X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fextra%2Fm_ssl_gnutls.cpp;h=702c09d311566dbc26e7c2c5a3aaad504efbf339;hb=a4306bc3188148e99245d4e84df7e67949e5a619;hp=d7be8b12b4949f7c8fc9e12f0c1964e3dc3d21bb;hpb=78c14ffcc5429f4855e2f3a6c822a1d37f9f591a;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp index d7be8b12b..702c09d31 100644 --- a/src/modules/extra/m_ssl_gnutls.cpp +++ b/src/modules/extra/m_ssl_gnutls.cpp @@ -12,17 +12,8 @@ */ #include "inspircd.h" - #include #include - -#include "inspircd_config.h" -#include "configreader.h" -#include "users.h" -#include "channels.h" -#include "modules.h" -#include "socket.h" -#include "hashcomp.h" #include "transport.h" #include "m_cap.h" @@ -55,6 +46,11 @@ bool isin(const std::string &host, int port, const std::vector &por class issl_session : public classbase { public: + issl_session() + { + sess = NULL; + } + gnutls_session_t sess; issl_status status; std::string outbuf; @@ -266,7 +262,7 @@ class ModuleSSLGnuTLS : public Module if((ret = gnutls_certificate_set_x509_key_file (x509_cred, certfile.c_str(), keyfile.c_str(), GNUTLS_X509_FMT_PEM)) < 0) { // If this fails, no SSL port will work. At all. So, do the smart thing - throw a ModuleException - throw ModuleException("Unable to load GnuTLS server certificate: " + std::string(gnutls_strerror(ret))); + throw ModuleException("Unable to load GnuTLS server certificate (" + std::string(certfile) + ", key: " + keyfile + "): " + std::string(gnutls_strerror(ret))); } // This may be on a large (once a day or week) timer eventually. @@ -538,6 +534,9 @@ class ModuleSSLGnuTLS : public Module } else { + ServerInstance->Logs->Log("m_ssl_gnutls", DEFAULT, + "m_ssl_gnutls.so: Error while reading on fd %d: %s", + session->fd, gnutls_strerror(ret)); readresult = 0; CloseSession(session); } @@ -618,6 +617,9 @@ class ModuleSSLGnuTLS : public Module { if(ret != GNUTLS_E_AGAIN && ret != GNUTLS_E_INTERRUPTED) { + ServerInstance->Logs->Log("m_ssl_gnutls", DEFAULT, + "m_ssl_gnutls.so: Error while writing to fd %d: %s", + session->fd, gnutls_strerror(ret)); CloseSession(session); } else @@ -706,6 +708,9 @@ class ModuleSSLGnuTLS : public Module else { // Handshake failed. + ServerInstance->Logs->Log("m_ssl_gnutls", DEFAULT, + "m_ssl_gnutls.so: Handshake failed on fd %d: %s", + session->fd, gnutls_strerror(ret)); CloseSession(session); session->status = ISSL_CLOSING; } @@ -907,7 +912,7 @@ class ModuleSSLGnuTLS : public Module /* Beware here we do not check for errors. */ - if ((gnutls_x509_crt_get_expiration_time(cert) < time(0)) || (gnutls_x509_crt_get_activation_time(cert) > time(0))) + if ((gnutls_x509_crt_get_expiration_time(cert) < ServerInstance->Time()) || (gnutls_x509_crt_get_activation_time(cert) > ServerInstance->Time())) { certinfo->data.insert(std::make_pair("error","Not activated, or expired certificate")); } @@ -920,20 +925,6 @@ class ModuleSSLGnuTLS : public Module void OnEvent(Event* ev) { GenericCapHandler(ev, "tls", "tls"); - if (ev->GetEventID() == "cap_req") - { - /* GenericCapHandler() Extends("tls") a user if it does - * CAP REQ tls. Check if this was done. - */ - CapData *data = (CapData *) ev->GetData(); - if (data->user->Shrink("tls")) - { - /* Not in our spec?!?! */ - data->user->AddIOHook(this); - OnRawSocketAccept(data->user->GetFd(), data->user->GetIPString(), - data->user->GetPort()); - } - } } void Prioritize()