth, PROVIDER_IDENT);
return true; return true;
} }

2
authd/providers/rdns.c
View file

@ -88,7 +88,7 @@ bool client_dns_start(struct auth_client *auth)
query->query = lookup_hostname(auth->c_ip, dns_answer_callback, auth); query->query = lookup_hostname(auth->c_ip, dns_answer_callback, auth);
notice_client(auth, messages[REPORT_LOOKUP]); notice_client(auth, messages[REPORT_LOOKUP]);
set_provider(auth, PROVIDER_RDNS); set_provider_on(auth, PROVIDER_RDNS);
return true; return true;
} }