net.c 50 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884
  1. /*
  2. * net.c -- handles:
  3. * all raw network i/o
  4. *
  5. */
  6. #include <fcntl.h>
  7. #include "common.h"
  8. #include "net.h"
  9. #include "misc.h"
  10. #include "main.h"
  11. #include "debug.h"
  12. #include "dccutil.h"
  13. #include "crypt.h"
  14. #include "traffic.h" /* egg_traffic_t */
  15. #include <limits.h>
  16. #include <string.h>
  17. #include <netdb.h>
  18. #include <signal.h>
  19. #include <sys/types.h>
  20. #include <sys/socket.h>
  21. #if HAVE_SYS_SELECT_H
  22. # include <sys/select.h>
  23. #endif /* HAVE_SYS_SELECT_H */
  24. #include <netinet/in.h>
  25. #include <arpa/inet.h> /* is this really necessary? */
  26. #include <errno.h>
  27. #include <sys/stat.h>
  28. #if HAVE_UNISTD_H
  29. # include <unistd.h>
  30. #endif /* HAVE_UNITSTD_H */
  31. #include <setjmp.h>
  32. #include "egg_timer.h"
  33. extern struct dcc_t *dcc;
  34. extern int backgrd, use_stderr, dcc_total;
  35. extern egg_traffic_t traffic;
  36. #ifdef HAVE_SSL
  37. SSL_CTX *ssl_c_ctx = NULL, *ssl_s_ctx = NULL;
  38. char *tls_rand_file = NULL;
  39. #endif /* HAVE_SSL */
  40. union sockaddr_union cached_myip4_so;
  41. #ifdef USE_IPV6
  42. union sockaddr_union cached_myip6_so;
  43. unsigned long notalloc = 0;
  44. #endif /* USE_IPV6 */
  45. char firewall[121] = ""; /* Socks server for firewall */
  46. int firewallport = 1080; /* Default port of Sock4/5 firewalls */
  47. char botuser[21] = "wraith"; /* Username of the user running the bot */
  48. int dcc_sanitycheck = 0; /* We should do some sanity checking on dcc
  49. connections. */
  50. int resolve_timeout = 10; /* hostname/address lookup timeout */
  51. sock_list *socklist = NULL; /* Enough to be safe */
  52. int MAXSOCKS = 0;
  53. jmp_buf alarmret; /* Env buffer for alarm() returns */
  54. /* Types of proxy */
  55. #define PROXY_SOCKS 1
  56. #define PROXY_SUN 2
  57. /* I need an UNSIGNED long for dcc type stuff
  58. */
  59. IP my_atoul(char *s)
  60. {
  61. IP ret = 0;
  62. while ((*s >= '0') && (*s <= '9')) {
  63. ret *= 10;
  64. ret += ((*s) - '0');
  65. s++;
  66. }
  67. return ret;
  68. }
  69. int hostprotocol(char *host)
  70. {
  71. #ifdef USE_IPV6
  72. struct hostent *he = NULL;
  73. # ifndef HAVE_GETHOSTBYNAME2
  74. int error_num;
  75. # endif /* !HAVE_GETHOSTBYNAME2 */
  76. if (!host || (host && !host[0]))
  77. return 0;
  78. if (!setjmp(alarmret)) {
  79. alarm(resolve_timeout);
  80. # ifdef HAVE_GETHOSTBYNAME2
  81. he = gethostbyname2(host, AF_INET6);
  82. # else
  83. he = getipnodebyname(host, AF_INET6, AI_DEFAULT, &error_num);
  84. # endif /* HAVE_GETHOSTBYNAME2 */
  85. alarm(0);
  86. } else
  87. he = NULL;
  88. if (!he)
  89. return AF_INET;
  90. return AF_INET6;
  91. #else
  92. return 0;
  93. #endif /* USE_IPV6 */
  94. }
  95. /* get the protocol used on a socket */
  96. int sockprotocol(int socket)
  97. {
  98. struct sockaddr sa;
  99. int i = sizeof(sa);
  100. if (getsockname(socket, &sa, &i))
  101. return -1;
  102. else
  103. return sa.sa_family;
  104. }
  105. /* AF_INET-independent resolving routine */
  106. int get_ip(char *hostname, union sockaddr_union *so)
  107. {
  108. #ifdef USE_IPV6
  109. struct addrinfo hints, *ai = NULL, *res = NULL;
  110. int error = 0;
  111. #else
  112. struct hostent *hp = NULL;
  113. #endif /* USE_IPV6 */
  114. egg_memset(so, 0, sizeof(union sockaddr_union));
  115. debug1(STR("get_ip(%s)"), hostname);
  116. if (!hostname || (hostname && !hostname[0]))
  117. return 1;
  118. #ifdef USE_IPV6
  119. egg_memset(&hints, 0, sizeof(struct addrinfo));
  120. hints.ai_socktype = SOCK_STREAM;
  121. if ((error = getaddrinfo(hostname, NULL, &hints, &res)))
  122. return error;
  123. error = 1;
  124. for (ai = res; ai != NULL; ai = ai->ai_next) {
  125. if ((ai->ai_family == AF_INET6) || (ai->ai_family == AF_INET)) {
  126. memcpy(so, ai->ai_addr, ai->ai_addrlen);
  127. error = 0;
  128. break;
  129. }
  130. }
  131. freeaddrinfo(res);
  132. return error;
  133. #else
  134. if (!(hp = gethostbyname(hostname)))
  135. return -1;
  136. memcpy(&so->sin.sin_addr, hp->h_addr, 4);
  137. so->sin.sin_family = AF_INET;
  138. return 0;
  139. #endif /* USE_IPV6 */
  140. }
  141. #ifdef HAVE_SSL
  142. int seed_PRNG(void)
  143. {
  144. char stackdata[1024] = "";
  145. static char rand_file[300] = "";
  146. FILE *fh = NULL;
  147. #if OPENSSL_VERSION_NUMBER >= 0x00905100
  148. if (RAND_status()) return 0;
  149. #endif /* OPENSSL_VERSION_NUMBER */
  150. if ((fh = fopen("/dev/urandom", "r"))) {
  151. fclose(fh);
  152. return 0;
  153. }
  154. if (RAND_file_name(rand_file, sizeof(rand_file)))
  155. tls_rand_file = rand_file;
  156. else
  157. return 1;
  158. if (!RAND_load_file(rand_file, 1024)) {
  159. unsigned int c;
  160. c = now;
  161. RAND_seed(&c, sizeof(c));
  162. c = getpid();
  163. RAND_seed(&c, sizeof(c));
  164. RAND_seed(stackdata, sizeof(stackdata));
  165. }
  166. #if OPENSSL_VERSION_NUMBER >= 0x00905100
  167. if (!RAND_status()) return 2;
  168. #endif /* OPENSSL_VERSION_NUMBER >= 0x00905100 */
  169. return 0;
  170. }
  171. #endif /* HAVE_SSL */
  172. /* Initialize the socklist
  173. */
  174. void init_net()
  175. {
  176. int i;
  177. for (i = 0; i < MAXSOCKS; i++) {
  178. egg_bzero(&socklist[i], sizeof(socklist[i]));
  179. #ifdef HAVE_SSL
  180. socklist[i].ssl=NULL;
  181. #endif /* HAVE_SSL */
  182. socklist[i].flags = SOCK_UNUSED;
  183. }
  184. #ifdef HAVE_SSL
  185. SSL_load_error_strings();
  186. OpenSSL_add_ssl_algorithms();
  187. ssl_c_ctx = SSL_CTX_new(SSLv23_client_method());
  188. ssl_s_ctx = SSL_CTX_new(SSLv23_server_method());
  189. if (!ssl_c_ctx || !ssl_s_ctx)
  190. fatal("SSL Inititlization failed", 0);
  191. if (seed_PRNG())
  192. fatal("SSL PRNG seeding failed!", 0);
  193. #endif /* HAVE_SSL */
  194. }
  195. #ifdef HAVE_SSL
  196. int ssl_cleanup() {
  197. if (ssl_c_ctx) {
  198. SSL_CTX_free(ssl_c_ctx);
  199. ssl_c_ctx = NULL;
  200. }
  201. if (ssl_s_ctx) {
  202. SSL_CTX_free(ssl_s_ctx);
  203. ssl_s_ctx = NULL;
  204. }
  205. if (tls_rand_file) RAND_write_file(tls_rand_file);
  206. return 0;
  207. }
  208. #endif /* HAVE_SSL */
  209. /* Get my ipv? ip
  210. */
  211. char *myipstr(int af_type)
  212. {
  213. #ifdef USE_IPV6
  214. if (af_type == 6) {
  215. static char s[UHOSTLEN + 1] = "";
  216. egg_inet_ntop(AF_INET6, &cached_myip6_so.sin6.sin6_addr, s, 119);
  217. s[120] = 0;
  218. return s;
  219. } else
  220. #endif /* USE_IPV6 */
  221. if (af_type == 4) {
  222. static char s[UHOSTLEN + 1] = "";
  223. egg_inet_ntop(AF_INET, &cached_myip4_so.sin.sin_addr, s, 119);
  224. s[120] = 0;
  225. return s;
  226. }
  227. return "";
  228. }
  229. /* Get my ip number
  230. */
  231. IP getmyip() {
  232. return (IP) cached_myip4_so.sin.sin_addr.s_addr;
  233. }
  234. /* see if it's necessary to set inaddr_any... because if we can't resolve, we die anyway */
  235. void cache_my_ip()
  236. {
  237. char s[121] = "";
  238. int error;
  239. #ifdef USE_IPV6
  240. int any = 0;
  241. #endif /* USE_IPV6 */
  242. debug0(STR("cache_my_ip()"));
  243. egg_memset(&cached_myip4_so, 0, sizeof(union sockaddr_union));
  244. #ifdef USE_IPV6
  245. egg_memset(&cached_myip6_so, 0, sizeof(union sockaddr_union));
  246. if (conf.bot->ip6) {
  247. sdprintf("ip6: %s", conf.bot->ip6);
  248. if (get_ip(conf.bot->ip6, &cached_myip6_so))
  249. any = 1;
  250. } else if (conf.bot->host6) {
  251. sdprintf("host6: %s", conf.bot->host6);
  252. if (get_ip(conf.bot->host6, &cached_myip6_so))
  253. any = 1;
  254. } else
  255. any = 1;
  256. if (any) {
