-/* +------------------------------------+
- * | Inspire Internet Relay Chat Daemon |
- * +------------------------------------+
+/*
+ * InspIRCd -- Internet Relay Chat Daemon
*
- * InspIRCd: (C) 2002-2009 InspIRCd Development Team
- * See: http://wiki.inspircd.org/Credits
+ * Copyright (C) 2009 Daniel De Graaf <danieldg@inspircd.org>
+ * Copyright (C) 2006 Craig Edwards <craigedwards@brainbox.cc>
*
- * This program is free but copyrighted software; see
- * the file COPYING for details.
+ * This file is part of InspIRCd. InspIRCd is free software: you can
+ * redistribute it and/or modify it under the terms of the GNU General Public
+ * License as published by the Free Software Foundation, version 2.
*
- * ---------------------------------------------------
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
-#ifndef __SSL_H__
-#define __SSL_H__
+
+#ifndef SSL_H
+#define SSL_H
#include <map>
#include <string>
* in a unified manner. These classes are attached to ssl-
* connected local users using SSLCertExt
*/
-class ssl_cert
+class ssl_cert : public refcountbase
{
public:
std::string dn;
std::string fingerprint;
bool trusted, invalid, unknownsigner, revoked;
+ ssl_cert() : trusted(false), invalid(true), unknownsigner(true), revoked(false) {}
+
/** Get certificate distinguished name
* @return Certificate DN
*/
return revoked;
}
+ bool IsCAVerified()
+ {
+ return trusted && !invalid && !revoked && !unknownsigner && error.empty();
+ }
+
std::string GetMetaLine()
{
std::stringstream value;
- bool hasError = error.length();
+ bool hasError = !error.empty();
value << (IsInvalid() ? "v" : "V") << (IsTrusted() ? "T" : "t") << (IsRevoked() ? "R" : "r")
<< (IsUnknownSigner() ? "s" : "S") << (hasError ? "E" : "e") << " ";
if (hasError)
}
};
-struct SSLCertificateRequest : public Request
+/** Get certificate from a socket (only useful with an SSL module) */
+struct SocketCertificateRequest : public Request
{
- Extensible* const item;
+ StreamSocket* const sock;
ssl_cert* cert;
- SSLCertificateRequest(Extensible* e, Module* Me, Module* info = ServerInstance->Modules->Find("m_sslinfo.so"))
- : Request(Me, info, "GET_CERT"), item(e), cert(NULL)
+ SocketCertificateRequest(StreamSocket* ss, Module* Me)
+ : Request(Me, ss->GetIOHook(), "GET_SSL_CERT"), sock(ss), cert(NULL)
{
Send();
}
}
};
-struct SSLCertSubmission : public Request
+/** Get certificate from a user (requires m_sslinfo) */
+struct UserCertificateRequest : public Request
{
- Extensible* const item;
- ssl_cert* const cert;
- SSLCertSubmission(Extensible* is, Module* Me, Module* Target, ssl_cert* Cert)
- : Request(Me, Target, "SET_CERT"), item(is), cert(Cert)
+ User* const user;
+ ssl_cert* cert;
+
+ UserCertificateRequest(User* u, Module* Me, Module* info = ServerInstance->Modules->Find("m_sslinfo.so"))
+ : Request(Me, info, "GET_USER_CERT"), user(u), cert(NULL)
{
Send();
}
+
+ std::string GetFingerprint()
+ {
+ if (cert)
+ return cert->GetFingerprint();
+ return "";
+ }
};
#endif