X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fextra%2Fm_ssl_openssl.cpp;h=3819d835c1185a82b2c8564378e7134aaefc16df;hb=b37a253d962ed7af1ea7a328abf2a1af74f30759;hp=d1fddba74f0b0c396f95d5f9c63b513eeccbe53e;hpb=933edf3875d5a329033d8a0415696b81488abcb8;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index d1fddba74..3819d835c 100644
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -12,11 +12,14 @@
 #include "helperfuncs.h"
 #include "socket.h"
 #include "hashcomp.h"
+#include "inspircd.h"
 
 /* $ModDesc: Provides SSL support for clients */
 /* $CompileFlags: -I/usr/include -I/usr/local/include */
 /* $LinkerFlags: -L/usr/local/lib -Wl,--rpath -Wl,/usr/local/lib -L/usr/lib -Wl,--rpath -Wl,/usr/lib -lssl */
 
+extern InspIRCd* ServerInstance;
+
 enum issl_status { ISSL_NONE, ISSL_HANDSHAKING, ISSL_OPEN };
 enum issl_io_status { ISSL_WRITE, ISSL_READ };
 
@@ -34,7 +37,7 @@ char* get_error()
 	return ERR_error_string(ERR_get_error(), NULL);
 }
 
-class issl_session
+class issl_session : public classbase
 {
 public:
 	SSL* sess;
@@ -57,10 +60,9 @@ public:
 class ModuleSSLOpenSSL : public Module
 {
 	Server* Srv;
-	ServerConfig* SrvConf;
 	ConfigReader* Conf;
 	
-	CullList culllist;
+	CullList* culllist;
 	
 	std::vector<int> listenports;
 	
@@ -69,6 +71,8 @@ class ModuleSSLOpenSSL : public Module
 	
 	SSL_CTX* ctx;
 	
+	char* dummy;
+	
 	std::string keyfile;
 	std::string certfile;
 	std::string cafile;
@@ -77,14 +81,15 @@ class ModuleSSLOpenSSL : public Module
 	
  public:
 	
-	ModuleSSLOpenSSL(Server* Me)
+	ModuleSSLOpenSSL(InspIRCd* Me)
 		: Module::Module(Me)
 	{
-		Srv = Me;
-		SrvConf = Srv->GetConfig();
+		
+
+		culllist = new CullList(ServerInstance);
 		
 		// Not rehashable...because I cba to reduce all the sizes of existing buffers.
-		inbufsize = SrvConf->NetBufferSize;
+		inbufsize = ServerInstance->Config->NetBufferSize;
 		
 		/* Global SSL library initialization*/
 		SSL_library_init();
@@ -106,7 +111,7 @@ class ModuleSSLOpenSSL : public Module
 			
 		for(unsigned int i = 0; i < listenports.size(); i++)
 		{
-			SrvConf->DelIOHook(listenports[i]);
+			ServerInstance->Config->DelIOHook(listenports[i]);
 		}
 		
 		listenports.clear();
@@ -118,7 +123,7 @@ class ModuleSSLOpenSSL : public Module
 			{
 				// Get the port we're meant to be listening on with SSL
 				unsigned int port = Conf->ReadInteger("bind", "port", i, true);
-				if(SrvConf->AddIOHook(port, this))
+				if (ServerInstance->Config->AddIOHook(port, this))
 				{
 					// We keep a record of which ports we're listening on with SSL
 					listenports.push_back(port);
@@ -197,18 +202,19 @@ class ModuleSSLOpenSSL : public Module
 		if(dhpfile == NULL)
 		{
 			log(DEFAULT, "m_ssl_openssl.so Couldn't open DH file %s: %s", dhfile.c_str(), strerror(errno));
+			throw ModuleException();
 		}
 		else
 		{
 			ret = PEM_read_DHparams(dhpfile, NULL, NULL, NULL);
+		
+			if(SSL_CTX_set_tmp_dh(ctx, ret) < 0)
+			{
+				log(DEFAULT, "m_ssl_openssl.so: Couldn't set DH parameters");
+			}
 		}
 		
 		fclose(dhpfile);
-    
-		if(SSL_CTX_set_tmp_dh(ctx, ret) < 0)
-		{
-			log(DEFAULT, "m_ssl_openssl.so: Couldn't set DH parameters");
-		}
 
 		DELETE(Conf);
 	}
@@ -216,6 +222,7 @@ class ModuleSSLOpenSSL : public Module
 	virtual ~ModuleSSLOpenSSL()
 	{
 		SSL_CTX_free(ctx);
+		delete culllist;
 	}
 	
 	virtual void OnCleanup(int target_type, void* item)
@@ -224,12 +231,12 @@ class ModuleSSLOpenSSL : public Module
 		{
 			userrec* user = (userrec*)item;
 			
