X-Git-Url: http://git.pk910.de/?a=blobdiff_plain;f=ircd%2Fs_auth.c;h=83693a24a48125df9150291bdddfcaabc5c59e36;hb=d0a284c68368f5cd58309293e936f82e032f7ae8;hp=2a00dd1a781c46a4e180fd54da9de05de54266ed;hpb=b6f0b0f286a14781eb07d8aa08c9e500eefb8082;p=ircu2.10.12-pk.git diff --git a/ircd/s_auth.c b/ircd/s_auth.c index 2a00dd1..83693a2 100644 --- a/ircd/s_auth.c +++ b/ircd/s_auth.c @@ -84,6 +84,7 @@ enum AuthRequestFlag { AR_IAUTH_HURRY, /**< we told iauth to hurry up */ AR_IAUTH_USERNAME, /**< iauth sent a username (preferred or forced) */ AR_IAUTH_FUSERNAME, /**< iauth sent a forced username */ + AR_IAUTH_SOFT_DONE, /**< iauth has no objection to client */ AR_PASSWORD_CHECKED, /**< client password already checked */ AR_NUM_FLAGS }; @@ -528,7 +529,7 @@ static int preregister_user(struct Client *cptr) /* Can this ever happen? */ case ACR_BAD_SOCKET: ++ServerStats->is_ref; - IPcheck_connect_fail(cptr); + IPcheck_connect_fail(cptr, 0); return exit_client(cptr, cptr, &me, "Unknown error -- Try again"); } return 0; @@ -678,6 +679,8 @@ static void read_auth_reply(struct AuthRequest* auth) if (IsUserPort(auth->client)) sendheader(auth->client, REPORT_FAIL_ID); ++ServerStats->is_abad; + if (IAuthHas(iauth, IAUTH_UNDERNET)) + sendto_iauth(auth->client, "u"); } else { if (IsUserPort(auth->client)) sendheader(auth->client, REPORT_FIN_ID); @@ -791,7 +794,8 @@ int auth_ping_timeout(struct Client *cptr) /* Check for iauth timeout. */ if (FlagHas(&auth->flags, AR_IAUTH_PENDING)) { - if (IAuthHas(iauth, IAUTH_REQUIRED)) { + if (IAuthHas(iauth, IAUTH_REQUIRED) + && !FlagHas(&auth->flags, AR_IAUTH_SOFT_DONE)) { sendheader(cptr, REPORT_FAIL_IAUTH); return exit_client_msg(cptr, cptr, &me, "Authorization Timeout"); } @@ -1020,12 +1024,6 @@ void start_auth(struct Client* client) } auth->port = remote.port; - /* Try to start DNS lookup. */ - start_dns_query(auth); - - /* Try to start ident lookup. */ - start_auth_query(auth); - /* Set required client inputs for users. */ if (IsUserPort(client)) { cli_user(client) = make_user(client); @@ -1037,6 +1035,12 @@ void start_auth(struct Client* client) start_iauth_query(auth); } + /* Try to start DNS lookup. */ + start_dns_query(auth); + + /* Try to start ident lookup. */ + start_auth_query(auth); + /* Add client to GlobalClientList. */ add_client_to_list(client); @@ -1371,19 +1375,19 @@ static void iauth_disconnect(struct IAuth *iauth) if (iauth == NULL) return; - /* Close main socket. */ - if (s_fd(i_socket(iauth)) != -1) { - close(s_fd(i_socket(iauth))); - socket_del(i_socket(iauth)); - s_fd(i_socket(iauth)) = -1; - } - /* Close error socket. */ if (s_fd(i_stderr(iauth)) != -1) { close(s_fd(i_stderr(iauth))); socket_del(i_stderr(iauth)); s_fd(i_stderr(iauth)) = -1; } + + /* Close main socket. */ + if (s_fd(i_socket(iauth)) != -1) { + close(s_fd(i_socket(iauth))); + socket_del(i_socket(iauth)); + s_fd(i_socket(iauth)) = -1; + } } /** Close all %IAuth connections marked as closing. */ @@ -1826,7 +1830,7 @@ static int iauth_cmd_ip_address(struct IAuth *iauth, struct Client *cli, memcpy(&auth->original, &cli_ip(cli), sizeof(auth->original)); /* Undo original IP connection in IPcheck. */ - IPcheck_connect_fail(cli); + IPcheck_connect_fail(cli, 1); ClearIPChecked(cli); /* Update the IP and charge them as a remote connect. */ @@ -1880,6 +1884,22 @@ static struct ConfItem *auth_find_class_conf(const char *class_name) return aconf; } +/** Tentatively accept a client in IAuth. + * @param[in] iauth Active IAuth session. + * @param[in] cli Client referenced by command. + * @param[in] parc Number of parameters. + * @param[in] params Optional class name for client. + * @return Negative (CPTR_KILLED) if the connection is refused, one otherwise. + */ +static int iauth_cmd_soft_done(struct IAuth *iauth, struct Client *cli, + int parc, char **params) +{ + /* Clear iauth pending flag. */ + assert(cli_auth(cli) != NULL); + FlagSet(&cli_auth(cli)->flags, AR_IAUTH_SOFT_DONE); + return 1; +} + /** Accept a client in IAuth. * @param[in] iauth Active IAuth session. * @param[in] cli Client referenced by command. @@ -2099,6 +2119,7 @@ static void iauth_parse(struct IAuth *iauth, char *message) case 'I': handler = iauth_cmd_ip_address; has_cli = 1; break; case 'M': handler = iauth_cmd_usermode; has_cli = 1; break; case 'C': handler = iauth_cmd_challenge; has_cli = 1; break; + case 'd': handler = iauth_cmd_soft_done; has_cli = 1; break; case 'D': handler = iauth_cmd_done_client; has_cli = 1; break; case 'R': handler = iauth_cmd_done_account; has_cli = 1; break; case 'k': /* The 'k' command indicates the user should be booted @@ -2229,8 +2250,7 @@ static void iauth_sock_callback(struct Event *ev) switch (ev_type(ev)) { case ET_DESTROY: - /* Hm, what happened here? */ - if (!IAuthHas(iauth, IAUTH_CLOSING)) + if (!IAuthHas(iauth, IAUTH_CLOSING) && !s_active(i_stderr(iauth))) iauth_do_spawn(iauth, 1); break; case ET_READ: @@ -2303,7 +2323,8 @@ static void iauth_stderr_callback(struct Event *ev) switch (ev_type(ev)) { case ET_DESTROY: - /* We do not restart iauth here: the stdout handler does that for us. */ + if (!IAuthHas(iauth, IAUTH_CLOSING) && !s_active(i_socket(iauth))) + iauth_do_spawn(iauth, 1); break; case ET_READ: iauth_read_stderr(iauth);