From 50808796e016e1162c943a9e2393e57d2aaa7391 Mon Sep 17 00:00:00 2001
From: Elizabeth Myers <elizabeth@interlinked.me>
Date: Mon, 28 Mar 2016 16:47:51 -0500
Subject: [PATCH] =?UTF-8?q?authd:=20It=20Works,=20Bitches=E2=84=A2?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ircd/authd.c   | 82 ++++++++++++++++++--------------------------------
 ircd/ircd.c    |  4 +--
 ircd/newconf.c |  2 +-
 3 files changed, 32 insertions(+), 56 deletions(-)

diff --git a/ircd/authd.c b/ircd/authd.c
index d2514deb0..88819b755 100644
--- a/ircd/authd.c
+++ b/ircd/authd.c
@@ -48,7 +48,7 @@ static EVH timeout_dead_authd_clients;
 rb_helper *authd_helper;
 static char *authd_path;
 
-uint32_t cid = 1;
+uint32_t cid;
 static rb_dictionary *cid_clients;
 static struct ev_entry *timeout_ev;
 
@@ -115,15 +115,15 @@ parse_authd_reply(rb_helper * helper)
 {
 	ssize_t len;
 	int parc;
-	char dnsBuf[READBUF_SIZE];
+	char authdBuf[READBUF_SIZE];
 	char *parv[MAXPARA + 1];
 	long lcid;
-	char *id;
+	uint32_t cid;
 	struct Client *client_p;
 
-	while((len = rb_helper_read(helper, dnsBuf, sizeof(dnsBuf))) > 0)
+	while((len = rb_helper_read(helper, authdBuf, sizeof(authdBuf))) > 0)
 	{
-		parc = rb_string_to_array(dnsBuf, parv, MAXPARA+1);
+		parc = rb_string_to_array(authdBuf, parv, MAXPARA+1);
 
 		switch (*parv[0])
 		{
@@ -135,30 +135,23 @@ parse_authd_reply(rb_helper * helper)
 				return;
 			}
 
-			if((lcid = strtol(parv[1], NULL, 16)) > UINT32_MAX)
+			if((lcid = strtol(parv[1], NULL, 16)) > UINT32_MAX || lcid < 0)
 			{
-				iwarn("authd sent us back a bad client ID");
+				iwarn("authd sent us back a bad client ID: %ld", lcid);
 				restart_authd();
 				return;
 			}
 
+			cid = (uint32_t)lcid;
+
 			/* cid to uid (retrieve and delete) */
-			if((id = rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER((uint32_t)lcid))) == NULL)
+			if((client_p = rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(cid))) == NULL)
 			{
-				iwarn("authd sent us back an unknown client ID");
+				iwarn("authd sent us back an unknown client ID %x", cid);
 				restart_authd();
 				return;
 			}
 
-			if((client_p = find_id(id)) == NULL)
-			{
-				/* Client vanished... */
-				rb_free(id);
-				return;
-			}
-
-			rb_free(id);
-
 			authd_decide_client(client_p, parv[2], parv[3], true, '\0', NULL, NULL);
 			break;
 		case 'R':	/* Reject client */
@@ -169,30 +162,23 @@ parse_authd_reply(rb_helper * helper)
 				return;
 			}
 
-			if((lcid = strtol(parv[1], NULL, 16)) > UINT32_MAX)
+			if((lcid = strtol(parv[1], NULL, 16)) > UINT32_MAX || lcid < 0)
 			{
-				iwarn("authd sent us back a bad client ID");
+				iwarn("authd sent us back a bad client ID %ld", lcid);
 				restart_authd();
 				return;
 			}
 
+			cid = (uint32_t)lcid;
+
 			/* cid to uid (retrieve and delete) */
-			if((id = rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER((uint32_t)lcid))) == NULL)
+			if((client_p = rb_dictionary_delete(cid_clients, RB_UINT_TO_POINTER(cid))) == NULL)
 			{
-				iwarn("authd sent us back an unknown client ID");
+				iwarn("authd sent us back an unknown client ID %x", cid);
 				restart_authd();
 				return;
 			}
 
-			if((client_p = find_id(id)) == NULL)
-			{
-				/* Client vanished... */
-				rb_free(id);
-				return;
-			}
-
-			rb_free(id);
-
 			authd_decide_client(client_p, parv[3], parv[4], false, toupper(*parv[2]), parv[5], parv[6]);
 			break;
 		case 'N':	/* Notice to client */
@@ -202,26 +188,24 @@ parse_authd_reply(rb_helper * helper)
 				restart_authd();
 				return;
 			}
-			
-			if((lcid = strtol(parv[1], NULL, 16)) > UINT32_MAX)
+
+			if((lcid = strtol(parv[1], NULL, 16)) > UINT32_MAX || lcid < 0)
 			{
-				iwarn("authd sent us back a bad client ID");
+				iwarn("authd sent us back a bad client ID %ld", lcid);
 				restart_authd();
 				return;
 			}
 
