Some updates to INFO.
*/
LocalList local_users;
+ /** Last used already sent id, used when sending messages to neighbors to help determine whether the message has
+ * been sent to a particular user or not. See User::ForEachNeighbor() for more info.
+ */
+ already_sent_t already_sent_id;
+
public:
/** Constructor, initializes variables
*/
*/
unsigned int unregistered_count;
- /**
- * Reset the already_sent IDs so we don't wrap it around and drop a message
- */
- void GarbageCollect();
-
/** Perform background user events such as PING checks
*/
void DoBackgroundUserStuff();
* @param ... The format arguments
*/
void ServerNoticeAll(const char* text, ...) CUSTOM_PRINTF(2, 3);
+
+ /** Retrieves the next already sent id, guaranteed to be not equal to any user's already_sent field
+ * @return Next already_sent id
+ */
+ already_sent_t NextAlreadySentId();
};
*/
unsigned int CommandFloodPenalty;
- static already_sent_t already_sent_id;
already_sent_t already_sent;
/** Check if the user matches a G or K line, and disconnect them if they do.
OLDTIME = TIME.tv_sec;
if ((TIME.tv_sec % 3600) == 0)
- {
- Users->GarbageCollect();
FOREACH_MOD(OnGarbageCollect, ());
- }
Timers.TickTimers(TIME.tv_sec);
Users->DoBackgroundUserStuff();
return dh;
}
- /** Generate */
- static std::auto_ptr<DHParams> Generate(unsigned int bits)
- {
- std::auto_ptr<DHParams> dh(new DHParams);
- ThrowOnError(gnutls_dh_params_generate2(dh->dh_params, bits), "Unable to generate DH params");
- return dh;
- }
-
~DHParams()
{
gnutls_dh_params_deinit(dh_params);
{
gnutls_priority_set(sess, priority);
}
+
+ static const char* GetDefault()
+ {
+ return "NORMAL:%SERVER_PRECEDENCE:-VERS-SSL3.0";
+ }
+
+ static std::string RemoveUnknownTokens(const std::string& prio)
+ {
+ std::string ret;
+ irc::sepstream ss(prio, ':');
+ for (std::string token; ss.GetToken(token); )
+ {
+ // Save current position so we can revert later if needed
+ const std::string::size_type prevpos = ret.length();
+ // Append next token
+ if (!ret.empty())
+ ret.push_back(':');
+ ret.append(token);
+
+ gnutls_priority_t test;
+ if (gnutls_priority_init(&test, ret.c_str(), NULL) < 0)
+ {
+ // The new token broke the priority string, revert to the previously working one
+ ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "Priority string token not recognized: \"%s\"", token.c_str());
+ ret.erase(prevpos);
+ }
+ else
+ {
+ // Worked
+ gnutls_priority_deinit(test);
+ }
+ }
+ return ret;
+ }
};
#else
/** Dummy class, used when gnutls_priority_set() is not available
public:
Priority(const std::string& priorities)
{
- if (priorities != "NORMAL")
+ if (priorities != GetDefault())
throw Exception("You've set a non-default priority string, but GnuTLS lacks support for it");
}
// Always set the default priorities
gnutls_set_default_priority(sess);
}
+
+ static const char* GetDefault()
+ {
+ return "NORMAL";
+ }
+
+ static std::string RemoveUnknownTokens(const std::string& prio)
+ {
+ // We don't do anything here because only NORMAL is accepted
+ return prio;
+ }
};
#endif
return ret;
}
+ static std::string GetPrioStr(const std::string& profilename, ConfigTag* tag)
+ {
+ // Use default priority string if this tag does not specify one
+ std::string priostr = GnuTLS::Priority::GetDefault();
+ bool found = tag->readString("priority", priostr);
+ // If the prio string isn't set in the config don't be strict about the default one because it doesn't work on all versions of GnuTLS
+ if (!tag->getBool("strictpriority", found))
+ {
+ std::string stripped = GnuTLS::Priority::RemoveUnknownTokens(priostr);
+ if (stripped.empty())
+ {
+ // Stripping failed, act as if a prio string wasn't set
+ stripped = GnuTLS::Priority::RemoveUnknownTokens(GnuTLS::Priority::GetDefault());
+ ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Priority string for profile \"%s\" contains unknown tokens and stripping it didn't yield a working one either, falling back to \"%s\"", profilename.c_str(), stripped.c_str());
+ }
+ else if ((found) && (stripped != priostr))
+ {
+ // Prio string was set in the config and we ended up with something that works but different
+ ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Priority string for profile \"%s\" contains unknown tokens, stripped to \"%s\"", profilename.c_str(), stripped.c_str());
