Added extra key length checks, documented encryption in example conf

author brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>

Mon, 19 Dec 2005 15:44:40 +0000 (15:44 +0000)

committer brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>

Mon, 19 Dec 2005 15:44:40 +0000 (15:44 +0000)
author brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>
Mon, 19 Dec 2005 15:44:40 +0000 (15:44 +0000)
committer brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>
Mon, 19 Dec 2005 15:44:40 +0000 (15:44 +0000)
diff --git a/conf/inspircd.conf.example b/conf/inspircd.conf.example

index ac48be1ee6db277afc30d5805f9a599c5c9077f5..b77df99c1cb2f9017a412cf3480531631967f2b6 100644 (file)
--- a/conf/inspircd.conf.example
+++ b/conf/inspircd.conf.example
@@ -240,17 +240,29 @@
  # Defines which servers can link to this one, and which servers this  #
  # server may create outbound links to.                                #
  #                                                                     #
  # Defines which servers can link to this one, and which servers this  #
  # server may create outbound links to.                                #
  #                                                                     #
-# name        - The name is the canocial name of the server, it does  #
-#               not have to resolve - but it is expected to be sent   #
-#               in the remote servers connection info.                #
-# ipaddr      - Valid host or ip address for remote server. *         #
-# port        - Valid listening UDP port for remote server.           #
-# sendpass    - Password to send to create an outbound connection to  #
-#               this server.                                          #
-# recvpass    - Password to receive to accept an inbound connection   #
-#               from this server.                                     #
-# autoconnect - Sets the server to autoconnect. Where x is the number #
-# (optional)    of seconds between attempts.  300 = 5 minutes         #
+# name          - The name is the canocial name of the server, it does#
+#                 not have to resolve - but it is expected to be sent #
+#                 in the remote servers connection info.              #
+#                                                                     #
+# ipaddr        - Valid host or ip address for remote server. *       #
+#                                                                     #
+# port          - Valid listening UDP port for remote server.         #
+#                                                                     #
+# sendpass      - Password to send to create an outbound connection   #
+#                 to this server.                                     #
+#                                                                     #
+# recvpass      - Password to receive to accept an inbound connection #
+#                 from this server.                                   #
+#                                                                     #
+# autoconnect   - Sets the server to autoconnect. x is the number     #
+# (optional)      of seconds between attempts.  300 = 5 minutes       #
+#                                                                     #
+# encryptionkey - The encryption key to use to encrypt this link.     #
+# (optional)      Applicable when using m_spanningtree.so, the key    #
+#                 must be EXACTLY 16, 24 or 32 characters long and    #
+#                 must match on both ends of the link. Each link may  #
+#                 have its own key so long as both ends of the link   #
+#                 use the same key string.                            #
  #                                                                     #
  # to u:line a server (give it extra privilages required for running   #
  # services, Q, etc) you must include the <uline server> tag as shown  #
  #                                                                     #
  # to u:line a server (give it extra privilages required for running   #
  # services, Q, etc) you must include the <uline server> tag as shown  #
@@ -272,7 +284,8 @@
         port="7000"
          autoconnect="300"
         sendpass="outgoing!password"
         port="7000"
          autoconnect="300"
         sendpass="outgoing!password"
-       recvpass="incoming!password">
+       recvpass="incoming!password"
+       encryptionkey="0123456789123456">
  
  <link name="services.antarctic.com"
         ipaddr="localhost"
  
  <link name="services.antarctic.com"
         ipaddr="localhost"
diff --git a/src/modules/m_spanningtree.cpp b/src/modules/m_spanningtree.cpp

index 10da3222c27924a025572f9f8bf84073e144523f..6e2760e6256846834422919f3f20655885ae264f 100644 (file)
--- a/src/modules/m_spanningtree.cpp
+++ b/src/modules/m_spanningtree.cpp
@@ -612,8 +612,15 @@ class TreeSocket : public InspSocket
                                 {
                                         if (x->EncryptionKey != "")
                                         {
                                 {
                                         if (x->EncryptionKey != "")
                                         {
-                                               this->WriteLine("AES "+Srv->GetServerName());
-                                               this->InitAES(x->EncryptionKey,x->Name);
+                                               if (!(x->EncryptionKey.length() == 16 || x->EncryptionKey.length() == 24 || x->EncryptionKey.length() == 32))
+                                               {
+                                                       WriteOpers("\2WARNING\2: Your encryption key is NOT 16, 24 or 32 characters in length, encryption will \2NOT\2 be enabled.");
+                                               }
+                                               else
+                                               {
+                                                       this->WriteLine("AES "+Srv->GetServerName());
+                                                       this->InitAES(x->EncryptionKey,x->Name);
+                                               }
                                         }
                                         /* found who we're supposed to be connecting to, send the neccessary gubbins. */
                                         this->WriteLine("SERVER "+Srv->GetServerName()+" "+x->SendPass+" 0 :"+Srv->GetServerDescription());
                                         }
                                         /* found who we're supposed to be connecting to, send the neccessary gubbins. */
                                         this->WriteLine("SERVER "+Srv->GetServerName()+" "+x->SendPass+" 0 :"+Srv->GetServerDescription());
@@ -1719,7 +1726,11 @@ class TreeSocket : public InspSocket
                          }
                          return true;
                 }
                          }
                          return true;
                 }
-               
+               else if ((this->ctx) && (command == "AES"))
+               {
+                       WriteOpers("\2AES\2: Encryption already enabled on this connection yet %s is trying to enable it twice!",params[0].c_str());
+               }
+
                 switch (this->LinkState)
                 {
                         TreeServer* Node;
                 switch (this->LinkState)
                 {
                         TreeServer* Node;
author	brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>
	Mon, 19 Dec 2005 15:44:40 +0000 (15:44 +0000)
committer	brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>
	Mon, 19 Dec 2005 15:44:40 +0000 (15:44 +0000)
conf/inspircd.conf.example		patch \| blob \| history
src/modules/m_spanningtree.cpp		patch \| blob \| history