net.c 51 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916
  1. /*
  2. * net.c -- handles:
  3. * all raw network i/o
  4. *
  5. */
  6. #include <fcntl.h>
  7. #include "main.h"
  8. #include "proto.h"
  9. #include <limits.h>
  10. #include <string.h>
  11. #include <netdb.h>
  12. #include <signal.h>
  13. #include <sys/types.h>
  14. #include <sys/socket.h>
  15. #if HAVE_SYS_SELECT_H
  16. # include <sys/select.h>
  17. #endif
  18. #include <netinet/in.h>
  19. #include <arpa/inet.h> /* is this really necessary? */
  20. #include <errno.h>
  21. #include <sys/stat.h>
  22. extern char netpass[];
  23. #if HAVE_UNISTD_H
  24. # include <unistd.h>
  25. #endif
  26. #include <setjmp.h>
  27. #if !HAVE_GETDTABLESIZE
  28. # ifdef FD_SETSIZE
  29. # define getdtablesize() FD_SETSIZE
  30. # else
  31. # define getdtablesize() 200
  32. # endif
  33. #endif
  34. extern struct dcc_t *dcc;
  35. extern int backgrd, use_stderr, resolve_timeout, dcc_total;
  36. extern unsigned long otraffic_irc_today, otraffic_bn_today,
  37. otraffic_dcc_today, otraffic_filesys_today,
  38. otraffic_trans_today, otraffic_unknown_today;
  39. #ifdef HAVE_SSL
  40. SSL_CTX *ssl_c_ctx = NULL, *ssl_s_ctx = NULL;
  41. char *tls_rand_file = NULL;
  42. #endif /* HAVE_SSL */
  43. union sockaddr_union cached_myip4_so;
  44. #ifdef USE_IPV6
  45. union sockaddr_union cached_myip6_so;
  46. unsigned long notalloc = 0;
  47. #endif /* USE_IPV6 */
  48. char hostname[121] = ""; /* Hostname can be specified in the config
  49. file */
  50. char myip[121] = ""; /* IP can be specified in the config file */
  51. char myip6[121] = ""; /* IP can be specified in the config file */
  52. char hostname6[121] = ""; /* Hostname can be specified in the config file */
  53. char firewall[121] = ""; /* Socks server for firewall */
  54. int firewallport = 1080; /* Default port of Sock4/5 firewalls */
  55. char botuser[21] = "wraith"; /* Username of the user running the bot */
  56. int dcc_sanitycheck = 0; /* We should do some sanity checking on dcc
  57. connections. */
  58. sock_list *socklist = NULL; /* Enough to be safe */
  59. int MAXSOCKS = 0;
  60. jmp_buf alarmret; /* Env buffer for alarm() returns */
  61. /* Types of proxy */
  62. #define PROXY_SOCKS 1
  63. #define PROXY_SUN 2
  64. /* I need an UNSIGNED long for dcc type stuff
  65. */
  66. IP my_atoul(char *s)
  67. {
  68. IP ret = 0;
  69. while ((*s >= '0') && (*s <= '9')) {
  70. ret *= 10;
  71. ret += ((*s) - '0');
  72. s++;
  73. }
  74. return ret;
  75. }
  76. int hostprotocol(char *host)
  77. {
  78. #ifdef USE_IPV6
  79. struct hostent *he;
  80. # ifndef HAVE_GETHOSTBYNAME2
  81. int error_num;
  82. # endif /* !HAVE_GETHOSTBYNAME2 */
  83. if (!setjmp(alarmret)) {
  84. alarm(resolve_timeout);
  85. # ifdef HAVE_GETHOSTBYNAME2
  86. he = gethostbyname2(host, AF_INET6);
  87. # else
  88. he = getipnodebyname(host, AF_INET6, AI_DEFAULT, &error_num);
  89. # endif /* HAVE_GETHOSTBYNAME2 */
  90. alarm(0);
  91. } else
  92. he = NULL;
  93. if (!he)
  94. return AF_INET;
  95. return AF_INET6;
  96. #else
  97. return 0;
  98. #endif /* USE_IPV6 */
  99. }
  100. /* get the protocol used on a socket */
  101. int sockprotocol(int socket)
  102. {
  103. struct sockaddr sa;
  104. int i = sizeof(sa);
  105. if (getsockname(socket, &sa, &i))
  106. return -1;
  107. else
  108. return sa.sa_family;
  109. }
  110. /* AF_INET-independent resolving routine */
  111. int get_ip(char *hostname, union sockaddr_union *so)
  112. {
  113. #ifdef USE_IPV6
  114. struct addrinfo hints, *ai, *res;
  115. int error;
  116. #else
  117. struct hostent *hp;
  118. #endif /* USE_IPV6 */
  119. memset(so, 0, sizeof(union sockaddr_union));
  120. debug1("get_ip(%s)", hostname);
  121. if (!hostname || !hostname[0])
  122. return 1;
  123. #ifdef USE_IPV6
  124. memset(&hints, 0, sizeof(struct addrinfo));
  125. hints.ai_socktype = SOCK_STREAM;
  126. if ((error = getaddrinfo(hostname, NULL, &hints, &res)))
  127. return error;
  128. error = 1;
  129. for (ai = res; ai != NULL; ai = ai->ai_next) {
  130. if ((ai->ai_family == AF_INET6) || (ai->ai_family == AF_INET)) {
  131. memcpy(so, ai->ai_addr, sizeof(union sockaddr_union));
  132. error = 0;
  133. break;
  134. }
  135. }
  136. freeaddrinfo(res);
  137. return error;
  138. #else
  139. if (!(hp = gethostbyname(hostname)))
  140. return -1;
  141. memcpy(&so->sin.sin_addr, hp->h_addr, 4);
  142. so->sin.sin_family = AF_INET;
  143. return 0;
  144. #endif /* USE_IPV6 */
  145. }
  146. #ifdef HAVE_SSL
  147. int seed_PRNG(void)
  148. {
  149. char stackdata[1024];
  150. static char rand_file[300];
  151. FILE *fh = 0;
  152. #if OPENSSL_VERSION_NUMBER >= 0x00905100
  153. if (RAND_status()) return 0;
  154. #endif
  155. if ((fh = fopen("/dev/urandom", "r"))) {
  156. fclose(fh);
  157. return 0;
  158. }
  159. if (RAND_file_name(rand_file, sizeof(rand_file)))
  160. tls_rand_file = rand_file;
  161. else
  162. return 1;
  163. if (!RAND_load_file(rand_file, 1024)) {
  164. unsigned int c;
  165. c = time(NULL);
  166. RAND_seed(&c, sizeof(c));
  167. c = getpid();
  168. RAND_seed(&c, sizeof(c));
  169. RAND_seed(stackdata, sizeof(stackdata));
  170. }
  171. #if OPENSSL_VERSION_NUMBER >= 0x00905100
  172. if (!RAND_status()) return 2;
  173. #endif /* OPENSSL_VERSION_NUMBER >= 0x00905100 */
  174. return 0;
  175. }
  176. #endif /* HAVE_SSL */
  177. /* Initialize the socklist
  178. */
  179. void init_net()
  180. {
  181. int i;
  182. for (i = 0; i < MAXSOCKS; i++) {
  183. bzero(&socklist[i], sizeof(socklist[i]));
  184. #ifdef HAVE_SSL
  185. socklist[i].ssl=NULL;
  186. #endif /* HAVE_SSL */
  187. socklist[i].flags = SOCK_UNUSED;
  188. }
  189. #ifdef HAVE_SSL
  190. SSL_load_error_strings();
  191. OpenSSL_add_ssl_algorithms();
  192. ssl_c_ctx = SSL_CTX_new(SSLv23_client_method());
  193. ssl_s_ctx = SSL_CTX_new(SSLv23_server_method());
  194. if (!ssl_c_ctx || !ssl_s_ctx)
  195. fatal("SSL Inititlization failed", 0);
  196. if (seed_PRNG())
  197. fatal("SSL PRNG seeding failed!", 0);
  198. #endif /* HAVE_SSL */
  199. }
  200. #ifdef HAVE_SSL
  201. int ssl_cleanup() {
  202. if (ssl_c_ctx) {
  203. SSL_CTX_free(ssl_c_ctx);
  204. ssl_c_ctx = NULL;
  205. }
  206. if (ssl_s_ctx) {
  207. SSL_CTX_free(ssl_s_ctx);
  208. ssl_s_ctx = NULL;
  209. }
  210. if (tls_rand_file) RAND_write_file(tls_rand_file);
  211. return 0;
  212. }
  213. #endif /* HAVE_SSL */
  214. int expmem_net()
  215. {
  216. int i, tot = 0;
  217. for (i = 0; i < MAXSOCKS; i++) {
  218. if (!(socklist[i].flags & SOCK_UNUSED)) {
  219. if (socklist[i].inbuf != NULL)
  220. tot += strlen(socklist[i].inbuf) + 1;
  221. if (socklist[i].outbuf != NULL)
  222. tot += socklist[i].outbuflen;
  223. }
  224. }
  225. return tot;
  226. }
  227. /* Get my ipv? ip
  228. */
  229. char *myipstr(int af_type)
  230. {
  231. #ifdef USE_IPV6
  232. if (af_type == 6) {
  233. static char s[UHOSTLEN + 1];
  234. egg_inet_ntop(AF_INET6, &cached_myip6_so.sin6.sin6_addr, s, 119);
  235. s[120] = 0;
  236. return s;
  237. } else
  238. #endif /* USE_IPV6 */
  239. if (af_type == 4) {
  240. static char s[UHOSTLEN + 1];
  241. egg_inet_ntop(AF_INET, &cached_myip4_so.sin.sin_addr, s, 119);
  242. s[120] = 0;
  243. return s;
  244. }
  245. return "";
  246. }
  247. /* Get my ip number
  248. */
  249. IP getmyip() {
  250. return (IP) cached_myip4_so.sin.sin_addr.s_addr;
  251. }
  252. /* see if it's necessary to set inaddr_any... because if we can't resolve, we die anyway */
  253. void cache_my_ip()
  254. {
  255. char s[121];
  256. int error;
  257. #ifdef USE_IPV6
  258. int any = 0;
  259. #endif /* USE_IPV6 */
  260. debug0("cache_my_ip()");
  261. memset(&cached_myip4_so, 0, sizeof(union sockaddr_union));
