summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2005-12-20 09:58:03 +0000
committerbrain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>2005-12-20 09:58:03 +0000
commitbe11282fb8cb197fd18c89623de26a07dd860257 (patch)
tree4e1c0a545323fda88508d8076d071c8f1396a65c
parente587b9efef09ca2cbb8873dd8cb2941ad74bda42 (diff)
Added stricter checking for encryption on connect, if enabled
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@2584 e03df62e-2008-0410-955e-edbf42e46eb7
-rw-r--r--src/modules/m_spanningtree.cpp9
1 files changed, 9 insertions, 0 deletions
diff --git a/src/modules/m_spanningtree.cpp b/src/modules/m_spanningtree.cpp
index 6e2760e62..e42a7def0 100644
--- a/src/modules/m_spanningtree.cpp
+++ b/src/modules/m_spanningtree.cpp
@@ -1620,6 +1620,15 @@ class TreeSocket : public InspSocket
this->WriteLine("ERROR :Server "+servername+" already exists on server "+CheckDupe->GetParent()->GetName()+"!");
return false;
}
+ /* If the config says this link is encrypted, but the remote side
+ * hasnt bothered to send the AES command before SERVER, then we
+ * boot them off as we MUST have this connection encrypted.
+ */
+ if ((x->EncryptionKey != "") && (!this->ctx))
+ {
+ this->WriteLine("ERROR :This link requires AES encryption to be enabled. Plaintext connection refused.");
+ return false;
+ }
Srv->SendOpers("*** Verified incoming server connection from \002"+servername+"\002["+this->GetIP()+"] ("+description+")");
this->InboundServerName = servername;
this->InboundDescription = description;