1 /* +------------------------------------+
2 * | Inspire Internet Relay Chat Daemon |
3 * +------------------------------------+
5 * InspIRCd is copyright (C) 2002-2006 ChatSpike-Dev.
7 * <brain@chatspike.net>
8 * <Craig@chatspike.net>
10 * Written by Craig Edwards, Craig McLure, and others.
11 * This program is free but copyrighted software; see
12 * the file COPYING for details.
14 * ---------------------------------------------------
17 #ifndef __TRANSPORT_H__
18 #define __TRANSPORT_H__
23 /** A generic container for certificate data
25 typedef std::map<std::string,std::string> ssl_data;
27 /** A shorthand way of representing an iterator into ssl_data
29 typedef ssl_data::iterator ssl_data_iter;
31 /** ssl_cert is a class which abstracts SSL certificate
32 * and key information.
34 * Because gnutls and openssl represent key information in
35 * wildly different ways, this class allows it to be accessed
36 * in a unified manner. These classes are attached to ssl-
37 * connected local users using Extensible::Extend() and the
42 /** Always contains an empty string
44 const std::string empty;
47 /** The data for this certificate
51 /** Default constructor, initializes 'empty'
53 ssl_cert() : empty("")
57 /** Get certificate distinguished name
58 * @return Certificate DN
60 const std::string& GetDN()
62 ssl_data_iter ssldi = data.find("dn");
64 if (ssldi != data.end())
70 /** Get Certificate issuer
71 * @return Certificate issuer
73 const std::string& GetIssuer()
75 ssl_data_iter ssldi = data.find("issuer");
77 if (ssldi != data.end())
83 /** Get error string if an error has occured
84 * @return The error associated with this users certificate,
85 * or an empty string if there is no error.
87 const std::string& GetError()
89 ssl_data_iter ssldi = data.find("error");
91 if (ssldi != data.end())
97 /** Get key fingerprint.
98 * @return The key fingerprint as a hex string.
100 const std::string& GetFingerprint()
102 ssl_data_iter ssldi = data.find("fingerprint");
104 if (ssldi != data.end())
105 return ssldi->second;
111 * @return True if this is a trusted certificate
112 * (the certificate chain validates)
116 ssl_data_iter ssldi = data.find("trusted");
118 if (ssldi != data.end())
119 return (ssldi->second == "1");
124 /** Get validity status
125 * @return True if the certificate itself is
130 ssl_data_iter ssldi = data.find("invalid");
132 if (ssldi != data.end())
133 return (ssldi->second == "1");
138 /** Get signer status
139 * @return True if the certificate appears to be
142 bool IsUnknownSigner()
144 ssl_data_iter ssldi = data.find("unknownsigner");
146 if (ssldi != data.end())
147 return (ssldi->second == "1");
152 /** Get revokation status.
153 * @return True if the certificate is revoked.
154 * Note that this only works properly for GnuTLS
159 ssl_data_iter ssldi = data.find("revoked");
161 if (ssldi != data.end())
162 return (ssldi->second == "1");
168 /** Used to represent a request to a transport provider module
170 class ISHRequest : public Request
175 ISHRequest(Module* Me, Module* Target, const char* rtype, InspSocket* sock) : Request(Me, Target, rtype), Sock(sock)
180 /** Used to represent a request to attach a cert to an InspSocket
182 class InspSocketAttachCertRequest : public ISHRequest
185 /** Initialize the request as an attach cert message */
186 InspSocketAttachCertRequest(InspSocket* is, Module* Me, Module* Target) : ISHRequest(Me, Target, "IS_ATTACH", is)
191 /** Used to check if a handshake is complete on an InspSocket yet
193 class InspSocketHSCompleteRequest : public ISHRequest
196 /** Initialize the request as a 'handshake complete?' message */
197 InspSocketHSCompleteRequest(InspSocket* is, Module* Me, Module* Target) : ISHRequest(Me, Target, "IS_HSDONE", is)
202 /** Used to hook a transport provider to an InspSocket
204 class InspSocketHookRequest : public ISHRequest
207 /** Initialize request as a hook message */
208 InspSocketHookRequest(InspSocket* is, Module* Me, Module* Target) : ISHRequest(Me, Target, "IS_HOOK", is)
213 /** Used to unhook a transport provider from an InspSocket
215 class InspSocketUnhookRequest : public ISHRequest
218 /** Initialize request as an unhook message */
219 InspSocketUnhookRequest(InspSocket* is, Module* Me, Module* Target) : ISHRequest(Me, Target, "IS_UNHOOK", is)
224 class InspSocketNameRequest : public ISHRequest
227 /** Initialize request as a get name message */
228 InspSocketNameRequest(Module* Me, Module* Target) : ISHRequest(Me, Target, "IS_NAME", NULL)