ngIRCd GIT Updates

Diskussionsstrang Neuen Diskussionsstrang anfangen

Herunterladen

ngircd-commits@lists.barton.de

März 2013

1 Teilnehmer
12 Diskussionen

Alexander Barton : Don' t read SSL client data before DNS resolver is finished
by alex＠arthur.barton.de 09 Mär '13

09 Mär '13

Module: ngircd.git Branch: master Commit: b4393277ea1cc67bc8433fcbeded3fc2186f5c54 URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=b4393277… Author: Alexander Barton <alex(a)barton.de> Date: Sat Mar 9 17:44:34 2013 +0100 Don't read SSL client data before DNS resolver is finished Fix the cb_clientserver_ssl() callback function to not read in and store SSL encrypted client data before the asynchronous DNS resolver sub-process has finished: This could have resulted in discarding the resolved client hostname and IDENT reply afterwards, because in some situations (timing dependent) the NICK and USER commands could have already been read in from the client, stored in the buffer, and been processed. Thanks to Julian Brost for reporting the issue and testing, and to Federico G. Schwindt <fgsch(a)lodoss.net> for helping to debug it! --- src/ngircd/conn.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/src/ngircd/conn.c b/src/ngircd/conn.c index 3c1427d..eeedb44 100644 --- a/src/ngircd/conn.c +++ b/src/ngircd/conn.c @@ -367,13 +367,13 @@ cb_clientserver(int sock, short what) #ifdef SSL_SUPPORT /** - * IO callback for established SSL-enabled client and server connections. + * IO callback for new SSL-enabled client and server connections. * * @param sock Socket descriptor. * @param what IO specification (IO_WANTREAD/IO_WANTWRITE/...). */ static void -cb_clientserver_ssl(int sock, short what) +cb_clientserver_ssl(int sock, UNUSED short what) { CONN_ID idx = Socket2Index(sock); @@ -390,14 +390,11 @@ cb_clientserver_ssl(int sock, short what) case 0: return; /* EAGAIN: callback will be invoked again by IO layer */ default: - Conn_Close(idx, "SSL accept error, closing socket", "SSL accept error", false); + Conn_Close(idx, + "SSL accept error, closing socket", "SSL accept error", + false); return; } - if (what & IO_WANTREAD) - Read_Request(idx); - - if (what & IO_WANTWRITE) - Handle_Write(idx); io_event_setcb(sock, cb_clientserver); /* SSL handshake completed */ }

1 0

Alexander Barton : Increase password length limit to 64 characters
by alex＠arthur.barton.de 08 Mär '13

08 Mär '13

Module: ngircd.git Branch: master Commit: b33da9b8f3e46f3174093c01aa9e75b65964ecf2 URL: http://ngircd.barton.de/cgi-bin/gitweb.cgi?p=ngircd.git&a=commit;h=b33da9b8… Author: Alexander Barton <alex(a)barton.de> Date: Fri Mar 8 19:31:57 2013 +0100 Increase password length limit to 64 characters Closes bug #154. --- src/ngircd/defines.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ngircd/defines.h b/src/ngircd/defines.h index 3850b58..6b92a69 100644 --- a/src/ngircd/defines.h +++ b/src/ngircd/defines.h @@ -99,7 +99,7 @@ #define CLIENT_NICK_LEN 32 /** Max. password length (including NULL). */ -#define CLIENT_PASS_LEN 21 +#define CLIENT_PASS_LEN 65 /** Max. length of user name ("login"; incl. NULL), RFC 2812, section 1.2.1. */ #ifndef STRICT_RFC

1 0