X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fextra%2Fm_ssl_openssl.cpp;h=0a5a76792d1a35691c8960e948819f9dbf7448ca;hb=44f42a13de52c8025942ddab42f51feb36821782;hp=26110596923c8f47754a89fe9cfdeccecee37173;hpb=05c75aba6b4bf77a8731cd017149b8a40c9182b9;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index 261105969..0a5a76792 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -1,26 +1,42 @@ -/* +------------------------------------+ - * | Inspire Internet Relay Chat Daemon | - * +------------------------------------+ +/* + * InspIRCd -- Internet Relay Chat Daemon * - * InspIRCd: (C) 2002-2010 InspIRCd Development Team - * See: http://wiki.inspircd.org/Credits + * Copyright (C) 2009-2010 Daniel De Graaf + * Copyright (C) 2008 Pippijn van Steenhoven + * Copyright (C) 2006-2008 Craig Edwards + * Copyright (C) 2008 Thomas Stagner + * Copyright (C) 2007 Dennis Friis + * Copyright (C) 2006 Oliver Lupton * - * This program is free but copyrighted software; see - * the file COPYING for details. + * This file is part of InspIRCd. InspIRCd is free software: you can + * redistribute it and/or modify it under the terms of the GNU General Public + * License as published by the Free Software Foundation, version 2. * - * --------------------------------------------------- + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more + * details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . */ + #include "inspircd.h" #include #include #include "ssl.h" #ifdef WINDOWS -#pragma comment(lib, "libeay32MTd") -#pragma comment(lib, "ssleay32MTd") -#undef MAX_DESCRIPTORS -#define MAX_DESCRIPTORS 10000 +# pragma comment(lib, "libcrypto.lib") +# pragma comment(lib, "libssl.lib") +# pragma comment(lib, "user32.lib") +# pragma comment(lib, "advapi32.lib") +# pragma comment(lib, "libgcc.lib") +# pragma comment(lib, "libmingwex.lib") +# pragma comment(lib, "gdi32.lib") +# undef MAX_DESCRIPTORS +# define MAX_DESCRIPTORS 10000 #endif /* $ModDesc: Provides SSL support for clients */ @@ -30,8 +46,6 @@ /* $LinkerFlags: if(!"USE_FREEBSD_BASE_SSL") rpath("pkg-config --libs openssl") pkgconflibs("openssl","/libssl.so","-lssl -lcrypto -ldl") */ /* $NoPedantic */ -/* $CopyInstall: conf/key.pem $(CONPATH) -m 0400 -o $(INSTUID) */ -/* $CopyInstall: conf/cert.pem $(CONPATH) -m 0444 */ enum issl_status { ISSL_NONE, ISSL_HANDSHAKING, ISSL_OPEN }; @@ -139,24 +153,27 @@ class ModuleSSLOpenSSL : public Module void OnRehash(User* user) { - ConfigReader Conf; - sslports.clear(); - for (size_t i = 0; i < ServerInstance->ports.size(); i++) + ConfigTag* Conf = ServerInstance->Config->ConfValue("openssl"); + + if (Conf->getBool("showports", true)) { - ListenSocket* port = ServerInstance->ports[i]; - if (port->bind_tag->getString("ssl") != "openssl") - continue; - - std::string portid = port->bind_desc; - ServerInstance->Logs->Log("m_ssl_openssl", DEFAULT, "m_ssl_openssl.so: Enabling SSL for port %s", portid.c_str()); - if (port->bind_tag->getString("type", "clients") == "clients" && port->bind_addr != "127.0.0.1") - sslports.append(portid).append(";"); - } + for (size_t i = 0; i < ServerInstance->ports.size(); i++) + { + ListenSocket* port = ServerInstance->ports[i]; + if (port->bind_tag->getString("ssl") != "openssl") + continue; + + std::string portid = port->bind_desc; + ServerInstance->Logs->Log("m_ssl_openssl", DEFAULT, "m_ssl_openssl.so: Enabling SSL for port %s", portid.c_str()); + if (port->bind_tag->getString("type", "clients") == "clients" && port->bind_addr != "127.0.0.1") + sslports.append(portid).append(";"); + } - if (!sslports.empty()) - sslports.erase(sslports.end() - 1); + if (!sslports.empty()) + sslports.erase(sslports.end() - 1); + } } void OnModuleRehash(User* user, const std::string ¶m) @@ -242,13 +259,11 @@ class ModuleSSLOpenSSL : public Module { if (user->eh.GetIOHook() == this) { - if (sessions[user->GetFd()].sess) + if (sessions[user->eh.GetFd()].sess) { - SSLCertSubmission(user, this, ServerInstance->Modules->Find("m_sslinfo.so"), sessions[user->GetFd()].cert); - - if (!sessions[user->GetFd()].cert->fingerprint.empty()) + if (!sessions[user->eh.GetFd()].cert->fingerprint.empty()) user->WriteServ("NOTICE %s :*** You are connected using SSL fingerprint %s", - user->nick.c_str(), sessions[user->GetFd()].cert->fingerprint.c_str()); + user->nick.c_str(), sessions[user->eh.GetFd()].cert->fingerprint.c_str()); } } } @@ -295,6 +310,7 @@ class ModuleSSLOpenSSL : public Module session->sess = SSL_new(ctx); session->status = ISSL_NONE; session->outbound = false; + session->cert = NULL; if (session->sess == NULL) return; @@ -382,6 +398,8 @@ class ModuleSSLOpenSSL : public Module if (ret > 0) { recvq.append(buffer, ret); + if (session->data_to_write) + ServerInstance->SE->ChangeEventMask(user, FD_WANT_POLL_READ | FD_WANT_SINGLE_WRITE); return 1; } else if (ret == 0) @@ -471,7 +489,7 @@ class ModuleSSLOpenSSL : public Module } else if (err == SSL_ERROR_WANT_READ) { - ServerInstance->SE->ChangeEventMask(user, FD_WANT_POLL_READ | FD_WANT_NO_WRITE); + ServerInstance->SE->ChangeEventMask(user, FD_WANT_POLL_READ); return 0; } else @@ -551,7 +569,7 @@ class ModuleSSLOpenSSL : public Module void VerifyCertificate(issl_session* session, StreamSocket* user) { - if (!session->sess || !user || session->cert) + if (!session->sess || !user) return; X509* cert;