  262. #ifdef USE_IPV6
  263. memset(&cached_myip6_so, 0, sizeof(union sockaddr_union));
  264. if (myip6 != NULL && myip6[1]) {
  265. sdprintf("myip6: %s", myip6);
  266. if (get_ip(myip6, &cached_myip6_so))
  267. any = 1;
  268. } else if (hostname != NULL && hostname6[1]) {
  269. sdprintf("myhostname6: %s", hostname6);
  270. if (get_ip(hostname6, &cached_myip6_so))
  271. any = 1;
  272. } else
  273. any = 1;
  274. if (any) {
  275. sdprintf("IPV6 addr_any is set.");
  276. cached_myip6_so.sin6.sin6_family = AF_INET6;
  277. cached_myip6_so.sin6.sin6_addr = in6addr_any;
  278. }
  279. #endif /* USE_IPV6 */
  280. error = 0;
  281. if (myip[0]) {
  282. if (get_ip(myip, &cached_myip4_so))
  283. error = 1;
  284. } else if (hostname[0]) {
  285. if (get_ip(hostname, &cached_myip4_so))
  286. error = 2;
  287. } else {
  288. gethostname(s, 120);
  289. if (get_ip(hostname, &cached_myip4_so)) {
  290. // error = 3;
  291. cached_myip4_so.sin.sin_family = AF_INET;
  292. cached_myip4_so.sin.sin_addr.s_addr = INADDR_ANY;
  293. }
  294. }
  295. if (error) {
  296. putlog(LOG_DEBUG, "*", "Hostname self-lookup error: %d", error);
  297. fatal("Hostname self-lookup failed.", 0);
  298. }
  299. }
  300. void neterror(char *s)
  301. {
  302. switch (errno) {
  303. case EADDRINUSE:
  304. strcpy(s, "Address already in use");
  305. break;
  306. case EADDRNOTAVAIL:
  307. strcpy(s, "Address invalid on remote machine");
  308. break;
  309. case EAFNOSUPPORT:
  310. strcpy(s, "Address family not supported");
  311. break;
  312. case EALREADY:
  313. strcpy(s, "Socket already in use");
  314. break;
  315. case EBADF:
  316. strcpy(s, "Socket descriptor is bad");
  317. break;
  318. case ECONNREFUSED:
  319. strcpy(s, "Connection refused");
  320. break;
  321. case EFAULT:
  322. strcpy(s, "Namespace segment violation");
  323. break;
  324. case EINPROGRESS:
  325. strcpy(s, "Operation in progress");
  326. break;
  327. case EINTR:
  328. strcpy(s, "Timeout");
  329. break;
  330. case EINVAL:
  331. strcpy(s, "Invalid namespace");
  332. break;
  333. case EISCONN:
  334. strcpy(s, "Socket already connected");
  335. break;
  336. case ENETUNREACH:
  337. strcpy(s, "Network unreachable");
  338. break;
  339. case ENOTSOCK:
  340. strcpy(s, "File descriptor, not a socket");
  341. break;
  342. case ETIMEDOUT:
  343. strcpy(s, "Connection timed out");
  344. break;
  345. case ENOTCONN:
  346. strcpy(s, "Socket is not connected");
  347. break;
  348. case EHOSTUNREACH:
  349. strcpy(s, "Host is unreachable");
  350. break;
  351. case EPIPE:
  352. strcpy(s, "Broken pipe");
  353. break;
  354. #ifdef ECONNRESET
  355. case ECONNRESET:
  356. strcpy(s, "Connection reset by peer");
  357. break;
  358. #endif
  359. #ifdef EACCES
  360. case EACCES:
  361. strcpy(s, "Permission denied");
  362. break;
  363. #endif
  364. #ifdef EMFILE
  365. case EMFILE:
  366. strcpy(s, "Too many open files");
  367. break;
  368. #endif
  369. case 0:
  370. strcpy(s, "Error 0");
  371. break;
  372. default:
  373. sprintf(s, "Unforseen error %d", errno);
  374. break;
  375. }
  376. }
  377. /* Sets/Unsets options for a specific socket.
  378. *
  379. * Returns: 0 - on success
  380. * -1 - socket not found
  381. * -2 - illegal operation
  382. */
  383. int sockoptions(int sock, int operation, int sock_options)
  384. {
  385. int i;
  386. for (i = 0; i < MAXSOCKS; i++)
  387. if ((socklist[i].sock == sock) && !(socklist[i].flags & SOCK_UNUSED)) {
  388. if (operation == EGG_OPTION_SET)
  389. socklist[i].flags |= sock_options;
  390. else if (operation == EGG_OPTION_UNSET)
  391. socklist[i].flags &= ~sock_options;
  392. else
  393. return -2;
  394. return 0;
  395. }
  396. return -1;
  397. }
  398. /* Return a free entry in the socket entry
  399. */
  400. int allocsock(int sock, int options)
  401. {
  402. int i;
  403. for (i = 0; i < MAXSOCKS; i++) {
  404. if (socklist[i].flags & SOCK_UNUSED) {
  405. /* yay! there is table space */
  406. socklist[i].inbuf = socklist[i].outbuf = NULL;
  407. socklist[i].inbuflen = socklist[i].outbuflen = 0;
  408. #ifdef HAVE_SSL
  409. socklist[i].ssl = NULL;
  410. #endif /* HAVE_SSL */
  411. socklist[i].flags = options;
  412. socklist[i].sock = sock;
  413. socklist[i].encstatus = 0;
  414. socklist[i].gz = 0;
  415. egg_bzero(&socklist[i].okey, sizeof(socklist[i].okey));
  416. egg_bzero(&socklist[i].ikey, sizeof(socklist[i].ikey));
  417. return i;
  418. }
  419. }
  420. fatal("Socket table is full!", 0);
  421. return -1; /* Never reached */
  422. }
  423. /* Request a normal socket for i/o
  424. */
  425. void setsock(int sock, int options)
  426. {
  427. int i = allocsock(sock, options), parm;
  428. if (((sock != STDOUT) || backgrd) && !(socklist[i].flags & SOCK_NONSOCK)) {
  429. parm = 1;
  430. setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, (void *) &parm, sizeof(int));
  431. parm = 0;
  432. setsockopt(sock, SOL_SOCKET, SO_LINGER, (void *) &parm, sizeof(int));
  433. }
  434. if (options & SOCK_LISTEN) {
  435. /* Tris says this lets us grab the same port again next time */
  436. parm = 1;
  437. setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *) &parm, sizeof(int));
  438. }
  439. /* Yay async i/o ! */
  440. fcntl(sock, F_SETFL, O_NONBLOCK);
  441. }
  442. #ifdef USE_IPV6
  443. int getsock(int options, int af_def)
  444. {
  445. #else
  446. int getsock(int options)
  447. {
  448. int af_def = AF_INET;
  449. #endif /* USE_IPV6 */
  450. int sock;
  451. sock = socket(af_def, SOCK_STREAM, 0);
  452. if (sock >= 0)
  453. setsock(sock, options);
  454. else
  455. putlog(LOG_MISC, "*", "Warning: Can't create new socket!");
  456. return sock;
  457. }
  458. void dropssl(register int sock)
  459. {
  460. #ifdef HAVE_SSL
  461. int i;
  462. if (sock < 0)
  463. return;
  464. for (i = 0; (i < MAXSOCKS); i++)
  465. if (socklist[i].sock == sock) break;
  466. if (socklist[i].ssl) {
  467. SSL_set_quiet_shutdown(socklist[i].ssl, 1);
  468. SSL_shutdown(socklist[i].ssl);
  469. usleep(1000 * 500);
  470. SSL_free(socklist[i].ssl);
  471. usleep(1000 * 500);
  472. socklist[i].ssl = NULL;
  473. }
  474. #endif /* HAVE_SSL */
  475. }
  476. /* Done with a socket
  477. */
  478. void real_killsock(register int sock, const char *file, int line)
  479. {
  480. register int i;
  481. /* Ignore invalid sockets. */
  482. if (sock < 0)
  483. return;
  484. for (i = 0; i < MAXSOCKS; i++) {
  485. if ((socklist[i].sock == sock) && !(socklist[i].flags & SOCK_UNUSED)) {
  486. dropssl(sock);
  487. close(socklist[i].sock);
  488. if (socklist[i].inbuf != NULL) {
  489. nfree(socklist[i].inbuf);
  490. socklist[i].inbuf = NULL;
  491. }
  492. if (socklist[i].outbuf != NULL) {
  493. nfree(socklist[i].outbuf);
  494. socklist[i].outbuf = NULL;
  495. socklist[i].outbuflen = 0;
  496. }
  497. egg_bzero(&socklist[i],sizeof(socklist[i]));
  498. socklist[i].flags = SOCK_UNUSED;
  499. return;
  500. }
  501. }
  502. putlog(LOG_MISC, "*", "Attempt to kill un-allocated socket %d %s:%d !!", sock, file, line);
  503. }
  504. /* Send connection request to proxy
  505. */
  506. static int proxy_connect(int sock, char *host, int port, int proxy)
  507. {
  508. #ifdef USE_IPV6
  509. unsigned char x[32];
  510. int af_ty;
  511. #else
  512. unsigned char x[10];
  513. #endif /* USE_IPV6 */
  514. struct hostent *hp;
  515. char s[256];
  516. int i;
  517. #ifdef USE_IPV6
  518. af_ty = sockprotocol(sock);
  519. #endif /* USE_IPV6 */
  520. /* socks proxy */
  521. if (proxy == PROXY_SOCKS) {
  522. /* numeric IP? */
  523. #ifdef USE_IPV6
  524. if ((host[strlen(host) - 1] >= '0' && host[strlen(host) - 1] <= '9') && af_ty != AF_INET6) {
  525. #else
  526. if (host[strlen(host) - 1] >= '0' && host[strlen(host) - 1] <= '9') {
