X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fm_sslmodes.cpp;h=fda90c3d8278c9b77cb934c6690cfec7be84cf0b;hb=HEAD;hp=dcf260be0d9086a58d50c5195bd685bee1bb9ea8;hpb=4a6fedd9324d87349a806c9c1d0ae6e7d3c1fd38;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/m_sslmodes.cpp b/src/modules/m_sslmodes.cpp index dcf260be0..fda90c3d8 100644 --- a/src/modules/m_sslmodes.cpp +++ b/src/modules/m_sslmodes.cpp @@ -1,10 +1,11 @@ /* * InspIRCd -- Internet Relay Chat Daemon * - * Copyright (C) 2013, 2017-2019 Sadie Powell + * Copyright (C) 2020 Matt Schatz + * Copyright (C) 2013, 2017-2020 Sadie Powell * Copyright (C) 2013 Shawn Smith * Copyright (C) 2012-2014 Attila Molnar - * Copyright (C) 2012, 2019 Robby + * Copyright (C) 2012 Robby * Copyright (C) 2009-2010 Daniel De Graaf * Copyright (C) 2009 Uli Schlachter * Copyright (C) 2008 Robin Burchell @@ -33,6 +34,8 @@ enum { // From UnrealIRCd. ERR_SECUREONLYCHAN = 489, + + // InspIRCd-specific. ERR_ALLMUSTSSL = 490 }; @@ -60,7 +63,7 @@ class SSLMode : public ModeHandler { if (!API) { - source->WriteNumeric(ERR_ALLMUSTSSL, channel->name, "Unable to determine whether all members of the channel are connected via SSL"); + source->WriteNumeric(ERR_ALLMUSTSSL, channel->name, "Unable to determine whether all members of the channel are connected via TLS (SSL)"); return MODEACTION_DENY; } @@ -75,7 +78,7 @@ class SSLMode : public ModeHandler if (nonssl) { - source->WriteNumeric(ERR_ALLMUSTSSL, channel->name, InspIRCd::Format("All members of the channel must be connected via SSL (%lu/%lu are non-SSL)", + source->WriteNumeric(ERR_ALLMUSTSSL, channel->name, InspIRCd::Format("All members of the channel must be connected via TLS (SSL) (%lu/%lu are non-TLS (SSL))", nonssl, static_cast(userlist.size()))); return MODEACTION_DENY; } @@ -119,27 +122,14 @@ class SSLModeUser : public ModeHandler ModeAction OnModeChange(User* user, User* dest, Channel* channel, std::string& parameter, bool adding) CXX11_OVERRIDE { - if (adding) - { - if (!dest->IsModeSet(this)) - { - if (!API || !API->GetCertificate(user)) - return MODEACTION_DENY; + if (adding == dest->IsModeSet(this)) + return MODEACTION_DENY; - dest->SetMode(this, true); - return MODEACTION_ALLOW; - } - } - else - { - if (dest->IsModeSet(this)) - { - dest->SetMode(this, false); - return MODEACTION_ALLOW; - } - } + if (adding && IS_LOCAL(user) && (!API || !API->GetCertificate(user))) + return MODEACTION_DENY; - return MODEACTION_DENY; + dest->SetMode(this, adding); + return MODEACTION_ALLOW; } }; @@ -167,13 +157,13 @@ class ModuleSSLModes { if (!api) { - user->WriteNumeric(ERR_SECUREONLYCHAN, cname, "Cannot join channel; unable to determine if you are an SSL user (+z is set)"); + user->WriteNumeric(ERR_SECUREONLYCHAN, cname, "Cannot join channel; unable to determine if you are a TLS (SSL) user (+z is set)"); return MOD_RES_DENY; } if (!api->GetCertificate(user)) { - user->WriteNumeric(ERR_SECUREONLYCHAN, cname, "Cannot join channel; SSL users only (+z is set)"); + user->WriteNumeric(ERR_SECUREONLYCHAN, cname, "Cannot join channel; TLS (SSL) users only (+z is set)"); return MOD_RES_DENY; } } @@ -188,7 +178,7 @@ class ModuleSSLModes User* target = msgtarget.Get(); - /* If one or more of the parties involved is a ulined service, we wont stop it. */ + /* If one or more of the parties involved is a ulined service, we won't stop it. */ if (user->server->IsULine() || target->server->IsULine()) return MOD_RES_PASSTHRU; @@ -243,7 +233,7 @@ class ModuleSSLModes Version GetVersion() CXX11_OVERRIDE { - return Version("Adds channel mode z (sslonly) which prevents users who are not connecting using SSL from joining the channel and user mode z (sslqueries) to prevent messages from non-SSL users.", VF_VENDOR); + return Version("Adds channel mode z (sslonly) which prevents users who are not connecting using TLS (SSL) from joining the channel and user mode z (sslqueries) to prevent messages from non-TLS (SSL) users.", VF_VENDOR); } };