X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_sslmodes.cpp;h=65933cc141126a265f21a2c1bbcbfa987669fe5b;hb=ad523652ae0ab92df728796a1f082f339f6ddbb6;hp=360f63bc9cf8cb6b489bdf407bf864febc4db145;hpb=3d6d9cda32d72ff25cf6e624bb271b629898e018;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/m_sslmodes.cpp b/src/modules/m_sslmodes.cpp
index 360f63bc9..65933cc14 100644
--- a/src/modules/m_sslmodes.cpp
+++ b/src/modules/m_sslmodes.cpp
@@ -31,7 +31,13 @@
 class SSLMode : public ModeHandler
 {
  public:
-	SSLMode(Module* Creator) : ModeHandler(Creator, "sslonly", 'z', PARAM_NONE, MODETYPE_CHANNEL) { }
+	UserCertificateAPI API;
+
+	SSLMode(Module* Creator)
+		: ModeHandler(Creator, "sslonly", 'z', PARAM_NONE, MODETYPE_CHANNEL)
+		, API(Creator)
+	{
+	}
 
 	ModeAction OnModeChange(User* source, User* dest, Channel* channel, std::string &parameter, bool adding)
 	{
@@ -41,12 +47,14 @@ class SSLMode : public ModeHandler
 			{
 				if (IS_LOCAL(source))
 				{
+					if (!API)
+						return MODEACTION_DENY;
+
 					const UserMembList* userlist = channel->GetUsers();
 					for(UserMembCIter i = userlist->begin(); i != userlist->end(); i++)
 					{
-						UserCertificateRequest req(i->first, creator);
-						req.Send();
-						if(!req.cert && !ServerInstance->ULine(i->first->server))
+						ssl_cert* cert = API->GetCertificate(i->first);
+						if (!cert && !ServerInstance->ULine(i->first->server))
 						{
 							source->WriteNumeric(ERR_ALLMUSTSSL, "%s %s :all members of the channel must be connected via SSL", source->nick.c_str(), channel->name.c_str());
 							return MODEACTION_DENY;
@@ -96,9 +104,11 @@ class ModuleSSLModes : public Module
 	{
 		if(chan && chan->IsModeSet('z'))
 		{
-			UserCertificateRequest req(user, this);
-			req.Send();
-			if (req.cert)
+			if (!sslm.API)
+				return MOD_RES_DENY;
+
+			ssl_cert* cert = sslm.API->GetCertificate(user);
+			if (cert)
 			{
 				// Let them in
 				return MOD_RES_PASSTHRU;
@@ -118,9 +128,11 @@ class ModuleSSLModes : public Module
 	{
 		if ((mask.length() > 2) && (mask[0] == 'z') && (mask[1] == ':'))
 		{
-			UserCertificateRequest req(user, this);
-			req.Send();
-			if (req.cert && InspIRCd::Match(req.cert->GetFingerprint(), mask.substr(2)))
+			if (!sslm.API)
+				return MOD_RES_DENY;
+
+			ssl_cert* cert = sslm.API->GetCertificate(user);
+			if (cert && InspIRCd::Match(cert->GetFingerprint(), mask.substr(2)))
 				return MOD_RES_DENY;
 		}
 		return MOD_RES_PASSTHRU;