  527. #endif /* USE_IPV6 */
  528. IP ip = ((IP) inet_addr(host));
  529. egg_memcpy(x, &ip, 4);
  530. } else {
  531. /* no, must be host.domain */
  532. if (!setjmp(alarmret)) {
  533. #ifdef USE_IPV6
  534. alarm(resolve_timeout);
  535. if (af_ty == AF_INET6)
  536. hp = gethostbyname(host);
  537. else
  538. #endif /* USE_IPV6 */
  539. hp = gethostbyname(host);
  540. #ifdef USE_IPV6
  541. alarm(0);
  542. #endif /* USE_IPV6 */
  543. } else
  544. hp = NULL;
  545. if (hp == NULL) {
  546. killsock(sock);
  547. return -2;
  548. }
  549. egg_memcpy(x, hp->h_addr, hp->h_length);
  550. }
  551. for (i = 0; i < MAXSOCKS; i++)
  552. if (!(socklist[i].flags & SOCK_UNUSED) && socklist[i].sock == sock)
  553. socklist[i].flags |= SOCK_PROXYWAIT; /* drummer */
  554. #ifdef USE_IPV6
  555. if (af_ty == AF_INET6)
  556. egg_snprintf(s, sizeof s,
  557. "\004\001%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%s",
  558. (port >> 8) % 256, (port % 256), x[0], x[1], x[2], x[3],
  559. x[4], x[5], x[6], x[7], x[9], x[9], x[10], x[11], x[12],
  560. x[13], x[14], x[15], botuser);
  561. else
  562. #endif /* USE_IPV6 */
  563. egg_snprintf(s, sizeof s, "\004\001%c%c%c%c%c%c%s", (port >> 8) % 256,
  564. (port % 256), x[0], x[1], x[2], x[3], botuser);
  565. tputs(sock, s, strlen(botuser) + 9); /* drummer */
  566. } else if (proxy == PROXY_SUN) {
  567. egg_snprintf(s, sizeof s, "%s %d\n", host, port);
  568. tputs(sock, s, strlen(s)); /* drummer */
  569. }
  570. return sock;
  571. }
  572. /* Starts a connection attempt to a socket
  573. *
  574. * If given a normal hostname, this will be resolved to the corresponding
  575. * IP address first. PLEASE try to use the non-blocking dns functions
  576. * instead and then call this function with the IP address to avoid blocking.
  577. *
  578. * returns <0 if connection refused:
  579. * -1 neterror() type error
  580. * -2 can't resolve hostname
  581. */
  582. int open_telnet_raw(int sock, char *server, int sport)
  583. {
  584. union sockaddr_union so;
  585. char host[121];
  586. int i, error, port, rc;
  587. volatile int proxy;
  588. /* firewall? use socks */
  589. if (firewall[0]) {
  590. if (firewall[0] == '!') {
  591. proxy = PROXY_SUN;
  592. strcpy(host, &firewall[1]);
  593. } else {
  594. proxy = PROXY_SOCKS;
  595. strcpy(host, firewall);
  596. }
  597. port = firewallport;
  598. } else {
  599. proxy = 0;
  600. strcpy(host, server);
  601. port = sport;
  602. }
  603. error = 0;
  604. if (!setjmp(alarmret)) {
  605. alarm(resolve_timeout);
  606. if (!get_ip(host,&so)) {
  607. alarm(0);
  608. /* ok, we resolved it, bind an appropriate ip */
  609. #ifdef USE_IPV6
  610. if (so.sa.sa_family == AF_INET6) {
  611. if (bind(sock, &cached_myip6_so.sa, SIZEOF_SOCKADDR(cached_myip6_so)) < 0) {
  612. killsock(sock);
  613. return -1;
  614. }
  615. } else {
  616. #endif
  617. if (bind(sock, &cached_myip4_so.sa, SIZEOF_SOCKADDR(cached_myip4_so)) < 0) {
  618. killsock(sock);
  619. return -3;
  620. }
  621. #ifdef USE_IPV6
  622. }
  623. if (so.sa.sa_family == AF_INET6)
  624. so.sin6.sin6_port = htons(port);
  625. else
  626. #endif /* USE_IPV6 */
  627. so.sin.sin_port = htons(port);
  628. } else {
  629. alarm(0);
  630. error = 1;
  631. }
  632. }
  633. /* I guess we broke something */
  634. if (error) {
  635. killsock(sock);
  636. return -2;
  637. }
  638. for (i = 0; i < MAXSOCKS; i++) {
  639. if (!(socklist[i].flags & SOCK_UNUSED) && (socklist[i].sock == sock))
  640. socklist[i].flags = (socklist[i].flags & ~SOCK_VIRTUAL) | SOCK_CONNECT;
  641. }
  642. rc = connect(sock, &so.sa, SIZEOF_SOCKADDR(so));
  643. if (rc < 0) { if (errno == EINPROGRESS) {
  644. /* Firewall? announce connect attempt to proxy */
  645. if (firewall[0])
  646. return proxy_connect(sock, server, sport, proxy);
  647. return sock; /* async success! */
  648. } else
  649. return -1;
  650. }
  651. /* Synchronous? :/ */
  652. if (firewall[0])
  653. return proxy_connect(sock, server, sport, proxy);
  654. return sock;
  655. }
  656. /* Ordinary non-binary connection attempt */
  657. int open_telnet(char *server, int port)
  658. {
  659. #ifdef USE_IPV6
  660. int sock = getsock(0, hostprotocol(server)) , ret = open_telnet_raw(sock, server, port);
  661. #else
  662. int sock = getsock(0) , ret = open_telnet_raw(sock, server, port);
  663. #endif /* USE_IPV6 */
  664. if (ret < 0)
  665. killsock(sock);
  666. return ret;
  667. }
  668. /* Returns a socket number for a listening socket that will accept any
  669. * connection on a certain address -- port # is returned in port
  670. *
  671. * 'addr' is ignored if af_def is AF_INET6 -poptix (02/03/03)
  672. */
  673. #ifdef USE_IPV6
  674. int open_address_listen(IP addr, int af_def, int *port)
  675. #else
  676. int open_address_listen(IP addr, int *port)
  677. #endif /* USE_IPV6 */
  678. {
  679. int sock = 0;
  680. unsigned int addrlen;
  681. struct sockaddr_in name;
  682. if (firewall[0]) {
  683. /* FIXME: can't do listen port thru firewall yet */
  684. putlog(LOG_MISC, "*", "!! Cant open a listen port (you are using a "
  685. "firewall)");
  686. return -1;
  687. }
  688. #ifdef USE_IPV6
  689. if (af_def == AF_INET6) {
  690. struct sockaddr_in6 name6;
  691. sock = getsock(SOCK_LISTEN, af_def);
  692. if (sock < 1)
  693. return -1;
  694. debug2("Opening listen socket on port %d with AF_INET6, sock: %d", *port, sock);
  695. bzero((char *) &name6, sizeof(name6));
  696. name6.sin6_family = af_def;
  697. name6.sin6_port = htons(*port); /* 0 = just assign us a port */
  698. /* memcpy(&name6.sin6_addr, &in6addr_any, 16); */ /* this is the only way to get ipv6+ipv4 in 1 socket */
  699. memcpy(&name6.sin6_addr, &cached_myip6_so.sin6.sin6_addr, 16);
  700. if (bind(sock, (struct sockaddr *) &name6, sizeof(name6)) < 0) {
  701. killsock(sock);
  702. return -1;
  703. }
  704. addrlen = sizeof(name6);
  705. if (getsockname(sock, (struct sockaddr *) &name6, &addrlen) < 0) {
  706. killsock(sock);
  707. return -1;
  708. }
  709. *port = ntohs(name6.sin6_port);
  710. if (listen(sock, 1) < 0) {
  711. killsock(sock);
  712. return -1;
  713. }
  714. } else {
  715. sock = getsock(SOCK_LISTEN, AF_INET);
  716. #else
  717. sock = getsock(SOCK_LISTEN);
  718. #endif /* USE_IPV6 */
  719. if (sock < 1)
  720. return -1;
  721. debug2("Opening listen socket on port %d with AF_INET, sock: %d", *port, sock);
  722. egg_bzero((char *) &name, sizeof(struct sockaddr_in));
  723. name.sin_family = AF_INET;
  724. name.sin_port = htons(*port); /* 0 = just assign us a port */
  725. name.sin_addr.s_addr = addr;
  726. if (bind(sock, (struct sockaddr *) &name, sizeof(name)) < 0) {
  727. killsock(sock);
  728. return -1;
  729. }
  730. /* what port are we on? */
  731. addrlen = sizeof(name);
  732. if (getsockname(sock, (struct sockaddr *) &name, &addrlen) < 0) {
  733. killsock(sock);
  734. return -1;
  735. }
  736. *port = ntohs(name.sin_port);
  737. if (listen(sock, 1) < 0) {
  738. killsock(sock);
  739. return -1;
  740. }
  741. #ifdef USE_IPV6
  742. }
  743. #endif /* USE_IPV6 */
  744. return sock;
  745. }
  746. /* Returns a socket number for a listening socket that will accept any
  747. * connection -- port # is returned in port
  748. */
  749. inline int open_listen(int *port)
  750. {
  751. #ifdef USE_IPV6
  752. return open_address_listen(myip[0] ? getmyip() : INADDR_ANY, AF_INET, port);
  753. #else
  754. return open_address_listen(myip[0] ? getmyip() : INADDR_ANY, port);
  755. #endif /* USE_IPV6 */
  756. }
  757. /* Same as above, except this one can be called with an AF_ type
  758. * the above is being left in for compatibility, and should NOT LONGER BE USED IN THE CORE CODE.
