summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2005-12-19 15:44:40 +0000
committerbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2005-12-19 15:44:40 +0000
commita37f75ae6d967f2193ee1796d75b61eb63946093 (patch)
treeedbf2c9540468d3035e403750a0f883d55084175
parentadc3349b11cb396b1c957245f8e5a89396959144 (diff)
Added extra key length checks, documented encryption in example conf
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@2576 e03df62e-2008-0410-955e-edbf42e46eb7
-rw-r--r--conf/inspircd.conf.example37
-rw-r--r--src/modules/m_spanningtree.cpp17
2 files changed, 39 insertions, 15 deletions
diff --git a/conf/inspircd.conf.example b/conf/inspircd.conf.example
index ac48be1ee..b77df99c1 100644
--- a/conf/inspircd.conf.example
+++ b/conf/inspircd.conf.example
@@ -240,17 +240,29 @@
# Defines which servers can link to this one, and which servers this #
# server may create outbound links to. #
# #
-# name - The name is the canocial name of the server, it does #
-# not have to resolve - but it is expected to be sent #
-# in the remote servers connection info. #
-# ipaddr - Valid host or ip address for remote server. * #
-# port - Valid listening UDP port for remote server. #
-# sendpass - Password to send to create an outbound connection to #
-# this server. #
-# recvpass - Password to receive to accept an inbound connection #
-# from this server. #
-# autoconnect - Sets the server to autoconnect. Where x is the number #
-# (optional) of seconds between attempts. 300 = 5 minutes #
+# name - The name is the canocial name of the server, it does#
+# not have to resolve - but it is expected to be sent #
+# in the remote servers connection info. #
+# #
+# ipaddr - Valid host or ip address for remote server. * #
+# #
+# port - Valid listening UDP port for remote server. #
+# #
+# sendpass - Password to send to create an outbound connection #
+# to this server. #
+# #
+# recvpass - Password to receive to accept an inbound connection #
+# from this server. #
+# #
+# autoconnect - Sets the server to autoconnect. x is the number #
+# (optional) of seconds between attempts. 300 = 5 minutes #
+# #
+# encryptionkey - The encryption key to use to encrypt this link. #
+# (optional) Applicable when using m_spanningtree.so, the key #
+# must be EXACTLY 16, 24 or 32 characters long and #
+# must match on both ends of the link. Each link may #
+# have its own key so long as both ends of the link #
+# use the same key string. #
# #
# to u:line a server (give it extra privilages required for running #
# services, Q, etc) you must include the <uline server> tag as shown #
@@ -272,7 +284,8 @@
port="7000"
autoconnect="300"
sendpass="outgoing!password"
- recvpass="incoming!password">
+ recvpass="incoming!password"
+ encryptionkey="0123456789123456">
<link name="services.antarctic.com"
ipaddr="localhost"
diff --git a/src/modules/m_spanningtree.cpp b/src/modules/m_spanningtree.cpp
index 10da3222c..6e2760e62 100644
--- a/src/modules/m_spanningtree.cpp
+++ b/src/modules/m_spanningtree.cpp
@@ -612,8 +612,15 @@ class TreeSocket : public InspSocket
{
if (x->EncryptionKey != "")
{
- this->WriteLine("AES "+Srv->GetServerName());
- this->InitAES(x->EncryptionKey,x->Name);
+ if (!(x->EncryptionKey.length() == 16 || x->EncryptionKey.length() == 24 || x->EncryptionKey.length() == 32))
+ {
+ WriteOpers("\2WARNING\2: Your encryption key is NOT 16, 24 or 32 characters in length, encryption will \2NOT\2 be enabled.");
+ }
+ else
+ {
+ this->WriteLine("AES "+Srv->GetServerName());
+ this->InitAES(x->EncryptionKey,x->Name);
+ }
}
/* found who we're supposed to be connecting to, send the neccessary gubbins. */
this->WriteLine("SERVER "+Srv->GetServerName()+" "+x->SendPass+" 0 :"+Srv->GetServerDescription());
@@ -1719,7 +1726,11 @@ class TreeSocket : public InspSocket
}
return true;
}
-
+ else if ((this->ctx) && (command == "AES"))
+ {
+ WriteOpers("\2AES\2: Encryption already enabled on this connection yet %s is trying to enable it twice!",params[0].c_str());
+ }
+
switch (this->LinkState)
{
TreeServer* Node;