From 955f95803f18a5006d38fe096b85028c07692b8b Mon Sep 17 00:00:00 2001
From: Michael Poole <mdpoole@troilus.org>
Date: Thu, 25 May 2006 03:14:13 +0000
Subject: [PATCH] Fix assertion failures and other misbehaviors in new auth
 code.

git-svn-id: file:///home/klmitch/undernet-ircu/undernet-ircu-svn/ircu2/branches/u2_10_12_branch@1659 c9e4aea6-c8fd-4c43-8297-357d70d61c8c
---
 ChangeLog     |  8 ++++++++
 ircd/s_auth.c | 17 ++++++-----------
 2 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 97e3e50..c0b01a6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2006-05-24  Michael Poole <mdpoole@troilus.org>
+
+	* ircd/s_auth.c (auth_dns_callback): Be more careful about
+	handling failed DNS lookups.  Use a more standard function to
+	disconnect clients for IP mismatches.
+	(start_auth): Use a more standard function to disconnect clients
+	for peer or local socket address lookup failures.
+
 2006-05-17  Michael Poole <mdpoole@troilus.org>
 
 	* ircd/s_auth.c (auth_ping_timeout): Fix off-by-one error.
diff --git a/ircd/s_auth.c b/ircd/s_auth.c
index a9fe0cd..749dbf4 100644
--- a/ircd/s_auth.c
+++ b/ircd/s_auth.c
@@ -820,21 +820,18 @@ static void auth_dns_callback(void* vptr, const struct irc_in_addr *addr, const
     if (IsUserPort(auth->client))
       sendheader(auth->client, REPORT_FAIL_DNS);
     sendto_iauth(auth->client, "d");
-  } else if (irc_in_addr_cmp(addr, &cli_ip(auth->client))
-             && irc_in_addr_cmp(addr, &auth->original)) {
+  } else if (!irc_in_addr_valid(addr)
+             || (irc_in_addr_cmp(&cli_ip(auth->client), addr)
+                 && irc_in_addr_cmp(&auth->original, addr))) {
     /* IP for hostname did not match client's IP. */
     sendto_opmask_butone(0, SNO_IPMISMATCH, "IP# Mismatch: %s != %s[%s]",
                          cli_sock_ip(auth->client), h_name,
                          ircd_ntoa(addr));
     if (IsUserPort(auth->client))
       sendheader(auth->client, REPORT_IP_MISMATCH);
-    /* Clear DNS pending flag so free_client doesn't ask the resolver
-     * to delete the query that just finished.
-     */
     if (feature_bool(FEAT_KILL_IPMISMATCH)) {
-      IPcheck_disconnect(auth->client);
-      Count_unknowndisconnects(UserStats);
-      free_client(auth->client);
+      exit_client(auth->client, auth->client, &me, "IP mismatch");
+      return;
     }
   } else if (!auth_verify_hostname(h_name, HOSTLEN)) {
     /* Hostname did not look valid. */
@@ -973,9 +970,7 @@ void start_auth(struct Client* client)
     ++ServerStats->is_abad;
     if (IsUserPort(auth->client))
       sendheader(auth->client, REPORT_FAIL_ID);
-    IPcheck_disconnect(auth->client);
-    Count_unknowndisconnects(UserStats);
-    free_client(auth->client);
+    exit_client(auth->client, auth->client, &me, "Socket local/peer lookup failed");
     return;
   }
   auth->port = remote.port;
-- 
2.20.1