* | Inspire Internet Relay Chat Daemon |
* +------------------------------------+
*
- * InspIRCd: (C) 2002-2008 InspIRCd Development Team
+ * InspIRCd: (C) 2002-2009 InspIRCd Development Team
* See: http://www.inspircd.org/wiki/index.php/Credits
*
* This program is free but copyrighted software; see
*/
#include "inspircd.h"
-
#include <openssl/ssl.h>
#include <openssl/err.h>
-
-#include "configreader.h"
-#include "users.h"
-#include "channels.h"
-#include "modules.h"
-
-#include "socket.h"
-#include "hashcomp.h"
-
#include "transport.h"
#ifdef WINDOWS
clictx = SSL_CTX_new( SSLv23_client_method() );
SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
+ SSL_CTX_set_mode(clictx, SSL_MODE_ENABLE_PARTIAL_WRITE | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, OnVerify);
SSL_CTX_set_verify(clictx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, OnVerify);
virtual void OnHookUserIO(User* user, const std::string &targetip)
{
- if (!user->io && isin(targetip,user->GetPort(), listenports))
+ if (!user->GetIOHook() && isin(targetip,user->GetPort(), listenports))
{
/* Hook the user with our module */
- user->io = this;
+ user->AddIOHook(this);
}
}
for (size_t i = 0; i < ServerInstance->Config->ports.size(); i++)
if ((ServerInstance->Config->ports[i]->GetPort() == portno) && (ServerInstance->Config->ports[i]->GetIP() == addr))
ServerInstance->Config->ports[i]->SetDescription("ssl");
- ServerInstance->Logs->Log("m_ssl_openssl",DEFAULT, "m_ssl_gnutls.so: Enabling SSL for port %ld", portno);
+ ServerInstance->Logs->Log("m_ssl_openssl",DEFAULT, "m_ssl_openssl.so: Enabling SSL for port %ld", portno);
sslports.append((addr.empty() ? "*" : addr)).append(":").append(ConvToStr(portno)).append(";");
}
catch (ModuleException &e)
{
- ServerInstance->Logs->Log("m_ssl_openssl",DEFAULT, "m_ssl_gnutls.so: FAILED to enable SSL on port %ld: %s. Maybe it's already hooked by the same port on a different IP, or you have an other SSL or similar module loaded?", portno, e.GetReason());
+ ServerInstance->Logs->Log("m_ssl_openssl",DEFAULT, "m_ssl_openssl.so: FAILED to enable SSL on port %ld: %s. Maybe it's already hooked by the same port on a different IP, or you have an other SSL or similar module loaded?", portno, e.GetReason());
}
}
}
{
User* user = (User*)item;
- if (user->io == this)
+ if (user->GetIOHook() == this)
{
// User is using SSL, they're a local user, and they're using one of *our* SSL ports.
// Potentially there could be multiple SSL modules loaded at once on different ports.
ServerInstance->Users->QuitUser(user, "SSL module unloading");
- user->io = NULL;
+ user->DelIOHook();
}
if (user->GetExt("ssl_cert", dummy))
{
virtual Version GetVersion()
{
- return Version(1, 2, 0, 0, VF_VENDOR, API_VERSION);
+ return Version("$Id$", VF_VENDOR, API_VERSION);
}
const char* ret = "OK";
try
{
- ret = ServerInstance->Config->AddIOHook((Module*)this, (BufferedSocket*)ISR->Sock) ? "OK" : NULL;
+ ret = ISR->Sock->AddIOHook((Module*)this) ? "OK" : NULL;
}
catch (ModuleException &e)
{
}
else if (strcmp("IS_UNHOOK", request->GetId()) == 0)
{
- return ServerInstance->Config->DelIOHook((BufferedSocket*)ISR->Sock) ? "OK" : NULL;
+ return ISR->Sock->DelIOHook() ? "OK" : NULL;
}
else if (strcmp("IS_HSDONE", request->GetId()) == 0)
{
return;
// Bugfix, only send this numeric for *our* SSL users
- if (dest->GetExt("ssl", dummy) || ((IS_LOCAL(dest) && dest->io == this)))
+ if (dest->GetExt("ssl", dummy))
{
ServerInstance->SendWhoisLine(source, dest, 320, "%s %s :is using a secure connection", source->nick.c_str(), dest->nick.c_str());
}
{
// This occurs AFTER OnUserConnect so we can be sure the
// protocol module has propagated the NICK message.
- if ((user->GetExt("ssl", dummy)) && (IS_LOCAL(user)))
+ if ((user->GetIOHook() == this) && (IS_LOCAL(user)))
{
// Tell whatever protocol module we're using that we need to inform other servers of this metadata NOW.
ServerInstance->PI->SendMetaData(user, TYPE_USER, "SSL", "on");
virtual void OnBufferFlushed(User* user)
{
- if (user->GetExt("ssl"))
+ if (user->GetIOHook() == this)
{
issl_session* session = &sessions[user->GetFd()];
if (session && session->outbuf.size())
certinfo->data.insert(std::make_pair("fingerprint",irc::hex(md, n)));
}
- if ((ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(cert), time(NULL)) == -1) || (ASN1_UTCTIME_cmp_time_t(X509_get_notBefore(cert), time(NULL)) == 0))
+ if ((ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(cert), ServerInstance->Time()) == -1) || (ASN1_UTCTIME_cmp_time_t(X509_get_notBefore(cert), ServerInstance->Time()) == 0))
{
certinfo->data.insert(std::make_pair("error","Not activated, or expired certificate"));
}
void Prioritize()
{
Module* server = ServerInstance->Modules->Find("m_spanningtree.so");
- ServerInstance->Modules->SetPriority(this, I_OnPostConnect, PRIO_AFTER, &server);
+ ServerInstance->Modules->SetPriority(this, I_OnPostConnect, PRIORITY_AFTER, &server);
}
};