Add stuff so that modules can hook users by altering a pointer in the User class...

[user/henk/code/inspircd.git] / src / modules / extra / m_ssl_gnutls.cpp

diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp
index 554dd17ddc1e224d825b3218fe79b748dd7c0f56..f3af386aea579689b0cc5f730c8dcaf393906beb 100644 (file)
--- a/src/modules/extra/m_ssl_gnutls.cpp
+++ b/src/modules/extra/m_ssl_gnutls.cpp
@@ -6,7 +6,7 @@
  * See: http://www.inspircd.org/wiki/index.php/Credits
  *
  * This program is free but copyrighted software; see
- *            the file COPYING for details.
+ *         the file COPYING for details.
  *
  * ---------------------------------------------------
  */
@@ -24,6 +24,7 @@
 #include "socket.h"
 #include "hashcomp.h"
 #include "transport.h"
+#include "m_cap.h"
 
 #ifdef WINDOWS
 #pragma comment(lib, "libgnutls-13.lib")
@@ -62,6 +63,28 @@ public:
        int fd;
 };
 
+class CommandStartTLS : public Command
+{
+       Module* Caller;
+ public:
+       /* Command 'dalinfo', takes no parameters and needs no special modes */
+       CommandStartTLS (InspIRCd* Instance, Module* mod) : Command(Instance,"STARTTLS", 0, 0, true), Caller(mod)
+       {
+               this->source = "m_ssl_gnutls.so";
+       }
+
+       CmdResult Handle (const char* const* parameters, int pcnt, User *user)
+       {
+               if (!user->GetExt("tls"))
+                       return CMD_FAILURE;
+
+               user->io = Caller;
+               Caller->OnRawSocketAccept(user->GetFd(), user->GetIPString(), ServerInstance->Config->ports[i]->GetPort());
+
+               return CMD_FAILURE;
+       }
+};
+
 class ModuleSSLGnuTLS : public Module
 {
 
@@ -86,6 +109,8 @@ class ModuleSSLGnuTLS : public Module
 
        int clientactive;
 
+       CommandStartTLS* starttls;
+
  public:
 
        ModuleSSLGnuTLS(InspIRCd* Me)
@@ -99,11 +124,11 @@ class ModuleSSLGnuTLS : public Module
                gnutls_global_init(); // This must be called once in the program
 
                if(gnutls_certificate_allocate_credentials(&x509_cred) != 0)
-                       ServerInstance->Log(DEFAULT, "m_ssl_gnutls.so: Failed to allocate certificate credentials");
+                       ServerInstance->Logs->Log("m_ssl_gnutls",DEFAULT, "m_ssl_gnutls.so: Failed to allocate certificate credentials");
 
                // Guessing return meaning
                if(gnutls_dh_params_init(&dh_params) < 0)
-                       ServerInstance->Log(DEFAULT, "m_ssl_gnutls.so: Failed to initialise DH parameters");
+                       ServerInstance->Logs->Log("m_ssl_gnutls",DEFAULT, "m_ssl_gnutls.so: Failed to initialise DH parameters");
 
                // Needs the flag as it ignores a plain /rehash
                OnRehash(NULL,"ssl");
@@ -111,8 +136,11 @@ class ModuleSSLGnuTLS : public Module
                // Void return, guess we assume success
                gnutls_certificate_set_dh_params(x509_cred, dh_params);
                Implementation eventlist[] = { I_On005Numeric, I_OnRawSocketConnect, I_OnRawSocketAccept, I_OnRawSocketClose, I_OnRawSocketRead, I_OnRawSocketWrite, I_OnCleanup,
-                       I_OnBufferFlushed, I_OnRequest, I_OnSyncUserMetaData, I_OnDecodeMetaData, I_OnUnloadModule, I_OnRehash, I_OnWhois, I_OnPostConnect };
-               ServerInstance->Modules->Attach(eventlist, this, 15);
+                       I_OnBufferFlushed, I_OnRequest, I_OnSyncUserMetaData, I_OnDecodeMetaData, I_OnUnloadModule, I_OnRehash, I_OnWhois, I_OnPostConnect, I_OnEvent, I_OnHookUserIO };
+               ServerInstance->Modules->Attach(eventlist, this, 17);
+
+               starttls = new CommandStartTLS(ServerInstance, this);
+               ServerInstance->AddCommand(starttls);
        }
 
        virtual void OnRehash(User* user, const std::string &param)
@@ -128,14 +156,14 @@ class ModuleSSLGnuTLS : public Module
                clientactive = 0;
                sslports.clear();
 
