X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_sslinfo.cpp;h=21857b3d955455e5b2150c60dc25a6bbd49a954c;hb=318d50bc868fb64a7d5e1edeff3ec23e38925638;hp=54aeb9755a7c193ffdfa06f13a18244f1d69bc2d;hpb=ec6955f28ba9423828ac24ef83caee09ffa6b52c;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/m_sslinfo.cpp b/src/modules/m_sslinfo.cpp index 54aeb9755..21857b3d9 100644 --- a/src/modules/m_sslinfo.cpp +++ b/src/modules/m_sslinfo.cpp @@ -54,8 +54,7 @@ class SSLCertExt : public ExtensionItem void unset(Extensible* container) { - void* old = unset_raw(container); - delete static_cast(old); + free(container, unset_raw(container)); } std::string serialize(SerializeFormat format, const Extensible* container, void* item) const CXX11_OVERRIDE @@ -189,6 +188,11 @@ class ModuleSSLInfo private: CommandSSLInfo cmd; + bool MatchFP(ssl_cert* const cert, const std::string& fp) const + { + return irc::spacesepstream(fp).Contains(cert->GetFingerprint()); + } + public: ModuleSSLInfo() : WebIRC::EventListener(this) @@ -232,7 +236,7 @@ class ModuleSSLInfo } std::string fingerprint; - if (ifo->oper_block->readString("fingerprint", fingerprint) && (!cert || cert->GetFingerprint() != fingerprint)) + if (ifo->oper_block->readString("fingerprint", fingerprint) && (!cert || !MatchFP(cert, fingerprint))) { user->WriteNumeric(ERR_NOOPERHOST, "This oper login requires a matching SSL certificate fingerprint."); user->CommandFloodPenalty += 10000; @@ -252,7 +256,7 @@ class ModuleSSLInfo return; const SSLIOHook* const ssliohook = SSLIOHook::IsSSL(&localuser->eh); - if (!ssliohook) + if (!ssliohook || cmd.sslapi.nosslext.get(localuser)) return; ssl_cert* const cert = ssliohook->GetCertificate(); @@ -276,7 +280,7 @@ class ModuleSSLInfo { OperInfo* ifo = i->second; std::string fp = ifo->oper_block->getString("fingerprint"); - if (fp == cert->fingerprint && ifo->oper_block->getBool("autologin")) + if (MatchFP(cert, fp) && ifo->oper_block->getBool("autologin")) user->Oper(ifo); } }