class SSLMode : public ModeHandler
{
public:
- SSLMode(Module* Creator) : ModeHandler(Creator, "sslonly", 'z', PARAM_NONE, MODETYPE_CHANNEL) { }
+ UserCertificateAPI API;
+
+ SSLMode(Module* Creator)
+ : ModeHandler(Creator, "sslonly", 'z', PARAM_NONE, MODETYPE_CHANNEL)
+ , API(Creator)
+ {
+ }
ModeAction OnModeChange(User* source, User* dest, Channel* channel, std::string ¶meter, bool adding)
{
if (adding)
{
- if (!channel->IsModeSet('z'))
+ if (!channel->IsModeSet(this))
{
if (IS_LOCAL(source))
{
+ if (!API)
+ return MODEACTION_DENY;
+
const UserMembList* userlist = channel->GetUsers();
for(UserMembCIter i = userlist->begin(); i != userlist->end(); i++)
{
- UserCertificateRequest req(i->first, creator);
- req.Send();
- if(!req.cert && !ServerInstance->ULine(i->first->server))
+ ssl_cert* cert = API->GetCertificate(i->first);
+ if (!cert && !ServerInstance->ULine(i->first->server))
{
source->WriteNumeric(ERR_ALLMUSTSSL, "%s %s :all members of the channel must be connected via SSL", source->nick.c_str(), channel->name.c_str());
return MODEACTION_DENY;
}
}
}
- channel->SetMode('z',true);
+ channel->SetMode(this, true);
return MODEACTION_ALLOW;
}
else
}
else
{
- if (channel->IsModeSet('z'))
+ if (channel->IsModeSet(this))
{
- channel->SetMode('z',false);
+ channel->SetMode(this, false);
return MODEACTION_ALLOW;
}
ModResult OnUserPreJoin(LocalUser* user, Channel* chan, const std::string& cname, std::string& privs, const std::string& keygiven) CXX11_OVERRIDE
{
- if(chan && chan->IsModeSet('z'))
+ if(chan && chan->IsModeSet(sslm))
{
- UserCertificateRequest req(user, this);
- req.Send();
- if (req.cert)
+ if (!sslm.API)
+ return MOD_RES_DENY;
+
+ ssl_cert* cert = sslm.API->GetCertificate(user);
+ if (cert)
{
// Let them in
return MOD_RES_PASSTHRU;
{
if ((mask.length() > 2) && (mask[0] == 'z') && (mask[1] == ':'))
{
- UserCertificateRequest req(user, this);
- req.Send();
- if (req.cert && InspIRCd::Match(req.cert->GetFingerprint(), mask.substr(2)))
+ if (!sslm.API)
+ return MOD_RES_DENY;
+
+ ssl_cert* cert = sslm.API->GetCertificate(user);
+ if (cert && InspIRCd::Match(cert->GetFingerprint(), mask.substr(2)))
return MOD_RES_DENY;
}
return MOD_RES_PASSTHRU;