X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Ftransport.h;h=ceb16cb731fa4fee090e107484292375dbc96070;hb=6d57bbe05c31c79eaad02fe81cfb9c1ed6b79c58;hp=db289750850fe30b065656cd2bb5998f83c4025a;hpb=885d37630ef4b5b69c26c6eb3fc97e9cd2e35eae;p=user%2Fhenk%2Fcode%2Finspircd.git diff --git a/src/modules/transport.h b/src/modules/transport.h index db2897508..ceb16cb73 100644 --- a/src/modules/transport.h +++ b/src/modules/transport.h @@ -17,51 +17,29 @@ #include #include -/** A generic container for certificate data - */ -typedef std::map ssl_data; - -/** A shorthand way of representing an iterator into ssl_data - */ -typedef ssl_data::iterator ssl_data_iter; - /** ssl_cert is a class which abstracts SSL certificate * and key information. * * Because gnutls and openssl represent key information in * wildly different ways, this class allows it to be accessed * in a unified manner. These classes are attached to ssl- - * connected local users using Extensible::Extend() and the - * key 'ssl_cert'. + * connected local users using SSLCertExt */ -class ssl_cert : public Extensible +class ssl_cert { - /** Always contains an empty string - */ - const std::string empty; - public: - /** The data for this certificate - */ - ssl_data data; - - /** Default constructor, initializes 'empty' - */ - ssl_cert() : empty("") - { - } + std::string dn; + std::string issuer; + std::string error; + std::string fingerprint; + bool trusted, invalid, unknownsigner, revoked; /** Get certificate distinguished name * @return Certificate DN */ const std::string& GetDN() { - ssl_data_iter ssldi = data.find("dn"); - - if (ssldi != data.end()) - return ssldi->second; - else - return empty; + return dn; } /** Get Certificate issuer @@ -69,12 +47,7 @@ class ssl_cert : public Extensible */ const std::string& GetIssuer() { - ssl_data_iter ssldi = data.find("issuer"); - - if (ssldi != data.end()) - return ssldi->second; - else - return empty; + return issuer; } /** Get error string if an error has occured @@ -83,12 +56,7 @@ class ssl_cert : public Extensible */ const std::string& GetError() { - ssl_data_iter ssldi = data.find("error"); - - if (ssldi != data.end()) - return ssldi->second; - else - return empty; + return error; } /** Get key fingerprint. @@ -96,12 +64,7 @@ class ssl_cert : public Extensible */ const std::string& GetFingerprint() { - ssl_data_iter ssldi = data.find("fingerprint"); - - if (ssldi != data.end()) - return ssldi->second; - else - return empty; + return fingerprint; } /** Get trust status @@ -110,12 +73,7 @@ class ssl_cert : public Extensible */ bool IsTrusted() { - ssl_data_iter ssldi = data.find("trusted"); - - if (ssldi != data.end()) - return (ssldi->second == "1"); - else - return false; + return trusted; } /** Get validity status @@ -124,12 +82,7 @@ class ssl_cert : public Extensible */ bool IsInvalid() { - ssl_data_iter ssldi = data.find("invalid"); - - if (ssldi != data.end()) - return (ssldi->second == "1"); - else - return false; + return invalid; } /** Get signer status @@ -138,12 +91,7 @@ class ssl_cert : public Extensible */ bool IsUnknownSigner() { - ssl_data_iter ssldi = data.find("unknownsigner"); - - if (ssldi != data.end()) - return (ssldi->second == "1"); - else - return false; + return unknownsigner; } /** Get revokation status. @@ -153,12 +101,20 @@ class ssl_cert : public Extensible */ bool IsRevoked() { - ssl_data_iter ssldi = data.find("revoked"); + return revoked; + } - if (ssldi != data.end()) - return (ssldi->second == "1"); + std::string GetMetaLine() + { + std::stringstream value; + bool hasError = error.length(); + value << (IsInvalid() ? "v" : "V") << (IsTrusted() ? "T" : "t") << (IsRevoked() ? "R" : "r") + << (IsUnknownSigner() ? "s" : "S") << (hasError ? "E" : "e") << " "; + if (hasError) + value << GetError(); else - return false; + value << GetFingerprint() << " " << GetDN() << " " << GetIssuer(); + return value.str(); } }; @@ -227,11 +183,22 @@ class BufferedSocketNameRequest : public ISHRequest } }; -class BufferedSocketFingerprintRequest : public ISHRequest +struct BufferedSocketCertificateRequest : public Request { - public: - /** Initialize request as a fingerprint message */ - BufferedSocketFingerprintRequest(BufferedSocket* is, Module* Me, Module* Target) : ISHRequest(Me, Target, "GET_FP", is) + Extensible* const item; + ssl_cert* cert; + BufferedSocketCertificateRequest(Extensible* is, Module* Me, Module* Target) + : Request(Me, Target, "GET_CERT"), item(is), cert(NULL) + { + } +}; + +struct BufferedSocketFingerprintSubmission : public Request +{ + Extensible* const item; + ssl_cert* const cert; + BufferedSocketFingerprintSubmission(Extensible* is, Module* Me, Module* Target, ssl_cert* Cert) + : Request(Me, Target, "SET_CERT"), item(is), cert(Cert) { } };