  759. */
  760. inline int open_listen_by_af(int *port, int af_def)
  761. {
  762. #ifdef USE_IPV6
  763. return open_address_listen(myip[0] ? getmyip() : INADDR_ANY, af_def, port);
  764. #else
  765. return 0;
  766. #endif /* USE_IPV6 */
  767. }
  768. int ssl_link(register int sock, int state)
  769. {
  770. #ifdef HAVE_SSL
  771. int err = 0, i = 0, errs = 0;
  772. debug2("ssl_link(%d, %d)", sock, state);
  773. for (i = 0; (i < MAXSOCKS); i++) {
  774. if (socklist[i].sock == sock) break;
  775. }
  776. if (socklist[i].ssl) {
  777. putlog(LOG_ERROR, "*", "Switching to SSL (%d,%d) - already active", state, sock);
  778. return 0;
  779. }
  780. if (state == CONNECT_SSL) {
  781. socklist[i].ssl = SSL_new(ssl_c_ctx);
  782. } else if (state == ACCEPT_SSL) {
  783. socklist[i].ssl = SSL_new(ssl_s_ctx);
  784. }
  785. if (!socklist[i].ssl) {
  786. putlog(LOG_ERROR, "*", "Switching to SSL (%d) - SSL_new(%d) failed", sock, state);
  787. return 0;
  788. }
  789. if (!SSL_set_fd(socklist[i].ssl, socklist[i].sock)) {
  790. putlog(LOG_ERROR, "*", "SSL_set_fd(%d) (%d) failed", state, socklist[i].sock);
  791. return 0;
  792. }
  793. if (state == CONNECT_SSL) {
  794. SSL_set_connect_state(socklist[i].ssl);
  795. } else if (state == ACCEPT_SSL) {
  796. SSL_set_accept_state(socklist[i].ssl);
  797. } else {
  798. putlog(LOG_DEBUG, "*" "ssl_link(%d, 0?) NO STATE?", sock);
  799. return 0;
  800. }
  801. if (state == CONNECT_SSL) {
  802. err = SSL_connect(socklist[i].ssl);
  803. } else if (state == ACCEPT_SSL) {
  804. err = SSL_accept(socklist[i].ssl);
  805. }
  806. if (!setjmp(alarmret)) {
  807. alarm(5); /* this is plenty of time */
  808. while ((err < 1) && (errno == EAGAIN)) {
  809. if (state == CONNECT_SSL) {
  810. err = SSL_connect(socklist[i].ssl);
  811. } else if (state == ACCEPT_SSL) {
  812. err = SSL_accept(socklist[i].ssl);
  813. }
  814. if ((errs!=SSL_ERROR_WANT_READ)&&(errs!=SSL_ERROR_WANT_WRITE)&& (errs!=SSL_ERROR_WANT_X509_LOOKUP))
  815. break; /* anything not one of these is a sufficient condition to break out... */
  816. }
  817. alarm(0);
  818. }
  819. errs = SSL_get_error(socklist[i].ssl, err);
  820. putlog(LOG_DEBUG, "*", "SSL_link(%d, %d) = %d, errs: %d (%d), %s", sock, state, err, errs, errno, (char *)ERR_error_string(ERR_get_error(), NULL));
  821. if (errno) putlog(LOG_DEBUG, "*", "errno %d: %s", errno, strerror(errno));
  822. if (err == 1) {
  823. putlog(LOG_ERROR, "*", "SSL_link(%d, %d) was successfull", sock, state);
  824. return 1;
  825. } else {
  826. putlog(LOG_ERROR, "*", "SSL_link(%d, %d) failed", sock, state);
  827. dropssl(socklist[i].sock);
  828. }
  829. #endif /* HAVE_SSL */
  830. return 0;
  831. }
  832. /* Given a network-style IP address, returns the hostname. The hostname
  833. * will be in the "##.##.##.##" format if there was an error.
  834. *
  835. * NOTE: This function is depreciated. Try using the async dns approach
  836. * instead.
  837. */
  838. char *hostnamefromip(unsigned long ip)
  839. {
  840. struct hostent *hp;
  841. unsigned long addr = ip;
  842. unsigned char *p;
  843. static char s[UHOSTLEN];
  844. if (!setjmp(alarmret)) {
  845. alarm(resolve_timeout);
  846. hp = gethostbyaddr((char *) &addr, sizeof(addr), AF_INET);
  847. alarm(0);
  848. } else {
  849. hp = NULL;
  850. }
  851. if (hp == NULL) {
  852. p = (unsigned char *) &addr;
  853. sprintf(s, "%u.%u.%u.%u", p[0], p[1], p[2], p[3]);
  854. return s;
  855. }
  856. strncpyz(s, hp->h_name, sizeof s);
  857. return s;
  858. }
  859. /* Returns the given network byte order IP address in the
  860. * dotted format - "##.##.##.##"
  861. */
  862. char *iptostr(IP ip)
  863. {
  864. struct in_addr a;
  865. a.s_addr = ip;
  866. return inet_ntoa(a);
  867. }
  868. /* Short routine to answer a connect received on a socket made previously
  869. * by open_listen ... returns hostname of the caller & the new socket
  870. * does NOT dispose of old "public" socket!
  871. */
  872. int answer(int sock, char *caller, unsigned long *ip, unsigned short *port,
  873. int binary)
  874. {
  875. int new_sock;
  876. unsigned int addrlen;
  877. struct sockaddr_in from;
  878. #ifdef USE_IPV6
  879. int af_ty = sockprotocol(sock);
  880. struct sockaddr_in6 from6;
  881. if (af_ty == AF_INET6) {
  882. addrlen = sizeof(from6);
  883. new_sock = accept(sock, (struct sockaddr *) &from6, &addrlen);
  884. } else {
  885. #endif /* USE_IPV6 */
  886. addrlen = sizeof(struct sockaddr);
  887. new_sock = accept(sock, (struct sockaddr *) &from, &addrlen);
  888. #ifdef USE_IPV6
  889. }
  890. #endif /* USE_IPV6 */
  891. if (new_sock < 0)
  892. return -1;
  893. if (ip != NULL) {
  894. #ifdef USE_IPV6
  895. /* Detect IPv4 in IPv6 mapped address .... */
  896. if (af_ty == AF_INET6 && (!IN6_IS_ADDR_V4MAPPED(&from6.sin6_addr))) {
  897. egg_inet_ntop(AF_INET6, &from6.sin6_addr, caller, 119);
  898. caller[120] = 0;
  899. *ip = notalloc;
  900. } else if (IN6_IS_ADDR_V4MAPPED(&from6.sin6_addr)) { /* ...and convert it to plain (AF_INET) IPv4 address (openssh) */
  901. struct sockaddr_in *from4 = (struct sockaddr_in *)&from6;
  902. struct in_addr addr;
  903. memcpy(&addr, ((char *)&from6.sin6_addr) + 12, sizeof(addr));
  904. memset(&from, 0, sizeof(from));
  905. from4->sin_family = AF_INET;
  906. addrlen = sizeof(*from4);
  907. memcpy(&from4->sin_addr, &addr, sizeof(addr));
  908. *ip = from4->sin_addr.s_addr;
  909. strncpyz(caller, iptostr(*ip), 121);
  910. *ip = ntohl(*ip);
  911. } else {
  912. #endif /* USE_IPV6 */
  913. *ip = from.sin_addr.s_addr;
  914. /* This is now done asynchronously. We now only provide the IP address.