  257. sdprintf("IPV6 addr_any is set.");
  258. cached_myip6_so.sin6.sin6_family = AF_INET6;
  259. cached_myip6_so.sin6.sin6_addr = in6addr_any;
  260. }
  261. #endif /* USE_IPV6 */
  262. error = 0;
  263. if (conf.bot->ip) {
  264. if (get_ip(conf.bot->ip, &cached_myip4_so))
  265. error = 1;
  266. } else if (conf.bot->host) {
  267. if (get_ip(conf.bot->host, &cached_myip4_so))
  268. error = 2;
  269. } else {
  270. gethostname(s, sizeof(s));
  271. if (get_ip(s, &cached_myip4_so)) {
  272. /* error = 3; */
  273. sdprintf("IPV4 addr_any is set.");
  274. cached_myip4_so.sin.sin_family = AF_INET;
  275. cached_myip4_so.sin.sin_addr.s_addr = INADDR_ANY;
  276. }
  277. }
  278. if (error) {
  279. putlog(LOG_DEBUG, "*", STR("Hostname self-lookup error: %d"), error);
  280. fatal(STR("Hostname self-lookup failed."), 0);
  281. }
  282. }
  283. void neterror(char *s)
  284. {
  285. switch (errno) {
  286. case EADDRINUSE:
  287. strcpy(s, "Address already in use");
  288. break;
  289. case EADDRNOTAVAIL:
  290. strcpy(s, "Address invalid on remote machine");
  291. break;
  292. case EAFNOSUPPORT:
  293. strcpy(s, "Address family not supported");
  294. break;
  295. case EALREADY:
  296. strcpy(s, "Socket already in use");
  297. break;
  298. case EBADF:
  299. strcpy(s, "Socket descriptor is bad");
  300. break;
  301. case ECONNREFUSED:
  302. strcpy(s, "Connection refused");
  303. break;
  304. case EFAULT:
  305. strcpy(s, "Namespace segment violation");
  306. break;
  307. case EINPROGRESS:
  308. strcpy(s, "Operation in progress");
  309. break;
  310. case EINTR:
  311. strcpy(s, "Timeout");
  312. break;
  313. case EINVAL:
  314. strcpy(s, "Invalid namespace");
  315. break;
  316. case EISCONN:
  317. strcpy(s, "Socket already connected");
  318. break;
  319. case ENETUNREACH:
  320. strcpy(s, "Network unreachable");
  321. break;
  322. case ENOTSOCK:
  323. strcpy(s, "File descriptor, not a socket");
  324. break;
  325. case ETIMEDOUT:
  326. strcpy(s, "Connection timed out");
  327. break;
  328. case ENOTCONN:
  329. strcpy(s, "Socket is not connected");
  330. break;
  331. case EHOSTUNREACH:
  332. strcpy(s, "Host is unreachable");
  333. break;
  334. case EPIPE:
  335. strcpy(s, "Broken pipe");
  336. break;
  337. #ifdef ECONNRESET
  338. case ECONNRESET:
  339. strcpy(s, "Connection reset by peer");
  340. break;
  341. #endif /* ECONNRESET */
  342. #ifdef EACCES
  343. case EACCES:
  344. strcpy(s, "Permission denied");
  345. break;
  346. #endif /* EACCESS */
  347. #ifdef EMFILE
  348. case EMFILE:
  349. strcpy(s, "Too many open files");
  350. break;
  351. #endif /* EMFILE */
  352. case 0:
  353. strcpy(s, "Error 0");
  354. break;
  355. default:
  356. sprintf(s, "Unforseen error %d", errno);
  357. break;
  358. }
  359. }
  360. /* Sets/Unsets options for a specific socket.
  361. *
  362. * Returns: 0 - on success
  363. * -1 - socket not found
  364. * -2 - illegal operation
  365. */
  366. int sockoptions(int sock, int operation, int sock_options)
  367. {
  368. int i;
  369. for (i = 0; i < MAXSOCKS; i++)
  370. if ((socklist[i].sock == sock) && !(socklist[i].flags & SOCK_UNUSED)) {
  371. if (operation == EGG_OPTION_SET)
  372. socklist[i].flags |= sock_options;
  373. else if (operation == EGG_OPTION_UNSET)
  374. socklist[i].flags &= ~sock_options;
  375. else
  376. return -2;
  377. return 0;
  378. }
  379. return -1;
  380. }
  381. /* Return a free entry in the socket entry
  382. */
  383. int allocsock(int sock, int options)
  384. {
  385. int i;
  386. for (i = 0; i < MAXSOCKS; i++) {
  387. if (socklist[i].flags & SOCK_UNUSED) {
  388. /* yay! there is table space */
  389. socklist[i].inbuf = socklist[i].outbuf = NULL;
  390. socklist[i].inbuflen = socklist[i].outbuflen = 0;
  391. #ifdef HAVE_SSL
  392. socklist[i].ssl = NULL;
  393. #endif /* HAVE_SSL */
  394. socklist[i].flags = options;
  395. socklist[i].sock = sock;
  396. socklist[i].encstatus = 0;
  397. socklist[i].gz = 0;
  398. egg_bzero(&socklist[i].okey, sizeof(socklist[i].okey));
  399. egg_bzero(&socklist[i].ikey, sizeof(socklist[i].ikey));
  400. socklist[i].okey[0] = 0;
  401. socklist[i].ikey[0] = 0;
  402. return i;
  403. }
  404. }
  405. fatal("Socket table is full!", 0);
  406. return -1; /* Never reached */
  407. }
  408. /* Request a normal socket for i/o
  409. */
  410. void setsock(int sock, int options)
  411. {
  412. int i = allocsock(sock, options), parm;
  413. if (((sock != STDOUT) || backgrd) && !(socklist[i].flags & SOCK_NONSOCK)) {
  414. parm = 1;
  415. setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (void *) &parm, sizeof(int));
  416. parm = 0;
  417. setsockopt(sock, SOL_SOCKET, SO_LINGER, (void *) &parm, sizeof(int));
  418. }
  419. if (options & SOCK_LISTEN) {
  420. /* Tris says this lets us grab the same port again next time */
  421. parm = 1;
  422. setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *) &parm, sizeof(int));
  423. }
  424. /* Yay async i/o ! */
  425. fcntl(sock, F_SETFL, O_NONBLOCK);
  426. }
  427. #ifdef USE_IPV6
  428. int getsock(int options, int af_def)
  429. {
  430. #else
  431. int getsock(int options)
  432. {
  433. int af_def = AF_INET;
  434. #endif /* USE_IPV6 */
  435. int sock;
  436. sock = socket(af_def, SOCK_STREAM, 0);
  437. if (sock >= 0)
  438. setsock(sock, options);
  439. else
  440. putlog(LOG_MISC, "*", "Warning: Can't create new socket!");
  441. return sock;
  442. }
  443. void dropssl(register int sock)
  444. {
  445. #ifdef HAVE_SSL
  446. int i;
  447. if (sock < 0)
  448. return;
  449. for (i = 0; (i < MAXSOCKS); i++)
  450. if (socklist[i].sock == sock) break;
  451. if (socklist[i].ssl) {
  452. SSL_set_quiet_shutdown(socklist[i].ssl, 1);
  453. SSL_shutdown(socklist[i].ssl);
  454. usleep(1000 * 500);
  455. SSL_free(socklist[i].ssl);
  456. usleep(1000 * 500);
  457. socklist[i].ssl = NULL;
  458. }
  459. #endif /* HAVE_SSL */
  460. }
  461. /* Done with a socket
  462. */
  463. void real_killsock(register int sock, const char *file, int line)
  464. {
  465. register int i;
  466. /* Ignore invalid sockets. */
  467. if (sock < 0)
  468. return;
  469. for (i = 0; i < MAXSOCKS; i++) {
  470. if ((socklist[i].sock == sock) && !(socklist[i].flags & SOCK_UNUSED)) {
  471. dropssl(sock);
  472. close(socklist[i].sock);
  473. if (socklist[i].inbuf != NULL) {
  474. free(socklist[i].inbuf);
  475. socklist[i].inbuf = NULL;
  476. }
  477. if (socklist[i].outbuf != NULL) {
  478. free(socklist[i].outbuf);
  479. socklist[i].outbuf = NULL;
  480. socklist[i].outbuflen = 0;
  481. }
  482. egg_bzero(&socklist[i],sizeof(socklist[i]));
  483. socklist[i].flags = SOCK_UNUSED;
  484. return;
  485. }
  486. }
  487. putlog(LOG_MISC, "*", "Attempt to kill un-allocated socket %d %s:%d !!", sock, file, line);
  488. }
  489. /* Send connection request to proxy
  490. */
  491. static int proxy_connect(int sock, char *host, int port, int proxy)
  492. {
  493. #ifdef USE_IPV6
  494. unsigned char x[32] = "";
  495. int af_ty;
  496. #else
  497. unsigned char x[10] = "";
  498. #endif /* USE_IPV6 */
  499. struct hostent *hp = NULL;
  500. char s[256] = "";
  501. int i;
  502. #ifdef USE_IPV6
  503. af_ty = sockprotocol(sock);
  504. #endif /* USE_IPV6 */
  505. /* socks proxy */
  506. if (proxy == PROXY_SOCKS) {
  507. /* numeric IP? */
  508. #ifdef USE_IPV6
  509. if ((host[strlen(host) - 1] >= '0' && host[strlen(host) - 1] <= '9') && af_ty != AF_INET6) {
  510. #else
  511. if (host[strlen(host) - 1] >= '0' && host[strlen(host) - 1] <= '9') {
  512. #endif /* USE_IPV6 */
  513. IP ip = ((IP) inet_addr(host));
  514. egg_memcpy(x, &ip, 4);
  515. } else {
