From 6156ee4dda1a87f89e25c67a6a85bb98da16c88e Mon Sep 17 00:00:00 2001 From: Michael Poole Date: Mon, 8 May 2006 01:30:24 +0000 Subject: [PATCH] Do not let ident or DNS timeouts kill a client. git-svn-id: file:///home/klmitch/undernet-ircu/undernet-ircu-svn/ircu2/branches/u2_10_12_branch@1649 c9e4aea6-c8fd-4c43-8297-357d70d61c8c --- ChangeLog | 20 +++++++++++++++++++ include/s_auth.h | 2 +- ircd/list.c | 2 +- ircd/s_auth.c | 52 +++++++++++++++++++++++++++--------------------- 4 files changed, 51 insertions(+), 25 deletions(-) diff --git a/ChangeLog b/ChangeLog index fc55856..48a92bb 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,23 @@ +2006-05-07 Michael Poole + + * include/s_auth.h (destroy_auth_request): Remove second argument. + + * ircd/list.c (free_client): Update to match. + + * ircd/s_auth.c (check_auth_finished): Remove second argument and + update call to destroy_auth_request(). + (send_auth_query): Update call to destroy_auth_request(). + (destroy_auth_request): Remove second argument. + (auth_timeout_callback): Send timeout failure messages here + instead. Update call to check_auth_finished(). + (auth_dns_callback): Update call to check_auth_finished(). + (start_auth): Likewise. + (auth_set_pong): Likewise. + (auth_set_user): Likewise. + (auth_set_nick): Likewise. + (auth_cap_done): Likewise. + (iauth_parse): Likewise. + 2006-05-06 Michael Poole * ircd/s_auth.c (AuthRequestFlag): Add AR_PASSWORD_CHECKED. diff --git a/include/s_auth.h b/include/s_auth.h index 6e2a067..51693db 100644 --- a/include/s_auth.h +++ b/include/s_auth.h @@ -40,7 +40,7 @@ extern int auth_set_nick(struct AuthRequest *auth, const char *nickname); extern int auth_set_password(struct AuthRequest *auth, const char *password); extern int auth_cap_start(struct AuthRequest *auth); extern int auth_cap_done(struct AuthRequest *auth); -extern void destroy_auth_request(struct AuthRequest *req, int send_reports); +extern void destroy_auth_request(struct AuthRequest *req); extern int auth_spawn(int argc, char *argv[]); extern void auth_send_exit(struct Client *cptr); diff --git a/ircd/list.c b/ircd/list.c index f485ec0..1f75ab9 100644 --- a/ircd/list.c +++ b/ircd/list.c @@ -269,7 +269,7 @@ void free_client(struct Client* cptr) cptr, cli_connect(cptr))); if (cli_auth(cptr)) - destroy_auth_request(cli_auth(cptr), 0); + destroy_auth_request(cli_auth(cptr)); /* Make sure we didn't magically get re-added to the list */ assert(cli_next(cptr) == 0); diff --git a/ircd/s_auth.c b/ircd/s_auth.c index e7d7acf..bb6f30a 100644 --- a/ircd/s_auth.c +++ b/ircd/s_auth.c @@ -355,11 +355,9 @@ badid: * destroy \a auth, clear the password, set the username, and register * the client. * @param[in] auth Authorization request to check. - * @param[in] send_reports Passed to destroy_auth_request() if \a auth - * is complete. * @return Zero if client is kept, CPTR_KILLED if client rejected. */ -static int check_auth_finished(struct AuthRequest *auth, int send_reports) +static int check_auth_finished(struct AuthRequest *auth) { enum AuthRequestFlag flag; int res; @@ -423,7 +421,7 @@ static int check_auth_finished(struct AuthRequest *auth, int send_reports) else FlagSet(&auth->flags, AR_IAUTH_HURRY); - destroy_auth_request(auth, send_reports); + destroy_auth_request(auth); if (!IsUserPort(auth->client)) return 0; memset(cli_passwd(auth->client), 0, sizeof(cli_passwd(auth->client))); @@ -526,7 +524,7 @@ static void send_auth_query(struct AuthRequest* auth) if (IsUserPort(auth->client)) sendheader(auth->client, REPORT_FAIL_ID); FlagClr(&auth->flags, AR_AUTH_PENDING); - check_auth_finished(auth, 0); + check_auth_finished(auth); } } @@ -658,7 +656,7 @@ static void read_auth_reply(struct AuthRequest* auth) } FlagClr(&auth->flags, AR_AUTH_PENDING); - check_auth_finished(auth, 0); + check_auth_finished(auth); } /** Handle socket I/O activity. @@ -700,21 +698,13 @@ static void auth_sock_callback(struct Event* ev) /** Stop an auth request completely. * @param[in] auth The struct AuthRequest to cancel. - * @param[in] send_reports If non-zero, report the failure to the user. */ -void destroy_auth_request(struct AuthRequest* auth, int send_reports) +void destroy_auth_request(struct AuthRequest* auth) { Debug((DEBUG_INFO, "Deleting auth request for %p", auth->client)); - if (FlagHas(&auth->flags, AR_AUTH_PENDING)) { - if (send_reports && IsUserPort(auth->client)) - sendheader(auth->client, REPORT_FAIL_ID); - } - if (FlagHas(&auth->flags, AR_DNS_PENDING)) { delete_resolver_queries(auth); - if (send_reports && IsUserPort(auth->client)) - sendheader(auth->client, REPORT_FAIL_DNS); } if (-1 < s_fd(&auth->socket)) { @@ -745,6 +735,7 @@ static void auth_timeout_callback(struct Event* ev) /* Report the timeout in the log. */ log_write(LS_RESOLVER, L_INFO, 0, "Registration timeout %s", get_client_name(auth->client, HIDE_IP)); + /* Tell iauth if we will let the client on. */ if (FlagHas(&auth->flags, AR_IAUTH_PENDING) && !IAuthHas(iauth, IAUTH_REQUIRED)) @@ -752,8 +743,23 @@ static void auth_timeout_callback(struct Event* ev) sendto_iauth(auth->client, "T"); FlagClr(&auth->flags , AR_IAUTH_PENDING); } + + /* Notify client if ident lookup failed. */ + if (FlagHas(&auth->flags, AR_AUTH_PENDING)) { + FlagClr(&auth->flags, AR_AUTH_PENDING); + if (IsUserPort(auth->client)) + sendheader(auth->client, REPORT_FAIL_ID); + } + + /* Likewise if dns lookup failed. */ + if (FlagHas(&auth->flags, AR_DNS_PENDING)) { + delete_resolver_queries(auth); + if (IsUserPort(auth->client)) + sendheader(auth->client, REPORT_FAIL_DNS); + } + /* Try to register the client. */ - check_auth_finished(auth, 1); + check_auth_finished(auth); } } @@ -803,7 +809,7 @@ static void auth_dns_callback(void* vptr, const struct irc_in_addr *addr, const ircd_strncpy(cli_sockhost(auth->client), h_name, HOSTLEN); sendto_iauth(auth->client, "N %s", h_name); } - check_auth_finished(auth, 0); + check_auth_finished(auth); } /** Flag the client to show an attempt to contact the ident server on @@ -956,7 +962,7 @@ void start_auth(struct Client* client) add_client_to_list(client); /* Check which auth events remain pending. */ - check_auth_finished(auth, 0); + check_auth_finished(auth); } /** Mark that a user has PONGed while unregistered. @@ -976,7 +982,7 @@ int auth_set_pong(struct AuthRequest *auth, unsigned int cookie) return 0; } FlagClr(&auth->flags, AR_NEEDS_PONG); - return check_auth_finished(auth, 0); + return check_auth_finished(auth); } /** Record a user's claimed username and userinfo. @@ -1001,7 +1007,7 @@ int auth_set_user(struct AuthRequest *auth, const char *username, const char *us sendto_iauth(cptr, "U %s :%s", username, userinfo); else if (IAuthHas(iauth, IAUTH_ADDLINFO)) sendto_iauth(cptr, "U %s", username); - return check_auth_finished(auth, 0); + return check_auth_finished(auth); } /** Handle authorization-related aspects of initial nickname selection. @@ -1027,7 +1033,7 @@ int auth_set_nick(struct AuthRequest *auth, const char *nickname) } if (IAuthHas(iauth, IAUTH_UNDERNET)) sendto_iauth(auth->client, "n %s", nickname); - return check_auth_finished(auth, 0); + return check_auth_finished(auth); } /** Record a user's password. @@ -1072,7 +1078,7 @@ int auth_cap_done(struct AuthRequest *auth) { assert(auth != NULL); FlagClr(&auth->flags, AR_CAP_PENDING); - return check_auth_finished(auth, 0); + return check_auth_finished(auth); } /** Attempt to spawn the process for an IAuth instance. @@ -1950,7 +1956,7 @@ static void iauth_parse(struct IAuth *iauth, char *message) ircd_ntoa(&cli_ip(cli))); else if (handler(iauth, cli, parc - 3, params + 3)) /* Handler indicated a possible state change. */ - check_auth_finished(auth, 0); + check_auth_finished(auth); } } } -- 2.20.1