-               for(int i = 0; i < Conf->Enumerate("bind"); i++)
+               for(int index = 0; index < Conf->Enumerate("bind"); index++)
                {
                        // For each <bind> tag
-                       std::string x = Conf->ReadValue("bind", "type", i);
-                       if(((x.empty()) || (x == "clients")) && (Conf->ReadValue("bind", "ssl", i) == "gnutls"))
+                       std::string x = Conf->ReadValue("bind", "type", index);
+                       if(((x.empty()) || (x == "clients")) && (Conf->ReadValue("bind", "ssl", index) == "gnutls"))
                        {
                                // Get the port we're meant to be listening on with SSL
-                               std::string port = Conf->ReadValue("bind", "port", i);
+                               std::string port = Conf->ReadValue("bind", "port", index);
                                irc::portparser portrange(port, false);
                                long portno = -1;
                                while ((portno = portrange.GetToken()))
@@ -149,17 +177,17 @@ class ModuleSSLGnuTLS : public Module
                                                        for (size_t i = 0; i < ServerInstance->Config->ports.size(); i++)
                                                                if (ServerInstance->Config->ports[i]->GetPort() == portno)
                                                                        ServerInstance->Config->ports[i]->SetDescription("ssl");
-                                                       ServerInstance->Log(DEFAULT, "m_ssl_gnutls.so: Enabling SSL for port %d", portno);
+                                                       ServerInstance->Logs->Log("m_ssl_gnutls",DEFAULT, "m_ssl_gnutls.so: Enabling SSL for port %d", portno);
                                                        sslports.append("*:").append(ConvToStr(portno)).append(";");
                                                }
                                                else
                                                {
-                                                       ServerInstance->Log(DEFAULT, "m_ssl_gnutls.so: FAILED to enable SSL on port %d, maybe you have another ssl or similar module loaded?", portno);
+                                                       ServerInstance->Logs->Log("m_ssl_gnutls",DEFAULT, "m_ssl_gnutls.so: FAILED to enable SSL on port %d, maybe you have another ssl or similar module loaded?", portno);
                                                }
                                        }
                                        catch (ModuleException &e)
                                        {
-                                               ServerInstance->Log(DEFAULT, "m_ssl_gnutls.so: FAILED to enable SSL on port %d: %s. Maybe it's already hooked by the same port on a different IP, or you have an other SSL or similar module loaded?", portno, e.GetReason());
+                                               ServerInstance->Logs->Log("m_ssl_gnutls",DEFAULT, "m_ssl_gnutls.so: FAILED to enable SSL on port %d: %s. Maybe it's already hooked by the same port on a different IP, or you have an other SSL or similar module loaded?", portno, e.GetReason());
                                        }
                                }
                        }
@@ -213,10 +241,10 @@ class ModuleSSLGnuTLS : public Module
                int ret;
 
                if((ret =gnutls_certificate_set_x509_trust_file(x509_cred, cafile.c_str(), GNUTLS_X509_FMT_PEM)) < 0)
-                       ServerInstance->Log(DEFAULT, "m_ssl_gnutls.so: Failed to set X.509 trust file '%s': %s", cafile.c_str(), gnutls_strerror(ret));
+                       ServerInstance->Logs->Log("m_ssl_gnutls",DEFAULT, "m_ssl_gnutls.so: Failed to set X.509 trust file '%s': %s", cafile.c_str(), gnutls_strerror(ret));
 
                if((ret = gnutls_certificate_set_x509_crl_file (x509_cred, crlfile.c_str(), GNUTLS_X509_FMT_PEM)) < 0)
-                       ServerInstance->Log(DEFAULT, "m_ssl_gnutls.so: Failed to set X.509 CRL file '%s': %s", crlfile.c_str(), gnutls_strerror(ret));
+                       ServerInstance->Logs->Log("m_ssl_gnutls",DEFAULT, "m_ssl_gnutls.so: Failed to set X.509 CRL file '%s': %s", crlfile.c_str(), gnutls_strerror(ret));
 
