#include <time.h>
#include <fcntl.h>
#include <signal.h>
+#include <stdint.h>
#ifdef HAVE_CONFIG_H
#include <config.h>
struct uidata *next, *prev;
struct socket *sk;
struct qcommand *queue, *queuelast;
+ size_t queuesize;
struct authhandle *auth;
int close;
union
struct uiuser *users = NULL;
struct uidata *actives = NULL;
-struct socket *tcpsocket = NULL;
-struct socket *unixsocket = NULL;
+struct lport *tcpsocket = NULL;
+struct lport *unixsocket = NULL;
static time_t starttime;
static wchar_t *quoteword(wchar_t *word)
{
int valid;
struct in6_addr mv4lo;
+ struct sockaddr *remote;
if(confgetint("ui", "onlylocal"))
{
- switch(sk->remote->sa_family)
- {
- case AF_INET:
- valid = ((struct sockaddr_in *)sk->remote)->sin_addr.s_addr == INADDR_LOOPBACK;
- break;
- case AF_INET6:
- inet_pton(AF_INET6, "::ffff:127.0.0.1", &mv4lo);
- valid = 0;
- if(!memcmp(&((struct sockaddr_in6 *)sk->remote)->sin6_addr, &in6addr_loopback, sizeof(in6addr_loopback)))
- valid = 1;
- if(!memcmp(&((struct sockaddr_in6 *)sk->remote)->sin6_addr, &mv4lo, sizeof(in6addr_loopback)))
+ valid = 0;
+ if(!sockpeeraddr(sk, &remote, NULL)) {
+ switch(remote->sa_family)
+ {
+ case AF_INET:
+ valid = ((struct sockaddr_in *)remote)->sin_addr.s_addr == INADDR_LOOPBACK;
+ break;
+ case AF_INET6:
+ inet_pton(AF_INET6, "::ffff:127.0.0.1", &mv4lo);
+ valid = 0;
+ if(!memcmp(&((struct sockaddr_in6 *)remote)->sin6_addr, &in6addr_loopback, sizeof(in6addr_loopback)))
+ valid = 1;
+ if(!memcmp(&((struct sockaddr_in6 *)remote)->sin6_addr, &mv4lo, sizeof(in6addr_loopback)))
+ valid = 1;
+ break;
+ case AF_UNIX:
valid = 1;
- break;
- case AF_UNIX:
- valid = 1;
- break;
- default:
- valid = 0;
- break;
+ break;
+ }
+ free(remote);
}
if(!valid)
{
sq(sk, 0, L"502", L"Only localhost connections allowed to this host", NULL);
- sk->close = 1;
+ closesock(sk);
data->close = 1;
return;
}
}
- sq(sk, 0, L"201", L"1", L"2", L"Dolda Connect daemon v" VERSION, NULL);
+ sq(sk, 0, L"201", L"1", L"3", L"Dolda Connect daemon v" VERSION, NULL);
}
static void cmd_notfound(struct socket *sk, struct uidata *data, int argc, wchar_t **argv)
if(data->uid == -1)
{
sq(sk, 0, L"506", L"Authentication error", NULL);
- flog(LOG_INFO, "user %ls authenticated successfully from %s, but no account existed", data->username, formataddress(sk->remote, sk->remotelen));
+ flog(LOG_INFO, "user %ls authenticated successfully from %s, but no account existed", data->username, formatsockpeer(sk));
logout(data);
} else if((data->userinfo == NULL) || (data->userinfo->perms & PERM_DISALLOW)) {
sq(sk, 0, L"506", L"Authentication error", NULL);
- flog(LOG_INFO, "user %ls authenticated successfully from %s, but was not authorized", data->username, formataddress(sk->remote, sk->remotelen));
+ flog(LOG_INFO, "user %ls authenticated successfully from %s, but was not authorized", data->username, formatsockpeer(sk));
logout(data);
} else {
sq(sk, 0, L"200", L"Welcome", NULL);
- flog(LOG_INFO, "%ls (UID %i) logged in from %s", data->username, data->uid, formataddress(sk->remote, sk->remotelen));
+ flog(LOG_INFO, "%ls (UID %i) logged in from %s", data->username, data->uid, formatsockpeer(sk));
}
break;
case AUTH_DENIED:
sq(sk, 0, L"506", L"Authentication error", L"%ls", (data->auth->text == NULL)?L"":(data->auth->text), NULL);
- flog(LOG_INFO, "authentication failed for %ls from %s", data->username, formataddress(sk->remote, sk->remotelen));
+ flog(LOG_INFO, "authentication failed for %ls from %s", data->username, formatsockpeer(sk));
logout(data);