  915. *
  916. * strncpy(caller, hostnamefromip(*ip), 120);
  917. */
  918. strncpyz(caller, iptostr(*ip), 121);
  919. *ip = ntohl(*ip);
  920. #ifdef USE_IPV6
  921. }
  922. #endif /* USE_IPV6 */
  923. }
  924. if (port != NULL) {
  925. #ifdef USE_IPV6
  926. if (af_ty == AF_INET6)
  927. *port = ntohs(from6.sin6_port);
  928. else
  929. #endif /* USE_IPV6 */
  930. *port = ntohs(from.sin_port);
  931. }
  932. /* Set up all the normal socket crap */
  933. setsock(new_sock, (binary ? SOCK_BINARY : 0));
  934. return new_sock;
  935. }
  936. /* Like open_telnet, but uses server & port specifications of dcc
  937. */
  938. int open_telnet_dcc(int sock, char *server, char *port)
  939. {
  940. int p;
  941. unsigned long addr;
  942. char sv[500];
  943. unsigned char c[4];
  944. #ifdef DEBUG_IPV6
  945. debug1("open_telnet_dcc %s", server);
  946. #endif /* DEBUG_IPV6 */
  947. if (port != NULL)
  948. p = atoi(port);
  949. else
  950. p = 2000;
  951. #ifdef USE_IPV6
  952. if (sockprotocol(sock) == AF_INET6) {
  953. # ifdef DEBUG_IPV6
  954. debug0("open_telnet_dcc, af_inet6!");
  955. # endif /* DEBUG_IPV6 */
  956. strncpyz(sv, server, sizeof sv);
  957. debug2("%s should be %s",sv,server);
  958. } else {
  959. #endif /* USE_IPV6 */
  960. if (server != NULL)
  961. addr = my_atoul(server);
  962. else
  963. addr = 0L;
  964. if (addr < (1 << 24))
  965. return -3; /* fake address */
  966. c[0] = (addr >> 24) & 0xff;
  967. c[1] = (addr >> 16) & 0xff;
  968. c[2] = (addr >> 8) & 0xff;
  969. c[3] = addr & 0xff;
  970. sprintf(sv, "%u.%u.%u.%u", c[0], c[1], c[2], c[3]);
  971. #ifdef USE_IPV6
  972. }
  973. /* strcpy(sv,hostnamefromip(addr)); */
  974. # ifdef DEBUG_IPV6
  975. debug3("open_telnet_raw %s %d %d", sv, sock,p);
  976. # endif /* DEBUG_IPV6 */
  977. #endif /* USE_IPV6 */
  978. p = open_telnet_raw(sock, sv, p);
  979. return p;
  980. }
  981. /* Attempts to read from all the sockets in socklist
  982. * fills s with up to 511 bytes if available, and returns the array index
  983. *
  984. * on EOF: returns -1, with socket in len
  985. * on socket error: returns -2
  986. * if nothing is ready: returns -3
  987. */
  988. static int sockread(char *s, int *len)
  989. {
  990. fd_set fd;
  991. int fds, i, x, fdtmp;
  992. struct timeval t;
  993. int grab = SGRAB;
  994. fds = getdtablesize();
  995. #ifdef FD_SETSIZE
  996. if (fds > FD_SETSIZE)
  997. fds = FD_SETSIZE; /* Fixes YET ANOTHER freebsd bug!!! */
  998. #endif
  999. /* timeout: 1 sec */
  1000. t.tv_sec = 1;
  1001. t.tv_usec = 0;
  1002. FD_ZERO(&fd);
  1003. for (i = 0; i < MAXSOCKS; i++)
  1004. if (!(socklist[i].flags & (SOCK_UNUSED | SOCK_VIRTUAL))) {
  1005. if ((socklist[i].sock == STDOUT) && !backgrd)
  1006. fdtmp = STDIN;
  1007. else
  1008. fdtmp = socklist[i].sock;
  1009. /*
  1010. * Looks like that having more than a call, in the same
  1011. * program, to the FD_SET macro, triggers a bug in gcc.
  1012. * SIGBUS crashing binaries used to be produced on a number
  1013. * (prolly all?) of 64 bits architectures.
  1014. * Make your best to avoid to make it happen again.
  1015. *
  1016. * ITE
  1017. */
  1018. FD_SET(fdtmp, &fd);
  1019. }
  1020. #ifdef HPUX_HACKS
  1021. #ifndef HPUX10_HACKS
  1022. x = select(fds, (int *) &fd, (int *) NULL, (int *) NULL, &t);
  1023. #else
  1024. x = select(fds, &fd, NULL, NULL, &t);
  1025. #endif
  1026. #else
  1027. x = select(fds, &fd, NULL, NULL, &t);
  1028. #endif
  1029. if (x > 0) {
  1030. /* Something happened */
  1031. for (i = 0; i < MAXSOCKS; i++) {
  1032. if ((!(socklist[i].flags & SOCK_UNUSED)) && ((FD_ISSET(socklist[i].sock, &fd)) ||
  1033. #ifdef HAVE_SSL
  1034. ((socklist[i].ssl) && (SSL_pending(socklist[i].ssl))) ||
  1035. #endif /* HAVE_SSL */
  1036. ((socklist[i].sock == STDOUT) && (!backgrd) && (FD_ISSET(STDIN, &fd))))) {
  1037. if (socklist[i].flags & (SOCK_LISTEN | SOCK_CONNECT)) {
  1038. /* Listening socket -- don't read, just return activity */
  1039. /* Same for connection attempt */
  1040. /* (for strong connections, require a read to succeed first) */
  1041. if (socklist[i].flags & SOCK_PROXYWAIT) { /* drummer */
  1042. /* Hang around to get the return code from proxy */
  1043. grab = 10;
  1044. } else if (!(socklist[i].flags & SOCK_STRONGCONN)) {
  1045. debug1("net: connect! sock %d", socklist[i].sock);
  1046. s[0] = 0;
  1047. *len = 0;
  1048. #ifdef HAVE_SSL
  1049. /* debug0("CALLING SSL_LINK() FROM SOCKREAD");
  1050. if (!ssl_link(socklist[i].sock))
  1051. debug0("SSL_LINK FAILED");
  1052. debug0("BACK FROM SSL_LINK()"); */
  1053. #endif /* HAVE_SSL */
  1054. return i;
  1055. }
  1056. } else if (socklist[i].flags & SOCK_PASS) {
  1057. s[0] = 0;
  1058. *len = 0;
  1059. return i;
  1060. }
  1061. errno = 0;
  1062. if ((socklist[i].sock == STDOUT) && !backgrd)
  1063. x = read(STDIN, s, grab);
  1064. else {
  1065. #ifdef HAVE_SSL
  1066. if (socklist[i].ssl) {
  1067. x = SSL_read(socklist[i].ssl, s, grab);
  1068. if (x < 0) {
  1069. int err = SSL_get_error(socklist[i].ssl, x);
  1070. x = -1;
  1071. switch (err) {
  1072. case SSL_ERROR_WANT_READ:
  1073. errno = EAGAIN;
  1074. break;
  1075. case SSL_ERROR_WANT_WRITE:
  1076. errno = EAGAIN;
  1077. break;
  1078. case SSL_ERROR_WANT_X509_LOOKUP:
  1079. errno = EAGAIN;
  1080. break;
  1081. }
  1082. }
  1083. } else
  1084. #endif /* HAVE_SSL */
  1085. x = read(socklist[i].sock, s, grab);
  1086. }
  1087. if (x <= 0) { /* eof */
  1088. if (errno != EAGAIN) { /* EAGAIN happens when the operation would block
  1089. on a non-blocking socket, if the socket is going
  1090. to die, it will die later, otherwise it will connect */
  1091. *len = socklist[i].sock;
  1092. socklist[i].flags &= ~SOCK_CONNECT;
  1093. debug1("net: eof!(read) socket %d", socklist[i].sock);
  1094. return -1;
  1095. } else {
  1096. debug3("sockread EAGAIN: %d %d (%s)",socklist[i].sock,errno,strerror(errno));
  1097. continue; /* EAGAIN */
  1098. }
  1099. }
  1100. s[x] = 0;
  1101. *len = x;
  1102. if (socklist[i].flags & SOCK_PROXYWAIT) {
  1103. debug2("net: socket: %d proxy errno: %d", socklist[i].sock, s[1]);
  1104. socklist[i].flags &= ~(SOCK_CONNECT | SOCK_PROXYWAIT);
  1105. switch (s[1]) {
  1106. case 90: /* Success */
  1107. s[0] = 0;
  1108. *len = 0;
  1109. return i;
  1110. case 91: /* Failed */
  1111. errno = ECONNREFUSED;
  1112. break;
  1113. case 92: /* No identd */
  1114. case 93: /* Identd said wrong username */
  1115. /* A better error message would be "socks misconfigured"
  1116. * or "identd not working" but this is simplest.
