X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fextra%2Fm_ssl_openssl.cpp;h=fb965a5abcc29670941794046a3d1c461ec7c53a;hb=7cfeb971666b3a6709fe61bd01478697e6433f50;hp=d4a3e24dbaa548a5336c2c9470d445fc21d3c072;hpb=6ce92e8eb0fa1bf253da2c16d3cd9cdede5899a6;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index d4a3e24db..fb965a5ab 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -1,19 +1,20 @@ /* * InspIRCd -- Internet Relay Chat Daemon * + * Copyright (C) 2020 Matt Schatz * Copyright (C) 2019 linuxdaemon - * Copyright (C) 2019 Matt Schatz * Copyright (C) 2017 Wade Cline * Copyright (C) 2014, 2016 Adam * Copyright (C) 2014 Julien Vehent - * Copyright (C) 2013-2014, 2016-2019 Sadie Powell + * Copyright (C) 2013-2014, 2016-2021 Sadie Powell * Copyright (C) 2012-2017 Attila Molnar - * Copyright (C) 2012, 2019 Robby + * Copyright (C) 2012 Robby * Copyright (C) 2012 ChrisTX * Copyright (C) 2009-2010 Daniel De Graaf * Copyright (C) 2008 Robin Burchell - * Copyright (C) 2007-2008, 2010 Craig Edwards * Copyright (C) 2007 Dennis Friis + * Copyright (C) 2006-2008, 2010 Craig Edwards + * Copyright (C) 2006 Oliver Lupton * * This file is part of InspIRCd. InspIRCd is free software: you can * redistribute it and/or modify it under the terms of the GNU General Public @@ -28,7 +29,7 @@ * along with this program. If not, see . */ -/// $CompilerFlags: find_compiler_flags("openssl") +/// $CompilerFlags: find_compiler_flags("openssl" "") /// $LinkerFlags: find_linker_flags("openssl" "-lssl -lcrypto") /// $PackageInfo: require_system("arch") openssl pkgconf @@ -51,6 +52,13 @@ # pragma GCC diagnostic ignored "-Wdeprecated-declarations" #endif +// LibreSSL lies about the version of OpenSSL it is compatible with and is a general pain +// to support. Support for it was removed in the master branch at the same time that +// support for OpenSSL pre-1.1 was. +#if defined __GNUC__ && defined LIBRESSL_VERSION_NUMBER +# warning LibreSSL support will be discontinued in the future. Consider using the ssl_gnutls or ssl_mbedtls modules instead. +#endif + // Fix warnings about the use of `long long` on C++03. #if defined __clang__ # pragma clang diagnostic ignored "-Wc++11-long-long" @@ -928,13 +936,13 @@ static int OpenSSL::BIOMethod::read(BIO* bio, char* buffer, int size) return ret; } -class OpenSSLIOHookProvider : public IOHookProvider +class OpenSSLIOHookProvider : public SSLIOHookProvider { OpenSSL::Profile profile; public: OpenSSLIOHookProvider(Module* mod, const std::string& profilename, ConfigTag* tag) - : IOHookProvider(mod, "ssl/" + profilename, IOHookProvider::IOH_SSL) + : SSLIOHookProvider(mod, profilename) , profile(profilename, tag) { ServerInstance->Modules->AddService(*this); @@ -979,7 +987,7 @@ class ModuleSSLOpenSSL : public Module // Create a default profile named "openssl" const std::string defname = "openssl"; ConfigTag* tag = ServerInstance->Config->ConfValue(defname); - ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "No tags found, using settings from the tag"); + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "No tags found, using settings from the deprecated tag"); try { @@ -990,31 +998,37 @@ class ModuleSSLOpenSSL : public Module throw ModuleException("Error while initializing the default TLS (SSL) profile - " + ex.GetReason()); } } - - for (ConfigIter i = tags.first; i != tags.second; ++i) + else { - ConfigTag* tag = i->second; - if (!stdalgo::string::equalsci(tag->getString("provider"), "openssl")) - continue; - - std::string name = tag->getString("name"); - if (name.empty()) + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "You have defined an tag; you should use this in place of \"openssl\" when configuring TLS (SSL) connections in or "); + for (ConfigIter i = tags.first; i != tags.second; ++i) { - ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring tag without name at " + tag->getTagLocation()); - continue; - } + ConfigTag* tag = i->second; + if (!stdalgo::string::equalsci(tag->getString("provider"), "openssl")) + { + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring non-OpenSSL tag at " + tag->getTagLocation()); + continue; + } - reference prov; - try - { - prov = new OpenSSLIOHookProvider(this, name, tag); - } - catch (CoreException& ex) - { - throw ModuleException("Error while initializing TLS (SSL) profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason()); - } + std::string name = tag->getString("name"); + if (name.empty()) + { + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Ignoring tag without name at " + tag->getTagLocation()); + continue; + } + + reference prov; + try + { + prov = new OpenSSLIOHookProvider(this, name, tag); + } + catch (CoreException& ex) + { + throw ModuleException("Error while initializing TLS (SSL) profile \"" + name + "\" at " + tag->getTagLocation() + " - " + ex.GetReason()); + } - newprofiles.push_back(prov); + newprofiles.push_back(prov); + } } for (ProfileList::iterator i = profiles.begin(); i != profiles.end(); ++i) @@ -1062,7 +1076,7 @@ class ModuleSSLOpenSSL : public Module try { ReadProfiles(); - ServerInstance->SNO->WriteToSnoMask('a', "TLS (SSL) module OpenSSL rehashed."); + ServerInstance->SNO->WriteToSnoMask('a', "OpenSSL TLS (SSL) profiles have been reloaded."); } catch (ModuleException& ex) {