]> git.netwichtig.de Git - user/henk/code/inspircd.git/blobdiff - src/modules/extra/m_ssl_gnutls.cpp
projects / user / henk / code / inspircd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Extbans can be VF_OPTCOMMON as they do not desync on module add/remove
[user/henk/code/inspircd.git] / src / modules / extra / m_ssl_gnutls.cpp
diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp
index 8ec787465a80598bf524c3b9c8189dfdedb6e132..1ebec075bd7400bebfff7c729951e6808de7e747 100644 (file)
--- a/src/modules/extra/m_ssl_gnutls.cpp
+++ b/src/modules/extra/m_ssl_gnutls.cpp
@@ -2,7 +2,7 @@
  *       | Inspire Internet Relay Chat Daemon |
  *       +------------------------------------+
  *
- *  InspIRCd: (C) 2002-2009 InspIRCd Development Team
+ *  InspIRCd: (C) 2002-2010 InspIRCd Development Team
  * See: http://wiki.inspircd.org/Credits
  *
  * This program is free but copyrighted software; see
@@ -24,9 +24,8 @@
 /* $ModDesc: Provides SSL support for clients */
 /* $CompileFlags: pkgconfincludes("gnutls","/gnutls/gnutls.h","") */
 /* $LinkerFlags: rpath("pkg-config --libs gnutls") pkgconflibs("gnutls","/libgnutls.so","-lgnutls") */
-/* $ModDep: transport.h */
-/* $CopyInstall: conf/key.pem $(CONPATH) */
-/* $CopyInstall: conf/cert.pem $(CONPATH) */
+/* $CopyInstall: conf/key.pem $(CONPATH) -m 0400 -o $(INSTUID) */
+/* $CopyInstall: conf/cert.pem $(CONPATH) -m 0444 */
 
 enum issl_status { ISSL_NONE, ISSL_HANDSHAKING_READ, ISSL_HANDSHAKING_WRITE, ISSL_HANDSHAKEN, ISSL_CLOSING, ISSL_CLOSED };
 
@@ -137,13 +136,12 @@ class ModuleSSLGnuTLS : public Module
        CommandStartTLS starttls;
 
        GenericCap capHandler;
+       ServiceProvider iohook;
  public:
 
        ModuleSSLGnuTLS()
-               : starttls(this), capHandler(this, "tls")
+               : starttls(this), capHandler(this, "tls"), iohook(this, "ssl/gnutls", SERVICE_IOHOOK)
        {
-               ServerInstance->Modules->PublishInterface("BufferedSocketHook", this);
-
                sessions = new issl_session[ServerInstance->SE->GetMaxFds()];
 
                gnutls_global_init(); // This must be called once in the program
@@ -151,6 +149,10 @@ class ModuleSSLGnuTLS : public Module
                gnutls_x509_privkey_init(&x509_key);
 
                cred_alloc = false;
+       }
+
+       void init()
+       {
                // Needs the flag as it ignores a plain /rehash
                OnModuleRehash(NULL,"ssl");
 
@@ -160,6 +162,7 @@ class ModuleSSLGnuTLS : public Module
                        I_OnEvent, I_OnHookIO };
                ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation));
 
+               ServerInstance->Modules->AddService(iohook);
                ServerInstance->AddCommand(&starttls);
        }
 
@@ -283,10 +286,12 @@ class ModuleSSLGnuTLS : public Module
        {
                gnutls_x509_crt_deinit(x509_cert);
                gnutls_x509_privkey_deinit(x509_key);
-               gnutls_dh_params_deinit(dh_params);
-               gnutls_certificate_free_credentials(x509_cred);
+               if (cred_alloc)
+               {
+                       gnutls_dh_params_deinit(dh_params);
+                       gnutls_certificate_free_credentials(x509_cred);
+               }
                gnutls_global_deinit();
-               ServerInstance->Modules->UnpublishInterface("BufferedSocketHook", this);
                delete[] sessions;
        }