  516. /* no, must be host.domain */
  517. if (!setjmp(alarmret)) {
  518. #ifdef USE_IPV6
  519. alarm(resolve_timeout);
  520. if (af_ty == AF_INET6)
  521. hp = gethostbyname(host);
  522. else
  523. #endif /* USE_IPV6 */
  524. hp = gethostbyname(host);
  525. #ifdef USE_IPV6
  526. alarm(0);
  527. #endif /* USE_IPV6 */
  528. } else
  529. hp = NULL;
  530. if (hp == NULL) {
  531. killsock(sock);
  532. return -2;
  533. }
  534. egg_memcpy(x, hp->h_addr, hp->h_length);
  535. }
  536. for (i = 0; i < MAXSOCKS; i++)
  537. if (!(socklist[i].flags & SOCK_UNUSED) && socklist[i].sock == sock)
  538. socklist[i].flags |= SOCK_PROXYWAIT; /* drummer */
  539. #ifdef USE_IPV6
  540. if (af_ty == AF_INET6)
  541. egg_snprintf(s, sizeof s,
  542. "\004\001%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%s",
  543. (port >> 8) % 256, (port % 256), x[0], x[1], x[2], x[3],
  544. x[4], x[5], x[6], x[7], x[9], x[9], x[10], x[11], x[12],
  545. x[13], x[14], x[15], botuser);
  546. else
  547. #endif /* USE_IPV6 */
  548. egg_snprintf(s, sizeof s, "\004\001%c%c%c%c%c%c%s", (port >> 8) % 256,
  549. (port % 256), x[0], x[1], x[2], x[3], botuser);
  550. tputs(sock, s, strlen(botuser) + 9); /* drummer */
  551. } else if (proxy == PROXY_SUN) {
  552. egg_snprintf(s, sizeof s, "%s %d\n", host, port);
  553. tputs(sock, s, strlen(s)); /* drummer */
  554. }
  555. return sock;
  556. }
  557. /* Starts a connection attempt to a socket
  558. *
  559. * If given a normal hostname, this will be resolved to the corresponding
  560. * IP address first. PLEASE try to use the non-blocking dns functions
  561. * instead and then call this function with the IP address to avoid blocking.
  562. *
  563. * returns <0 if connection refused:
  564. * -1 neterror() type error
  565. * -2 can't resolve hostname
  566. */
  567. int open_telnet_raw(int sock, char *server, int sport)
  568. {
  569. union sockaddr_union so;
  570. char host[121] = "";
  571. int i, error = 0, port, rc;
  572. volatile int proxy;
  573. /* firewall? use socks */
  574. if (firewall[0]) {
  575. if (firewall[0] == '!') {
  576. proxy = PROXY_SUN;
  577. strcpy(host, &firewall[1]);
  578. } else {
  579. proxy = PROXY_SOCKS;
  580. strcpy(host, firewall);
  581. }
  582. port = firewallport;
  583. } else {
  584. proxy = 0;
  585. strncpyz(host, server, sizeof host);
  586. port = sport;
  587. }
  588. error = 0;
  589. if (!setjmp(alarmret)) {
  590. alarm(resolve_timeout);
  591. if (!get_ip(host, &so)) {
  592. alarm(0);
  593. /* ok, we resolved it, bind an appropriate ip */
  594. #ifdef USE_IPV6
  595. if (so.sa.sa_family == AF_INET6) {
  596. if (bind(sock, &cached_myip6_so.sa, SIZEOF_SOCKADDR(cached_myip6_so)) < 0) {
  597. killsock(sock);
  598. return -1;
  599. }
  600. } else {
  601. #endif /* USE_IPV6 */
  602. if (bind(sock, &cached_myip4_so.sa, SIZEOF_SOCKADDR(cached_myip4_so)) < 0) {
  603. killsock(sock);
  604. return -3;
  605. }
  606. #ifdef USE_IPV6
  607. }
  608. if (so.sa.sa_family == AF_INET6)
  609. so.sin6.sin6_port = htons(port);
  610. else
  611. #endif /* USE_IPV6 */
  612. so.sin.sin_port = htons(port);
  613. } else {
  614. alarm(0);
  615. error = 1;
  616. }
  617. }
  618. /* I guess we broke something */
  619. if (error) {
  620. killsock(sock);
  621. return -2;
  622. }
  623. for (i = 0; i < MAXSOCKS; i++) {
  624. if (!(socklist[i].flags & SOCK_UNUSED) && (socklist[i].sock == sock))
  625. socklist[i].flags = (socklist[i].flags & ~SOCK_VIRTUAL) | SOCK_CONNECT;
  626. }
  627. rc = connect(sock, &so.sa, SIZEOF_SOCKADDR(so));
  628. if (rc < 0) { if (errno == EINPROGRESS) {
  629. /* Firewall? announce connect attempt to proxy */
  630. if (firewall[0])
  631. return proxy_connect(sock, server, sport, proxy);
  632. return sock; /* async success! */
  633. } else
  634. return -1;
  635. }
  636. /* Synchronous? :/ */
  637. if (firewall[0])
  638. return proxy_connect(sock, server, sport, proxy);
  639. return sock;
  640. }
  641. /* Ordinary non-binary connection attempt */
  642. int open_telnet(char *server, int port)
  643. {
  644. #ifdef USE_IPV6
  645. int sock = getsock(0, hostprotocol(server)) , ret = open_telnet_raw(sock, server, port);
  646. #else
  647. int sock = getsock(0) , ret = open_telnet_raw(sock, server, port);
  648. #endif /* USE_IPV6 */
  649. if (ret < 0)
  650. killsock(sock);
  651. return ret;
  652. }
  653. /* Returns a socket number for a listening socket that will accept any
  654. * connection on a certain address -- port # is returned in port
  655. *
  656. * 'addr' is ignored if af_def is AF_INET6 -poptix (02/03/03)
  657. */
  658. #ifdef USE_IPV6
  659. int open_address_listen(IP addr, int af_def, int *port)
  660. #else
  661. int open_address_listen(IP addr, int *port)
  662. #endif /* USE_IPV6 */
  663. {
  664. int sock = 0;
  665. unsigned int addrlen;
  666. struct sockaddr_in name;
  667. if (firewall[0]) {
  668. /* FIXME: can't do listen port thru firewall yet */
  669. putlog(LOG_MISC, "*", "!! Cant open a listen port (you are using a "
  670. "firewall)");
  671. return -1;
  672. }
  673. #ifdef USE_IPV6
  674. if (af_def == AF_INET6) {
  675. struct sockaddr_in6 name6;
  676. sock = getsock(SOCK_LISTEN, af_def);
  677. if (sock < 1)
  678. return -1;
  679. debug2(STR("Opening listen socket on port %d with AF_INET6, sock: %d"), *port, sock);
  680. egg_bzero((char *) &name6, sizeof(name6));
  681. name6.sin6_family = af_def;
  682. name6.sin6_port = htons(*port); /* 0 = just assign us a port */
  683. /* memcpy(&name6.sin6_addr, &in6addr_any, 16); */ /* this is the only way to get ipv6+ipv4 in 1 socket */
  684. memcpy(&name6.sin6_addr, &cached_myip6_so.sin6.sin6_addr, 16);
  685. if (bind(sock, (struct sockaddr *) &name6, sizeof(name6)) < 0) {
  686. killsock(sock);
  687. return -1;
  688. }
  689. addrlen = sizeof(name6);
  690. if (getsockname(sock, (struct sockaddr *) &name6, &addrlen) < 0) {
  691. killsock(sock);
  692. return -1;
  693. }
  694. *port = ntohs(name6.sin6_port);
  695. if (listen(sock, 1) < 0) {
  696. killsock(sock);
  697. return -1;
  698. }
  699. } else {
  700. sock = getsock(SOCK_LISTEN, AF_INET);
  701. #else
  702. sock = getsock(SOCK_LISTEN);
  703. #endif /* USE_IPV6 */
  704. if (sock < 1)
  705. return -1;
  706. debug2(STR("Opening listen socket on port %d with AF_INET, sock: %d"), *port, sock);
  707. egg_bzero((char *) &name, sizeof(struct sockaddr_in));
  708. name.sin_family = AF_INET;
  709. name.sin_port = htons(*port); /* 0 = just assign us a port */
  710. name.sin_addr.s_addr = addr;
  711. if (bind(sock, (struct sockaddr *) &name, sizeof(name)) < 0) {
  712. killsock(sock);
  713. return -1;
  714. }
  715. /* what port are we on? */
  716. addrlen = sizeof(name);
  717. if (getsockname(sock, (struct sockaddr *) &name, &addrlen) < 0) {
  718. killsock(sock);
  719. return -1;
  720. }
  721. *port = ntohs(name.sin_port);
  722. if (listen(sock, 1) < 0) {
  723. killsock(sock);
  724. return -1;
  725. }
  726. #ifdef USE_IPV6
  727. }
  728. #endif /* USE_IPV6 */
  729. return sock;
  730. }
  731. /* Returns a socket number for a listening socket that will accept any
  732. * connection -- port # is returned in port
  733. */
  734. inline int open_listen(int *port)
  735. {
  736. #ifdef USE_IPV6
  737. return open_address_listen(conf.bot->ip ? getmyip() : INADDR_ANY, AF_INET, port);
  738. #else
  739. return open_address_listen(conf.bot->ip ? getmyip() : INADDR_ANY, port);
  740. #endif /* USE_IPV6 */
  741. }
  742. /* Same as above, except this one can be called with an AF_ type
  743. * the above is being left in for compatibility, and should NOT LONGER BE USED IN THE CORE CODE.
