]> git.netwichtig.de Git - user/henk/code/inspircd.git/blobdiff - src/modules/m_spanningtree/hmac.cpp
projects / user / henk / code / inspircd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix error message on OPTCOMMON mismatch
[user/henk/code/inspircd.git] / src / modules / m_spanningtree / hmac.cpp
diff --git a/src/modules/m_spanningtree/hmac.cpp b/src/modules/m_spanningtree/hmac.cpp
index 573dada4f8f95e11b612d48c9adeba349fdd2548..c08ac15226969799eced1b63f81070455de00296 100644 (file)
--- a/src/modules/m_spanningtree/hmac.cpp
+++ b/src/modules/m_spanningtree/hmac.cpp
@@ -25,26 +25,24 @@
 #include "treesocket.h"
 #include "resolvers.h"
 
-/* $ModDep: m_spanningtree/resolvers.h m_spanningtree/main.h m_spanningtree/utils.h m_spanningtree/treeserver.h m_spanningtree/link.h m_spanningtree/treesocket.h m_hash.h */
-
 const std::string& TreeSocket::GetOurChallenge()
 {
-       return this->ourchallenge;
+       return capab->ourchallenge;
 }
 
 void TreeSocket::SetOurChallenge(const std::string &c)
 {
-       this->ourchallenge = c;
+       capab->ourchallenge = c;
 }
 
 const std::string& TreeSocket::GetTheirChallenge()
 {
-       return this->theirchallenge;
+       return capab->theirchallenge;
 }
 
 void TreeSocket::SetTheirChallenge(const std::string &c)
 {
-       this->theirchallenge = c;
+       capab->theirchallenge = c;
 }
 
 std::string TreeSocket::MakePass(const std::string &password, const std::string &challenge)
@@ -130,22 +128,22 @@ std::string TreeSocket::RandString(unsigned int ilength)
 
 bool TreeSocket::ComparePass(const Link& link, const std::string &theirs)
 {
-       this->auth_fingerprint = !link.Fingerprint.empty();
-       this->auth_challenge = !ourchallenge.empty() && !theirchallenge.empty();
+       capab->auth_fingerprint = !link.Fingerprint.empty();
+       capab->auth_challenge = !capab->ourchallenge.empty() && !capab->theirchallenge.empty();
 
        std::string fp;
        if (GetIOHook())
        {
-               SocketCertificateRequest req(this, Utils->Creator, GetIOHook());
+               SocketCertificateRequest req(this, Utils->Creator);
                if (req.cert)
                {
                        fp = req.cert->GetFingerprint();
                }
        }
 
-       if (auth_challenge)
+       if (capab->auth_challenge)
        {
-               std::string our_hmac = MakePass(link.RecvPass, ourchallenge);
+               std::string our_hmac = MakePass(link.RecvPass, capab->ourchallenge);
 
                /* Straight string compare of hashes */
                if (our_hmac != theirs)
@@ -158,12 +156,12 @@ bool TreeSocket::ComparePass(const Link& link, const std::string &theirs)
                        return false;
        }
 
-       if (auth_fingerprint)
+       if (capab->auth_fingerprint)
        {
                /* Require fingerprint to exist and match */
                if (link.Fingerprint != fp)
                {
-                       ServerInstance->SNO->WriteToSnoMask('l',"Invalid SSL fingerprint on link %s: need '%s' got '%s'", 
+                       ServerInstance->SNO->WriteToSnoMask('l',"Invalid SSL fingerprint on link %s: need \"%s\" got \"%s\"",
                                link.Name.c_str(), link.Fingerprint.c_str(), fp.c_str());
                        SendError("Provided invalid SSL fingerprint " + fp + " - expected " + link.Fingerprint);
                        return false;
@@ -171,7 +169,8 @@ bool TreeSocket::ComparePass(const Link& link, const std::string &theirs)
        }
        else if (!fp.empty())
        {
-               ServerInstance->SNO->WriteToSnoMask('l', "SSL fingerprint for link %s is %s", link.Name.c_str(), fp.c_str());
+               ServerInstance->SNO->WriteToSnoMask('l', "SSL fingerprint for link %s is \"%s\". "
+                       "You can improve security by specifying this in <link:fingerprint>.", link.Name.c_str(), fp.c_str());
        }
        return true;
 }