break;
case AUTH_PASS:
if(data->uid == -1)
{
sq(sk, 0, L"506", L"Authentication error", NULL);
- flog(LOG_INFO, "user %ls authenticated successfully from %s, but no account existed", data->username, formataddress(sk->remote, sk->remotelen));
+ flog(LOG_INFO, "user %ls authenticated successfully from %s, but no account existed", data->username, formatsockpeer(sk));
logout(data);
} else if((data->userinfo == NULL) || (data->userinfo->perms & PERM_DISALLOW)) {
sq(sk, 0, L"506", L"Authentication error", NULL);
- flog(LOG_INFO, "user %ls authenticated successfully from %s, but was not authorized", data->username, formataddress(sk->remote, sk->remotelen));
+ flog(LOG_INFO, "user %ls authenticated successfully from %s, but was not authorized", data->username, formatsockpeer(sk));
logout(data);
} else {
sq(sk, 0, L"200", L"Welcome", NULL);
- flog(LOG_INFO, "%ls (UID %i) logged in from %s", data->username, data->uid, formataddress(sk->remote, sk->remotelen));
+ flog(LOG_INFO, "%ls (UID %i) logged in from %s", data->username, data->uid, formatsockpeer(sk));
}
break;
case AUTH_DENIED:
sq(sk, 0, L"506", L"Authentication error", L"%ls", (data->auth->text == NULL)?L"":(data->auth->text), NULL);
- flog(LOG_INFO, "authentication failed for %ls from %s", data->username, formataddress(sk->remote, sk->remotelen));
+ flog(LOG_INFO, "authentication failed for %ls from %s", data->username, formatsockpeer(sk));
logout(data);
break;
case AUTH_PASS:
}
if(fn->peers == NULL)
{
- sq(sk, 0, L"201", L"No peers avaiable", NULL);
+ sq(sk, 0, L"201", L"No peers available", NULL);
} else {
for(peer = btreeiter(fn->peers); peer != NULL; peer = npeer)
{
qcmd = data->queue;
if(qcmd != NULL)
{
+ data->queuesize--;
data->queue = qcmd->next;
if(qcmd == data->queuelast)
data->queuelast = qcmd->next;
data->queuelast = new;
if(data->queue == NULL)
data->queue = new;
+ data->queuesize++;
}
static struct uidata *newuidata(struct socket *sk)
break;
}
}
+ if(data->cbdata > 16384)
+ {
+ /* Kill clients that send us unreasonably long lines */
+ data->close = 1;
+ }
}
static void uierror(struct socket *sk, int err, struct uidata *data)
freeuidata(data);
}
-static void uiaccept(struct socket *sk, struct socket *newsk, void *data)
+static void uiaccept(struct lport *lp, struct socket *newsk, void *data)
{
struct uidata *uidata;
static int tcpportupdate(struct configvar *var, void *uudata)
{
- struct socket *newsock;
+ struct lport *newsock;
newsock = NULL;
if((var->val.num != -1) && ((newsock = netcstcplisten(var->val.num, 1, uiaccept, NULL)) == NULL))
}
if(tcpsocket != NULL)
{
- putsock(tcpsocket);
+ closelport(tcpsocket);
tcpsocket = NULL;
}
tcpsocket = newsock;
static int unixsockupdate(struct configvar *var, void *uudata)
{
- struct socket *newsock;
+ struct lport *newsock;
struct sockaddr_un *un;
mode_t ou;
umask(ou);
if(unixsocket != NULL)
{
- putsock(unixsocket);
+ closelport(unixsocket);
unixsocket = NULL;
}
unixsocket = newsock;
freequeuecmd(qcmd);
return(1);
}
+ if(data->queuesize > 10)
+ {
+ /* Clients should not be queue up commands at all, since
+ * they should not send a new command before receiving a
+ * reply to the previous command. Therefore, we
+ * mercilessly massacre clients which are stacking up too
+ * many commands. */
+ data->close = 1;
+ }
}
return(0);
}
while(users != NULL)
freeuser(users);
if(tcpsocket != NULL)
- putsock(tcpsocket);
+ closelport(tcpsocket);
if(unixsocket != NULL)
- putsock(unixsocket);
+ closelport(unixsocket);
}
static struct configvar myvars[] =