+ }
+ priostr.swap(stripped);
+ }
+ return priostr;
+ }
+
public:
static reference<Profile> Create(const std::string& profilename, ConfigTag* tag)
{
std::string certstr = ReadFile(tag->getString("certfile", "cert.pem"));
std::string keystr = ReadFile(tag->getString("keyfile", "key.pem"));
- std::auto_ptr<DHParams> dh;
- int gendh = tag->getInt("gendh");
- if (gendh)
- {
- gendh = (gendh < 1024 ? 1024 : gendh);
- dh = DHParams::Generate(gendh);
- }
- else
- dh = DHParams::Import(ReadFile(tag->getString("dhfile", "dhparams.pem")));
+ std::auto_ptr<DHParams> dh = DHParams::Import(ReadFile(tag->getString("dhfile", "dhparams.pem")));
- // Use default priority string if this tag does not specify one
- std::string priostr = tag->getString("priority", "NORMAL");
+ std::string priostr = GetPrioStr(profilename, tag);
unsigned int mindh = tag->getInt("mindhbits", 1024);
std::string hashstr = tag->getString("hash", "md5");
long setoptions = tag->getInt(ctxname + "setoptions");
long clearoptions = tag->getInt(ctxname + "clearoptions");
#ifdef SSL_OP_NO_COMPRESSION
- if (!tag->getBool("compression", true))
+ if (!tag->getBool("compression", false)) // Disable compression by default
setoptions |= SSL_OP_NO_COMPRESSION;
#endif
- if (!tag->getBool("sslv3", true))
+ if (!tag->getBool("sslv3", false)) // Disable SSLv3 by default
setoptions |= SSL_OP_NO_SSLv3;
if (!tag->getBool("tlsv1", true))
setoptions |= SSL_OP_NO_TLSv1;
return 1;
}
+ static int destroy(BIO* bio)
+ {
+ // XXX: Dummy function to avoid a memory leak in OpenSSL.
+ // The memory leak happens in BIO_free() (bio_lib.c) when the destroy func of the BIO is NULL.
+ // This is fixed in OpenSSL but some distros still ship the unpatched version hence we provide this workaround.
+ return 1;
+ }
+
static long ctrl(BIO* bio, int cmd, long num, void* ptr)
{
if (cmd == BIO_CTRL_FLUSH)
NULL, // gets
OpenSSL::BIOMethod::ctrl,
OpenSSL::BIOMethod::create,
- NULL, // destroy, NULL causes older OpenSSL to leak memory in BIO_free() (bio_lib.c)
+ OpenSSL::BIOMethod::destroy, // destroy, does nothing, see function body for more info
NULL // callback_ctrl
};
// GetFullHost() returns the original data at the time this function is called
const std::string quitline = ":" + user->GetFullHost() + " QUIT :" + quitmsg;
- already_sent_t silent_id = ++LocalUser::already_sent_id;
- already_sent_t seen_id = ++LocalUser::already_sent_id;
+ already_sent_t silent_id = ServerInstance->Users.NextAlreadySentId();
+ already_sent_t seen_id = ServerInstance->Users.NextAlreadySentId();
IncludeChanList include_chans(user->chans.begin(), user->chans.end());
std::map<User*,bool> exceptions;
}
UserManager::UserManager()
- : unregistered_count(0)
+ : already_sent_id(0)
+ , unregistered_count(0)
{
}
}
}
-void UserManager::GarbageCollect()
-{
- // Reset the already_sent IDs so we don't wrap it around and drop a message
- LocalUser::already_sent_id = 0;
- for (LocalList::const_iterator i = local_users.begin(); i != local_users.end(); ++i)
- (**i).already_sent = 0;
-}
-
/* this returns true when all modules are satisfied that the user should be allowed onto the irc server
* (until this returns true, a user will block in the waiting state, waiting to connect up to the
* registration timeout maximum seconds)
}
}
}
+
+already_sent_t UserManager::NextAlreadySentId()
+{
+ if (++already_sent_id == 0)
+ {
+ // Wrapped around, reset the already_sent ids of all users
+ already_sent_id = 1;
+ for (LocalList::iterator i = local_users.begin(); i != local_users.end(); ++i)
+ {
+ LocalUser* user = *i;
+ user->already_sent = 0;
+ }
+ }
+ return already_sent_id;
+}
#include "inspircd.h"
#include "xline.h"
-already_sent_t LocalUser::already_sent_id = 0;
-
bool User::IsNoticeMaskSet(unsigned char sm)
{
if (!isalpha(sm))
FOREACH_MOD(OnBuildNeighborList, (this, include_chans, exceptions));
// Get next id, guaranteed to differ from the already_sent field of all users
- const already_sent_t newid = ++LocalUser::already_sent_id;
+ const already_sent_t newid = ServerInstance->Users.NextAlreadySentId();
// Handle exceptions first
for (std::map<User*, bool>::const_iterator i = exceptions.begin(); i != exceptions.end(); ++i)
projects / user / henk / code / inspircd.git / commitdiff