                if((ret = gnutls_certificate_set_x509_key_file (x509_cred, certfile.c_str(), keyfile.c_str(), GNUTLS_X509_FMT_PEM)) < 0)
                {
@@ -240,7 +268,7 @@ class ModuleSSLGnuTLS : public Module
                int ret;
 
                if((ret = gnutls_dh_params_generate2(dh_params, dh_bits)) < 0)
-                       ServerInstance->Log(DEFAULT, "m_ssl_gnutls.so: Failed to generate DH parameters (%d bits): %s", dh_bits, gnutls_strerror(ret));
+                       ServerInstance->Logs->Log("m_ssl_gnutls",DEFAULT, "m_ssl_gnutls.so: Failed to generate DH parameters (%d bits): %s", dh_bits, gnutls_strerror(ret));
        }
 
        virtual ~ModuleSSLGnuTLS()
@@ -269,6 +297,8 @@ class ModuleSSLGnuTLS : public Module
                                delete tofree;
                                user->Shrink("ssl_cert");
                        }
+
+                       user->io = NULL;
                }
        }
 
@@ -288,7 +318,7 @@ class ModuleSSLGnuTLS : public Module
 
        virtual Version GetVersion()
        {
-               return Version(1, 1, 0, 0, VF_VENDOR, API_VERSION);
+               return Version(1, 2, 0, 0, VF_VENDOR, API_VERSION);
        }
 
 
@@ -297,7 +327,16 @@ class ModuleSSLGnuTLS : public Module
                output.append(" SSL=" + sslports);
        }
 
-       virtual char* OnRequest(Request* request)
+       virtual void OnHookUserIO(User* user)
+       {
+               if (!user->io && isin(user->GetPort(), listenports))
+               {
+                       /* Hook the user with our module */
+                       user->io = this;
+               }
+       }
+
+       virtual const char* OnRequest(Request* request)
        {
                ISHRequest* ISR = (ISHRequest*)request;
                if (strcmp("IS_NAME", request->GetId()) == 0)
@@ -306,10 +345,10 @@ class ModuleSSLGnuTLS : public Module
                }
                else if (strcmp("IS_HOOK", request->GetId()) == 0)
                {
-                       char* ret = "OK";
+                       const char* ret = "OK";
                        try
                        {
-                               ret = ServerInstance->Config->AddIOHook((Module*)this, (BufferedSocket*)ISR->Sock) ? (char*)"OK" : NULL;
+                               ret = ServerInstance->Config->AddIOHook((Module*)this, (BufferedSocket*)ISR->Sock) ? "OK" : NULL;
                        }
                        catch (ModuleException &e)
                        {
@@ -319,15 +358,15 @@ class ModuleSSLGnuTLS : public Module
                }
                else if (strcmp("IS_UNHOOK", request->GetId()) == 0)
                {
-                       return ServerInstance->Config->DelIOHook((BufferedSocket*)ISR->Sock) ? (char*)"OK" : NULL;
+                       return ServerInstance->Config->DelIOHook((BufferedSocket*)ISR->Sock) ? "OK" : NULL;
                }
                else if (strcmp("IS_HSDONE", request->GetId()) == 0)
                {
                        if (ISR->Sock->GetFd() < 0)
-                               return (char*)"OK";
+                               return "OK";
 
                        issl_session* session = &sessions[ISR->Sock->GetFd()];
-                       return (session->status == ISSL_HANDSHAKING_READ || session->status == ISSL_HANDSHAKING_WRITE) ? NULL : (char*)"OK";
+                       return (session->status == ISSL_HANDSHAKING_READ || session->status == ISSL_HANDSHAKING_WRITE) ? NULL : "OK";
                }
                else if (strcmp("IS_ATTACH", request->GetId()) == 0)
                {
@@ -864,6 +903,11 @@ class ModuleSSLGnuTLS : public Module
                return;
        }
 
+       void OnEvent(Event* ev)
+       {
+               GenericCapHandler(ev, "tls", "tls");
+       }
+
 };
 
 MODULE_INIT(ModuleSSLGnuTLS)