  1117. */
  1118. errno = ENETUNREACH;
  1119. break;
  1120. }
  1121. *len = socklist[i].sock;
  1122. return -1;
  1123. }
  1124. return i;
  1125. }
  1126. }
  1127. } else if (x == -1)
  1128. return -2; /* socket error */
  1129. else {
  1130. s[0] = 0;
  1131. *len = 0;
  1132. }
  1133. return -3;
  1134. }
  1135. char *botlink_decrypt(int snum, char *src)
  1136. {
  1137. char *line = NULL;
  1138. int i;
  1139. line = decrypt_string(socklist[snum].ikey, src);
  1140. if (socklist[snum].iseed) {
  1141. for (i = 0; i <= 3; i++)
  1142. *(dword *) & socklist[snum].ikey[i * 4] = prand(&socklist[snum].iseed, 0xFFFFFFFF);
  1143. if (!socklist[snum].iseed)
  1144. socklist[snum].iseed++;
  1145. }
  1146. strcpy(src, line);
  1147. nfree(line);
  1148. return src;
  1149. }
  1150. char *botlink_encrypt(int snum, char *src)
  1151. {
  1152. char *srcbuf = NULL, *buf = NULL, *line = NULL, *eol = NULL, *eline = NULL;
  1153. int bufpos = 0, i;
  1154. srcbuf = nmalloc(strlen(src) + 10);
  1155. strcpy(srcbuf, src);
  1156. line = srcbuf;
  1157. if (!line)
  1158. return NULL;
  1159. eol = strchr(line, '\n');
  1160. i = 0;
  1161. while (eol) {
  1162. *eol++ = 0;
  1163. eline = encrypt_string(socklist[snum].okey, line);
  1164. if (socklist[snum].oseed) {
  1165. for (i = 0; i <= 3; i++)
  1166. *(dword *) & socklist[snum].okey[i * 4] = prand(&socklist[snum].oseed, 0xFFFFFFFF);
  1167. if (!socklist[snum].oseed)
  1168. socklist[snum].oseed++;
  1169. }
  1170. buf = nrealloc(buf, bufpos + strlen(eline) + 10);
  1171. strcpy((char *) &buf[bufpos], eline);
  1172. strcat(buf, "\n");
  1173. bufpos = strlen(buf);
  1174. line = eol;
  1175. eol = strchr(line, '\n');
  1176. nfree(eline);
  1177. }
  1178. if (line[0]) {
  1179. eline = encrypt_string(socklist[snum].okey, line);
  1180. if (socklist[snum].oseed) {
  1181. *(dword *) & socklist[snum].okey[i * 4] = prand(&socklist[snum].oseed, 0xFFFFFFFF);
  1182. if (!socklist[snum].oseed)
  1183. socklist[snum].oseed++;
  1184. }
  1185. buf = nrealloc(buf, bufpos + strlen(eline) + 10);
  1186. strcpy((char *) &buf[bufpos], eline);
  1187. strcat(buf, "\n");
  1188. nfree(eline);
  1189. }
  1190. nfree(srcbuf);
  1191. return buf;
  1192. }
  1193. /* sockgets: buffer and read from sockets
  1194. *
  1195. * Attempts to read from all registered sockets for up to one second. if
  1196. * after one second, no complete data has been received from any of the
  1197. * sockets, 's' will be empty, 'len' will be 0, and sockgets will return -3.
  1198. * if there is returnable data received from a socket, the data will be
  1199. * in 's' (null-terminated if non-binary), the length will be returned
  1200. * in len, and the socket number will be returned.
  1201. * normal sockets have their input buffered, and each call to sockgets
  1202. * will return one line terminated with a '\n'. binary sockets are not
  1203. * buffered and return whatever coems in as soon as it arrives.
  1204. * listening sockets will return an empty string when a connection comes in.
  1205. * connecting sockets will return an empty string on a successful connect,
  1206. * or EOF on a failed connect.
  1207. * if an EOF is detected from any of the sockets, that socket number will be
  1208. * put in len, and -1 will be returned.
  1209. * the maximum length of the string returned is 512 (including null)
  1210. *
  1211. * Returns -4 if we handled something that shouldn't be handled by the
  1212. * dcc functions. Simply ignore it.
  1213. */
  1214. int sockgets(char *s, int *len)
  1215. {
  1216. char xx[SGRAB+3], *p, *px;
  1217. int ret, i, data = 0, grab = SGRAB+1;
  1218. for (i = 0; i < MAXSOCKS; i++) {
  1219. /* Check for stored-up data waiting to be processed */
  1220. if (!(socklist[i].flags & SOCK_UNUSED) &&
  1221. !(socklist[i].flags & SOCK_BUFFER) && (socklist[i].inbuf != NULL)) {
  1222. if (!(socklist[i].flags & SOCK_BINARY)) {
  1223. /* look for \r too cos windows can't follow RFCs */
  1224. p = strchr(socklist[i].inbuf, '\n');
  1225. if (p == NULL)
  1226. p = strchr(socklist[i].inbuf, '\r');
  1227. if (p != NULL) {
  1228. *p = 0;
  1229. if (strlen(socklist[i].inbuf) > (grab - 2))
  1230. socklist[i].inbuf[(grab - 2)] = 0;
  1231. strcpy(s, socklist[i].inbuf);
  1232. px = (char *) nmalloc(strlen(p + 1) + 1);
  1233. strcpy(px, p + 1);
  1234. nfree(socklist[i].inbuf);
  1235. if (px[0])
  1236. socklist[i].inbuf = px;
  1237. else {
  1238. nfree(px);
  1239. socklist[i].inbuf = NULL;
  1240. }
  1241. /* Strip CR if this was CR/LF combo */
  1242. if (s[strlen(s) - 1] == '\r')
  1243. s[strlen(s) - 1] = 0;
  1244. if (socklist[i].encstatus)
  1245. botlink_decrypt(i, s);
  1246. *len = strlen(s);
  1247. return socklist[i].sock;
  1248. }
  1249. } else {
  1250. /* Handling buffered binary data (must have been SOCK_BUFFER before). */
  1251. if (socklist[i].inbuflen <= (grab - 2)) {
  1252. *len = socklist[i].inbuflen;
  1253. egg_memcpy(s, socklist[i].inbuf, socklist[i].inbuflen);
  1254. nfree(socklist[i].inbuf);
  1255. socklist[i].inbuf = NULL;
  1256. socklist[i].inbuflen = 0;
  1257. } else {
  1258. /* Split up into chunks of grab bytes. */
  1259. *len = grab - 2;
  1260. egg_memcpy(s, socklist[i].inbuf, *len);
  1261. egg_memcpy(socklist[i].inbuf, socklist[i].inbuf + *len, *len);
  1262. socklist[i].inbuflen -= *len;
  1263. socklist[i].inbuf = nrealloc(socklist[i].inbuf,
  1264. socklist[i].inbuflen);
  1265. }
  1266. return socklist[i].sock;
  1267. }
  1268. }
  1269. /* Also check any sockets that might have EOF'd during write */
  1270. if (!(socklist[i].flags & SOCK_UNUSED)
  1271. && (socklist[i].flags & SOCK_EOFD)) {
  1272. s[0] = 0;
  1273. *len = socklist[i].sock;
  1274. return -1;
  1275. }
  1276. }
  1277. /* No pent-up data of any worth -- down to business */
  1278. *len = 0;
  1279. ret = sockread(xx, len);
  1280. if (ret < 0) {
  1281. s[0] = 0;
  1282. return ret;
  1283. }
  1284. /* Binary, listening and passed on sockets don't get buffered. */
  1285. if (socklist[ret].flags & SOCK_CONNECT) {
  1286. if (socklist[ret].flags & SOCK_STRONGCONN) {
  1287. socklist[ret].flags &= ~SOCK_STRONGCONN;
  1288. /* Buffer any data that came in, for future read. */
  1289. socklist[ret].inbuflen = *len;
  1290. socklist[ret].inbuf = (char *) nmalloc(*len + 1);
  1291. /* It might be binary data. You never know. */
  1292. egg_memcpy(socklist[ret].inbuf, xx, *len);
  1293. socklist[ret].inbuf[*len] = 0;
  1294. }
  1295. socklist[ret].flags &= ~SOCK_CONNECT;
  1296. s[0] = 0;
  1297. return socklist[ret].sock;
  1298. }
  1299. if (socklist[ret].flags & SOCK_BINARY) {
  1300. egg_memcpy(s, xx, *len);
  1301. return socklist[ret].sock;
  1302. }
  1303. if ((socklist[ret].flags & SOCK_LISTEN) ||
  1304. (socklist[ret].flags & SOCK_PASS))
  1305. return socklist[ret].sock;
  1306. if (socklist[ret].flags & SOCK_BUFFER) {
  1307. socklist[ret].inbuf = (char *) nrealloc(socklist[ret].inbuf,
  1308. socklist[ret].inbuflen + *len + 1);
  1309. egg_memcpy(socklist[ret].inbuf + socklist[ret].inbuflen, xx, *len);
  1310. socklist[ret].inbuflen += *len;
  1311. /* We don't know whether it's binary data. Make sure normal strings
  1312. will be handled properly later on too. */
  1313. socklist[ret].inbuf[socklist[ret].inbuflen] = 0;
  1314. return -4; /* Ignore this one. */
  1315. }
  1316. /* Might be necessary to prepend stored-up data! */
  1317. if (socklist[ret].inbuf != NULL) {
  1318. p = socklist[ret].inbuf;
  1319. socklist[ret].inbuf = (char *) nmalloc(strlen(p) + strlen(xx) + 1);
  1320. strcpy(socklist[ret].inbuf, p);
  1321. strcat(socklist[ret].inbuf, xx);
  1322. nfree(p);
  1323. if (strlen(socklist[ret].inbuf) < grab) {
  1324. strcpy(xx, socklist[ret].inbuf);
  1325. nfree(socklist[ret].inbuf);
  1326. socklist[ret].inbuf = NULL;
  1327. socklist[ret].inbuflen = 0;
  1328. } else {
  1329. p = socklist[ret].inbuf;
  1330. socklist[ret].inbuflen = strlen(p) - (grab - 2);
  1331. socklist[ret].inbuf = (char *) nmalloc(socklist[ret].inbuflen + 1);
  1332. // socklist[ret].inbuf = (char *) nmalloc(strlen(p) - (grab - 3));
  1333. strcpy(socklist[ret].inbuf, p + (grab - 2));
  1334. *(p + (grab - 2)) = 0;
  1335. strcpy(xx, p);
  1336. nfree(p);
  1337. /* (leave the rest to be post-pended later) */
  1338. }
  1339. }
  1340. /* Look for EOL marker; if it's there, i have something to show */
  1341. p = strchr(xx, '\n');
  1342. if (p == NULL)
  1343. p = strchr(xx, '\r');
  1344. if (p != NULL) {
  1345. *p = 0;
  1346. strcpy(s, xx);
  1347. strcpy(xx, p + 1);
  1348. if (s[strlen(s) - 1] == '\r')
  1349. s[strlen(s) - 1] = 0;
  1350. data = 1; /* DCC_CHAT may now need to process a
  1351. blank line */
  1352. /* NO! */
  1353. /* if (!s[0]) strcpy(s," "); */
  1354. } else {
  1355. s[0] = 0;
  1356. if (strlen(xx) >= (grab - 2)) {
  1357. /* String is too long, so just insert fake \n */
  1358. strcpy(s, xx);
  1359. xx[0] = 0;
  1360. data = 1;
  1361. }
  1362. }
  1363. if (socklist[ret].encstatus)
  1364. botlink_decrypt(ret, s);
  1365. *len = strlen(s);
  1366. /* Anything left that needs to be saved? */
  1367. if (!xx[0]) {
  1368. if (data)
  1369. return socklist[ret].sock;
  1370. else
  1371. return -3;
  1372. }
  1373. /* Prepend old data back */
  1374. if (socklist[ret].inbuf != NULL) {
  1375. p = socklist[ret].inbuf;
  1376. socklist[ret].inbuflen = strlen(p) + strlen(xx);
  1377. socklist[ret].inbuf = (char *) nmalloc(socklist[ret].inbuflen + 1);
  1378. strcpy(socklist[ret].inbuf, xx);
  1379. strcat(socklist[ret].inbuf, p);
  1380. nfree(p);
  1381. } else {
  1382. socklist[ret].inbuflen = strlen(xx);
  1383. socklist[ret].inbuf = (char *) nmalloc(socklist[ret].inbuflen + 1);
  1384. strcpy(socklist[ret].inbuf, xx);
  1385. }
  1386. if (data) {
  1387. return socklist[ret].sock;
  1388. } else {
  1389. return -3;
  1390. }
  1391. }
  1392. /* Dump something to a socket
  1393. *
  1394. * NOTE: Do NOT put Contexts in here if you want DEBUG to be meaningful!!
