/// $LinkerFlags: find_linker_flags("gnutls" "-lgnutls")
/// $LinkerFlags: require_version("gnutls" "1.0" "2.12") execute("libgcrypt-config --libs" "LIBGCRYPT_LDFLAGS")
+/// $PackageInfo: require_system("arch") gnutls pkgconf
/// $PackageInfo: require_system("centos") gnutls-devel pkgconfig
/// $PackageInfo: require_system("darwin") gnutls pkg-config
-/// $PackageInfo: require_system("debian" "1.0" "7.99") libgcrypt11-dev
/// $PackageInfo: require_system("debian") gnutls-bin libgnutls28-dev pkg-config
-/// $PackageInfo: require_system("ubuntu" "1.0" "13.10") libgcrypt11-dev
/// $PackageInfo: require_system("ubuntu") gnutls-bin libgnutls-dev pkg-config
#include "inspircd.h"
#include "modules/ssl.h"
#include <memory>
+#ifdef __GNUC__
+# pragma GCC diagnostic push
+#endif
+
// Fix warnings about the use of commas at end of enumerator lists on C++03.
#if defined __clang__
# pragma clang diagnostic ignored "-Wc++11-extensions"
#elif defined __GNUC__
-# if __GNUC__ < 6
-# pragma GCC diagnostic ignored "-pedantic"
+# if (__GNUC__ > 4) || ((__GNUC__ == 4) && (__GNUC_MINOR__ >= 8))
+# pragma GCC diagnostic ignored "-Wpedantic"
# else
-# pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+# pragma GCC diagnostic ignored "-pedantic"
# endif
#endif
+// Fix warnings about using std::auto_ptr on C++11 or newer.
+#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
+
#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
+#ifdef __GNUC__
+# pragma GCC diagnostic pop
+#endif
+
#ifndef GNUTLS_VERSION_NUMBER
#define GNUTLS_VERSION_NUMBER LIBGNUTLS_VERSION_NUMBER
#define GNUTLS_VERSION LIBGNUTLS_VERSION
#define GNUTLS_NEW_PRIO_API
#endif
-#if (!INSPIRCD_GNUTLS_HAS_VERSION(2, 0, 0))
-typedef gnutls_certificate_credentials_t gnutls_certificate_credentials;
-typedef gnutls_dh_params_t gnutls_dh_params;
-#endif
-
enum issl_status { ISSL_NONE, ISSL_HANDSHAKING, ISSL_HANDSHAKEN };
#if INSPIRCD_GNUTLS_HAS_VERSION(2, 12, 0)
static Module* thismod;
-class RandGen : public HandlerBase2<void, char*, size_t>
+class RandGen
{
public:
- void Call(char* buffer, size_t len)
+ static void Call(char* buffer, size_t len)
{
#ifdef GNUTLS_HAS_RND
gnutls_rnd(GNUTLS_RND_RANDOM, buffer, len);
throw Exception("Unknown hash type " + hashname);
gnutls_hash_deinit(is_digest, NULL);
#else
- if (hashname == "md5")
+ if (stdalgo::string::equalsci(hashname, "md5"))
hash = GNUTLS_DIG_MD5;
- else if (hashname == "sha1")
+ else if (stdalgo::string::equalsci(hashname, "sha1"))
hash = GNUTLS_DIG_SHA1;
-#ifdef INSPIRCD_GNUTLS_ENABLE_SHA256_FINGERPRINT
- else if (hashname == "sha256")
+ else if (stdalgo::string::equalsci(hashname, "sha256"))
hash = GNUTLS_DIG_SHA256;
-#endif
else
throw Exception("Unknown hash type " + hashname);
#endif
, keystr(ReadFile(tag->getString("keyfile", "key.pem")))
, dh(DHParams::Import(ReadFile(tag->getString("dhfile", "dhparams.pem"))))
, priostr(GetPrioStr(profilename, tag))
- , mindh(tag->getInt("mindhbits", 1024))
+ , mindh(tag->getUInt("mindhbits", 1024))
, hashstr(tag->getString("hash", "md5"))
, requestclientcert(tag->getBool("requestclientcert", true))
{
#ifdef INSPIRCD_GNUTLS_HAS_CORK
// If cork support is available outrecsize represents the (rough) max amount of data we give GnuTLS while corked
- outrecsize = tag->getInt("outrecsize", 2048, 512);
+ outrecsize = tag->getUInt("outrecsize", 2048, 512);
#else
- outrecsize = tag->getInt("outrecsize", 2048, 512, 16384);
+ outrecsize = tag->getUInt("outrecsize", 2048, 512, 16384);
#endif
}
};
// First member of the class, gets constructed first and destructed last
GnuTLS::Init libinit;
- RandGen randhandler;
ProfileList profiles;
void ReadProfiles()
for (ConfigIter i = tags.first; i != tags.second; ++i)
{
ConfigTag* tag = i->second;
- if (tag->getString("provider") != "gnutls")
+ if (!stdalgo::string::equalsci(tag->getString("provider"), "gnutls"))
continue;
std::string name = tag->getString("name");
{
ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "GnuTLS lib version %s module was compiled for " GNUTLS_VERSION, gnutls_check_version(NULL));
ReadProfiles();
- ServerInstance->GenRandom = &randhandler;
+ ServerInstance->GenRandom = RandGen::Call;
}
void OnModuleRehash(User* user, const std::string ¶m) CXX11_OVERRIDE
~ModuleSSLGnuTLS()
{
- ServerInstance->GenRandom = &ServerInstance->HandleGenRandom;
+ ServerInstance->GenRandom = &InspIRCd::DefaultGenRandom;
}
void OnCleanup(ExtensionItem::ExtensibleType type, Extensible* item) CXX11_OVERRIDE
Version GetVersion() CXX11_OVERRIDE
{
- return Version("Provides SSL support for clients", VF_VENDOR);
+ return Version("Provides SSL support via GnuTLS", VF_VENDOR);
}
ModResult OnCheckReady(LocalUser* user) CXX11_OVERRIDE