summaryrefslogtreecommitdiff
path: root/blabouncer.c
diff options
context:
space:
mode:
authorLuke Bratch <luke@bratch.co.uk>2020-01-05 22:25:22 +0000
committerLuke Bratch <luke@bratch.co.uk>2020-01-05 22:25:22 +0000
commit82ab48d41bfef30ab51b407b48dfcda9ebc5f7e7 (patch)
tree28a87fe7d5c0af50aaf1abc4717c9e7cb93a24a5 /blabouncer.c
parentd0c2d49cc63cf14a094f3bb168ffdd18e2ea5ff3 (diff)
Fix some situations where the remote IP of a connecting/disconnecting client is wrong in the debug log and NOTICEs.
Diffstat (limited to 'blabouncer.c')
-rw-r--r--blabouncer.c31
1 files changed, 22 insertions, 9 deletions
diff --git a/blabouncer.c b/blabouncer.c
index 5ee48b5..c4e92ed 100644
--- a/blabouncer.c
+++ b/blabouncer.c
@@ -758,12 +758,24 @@ void dochat(int *serversockfd, int *clientsockfd, struct settings *settings) {
if (newfd > fdmax) { // keep track of the max
fdmax = newfd;
}
+
+ // If openssl_accept fails later on, this is the message we'll append to the usual connection announcement
+ char opensslfailmsg[] = ", but was disconnected due to a failure in SSL_accept()";
+ // Store the client's IP address for now, since we may need to refer to it after disconnecting
+ // them (thus clearing the array entry that the IP is read from) if something goes wrong
+ char remoteip[INET6_ADDRSTRLEN];
+ strncpy(remoteip, inet_ntop(remoteaddr.ss_family, get_in_addr((struct sockaddr*)&remoteaddr), remoteIP, INET6_ADDRSTRLEN), INET6_ADDRSTRLEN);
+
// Find a free element in the clients array and set to new fd value (plus start SSL_accept() if using client TLS)
for (int j = 0; j < MAXCLIENTS; j++) {
if (clients[j].fd == 0) {
clients[j].fd = newfd;
// Ensure its authentication status is set to 0
clients[j].authed = 0;
+
+ // Record the remote IP address of this client in the clients array
+ strncpy(clients[j].remoteip, remoteip, INET6_ADDRSTRLEN);
+
// If using TLS then...
if (settings->clienttls) {
// ...set as OpenSSL FD and SSL_accept it
@@ -776,27 +788,28 @@ void dochat(int *serversockfd, int *clientsockfd, struct settings *settings) {
debugprint(DEBUG_CRIT, "fd_toggle_blocking on failed for fd %d: %s.\n", clients[j].fd, strerror(errno));
disconnectclient(clients[j].fd, clients, &ircdstate, settings, clientcodes);
}
- // Try to SSL_accept(), not interested in return code here since openssl_accept() does the right thing.
- openssl_accept(clients[j].fd, clients, &ircdstate, settings, clientcodes);
+ // Try to SSL_accept()
+ if (openssl_accept(clients[j].fd, clients, &ircdstate, settings, clientcodes)) {
+ // It succeeded, so clear the failure message
+ opensslfailmsg[0] = '\0';
+ }
} else {
// If not using TLS then cast newfd to SSL* even though it will just be the original newfd int really
clients[j].ssl = (SSL*)(long int)newfd;
+ // There can't be an openssl_accept failure if we're not using TLS
+ opensslfailmsg[0] = '\0';
}
- // Record the remote IP address of this client in the clients array
- strncpy(clients[j].remoteip, inet_ntop(remoteaddr.ss_family, get_in_addr((struct sockaddr*)&remoteaddr), remoteIP, INET6_ADDRSTRLEN), INET6_ADDRSTRLEN);
-
break;
}
}
// TODO - Handle the "find a free element" loop not finding a free element
- debugprint(DEBUG_FULL, "bouncer-client: new connection from %s on socket %d\n",
- clients[arrindex(clients, newfd)].remoteip, newfd);
+ debugprint(DEBUG_FULL, "bouncer-client: new connection from %s on socket %d%s\n", remoteip, newfd, opensslfailmsg);
// Alert other clients about the new connection
char alertmsg[MAXDATASIZE];
- if (!snprintf(alertmsg, MAXDATASIZE, "NOTICE %s :blabouncer: new client connected from %s.", ircdstate.ircnick,
- clients[arrindex(clients, newfd)].remoteip)) {
+ if (!snprintf(alertmsg, MAXDATASIZE, "NOTICE %s :blabouncer: new client connected from %s%s.", ircdstate.ircnick,
+ remoteip, opensslfailmsg)) {
fprintf(stderr, "Error while preparing new client connection NOTICE!\n");
debugprint(DEBUG_CRIT, "Error while preparing new client connection NOTICE!\n");
alertmsg[0] = '\0';