From f288993a85681c09e3d92d8c3ab9742826923e99 Mon Sep 17 00:00:00 2001
From: danieldg <danieldg@e03df62e-2008-0410-955e-edbf42e46eb7>
Date: Tue, 2 Feb 2010 15:02:42 +0000
Subject: Add requireident/requiressl to connect blocks

git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@12353 e03df62e-2008-0410-955e-edbf42e46eb7
---
 conf/inspircd.conf.example |  6 +++++-
 src/modules/m_ident.cpp    | 14 ++++++++++++--
 src/modules/m_sslinfo.cpp  | 11 +++++++++--
 3 files changed, 26 insertions(+), 5 deletions(-)

diff --git a/conf/inspircd.conf.example b/conf/inspircd.conf.example
index baadf24d6..b9eec0e43 100644
--- a/conf/inspircd.conf.example
+++ b/conf/inspircd.conf.example
@@ -275,9 +275,13 @@
          # module be loaded as well.
          modes="+x"
 
+         # requireident/requiressl: require that users of this block use SSL or
+         # have a valid ident response. Requires m_ident or m_sslinfo
+         requiressl="on"
+
          # port: What port this user is allowed to connect on. (optional)
          # The port MUST be set to listen in the bind blocks above.
-         port="6667">
+         port="6697">
 
 <connect
          # name: Name to use for this connect block. Mainly used for
diff --git a/src/modules/m_ident.cpp b/src/modules/m_ident.cpp
index ead8a2021..d20c9d8dd 100644
--- a/src/modules/m_ident.cpp
+++ b/src/modules/m_ident.cpp
@@ -280,8 +280,11 @@ class ModuleIdent : public Module
 	ModuleIdent() : ext("ident_socket", this)
 	{
 		OnRehash(NULL);
-		Implementation eventlist[] = { I_OnRehash, I_OnUserRegister, I_OnCheckReady, I_OnUserDisconnect };
-		ServerInstance->Modules->Attach(eventlist, this, 4);
+		Implementation eventlist[] = {
+			I_OnRehash, I_OnUserRegister, I_OnCheckReady,
+			I_OnUserDisconnect, I_OnSetConnectClass
+		};
+		ServerInstance->Modules->Attach(eventlist, this, 5);
 	}
 
 	~ModuleIdent()
@@ -384,6 +387,13 @@ class ModuleIdent : public Module
 		return MOD_RES_PASSTHRU;
 	}
 
+	ModResult OnSetConnectClass(LocalUser* user, ConnectClass* myclass)
+	{
+		if (myclass->config->getBool("requireident") && user->ident[0] == '~')
+			return MOD_RES_DENY;
+		return MOD_RES_PASSTHRU;
+	}
+
 	virtual void OnCleanup(int target_type, void *item)
 	{
 		/* Module unloading, tidy up users */
diff --git a/src/modules/m_sslinfo.cpp b/src/modules/m_sslinfo.cpp
index e69f878d1..b67498072 100644
--- a/src/modules/m_sslinfo.cpp
+++ b/src/modules/m_sslinfo.cpp
@@ -127,8 +127,8 @@ class ModuleSSLInfo : public Module
 
 		ServerInstance->Extensions.Register(&cmd.CertExt);
 
-		Implementation eventlist[] = { I_OnWhois, I_OnPreCommand };
-		ServerInstance->Modules->Attach(eventlist, this, 2);
+		Implementation eventlist[] = { I_OnWhois, I_OnPreCommand, I_OnSetConnectClass };
+		ServerInstance->Modules->Attach(eventlist, this, 3);
 	}
 
 	Version GetVersion()
@@ -191,6 +191,13 @@ class ModuleSSLInfo : public Module
 		return MOD_RES_PASSTHRU;
 	}
 
+	ModResult OnSetConnectClass(LocalUser* user, ConnectClass* myclass)
+	{
+		if (myclass->config->getBool("requiressl") && !cmd.CertExt.get(user))
+			return MOD_RES_DENY;
+		return MOD_RES_PASSTHRU;
+	}
+
 	void OnRequest(Request& request)
 	{
 		if (strcmp("GET_USER_CERT", request.id) == 0)
-- 
cgit v1.2.3