~vanhoof/+junk/znc

Viewing changes to Socket.cpp

Committer: Bazaar Package Importer
Author(s): Patrick Matthäi
Date: 2009-07-24 13:46:00 UTC
mfrom: (1.2.4 upstream)
Revision ID: james.westby@ubuntu.com-20090724134600-uaxedj9f92i72ru1

Tags: 0.074-1

http://bugs.debian.org/537977

* New upstream release.
  - Bump urgency to high. This release fixes an high-impact directory
    traversal buf, where unpriviliged users can save about DCC SEND files on
    the server with the rights of the znc process. The attacker could also
    use the exploit to get a shell on the server.
    Closes: #537977
  - Use c-ares for DNS resolving, add libc-ares-dev and pkg-config as
    build-dependency.
* Merge 0.058-2+lenny2, 0.058-2+lenny3, 0.070-1~bpo40+1 and 0.070-1~bpo50+1
  changelog.
* Bump Standards-Version to 3.8.2 (no changes needed).

files added:
Socket.cpp

Socket.h

files modified:
Buffer.h

Chan.cpp

Client.cpp

Client.h

ClientCommand.cpp

Csocket.cpp

Csocket.h

DCCBounce.cpp

DCCBounce.h

DCCSock.cpp

DCCSock.h

FileUtils.cpp

FileUtils.h

HTTPSock.cpp

IRCSock.cpp

IRCSock.h

Makefile.in

Modules.cpp

Modules.h

Nick.cpp

README

Template.cpp

Template.h

User.cpp

User.h

Utils.h

ZNCString.cpp

ZNCString.h

configure

configure.in

debian/changelog

debian/control

main.cpp

main.h

modules/admin.cpp

modules/fail2ban.cpp

modules/modperl.cpp

modules/nickserv.cpp

modules/perform.cpp

modules/shell.cpp

modules/stickychan.cpp

modules/webadmin.cpp

modules/webadmin/skins/dark-clouds/Settings.tmpl

modules/webadmin/skins/default/Settings.tmpl

modules/webadmin/skins/graphiX/Settings.tmpl

modules/webadmin/skins/ice/Settings.tmpl

znc.cpp

znc.h

Show diffs side-by-side

added added

removed removed

Socket.cpp

* This program is free software; you can redistribute it and/or modify it

* under the terms of the GNU General Public License version 2 as published

* by the Free Software Foundation.

#include "Socket.h"

#ifdef HAVE_ARES

#include <ares.h>

#endif

#ifdef HAVE_ARES

struct DNSLookup {

bool bSocketDead;

bool bLookupDone;

// When both of the above are true, this struct can be freed

// Query

CString sHost;

CSSockAddr::EAFRequire family;

// Result

int ares_status;

CSSockAddr addr;

};

static ares_channel& GetAres() {

static ares_channel m_ares;

return m_ares;

}

#endif

CZNCSock::~CZNCSock() {

#ifdef HAVE_ARES

if (m_dns_lookup) {

m_dns_lookup->bSocketDead = true;

if (m_dns_lookup->bLookupDone)

delete m_dns_lookup;

m_dns_lookup = NULL;

}

#endif

}

CSockManager::CSockManager() : TSocketManager<CZNCSock>() {

#ifdef HAVE_ARES

int i = ares_init(&GetAres());

if (i != ARES_SUCCESS) {

CUtils::PrintError("Could not initialize c-ares: " + CString(ares_strerror(i)));

exit(0);

}

DEBUG("Successfully initialized c-ares");

#endif

}

CSockManager::~CSockManager() {

#ifdef HAVE_ARES

ares_destroy(GetAres());

#endif

}

#ifdef HAVE_ARES

int CSockManager::Select(int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds, struct timeval *timeout)

{

int ret;

// We assume that nfds is already the max. number of sockets allowed by

// the OS, so we don't need to update it here.

ares_fds(GetAres(), readfds, writefds);

ares_timeout(GetAres(), timeout, timeout);

ret = ::select(nfds, readfds, writefds, exceptfds, timeout);

ares_process(GetAres(), readfds, writefds);

return ret;

}

void CZNCSock::ares_callback(void *lookup, int status, int timeout, struct hostent *h) {

struct DNSLookup *p = (struct DNSLookup *) lookup;

p->bLookupDone = true;

DEBUG("DNS lookup done for " << p->sHost);

if (p->bSocketDead) {

delete p;

return;

}

p->ares_status = status;

if (!h) {

#ifdef HAVE_IPV6

if (p->family == CSSockAddr::RAF_ANY) {

// Try an AAAA lookup

p->family = CSSockAddr::RAF_INET6;

DEBUG("Retrying with AAAA");

p->bLookupDone = false;

ares_gethostbyname(GetAres(), p->sHost.c_str(), p->family,

ares_callback, p);