-			if(user->GetExt("ssl") && IS_LOCAL(user) && isin(user->port, listenports))
+			if(user->GetExt("ssl", dummy) && IS_LOCAL(user) && isin(user->GetPort(), listenports))
 			{
 				// User is using SSL, they're a local user, and they're using one of *our* SSL ports.
 				// Potentially there could be multiple SSL modules loaded at once on different ports.
 				log(DEBUG, "m_ssl_openssl.so: Adding user %s to cull list", user->nick);
-				culllist.AddItem(user, "SSL module unloading");
+				culllist->AddItem(user, "SSL module unloading");
 			}
 		}
 	}
@@ -239,11 +246,11 @@ class ModuleSSLOpenSSL : public Module
 		if(mod == this)
 		{
 			// We're being unloaded, kill all the users added to the cull list in OnCleanup
-			int numusers = culllist.Apply();
+			int numusers = culllist->Apply();
 			log(DEBUG, "m_ssl_openssl.so: Killed %d users for unload of OpenSSL SSL module", numusers);
 			
 			for(unsigned int i = 0; i < listenports.size(); i++)
-				SrvConf->DelIOHook(listenports[i]);
+				ServerInstance->Config->DelIOHook(listenports[i]);
 		}
 	}
 	
@@ -363,9 +370,6 @@ class ModuleSSLOpenSSL : public Module
 						session->inbufoffset = 0;
 					}
 				
-					log(DEBUG, "m_ssl_openssl.so: OnRawSocketRead: Passing %d bytes up to insp:", count);
-					Srv->Log(DEBUG, std::string(buffer, readresult));
-				
 					return 1;
 				}
 				else
@@ -378,7 +382,7 @@ class ModuleSSLOpenSSL : public Module
 		return -1;
 	}
 	
-	virtual int OnRawSocketWrite(int fd, char* buffer, int count)
+	virtual int OnRawSocketWrite(int fd, const char* buffer, int count)
 	{		
 		issl_session* session = &sessions[fd];
 
@@ -432,9 +436,6 @@ class ModuleSSLOpenSSL : public Module
 	
 	int DoWrite(issl_session* session)
 	{
-		log(DEBUG, "m_ssl_openssl.so: DoWrite: Trying to write %d bytes:", session->outbuf.size());
-		Srv->Log(DEBUG, session->outbuf);
-			
 		int ret = SSL_write(session->sess, session->outbuf.data(), session->outbuf.size());
 		
 		if(ret == 0)
@@ -530,9 +531,9 @@ class ModuleSSLOpenSSL : public Module
 	virtual void OnWhois(userrec* source, userrec* dest)
 	{
 		// Bugfix, only send this numeric for *our* SSL users
-		if(dest->GetExt("ssl") || (IS_LOCAL(dest) &&  isin(dest->port, listenports)))
+		if(dest->GetExt("ssl", dummy) || (IS_LOCAL(dest) &&  isin(dest->GetPort(), listenports)))
 		{
-			WriteServ(source->fd, "320 %s %s :is using a secure connection", source->nick, dest->nick);
+			source->WriteServ("320 %s %s :is using a secure connection", source->nick, dest->nick);
 		}
 	}
 	
@@ -542,7 +543,7 @@ class ModuleSSLOpenSSL : public Module
 		if(extname == "ssl")
 		{
 			// check if this user has an swhois field to send
-			if(user->GetExt(extname))
+			if(user->GetExt(extname, dummy))
 			{
 				// call this function in the linking module, let it format the data how it
 				// sees fit, and send it on its way. We dont need or want to know how.
@@ -558,7 +559,7 @@ class ModuleSSLOpenSSL : public Module
 		{
 			userrec* dest = (userrec*)target;
 			// if they dont already have an ssl flag, accept the remote server's
-			if (!dest->GetExt(extname))
+			if (!dest->GetExt(extname, dummy))
 			{
 				dest->Extend(extname, "ON");
 			}
@@ -603,7 +604,7 @@ class ModuleSSLOpenSSL : public Module
 			userrec* u = Srv->FindDescriptor(session->fd);
 			if (u)
 			{
-				if (!u->GetExt("ssl"))
+				if (!u->GetExt("ssl", dummy))
 					u->Extend("ssl", "ON");
 			}
 			
@@ -619,7 +620,7 @@ class ModuleSSLOpenSSL : public Module
 	{
 		// This occurs AFTER OnUserConnect so we can be sure the
 		// protocol module has propogated the NICK message.
-		if ((user->GetExt("ssl")) && (IS_LOCAL(user)))
+		if ((user->GetExt("ssl", dummy)) && (IS_LOCAL(user)))
 		{
 			// Tell whatever protocol module we're using that we need to inform other servers of this metadata NOW.
 			std::deque<std::string>* metadata = new std::deque<std::string>;
@@ -669,7 +670,7 @@ class ModuleSSLOpenSSLFactory : public ModuleFactory
 	{
 	}
 	
-	virtual Module * CreateModule(Server* Me)
+	virtual Module * CreateModule(InspIRCd* Me)
 	{
 		return new ModuleSSLOpenSSL(Me);
 	}