X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fssl.h;h=4c877551d61f59ab951042682a8f59e0c665f115;hb=a5d110282a864fd2e91b51ce360a977cd0643657;hp=68f1910ff628329e71ec3f76c5caf5ff64792e92;hpb=55b81f917cd313a8814d3364048af0036b41a2ca;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/ssl.h b/src/modules/ssl.h index 68f1910ff..4c877551d 100644 --- a/src/modules/ssl.h +++ b/src/modules/ssl.h @@ -1,18 +1,25 @@ -/* +------------------------------------+ - * | Inspire Internet Relay Chat Daemon | - * +------------------------------------+ +/* + * InspIRCd -- Internet Relay Chat Daemon * - * InspIRCd: (C) 2002-2009 InspIRCd Development Team - * See: http://wiki.inspircd.org/Credits + * Copyright (C) 2009 Daniel De Graaf + * Copyright (C) 2006 Craig Edwards * - * This program is free but copyrighted software; see - * the file COPYING for details. + * This file is part of InspIRCd. InspIRCd is free software: you can + * redistribute it and/or modify it under the terms of the GNU General Public + * License as published by the Free Software Foundation, version 2. * - * --------------------------------------------------- + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more + * details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . */ -#ifndef __SSL_H__ -#define __SSL_H__ + +#ifndef SSL_H +#define SSL_H #include #include @@ -25,7 +32,7 @@ * in a unified manner. These classes are attached to ssl- * connected local users using SSLCertExt */ -class ssl_cert +class ssl_cert : public refcountbase { public: std::string dn; @@ -34,6 +41,8 @@ class ssl_cert std::string fingerprint; bool trusted, invalid, unknownsigner, revoked; + ssl_cert() : trusted(false), invalid(true), unknownsigner(true), revoked(false) {} + /** Get certificate distinguished name * @return Certificate DN */ @@ -104,10 +113,15 @@ class ssl_cert return revoked; } + bool IsCAVerified() + { + return trusted && !invalid && !revoked && !unknownsigner && error.empty(); + } + std::string GetMetaLine() { std::stringstream value; - bool hasError = error.length(); + bool hasError = !error.empty(); value << (IsInvalid() ? "v" : "V") << (IsTrusted() ? "T" : "t") << (IsRevoked() ? "R" : "r") << (IsUnknownSigner() ? "s" : "S") << (hasError ? "E" : "e") << " "; if (hasError) @@ -118,13 +132,14 @@ class ssl_cert } }; -struct SSLCertificateRequest : public Request +/** Get certificate from a socket (only useful with an SSL module) */ +struct SocketCertificateRequest : public Request { - Extensible* const item; + StreamSocket* const sock; ssl_cert* cert; - SSLCertificateRequest(Extensible* e, Module* Me, Module* info = ServerInstance->Modules->Find("m_sslinfo.so")) - : Request(Me, info, "GET_CERT"), item(e), cert(NULL) + SocketCertificateRequest(StreamSocket* ss, Module* Me) + : Request(Me, ss->GetIOHook(), "GET_SSL_CERT"), sock(ss), cert(NULL) { Send(); } @@ -137,12 +152,36 @@ struct SSLCertificateRequest : public Request } }; -struct SSLCertSubmission : public Request +/** Get certificate from a user (requires m_sslinfo) */ +struct UserCertificateRequest : public Request { - Extensible* const item; - ssl_cert* const cert; - SSLCertSubmission(Extensible* is, Module* Me, Module* Target, ssl_cert* Cert) - : Request(Me, Target, "SET_CERT"), item(is), cert(Cert) + User* const user; + ssl_cert* cert; + + UserCertificateRequest(User* u, Module* Me, Module* info = ServerInstance->Modules->Find("m_sslinfo.so")) + : Request(Me, info, "GET_USER_CERT"), user(u), cert(NULL) + { + Send(); + } + + std::string GetFingerprint() + { + if (cert) + return cert->GetFingerprint(); + return ""; + } +}; + +class SSLRawSessionRequest : public Request +{ + public: + const int fd; + void* data; + + SSLRawSessionRequest(int FD, Module* srcmod, Module* destmod) + : Request(srcmod, destmod, "GET_RAW_SSL_SESSION") + , fd(FD) + , data(NULL) { Send(); }