commit - b68bb560e9140c0ec783ea02773aef50d11ac06d
commit + 01b62202b2caa1b8161e62f149a9d6f705713869
blob - 5d44b30f07708e46d0221c4ba227f20f1bc7d853
blob + 8f7b70afccb0e310793013e0f53ee5f38522a614
--- src/ngircd/conn-ssl.c
+++ src/ngircd/conn-ssl.c
#endif /* _GNUTLS */
Conn_OPTION_DEL(c, (CONN_SSL_WANT_WRITE|CONN_SSL_WANT_READ|CONN_SSL_CONNECT));
ConnSSL_LogCertInfo(c);
+
+ Conn_StartLogin(CONNECTION2ID(c));
return 1;
}
blob - 8fd162b7122eee89c37ca319e8d2cafb71ebb16a
blob + 81a0f4507eed0fb79d470bf323452bd1a328dd58
--- src/ngircd/conn.c
+++ src/ngircd/conn.c
static bool Handle_Write PARAMS(( CONN_ID Idx ));
static bool Conn_Write PARAMS(( CONN_ID Idx, char *Data, size_t Len ));
-static int New_Connection PARAMS(( int Sock ));
+static int New_Connection PARAMS(( int Sock, bool IsSSL ));
static CONN_ID Socket2Index PARAMS(( int Sock ));
static void Read_Request PARAMS(( CONN_ID Idx ));
static unsigned int Handle_Buffer PARAMS(( CONN_ID Idx ));
cb_listen(int sock, short irrelevant)
{
(void) irrelevant;
- (void) New_Connection(sock);
+ (void) New_Connection(sock, false);
}
int fd;
(void) irrelevant;
- fd = New_Connection(sock);
+ fd = New_Connection(sock, true);
if (fd < 0)
return;
io_event_setcb(My_Connections[fd].sock, cb_clientserver_ssl);
* Initialize new client connection on a listening socket.
*
* @param Sock Listening socket descriptor.
+ * @param IsSSL true if this socket expects SSL-encrypted data.
* @returns Accepted socket descriptor or -1 on error.
*/
static int
-New_Connection(int Sock)
+New_Connection(int Sock, bool IsSSL)
{
#ifdef TCPWRAP
struct request_info req;
#endif
ng_ipaddr_t new_addr;
char ip_str[NG_INET_ADDRSTRLEN];
- int new_sock, new_sock_len, identsock;
+ int new_sock, new_sock_len;
CLIENT *c;
long cnt;
Log(LOG_INFO, "Accepted connection %d from %s:%d on socket %d.",
new_sock, My_Connections[new_sock].host,
ng_ipaddr_getport(&new_addr), Sock);
+ Account_Connection();
- identsock = new_sock;
-#ifdef IDENTAUTH
- if (!Conf_Ident)
- identsock = -1;
+#ifdef SSL_SUPPORT
+ /* Delay connection initalization until SSL handshake is finished */
+ if (!IsSSL)
#endif
- if (Conf_DNS) {
- if (Conf_NoticeAuth) {
-#ifdef IDENTAUTH
- if (Conf_Ident)
- (void)Conn_WriteStr(new_sock,
- "NOTICE AUTH :*** Looking up your hostname and checking ident");
- else
-#endif
- (void)Conn_WriteStr(new_sock,
- "NOTICE AUTH :*** Looking up your hostname");
- (void)Handle_Write(new_sock);
- }
- Resolve_Addr(&My_Connections[new_sock].proc_stat, &new_addr,
- identsock, cb_Read_Resolver_Result);
- }
+ Conn_StartLogin(new_sock);
- Account_Connection();
return new_sock;
} /* New_Connection */
+
+
+/**
+ * Finish connection initialization, start resolver subprocess.
+ *
+ * @param Idx Connection index.
+ */
+GLOBAL void
+Conn_StartLogin(CONN_ID Idx)
+{
+ int ident_sock = -1;
+ assert(Idx >= 0);
+ /* Nothing to do if DNS (and resolver subprocess) is disabled */
+ if (!Conf_DNS)
+ return;
+
+#ifdef IDENTAUTH
+ /* Should we make an IDENT request? */
+ if (Conf_Ident)
+ ident_sock = My_Connections[Idx].sock;
+#endif
+
+ if (Conf_NoticeAuth) {
+ /* Send "NOTICE AUTH" messages to the client */
+#ifdef IDENTAUTH
+ if (Conf_Ident)
+ (void)Conn_WriteStr(Idx,
+ "NOTICE AUTH :*** Looking up your hostname and checking ident");
+ else
+#endif
+ (void)Conn_WriteStr(Idx,
+ "NOTICE AUTH :*** Looking up your hostname");
+ (void)Handle_Write(Idx);
+ }
+
+ Resolve_Addr(&My_Connections[Idx].proc_stat, &My_Connections[Idx].addr,
+ ident_sock, cb_Read_Resolver_Result);
+}
+
+
/**
* Update global connection counters.
*/
blob - 4a8b6777e8d714843a74df818c33e7a81984df81
blob + e42a2ae6a7ac1c1466ade3a8124650a489e61715
--- src/ngircd/conn.h
+++ src/ngircd/conn.h
GLOBAL CONN_ID Pool_Size;
GLOBAL long WCounter;
+#define CONNECTION2ID(x) (long)(x - My_Connections)
+
#endif /* CONN_MODULE */
GLOBAL unsigned int Conn_InitListeners PARAMS(( void ));
GLOBAL void Conn_ExitListeners PARAMS(( void ));
+GLOBAL void Conn_StartLogin PARAMS((CONN_ID Idx));
+
GLOBAL void Conn_Handler PARAMS(( void ));
GLOBAL bool Conn_WriteStr PARAMS(( CONN_ID Idx, const char *Format, ... ));
