#include "modules.h"
#include "inspircd.h"
+extern userrec* fd_ref_table[MAX_DESCRIPTORS];
+
/* $ModDesc: Provides support for RFC 1413 ident lookups */
// Version 1.5.0.0 - Updated to use InspSocket, faster and neater.
public:
userrec* u; // user record that the lookup is associated with
+ int ufd;
- RFC1413(userrec* user, int maxtime, Server* S) : InspSocket((char*)inet_ntoa(user->ip4), 113, false, maxtime), Srv(S), u(user)
+ RFC1413(userrec* user, int maxtime, Server* S) : InspSocket((char*)inet_ntoa(user->ip4), 113, false, maxtime), Srv(S), u(user), ufd(user->fd)
{
Srv->Log(DEBUG,"Ident: associated.");
}
{
// When we timeout, the connection failed within the allowed timeframe,
// so we just display a notice, and tidy off the ident_data.
- if (u)
+ if (u && (fd_ref_table[ufd] == u))
{
u->Shrink("ident_data");
Srv->SendServ(u->fd,"NOTICE "+std::string(u->nick)+" :*** Could not find your ident, using "+std::string(u->ident)+" instead.");
*j = '\0'; // truncate at invalid chars
if (*section)
{
- if (u)
+ if (u && (fd_ref_table[ufd] == u))
{
strlcpy(u->ident,section,IDENTMAX);
Srv->Log(DEBUG,"IDENT SET: "+std::string(u->ident));
{
// tidy up after ourselves when the connection is done.
// We receive this event straight after a timeout, too.
- if (u)
+ //
+ //
+ // OK, now listen up. The weird looking check here is
+ // REQUIRED. Don't try and optimize it away.
+ //
+ // When a socket is closed, it is not immediately removed
+ // from the socket list, there can be a short delay
+ // before it is culled from the list. This means that
+ // without this check, there is a chance that a user
+ // may not exist when we come to ::Shrink them, which
+ // results in a segfault. The value of "u" may not
+ // always be NULL at this point, so, what we do is
+ // check against the fd_ref_table, to see if (1) the user
+ // exists, and (2) its the SAME user, on the same file
+ // descriptor that they were when the lookup began.
+ //
+ // Fixes issue reported by webs, 7 Jun 2006
+ if (u && (fd_ref_table[ufd] == u))
{
u->Shrink("ident_data");
}
virtual void OnError(InspSocketError e)
{
- if (u)
+ if (u && (fd_ref_table[ufd] == u))
{
u->Shrink("ident_data");
}
virtual bool OnConnected()
{
- if (u)
+ if (u && (fd_ref_table[ufd] == u))
{
uslen = sizeof(sock_us);
themlen = sizeof(sock_them);
* either due to timeout or due to closing, so, we just hold them until they dont
* have an ident field any more.
*/
- RFC1413* ident = (RFC1413*)user->GetExt("ident_data");
- return (!ident);
+ RFC1413* ident;
+ return (!user->GetExt("ident_data", ident));
}
virtual void OnCleanup(int target_type, void* item)
if (target_type == TYPE_USER)
{
userrec* user = (userrec*)item;
- RFC1413* ident = (RFC1413*)user->GetExt("ident_data");
- if (ident)
+ RFC1413* ident;
+ if (user->GetExt("ident_data", ident))
{
// FIX: If the user record is deleted, the socket wont be removed
// immediately so there is chance of the socket trying to write to
* who have quit, as class RFC1459 is only loosely bound to userrec* via a pair of pointers
* and this would leave at least one of the invalid ;)
*/
- RFC1413* ident = (RFC1413*)user->GetExt("ident_data");
- if (ident)
+ RFC1413* ident;
+ if (user->GetExt("ident_data", ident))
{
ident->u = NULL;
Srv->RemoveSocket(ident);