  1395. */
  1396. void tputs(register int z, char *s, unsigned int len)
  1397. {
  1398. register int i, x, idx;
  1399. char *p;
  1400. static int inhere = 0;
  1401. if (z < 0)
  1402. return; /* um... HELLO?! sanity check please! */
  1403. if (((z == STDOUT) || (z == STDERR)) && (!backgrd || use_stderr)) {
  1404. #ifdef EUSE_COLORPUTS
  1405. colorputs(s);
  1406. x = len;
  1407. #else
  1408. write(z, s, len);
  1409. #endif
  1410. return;
  1411. }
  1412. for (i = 0; i < MAXSOCKS; i++) {
  1413. if (!(socklist[i].flags & SOCK_UNUSED) && (socklist[i].sock == z)) {
  1414. for (idx = 0; idx < dcc_total; idx++) {
  1415. if (dcc[idx].sock == z) {
  1416. if (dcc[idx].type) {
  1417. if (dcc[idx].type->name) {
  1418. if (!strncmp(dcc[idx].type->name, "BOT", 3)) {
  1419. otraffic_bn_today += len;
  1420. break;
  1421. } else if (!strcmp(dcc[idx].type->name, "SERVER")) {
  1422. otraffic_irc_today += len;
  1423. break;
  1424. } else if (!strncmp(dcc[idx].type->name, "CHAT", 4)) {
  1425. otraffic_dcc_today += len;
  1426. break;
  1427. } else if (!strncmp(dcc[idx].type->name, "FILES", 5)) {
  1428. otraffic_filesys_today += len;
  1429. break;
  1430. } else if (!strcmp(dcc[idx].type->name, "SEND")) {
  1431. otraffic_trans_today += len;
  1432. break;
  1433. } else if (!strncmp(dcc[idx].type->name, "GET", 3)) {
  1434. otraffic_trans_today += len;
  1435. break;
  1436. } else {
  1437. otraffic_unknown_today += len;
  1438. break;
  1439. }
  1440. }
  1441. }
  1442. }
  1443. }
  1444. if (socklist[i].encstatus) {
  1445. if ((!s) || (!s[0])) {
  1446. s = botlink_encrypt(i, s);
  1447. len = strlen(s);
  1448. }
  1449. s = botlink_encrypt(i, s);
  1450. len = strlen(s);
  1451. }
  1452. if (socklist[i].outbuf != NULL) {
  1453. /* Already queueing: just add it */
  1454. p = (char *) nrealloc(socklist[i].outbuf, socklist[i].outbuflen + len);
  1455. egg_memcpy(p + socklist[i].outbuflen, s, len);
  1456. socklist[i].outbuf = p;
  1457. socklist[i].outbuflen += len;
  1458. if (socklist[i].encstatus)
  1459. nfree(s);
  1460. return;
  1461. }
  1462. /* Try. */
  1463. #ifdef HAVE_SSL
  1464. if (socklist[i].ssl) {
  1465. x = SSL_write(socklist[i].ssl, s, len);
  1466. if (x < 0) {
  1467. int err = SSL_get_error(socklist[i].ssl, x);
  1468. x = -1;
  1469. switch (err) {
  1470. case SSL_ERROR_WANT_READ:
  1471. errno = EAGAIN;
  1472. break;
  1473. case SSL_ERROR_WANT_WRITE:
  1474. errno = EAGAIN;
  1475. break;
  1476. case SSL_ERROR_WANT_X509_LOOKUP:
  1477. errno = EAGAIN;
  1478. break;
  1479. }
  1480. }
  1481. } else
  1482. #endif /* HAVE_SSL */
  1483. //#ifdef HAVE_ZLIB_H
  1484. // if (socklist[i].gz) { /* gzipped links */
  1485. // FILE *fp;
  1486. // fp = gzdopen(z, "wb0");
  1487. // x = gzwrite(fp, s, len);
  1488. //
  1489. // } else
  1490. //#endif /* HAVE_ZLIB_H */
  1491. x = write(z, s, len);
  1492. if (x == (-1))
  1493. x = 0;
  1494. if (x < len) {
  1495. /* Socket is full, queue it */
  1496. socklist[i].outbuf = (char *) nmalloc(len - x);
  1497. egg_memcpy(socklist[i].outbuf, &s[x], len - x);
  1498. socklist[i].outbuflen = len - x;
  1499. }
  1500. if (socklist[i].encstatus)
  1501. nfree(s);
  1502. return;
  1503. }
  1504. }
  1505. /* Make sure we don't cause a crash by looping here */
  1506. if (!inhere) {
  1507. inhere = 1;
  1508. putlog(LOG_MISC, "*", "!!! writing to nonexistent socket: %d", z);
  1509. s[strlen(s) - 1] = 0;
  1510. putlog(LOG_MISC, "*", "!-> '%s'", s);
  1511. inhere = 0;
  1512. }
  1513. // if (socklist[i].encstatus > 0)
  1514. // nfree(s);
  1515. }
  1516. /* tputs might queue data for sockets, let's dump as much of it as
  1517. * possible.
  1518. */
  1519. void dequeue_sockets()
  1520. {
  1521. int i, x;
  1522. int z = 0, fds;
  1523. fd_set wfds;
  1524. struct timeval tv;
  1525. /* ^-- start poptix test code, this should avoid writes to sockets not ready to be written to. */
  1526. fds = getdtablesize();
  1527. #ifdef FD_SETSIZE
  1528. if (fds > FD_SETSIZE)
  1529. fds = FD_SETSIZE; /* Fixes YET ANOTHER freebsd bug!!! */
  1530. #endif
  1531. FD_ZERO(&wfds);
  1532. tv.tv_sec = 0;
  1533. tv.tv_usec = 0; /* we only want to see if it's ready for writing, no need to actually wait.. */
  1534. for (i = 0; i < MAXSOCKS; i++) {
  1535. if (!(socklist[i].flags & SOCK_UNUSED) && socklist[i].outbuf != NULL) {
  1536. FD_SET(socklist[i].sock, &wfds);
  1537. z = 1;
  1538. }
  1539. }
  1540. if (!z)
  1541. return; /* nothing to write */
  1542. #ifdef HPUX_HACKS
  1543. #ifndef HPUX10_HACKS
  1544. select(fds, (int *) NULL, (int *) &wfds, (int *) NULL, &tv);
  1545. #else
  1546. select(fds, NULL, &wfds, NULL, &tv);
  1547. #endif
  1548. #else
  1549. select(fds, NULL, &wfds, NULL, &tv);
  1550. #endif
  1551. /* end poptix */
  1552. for (i = 0; i < MAXSOCKS; i++) {
  1553. if (!(socklist[i].flags & SOCK_UNUSED) &&
  1554. (socklist[i].outbuf != NULL) && (FD_ISSET(socklist[i].sock, &wfds))) {
  1555. /* Trick tputs into doing the work */
  1556. errno = 0;
  1557. #ifdef HAVE_SSL
  1558. if (socklist[i].ssl) {
  1559. x = write(socklist[i].sock, socklist[i].outbuf, socklist[i].outbuflen);
  1560. if (x < 0) {
  1561. int err = SSL_get_error(socklist[i].ssl, x);
  1562. x = -1;
  1563. switch (err) {
  1564. case SSL_ERROR_WANT_READ:
  1565. errno = EAGAIN;
  1566. break;
  1567. case SSL_ERROR_WANT_WRITE:
  1568. errno = EAGAIN;
  1569. break;
  1570. case SSL_ERROR_WANT_X509_LOOKUP:
  1571. errno = EAGAIN;
  1572. break;
  1573. }
  1574. }
  1575. } else
  1576. #endif
  1577. x = write(socklist[i].sock, socklist[i].outbuf, socklist[i].outbuflen);
  1578. if ((x < 0) && (errno != EAGAIN)
  1579. #ifdef EBADSLT
  1580. && (errno != EBADSLT)
  1581. #endif
  1582. #ifdef ENOTCONN
  1583. && (errno != ENOTCONN)
  1584. #endif
  1585. ) {
  1586. /* This detects an EOF during writing */
  1587. debug3("net: eof!(write) socket %d (%s,%d)", socklist[i].sock,
  1588. strerror(errno), errno);
  1589. socklist[i].flags |= SOCK_EOFD;
  1590. } else if (x == socklist[i].outbuflen) {
  1591. /* If the whole buffer was sent, nuke it */
  1592. nfree(socklist[i].outbuf);
  1593. socklist[i].outbuf = NULL;
  1594. socklist[i].outbuflen = 0;
  1595. } else if (x > 0) {
  1596. char *p = socklist[i].outbuf;
  1597. /* This removes any sent bytes from the beginning of the buffer */
  1598. socklist[i].outbuf = (char *) nmalloc(socklist[i].outbuflen - x);
  1599. egg_memcpy(socklist[i].outbuf, p + x, socklist[i].outbuflen - x);
  1600. socklist[i].outbuflen -= x;
  1601. nfree(p);
  1602. } else {
  1603. debug3("dequeue_sockets(): errno = %d (%s) on %d", errno,
  1604. strerror(errno), socklist[i].sock);
  1605. }
  1606. /* All queued data was sent. Call handler if one exists and the
  1607. * dcc entry wants it.
