]> git.netwichtig.de Git - user/henk/code/inspircd.git/blobdiff - src/modules/m_sslinfo.cpp
projects / user / henk / code / inspircd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add support for hashed WebIRC passwords to m_cgiirc.
[user/henk/code/inspircd.git] / src / modules / m_sslinfo.cpp
diff --git a/src/modules/m_sslinfo.cpp b/src/modules/m_sslinfo.cpp
index 03e9bed96b6b6cadbd72ed493c6f177017fd8169..9682e92cfce2c43ccd5f26d904baf85b3016cb08 100644 (file)
--- a/src/modules/m_sslinfo.cpp
+++ b/src/modules/m_sslinfo.cpp
@@ -95,7 +95,7 @@ class CommandSSLInfo : public Command
 
                if ((!target) || (target->registered != REG_ALL))
                {
-                       user->WriteNumeric(ERR_NOSUCHNICK, "%s :No such nickname", parameters[0].c_str());
+                       user->WriteNumeric(Numerics::NoSuchNick(parameters[0]));
                        return CMD_FAILURE;
                }
                bool operonlyfp = ServerInstance->Config->ConfValue("sslinfo")->getBool("operonly");
@@ -139,14 +139,16 @@ class UserCertificateAPIImpl : public UserCertificateAPIBase
        }
 };
 
-class ModuleSSLInfo : public Module
+class ModuleSSLInfo : public Module, public Whois::EventListener
 {
        CommandSSLInfo cmd;
        UserCertificateAPIImpl APIImpl;
 
  public:
        ModuleSSLInfo()
-               : cmd(this), APIImpl(this, cmd.CertExt)
+               : Whois::EventListener(this)
+               , cmd(this)
+               , APIImpl(this, cmd.CertExt)
        {
        }
 
@@ -155,15 +157,15 @@ class ModuleSSLInfo : public Module
                return Version("SSL Certificate Utilities", VF_VENDOR);
        }
 
-       void OnWhois(User* source, User* dest) CXX11_OVERRIDE
+       void OnWhois(Whois::Context& whois) CXX11_OVERRIDE
        {
-               ssl_cert* cert = cmd.CertExt.get(dest);
+               ssl_cert* cert = cmd.CertExt.get(whois.GetTarget());
                if (cert)
                {
-                       ServerInstance->SendWhoisLine(source, dest, 671, ":is using a secure connection");
+                       whois.SendLine(671, "is using a secure connection");
                        bool operonlyfp = ServerInstance->Config->ConfValue("sslinfo")->getBool("operonly");
-                       if ((!operonlyfp || source == dest || source->IsOper()) && !cert->fingerprint.empty())
-                               ServerInstance->SendWhoisLine(source, dest, 276, ":has client certificate fingerprint %s", cert->fingerprint.c_str());
+                       if ((!operonlyfp || whois.IsSelfWhois() || whois.GetSource()->IsOper()) && !cert->fingerprint.empty())
+                               whois.SendLine(276, InspIRCd::Format("has client certificate fingerprint %s", cert->fingerprint.c_str()));
                }
        }
 
@@ -179,7 +181,7 @@ class ModuleSSLInfo : public Module
 
                                if (ifo->oper_block->getBool("sslonly") && !cert)
                                {
-                                       user->WriteNumeric(491, ":This oper login requires an SSL connection.");
+                                       user->WriteNumeric(491, "This oper login requires an SSL connection.");
                                        user->CommandFloodPenalty += 10000;
                                        return MOD_RES_DENY;
                                }
@@ -187,7 +189,7 @@ class ModuleSSLInfo : public Module
                                std::string fingerprint;
                                if (ifo->oper_block->readString("fingerprint", fingerprint) && (!cert || cert->GetFingerprint() != fingerprint))
                                {
-                                       user->WriteNumeric(491, ":This oper login requires a matching SSL certificate fingerprint.");
+                                       user->WriteNumeric(491, "This oper login requires a matching SSL certificate fingerprint.");
                                        user->CommandFloodPenalty += 10000;
                                        return MOD_RES_DENY;
                                }
@@ -207,8 +209,26 @@ class ModuleSSLInfo : public Module
 
        void OnPostConnect(User* user) CXX11_OVERRIDE
        {
-               ssl_cert *cert = cmd.CertExt.get(user);
-               if (!cert || cert->fingerprint.empty())
+               LocalUser* const localuser = IS_LOCAL(user);
+               if (!localuser)
+                       return;
+
+               const SSLIOHook* const ssliohook = SSLIOHook::IsSSL(&localuser->eh);
+               if (!ssliohook)
+                       return;
+
+               ssl_cert* const cert = ssliohook->GetCertificate();
+
+               {
+                       std::string text = "*** You are connected using SSL cipher '";
+                       ssliohook->GetCiphersuite(text);
+                       text.push_back('\'');
+                       if ((cert) && (!cert->GetFingerprint().empty()))
+                               text.append(" and your SSL certificate fingerprint is ").append(cert->GetFingerprint());
+                       user->WriteNotice(text);
+               }
+
+               if (!cert)
                        return;
                // find an auto-oper block for this user
                for (ServerConfig::OperIndex::const_iterator i = ServerInstance->Config->oper_blocks.begin(); i != ServerInstance->Config->oper_blocks.end(); ++i)