X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fextra%2Fm_ssl_gnutls.cpp;h=2f4acf3f05edbb14454642940bf70fa37ae2759a;hb=86c3fde2fedfe9270eeaa1a93c0ea15d6fb9962d;hp=21b58f2800a17a323f1d1a2dd70466536012a14c;hpb=8cd84786d0b710a60d25e4c9c58fdde2fb0b8211;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp
index 21b58f280..2f4acf3f0 100644
--- a/src/modules/extra/m_ssl_gnutls.cpp
+++ b/src/modules/extra/m_ssl_gnutls.cpp
@@ -22,21 +22,18 @@
 
 
 #include "inspircd.h"
-#ifndef _WIN32
-#include <gcrypt.h>
-#endif
 #include <gnutls/gnutls.h>
 #include <gnutls/x509.h>
 #include "ssl.h"
 #include "m_cap.h"
 
 #ifdef _WIN32
-# pragma comment(lib, "libgnutls-28.lib")
+# pragma comment(lib, "libgnutls-30.lib")
 #endif
 
 /* $ModDesc: Provides SSL support for clients */
-/* $CompileFlags: pkgconfincludes("gnutls","/gnutls/gnutls.h","") exec("libgcrypt-config --cflags") */
-/* $LinkerFlags: rpath("pkg-config --libs gnutls") pkgconflibs("gnutls","/libgnutls.so","-lgnutls") exec("libgcrypt-config --libs") */
+/* $CompileFlags: pkgconfincludes("gnutls","/gnutls/gnutls.h","") iflt("pkg-config --modversion gnutls","2.12") exec("libgcrypt-config --cflags") */
+/* $LinkerFlags: rpath("pkg-config --libs gnutls") pkgconflibs("gnutls","/libgnutls.so","-lgnutls") iflt("pkg-config --modversion gnutls","2.12") exec("libgcrypt-config --libs") */
 /* $NoPedantic */
 
 #ifndef GNUTLS_VERSION_MAJOR
@@ -55,7 +52,7 @@ typedef gnutls_certificate_credentials_t gnutls_certificate_credentials;
 typedef gnutls_dh_params_t gnutls_dh_params;
 #endif
 
-#if (defined(_WIN32) && (GNUTLS_VERSION_MAJOR > 2 || (GNUTLS_VERSION_MAJOR == 2 && GNUTLS_VERSION_MINOR >= 12)))
+#if (GNUTLS_VERSION_MAJOR > 2 || (GNUTLS_VERSION_MAJOR == 2 && GNUTLS_VERSION_MINOR >= 12))
 # define GNUTLS_HAS_RND
 # include <gnutls/crypto.h>
 #else
@@ -319,7 +316,7 @@ class ModuleSSLGnuTLS : public Module
 		ServerInstance->GenRandom = &randhandler;
 
 		Implementation eventlist[] = { I_On005Numeric, I_OnRehash, I_OnModuleRehash, I_OnUserConnect,
-			I_OnEvent, I_OnHookIO };
+			I_OnEvent, I_OnHookIO, I_OnCheckReady };
 		ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation));
 
 		ServerInstance->Modules->AddService(iohook);
@@ -419,6 +416,10 @@ class ModuleSSLGnuTLS : public Module
 			hash = GNUTLS_DIG_MD5;
 		else if (hashname == "sha1")
 			hash = GNUTLS_DIG_SHA1;
+#ifdef INSPIRCD_GNUTLS_ENABLE_SHA256_FINGERPRINT
+		else if (hashname == "sha256")
+			hash = GNUTLS_DIG_SHA256;
+#endif
 		else
 			throw ModuleException("Unknown hash type " + hashname);
 
@@ -702,6 +703,9 @@ class ModuleSSLGnuTLS : public Module
 			if (ret > 0)
 			{
 				recvq.append(buffer, ret);
+				// Schedule a read if there is still data in the GnuTLS buffer
+				if (gnutls_record_check_pending(session->sess) > 0)
+					ServerInstance->SE->ChangeEventMask(user, FD_ADD_TRIAL_READ);
 				return 1;
 			}
 			else if (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)
@@ -973,6 +977,13 @@ info_done_dealloc:
 		if (starttls.enabled)
 			capHandler.HandleEvent(ev);
 	}
+
+	ModResult OnCheckReady(LocalUser* user)
+	{
+		if ((user->eh.GetIOHook() == this) && (sessions[user->eh.GetFd()].status != ISSL_HANDSHAKEN))
+			return MOD_RES_DENY;
+		return MOD_RES_PASSTHRU;
+	}
 };
 
 MODULE_INIT(ModuleSSLGnuTLS)