X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_sasl.cpp;h=54bb8a44a7a1243cc7a2dfcafca1c4d89ddb4126;hb=08d2ff86b0c7ed91549d832cf3e572c8623dc8e8;hp=480f8f6db0d0ebc2ee559a80b705ae77417e6f8c;hpb=77730fd5f09f8fc193205654c8bba84d34365670;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/m_sasl.cpp b/src/modules/m_sasl.cpp
index 480f8f6db..54bb8a44a 100644
--- a/src/modules/m_sasl.cpp
+++ b/src/modules/m_sasl.cpp
@@ -171,26 +171,28 @@ class SaslAuthenticator
 	SaslResult result;
 	bool state_announced;
 
-	void SendHostIP()
+	void SendHostIP(UserCertificateAPI& sslapi)
 	{
 		std::vector<std::string> params;
 		params.push_back(user->GetRealHost());
 		params.push_back(user->GetIPString());
-		params.push_back(SSLIOHook::IsSSL(&user->eh) ? "S" : "P");
+		params.push_back(sslapi && sslapi->GetCertificate(user) ? "S" : "P");
 
 		SendSASL(user, "*", 'H', params);
 	}
 
  public:
-	SaslAuthenticator(LocalUser* user_, const std::string& method)
-		: user(user_), state(SASL_INIT), state_announced(false)
+	SaslAuthenticator(LocalUser* user_, const std::string& method, UserCertificateAPI& sslapi)
+		: user(user_)
+		, state(SASL_INIT)
+		, state_announced(false)
 	{
-		SendHostIP();
+		SendHostIP(sslapi);
 
 		std::vector<std::string> params;
 		params.push_back(method);
 
-		const std::string fp = SSLClientCert::GetFingerprint(&user->eh);
+		const std::string fp = sslapi ? sslapi->GetFingerprint(user) : "";
 		if (fp.size())
 			params.push_back(fp);
 
@@ -305,10 +307,13 @@ class CommandAuthenticate : public SplitCommand
  public:
 	SimpleExtItem<SaslAuthenticator>& authExt;
 	Cap::Capability& cap;
+	UserCertificateAPI sslapi;
+
 	CommandAuthenticate(Module* Creator, SimpleExtItem<SaslAuthenticator>& ext, Cap::Capability& Cap)
 		: SplitCommand(Creator, "AUTHENTICATE", 1)
 		, authExt(ext)
 		, cap(Cap)
+		, sslapi(Creator)
 	{
 		works_before_reg = true;
 		allow_empty_last_param = false;
@@ -331,7 +336,7 @@ class CommandAuthenticate : public SplitCommand
 
 			SaslAuthenticator *sasl = authExt.get(user);
 			if (!sasl)
-				authExt.set(user, new SaslAuthenticator(user, parameters[0]));
+				authExt.set(user, new SaslAuthenticator(user, parameters[0], sslapi));
 			else if (sasl->SendClientMessage(parameters) == false)	// IAL abort extension --nenolod
 			{
 				sasl->AnnounceState();
@@ -427,7 +432,7 @@ class ModuleSASL : public Module
 
 	Version GetVersion() CXX11_OVERRIDE
 	{
-		return Version("Provides support for IRC Authentication Layer (aka: SASL) via AUTHENTICATE.", VF_VENDOR);
+		return Version("Provides support for IRC Authentication Layer (aka: SASL) via AUTHENTICATE", VF_VENDOR);
 	}
 };