2 * InspIRCd -- Internet Relay Chat Daemon
4 * Copyright (C) 2009-2010 Daniel De Graaf <danieldg@inspircd.org>
5 * Copyright (C) 2008 Robin Burchell <robin+git@viroteck.net>
7 * This file is part of InspIRCd. InspIRCd is free software: you can
8 * redistribute it and/or modify it under the terms of the GNU General Public
9 * License as published by the Free Software Foundation, version 2.
11 * This program is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
13 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
25 #include <netinet/tcp.h>
28 ListenSocket::ListenSocket(ConfigTag* tag, const irc::sockets::sockaddrs& bind_to)
31 irc::sockets::satoap(bind_to, bind_addr, bind_port);
32 bind_desc = bind_to.str();
34 fd = socket(bind_to.sa.sa_family, SOCK_STREAM, 0);
40 /* This OS supports IPv6 sockets that can also listen for IPv4
41 * connections. If our address is "*" or empty, enable both v4 and v6 to
42 * allow for simpler configuration on dual-stack hosts. Otherwise, if it
43 * is "::" or an IPv6 address, disable support so that an IPv4 bind will
44 * work on the port (by us or another application).
46 if (bind_to.sa.sa_family == AF_INET6)
48 std::string addr = tag->getString("address");
49 /* This must be >= sizeof(DWORD) on Windows */
50 const int enable = (addr.empty() || addr == "*") ? 0 : 1;
51 /* This must be before bind() */
52 setsockopt(fd, IPPROTO_IPV6, IPV6_V6ONLY, reinterpret_cast<const char *>(&enable), sizeof(enable));
53 // errors ignored intentionally
57 SocketEngine::SetReuse(fd);
58 int rv = SocketEngine::Bind(this->fd, bind_to);
60 rv = SocketEngine::Listen(this->fd, ServerInstance->Config->MaxConn);
62 // Default defer to on for TLS listeners because in TLS the client always speaks first
63 int timeout = tag->getInt("defer", (tag->getString("ssl").empty() ? 0 : 3));
66 #if defined TCP_DEFER_ACCEPT
67 setsockopt(fd, IPPROTO_TCP, TCP_DEFER_ACCEPT, &timeout, sizeof(timeout));
68 #elif defined SO_ACCEPTFILTER
69 struct accept_filter_arg afa;
70 memset(&afa, 0, sizeof(afa));
71 strcpy(afa.af_name, "dataready");
72 setsockopt(fd, SOL_SOCKET, SO_ACCEPTFILTER, &afa, sizeof(afa));
79 SocketEngine::Shutdown(this, 2);
80 SocketEngine::Close(this->GetFd());
86 SocketEngine::NonBlocking(this->fd);
87 SocketEngine::AddFd(this, FD_WANT_POLL_READ | FD_WANT_NO_WRITE);
89 this->ResetIOHookProvider();
93 ListenSocket::~ListenSocket()
95 if (this->GetFd() > -1)
97 ServerInstance->Logs->Log("SOCKET", LOG_DEBUG, "Shut down listener on fd %d", this->fd);
98 SocketEngine::Shutdown(this, 2);
99 if (SocketEngine::Close(this) != 0)
100 ServerInstance->Logs->Log("SOCKET", LOG_DEBUG, "Failed to cancel listener: %s", strerror(errno));
104 void ListenSocket::OnEventHandlerRead()
106 irc::sockets::sockaddrs client;
107 irc::sockets::sockaddrs server;
109 socklen_t length = sizeof(client);
110 int incomingSockfd = SocketEngine::Accept(this, &client.sa, &length);
112 ServerInstance->Logs->Log("SOCKET", LOG_DEBUG, "Accepting connection on socket %s fd %d", bind_desc.c_str(), incomingSockfd);
113 if (incomingSockfd < 0)
115 ServerInstance->stats.Refused++;
119 socklen_t sz = sizeof(server);
120 if (getsockname(incomingSockfd, &server.sa, &sz))
122 ServerInstance->Logs->Log("SOCKET", LOG_DEBUG, "Can't get peername: %s", strerror(errno));
123 irc::sockets::aptosa(bind_addr, bind_port, server);
126 if (client.sa.sa_family == AF_INET6)
129 * This case is the be all and end all patch to catch and nuke 4in6
130 * instead of special-casing shit all over the place and wreaking merry
131 * havoc with crap, instead, we just recreate sockaddr and strip ::ffff: prefix
134 * This is, of course, much improved over the older way of handling this
135 * (pretend it doesn't exist + hack around it -- yes, both were done!)
137 * Big, big thanks to danieldg for his work on this.
140 static const unsigned char prefix4in6[12] = { 0,0,0,0, 0,0,0,0, 0,0,0xFF,0xFF };
141 if (!memcmp(prefix4in6, &client.in6.sin6_addr, 12))
143 // recreate as a sockaddr_in using the IPv4 IP
144 uint16_t sport = client.in6.sin6_port;
145 client.in4.sin_family = AF_INET;
146 client.in4.sin_port = sport;
147 memcpy(&client.in4.sin_addr.s_addr, client.in6.sin6_addr.s6_addr + 12, sizeof(uint32_t));
149 sport = server.in6.sin6_port;
150 server.in4.sin_family = AF_INET;
151 server.in4.sin_port = sport;
152 memcpy(&server.in4.sin_addr.s_addr, server.in6.sin6_addr.s6_addr + 12, sizeof(uint32_t));
156 SocketEngine::NonBlocking(incomingSockfd);
159 FIRST_MOD_RESULT(OnAcceptConnection, res, (incomingSockfd, this, &client, &server));
160 if (res == MOD_RES_PASSTHRU)
162 std::string type = bind_tag->getString("type", "clients");
163 if (type == "clients")
165 ServerInstance->Users->AddUser(incomingSockfd, this, &client, &server);
169 if (res == MOD_RES_ALLOW)
171 ServerInstance->stats.Accept++;
175 ServerInstance->stats.Refused++;
176 ServerInstance->Logs->Log("SOCKET", LOG_DEFAULT, "Refusing connection on %s - %s",
177 bind_desc.c_str(), res == MOD_RES_DENY ? "Connection refused by module" : "Module for this port not found");
178 SocketEngine::Close(incomingSockfd);
182 void ListenSocket::ResetIOHookProvider()
184 iohookprovs[0].SetProvider(bind_tag->getString("hook"));
186 // Check that all non-last hooks support being in the middle
187 for (IOHookProvList::iterator i = iohookprovs.begin(); i != iohookprovs.end()-1; ++i)
189 IOHookProvRef& curr = *i;
190 // Ignore if cannot be in the middle
191 if ((curr) && (!curr->IsMiddle()))
192 curr.SetProvider(std::string());
195 std::string provname = bind_tag->getString("ssl");
196 if (!provname.empty())
197 provname.insert(0, "ssl/");
199 // SSL should be the last
200 iohookprovs.back().SetProvider(provname);
projects / user / henk / code / inspircd.git / blob