#include "inspircd.h"
-#ifndef _WIN32
-#include <gcrypt.h>
-#endif
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
#include "ssl.h"
#endif
/* $ModDesc: Provides SSL support for clients */
-/* $CompileFlags: pkgconfincludes("gnutls","/gnutls/gnutls.h","") exec("libgcrypt-config --cflags") */
-/* $LinkerFlags: rpath("pkg-config --libs gnutls") pkgconflibs("gnutls","/libgnutls.so","-lgnutls") exec("libgcrypt-config --libs") */
+/* $CompileFlags: pkgconfincludes("gnutls","/gnutls/gnutls.h","") iflt("pkg-config --modversion gnutls","2.12") exec("libgcrypt-config --cflags") */
+/* $LinkerFlags: rpath("pkg-config --libs gnutls") pkgconflibs("gnutls","/libgnutls.so","-lgnutls") iflt("pkg-config --modversion gnutls","2.12") exec("libgcrypt-config --libs") */
/* $NoPedantic */
#ifndef GNUTLS_VERSION_MAJOR
typedef gnutls_dh_params_t gnutls_dh_params;
#endif
-#if (defined(_WIN32) && (GNUTLS_VERSION_MAJOR > 2 || (GNUTLS_VERSION_MAJOR == 2 && GNUTLS_VERSION_MINOR >= 12)))
+#if (GNUTLS_VERSION_MAJOR > 2 || (GNUTLS_VERSION_MAJOR == 2 && GNUTLS_VERSION_MINOR >= 12))
# define GNUTLS_HAS_RND
# include <gnutls/crypto.h>
#else
reference<ssl_cert> cert;
reference<SSLConfig> config;
- issl_session() : socket(NULL), sess(NULL) {}
+ issl_session() : socket(NULL), sess(NULL), status(ISSL_NONE) {}
};
static SSLConfig* GetSessionConfig(gnutls_session_t sess)
ServerInstance->GenRandom = &randhandler;
Implementation eventlist[] = { I_On005Numeric, I_OnRehash, I_OnModuleRehash, I_OnUserConnect,
- I_OnEvent, I_OnHookIO };
+ I_OnEvent, I_OnHookIO, I_OnCheckReady };
ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation));
ServerInstance->Modules->AddService(iohook);
hash = GNUTLS_DIG_MD5;
else if (hashname == "sha1")
hash = GNUTLS_DIG_SHA1;
+#ifdef INSPIRCD_GNUTLS_ENABLE_SHA256_FINGERPRINT
+ else if (hashname == "sha256")
+ hash = GNUTLS_DIG_SHA256;
+#endif
else
throw ModuleException("Unknown hash type " + hashname);
if (starttls.enabled)
capHandler.HandleEvent(ev);
}
+
+ ModResult OnCheckReady(LocalUser* user)
+ {
+ if ((user->eh.GetIOHook() == this) && (sessions[user->eh.GetFd()].status != ISSL_HANDSHAKEN))
+ return MOD_RES_DENY;
+ return MOD_RES_PASSTHRU;
+ }
};
MODULE_INIT(ModuleSSLGnuTLS)