  744. */
  745. inline int open_listen_by_af(int *port, int af_def)
  746. {
  747. #ifdef USE_IPV6
  748. return open_address_listen(conf.bot->ip ? getmyip() : INADDR_ANY, af_def, port);
  749. #else
  750. return 0;
  751. #endif /* USE_IPV6 */
  752. }
  753. int ssl_link(register int sock, int state)
  754. {
  755. #ifdef HAVE_SSL
  756. int err = 0, i = 0, errs = 0;
  757. debug2(STR("ssl_link(%d, %d)"), sock, state);
  758. for (i = 0; (i < MAXSOCKS); i++) {
  759. if (socklist[i].sock == sock) break;
  760. }
  761. if (socklist[i].ssl) {
  762. putlog(LOG_ERROR, "*", "Switching to SSL (%d,%d) - already active", state, sock);
  763. return 0;
  764. }
  765. if (state == CONNECT_SSL) {
  766. socklist[i].ssl = SSL_new(ssl_c_ctx);
  767. } else if (state == ACCEPT_SSL) {
  768. socklist[i].ssl = SSL_new(ssl_s_ctx);
  769. }
  770. if (!socklist[i].ssl) {
  771. putlog(LOG_ERROR, "*", "Switching to SSL (%d) - SSL_new(%d) failed", sock, state);
  772. return 0;
  773. }
  774. if (!SSL_set_fd(socklist[i].ssl, socklist[i].sock)) {
  775. putlog(LOG_ERROR, "*", "SSL_set_fd(%d) (%d) failed", state, socklist[i].sock);
  776. return 0;
  777. }
  778. if (state == CONNECT_SSL) {
  779. SSL_set_connect_state(socklist[i].ssl);
  780. } else if (state == ACCEPT_SSL) {
  781. SSL_set_accept_state(socklist[i].ssl);
  782. } else {
  783. putlog(LOG_DEBUG, "*" STR("ssl_link(%d, 0?) NO STATE?"), sock);
  784. return 0;
  785. }
  786. if (state == CONNECT_SSL) {
  787. err = SSL_connect(socklist[i].ssl);
  788. } else if (state == ACCEPT_SSL) {
  789. err = SSL_accept(socklist[i].ssl);
  790. }
  791. if (!setjmp(alarmret)) {
  792. alarm(5); /* this is plenty of time */
  793. while ((err < 1) && (errno == EAGAIN)) {
  794. if (state == CONNECT_SSL) {
  795. err = SSL_connect(socklist[i].ssl);
  796. } else if (state == ACCEPT_SSL) {
  797. err = SSL_accept(socklist[i].ssl);
  798. }
  799. /* if ((errs!=SSL_ERROR_WANT_READ)&&(errs!=SSL_ERROR_WANT_WRITE)&& (errs!=SSL_ERROR_WANT_X509_LOOKUP)) */
  800. /* break; anything not one of these is a sufficient condition to break out... */
  801. }
  802. alarm(0);
  803. }
  804. errs = SSL_get_error(socklist[i].ssl, err);
  805. putlog(LOG_DEBUG, "*", STR("SSL_link(%d, %d) = %d, errs: %d (%d), %s"), sock, state, err, errs, errno, (char *)ERR_error_string(ERR_get_error(), NULL));
  806. if (errno) putlog(LOG_DEBUG, "*", STR("errno %d: %s"), errno, strerror(errno));
  807. if (err == 1) {
  808. putlog(LOG_ERROR, "*", "SSL_link(%d, %d) was successfull", sock, state);
  809. return 1;
  810. } else {
  811. putlog(LOG_ERROR, "*", "SSL_link(%d, %d) failed", sock, state);
  812. dropssl(socklist[i].sock);
  813. }
  814. #endif /* HAVE_SSL */
  815. return 0;
  816. }
  817. /* Given a network-style IP address, returns the hostname. The hostname
  818. * will be in the "##.##.##.##" format if there was an error.
  819. *
  820. * NOTE: This function is depreciated. Try using the async dns approach
  821. * instead.
  822. */
  823. char *hostnamefromip(unsigned long ip)
  824. {
  825. struct hostent *hp = NULL;
  826. unsigned long addr = ip;
  827. unsigned char *p = NULL;
  828. static char s[UHOSTLEN] = "";
  829. if (!setjmp(alarmret)) {
  830. alarm(resolve_timeout);
  831. hp = gethostbyaddr((char *) &addr, sizeof(addr), AF_INET);
  832. alarm(0);
  833. } else {
  834. hp = NULL;
  835. }
  836. if (hp == NULL) {
  837. p = (unsigned char *) &addr;
  838. sprintf(s, "%u.%u.%u.%u", p[0], p[1], p[2], p[3]);
  839. return s;
  840. }
  841. strncpyz(s, hp->h_name, sizeof s);
  842. return s;
  843. }
  844. /* Returns the given network byte order IP address in the
  845. * dotted format - "##.##.##.##"
  846. */
  847. char *iptostr(IP ip)
  848. {
  849. struct in_addr a;
  850. a.s_addr = ip;
  851. return inet_ntoa(a);
  852. }
  853. /* Short routine to answer a connect received on a socket made previously
  854. * by open_listen ... returns hostname of the caller & the new socket
  855. * does NOT dispose of old "public" socket!
  856. */
  857. int answer(int sock, char *caller, unsigned long *ip, unsigned short *port,
  858. int binary)
  859. {
  860. int new_sock;
  861. unsigned int addrlen;
  862. struct sockaddr_in from;
  863. #ifdef USE_IPV6
  864. int af_ty = sockprotocol(sock);
  865. struct sockaddr_in6 from6;
  866. if (af_ty == AF_INET6) {
  867. addrlen = sizeof(from6);
  868. new_sock = accept(sock, (struct sockaddr *) &from6, &addrlen);
  869. } else {
  870. #endif /* USE_IPV6 */
  871. addrlen = sizeof(struct sockaddr);
  872. new_sock = accept(sock, (struct sockaddr *) &from, &addrlen);
  873. #ifdef USE_IPV6
  874. }
  875. #endif /* USE_IPV6 */
  876. if (new_sock < 0)
  877. return -1;
  878. if (ip != NULL) {
  879. #ifdef USE_IPV6
  880. /* Detect IPv4 in IPv6 mapped address .... */
  881. if (af_ty == AF_INET6 && (!IN6_IS_ADDR_V4MAPPED(&from6.sin6_addr))) {
  882. egg_inet_ntop(AF_INET6, &from6.sin6_addr, caller, 119);
  883. caller[120] = 0;
  884. *ip = notalloc;
  885. } else if (IN6_IS_ADDR_V4MAPPED(&from6.sin6_addr)) { /* ...and convert it to plain (AF_INET) IPv4 address (openssh) */
  886. struct sockaddr_in *from4 = (struct sockaddr_in *)&from6;
  887. struct in_addr addr;
  888. memcpy(&addr, ((char *)&from6.sin6_addr) + 12, sizeof(addr));
  889. egg_memset(&from, 0, sizeof(from));
  890. from4->sin_family = AF_INET;
  891. addrlen = sizeof(*from4);
  892. memcpy(&from4->sin_addr, &addr, sizeof(addr));
  893. *ip = from4->sin_addr.s_addr;
  894. strncpyz(caller, iptostr(*ip), 121);
  895. *ip = ntohl(*ip);
  896. } else {
  897. #endif /* USE_IPV6 */
  898. *ip = from.sin_addr.s_addr;
  899. /* This is now done asynchronously. We now only provide the IP address.
