X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_sslmodes.cpp;h=bc5cb56752314693c108ad697e0f9500454d2403;hb=d848034590bc402277da975b7efdbc78ce1722fc;hp=1ff93b7adaabd99c6fbbadf9593e8aa5c139b249;hpb=e57d1b19ff4823b7885eb7f4d3b37c84d2edca0e;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/m_sslmodes.cpp b/src/modules/m_sslmodes.cpp
index 1ff93b7ad..bc5cb5675 100644
--- a/src/modules/m_sslmodes.cpp
+++ b/src/modules/m_sslmodes.cpp
@@ -1,12 +1,16 @@
 /*
  * InspIRCd -- Internet Relay Chat Daemon
  *
- *   Copyright (C) 2013 Shawn Smith <shawn@inspircd.org>
- *   Copyright (C) 2009 Daniel De Graaf <danieldg@inspircd.org>
- *   Copyright (C) 2007 Robin Burchell <robin+git@viroteck.net>
+ *   Copyright (C) 2020 Matt Schatz <genius3000@g3k.solutions>
+ *   Copyright (C) 2013, 2017-2020 Sadie Powell <sadie@witchery.services>
+ *   Copyright (C) 2013 Shawn Smith <ShawnSmith0828@gmail.com>
+ *   Copyright (C) 2012-2014 Attila Molnar <attilamolnar@hush.com>
+ *   Copyright (C) 2012 Robby <robby@chatbelgie.be>
+ *   Copyright (C) 2009-2010 Daniel De Graaf <danieldg@inspircd.org>
+ *   Copyright (C) 2009 Uli Schlachter <psychon@inspircd.org>
+ *   Copyright (C) 2008 Robin Burchell <robin+git@viroteck.net>
  *   Copyright (C) 2007 Dennis Friis <peavey@inspircd.org>
- *   Copyright (C) 2006 Craig Edwards <craigedwards@brainbox.cc>
- *   Copyright (C) 2006 Oliver Lupton <oliverlupton@gmail.com>
+ *   Copyright (C) 2006-2007, 2010 Craig Edwards <brain@inspircd.org>
  *
  * This file is part of InspIRCd.  InspIRCd is free software: you can
  * redistribute it and/or modify it under the terms of the GNU General Public
@@ -57,19 +61,24 @@ class SSLMode : public ModeHandler
 				{
 					if (!API)
 					{
-						source->WriteNumeric(ERR_ALLMUSTSSL, channel->name, "Unable to determine whether all members of the channel are connected via SSL");
+						source->WriteNumeric(ERR_ALLMUSTSSL, channel->name, "Unable to determine whether all members of the channel are connected via TLS (SSL)");
 						return MODEACTION_DENY;
 					}
 
+					unsigned long nonssl = 0;
 					const Channel::MemberMap& userlist = channel->GetUsers();
 					for (Channel::MemberMap::const_iterator i = userlist.begin(); i != userlist.end(); ++i)
 					{
 						ssl_cert* cert = API->GetCertificate(i->first);
 						if (!cert && !i->first->server->IsULine())
-						{
-							source->WriteNumeric(ERR_ALLMUSTSSL, channel->name, "all members of the channel must be connected via SSL");
-							return MODEACTION_DENY;
-						}
+							nonssl++;
+					}
+
+					if (nonssl)
+					{
+						source->WriteNumeric(ERR_ALLMUSTSSL, channel->name, InspIRCd::Format("All members of the channel must be connected via TLS (SSL) (%lu/%lu are non-TLS (SSL))",
+							nonssl, static_cast<unsigned long>(userlist.size())));
+						return MODEACTION_DENY;
 					}
 				}
 				channel->SetMode(this, true);
@@ -159,13 +168,13 @@ class ModuleSSLModes
 		{
 			if (!api)
 			{
-				user->WriteNumeric(ERR_SECUREONLYCHAN, cname, "Cannot join channel; unable to determine if you are an SSL user (+z)");
+				user->WriteNumeric(ERR_SECUREONLYCHAN, cname, "Cannot join channel; unable to determine if you are a TLS (SSL) user (+z is set)");
 				return MOD_RES_DENY;
 			}
 
 			if (!api->GetCertificate(user))
 			{
-				user->WriteNumeric(ERR_SECUREONLYCHAN, cname, "Cannot join channel; SSL users only (+z)");
+				user->WriteNumeric(ERR_SECUREONLYCHAN, cname, "Cannot join channel; TLS (SSL) users only (+z is set)");
 				return MOD_RES_DENY;
 			}
 		}
@@ -180,7 +189,7 @@ class ModuleSSLModes
 
 		User* target = msgtarget.Get<User>();
 
-		/* If one or more of the parties involved is a ulined service, we wont stop it. */
+		/* If one or more of the parties involved is a ulined service, we won't stop it. */
 		if (user->server->IsULine() || target->server->IsULine())
 			return MOD_RES_PASSTHRU;
 
@@ -190,7 +199,7 @@ class ModuleSSLModes
 			if (!api || !api->GetCertificate(user))
 			{
 				/* The sending user is not on an SSL connection */
-				user->WriteNumeric(ERR_CANTSENDTOUSER, target->nick, "You are not permitted to send private messages to this user (+z set)");
+				user->WriteNumeric(Numerics::CannotSendTo(target, "messages", &sslquery));
 				return MOD_RES_DENY;
 			}
 		}
@@ -199,7 +208,7 @@ class ModuleSSLModes
 		{
 			if (!api || !api->GetCertificate(target))
 			{
-				user->WriteNumeric(ERR_CANTSENDTOUSER, target->nick, "You must remove user mode 'z' before you are able to send private messages to a non-SSL user.");
+				user->WriteNumeric(Numerics::CannotSendTo(target, "messages", &sslquery, true));
 				return MOD_RES_DENY;
 			}
 		}
@@ -235,7 +244,7 @@ class ModuleSSLModes
 
 	Version GetVersion() CXX11_OVERRIDE
 	{
-		return Version("Provides user and channel mode +z to allow for SSL-only channels, queries and notices", VF_VENDOR);
+		return Version("Adds channel mode z (sslonly) which prevents users who are not connecting using TLS (SSL) from joining the channel and user mode z (sslqueries) to prevent messages from non-TLS (SSL) users.", VF_VENDOR);
 	}
 };