X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_ircv3_sts.cpp;h=cab671b70c5ae00830b3a5c4099fb386e25eee8d;hb=9cf381330eab69d7e5bf26684d1ec8075aee60a2;hp=f3b936b4189e43e29cfca5de19ed39c2449d0981;hpb=36040be2952186d56a6646ee7d972aaafdd4e31a;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/m_ircv3_sts.cpp b/src/modules/m_ircv3_sts.cpp index f3b936b41..cab671b70 100644 --- a/src/modules/m_ircv3_sts.cpp +++ b/src/modules/m_ircv3_sts.cpp @@ -35,6 +35,10 @@ class STSCap : public Cap::Capability if (GetProtocol(user) == Cap::CAP_LEGACY) return false; + // Don't send the cap to clients in a class which has STS disabled. + if (!user->GetClass()->config->getBool("usests", true)) + return false; + // Plaintext listeners have their own policy. SSLIOHook* sslhook = SSLIOHook::IsSSL(&user->eh); if (!sslhook) @@ -130,7 +134,7 @@ class ModuleIRCv3STS : public Module for (std::vector::const_iterator iter = ServerInstance->ports.begin(); iter != ServerInstance->ports.end(); ++iter) { ListenSocket* ls = *iter; - + // Is this listener on the right port? unsigned int saport = ls->bind_sa.port(); if (saport != port) @@ -163,18 +167,18 @@ class ModuleIRCv3STS : public Module if (host.empty()) throw ModuleException(" must contain a hostname, at " + tag->getTagLocation()); - unsigned int port = tag->getInt("port", 0, 0, UINT16_MAX); + unsigned int port = tag->getUInt("port", 0, 0, UINT16_MAX); if (!HasValidSSLPort(port)) throw ModuleException(" must be a TLS port, at " + tag->getTagLocation()); - unsigned long duration = tag->getDuration("duration", 60*60*24*30*2, 0, LONG_MAX); + unsigned long duration = tag->getDuration("duration", 60*60*24*30*2); bool preload = tag->getBool("preload"); cap.SetPolicy(host, duration, port, preload); } Version GetVersion() CXX11_OVERRIDE { - return Version("Provides IRCv3 Strict Transport Security policy advertisement", VF_OPTCOMMON); + return Version("Provides IRCv3 Strict Transport Security policy advertisement", VF_OPTCOMMON|VF_VENDOR); } };