100

return;

101

}

102

#endif

103

if (status == ARES_SUCCESS)

104

p->ares_status = ARES_ENOTIMP;

105

return;

106

}

107

108

if (h->h_addrtype == AF_INET && h->h_length == sizeof(in_addr)) {

109

memcpy(p->addr.GetAddr(), h->h_addr_list[0], sizeof(in_addr));

110

p->addr.SetIPv6(false);

111

}

112

#ifdef HAVE_IPV6

113

else if (h->h_addrtype == AF_INET6 && h->h_length == sizeof(in6_addr)) {

114

memcpy(p->addr.GetAddr6(), h->h_addr_list[0], sizeof(in6_addr));

115

p->addr.SetIPv6(true);

116

}

117

#endif

118

else

119

DEBUG(__PRETTY_FUNCTION__ << ": Got unknown address with length " << h->h_length);

120

}

121

122

int CZNCSock::GetAddrInfo(const CS_STRING &sHostname, CSSockAddr &csSockAddr) {

123

// If this is an ip address, no lookup is necessary

124

#ifdef HAVE_IPV6

125

if (inet_pton(AF_INET6, sHostname.c_str(), csSockAddr.GetAddr6()) > 0) {

126

csSockAddr.SetIPv6(true);

127

SetIPv6(true);

128

return 0;

129

}

130

#endif

131

if (inet_pton(AF_INET, sHostname.c_str(), csSockAddr.GetAddr()) > 0) {

132

csSockAddr.SetIPv6(false);

133

SetIPv6(false);

134

return 0;

135

}

136

137

if (!m_dns_lookup) {

138

DEBUG("New dns lookup for " << sHostname);

139

140

m_dns_lookup = new struct DNSLookup;

141

m_dns_lookup->bSocketDead = false;

142

m_dns_lookup->bLookupDone = false;

143

m_dns_lookup->sHost = sHostname;

144

m_dns_lookup->ares_status = 0;

145

m_dns_lookup->family = csSockAddr.GetAFRequire();

146

147

CSSockAddr::EAFRequire family = csSockAddr.GetAFRequire();

148

if (family == CSSockAddr::RAF_ANY) {

149

// post-1.6.0 c-ares (=current CVS versions) support

150

// lookups with AF_UNSPEC which means it first tries an

151

// AAAA lookup and then fails back to an A lookup.

152

// Older versions (= any version out there) just

153

// generate an "address family not supported" error

154

// message if you feed them, so we can't use this nice

155

// feature for now.

156

family = CSSockAddr::RAF_INET;

157

}

158

ares_gethostbyname(GetAres(), sHostname.c_str(), family,

159

ares_callback, m_dns_lookup);

160

}

161

162

if (m_dns_lookup->sHost != sHostname)

163

// This *cannot* happen

164

DEBUG(__PRETTY_FUNCTION__ << ": Query target for an active DNS query changed!");

165

166

if (!m_dns_lookup->bLookupDone) {

167

DEBUG("waiting for dns on [" << sHostname << "] to finish...");

168

return EAGAIN;

169

}

170

171

if (m_dns_lookup->ares_status != ARES_SUCCESS) {

172

DEBUG("Error while looking up [" << sHostname << "]: "

173

<< ares_strerror(m_dns_lookup->ares_status));

174

delete m_dns_lookup;

175

m_dns_lookup = NULL;

176

return ETIMEDOUT;

177

}

178

179

#ifdef HAVE_IPV6

180

memcpy(csSockAddr.GetAddr6(), m_dns_lookup->addr.GetAddr6(), sizeof(in6_addr));

181

#endif

182

memcpy(csSockAddr.GetAddr(), m_dns_lookup->addr.GetAddr(), sizeof(in_addr));

183

csSockAddr.SetIPv6(m_dns_lookup->addr.GetIPv6());

184

SetIPv6(csSockAddr.GetIPv6());

185

186

DEBUG("GetAddrInfo() done for " << sHostname.c_str());

187

188

delete m_dns_lookup;

189

m_dns_lookup = NULL;

190

191

return 0;

192

}

193

#endif

194

195

unsigned int CSockManager::GetAnonConnectionCount(const CString &sIP) const {

196

const_iterator it;

197

unsigned int ret = 0;

198

199

for (it = begin(); it != end(); it++) {

200

CZNCSock *pSock = *it;

201

// Logged in CClients have "USR::<username>" as their sockname

202

if (pSock->GetRemoteIP() == sIP && pSock->GetSockName().Left(5) != "USR::") {

203

ret++;

204

}

205

}

206

207

DEBUG("There are [" << ret << "] clients from [" << sIP << "]");

208

209

return ret;

210

}

Older »