summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSadie Powell <sadie@witchery.services>2020-04-21 02:20:12 +0100
committerSadie Powell <sadie@witchery.services>2020-04-21 02:20:12 +0100
commitfcc5ca0c8572f10915d5dbff1338ac17fec86775 (patch)
treeae94ba22d68dc6a815df764944f66f789a66604f
parenta2171e61888f6fccedfb4d4cc0d704c53adccc55 (diff)
Only read the SSL profiles if they're actually specified.
-rw-r--r--src/modules/extra/m_ssl_gnutls.cpp48
-rw-r--r--src/modules/extra/m_ssl_mbedtls.cpp48
-rw-r--r--src/modules/extra/m_ssl_openssl.cpp46
3 files changed, 74 insertions, 68 deletions
diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp
index df8daf4e3..d62500f3c 100644
--- a/src/modules/extra/m_ssl_gnutls.cpp
+++ b/src/modules/extra/m_ssl_gnutls.cpp
@@ -1312,33 +1312,35 @@ class ModuleSSLGnuTLS : public Module
throw ModuleException("Error while initializing the default TLS (SSL) profile - " + ex.GetReason());
}
}
-
- ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "You have defined an <sslprofile> tag; you should use this in place of \"gnutls\" when configuring TLS (SSL) connections in <bind:ssl> or <link:ssl>");
- for (ConfigIter i = tags.first; i != tags.second; ++i)
+ else
{
- ConfigTag* tag = i->second;
- if (!stdalgo::string::equalsci(tag->getString("provider"), "gnutls"))
- continue;
-
- std::string name = tag->getString("name");
- if (name.empty())
+ ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "You have defined an <sslprofile> tag; you should use this in place of \"gnutls\" when configuring TLS (SSL) connections in <bind:ssl> or <link:ssl>");
+ for (ConfigIter i = tags.first; i != tags.second; ++i)
{
- ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring <sslprofile> tag without name at " + tag->getTagLocation());
- continue;
- }
+ ConfigTag* tag = i->second;
+ if (!stdalgo::string::equalsci(tag->getString("provider"), "gnutls"))
+ continue;
- reference<GnuTLSIOHookProvider> prov;
- try
- {
- GnuTLS::Profile::Config profileconfig(name, tag);
- prov = new GnuTLSIOHookProvider(this, profileconfig);
- }
- catch (CoreException& ex)
- {
- throw ModuleException("Error while initializing TLS (SSL) profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason());
- }
+ std::string name = tag->getString("name");
+ if (name.empty())
+ {
+ ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring <sslprofile> tag without name at " + tag->getTagLocation());
+ continue;
+ }
- newprofiles.push_back(prov);
+ reference<GnuTLSIOHookProvider> prov;
+ try
+ {
+ GnuTLS::Profile::Config profileconfig(name, tag);
+ prov = new GnuTLSIOHookProvider(this, profileconfig);
+ }
+ catch (CoreException& ex)
+ {
+ throw ModuleException("Error while initializing TLS (SSL) profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason());
+ }
+
+ newprofiles.push_back(prov);
+ }
}
// New profiles are ok, begin using them
diff --git a/src/modules/extra/m_ssl_mbedtls.cpp b/src/modules/extra/m_ssl_mbedtls.cpp
index 1666c4700..048ab6819 100644
--- a/src/modules/extra/m_ssl_mbedtls.cpp
+++ b/src/modules/extra/m_ssl_mbedtls.cpp
@@ -886,33 +886,35 @@ class ModuleSSLmbedTLS : public Module
throw ModuleException("Error while initializing the default TLS (SSL) profile - " + ex.GetReason());
}
}
-
- ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "You have defined an <sslprofile> tag; you should use this in place of \"mbedtls\" when configuring TLS (SSL) connections in <bind:ssl> or <link:ssl>");
- for (ConfigIter i = tags.first; i != tags.second; ++i)
+ else
{
- ConfigTag* tag = i->second;
- if (!stdalgo::string::equalsci(tag->getString("provider"), "mbedtls"))
- continue;
-
- std::string name = tag->getString("name");
- if (name.empty())
+ ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "You have defined an <sslprofile> tag; you should use this in place of \"mbedtls\" when configuring TLS (SSL) connections in <bind:ssl> or <link:ssl>");
+ for (ConfigIter i = tags.first; i != tags.second; ++i)
{
- ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring <sslprofile> tag without name at " + tag->getTagLocation());
- continue;
- }
+ ConfigTag* tag = i->second;
+ if (!stdalgo::string::equalsci(tag->getString("provider"), "mbedtls"))
+ continue;
- reference<mbedTLSIOHookProvider> prov;
- try
- {
- mbedTLS::Profile::Config profileconfig(name, tag, ctr_drbg);
- prov = new mbedTLSIOHookProvider(this, profileconfig);
- }
- catch (CoreException& ex)
- {
- throw ModuleException("Error while initializing TLS (SSL) profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason());
- }
+ std::string name = tag->getString("name");
+ if (name.empty())
+ {
+ ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring <sslprofile> tag without name at " + tag->getTagLocation());
+ continue;
+ }
- newprofiles.push_back(prov);
+ reference<mbedTLSIOHookProvider> prov;
+ try
+ {
+ mbedTLS::Profile::Config profileconfig(name, tag, ctr_drbg);
+ prov = new mbedTLSIOHookProvider(this, profileconfig);
+ }
+ catch (CoreException& ex)
+ {
+ throw ModuleException("Error while initializing TLS (SSL) profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason());
+ }
+
+ newprofiles.push_back(prov);
+ }
}
// New profiles are ok, begin using them
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index f75d9b485..626baddc2 100644
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -990,32 +990,34 @@ class ModuleSSLOpenSSL : public Module
throw ModuleException("Error while initializing the default TLS (SSL) profile - " + ex.GetReason());
}
}
-
- ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "You have defined an <sslprofile> tag; you should use this in place of \"openssl\" when configuring TLS (SSL) connections in <bind:ssl> or <link:ssl>");
- for (ConfigIter i = tags.first; i != tags.second; ++i)
+ else
{
- ConfigTag* tag = i->second;
- if (!stdalgo::string::equalsci(tag->getString("provider"), "openssl"))
- continue;
-
- std::string name = tag->getString("name");
- if (name.empty())
+ ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "You have defined an <sslprofile> tag; you should use this in place of \"openssl\" when configuring TLS (SSL) connections in <bind:ssl> or <link:ssl>");
+ for (ConfigIter i = tags.first; i != tags.second; ++i)
{
- ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring <sslprofile> tag without name at " + tag->getTagLocation());
- continue;
- }
+ ConfigTag* tag = i->second;
+ if (!stdalgo::string::equalsci(tag->getString("provider"), "openssl"))
+ continue;
- reference<OpenSSLIOHookProvider> prov;
- try
- {
- prov = new OpenSSLIOHookProvider(this, name, tag);
- }
- catch (CoreException& ex)
- {
- throw ModuleException("Error while initializing TLS (SSL) profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason());
- }
+ std::string name = tag->getString("name");
+ if (name.empty())
+ {
+ ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring <sslprofile> tag without name at " + tag->getTagLocation());
+ continue;
+ }
+
+ reference<OpenSSLIOHookProvider> prov;
+ try
+ {
+ prov = new OpenSSLIOHookProvider(this, name, tag);
+ }
+ catch (CoreException& ex)
+ {
+ throw ModuleException("Error while initializing TLS (SSL) profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason());
+ }
- newprofiles.push_back(prov);
+ newprofiles.push_back(prov);
+ }
}
for (ProfileList::iterator i = profiles.begin(); i != profiles.end(); ++i)