diff options
author | attilamolnar <attilamolnar@hush.com> | 2013-04-10 17:05:13 +0200 |
---|---|---|
committer | attilamolnar <attilamolnar@hush.com> | 2013-04-10 17:05:13 +0200 |
commit | 65072d44f23804d85dd800c5ce6aa3548831142e (patch) | |
tree | 9e7b361f2a949d00a8f8f5111e6d4af1cee7a030 | |
parent | ac705cd20e12f46bd638093f000dfd541ffc5d22 (diff) |
m_spanningtree Create new TreeServers for incoming connections only when they've accepted our credentials, not when they send SERVER
-rw-r--r-- | src/modules/m_spanningtree/server.cpp | 62 | ||||
-rw-r--r-- | src/modules/m_spanningtree/treesocket.h | 11 | ||||
-rw-r--r-- | src/modules/m_spanningtree/treesocket2.cpp | 12 |
3 files changed, 60 insertions, 25 deletions
diff --git a/src/modules/m_spanningtree/server.cpp b/src/modules/m_spanningtree/server.cpp index 33c7f47b3..a04454f51 100644 --- a/src/modules/m_spanningtree/server.cpp +++ b/src/modules/m_spanningtree/server.cpp @@ -180,6 +180,33 @@ bool TreeSocket::Outbound_Reply_Server(parameterlist ¶ms) return false; } +bool TreeSocket::CheckDuplicate(const std::string& sname, const std::string& sid) +{ + /* Check for fully initialized instances of the server by name */ + TreeServer* CheckDupe = Utils->FindServer(sname); + if (CheckDupe) + { + std::string pname = CheckDupe->GetParent() ? CheckDupe->GetParent()->GetName() : "<ourself>"; + SendError("Server "+sname+" already exists on server "+pname+"!"); + ServerInstance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, already exists on server "+pname); + return false; + } + + /* Check for fully initialized instances of the server by id */ + ServerInstance->Logs->Log("m_spanningtree",DEBUG,"Looking for dupe SID %s", sid.c_str()); + CheckDupe = Utils->FindServerID(sid); + + if (CheckDupe) + { + this->SendError("Server ID "+CheckDupe->GetID()+" already exists on server "+CheckDupe->GetName()+"! You may want to specify the server ID for the server manually with <server:id> so they do not conflict."); + ServerInstance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, server ID '"+CheckDupe->GetID()+ + "' already exists on server "+CheckDupe->GetName()); + return false; + } + + return true; +} + /* * Someone else is attempting to connect to us if this is called. Validate their credentials etc. * -- w @@ -226,39 +253,24 @@ bool TreeSocket::Inbound_Server(parameterlist ¶ms) continue; } - /* Now check for fully initialized ServerInstances of the server by name */ - TreeServer* CheckDupe = Utils->FindServer(sname); - if (CheckDupe) - { - std::string pname = CheckDupe->GetParent() ? CheckDupe->GetParent()->GetName() : "<ourself>"; - SendError("Server "+sname+" already exists on server "+pname+"!"); - ServerInstance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, already exists on server "+pname); + if (!CheckDuplicate(sname, sid)) return false; - } - /* Check for fully initialized instances of the server by id */ - ServerInstance->Logs->Log("m_spanningtree",DEBUG,"Looking for dupe SID %s", sid.c_str()); - CheckDupe = Utils->FindServerID(sid); + ServerInstance->SNO->WriteToSnoMask('l',"Verified incoming server connection " + linkID + " ("+description+")"); - if (CheckDupe) - { - this->SendError("Server ID "+CheckDupe->GetID()+" already exists on server "+CheckDupe->GetName()+"! You may want to specify the server ID for the server manually with <server:id> so they do not conflict."); - ServerInstance->SNO->WriteToSnoMask('l',"Server connection from \2"+sname+"\2 denied, server ID '"+CheckDupe->GetID()+ - "' already exists on server "+CheckDupe->GetName()); - return false; - } + this->SendCapabilities(2); - ServerInstance->SNO->WriteToSnoMask('l',"Verified incoming server connection " + linkID + " ("+description+")"); - linkID = sname; + // Save these for later, so when they accept our credentials (indicated by BURST) we remember them + this->capab->hidden = x->Hidden; + this->capab->sid = sid; + this->capab->description = description; + this->capab->name = sname; - // this is good. Send our details: Our server name and description and hopcount of 0, + // Send our details: Our server name and description and hopcount of 0, // along with the sendpass from this block. - this->SendCapabilities(2); this->WriteLine("SERVER "+ServerInstance->Config->ServerName+" "+this->MakePass(x->SendPass, this->GetTheirChallenge())+" 0 "+ServerInstance->Config->GetSID()+" :"+ServerInstance->Config->ServerDesc); - // move to the next state, we are now waiting for THEM. - MyRoot = new TreeServer(Utils, sname, description, sid, Utils->TreeRoot, this, x->Hidden); - Utils->TreeRoot->AddChild(MyRoot); + // move to the next state, we are now waiting for THEM. this->LinkState = WAIT_AUTH_2; return true; } diff --git a/src/modules/m_spanningtree/treesocket.h b/src/modules/m_spanningtree/treesocket.h index c1ca5e74a..d8445572b 100644 --- a/src/modules/m_spanningtree/treesocket.h +++ b/src/modules/m_spanningtree/treesocket.h @@ -78,6 +78,12 @@ struct CapabData int capab_phase; /* Have sent CAPAB already */ bool auth_fingerprint; /* Did we auth using SSL fingerprint */ bool auth_challenge; /* Did we auth using challenge/response */ + + // Data saved from incoming SERVER command, for later use when our credentials have been accepted by the other party + std::string description; + std::string sid; + std::string name; + bool hidden; }; /** Every SERVER connection inbound or outbound is represented by an object of @@ -95,6 +101,11 @@ class TreeSocket : public BufferedSocket bool LastPingWasGood; /* Responded to last ping we sent? */ int proto_version; /* Remote protocol version */ bool ConnectionFailureShown; /* Set to true if a connection failure message was shown */ + + /** Checks if the given servername and sid are both free + */ + bool CheckDuplicate(const std::string& servername, const std::string& sid); + public: time_t age; diff --git a/src/modules/m_spanningtree/treesocket2.cpp b/src/modules/m_spanningtree/treesocket2.cpp index 04ca9edb1..5007fe921 100644 --- a/src/modules/m_spanningtree/treesocket2.cpp +++ b/src/modules/m_spanningtree/treesocket2.cpp @@ -164,9 +164,21 @@ void TreeSocket::ProcessLine(std::string &line) ServerInstance->SNO->WriteGlobalSno('l',"\2WARNING\2: Your clocks are out by %d seconds. Please consider synching your clocks.", abs((long)delta)); } } + + // Check for duplicate server name/sid again, it's possible that a new + // server was introduced while we were waiting for them to send BURST. + // (we do not reserve their server name/sid when they send SERVER, we do it now) + if (!CheckDuplicate(capab->name, capab->sid)) + return; + this->LinkState = CONNECTED; Utils->timeoutlist.erase(this); + linkID = capab->name; + + MyRoot = new TreeServer(Utils, capab->name, capab->description, capab->sid, Utils->TreeRoot, this, capab->hidden); + Utils->TreeRoot->AddChild(MyRoot); + MyRoot->bursting = true; this->DoBurst(MyRoot); |