#include <gnutls/gnutls.h>
#include <gnutls/x509.h>
#include "modules/ssl.h"
-#include "modules/cap.h"
#include <memory>
#if ((GNUTLS_VERSION_MAJOR > 2) || (GNUTLS_VERSION_MAJOR == 2 && GNUTLS_VERSION_MINOR > 9) || (GNUTLS_VERSION_MAJOR == 2 && GNUTLS_VERSION_MINOR == 9 && GNUTLS_VERSION_PATCH >= 8))
class RandGen : public HandlerBase2<void, char*, size_t>
{
public:
- RandGen() {}
void Call(char* buffer, size_t len)
{
#ifdef GNUTLS_HAS_RND
{
// gnutls_handshake() wants to read() again.
this->status = ISSL_HANDSHAKING_READ;
- ServerInstance->SE->ChangeEventMask(user, FD_WANT_POLL_READ | FD_WANT_NO_WRITE);
+ SocketEngine::ChangeEventMask(user, FD_WANT_POLL_READ | FD_WANT_NO_WRITE);
}
else
{
// gnutls_handshake() wants to write() again.
this->status = ISSL_HANDSHAKING_WRITE;
- ServerInstance->SE->ChangeEventMask(user, FD_WANT_NO_READ | FD_WANT_SINGLE_WRITE);
+ SocketEngine::ChangeEventMask(user, FD_WANT_NO_READ | FD_WANT_SINGLE_WRITE);
}
}
else
VerifyCertificate();
// Finish writing, if any left
- ServerInstance->SE->ChangeEventMask(user, FD_WANT_POLL_READ | FD_WANT_NO_WRITE | FD_ADD_TRIAL_WRITE);
+ SocketEngine::ChangeEventMask(user, FD_WANT_POLL_READ | FD_WANT_NO_WRITE | FD_ADD_TRIAL_WRITE);
return true;
}
return -1;
}
- int rv = ServerInstance->SE->Recv(sock, reinterpret_cast<char *>(buffer), size, 0);
+ int rv = SocketEngine::Recv(sock, reinterpret_cast<char *>(buffer), size, 0);
#ifdef _WIN32
if (rv < 0)
#endif
if (rv < (int)size)
- ServerInstance->SE->ChangeEventMask(sock, FD_READ_WILL_BLOCK);
+ SocketEngine::ChangeEventMask(sock, FD_READ_WILL_BLOCK);
return rv;
}
return -1;
}
- int rv = ServerInstance->SE->Send(sock, reinterpret_cast<const char *>(buffer), size, 0);
+ int rv = SocketEngine::Send(sock, reinterpret_cast<const char *>(buffer), size, 0);
#ifdef _WIN32
if (rv < 0)
#endif
if (rv < (int)size)
- ServerInstance->SE->ChangeEventMask(sock, FD_WRITE_WILL_BLOCK);
+ SocketEngine::ChangeEventMask(sock, FD_WRITE_WILL_BLOCK);
return rv;
}
if (ret == (int)sendq.length())
{
- ServerInstance->SE->ChangeEventMask(user, FD_WANT_NO_WRITE);
+ SocketEngine::ChangeEventMask(user, FD_WANT_NO_WRITE);
return 1;
}
else if (ret > 0)
{
sendq = sendq.substr(ret);
- ServerInstance->SE->ChangeEventMask(user, FD_WANT_SINGLE_WRITE);
+ SocketEngine::ChangeEventMask(user, FD_WANT_SINGLE_WRITE);
return 0;
}
else if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED || ret == 0)
{
- ServerInstance->SE->ChangeEventMask(user, FD_WANT_SINGLE_WRITE);
+ SocketEngine::ChangeEventMask(user, FD_WANT_SINGLE_WRITE);
return 0;
}
else // (ret < 0)
// First member of the class, gets constructed first and destructed last
GnuTLS::Init libinit;
-
- std::string sslports;
-
RandGen randhandler;
ProfileList profiles;
ServerInstance->GenRandom = &randhandler;
}
- void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE
- {
- sslports.clear();
-
- ConfigTag* Conf = ServerInstance->Config->ConfValue("gnutls");
-
- if (Conf->getBool("showports", true))
- {
- sslports = Conf->getString("advertisedports");
- if (!sslports.empty())
- return;
-
- for (size_t i = 0; i < ServerInstance->ports.size(); i++)
- {
- ListenSocket* port = ServerInstance->ports[i];
- if (port->bind_tag->getString("ssl") != "gnutls")
- continue;
-
- const std::string& portid = port->bind_desc;
- ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Enabling SSL for port %s", portid.c_str());
-
- if (port->bind_tag->getString("type", "clients") == "clients" && port->bind_addr != "127.0.0.1")
- {
- /*
- * Found an SSL port for clients that is not bound to 127.0.0.1 and handled by us, display
- * the IP:port in ISUPPORT.
- *
- * We used to advertise all ports seperated by a ';' char that matched the above criteria,
- * but this resulted in too long ISUPPORT lines if there were lots of ports to be displayed.
- * To solve this by default we now only display the first IP:port found and let the user
- * configure the exact value for the 005 token, if necessary.
- */
- sslports = portid;
- break;
- }
- }
- }
- }
-
void OnModuleRehash(User* user, const std::string ¶m) CXX11_OVERRIDE
{
if(param != "ssl")
return Version("Provides SSL support for clients", VF_VENDOR);
}
- void On005Numeric(std::map<std::string, std::string>& tokens) CXX11_OVERRIDE
- {
- if (!sslports.empty())
- tokens["SSL"] = sslports;
- }
-
void OnUserConnect(LocalUser* user) CXX11_OVERRIDE
{
IOHook* hook = user->eh.GetIOHook();