ModuleSSLGnuTLS(InspIRCd* Me)
: Module(Me)
{
- ServerInstance->Modules->PublishInterface("InspSocketHook", this);
+ ServerInstance->Modules->PublishInterface("BufferedSocketHook", this);
// Not rehashable...because I cba to reduce all the sizes of existing buffers.
inbufsize = ServerInstance->Config->NetBufferSize;
gnutls_certificate_set_dh_params(x509_cred, dh_params);
}
- virtual void OnRehash(userrec* user, const std::string ¶m)
+ virtual void OnRehash(User* user, const std::string ¶m)
{
if(param != "ssl")
return;
{
if(target_type == TYPE_USER)
{
- userrec* user = (userrec*)item;
+ User* user = (User*)item;
if(user->GetExt("ssl", dummy) && isin(user->GetPort(), listenports))
{
// User is using SSL, they're a local user, and they're using one of *our* SSL ports.
// Potentially there could be multiple SSL modules loaded at once on different ports.
- userrec::QuitUser(ServerInstance, user, "SSL module unloading");
+ User::QuitUser(ServerInstance, user, "SSL module unloading");
}
if (user->GetExt("ssl_cert", dummy) && isin(user->GetPort(), listenports))
{
char* ret = "OK";
try
{
- ret = ServerInstance->Config->AddIOHook((Module*)this, (InspSocket*)ISR->Sock) ? (char*)"OK" : NULL;
+ ret = ServerInstance->Config->AddIOHook((Module*)this, (BufferedSocket*)ISR->Sock) ? (char*)"OK" : NULL;
}
catch (ModuleException &e)
{
}
else if (strcmp("IS_UNHOOK", request->GetId()) == 0)
{
- return ServerInstance->Config->DelIOHook((InspSocket*)ISR->Sock) ? (char*)"OK" : NULL;
+ return ServerInstance->Config->DelIOHook((BufferedSocket*)ISR->Sock) ? (char*)"OK" : NULL;
}
else if (strcmp("IS_HSDONE", request->GetId()) == 0)
{
{
if ((Extensible*)ServerInstance->FindDescriptor(ISR->Sock->GetFd()) == (Extensible*)(ISR->Sock))
{
- VerifyCertificate(session, (InspSocket*)ISR->Sock);
+ VerifyCertificate(session, (BufferedSocket*)ISR->Sock);
return "OK";
}
}
virtual void OnRawSocketAccept(int fd, const std::string &ip, int localport)
{
+ /* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
+ if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+ return;
+
issl_session* session = &sessions[fd];
session->fd = fd;
virtual void OnRawSocketConnect(int fd)
{
+ /* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
+ if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+ return;
+
issl_session* session = &sessions[fd];
session->fd = fd;
virtual void OnRawSocketClose(int fd)
{
+ /* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
+ if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+ return;
+
CloseSession(&sessions[fd]);
EventHandler* user = ServerInstance->SE->GetRef(fd);
virtual int OnRawSocketRead(int fd, char* buffer, unsigned int count, int &readresult)
{
+ /* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
+ if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+ return 0;
+
issl_session* session = &sessions[fd];
if (!session->sess)
virtual int OnRawSocketWrite(int fd, const char* buffer, int count)
{
+ /* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
+ if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+ return 0;
+
issl_session* session = &sessions[fd];
const char* sendbuffer = buffer;
if (!session->sess)
{
- ServerInstance->Log(DEBUG,"No session");
CloseSession(session);
return 1;
}
if (session->status == ISSL_HANDSHAKING_WRITE)
{
// The handshake isn't finished, try to finish it.
- ServerInstance->Log(DEBUG,"Finishing handshake");
Handshake(session);
errno = EAGAIN;
return -1;
if (session->status == ISSL_HANDSHAKEN)
{
- ServerInstance->Log(DEBUG,"Send record");
ret = gnutls_record_send(session->sess, sendbuffer, count);
- ServerInstance->Log(DEBUG,"Return: %d", ret);
if (ret == 0)
{
{
if(ret != GNUTLS_E_AGAIN && ret != GNUTLS_E_INTERRUPTED)
{
- ServerInstance->Log(DEBUG,"Not egain or interrupt, close session");
CloseSession(session);
}
else
{
- ServerInstance->Log(DEBUG,"Again please");
errno = EAGAIN;
}
}
else
{
- ServerInstance->Log(DEBUG,"Trim buffer");
session->outbuf = session->outbuf.substr(ret);
}
}
MakePollWrite(session);
/* Who's smart idea was it to return 1 when we havent written anything?
- * This fucks the buffer up in InspSocket :p
+ * This fucks the buffer up in BufferedSocket :p
*/
return ret < 1 ? 0 : ret;
}
// :kenny.chatspike.net 320 Om Epy|AFK :is a Secure Connection
- virtual void OnWhois(userrec* source, userrec* dest)
+ virtual void OnWhois(User* source, User* dest)
{
if (!clientactive)
return;
}
}
- virtual void OnSyncUserMetaData(userrec* user, Module* proto, void* opaque, const std::string &extname, bool displayable)
+ virtual void OnSyncUserMetaData(User* user, Module* proto, void* opaque, const std::string &extname, bool displayable)
{
// check if the linking module wants to know about OUR metadata
if(extname == "ssl")
// check if its our metadata key, and its associated with a user
if ((target_type == TYPE_USER) && (extname == "ssl"))
{
- userrec* dest = (userrec*)target;
+ User* dest = (User*)target;
// if they dont already have an ssl flag, accept the remote server's
if (!dest->GetExt(extname, dummy))
{
{
// Handshake complete.
// This will do for setting the ssl flag...it could be done earlier if it's needed. But this seems neater.
- userrec* extendme = ServerInstance->FindDescriptor(session->fd);
+ User* extendme = ServerInstance->FindDescriptor(session->fd);
if (extendme)
{
if (!extendme->GetExt("ssl", dummy))
}
}
- virtual void OnPostConnect(userrec* user)
+ virtual void OnPostConnect(User* user)
{
// This occurs AFTER OnUserConnect so we can be sure the
- // protocol module has propogated the NICK message.
+ // protocol module has propagated the NICK message.
if ((user->GetExt("ssl", dummy)) && (IS_LOCAL(user)))
{
// Tell whatever protocol module we're using that we need to inform other servers of this metadata NOW.
EventHandler* eh = ServerInstance->FindDescriptor(session->fd);
if (eh)
ServerInstance->SE->WantWrite(eh);
- ServerInstance->Log(DEBUG, "Want write set");
}
- virtual void OnBufferFlushed(userrec* user)
+ virtual void OnBufferFlushed(User* user)
{
if (user->GetExt("ssl"))
{
- ServerInstance->Log(DEBUG,"OnBufferFlushed for ssl user");
issl_session* session = &sessions[user->GetFd()];
if (session && session->outbuf.size())
OnRawSocketWrite(user->GetFd(), NULL, 0);
};
-MODULE_INIT(ModuleSSLGnuTLS);
+MODULE_INIT(ModuleSSLGnuTLS)