X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fextra%2Fm_ssl_gnutls.cpp;h=797019fd4511970ac6a4fe3eb690a1ca026752ed;hb=b07868e77c0527642ed72bce84bf5895bf921e87;hp=5d8ae98d7dfa3a1ccb158023c2293053248fa401;hpb=3b358271dd255b5177e6222a3b2417de4348c71f;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp
index 5d8ae98d7..797019fd4 100644
--- a/src/modules/extra/m_ssl_gnutls.cpp
+++ b/src/modules/extra/m_ssl_gnutls.cpp
@@ -28,8 +28,6 @@
 
 #ifdef WINDOWS
 #pragma comment(lib, "libgnutls-13.lib")
-#undef MAX_DESCRIPTORS
-#define MAX_DESCRIPTORS 10000
 #endif
 
 /* $ModDesc: Provides SSL support for clients */
@@ -41,9 +39,15 @@
 
 enum issl_status { ISSL_NONE, ISSL_HANDSHAKING_READ, ISSL_HANDSHAKING_WRITE, ISSL_HANDSHAKEN, ISSL_CLOSING, ISSL_CLOSED };
 
-bool isin(const std::string &hostandport, const std::vector<std::string> &portlist)
+bool isin(const std::string &host, int port, const std::vector<std::string> &portlist)
 {
-	return std::find(portlist.begin(), portlist.end(), hostandport) != portlist.end();
+	if (std::find(portlist.begin(), portlist.end(), "*:" + ConvToStr(port)) != portlist.end())
+		return true;
+
+	if (std::find(portlist.begin(), portlist.end(), ":" + ConvToStr(port)) != portlist.end())
+		return true;
+
+	return std::find(portlist.begin(), portlist.end(), host + ":" + ConvToStr(port)) != portlist.end();
 }
 
 /** Represents an SSL user's extra data
@@ -71,9 +75,6 @@ class CommandStartTLS : public Command
 
 	CmdResult Handle (const char* const* parameters, int pcnt, User *user)
 	{
-		if (!user->GetExt("tls"))
-			return CMD_FAILURE;
-
 		user->io = Caller;
 		Caller->OnRawSocketAccept(user->GetFd(), user->GetIPString(), user->GetPort());
 
@@ -91,7 +92,7 @@ class ModuleSSLGnuTLS : public Module
 	std::vector<std::string> listenports;
 
 	int inbufsize;
-	issl_session sessions[MAX_DESCRIPTORS];
+	issl_session* sessions;
 
 	gnutls_certificate_credentials x509_cred;
 	gnutls_dh_params dh_params;
@@ -114,6 +115,8 @@ class ModuleSSLGnuTLS : public Module
 	{
 		ServerInstance->Modules->PublishInterface("BufferedSocketHook", this);
 
+		sessions = new issl_session[ServerInstance->SE->GetMaxFds()];
+
 		// Not rehashable...because I cba to reduce all the sizes of existing buffers.
 		inbufsize = ServerInstance->Config->NetBufferSize;
 
@@ -169,13 +172,13 @@ class ModuleSSLGnuTLS : public Module
 						for (size_t i = 0; i < ServerInstance->Config->ports.size(); i++)
 							if ((ServerInstance->Config->ports[i]->GetPort() == portno) && (ServerInstance->Config->ports[i]->GetIP() == addr))
 								ServerInstance->Config->ports[i]->SetDescription("ssl");
-						ServerInstance->Logs->Log("m_ssl_gnutls",DEFAULT, "m_ssl_gnutls.so: Enabling SSL for port %d", portno);
+						ServerInstance->Logs->Log("m_ssl_gnutls",DEFAULT, "m_ssl_gnutls.so: Enabling SSL for port %ld", portno);
 