+			cid = (uint32_t)lcid;
+
 			/* cid to uid */
-			if((id = rb_dictionary_retrieve(cid_clients, RB_UINT_TO_POINTER((uint32_t)lcid))) == NULL)
+			if((client_p = rb_dictionary_retrieve(cid_clients, RB_UINT_TO_POINTER(cid))) == NULL)
 			{
-				iwarn("authd sent us back an unknown client ID");
+				iwarn("authd sent us back an unknown client ID %x", cid);
 				restart_authd();
 				return;
 			}
 
-			if((client_p = find_id(id)) == NULL)
-				/* Client vanished... we'll let the timeout code handle it */
-				return;
-
 			sendto_one_notice(client_p, ":%s", parv[2]);
 			break;
 		case 'E':	/* DNS Result */
@@ -315,8 +299,8 @@ configure_authd(void)
 	/* These will do for now */
 	set_authd_timeout("ident_timeout", GlobalSetOptions.ident_timeout);
 	set_authd_timeout("rdns_timeout", ConfigFileEntry.connect_timeout);
-	set_authd_timeout("blacklist_timeout", ConfigFileEntry.connect_timeout);
-	ident_check_enable(ConfigFileEntry.disable_auth);	
+	set_authd_timeout("rbl_timeout", ConfigFileEntry.connect_timeout);
+	ident_check_enable(!ConfigFileEntry.disable_auth);
 }
 
 static void
@@ -377,13 +361,13 @@ authd_initiate_client(struct Client *client_p)
 	uint16_t client_port, listen_port;
 	uint32_t authd_cid;
 
-	if(client_p->preClient == NULL || client_p->preClient->authd_cid == 0)
+	if(client_p->preClient == NULL || client_p->preClient->authd_cid != 0)
 		return;
 
 	authd_cid = client_p->preClient->authd_cid = generate_cid();
 
 	/* Collisions are extremely unlikely, so disregard the possibility */
-	rb_dictionary_add(cid_clients, RB_UINT_TO_POINTER(authd_cid), rb_strdup(client_p->id));
+	rb_dictionary_add(cid_clients, RB_UINT_TO_POINTER(authd_cid), client_p);
 
 	/* Retrieve listener and client IP's */
 	rb_inet_ntop_sock((struct sockaddr *)&client_p->preClient->lip, listen_ipaddr, sizeof(listen_ipaddr));
@@ -476,14 +460,6 @@ timeout_dead_authd_clients(void *notused __unused)
 	RB_DICTIONARY_FOREACH(id, &iter, cid_clients)
 	{
 		struct Client *client_p;
-		if((client_p = find_id(id)) == NULL)
-		{
-			/* This shouldn't happen... but just in case... */
-			rb_helper_write(authd_helper, "E %x", RB_POINTER_TO_UINT(iter.cur->key));
-			rb_free(id);
-			rb_dictionary_delete(cid_clients, iter.cur->key);
-			continue;
-		}
 
 		if(client_p->preClient->authd_timeout < rb_current_time())
 		{
@@ -517,7 +493,7 @@ add_blacklist(const char *host, const char *reason, uint8_t iptype, rb_dlink_lis
 {
 	rb_dlink_node *ptr;
 	struct blacklist_stats *stats = rb_malloc(sizeof(struct blacklist_stats));
-	char filterbuf[BUFSIZE];
+	char filterbuf[BUFSIZE] = "*";
 	size_t s = 0;
 
 	/* Build a list of comma-separated values for authd.
diff --git a/ircd/ircd.c b/ircd/ircd.c
index 460b40099..535ce8340 100644
--- a/ircd/ircd.c
+++ b/ircd/ircd.c
@@ -845,8 +845,6 @@ charybdis_main(int argc, char *argv[])
 		return 0;	/* Why? We want the launcher to exit out. */
 	}
 
-	configure_authd();
-
 	me.from = &me;
 	me.servptr = &me;
 	SetMe(&me);
@@ -865,6 +863,8 @@ charybdis_main(int argc, char *argv[])
 	load_help();
 	open_logfiles();
 
+	configure_authd();
+
 	ilog(L_MAIN, "Server Ready");
 
 	/* We want try_connections to be called as soon as possible now! -- adrian */
diff --git a/ircd/newconf.c b/ircd/newconf.c
index 347f0f255..454d1ea4a 100644
--- a/ircd/newconf.c
+++ b/ircd/newconf.c
@@ -55,7 +55,7 @@ static struct alias_entry *yy_alias = NULL;
 static char *yy_blacklist_host = NULL;
 static char *yy_blacklist_reason = NULL;
 static uint8_t yy_blacklist_iptype = 0;
-static rb_dlink_list yy_blacklist_filters;
+static rb_dlink_list yy_blacklist_filters = { NULL, NULL, 0 };
 
 static char *yy_privset_extends = NULL;