X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_sslmodes.cpp;h=c81c7420783747b7d0d560b475224a5a5a925a5c;hb=a5d110282a864fd2e91b51ce360a977cd0643657;hp=b190cfc3985e55e81d3a3510cb263aebdd3595e2;hpb=1524caf2f799cff54c2de330c9670a0b761ba3d8;p=user%2Fhenk%2Fcode%2Finspircd.git

diff --git a/src/modules/m_sslmodes.cpp b/src/modules/m_sslmodes.cpp
index b190cfc39..c81c74207 100644
--- a/src/modules/m_sslmodes.cpp
+++ b/src/modules/m_sslmodes.cpp
@@ -1,27 +1,37 @@
-/*       +------------------------------------+
- *       | Inspire Internet Relay Chat Daemon |
- *       +------------------------------------+
+/*
+ * InspIRCd -- Internet Relay Chat Daemon
  *
- *  InspIRCd: (C) 2002-2009 InspIRCd Development Team
- * See: http://wiki.inspircd.org/Credits
+ *   Copyright (C) 2009 Daniel De Graaf <danieldg@inspircd.org>
+ *   Copyright (C) 2007 Robin Burchell <robin+git@viroteck.net>
+ *   Copyright (C) 2007 Dennis Friis <peavey@inspircd.org>
+ *   Copyright (C) 2006 Craig Edwards <craigedwards@brainbox.cc>
+ *   Copyright (C) 2006 Oliver Lupton <oliverlupton@gmail.com>
  *
- * This program is free but copyrighted software; see
- *            the file COPYING for details.
+ * This file is part of InspIRCd.  InspIRCd is free software: you can
+ * redistribute it and/or modify it under the terms of the GNU General Public
+ * License as published by the Free Software Foundation, version 2.
  *
- * ---------------------------------------------------
+ * This program is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+ * FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more
+ * details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+
 #include "inspircd.h"
-#include "transport.h"
+#include "ssl.h"
 
-/* $ModDesc: Provides support for unreal-style channel mode +z */
+/* $ModDesc: Provides channel mode +z to allow for Secure/SSL only channels */
 
 /** Handle channel mode +z
  */
 class SSLMode : public ModeHandler
 {
  public:
-	SSLMode(InspIRCd* Instance, Module* Creator) : ModeHandler(Creator, 'z', PARAM_NONE, MODETYPE_CHANNEL) { }
+	SSLMode(Module* Creator) : ModeHandler(Creator, "sslonly", 'z', PARAM_NONE, MODETYPE_CHANNEL) { }
 
 	ModeAction OnModeChange(User* source, User* dest, Channel* channel, std::string &parameter, bool adding)
 	{
@@ -34,7 +44,7 @@ class SSLMode : public ModeHandler
 					const UserMembList* userlist = channel->GetUsers();
 					for(UserMembCIter i = userlist->begin(); i != userlist->end(); i++)
 					{
-						BufferedSocketCertificateRequest req(i->first, creator, i->first->GetIOHook());
+						UserCertificateRequest req(i->first, creator);
 						req.Send();
 						if(!req.cert && !ServerInstance->ULine(i->first->server))
 						{
@@ -70,20 +80,23 @@ class ModuleSSLModes : public Module
 	SSLMode sslm;
 
  public:
-	ModuleSSLModes(InspIRCd* Me)
-		: Module(Me), sslm(Me, this)
+	ModuleSSLModes()
+		: sslm(this)
+	{
+	}
+
+	void init()
 	{
-		if (!ServerInstance->Modes->AddMode(&sslm))
-			throw ModuleException("Could not add new modes!");
+		ServerInstance->Modules->AddService(sslm);
 		Implementation eventlist[] = { I_OnUserPreJoin, I_OnCheckBan, I_On005Numeric };
-		ServerInstance->Modules->Attach(eventlist, this, 3);
+		ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation));
 	}
 
 	ModResult OnUserPreJoin(User* user, Channel* chan, const char* cname, std::string &privs, const std::string &keygiven)
 	{
 		if(chan && chan->IsModeSet('z'))
 		{
-			BufferedSocketCertificateRequest req(user, this, user->GetIOHook());
+			UserCertificateRequest req(user, this);
 			req.Send();
 			if (req.cert)
 			{
@@ -101,18 +114,20 @@ class ModuleSSLModes : public Module
 		return MOD_RES_PASSTHRU;
 	}
 
-	ModResult OnCheckBan(User *user, Channel *c)
+	ModResult OnCheckBan(User *user, Channel *c, const std::string& mask)
 	{
-		BufferedSocketCertificateRequest req(user, this, user->GetIOHook());
-		req.Send();
-		if (req.cert)
-			return c->GetExtBanStatus(req.cert->GetFingerprint(), 'z');
+		if ((mask.length() > 2) && (mask[0] == 'z') && (mask[1] == ':'))
+		{
+			UserCertificateRequest req(user, this);
+			req.Send();
+			if (req.cert && InspIRCd::Match(req.cert->GetFingerprint(), mask.substr(2)))
+				return MOD_RES_DENY;
+		}
 		return MOD_RES_PASSTHRU;
 	}
 
 	~ModuleSSLModes()
 	{
-		ServerInstance->Modes->DelMode(&sslm);
 	}
 
 	void On005Numeric(std::string &output)
@@ -122,7 +137,7 @@ class ModuleSSLModes : public Module
 
 	Version GetVersion()
 	{
-		return Version("$Id$", VF_COMMON | VF_VENDOR, API_VERSION);
+		return Version("Provides channel mode +z to allow for Secure/SSL only channels", VF_VENDOR);
 	}
 };