diff options
author | Sadie Powell <sadie@witchery.services> | 2020-04-21 02:20:12 +0100 |
---|---|---|
committer | Sadie Powell <sadie@witchery.services> | 2020-04-21 02:20:12 +0100 |
commit | fcc5ca0c8572f10915d5dbff1338ac17fec86775 (patch) | |
tree | ae94ba22d68dc6a815df764944f66f789a66604f | |
parent | a2171e61888f6fccedfb4d4cc0d704c53adccc55 (diff) |
Only read the SSL profiles if they're actually specified.
-rw-r--r-- | src/modules/extra/m_ssl_gnutls.cpp | 48 | ||||
-rw-r--r-- | src/modules/extra/m_ssl_mbedtls.cpp | 48 | ||||
-rw-r--r-- | src/modules/extra/m_ssl_openssl.cpp | 46 |
3 files changed, 74 insertions, 68 deletions
diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp index df8daf4e3..d62500f3c 100644 --- a/src/modules/extra/m_ssl_gnutls.cpp +++ b/src/modules/extra/m_ssl_gnutls.cpp @@ -1312,33 +1312,35 @@ class ModuleSSLGnuTLS : public Module throw ModuleException("Error while initializing the default TLS (SSL) profile - " + ex.GetReason()); } } - - ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "You have defined an <sslprofile> tag; you should use this in place of \"gnutls\" when configuring TLS (SSL) connections in <bind:ssl> or <link:ssl>"); - for (ConfigIter i = tags.first; i != tags.second; ++i) + else { - ConfigTag* tag = i->second; - if (!stdalgo::string::equalsci(tag->getString("provider"), "gnutls")) - continue; - - std::string name = tag->getString("name"); - if (name.empty()) + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "You have defined an <sslprofile> tag; you should use this in place of \"gnutls\" when configuring TLS (SSL) connections in <bind:ssl> or <link:ssl>"); + for (ConfigIter i = tags.first; i != tags.second; ++i) { - ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring <sslprofile> tag without name at " + tag->getTagLocation()); - continue; - } + ConfigTag* tag = i->second; + if (!stdalgo::string::equalsci(tag->getString("provider"), "gnutls")) + continue; - reference<GnuTLSIOHookProvider> prov; - try - { - GnuTLS::Profile::Config profileconfig(name, tag); - prov = new GnuTLSIOHookProvider(this, profileconfig); - } - catch (CoreException& ex) - { - throw ModuleException("Error while initializing TLS (SSL) profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason()); - } + std::string name = tag->getString("name"); + if (name.empty()) + { + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring <sslprofile> tag without name at " + tag->getTagLocation()); + continue; + } - newprofiles.push_back(prov); + reference<GnuTLSIOHookProvider> prov; + try + { + GnuTLS::Profile::Config profileconfig(name, tag); + prov = new GnuTLSIOHookProvider(this, profileconfig); + } + catch (CoreException& ex) + { + throw ModuleException("Error while initializing TLS (SSL) profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason()); + } + + newprofiles.push_back(prov); + } } // New profiles are ok, begin using them diff --git a/src/modules/extra/m_ssl_mbedtls.cpp b/src/modules/extra/m_ssl_mbedtls.cpp index 1666c4700..048ab6819 100644 --- a/src/modules/extra/m_ssl_mbedtls.cpp +++ b/src/modules/extra/m_ssl_mbedtls.cpp @@ -886,33 +886,35 @@ class ModuleSSLmbedTLS : public Module throw ModuleException("Error while initializing the default TLS (SSL) profile - " + ex.GetReason()); } } - - ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "You have defined an <sslprofile> tag; you should use this in place of \"mbedtls\" when configuring TLS (SSL) connections in <bind:ssl> or <link:ssl>"); - for (ConfigIter i = tags.first; i != tags.second; ++i) + else { - ConfigTag* tag = i->second; - if (!stdalgo::string::equalsci(tag->getString("provider"), "mbedtls")) - continue; - - std::string name = tag->getString("name"); - if (name.empty()) + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "You have defined an <sslprofile> tag; you should use this in place of \"mbedtls\" when configuring TLS (SSL) connections in <bind:ssl> or <link:ssl>"); + for (ConfigIter i = tags.first; i != tags.second; ++i) { - ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring <sslprofile> tag without name at " + tag->getTagLocation()); - continue; - } + ConfigTag* tag = i->second; + if (!stdalgo::string::equalsci(tag->getString("provider"), "mbedtls")) + continue; - reference<mbedTLSIOHookProvider> prov; - try - { - mbedTLS::Profile::Config profileconfig(name, tag, ctr_drbg); - prov = new mbedTLSIOHookProvider(this, profileconfig); - } - catch (CoreException& ex) - { - throw ModuleException("Error while initializing TLS (SSL) profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason()); - } + std::string name = tag->getString("name"); + if (name.empty()) + { + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring <sslprofile> tag without name at " + tag->getTagLocation()); + continue; + } - newprofiles.push_back(prov); + reference<mbedTLSIOHookProvider> prov; + try + { + mbedTLS::Profile::Config profileconfig(name, tag, ctr_drbg); + prov = new mbedTLSIOHookProvider(this, profileconfig); + } + catch (CoreException& ex) + { + throw ModuleException("Error while initializing TLS (SSL) profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason()); + } + + newprofiles.push_back(prov); + } } // New profiles are ok, begin using them diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index f75d9b485..626baddc2 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -990,32 +990,34 @@ class ModuleSSLOpenSSL : public Module throw ModuleException("Error while initializing the default TLS (SSL) profile - " + ex.GetReason()); } } - - ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "You have defined an <sslprofile> tag; you should use this in place of \"openssl\" when configuring TLS (SSL) connections in <bind:ssl> or <link:ssl>"); - for (ConfigIter i = tags.first; i != tags.second; ++i) + else { - ConfigTag* tag = i->second; - if (!stdalgo::string::equalsci(tag->getString("provider"), "openssl")) - continue; - - std::string name = tag->getString("name"); - if (name.empty()) + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "You have defined an <sslprofile> tag; you should use this in place of \"openssl\" when configuring TLS (SSL) connections in <bind:ssl> or <link:ssl>"); + for (ConfigIter i = tags.first; i != tags.second; ++i) { - ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring <sslprofile> tag without name at " + tag->getTagLocation()); - continue; - } + ConfigTag* tag = i->second; + if (!stdalgo::string::equalsci(tag->getString("provider"), "openssl")) + continue; - reference<OpenSSLIOHookProvider> prov; - try - { - prov = new OpenSSLIOHookProvider(this, name, tag); - } - catch (CoreException& ex) - { - throw ModuleException("Error while initializing TLS (SSL) profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason()); - } + std::string name = tag->getString("name"); + if (name.empty()) + { + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring <sslprofile> tag without name at " + tag->getTagLocation()); + continue; + } + + reference<OpenSSLIOHookProvider> prov; + try + { + prov = new OpenSSLIOHookProvider(this, name, tag); + } + catch (CoreException& ex) + { + throw ModuleException("Error while initializing TLS (SSL) profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason()); + } - newprofiles.push_back(prov); + newprofiles.push_back(prov); + } } for (ProfileList::iterator i = profiles.begin(); i != profiles.end(); ++i) |