m_ssl_gnutls Add compile time option for allowing sha256 certificate fingerprints

[user/henk/code/inspircd.git] / src / modules / extra / m_ssl_gnutls.cpp

diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp
index 4135194c58780a68b632ac57a479682d3780ed9a..228ceb99470264d7f163836f2e18b4bbf5607b6a 100644 (file)
--- a/src/modules/extra/m_ssl_gnutls.cpp
+++ b/src/modules/extra/m_ssl_gnutls.cpp
@@ -157,7 +157,7 @@ public:
        reference<ssl_cert> cert;
        reference<SSLConfig> config;
 
-       issl_session() : socket(NULL), sess(NULL) {}
+       issl_session() : socket(NULL), sess(NULL), status(ISSL_NONE) {}
 };
 
 static SSLConfig* GetSessionConfig(gnutls_session_t sess)
@@ -419,6 +419,10 @@ class ModuleSSLGnuTLS : public Module
                        hash = GNUTLS_DIG_MD5;
                else if (hashname == "sha1")
                        hash = GNUTLS_DIG_SHA1;
+#ifdef INSPIRCD_GNUTLS_ENABLE_SHA256_FINGERPRINT
+               else if (hashname == "sha256")
+                       hash = GNUTLS_DIG_SHA256;
+#endif
                else
                        throw ModuleException("Unknown hash type " + hashname);
 
@@ -615,6 +619,12 @@ class ModuleSSLGnuTLS : public Module
 
                        req.cert = session->cert;
                }
+               else if (!strcmp("GET_RAW_SSL_SESSION", request.id))
+               {
+                       SSLRawSessionRequest& req = static_cast<SSLRawSessionRequest&>(request);
+                       if ((req.fd >= 0) && (req.fd < ServerInstance->SE->GetMaxFds()))
+                               req.data = reinterpret_cast<void*>(sessions[req.fd].sess);
+               }
        }
 
        void InitSession(StreamSocket* user, bool me_server)