+/* +------------------------------------+
+ * | Inspire Internet Relay Chat Daemon |
+ * +------------------------------------+
+ *
+ * InspIRCd: (C) 2002-2007 InspIRCd Development Team
+ * See: http://www.inspircd.org/wiki/index.php/Credits
+ *
+ * This program is free but copyrighted software; see
+ * the file COPYING for details.
+ *
+ * ---------------------------------------------------
+ */
+
#include <string>
#include <vector>
#include "hashcomp.h"
#include "inspircd.h"
-#include "ssl.h"
+#include "transport.h"
/* $ModDesc: Provides SSL support for clients */
/* $CompileFlags: `perl extra/openssl_config.pl compile` */
/* $LinkerFlags: `perl extra/openssl_config.pl link` */
-/* $ModDep: ssl.h */
-
+/* $ModDep: transport.h */
enum issl_status { ISSL_NONE, ISSL_HANDSHAKING, ISSL_OPEN };
enum issl_io_status { ISSL_WRITE, ISSL_READ };
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, OnVerify);
// Needs the flag as it ignores a plain /rehash
- OnRehash("ssl");
+ OnRehash(NULL,"ssl");
}
- virtual void OnRehash(const std::string ¶m)
+ virtual void OnRehash(userrec* user, const std::string ¶m)
{
if (param != "ssl")
return;
if (ServerInstance->Config->AddIOHook(portno, this))
{
listenports.push_back(portno);
+ for (unsigned int i = 0; i < ServerInstance->stats->BoundPortCount; i++)
+ if (ServerInstance->Config->ports[i] == portno)
+ ServerInstance->Config->openSockfd[i]->SetDescription("ssl");
ServerInstance->Log(DEFAULT, "m_ssl_openssl.so: Enabling SSL for port %d", portno);
}
else
ServerInstance->Log(DEBUG, "m_ssl_openssl.so: Killed %d users for unload of OpenSSL SSL module", numusers);
for(unsigned int i = 0; i < listenports.size(); i++)
+ {
ServerInstance->Config->DelIOHook(listenports[i]);
+ for (unsigned int j = 0; j < ServerInstance->stats->BoundPortCount; j++)
+ if (ServerInstance->Config->ports[j] == listenports[i])
+ if (ServerInstance->Config->openSockfd[j])
+ ServerInstance->Config->openSockfd[j]->SetDescription("plaintext");
+ }
}
}
virtual char* OnRequest(Request* request)
{
ISHRequest* ISR = (ISHRequest*)request;
+ ServerInstance->Log(DEBUG, "hook OnRequest");
if (strcmp("IS_NAME", request->GetId()) == 0)
{
return "openssl";
}
else if (strcmp("IS_HOOK", request->GetId()) == 0)
{
- return ServerInstance->Config->AddIOHook((Module*)this, (InspSocket*)ISR->Sock) ? (char*)"OK" : NULL;
+ char* ret = "OK";
+ try
+ {
+ ret = ServerInstance->Config->AddIOHook((Module*)this, (InspSocket*)ISR->Sock) ? (char*)"OK" : NULL;
+ }
+ catch (ModuleException &e)
+ {
+ return NULL;
+ }
+
+ return ret;
}
else if (strcmp("IS_UNHOOK", request->GetId()) == 0)
{
+ ServerInstance->Log(DEBUG, "Unhooking socket %08x", ISR->Sock);
return ServerInstance->Config->DelIOHook((InspSocket*)ISR->Sock) ? (char*)"OK" : NULL;
}
+ else if (strcmp("IS_HSDONE", request->GetId()) == 0)
+ {
+ issl_session* session = &sessions[ISR->Sock->GetFd()];
+ return (session->status == ISSL_HANDSHAKING) ? NULL : (char*)"OK";
+ }
+ else if (strcmp("IS_ATTACH", request->GetId()) == 0)
+ {
+ issl_session* session = &sessions[ISR->Sock->GetFd()];
+ if (session)
+ {
+ VerifyCertificate(session, (InspSocket*)ISR->Sock);
+ return "OK";
+ }
+ }
return NULL;
}
virtual void OnRawSocketAccept(int fd, const std::string &ip, int localport)
{
+ ServerInstance->Log(DEBUG, "Hook accept %d", fd);
issl_session* session = &sessions[fd];
session->fd = fd;
int DoWrite(issl_session* session)
{
+ if (!session->outbuf.size())
+ return -1;
+
+ ServerInstance->Log(DEBUG, "m_ssl_openssl.so: To write: %d", session->outbuf.size());
int ret = SSL_write(session->sess, session->outbuf.data(), session->outbuf.size());
if (ret == 0)
projects / user / henk / code / inspircd.git / blobdiff