  900. *
  901. * strncpy(caller, hostnamefromip(*ip), 120);
  902. */
  903. strncpyz(caller, iptostr(*ip), 121);
  904. *ip = ntohl(*ip);
  905. #ifdef USE_IPV6
  906. }
  907. #endif /* USE_IPV6 */
  908. }
  909. if (port != NULL) {
  910. #ifdef USE_IPV6
  911. if (af_ty == AF_INET6)
  912. *port = ntohs(from6.sin6_port);
  913. else
  914. #endif /* USE_IPV6 */
  915. *port = ntohs(from.sin_port);
  916. }
  917. /* Set up all the normal socket crap */
  918. setsock(new_sock, (binary ? SOCK_BINARY : 0));
  919. return new_sock;
  920. }
  921. /* Like open_telnet, but uses server & port specifications of dcc
  922. */
  923. int open_telnet_dcc(int sock, char *server, char *port)
  924. {
  925. int p;
  926. unsigned long addr;
  927. char sv[500] = "";
  928. unsigned char c[4] = "";
  929. #ifdef DEBUG_IPV6
  930. debug1(STR("open_telnet_dcc %s"), server);
  931. #endif /* DEBUG_IPV6 */
  932. if (port != NULL)
  933. p = atoi(port);
  934. else
  935. p = 2000;
  936. #ifdef USE_IPV6
  937. if (sockprotocol(sock) == AF_INET6) {
  938. # ifdef DEBUG_IPV6
  939. debug0(STR("open_telnet_dcc, af_inet6!"));
  940. # endif /* DEBUG_IPV6 */
  941. strncpyz(sv, server, sizeof sv);
  942. debug2(STR("%s should be %s"),sv,server);
  943. } else {
  944. #endif /* USE_IPV6 */
  945. if (server != NULL)
  946. addr = my_atoul(server);
  947. else
  948. addr = 0L;
  949. if (addr < (1 << 24))
  950. return -3; /* fake address */
  951. c[0] = (addr >> 24) & 0xff;
  952. c[1] = (addr >> 16) & 0xff;
  953. c[2] = (addr >> 8) & 0xff;
  954. c[3] = addr & 0xff;
  955. sprintf(sv, "%u.%u.%u.%u", c[0], c[1], c[2], c[3]);
  956. #ifdef USE_IPV6
  957. }
  958. /* strcpy(sv,hostnamefromip(addr)); */
  959. # ifdef DEBUG_IPV6
  960. debug3(STR("open_telnet_raw %s %d %d"), sv, sock,p);
  961. # endif /* DEBUG_IPV6 */
  962. #endif /* USE_IPV6 */
  963. p = open_telnet_raw(sock, sv, p);
  964. return p;
  965. }
  966. /* Attempts to read from all the sockets in socklist
  967. * fills s with up to 511 bytes if available, and returns the array index
  968. *
  969. * on EOF: returns -1, with socket in len
  970. * on socket error: returns -2
  971. * if nothing is ready: returns -3
  972. */
  973. static int sockread(char *s, int *len)
  974. {
  975. fd_set fd;
  976. int fds = 0, i, x, fdtmp;
  977. struct timeval t;
  978. int grab = SGRAB;
  979. egg_timeval_t howlong;
  980. if (timer_get_shortest(&howlong)) {
  981. /* No timer, default to 1 second. */
  982. t.tv_sec = 1;
  983. t.tv_usec = 0;
  984. }
  985. else {
  986. t.tv_sec = howlong.sec;
  987. t.tv_usec = howlong.usec;
  988. }
  989. FD_ZERO(&fd);
  990. for (i = 0; i < MAXSOCKS; i++) {
  991. if (!(socklist[i].flags & (SOCK_UNUSED | SOCK_VIRTUAL))) {
  992. if ((socklist[i].sock == STDOUT) && !backgrd)
  993. fdtmp = STDIN;
  994. else
  995. fdtmp = socklist[i].sock;
  996. if (fdtmp > fds)
  997. fds = fdtmp;
  998. FD_SET(fdtmp, &fd);
  999. }
  1000. }
  1001. fds++;
  1002. x = select(fds, &fd, NULL, NULL, &t);
  1003. if (x > 0) {
  1004. /* Something happened */
  1005. for (i = 0; i < MAXSOCKS; i++) {
  1006. if ((!(socklist[i].flags & SOCK_UNUSED)) && ((FD_ISSET(socklist[i].sock, &fd)) ||
  1007. #ifdef HAVE_SSL
  1008. ((socklist[i].ssl) && (SSL_pending(socklist[i].ssl))) ||
  1009. #endif /* HAVE_SSL */
  1010. ((socklist[i].sock == STDOUT) && (!backgrd) && (FD_ISSET(STDIN, &fd))))) {
  1011. if (socklist[i].flags & (SOCK_LISTEN | SOCK_CONNECT)) {
  1012. /* Listening socket -- don't read, just return activity */
  1013. /* Same for connection attempt */
  1014. /* (for strong connections, require a read to succeed first) */
  1015. if (socklist[i].flags & SOCK_PROXYWAIT) { /* drummer */
  1016. /* Hang around to get the return code from proxy */
  1017. grab = 10;
  1018. } else if (!(socklist[i].flags & SOCK_STRONGCONN)) {
  1019. debug1(STR("net: connect! sock %d"), socklist[i].sock);
  1020. s[0] = 0;
  1021. *len = 0;
  1022. #ifdef HAVE_SSL
  1023. /* debug0(STR("CALLING SSL_LINK() FROM SOCKREAD"));
  1024. if (!ssl_link(socklist[i].sock))
  1025. debug0(STR("SSL_LINK FAILED"));
  1026. debug0(STR("BACK FROM SSL_LINK()")); */
  1027. #endif /* HAVE_SSL */
  1028. return i;
  1029. }
  1030. } else if (socklist[i].flags & SOCK_PASS) {
  1031. s[0] = 0;
  1032. *len = 0;
  1033. return i;
  1034. }
  1035. errno = 0;
  1036. if ((socklist[i].sock == STDOUT) && !backgrd)
  1037. x = read(STDIN, s, grab);
  1038. else {
  1039. #ifdef HAVE_SSL
  1040. if (socklist[i].ssl) {
  1041. x = SSL_read(socklist[i].ssl, s, grab);
  1042. if (x < 0) {
  1043. int err = SSL_get_error(socklist[i].ssl, x);
  1044. x = -1;
  1045. switch (err) {
  1046. case SSL_ERROR_WANT_READ:
  1047. errno = EAGAIN;
  1048. break;
  1049. case SSL_ERROR_WANT_WRITE:
  1050. errno = EAGAIN;
  1051. break;
  1052. case SSL_ERROR_WANT_X509_LOOKUP:
  1053. errno = EAGAIN;
  1054. break;
  1055. }
  1056. }
  1057. } else
  1058. #endif /* HAVE_SSL */
  1059. x = read(socklist[i].sock, s, grab);
  1060. }
  1061. if (x <= 0) { /* eof */
  1062. if (errno != EAGAIN) { /* EAGAIN happens when the operation would block
  1063. on a non-blocking socket, if the socket is going
  1064. to die, it will die later, otherwise it will connect */
  1065. *len = socklist[i].sock;
  1066. socklist[i].flags &= ~SOCK_CONNECT;
  1067. debug1(STR("net: eof!(read) socket %d"), socklist[i].sock);
  1068. return -1;
  1069. } else {
  1070. debug3(STR("sockread EAGAIN: %d %d (%s)"), socklist[i].sock, errno, strerror(errno));
  1071. continue; /* EAGAIN */
  1072. }
  1073. }
  1074. s[x] = 0;
  1075. *len = x;
  1076. if (socklist[i].flags & SOCK_PROXYWAIT) {
  1077. debug2(STR("net: socket: %d proxy errno: %d"), socklist[i].sock, s[1]);
  1078. socklist[i].flags &= ~(SOCK_CONNECT | SOCK_PROXYWAIT);
  1079. switch (s[1]) {
  1080. case 90: /* Success */
  1081. s[0] = 0;
  1082. *len = 0;
  1083. return i;
  1084. case 91: /* Failed */
  1085. errno = ECONNREFUSED;
  1086. break;
  1087. case 92: /* No identd */
  1088. case 93: /* Identd said wrong username */
  1089. /* A better error message would be "socks misconfigured"
  1090. * or "identd not working" but this is simplest.