 						sslports.append((addr.empty() ? "*" : addr)).append(":").append(ConvToStr(portno)).append(";");
 					}
 					catch (ModuleException &e)
 					{
-						ServerInstance->Logs->Log("m_ssl_gnutls",DEFAULT, "m_ssl_gnutls.so: FAILED to enable SSL on port %d: %s. Maybe it's already hooked by the same port on a different IP, or you have an other SSL or similar module loaded?", portno, e.GetReason());
+						ServerInstance->Logs->Log("m_ssl_gnutls",DEFAULT, "m_ssl_gnutls.so: FAILED to enable SSL on port %ld: %s. Maybe it's already hooked by the same port on a different IP, or you have an other SSL or similar module loaded?", portno, e.GetReason());
 					}
 				}
 			}
@@ -267,6 +270,8 @@ class ModuleSSLGnuTLS : public Module
 		gnutls_dh_params_deinit(dh_params);
 		gnutls_certificate_free_credentials(x509_cred);
 		gnutls_global_deinit();
+		ServerInstance->Modules->UnpublishInterface("BufferedSocketHook", this);
+		delete[] sessions;
 	}
 
 	virtual void OnCleanup(int target_type, void* item)
@@ -319,7 +324,7 @@ class ModuleSSLGnuTLS : public Module
 
 	virtual void OnHookUserIO(User* user, const std::string &targetip)
 	{
-		if (!user->io && isin(targetip+":"+ConvToStr(user->GetPort()),listenports))
+		if (!user->io && isin(targetip,user->GetPort(),listenports))
 		{
 			/* Hook the user with our module */
 			user->io = this;
@@ -380,7 +385,7 @@ class ModuleSSLGnuTLS : public Module
 	virtual void OnRawSocketAccept(int fd, const std::string &ip, int localport)
 	{
 		/* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
-		if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+		if ((fd < 0) || (fd > ServerInstance->SE->GetMaxFds() - 1))
 			return;
 
 		issl_session* session = &sessions[fd];
@@ -413,7 +418,7 @@ class ModuleSSLGnuTLS : public Module
 	virtual void OnRawSocketConnect(int fd)
 	{
 		/* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
-		if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+		if ((fd < 0) || (fd > ServerInstance->SE->GetMaxFds() - 1))
 			return;
 
 		issl_session* session = &sessions[fd];
@@ -435,7 +440,7 @@ class ModuleSSLGnuTLS : public Module
 	virtual void OnRawSocketClose(int fd)
 	{
 		/* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
-		if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+		if ((fd < 0) || (fd > ServerInstance->SE->GetMaxFds()))
 			return;
 
 		CloseSession(&sessions[fd]);
@@ -454,7 +459,7 @@ class ModuleSSLGnuTLS : public Module
 	virtual int OnRawSocketRead(int fd, char* buffer, unsigned int count, int &readresult)
 	{
 		/* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
-		if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+		if ((fd < 0) || (fd > ServerInstance->SE->GetMaxFds() - 1))
 			return 0;
 
 		issl_session* session = &sessions[fd];
@@ -549,7 +554,7 @@ class ModuleSSLGnuTLS : public Module
 	virtual int OnRawSocketWrite(int fd, const char* buffer, int count)
 	{
 		/* Are there any possibilities of an out of range fd? Hope not, but lets be paranoid */
-		if ((fd < 0) || (fd > MAX_DESCRIPTORS))
+		if ((fd < 0) || (fd > ServerInstance->SE->GetMaxFds() - 1))
 			return 0;
 
 		issl_session* session = &sessions[fd];
@@ -710,7 +715,7 @@ class ModuleSSLGnuTLS : public Module
 		{
 			// Tell whatever protocol module we're using that we need to inform other servers of this metadata NOW.
 			std::deque<std::string>* metadata = new std::deque<std::string>;
-			metadata->push_back(user->nick);
+			metadata->push_back(user->uuid);
 			metadata->push_back("ssl");		// The metadata id
 			metadata->push_back("ON");		// The value to send
 			Event* event = new Event((char*)metadata,(Module*)this,"send_metadata");
@@ -898,6 +903,11 @@ class ModuleSSLGnuTLS : public Module
 		GenericCapHandler(ev, "tls", "tls");
 	}
 
+        void Prioritize()
+	{
+		Module* server = ServerInstance->Modules->Find("m_spanningtree.so");
+		ServerInstance->Modules->SetPriority(this, I_OnPostConnect, PRIO_AFTER, &server);
+	}
 };
 
 MODULE_INIT(ModuleSSLGnuTLS)