X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fextra%2Fm_ssl_gnutls.cpp;h=e02c4a697d62407c9c20bbddacc7dede404d5002;hb=b4a174ee9c32d62ea6bf010e837e8c5b1c3d36a3;hp=1953851e3247767d085bf92d3a36ad98e0a6fac6;hpb=bb39d78be61e45555cdd87985e26ea07b725fabf;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp index 1953851e3..e02c4a697 100644 --- a/src/modules/extra/m_ssl_gnutls.cpp +++ b/src/modules/extra/m_ssl_gnutls.cpp @@ -1,13 +1,13 @@ /* * InspIRCd -- Internet Relay Chat Daemon * + * Copyright (C) 2020 Matt Schatz * Copyright (C) 2019 linuxdaemon - * Copyright (C) 2019 Matt Schatz - * Copyright (C) 2013-2014, 2016-2019 Sadie Powell + * Copyright (C) 2013-2014, 2016-2021 Sadie Powell * Copyright (C) 2013 Daniel Vassdal * Copyright (C) 2012-2017 Attila Molnar * Copyright (C) 2012-2013, 2016 Adam - * Copyright (C) 2012, 2019 Robby + * Copyright (C) 2012 Robby * Copyright (C) 2012 ChrisTX * Copyright (C) 2009-2010 Daniel De Graaf * Copyright (C) 2009 Uli Schlachter @@ -907,7 +907,7 @@ info_done_dealloc: } CloseSession(); - sock->SetError("No SSL session"); + sock->SetError("No TLS (SSL) session"); return -1; } @@ -1243,13 +1243,13 @@ int GnuTLS::X509Credentials::cert_callback(gnutls_session_t sess, const gnutls_d return 0; } -class GnuTLSIOHookProvider : public IOHookProvider +class GnuTLSIOHookProvider : public SSLIOHookProvider { GnuTLS::Profile profile; public: - GnuTLSIOHookProvider(Module* mod, GnuTLS::Profile::Config& config) - : IOHookProvider(mod, "ssl/" + config.name, IOHookProvider::IOH_SSL) + GnuTLSIOHookProvider(Module* mod, GnuTLS::Profile::Config& config) + : SSLIOHookProvider(mod, config.name) , profile(config) { ServerInstance->Modules->AddService(*this); @@ -1291,7 +1291,7 @@ class ModuleSSLGnuTLS : public Module { // First, store all profiles in a new, temporary container. If no problems occur, swap the two // containers; this way if something goes wrong we can go back and continue using the current profiles, - // avoiding unpleasant situations where no new SSL connections are possible. + // avoiding unpleasant situations where no new TLS (SSL) connections are possible. ProfileList newprofiles; ConfigTagList tags = ServerInstance->Config->ConfTags("sslprofile"); @@ -1300,7 +1300,7 @@ class ModuleSSLGnuTLS : public Module // No tags found, create a profile named "gnutls" from settings in the block const std::string defname = "gnutls"; ConfigTag* tag = ServerInstance->Config->ConfValue(defname); - ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "No tags found; using settings from the tag"); + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "No tags found; using settings from the deprecated tag"); try { @@ -1309,35 +1309,41 @@ class ModuleSSLGnuTLS : public Module } catch (CoreException& ex) { - throw ModuleException("Error while initializing the default SSL profile - " + ex.GetReason()); + throw ModuleException("Error while initializing the default TLS (SSL) profile - " + ex.GetReason()); } } - - for (ConfigIter i = tags.first; i != tags.second; ++i) + else { - ConfigTag* tag = i->second; - if (!stdalgo::string::equalsci(tag->getString("provider"), "gnutls")) - continue; - - std::string name = tag->getString("name"); - if (name.empty()) + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "You have defined an tag; you should use this in place of \"gnutls\" when configuring TLS (SSL) connections in or "); + for (ConfigIter i = tags.first; i != tags.second; ++i) { - ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring tag without name at " + tag->getTagLocation()); - continue; - } + ConfigTag* tag = i->second; + if (!stdalgo::string::equalsci(tag->getString("provider"), "gnutls")) + { + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring non-GnuTLS tag at " + tag->getTagLocation()); + continue; + } - reference prov; - try - { - GnuTLS::Profile::Config profileconfig(name, tag); - prov = new GnuTLSIOHookProvider(this, profileconfig); - } - catch (CoreException& ex) - { - throw ModuleException("Error while initializing SSL profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason()); - } + std::string name = tag->getString("name"); + if (name.empty()) + { + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring tag without name at " + tag->getTagLocation()); + continue; + } + + reference prov; + try + { + GnuTLS::Profile::Config profileconfig(name, tag); + prov = new GnuTLSIOHookProvider(this, profileconfig); + } + catch (CoreException& ex) + { + throw ModuleException("Error while initializing TLS (SSL) profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason()); + } - newprofiles.push_back(prov); + newprofiles.push_back(prov); + } } // New profiles are ok, begin using them @@ -1369,13 +1375,13 @@ class ModuleSSLGnuTLS : public Module void OnModuleRehash(User* user, const std::string ¶m) CXX11_OVERRIDE { - if (!irc::equals(param, "ssl")) + if (!irc::equals(param, "tls") && !irc::equals(param, "ssl")) return; try { ReadProfiles(); - ServerInstance->SNO->WriteToSnoMask('a', "SSL module %s rehashed.", MODNAME); + ServerInstance->SNO->WriteToSnoMask('a', "GnuTLS TLS (SSL) profiles have been reloaded."); } catch (ModuleException& ex) { @@ -1396,16 +1402,16 @@ class ModuleSSLGnuTLS : public Module if ((user) && (user->eh.GetModHook(this))) { - // User is using SSL, they're a local user, and they're using one of *our* SSL ports. - // Potentially there could be multiple SSL modules loaded at once on different ports. - ServerInstance->Users->QuitUser(user, "SSL module unloading"); + // User is using TLS (SSL), they're a local user, and they're using one of *our* TLS (SSL) ports. + // Potentially there could be multiple TLS (SSL) modules loaded at once on different ports. + ServerInstance->Users->QuitUser(user, "GnuTLS module unloading"); } } } Version GetVersion() CXX11_OVERRIDE { - return Version("Provides SSL support via GnuTLS", VF_VENDOR); + return Version("Allows TLS (SSL) encrypted connections using the GnuTLS library.", VF_VENDOR); } ModResult OnCheckReady(LocalUser* user) CXX11_OVERRIDE