  1091. */
  1092. errno = ENETUNREACH;
  1093. break;
  1094. }
  1095. *len = socklist[i].sock;
  1096. return -1;
  1097. }
  1098. return i;
  1099. }
  1100. }
  1101. } else if (x == -1)
  1102. return -2; /* socket error */
  1103. else {
  1104. s[0] = 0;
  1105. *len = 0;
  1106. }
  1107. return -3;
  1108. }
  1109. int prand(int *seed, int range)
  1110. {
  1111. long long i1;
  1112. i1 = *seed;
  1113. i1 = (i1 * 0x08088405 + 1) & 0xFFFFFFFF;
  1114. *seed = i1;
  1115. i1 = (i1 * range) >> 32;
  1116. return i1;
  1117. }
  1118. char *botlink_decrypt(int snum, char *src)
  1119. {
  1120. char *line = NULL;
  1121. int i;
  1122. line = decrypt_string(socklist[snum].ikey, src);
  1123. strcpy(src, line);
  1124. free(line);
  1125. if (socklist[snum].iseed) {
  1126. for (i = 0; i <= 3; i++)
  1127. *(dword *) & socklist[snum].ikey[i * 4] = prand(&socklist[snum].iseed, 0xFFFFFFFF);
  1128. if (!socklist[snum].iseed)
  1129. socklist[snum].iseed++;
  1130. }
  1131. return src;
  1132. }
  1133. char *botlink_encrypt(int snum, char *src)
  1134. {
  1135. char *srcbuf = NULL, *buf = NULL, *line = NULL, *eol = NULL, *eline = NULL;
  1136. int bufpos = 0, i = 0;
  1137. srcbuf = calloc(1, strlen(src) + 9 + 1);
  1138. strcpy(srcbuf, src);
  1139. line = srcbuf;
  1140. if (!line) {
  1141. free(srcbuf);
  1142. return NULL;
  1143. }
  1144. eol = strchr(line, '\n');
  1145. while (eol) {
  1146. *eol++ = 0;
  1147. eline = encrypt_string(socklist[snum].okey, line);
  1148. if (socklist[snum].oseed) {
  1149. for (i = 0; i <= 3; i++)
  1150. *(dword *) & socklist[snum].okey[i * 4] = prand(&socklist[snum].oseed, 0xFFFFFFFF);
  1151. if (!socklist[snum].oseed)
  1152. socklist[snum].oseed++;
  1153. }
  1154. buf = realloc(buf, bufpos + strlen(eline) + 1 + 9);
  1155. strcpy((char *) &buf[bufpos], eline);
  1156. free(eline);
  1157. strcat(buf, "\n");
  1158. bufpos = strlen(buf);
  1159. line = eol;
  1160. eol = strchr(line, '\n');
  1161. }
  1162. if (line[0]) {
  1163. eline = encrypt_string(socklist[snum].okey, line);
  1164. if (socklist[snum].oseed) {
  1165. for (i = 0; i <= 3; i++)
  1166. *(dword *) & socklist[snum].okey[i * 4] = prand(&socklist[snum].oseed, 0xFFFFFFFF);
  1167. if (!socklist[snum].oseed)
  1168. socklist[snum].oseed++;
  1169. }
  1170. buf = realloc(buf, bufpos + strlen(eline) + 1 + 9);
  1171. strcpy((char *) &buf[bufpos], eline);
  1172. free(eline);
  1173. strcat(buf, "\n");
  1174. }
  1175. free(srcbuf);
  1176. return buf;
  1177. }
  1178. /* sockgets: buffer and read from sockets
  1179. *
  1180. * Attempts to read from all registered sockets for up to one second. if
  1181. * after one second, no complete data has been received from any of the
  1182. * sockets, 's' will be empty, 'len' will be 0, and sockgets will return -3.
  1183. * if there is returnable data received from a socket, the data will be
  1184. * in 's' (null-terminated if non-binary), the length will be returned
  1185. * in len, and the socket number will be returned.
  1186. * normal sockets have their input buffered, and each call to sockgets
  1187. * will return one line terminated with a '\n'. binary sockets are not
  1188. * buffered and return whatever coems in as soon as it arrives.
  1189. * listening sockets will return an empty string when a connection comes in.
  1190. * connecting sockets will return an empty string on a successful connect,
  1191. * or EOF on a failed connect.
  1192. * if an EOF is detected from any of the sockets, that socket number will be
  1193. * put in len, and -1 will be returned.
  1194. * the maximum length of the string returned is 512 (including null)
  1195. *
  1196. * Returns -4 if we handled something that shouldn't be handled by the
  1197. * dcc functions. Simply ignore it.
  1198. */
  1199. int sockgets(char *s, int *len)
  1200. {
  1201. char xx[SGRAB + 3] = "", *p = NULL, *px = NULL;
  1202. int ret, i, data = 0, grab = SGRAB+1;
  1203. for (i = 0; i < MAXSOCKS; i++) {
  1204. /* Check for stored-up data waiting to be processed */
  1205. if (!(socklist[i].flags & SOCK_UNUSED) &&
  1206. !(socklist[i].flags & SOCK_BUFFER) && (socklist[i].inbuf != NULL)) {
  1207. if (!(socklist[i].flags & SOCK_BINARY)) {
  1208. /* look for \r too cos windows can't follow RFCs */
  1209. p = strchr(socklist[i].inbuf, '\n');
  1210. if (p == NULL)
  1211. p = strchr(socklist[i].inbuf, '\r');
  1212. if (p != NULL) {
  1213. *p = 0;
  1214. if (strlen(socklist[i].inbuf) > (grab - 2))
  1215. socklist[i].inbuf[(grab - 2)] = 0;
  1216. strcpy(s, socklist[i].inbuf);
  1217. px = (char *) calloc(1, strlen(p + 1) + 1);
  1218. strcpy(px, p + 1);
  1219. free(socklist[i].inbuf);
  1220. if (px[0])
  1221. socklist[i].inbuf = px;
  1222. else {
  1223. free(px);
  1224. socklist[i].inbuf = NULL;
  1225. }
  1226. /* Strip CR if this was CR/LF combo */
  1227. if (s[strlen(s) - 1] == '\r')
  1228. s[strlen(s) - 1] = 0;
  1229. if (socklist[i].encstatus && (strlen(s) > 0))
  1230. botlink_decrypt(i, s);
  1231. *len = strlen(s);
  1232. return socklist[i].sock;
  1233. }
  1234. } else {
  1235. /* Handling buffered binary data (must have been SOCK_BUFFER before). */
  1236. if (socklist[i].inbuflen <= (grab - 2)) {
  1237. *len = socklist[i].inbuflen;
  1238. egg_memcpy(s, socklist[i].inbuf, socklist[i].inbuflen);
  1239. free(socklist[i].inbuf);
  1240. socklist[i].inbuf = NULL;
  1241. socklist[i].inbuflen = 0;
  1242. } else {
  1243. /* Split up into chunks of grab bytes. */
  1244. *len = (grab - 2);
  1245. egg_memcpy(s, socklist[i].inbuf, *len);
  1246. egg_memcpy(socklist[i].inbuf, socklist[i].inbuf + *len, *len);
  1247. socklist[i].inbuflen -= *len;
  1248. socklist[i].inbuf = realloc(socklist[i].inbuf, socklist[i].inbuflen);
  1249. }
  1250. return socklist[i].sock;
  1251. }
  1252. }
  1253. /* Also check any sockets that might have EOF'd during write */
  1254. if (!(socklist[i].flags & SOCK_UNUSED)
  1255. && (socklist[i].flags & SOCK_EOFD)) {
  1256. s[0] = 0;
  1257. *len = socklist[i].sock;
  1258. return -1;
  1259. }
  1260. }
  1261. /* No pent-up data of any worth -- down to business */
  1262. *len = 0;
  1263. ret = sockread(xx, len);
  1264. if (ret < 0) {
  1265. s[0] = 0;
  1266. return ret;
  1267. }
  1268. /* Binary, listening and passed on sockets don't get buffered. */
  1269. if (socklist[ret].flags & SOCK_CONNECT) {
  1270. if (socklist[ret].flags & SOCK_STRONGCONN) {
  1271. socklist[ret].flags &= ~SOCK_STRONGCONN;
  1272. /* Buffer any data that came in, for future read. */
  1273. socklist[ret].inbuflen = *len;
  1274. socklist[ret].inbuf = (char *) calloc(1, *len + 1);
  1275. /* It might be binary data. You never know. */
  1276. egg_memcpy(socklist[ret].inbuf, xx, *len);
  1277. socklist[ret].inbuf[*len] = 0;
  1278. }
  1279. socklist[ret].flags &= ~SOCK_CONNECT;
  1280. s[0] = 0;
  1281. return socklist[ret].sock;
  1282. }
  1283. if (socklist[ret].flags & SOCK_BINARY) {
  1284. egg_memcpy(s, xx, *len);
  1285. return socklist[ret].sock;
  1286. }
  1287. if ((socklist[ret].flags & SOCK_LISTEN) || (socklist[ret].flags & SOCK_PASS))
  1288. return socklist[ret].sock;
  1289. if (socklist[ret].flags & SOCK_BUFFER) {
  1290. socklist[ret].inbuf = (char *) realloc(socklist[ret].inbuf,
  1291. socklist[ret].inbuflen + *len + 1);
  1292. egg_memcpy(socklist[ret].inbuf + socklist[ret].inbuflen, xx, *len);
  1293. socklist[ret].inbuflen += *len;
  1294. /* We don't know whether it's binary data. Make sure normal strings
  1295. will be handled properly later on too. */
  1296. socklist[ret].inbuf[socklist[ret].inbuflen] = 0;
  1297. return -4; /* Ignore this one. */
  1298. }
  1299. /* Might be necessary to prepend stored-up data! */
  1300. if (socklist[ret].inbuf != NULL) {
  1301. p = socklist[ret].inbuf;
  1302. socklist[ret].inbuf = (char *) calloc(1, strlen(p) + strlen(xx) + 1);
  1303. strcpy(socklist[ret].inbuf, p);
  1304. strcat(socklist[ret].inbuf, xx);
  1305. free(p);
  1306. if (strlen(socklist[ret].inbuf) < grab) {
  1307. strcpy(xx, socklist[ret].inbuf);
  1308. free(socklist[ret].inbuf);
  1309. socklist[ret].inbuf = NULL;
  1310. socklist[ret].inbuflen = 0;
  1311. } else {
  1312. p = socklist[ret].inbuf;
  1313. socklist[ret].inbuflen = strlen(p) - (grab - 2);
  1314. socklist[ret].inbuf = (char *) calloc(1, socklist[ret].inbuflen + 1);
  1315. strcpy(socklist[ret].inbuf, p + (grab - 2));
  1316. *(p + (grab - 2)) = 0;
  1317. strcpy(xx, p);
  1318. free(p);
  1319. /* (leave the rest to be post-pended later) */
  1320. }
  1321. }
  1322. /* Look for EOL marker; if it's there, i have something to show */
  1323. p = strchr(xx, '\n');
  1324. if (p == NULL)
  1325. p = strchr(xx, '\r');
  1326. if (p != NULL) {
  1327. *p = 0;
  1328. strcpy(s, xx);
  1329. /* strcpy(xx, p + 1); */
  1330. sprintf(xx, "%s", p + 1);
  1331. if (s[0] && strlen(s) && (s[strlen(s) - 1] == '\r'))
  1332. s[strlen(s) - 1] = 0;
  1333. data = 1; /* DCC_CHAT may now need to process a blank line */
  1334. /* NO! */
  1335. /* if (!s[0]) strcpy(s," "); */
  1336. } else {
  1337. s[0] = 0;
  1338. if (strlen(xx) >= (grab - 2)) {
  1339. /* String is too long, so just insert fake \n */
  1340. strcpy(s, xx);
  1341. xx[0] = 0;
  1342. data = 1;
  1343. }
  1344. }
  1345. if (socklist[ret].encstatus && (strlen(s) > 0))
  1346. botlink_decrypt(ret, s);
  1347. *len = strlen(s);
  1348. /* Anything left that needs to be saved? */
  1349. if (!xx[0]) {
  1350. if (data)
  1351. return socklist[ret].sock;
  1352. else
  1353. return -3;
  1354. }
  1355. /* Prepend old data back */
  1356. if (socklist[ret].inbuf != NULL) {
  1357. p = socklist[ret].inbuf;
  1358. socklist[ret].inbuflen = strlen(p) + strlen(xx);
  1359. socklist[ret].inbuf = (char *) calloc(1, socklist[ret].inbuflen + 1);
  1360. strcpy(socklist[ret].inbuf, xx);
  1361. strcat(socklist[ret].inbuf, p);
  1362. free(p);
  1363. } else {
  1364. socklist[ret].inbuflen = strlen(xx);
  1365. socklist[ret].inbuf = (char *) calloc(1, socklist[ret].inbuflen + 1);
  1366. strcpy(socklist[ret].inbuf, xx);
  1367. }
  1368. if (data) {
  1369. return socklist[ret].sock;
  1370. } else {
  1371. return -3;
  1372. }
  1373. }
  1374. /* Dump something to a socket
  1375. *
  1376. * NOTE: Do NOT put Contexts in here if you want DEBUG to be meaningful!!
