diff options
author | brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> | 2005-12-19 15:44:40 +0000 |
---|---|---|
committer | brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7> | 2005-12-19 15:44:40 +0000 |
commit | a37f75ae6d967f2193ee1796d75b61eb63946093 (patch) | |
tree | edbf2c9540468d3035e403750a0f883d55084175 | |
parent | adc3349b11cb396b1c957245f8e5a89396959144 (diff) |
Added extra key length checks, documented encryption in example conf
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@2576 e03df62e-2008-0410-955e-edbf42e46eb7
-rw-r--r-- | conf/inspircd.conf.example | 37 | ||||
-rw-r--r-- | src/modules/m_spanningtree.cpp | 17 |
2 files changed, 39 insertions, 15 deletions
diff --git a/conf/inspircd.conf.example b/conf/inspircd.conf.example index ac48be1ee..b77df99c1 100644 --- a/conf/inspircd.conf.example +++ b/conf/inspircd.conf.example @@ -240,17 +240,29 @@ # Defines which servers can link to this one, and which servers this # # server may create outbound links to. # # # -# name - The name is the canocial name of the server, it does # -# not have to resolve - but it is expected to be sent # -# in the remote servers connection info. # -# ipaddr - Valid host or ip address for remote server. * # -# port - Valid listening UDP port for remote server. # -# sendpass - Password to send to create an outbound connection to # -# this server. # -# recvpass - Password to receive to accept an inbound connection # -# from this server. # -# autoconnect - Sets the server to autoconnect. Where x is the number # -# (optional) of seconds between attempts. 300 = 5 minutes # +# name - The name is the canocial name of the server, it does# +# not have to resolve - but it is expected to be sent # +# in the remote servers connection info. # +# # +# ipaddr - Valid host or ip address for remote server. * # +# # +# port - Valid listening UDP port for remote server. # +# # +# sendpass - Password to send to create an outbound connection # +# to this server. # +# # +# recvpass - Password to receive to accept an inbound connection # +# from this server. # +# # +# autoconnect - Sets the server to autoconnect. x is the number # +# (optional) of seconds between attempts. 300 = 5 minutes # +# # +# encryptionkey - The encryption key to use to encrypt this link. # +# (optional) Applicable when using m_spanningtree.so, the key # +# must be EXACTLY 16, 24 or 32 characters long and # +# must match on both ends of the link. Each link may # +# have its own key so long as both ends of the link # +# use the same key string. # # # # to u:line a server (give it extra privilages required for running # # services, Q, etc) you must include the <uline server> tag as shown # @@ -272,7 +284,8 @@ port="7000" autoconnect="300" sendpass="outgoing!password" - recvpass="incoming!password"> + recvpass="incoming!password" + encryptionkey="0123456789123456"> <link name="services.antarctic.com" ipaddr="localhost" diff --git a/src/modules/m_spanningtree.cpp b/src/modules/m_spanningtree.cpp index 10da3222c..6e2760e62 100644 --- a/src/modules/m_spanningtree.cpp +++ b/src/modules/m_spanningtree.cpp @@ -612,8 +612,15 @@ class TreeSocket : public InspSocket { if (x->EncryptionKey != "") { - this->WriteLine("AES "+Srv->GetServerName()); - this->InitAES(x->EncryptionKey,x->Name); + if (!(x->EncryptionKey.length() == 16 || x->EncryptionKey.length() == 24 || x->EncryptionKey.length() == 32)) + { + WriteOpers("\2WARNING\2: Your encryption key is NOT 16, 24 or 32 characters in length, encryption will \2NOT\2 be enabled."); + } + else + { + this->WriteLine("AES "+Srv->GetServerName()); + this->InitAES(x->EncryptionKey,x->Name); + } } /* found who we're supposed to be connecting to, send the neccessary gubbins. */ this->WriteLine("SERVER "+Srv->GetServerName()+" "+x->SendPass+" 0 :"+Srv->GetServerDescription()); @@ -1719,7 +1726,11 @@ class TreeSocket : public InspSocket } return true; } - + else if ((this->ctx) && (command == "AES")) + { + WriteOpers("\2AES\2: Encryption already enabled on this connection yet %s is trying to enable it twice!",params[0].c_str()); + } + switch (this->LinkState) { TreeServer* Node; |