]> git.netwichtig.de Git - user/henk/code/inspircd.git/blobdiff - src/modules/m_sslinfo.cpp
projects / user / henk / code / inspircd.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add support for hashed WebIRC passwords to m_cgiirc.
[user/henk/code/inspircd.git] / src / modules / m_sslinfo.cpp
diff --git a/src/modules/m_sslinfo.cpp b/src/modules/m_sslinfo.cpp
index c6fb2165c5a3436480439853ccdca8b2d3796696..9682e92cfce2c43ccd5f26d904baf85b3016cb08 100644 (file)
--- a/src/modules/m_sslinfo.cpp
+++ b/src/modules/m_sslinfo.cpp
@@ -22,7 +22,11 @@
 
 class SSLCertExt : public ExtensionItem {
  public:
-       SSLCertExt(Module* parent) : ExtensionItem("ssl_cert", parent) {}
+       SSLCertExt(Module* parent)
+               : ExtensionItem("ssl_cert", ExtensionItem::EXT_USER, parent)
+       {
+       }
+
        ssl_cert* get(const Extensible* item) const
        {
                return static_cast<ssl_cert*>(get_raw(item));
@@ -91,7 +95,7 @@ class CommandSSLInfo : public Command
 
                if ((!target) || (target->registered != REG_ALL))
                {
-                       user->WriteNumeric(ERR_NOSUCHNICK, "%s %s :No such nickname", user->nick.c_str(), parameters[0].c_str());
+                       user->WriteNumeric(Numerics::NoSuchNick(parameters[0]));
                        return CMD_FAILURE;
                }
                bool operonlyfp = ServerInstance->Config->ConfValue("sslinfo")->getBool("operonly");
@@ -135,22 +139,17 @@ class UserCertificateAPIImpl : public UserCertificateAPIBase
        }
 };
 
-class ModuleSSLInfo : public Module
+class ModuleSSLInfo : public Module, public Whois::EventListener
 {
        CommandSSLInfo cmd;
        UserCertificateAPIImpl APIImpl;
 
  public:
        ModuleSSLInfo()
-               : cmd(this), APIImpl(this, cmd.CertExt)
-       {
-       }
-
-       void init() CXX11_OVERRIDE
+               : Whois::EventListener(this)
+               , cmd(this)
+               , APIImpl(this, cmd.CertExt)
        {
-               ServerInstance->Modules->AddService(APIImpl);
-               ServerInstance->Modules->AddService(cmd);
-               ServerInstance->Modules->AddService(cmd.CertExt);
        }
 
        Version GetVersion() CXX11_OVERRIDE
@@ -158,16 +157,15 @@ class ModuleSSLInfo : public Module
                return Version("SSL Certificate Utilities", VF_VENDOR);
        }
 
-       void OnWhois(User* source, User* dest) CXX11_OVERRIDE
+       void OnWhois(Whois::Context& whois) CXX11_OVERRIDE
        {
-               ssl_cert* cert = cmd.CertExt.get(dest);
+               ssl_cert* cert = cmd.CertExt.get(whois.GetTarget());
                if (cert)
                {
-                       ServerInstance->SendWhoisLine(source, dest, 671, "%s %s :is using a secure connection", source->nick.c_str(), dest->nick.c_str());
+                       whois.SendLine(671, "is using a secure connection");
                        bool operonlyfp = ServerInstance->Config->ConfValue("sslinfo")->getBool("operonly");
-                       if ((!operonlyfp || source == dest || source->IsOper()) && !cert->fingerprint.empty())
-                               ServerInstance->SendWhoisLine(source, dest, 276, "%s %s :has client certificate fingerprint %s",
-                                       source->nick.c_str(), dest->nick.c_str(), cert->fingerprint.c_str());
+                       if ((!operonlyfp || whois.IsSelfWhois() || whois.GetSource()->IsOper()) && !cert->fingerprint.empty())
+                               whois.SendLine(276, InspIRCd::Format("has client certificate fingerprint %s", cert->fingerprint.c_str()));
                }
        }
 
@@ -175,7 +173,7 @@ class ModuleSSLInfo : public Module
        {
                if ((command == "OPER") && (validated))
                {
-                       OperIndex::iterator i = ServerInstance->Config->oper_blocks.find(parameters[0]);
+                       ServerConfig::OperIndex::const_iterator i = ServerInstance->Config->oper_blocks.find(parameters[0]);
                        if (i != ServerInstance->Config->oper_blocks.end())
                        {
                                OperInfo* ifo = i->second;
@@ -183,7 +181,7 @@ class ModuleSSLInfo : public Module
 
                                if (ifo->oper_block->getBool("sslonly") && !cert)
                                {
-                                       user->WriteNumeric(491, "%s :This oper login requires an SSL connection.", user->nick.c_str());
+                                       user->WriteNumeric(491, "This oper login requires an SSL connection.");
                                        user->CommandFloodPenalty += 10000;
                                        return MOD_RES_DENY;
                                }
@@ -191,7 +189,7 @@ class ModuleSSLInfo : public Module
                                std::string fingerprint;
                                if (ifo->oper_block->readString("fingerprint", fingerprint) && (!cert || cert->GetFingerprint() != fingerprint))
                                {
-                                       user->WriteNumeric(491, "%s :This oper login requires a matching SSL fingerprint.",user->nick.c_str());
+                                       user->WriteNumeric(491, "This oper login requires a matching SSL certificate fingerprint.");
                                        user->CommandFloodPenalty += 10000;
                                        return MOD_RES_DENY;
                                }
@@ -211,11 +209,29 @@ class ModuleSSLInfo : public Module
 
        void OnPostConnect(User* user) CXX11_OVERRIDE
        {
-               ssl_cert *cert = cmd.CertExt.get(user);
-               if (!cert || cert->fingerprint.empty())
+               LocalUser* const localuser = IS_LOCAL(user);
+               if (!localuser)
+                       return;
+
+               const SSLIOHook* const ssliohook = SSLIOHook::IsSSL(&localuser->eh);
+               if (!ssliohook)
+                       return;
+
+               ssl_cert* const cert = ssliohook->GetCertificate();
+
+               {
+                       std::string text = "*** You are connected using SSL cipher '";
+                       ssliohook->GetCiphersuite(text);
+                       text.push_back('\'');
+                       if ((cert) && (!cert->GetFingerprint().empty()))
+                               text.append(" and your SSL certificate fingerprint is ").append(cert->GetFingerprint());
+                       user->WriteNotice(text);
+               }
+
+               if (!cert)
                        return;
                // find an auto-oper block for this user
-               for(OperIndex::iterator i = ServerInstance->Config->oper_blocks.begin(); i != ServerInstance->Config->oper_blocks.end(); i++)
+               for (ServerConfig::OperIndex::const_iterator i = ServerInstance->Config->oper_blocks.begin(); i != ServerInstance->Config->oper_blocks.end(); ++i)
                {
                        OperInfo* ifo = i->second;
                        std::string fp = ifo->oper_block->getString("fingerprint");