  1377. */
  1378. void tputs(register int z, char *s, unsigned int len)
  1379. {
  1380. register int i, x, idx;
  1381. char *p = NULL;
  1382. static int inhere = 0;
  1383. if (z < 0) /* um... HELLO?! sanity check please! */
  1384. return;
  1385. if (((z == STDOUT) || (z == STDERR)) && (!backgrd || use_stderr)) {
  1386. write(z, s, len);
  1387. return;
  1388. }
  1389. for (i = 0; i < MAXSOCKS; i++) {
  1390. if (!(socklist[i].flags & SOCK_UNUSED) && (socklist[i].sock == z)) {
  1391. for (idx = 0; idx < dcc_total; idx++) {
  1392. if ((dcc[idx].sock == z) && dcc[idx].type && dcc[idx].type->name) {
  1393. if (!strncmp(dcc[idx].type->name, "BOT", 3))
  1394. traffic.out_today.bn += len;
  1395. else if (!strcmp(dcc[idx].type->name, "SERVER"))
  1396. traffic.out_today.irc += len;
  1397. else if (!strncmp(dcc[idx].type->name, "CHAT", 4))
  1398. traffic.out_today.dcc += len;
  1399. else if (!strncmp(dcc[idx].type->name, "FILES", 5))
  1400. traffic.out_today.filesys += len;
  1401. else if (!strcmp(dcc[idx].type->name, "SEND"))
  1402. traffic.out_today.trans += len;
  1403. else if (!strncmp(dcc[idx].type->name, "GET", 3))
  1404. traffic.out_today.trans += len;
  1405. else
  1406. traffic.out_today.unknown += len;
  1407. break;
  1408. }
  1409. }
  1410. if (socklist[i].encstatus && (strlen(s) > 0)) {
  1411. s = botlink_encrypt(i, s);
  1412. len = strlen(s);
  1413. }
  1414. if (socklist[i].outbuf != NULL) {
  1415. /* Already queueing: just add it */
  1416. p = (char *) realloc(socklist[i].outbuf, socklist[i].outbuflen + len);
  1417. egg_memcpy(p + socklist[i].outbuflen, s, len);
  1418. socklist[i].outbuf = p;
  1419. socklist[i].outbuflen += len;
  1420. if (socklist[i].encstatus && s)
  1421. free(s);
  1422. return;
  1423. }
  1424. /* Try. */
  1425. #ifdef HAVE_SSL
  1426. if (socklist[i].ssl) {
  1427. x = SSL_write(socklist[i].ssl, s, len);
  1428. if (x < 0) {
  1429. int err = SSL_get_error(socklist[i].ssl, x);
  1430. x = -1;
  1431. switch (err) {
  1432. case SSL_ERROR_WANT_READ:
  1433. errno = EAGAIN;
  1434. break;
  1435. case SSL_ERROR_WANT_WRITE:
  1436. errno = EAGAIN;
  1437. break;
  1438. case SSL_ERROR_WANT_X509_LOOKUP:
  1439. errno = EAGAIN;
  1440. break;
  1441. }
  1442. }
  1443. } else
  1444. #endif /* HAVE_SSL */
  1445. #ifdef HAVE_ZLIB_H
  1446. /*
  1447. if (socklist[i].gz) {
  1448. FILE *fp;
  1449. fp = gzdopen(z, "wb0");
  1450. x = gzwrite(fp, s, len);
  1451. } else
  1452. */
  1453. #endif /* HAVE_ZLIB_H */
  1454. x = write(z, s, len);
  1455. if (x == -1)
  1456. x = 0;
  1457. if (x < len) {
  1458. /* Socket is full, queue it */
  1459. socklist[i].outbuf = (char *) calloc(1, len - x);
  1460. egg_memcpy(socklist[i].outbuf, &s[x], len - x);
  1461. socklist[i].outbuflen = len - x;
  1462. }
  1463. if (socklist[i].encstatus && s)
  1464. free(s);
  1465. return;
  1466. }
  1467. }
  1468. /* Make sure we don't cause a crash by looping here */
  1469. if (!inhere) {
  1470. inhere = 1;
  1471. putlog(LOG_MISC, "*", "!!! writing to nonexistent socket: %d", z);
  1472. s[strlen(s) - 1] = 0;
  1473. putlog(LOG_MISC, "*", "!-> '%s'", s);
  1474. inhere = 0;
  1475. }
  1476. /* if (socklist[i].encstatus > 0)
  1477. free(s);
  1478. */
  1479. }
  1480. static int findanyidx(register int z)
  1481. {
  1482. register int j;
  1483. for (j = 0; j < dcc_total; j++)
  1484. if (dcc[j].sock == z)
  1485. return j;
  1486. return -1;
  1487. }
  1488. /* tputs might queue data for sockets, let's dump as much of it as
  1489. * possible.
  1490. */
  1491. void dequeue_sockets()
  1492. {
  1493. int i, x;
  1494. int z = 0, fds = 0;
  1495. fd_set wfds;
  1496. struct timeval tv;
  1497. /* ^-- start poptix test code, this should avoid writes to sockets not ready to be written to. */
  1498. FD_ZERO(&wfds);
  1499. tv.tv_sec = 0;
  1500. tv.tv_usec = 0; /* we only want to see if it's ready for writing, no need to actually wait.. */
  1501. for (i = 0; i < MAXSOCKS; i++) {
  1502. if (!(socklist[i].flags & SOCK_UNUSED) && socklist[i].outbuf != NULL) {
  1503. FD_SET(socklist[i].sock, &wfds);
  1504. if (socklist[i].sock > fds)
  1505. fds = socklist[i].sock;
  1506. z = 1;
  1507. }
  1508. }
  1509. if (!z)
  1510. return; /* nothing to write */
  1511. fds++;
  1512. select(fds, NULL, &wfds, NULL, &tv);
  1513. /* end poptix */
  1514. for (i = 0; i < MAXSOCKS; i++) {
  1515. if (!(socklist[i].flags & SOCK_UNUSED) &&
  1516. (socklist[i].outbuf != NULL) && (FD_ISSET(socklist[i].sock, &wfds))) {
  1517. /* Trick tputs into doing the work */
  1518. errno = 0;
  1519. #ifdef HAVE_SSL
  1520. if (socklist[i].ssl) {
  1521. x = write(socklist[i].sock, socklist[i].outbuf, socklist[i].outbuflen);
  1522. if (x < 0) {
  1523. int err = SSL_get_error(socklist[i].ssl, x);
  1524. x = -1;
  1525. switch (err) {
  1526. case SSL_ERROR_WANT_READ:
  1527. errno = EAGAIN;
  1528. break;
  1529. case SSL_ERROR_WANT_WRITE:
  1530. errno = EAGAIN;
  1531. break;
  1532. case SSL_ERROR_WANT_X509_LOOKUP:
  1533. errno = EAGAIN;
  1534. break;
  1535. }
  1536. }
  1537. } else
  1538. #endif /* HAVE_SSL */
  1539. x = write(socklist[i].sock, socklist[i].outbuf, socklist[i].outbuflen);
  1540. if ((x < 0) && (errno != EAGAIN)
  1541. #ifdef EBADSLT
  1542. && (errno != EBADSLT)
  1543. #endif /* EBADSLT */
  1544. #ifdef ENOTCONN
  1545. && (errno != ENOTCONN)
  1546. #endif /* EBADSLT */
  1547. ) {
  1548. /* This detects an EOF during writing */
  1549. debug3(STR("net: eof!(write) socket %d (%s,%d)"), socklist[i].sock,
  1550. strerror(errno), errno);
  1551. socklist[i].flags |= SOCK_EOFD;
  1552. } else if (x == socklist[i].outbuflen) {
  1553. /* If the whole buffer was sent, nuke it */
  1554. free(socklist[i].outbuf);
  1555. socklist[i].outbuf = NULL;
  1556. socklist[i].outbuflen = 0;
  1557. } else if (x > 0) {
  1558. char *p = socklist[i].outbuf;
  1559. /* This removes any sent bytes from the beginning of the buffer */
  1560. socklist[i].outbuf = (char *) calloc(1, socklist[i].outbuflen - x);
  1561. egg_memcpy(socklist[i].outbuf, p + x, socklist[i].outbuflen - x);
  1562. socklist[i].outbuflen -= x;
  1563. free(p);
  1564. } else {
  1565. debug3(STR("dequeue_sockets(): errno = %d (%s) on %d"), errno,
  1566. strerror(errno), socklist[i].sock);
  1567. }
  1568. /* All queued data was sent. Call handler if one exists and the
  1569. * dcc entry wants it.
