summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorattilamolnar <attilamolnar@hush.com>2013-04-10 17:05:13 +0200
committerattilamolnar <attilamolnar@hush.com>2013-04-10 17:05:13 +0200
commit65072d44f23804d85dd800c5ce6aa3548831142e (patch)
tree9e7b361f2a949d00a8f8f5111e6d4af1cee7a030
parentac705cd20e12f46bd638093f000dfd541ffc5d22 (diff)
m_spanningtree Create new TreeServers for incoming connections only when they've accepted our credentials, not when they send SERVER
-rw-r--r--src/modules/m_spanningtree/server.cpp62
-rw-r--r--src/modules/m_spanningtree/treesocket.h11
-rw-r--r--src/modules/m_spanningtree/treesocket2.cpp12
3 files changed, 60 insertions, 25 deletions
diff --git a/src/modules/m_spanningtree/server.cpp b/src/modules/m_spanningtree/server.cpp
index 33c7f47b3..a04454f51 100644
--- a/src/modules/m_spanningtree/server.cpp
+++ b/src/modules/m_spanningtree/server.cpp
@@ -180,6 +180,33 @@ bool TreeSocket::Outbound_Reply_Server(parameterlist &params)
return false;
}
+bool TreeSocket::CheckDuplicate(const std::string& sname, const std::string& sid)
+{
+ /* Check for fully initialized instances of the server by name */
+ TreeServer* CheckDupe = Utils->FindServer(sname);
+ if (CheckDupe)
+ {
+ std::string pname = CheckDupe->GetParent() ? CheckDupe->GetParent()->GetName() : "<ourself>";
+ SendError("Server "+sname+" already exists on server "+pname+"!");
+ ServerInstance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, already exists on server "+pname);
+ return false;
+ }
+
+ /* Check for fully initialized instances of the server by id */
+ ServerInstance->Logs->Log("m_spanningtree",DEBUG,"Looking for dupe SID %s", sid.c_str());
+ CheckDupe = Utils->FindServerID(sid);
+
+ if (CheckDupe)
+ {
+ this->SendError("Server ID "+CheckDupe->GetID()+" already exists on server "+CheckDupe->GetName()+"! You may want to specify the server ID for the server manually with <server:id> so they do not conflict.");
+ ServerInstance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, server ID '"+CheckDupe->GetID()+
+ "' already exists on server "+CheckDupe->GetName());
+ return false;
+ }
+
+ return true;
+}
+
/*
* Someone else is attempting to connect to us if this is called. Validate their credentials etc.
* -- w
@@ -226,39 +253,24 @@ bool TreeSocket::Inbound_Server(parameterlist &params)
continue;
}
- /* Now check for fully initialized ServerInstances of the server by name */
- TreeServer* CheckDupe = Utils->FindServer(sname);
- if (CheckDupe)
- {
- std::string pname = CheckDupe->GetParent() ? CheckDupe->GetParent()->GetName() : "<ourself>";
- SendError("Server "+sname+" already exists on server "+pname+"!");
- ServerInstance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, already exists on server "+pname);
+ if (!CheckDuplicate(sname, sid))
return false;
- }
- /* Check for fully initialized instances of the server by id */
- ServerInstance->Logs->Log("m_spanningtree",DEBUG,"Looking for dupe SID %s", sid.c_str());
- CheckDupe = Utils->FindServerID(sid);
+ ServerInstance->SNO->WriteToSnoMask('l',"Verified incoming server connection " + linkID + " ("+description+")");
- if (CheckDupe)
- {
- this->SendError("Server ID "+CheckDupe->GetID()+" already exists on server "+CheckDupe->GetName()+"! You may want to specify the server ID for the server manually with <server:id> so they do not conflict.");
- ServerInstance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, server ID '"+CheckDupe->GetID()+
- "' already exists on server "+CheckDupe->GetName());
- return false;
- }
+ this->SendCapabilities(2);
- ServerInstance->SNO->WriteToSnoMask('l',"Verified incoming server connection " + linkID + " ("+description+")");
- linkID = sname;
+ // Save these for later, so when they accept our credentials (indicated by BURST) we remember them
+ this->capab->hidden = x->Hidden;
+ this->capab->sid = sid;
+ this->capab->description = description;
+ this->capab->name = sname;
- // this is good. Send our details: Our server name and description and hopcount of 0,
+ // Send our details: Our server name and description and hopcount of 0,
// along with the sendpass from this block.
- this->SendCapabilities(2);
this->WriteLine("SERVER "+ServerInstance->Config->ServerName+" "+this->MakePass(x->SendPass, this->GetTheirChallenge())+" 0 "+ServerInstance->Config->GetSID()+" :"+ServerInstance->Config->ServerDesc);
- // move to the next state, we are now waiting for THEM.
- MyRoot = new TreeServer(Utils, sname, description, sid, Utils->TreeRoot, this, x->Hidden);
- Utils->TreeRoot->AddChild(MyRoot);
+ // move to the next state, we are now waiting for THEM.
this->LinkState = WAIT_AUTH_2;
return true;
}
diff --git a/src/modules/m_spanningtree/treesocket.h b/src/modules/m_spanningtree/treesocket.h
index c1ca5e74a..d8445572b 100644
--- a/src/modules/m_spanningtree/treesocket.h
+++ b/src/modules/m_spanningtree/treesocket.h
@@ -78,6 +78,12 @@ struct CapabData
int capab_phase; /* Have sent CAPAB already */
bool auth_fingerprint; /* Did we auth using SSL fingerprint */
bool auth_challenge; /* Did we auth using challenge/response */
+
+ // Data saved from incoming SERVER command, for later use when our credentials have been accepted by the other party
+ std::string description;
+ std::string sid;
+ std::string name;
+ bool hidden;
};
/** Every SERVER connection inbound or outbound is represented by an object of
@@ -95,6 +101,11 @@ class TreeSocket : public BufferedSocket
bool LastPingWasGood; /* Responded to last ping we sent? */
int proto_version; /* Remote protocol version */
bool ConnectionFailureShown; /* Set to true if a connection failure message was shown */
+
+ /** Checks if the given servername and sid are both free
+ */
+ bool CheckDuplicate(const std::string& servername, const std::string& sid);
+
public:
time_t age;
diff --git a/src/modules/m_spanningtree/treesocket2.cpp b/src/modules/m_spanningtree/treesocket2.cpp
index 04ca9edb1..5007fe921 100644
--- a/src/modules/m_spanningtree/treesocket2.cpp
+++ b/src/modules/m_spanningtree/treesocket2.cpp
@@ -164,9 +164,21 @@ void TreeSocket::ProcessLine(std::string &line)
ServerInstance->SNO->WriteGlobalSno('l',"\2WARNING\2: Your clocks are out by %d seconds. Please consider synching your clocks.", abs((long)delta));
}
}
+
+ // Check for duplicate server name/sid again, it's possible that a new
+ // server was introduced while we were waiting for them to send BURST.
+ // (we do not reserve their server name/sid when they send SERVER, we do it now)
+ if (!CheckDuplicate(capab->name, capab->sid))
+ return;
+
this->LinkState = CONNECTED;
Utils->timeoutlist.erase(this);
+ linkID = capab->name;
+
+ MyRoot = new TreeServer(Utils, capab->name, capab->description, capab->sid, Utils->TreeRoot, this, capab->hidden);
+ Utils->TreeRoot->AddChild(MyRoot);
+
MyRoot->bursting = true;
this->DoBurst(MyRoot);