  1608. */
  1609. if (!socklist[i].outbuf) {
  1610. int idx = findanyidx(socklist[i].sock);
  1611. if (idx > 0 && dcc[idx].type && dcc[idx].type->outdone)
  1612. dcc[idx].type->outdone(idx);
  1613. }
  1614. }
  1615. }
  1616. }
  1617. /*
  1618. * Debugging stuff
  1619. */
  1620. void tell_netdebug(int idx)
  1621. {
  1622. int i;
  1623. char s[80];
  1624. dprintf(idx, "Open sockets:");
  1625. for (i = 0; i < MAXSOCKS; i++) {
  1626. if (!(socklist[i].flags & SOCK_UNUSED)) {
  1627. sprintf(s, " %d", socklist[i].sock);
  1628. if (socklist[i].flags & SOCK_BINARY)
  1629. strcat(s, " (binary)");
  1630. if (socklist[i].flags & SOCK_LISTEN)
  1631. strcat(s, " (listen)");
  1632. if (socklist[i].flags & SOCK_PASS)
  1633. strcat(s, " (passed on)");
  1634. if (socklist[i].flags & SOCK_CONNECT)
  1635. strcat(s, " (connecting)");
  1636. if (socklist[i].flags & SOCK_STRONGCONN)
  1637. strcat(s, " (strong)");
  1638. if (socklist[i].flags & SOCK_NONSOCK)
  1639. strcat(s, " (file)");
  1640. if (socklist[i].inbuf != NULL)
  1641. sprintf(&s[strlen(s)], " (inbuf: %04X)", strlen(socklist[i].inbuf));
  1642. if (socklist[i].outbuf != NULL)
  1643. sprintf(&s[strlen(s)], " (outbuf: %06lX)", socklist[i].outbuflen);
  1644. strcat(s, ",");
  1645. dprintf(idx, "%s", s);
  1646. }
  1647. }
  1648. dprintf(idx, " done.\n");
  1649. }
  1650. /* Security-flavoured sanity checking on DCC connections of all sorts can be
  1651. * done with this routine. Feed it the proper information from your DCC
  1652. * before you attempt the connection, and this will make an attempt at
  1653. * figuring out if the connection is really that person, or someone screwing
  1654. * around. It's not foolproof, but anything that fails this check probably
  1655. * isn't going to work anyway due to masquerading firewalls, NAT routers,
  1656. * or bugs in mIRC.
  1657. */
  1658. int sanitycheck_dcc(char *nick, char *from, char *ipaddy, char *port)
  1659. {
  1660. /* According to the latest RFC, the clients SHOULD be able to handle
  1661. * DNS names that are up to 255 characters long. This is not broken.
  1662. */
  1663. /* This function needs to be updated for IPv6 IP's, although it doesn't
  1664. * currently harm them (afaik)
  1665. */
  1666. char badaddress[16];
  1667. IP ip = my_atoul(ipaddy);
  1668. int prt = atoi(port);
  1669. /* It is disabled HERE so we only have to check in *one* spot! */
  1670. if (!dcc_sanitycheck)
  1671. return 1;
  1672. if (prt < 1) {
  1673. putlog(LOG_MISC, "*", "ALERT: (%s!%s) specified an impossible port of %u!",
  1674. nick, from, prt);
  1675. return 0;
  1676. }
  1677. sprintf(badaddress, "%u.%u.%u.%u", (ip >> 24) & 0xff, (ip >> 16) & 0xff,
  1678. (ip >> 8) & 0xff, ip & 0xff);
  1679. if (ip < (1 << 24)) {
  1680. putlog(LOG_MISC, "*", "ALERT: (%s!%s) specified an impossible IP of %s!",
  1681. nick, from, badaddress);
  1682. return 0;
  1683. }
  1684. return 1;
  1685. }
  1686. int hostsanitycheck_dcc(char *nick, char *from, IP ip, char *dnsname,
  1687. char *prt)
  1688. {
  1689. /* According to the latest RFC, the clients SHOULD be able to handle
  1690. * DNS names that are up to 255 characters long. This is not broken.
  1691. */
  1692. char hostn[256], badaddress[16];
  1693. /* It is disabled HERE so we only have to check in *one* spot! */
  1694. if (!dcc_sanitycheck)
  1695. return 1;
  1696. sprintf(badaddress, "%u.%u.%u.%u", (ip >> 24) & 0xff, (ip >> 16) & 0xff,
  1697. (ip >> 8) & 0xff, ip & 0xff);
  1698. /* These should pad like crazy with zeros, since 120 bytes or so is
  1699. * where the routines providing our data currently lose interest. I'm
  1700. * using the n-variant in case someone changes that...
  1701. */
  1702. strncpyz(hostn, extracthostname(from), sizeof hostn);
  1703. if (!egg_strcasecmp(hostn, dnsname)) {
  1704. putlog(LOG_DEBUG, "*", "DNS information for submitted IP checks out.");
  1705. return 1;
  1706. }
  1707. if (!strcmp(badaddress, dnsname))
  1708. putlog(LOG_MISC, "*", "ALERT: (%s!%s) sent a DCC request with bogus IP "
  1709. "information of %s port %s. %s does not resolve to %s!", nick, from,
  1710. badaddress, prt, from, badaddress);
  1711. else
  1712. return 1; /* <- usually happens when we have
  1713. a user with an unresolved hostmask! */
  1714. return 0;
  1715. }
  1716. /* Checks wether the referenced socket has data queued.
  1717. *
  1718. * Returns true if the incoming/outgoing (depending on 'type') queues
  1719. * contain data, otherwise false.
  1720. */
  1721. int sock_has_data(int type, int sock)
  1722. {
  1723. int ret = 0, i;
  1724. for (i = 0; i < MAXSOCKS; i++)
  1725. if (!(socklist[i].flags & SOCK_UNUSED) && socklist[i].sock == sock)
  1726. break;
  1727. if (i < MAXSOCKS) {
  1728. switch (type) {
  1729. case SOCK_DATA_OUTGOING:
  1730. ret = (socklist[i].outbuf != NULL);
  1731. break;
  1732. case SOCK_DATA_INCOMING:
  1733. ret = (socklist[i].inbuf != NULL);
  1734. break;
  1735. }
  1736. } else
  1737. debug1("sock_has_data: could not find socket #%d, returning false.", sock);
  1738. return ret;
  1739. }
  1740. /* flush_inbuf():
  1741. * checks if there's data in the incoming buffer of an connection
  1742. * and flushs the buffer if possible
  1743. *
  1744. * returns: -1 if the dcc entry wasn't found
  1745. * -2 if dcc[idx].type->activity doesn't exist and the data couldn't
  1746. * be handled
  1747. * 0 if buffer was empty
  1748. * otherwise length of flushed buffer
  1749. */
  1750. int flush_inbuf(int idx)
  1751. {
  1752. int i, len;
  1753. char *inbuf;
  1754. Assert((idx >= 0) && (idx < dcc_total));
  1755. for (i = 0; i < MAXSOCKS; i++) {
  1756. if ((dcc[idx].sock == socklist[i].sock)
  1757. && !(socklist[i].flags & SOCK_UNUSED)) {
  1758. len = socklist[i].inbuflen;
  1759. if ((len > 0) && socklist[i].inbuf) {
  1760. if (dcc[idx].type && dcc[idx].type->activity) {
  1761. inbuf = socklist[i].inbuf;
  1762. socklist[i].inbuf = NULL;
  1763. dcc[idx].type->activity(idx, inbuf, len);
  1764. nfree(inbuf);
  1765. return len;
  1766. } else
  1767. return -2;
  1768. } else
  1769. return 0;
  1770. }
  1771. }
  1772. return -1;
  1773. }