  1570. */
  1571. if (!socklist[i].outbuf) {
  1572. int idx = findanyidx(socklist[i].sock);
  1573. if (idx > 0 && dcc[idx].type && dcc[idx].type->outdone)
  1574. dcc[idx].type->outdone(idx);
  1575. }
  1576. }
  1577. }
  1578. }
  1579. /*
  1580. * Debugging stuff
  1581. */
  1582. void tell_netdebug(int idx)
  1583. {
  1584. int i;
  1585. char s[80] = "";
  1586. dprintf(idx, "Open sockets:");
  1587. for (i = 0; i < MAXSOCKS; i++) {
  1588. if (!(socklist[i].flags & SOCK_UNUSED)) {
  1589. sprintf(s, " %d", socklist[i].sock);
  1590. if (socklist[i].flags & SOCK_BINARY)
  1591. strcat(s, " (binary)");
  1592. if (socklist[i].flags & SOCK_LISTEN)
  1593. strcat(s, " (listen)");
  1594. if (socklist[i].flags & SOCK_PASS)
  1595. strcat(s, " (passed on)");
  1596. if (socklist[i].flags & SOCK_CONNECT)
  1597. strcat(s, " (connecting)");
  1598. if (socklist[i].flags & SOCK_STRONGCONN)
  1599. strcat(s, " (strong)");
  1600. if (socklist[i].flags & SOCK_NONSOCK)
  1601. strcat(s, " (file)");
  1602. if (socklist[i].inbuf != NULL)
  1603. sprintf(&s[strlen(s)], " (inbuf: %04X)", strlen(socklist[i].inbuf));
  1604. if (socklist[i].outbuf != NULL)
  1605. sprintf(&s[strlen(s)], " (outbuf: %06lX)", socklist[i].outbuflen);
  1606. strcat(s, ",");
  1607. dprintf(idx, "%s", s);
  1608. }
  1609. }
  1610. dprintf(idx, " done.\n");
  1611. }
  1612. /* Security-flavoured sanity checking on DCC connections of all sorts can be
  1613. * done with this routine. Feed it the proper information from your DCC
  1614. * before you attempt the connection, and this will make an attempt at
  1615. * figuring out if the connection is really that person, or someone screwing
  1616. * around. It's not foolproof, but anything that fails this check probably
  1617. * isn't going to work anyway due to masquerading firewalls, NAT routers,
  1618. * or bugs in mIRC.
  1619. */
  1620. int sanitycheck_dcc(char *nick, char *from, char *ipaddy, char *port)
  1621. {
  1622. /* According to the latest RFC, the clients SHOULD be able to handle
  1623. * DNS names that are up to 255 characters long. This is not broken.
  1624. */
  1625. /* This function needs to be updated for IPv6 IP's, although it doesn't
  1626. * currently harm them (afaik)
  1627. */
  1628. char badaddress[16] = "";
  1629. IP ip = my_atoul(ipaddy);
  1630. int prt = atoi(port);
  1631. /* It is disabled HERE so we only have to check in *one* spot! */
  1632. if (!dcc_sanitycheck)
  1633. return 1;
  1634. if (prt < 1) {
  1635. putlog(LOG_MISC, "*", "ALERT: (%s!%s) specified an impossible port of %u!",
  1636. nick, from, prt);
  1637. return 0;
  1638. }
  1639. sprintf(badaddress, "%u.%u.%u.%u", (ip >> 24) & 0xff, (ip >> 16) & 0xff,
  1640. (ip >> 8) & 0xff, ip & 0xff);
  1641. if (ip < (1 << 24)) {
  1642. putlog(LOG_MISC, "*", "ALERT: (%s!%s) specified an impossible IP of %s!",
  1643. nick, from, badaddress);
  1644. return 0;
  1645. }
  1646. return 1;
  1647. }
  1648. int hostsanitycheck_dcc(char *nick, char *from, IP ip, char *dnsname,
  1649. char *prt)
  1650. {
  1651. /* According to the latest RFC, the clients SHOULD be able to handle
  1652. * DNS names that are up to 255 characters long. This is not broken.
  1653. */
  1654. char hostn[256] = "", badaddress[16] = "";
  1655. /* It is disabled HERE so we only have to check in *one* spot! */
  1656. if (!dcc_sanitycheck)
  1657. return 1;
  1658. sprintf(badaddress, "%u.%u.%u.%u", (ip >> 24) & 0xff, (ip >> 16) & 0xff,
  1659. (ip >> 8) & 0xff, ip & 0xff);
  1660. /* These should pad like crazy with zeros, since 120 bytes or so is
  1661. * where the routines providing our data currently lose interest. I'm
  1662. * using the n-variant in case someone changes that...
  1663. */
  1664. strncpyz(hostn, extracthostname(from), sizeof hostn);
  1665. if (!egg_strcasecmp(hostn, dnsname)) {
  1666. putlog(LOG_DEBUG, "*", STR("DNS information for submitted IP checks out."));
  1667. return 1;
  1668. }
  1669. if (!strcmp(badaddress, dnsname))
  1670. putlog(LOG_MISC, "*", "ALERT: (%s!%s) sent a DCC request with bogus IP "
  1671. "information of %s port %s. %s does not resolve to %s!", nick, from,
  1672. badaddress, prt, from, badaddress);
  1673. else
  1674. return 1; /* <- usually happens when we have
  1675. a user with an unresolved hostmask! */
  1676. return 0;
  1677. }
  1678. /* Checks wether the referenced socket has data queued.
  1679. *
  1680. * Returns true if the incoming/outgoing (depending on 'type') queues
  1681. * contain data, otherwise false.
  1682. */
  1683. int sock_has_data(int type, int sock)
  1684. {
  1685. int ret = 0, i;
  1686. for (i = 0; i < MAXSOCKS; i++)
  1687. if (!(socklist[i].flags & SOCK_UNUSED) && socklist[i].sock == sock)
  1688. break;
  1689. if (i < MAXSOCKS) {
  1690. switch (type) {
  1691. case SOCK_DATA_OUTGOING:
  1692. ret = (socklist[i].outbuf != NULL);
  1693. break;
  1694. case SOCK_DATA_INCOMING:
  1695. ret = (socklist[i].inbuf != NULL);
  1696. break;
  1697. }
  1698. } else
  1699. debug1(STR("sock_has_data: could not find socket #%d, returning false."), sock);
  1700. return ret;
  1701. }
  1702. /* flush_inbuf():
  1703. * checks if there's data in the incoming buffer of an connection
  1704. * and flushs the buffer if possible
  1705. *
  1706. * returns: -1 if the dcc entry wasn't found
  1707. * -2 if dcc[idx].type->activity doesn't exist and the data couldn't
  1708. * be handled
  1709. * 0 if buffer was empty
  1710. * otherwise length of flushed buffer
  1711. */
  1712. int flush_inbuf(int idx)
  1713. {
  1714. int i, len;
  1715. char *inbuf = NULL;
  1716. Assert((idx >= 0) && (idx < dcc_total));
  1717. for (i = 0; i < MAXSOCKS; i++) {
  1718. if ((dcc[idx].sock == socklist[i].sock)
  1719. && !(socklist[i].flags & SOCK_UNUSED)) {
  1720. len = socklist[i].inbuflen;
  1721. if ((len > 0) && socklist[i].inbuf) {
  1722. if (dcc[idx].type && dcc[idx].type->activity) {
  1723. inbuf = socklist[i].inbuf;
  1724. socklist[i].inbuf = NULL;
  1725. dcc[idx].type->activity(idx, inbuf, len);
  1726. free(inbuf);
  1727. return len;
  1728. } else
  1729. return -2;
  1730. } else
  1731. return 0;
  1732. }
  1733. }
  1734. return -1;
  1735. }