X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Fssl.h;h=8792d6ebcc767428177faf2eb9bef12bf42920a6;hb=6c2edc2c5ab07a1fa8c32d3fa9abd6b9149b804c;hp=68f1910ff628329e71ec3f76c5caf5ff64792e92;hpb=55b81f917cd313a8814d3364048af0036b41a2ca;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/ssl.h b/src/modules/ssl.h index 68f1910ff..8792d6ebc 100644 --- a/src/modules/ssl.h +++ b/src/modules/ssl.h @@ -1,18 +1,25 @@ -/* +------------------------------------+ - * | Inspire Internet Relay Chat Daemon | - * +------------------------------------+ +/* + * InspIRCd -- Internet Relay Chat Daemon * - * InspIRCd: (C) 2002-2009 InspIRCd Development Team - * See: http://wiki.inspircd.org/Credits + * Copyright (C) 2009 Daniel De Graaf + * Copyright (C) 2006 Craig Edwards * - * This program is free but copyrighted software; see - * the file COPYING for details. + * This file is part of InspIRCd. InspIRCd is free software: you can + * redistribute it and/or modify it under the terms of the GNU General Public + * License as published by the Free Software Foundation, version 2. * - * --------------------------------------------------- + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS + * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more + * details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . */ -#ifndef __SSL_H__ -#define __SSL_H__ + +#ifndef SSL_H +#define SSL_H #include #include @@ -25,7 +32,7 @@ * in a unified manner. These classes are attached to ssl- * connected local users using SSLCertExt */ -class ssl_cert +class ssl_cert : public refcountbase { public: std::string dn; @@ -34,6 +41,8 @@ class ssl_cert std::string fingerprint; bool trusted, invalid, unknownsigner, revoked; + ssl_cert() : trusted(false), invalid(true), unknownsigner(true), revoked(false) {} + /** Get certificate distinguished name * @return Certificate DN */ @@ -104,6 +113,11 @@ class ssl_cert return revoked; } + bool IsCAVerified() + { + return trusted && !invalid && !revoked && !unknownsigner && error.empty(); + } + std::string GetMetaLine() { std::stringstream value; @@ -118,13 +132,14 @@ class ssl_cert } }; -struct SSLCertificateRequest : public Request +/** Get certificate from a socket (only useful with an SSL module) */ +struct SocketCertificateRequest : public Request { - Extensible* const item; + StreamSocket* const sock; ssl_cert* cert; - SSLCertificateRequest(Extensible* e, Module* Me, Module* info = ServerInstance->Modules->Find("m_sslinfo.so")) - : Request(Me, info, "GET_CERT"), item(e), cert(NULL) + SocketCertificateRequest(StreamSocket* ss, Module* Me) + : Request(Me, ss->GetIOHook(), "GET_SSL_CERT"), sock(ss), cert(NULL) { Send(); } @@ -137,15 +152,24 @@ struct SSLCertificateRequest : public Request } }; -struct SSLCertSubmission : public Request +/** Get certificate from a user (requires m_sslinfo) */ +struct UserCertificateRequest : public Request { - Extensible* const item; - ssl_cert* const cert; - SSLCertSubmission(Extensible* is, Module* Me, Module* Target, ssl_cert* Cert) - : Request(Me, Target, "SET_CERT"), item(is), cert(Cert) + User* const user; + ssl_cert* cert; + + UserCertificateRequest(User* u, Module* Me, Module* info = ServerInstance->Modules->Find("m_sslinfo.so")) + : Request(Me, info, "GET_USER_CERT"), user(u), cert(NULL) { Send(); } + + std::string GetFingerprint() + { + if (cert) + return cert->GetFingerprint(); + return ""; + } }; #endif