summaryrefslogtreecommitdiff
path: root/src/modules/extra
AgeCommit message (Collapse)Author
2014-12-07Fix warnings in m_ssl_openssl about the use of `long long` on C++03.Peter Powell
2014-10-27Merge insp20Attila Molnar
2014-10-27m_ssl_openssl Store a pointer to the OpenSSLIOHook object in SSL objectsAttila Molnar
2014-10-26Remove some dead code found by CoverityAttila Molnar
2014-10-25Use gnutls_rnd instead of gcry_randomize on newer GnuTLS versions.Peter Powell
This is a modified version of 690c372. Fixes #905.
2014-10-20m_ssl_openssl Add compile time option that allows disabling renegotiationsAttila Molnar
2014-10-20m_ssl_openssl Add compile time option to enable ECDHAttila Molnar
2014-10-20m_ssl_gnutls Add compile time option for allowing sha256 certificate ↵Attila Molnar
fingerprints
2014-10-16Initialize all fields of issl_session on module load in SSL modulesAttila Molnar
2014-10-16Add interface to SSL modules that allows other modules to obtain the raw SSL ↵Attila Molnar
session of a socket
2014-10-16m_ssl_gnutls Refcount GnuTLS objects, free them when they are no longer in ↵Attila Molnar
use instead of at /rehash ssl time
2014-10-15m_ssl_openssl Fix debug messageAttila Molnar
2014-10-15m_ssl_openssl Reset data_to_write for new sessionsAttila Molnar
2014-10-15m_ssl_openssl Free the ssl_cert object as soon as the session is closed ↵Attila Molnar
instead of waiting for the next VerifyCertificate() or new connection
2014-10-15m_ssl_openssl Remove bogus errno assignment from CloseSession()Attila Molnar
2014-10-14m_ssl_openssl Return an error from the IOHook read and write functions if ↵Attila Molnar
the handshake returns 0 The meaning of a 0 return value quoted from the manual: The TLS/SSL handshake was not successful but was shut down controlled and by the specifications of the TLS/SSL protocol.
2014-10-14m_ssl_openssl Add user-friendly config options for setting a few OpenSSL ↵Attila Molnar
context options
2014-10-10m_ssl_openssl Allow configuring raw OpenSSL context optionsAttila Molnar
2014-10-10m_ssl_openssl Disable session caching and session ticketsAttila Molnar
2014-10-10m_ssl_openssl Enable single (EC)DH use and disable SSL v2Attila Molnar
Options enabled: - SSL_OP_NO_SSLv2 - SSL_OP_SINGLE_DH_USE - SSL_OP_SINGLE_ECDH_USE (if it exists) Partial backport of #856 by @jvehent
2014-10-08m_ssl_openssl Clear the error queue before every SSL_* callAttila Molnar
2014-10-03m_ssl_gnutls Re-set DH params when the gnutls_certificate_credentials_t ↵Attila Molnar
struct is reallocated
2014-09-02m_sqlite3 Fix cleanup of unsuccessful database connectionsAttila Molnar
2014-07-25m_ssl_openssl Read the DH params file using the BIO API on all OSesAttila Molnar
2014-07-25Merge insp20Attila Molnar
2014-07-24Make sure the DN strings obtained from the SSL mods are always validAttila Molnar
2014-07-19Say "SSL certificate fingerprint" instead of "SSL fingerprint" everywhereAttila Molnar
2014-07-19Access local user list via new UserManager::GetLocalUsers() and make ↵Attila Molnar
local_users private
2014-07-19Move and rename typedef LocalUserList to UserManager::LocalListAttila Molnar
2014-07-10Remove current time parameter of the Timer constructorAttila Molnar
2014-06-30Set SSL options to sane default and enfore server cipher preferencesJulien Vehent
Original PR #856
2014-06-28Ignore safe compiler warnings in a more reliable way.Peter Powell
2014-06-14Kill needless #includes in source filesAttila Molnar
2014-06-13Change allocation of InspIRCd::Threads to be physically part of the object ↵Attila Molnar
containing it
2014-06-07m_ssl_openssl Remove unused MAX_DESCRIPTORS defineAttila Molnar
2014-05-26m_ssl_gnutls Don't include cap.hAttila Molnar
The tls cap is handled by m_starttls
2014-05-10m_ldap: time out LDAP queriesAdam
Set LDAP_OPT_NETWORK_TIMEOUT to 0 in m_ldap to prevent the asynchronous library calls from blocking Fix memory leak of pending queries when m_ldap is unloaded
2014-04-13Change Windows libraries to be dynamically linkedAdam
2014-04-13m_ssl_openssl Avoid Applink on Windows by calling PEM_read_bio_DHparams() ↵Attila Molnar
instead of PEM_read_DHparams()
2014-04-07Merge insp20Attila Molnar
2014-03-15Change allocation of InspIRCd::Timers to be physically part of the object ↵Attila Molnar
containing it
2014-02-13Remove support for advertising the SSL ports in RPL_ISUPPORT.Peter Powell
- No other IRC servers implement this. - No IRC clients I can find support this.
2014-02-08Change all socketengine methods to be staticAttila Molnar
2014-01-31Remove some dead codeAttila Molnar
2014-01-30Allow Timers to delete themselves in Tick()Attila Molnar
2014-01-26m_ssl_openssl Fix memory leaks on /rehash ssl, unload and in VerifyCertificate()Attila Molnar
2014-01-25Omit the server name internally when building a /STATS reply and prepend it ↵Attila Molnar
later
2014-01-24Set a session id on our server ssl context in m_ssl_openssl. It is required ↵Adam
for some clients which try to restore SSL sessions.
2014-01-22Split IOHook into IOHook and IOHookProviderAttila Molnar
Create one IOHook instance for each hooked socket which contains all the hook specific data and read/write/close functions, removing the need for the "issl_session" array in SSL modules. Register instances of the IOHookProvider class in the core and use them to create specialized IOHook instances (OnConnect/OnAccept). Remove the OnHookIO hook, add a dynamic reference to ListenSocket that points to the hook provider (if any) to use for incoming connections on that socket. For outgoing connections modules still have to find the IOHookProvider they want to use themselves but instead of calling AddIOHook(hookprov), now they have to call IOHookProvider::OnConnect() after the connection has been established.
2014-01-22Add the ability to have multiple SSL profilesAttila Molnar
SSL profiles are now used instead of fixed SSL settings for everything SSL, making it possible to use completely different settings for each listener and outgoing connection. Outgoing connections are broken until the next commit.