X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_sslmodes.cpp;h=1a596f5e0424b0332b344566e965ef9011132425;hb=3ccf0065d43db80f31c6404aeac4d65551481508;hp=bfd05238d30d60534e555fa950707eb060652170;hpb=988d8218071b504521bd1da6c2275db877d857b9;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/m_sslmodes.cpp b/src/modules/m_sslmodes.cpp
index bfd05238d..1a596f5e0 100644
--- a/src/modules/m_sslmodes.cpp
+++ b/src/modules/m_sslmodes.cpp
@@ -24,36 +24,42 @@
 #include "inspircd.h"
 #include "modules/ssl.h"
 
-/* $ModDesc: Provides channel mode +z to allow for Secure/SSL only channels */
-
 /** Handle channel mode +z
  */
 class SSLMode : public ModeHandler
 {
  public:
-	SSLMode(Module* Creator) : ModeHandler(Creator, "sslonly", 'z', PARAM_NONE, MODETYPE_CHANNEL) { }
+	UserCertificateAPI API;
+
+	SSLMode(Module* Creator)
+		: ModeHandler(Creator, "sslonly", 'z', PARAM_NONE, MODETYPE_CHANNEL)
+		, API(Creator)
+	{
+	}
 
 	ModeAction OnModeChange(User* source, User* dest, Channel* channel, std::string &parameter, bool adding)
 	{
 		if (adding)
 		{
-			if (!channel->IsModeSet('z'))
+			if (!channel->IsModeSet(this))
 			{
 				if (IS_LOCAL(source))
 				{
-					const UserMembList* userlist = channel->GetUsers();
-					for(UserMembCIter i = userlist->begin(); i != userlist->end(); i++)
+					if (!API)
+						return MODEACTION_DENY;
+
+					const Channel::MemberMap& userlist = channel->GetUsers();
+					for (Channel::MemberMap::const_iterator i = userlist.begin(); i != userlist.end(); ++i)
 					{
-						UserCertificateRequest req(i->first, creator);
-						req.Send();
-						if(!req.cert && !ServerInstance->ULine(i->first->server))
+						ssl_cert* cert = API->GetCertificate(i->first);
+						if (!cert && !i->first->server->IsULine())
 						{
-							source->WriteNumeric(ERR_ALLMUSTSSL, "%s %s :all members of the channel must be connected via SSL", source->nick.c_str(), channel->name.c_str());
+							source->WriteNumeric(ERR_ALLMUSTSSL, "%s :all members of the channel must be connected via SSL", channel->name.c_str());
 							return MODEACTION_DENY;
 						}
 					}
 				}
-				channel->SetMode('z',true);
+				channel->SetMode(this, true);
 				return MODEACTION_ALLOW;
 			}
 			else
@@ -63,9 +69,9 @@ class SSLMode : public ModeHandler
 		}
 		else
 		{
-			if (channel->IsModeSet('z'))
+			if (channel->IsModeSet(this))
 			{
-				channel->SetMode('z',false);
+				channel->SetMode(this, false);
 				return MODEACTION_ALLOW;
 			}
 
@@ -85,20 +91,15 @@ class ModuleSSLModes : public Module
 	{
 	}
 
-	void init()
-	{
-		ServerInstance->Modules->AddService(sslm);
-		Implementation eventlist[] = { I_OnUserPreJoin, I_OnCheckBan, I_On005Numeric };
-		ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation));
-	}
-
-	ModResult OnUserPreJoin(LocalUser* user, Channel* chan, const std::string& cname, std::string& privs, const std::string& keygiven)
+	ModResult OnUserPreJoin(LocalUser* user, Channel* chan, const std::string& cname, std::string& privs, const std::string& keygiven) CXX11_OVERRIDE
 	{
-		if(chan && chan->IsModeSet('z'))
+		if(chan && chan->IsModeSet(sslm))
 		{
-			UserCertificateRequest req(user, this);
-			req.Send();
-			if (req.cert)
+			if (!sslm.API)
+				return MOD_RES_DENY;
+
+			ssl_cert* cert = sslm.API->GetCertificate(user);
+			if (cert)
 			{
 				// Let them in
 				return MOD_RES_PASSTHRU;
@@ -106,7 +107,7 @@ class ModuleSSLModes : public Module
 			else
 			{
 				// Deny
-				user->WriteServ( "489 %s %s :Cannot join channel; SSL users only (+z)", user->nick.c_str(), cname.c_str());
+				user->WriteNumeric(489, "%s :Cannot join channel; SSL users only (+z)", cname.c_str());
 				return MOD_RES_DENY;
 			}
 		}
@@ -114,24 +115,26 @@ class ModuleSSLModes : public Module
 		return MOD_RES_PASSTHRU;
 	}
 
-	ModResult OnCheckBan(User *user, Channel *c, const std::string& mask)
+	ModResult OnCheckBan(User *user, Channel *c, const std::string& mask) CXX11_OVERRIDE
 	{
 		if ((mask.length() > 2) && (mask[0] == 'z') && (mask[1] == ':'))
 		{
-			UserCertificateRequest req(user, this);
-			req.Send();
-			if (req.cert && InspIRCd::Match(req.cert->GetFingerprint(), mask.substr(2)))
+			if (!sslm.API)
+				return MOD_RES_DENY;
+
+			ssl_cert* cert = sslm.API->GetCertificate(user);
+			if (cert && InspIRCd::Match(cert->GetFingerprint(), mask.substr(2)))
 				return MOD_RES_DENY;
 		}
 		return MOD_RES_PASSTHRU;
 	}
 
-	void On005Numeric(std::map<std::string, std::string>& tokens)
+	void On005Numeric(std::map<std::string, std::string>& tokens) CXX11_OVERRIDE
 	{
 		tokens["EXTBAN"].push_back('z');
 	}
 
-	Version GetVersion()
+	Version GetVersion() CXX11_OVERRIDE
 	{
 		return Version("Provides channel mode +z to allow for Secure/SSL only channels", VF_VENDOR);
 	}