* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-
+ /* HACK: This prevents OpenSSL on OS X 10.7 and later from spewing deprecation
+ * warnings for every single function call. As far as I (SaberUK) know, Apple
+ * have no plans to remove OpenSSL so this warning just causes needless spam.
+ */
+#ifdef __APPLE__
+# define __AVAILABILITYMACROS__
+# define DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER
+#endif
+
#include "inspircd.h"
#include <openssl/ssl.h>
#include <openssl/err.h>
#include "ssl.h"
-#ifdef WINDOWS
+#ifdef _WIN32
# pragma comment(lib, "libcrypto.lib")
# pragma comment(lib, "libssl.lib")
# pragma comment(lib, "user32.lib")
issl_status status;
reference<ssl_cert> cert;
- int fd;
bool outbound;
bool data_to_write;
class ModuleSSLOpenSSL : public Module
{
- int inbufsize;
issl_session* sessions;
SSL_CTX* ctx;
SSL_CTX* clictx;
- char cipher[MAXBUF];
-
std::string sslports;
bool use_sha;
{
sessions = new issl_session[ServerInstance->SE->GetMaxFds()];
- // Not rehashable...because I cba to reduce all the sizes of existing buffers.
- inbufsize = ServerInstance->Config->NetBufferSize;
-
/* Global SSL library initialization*/
SSL_library_init();
SSL_load_error_strings();
sslports.clear();
ConfigTag* Conf = ServerInstance->Config->ConfValue("openssl");
-
+
if (Conf->getBool("showports", true))
{
sslports = Conf->getString("advertisedports");
ConfigTag* conf = ServerInstance->Config->ConfValue("openssl");
- cafile = conf->getString("cafile", "conf/ca.pem");
- certfile = conf->getString("certfile", "conf/cert.pem");
- keyfile = conf->getString("keyfile", "conf/key.pem");
- dhfile = conf->getString("dhfile", "conf/dhparams.pem");
+ cafile = conf->getString("cafile", CONFIG_PATH "/ca.pem");
+ certfile = conf->getString("certfile", CONFIG_PATH "/cert.pem");
+ keyfile = conf->getString("keyfile", CONFIG_PATH "/key.pem");
+ dhfile = conf->getString("dhfile", CONFIG_PATH "/dhparams.pem");
std::string hash = conf->getString("hash", "md5");
if (hash != "sha1" && hash != "md5")
throw ModuleException("Unknown hash type " + hash);
issl_session* session = &sessions[fd];
- session->fd = fd;
session->sess = SSL_new(ctx);
session->status = ISSL_NONE;
session->outbound = false;
issl_session* session = &sessions[fd];
- session->fd = fd;
session->sess = SSL_new(clictx);
session->status = ISSL_NONE;
session->outbound = true;
{
// Client closed connection.
CloseSession(session);
+ user->SetError("Connection closed");
return -1;
}
else if (ret < 0)