From be11282fb8cb197fd18c89623de26a07dd860257 Mon Sep 17 00:00:00 2001
From: brain <brain@e03df62e-2008-0410-955e-edbf42e46eb7>
Date: Tue, 20 Dec 2005 09:58:03 +0000
Subject: [PATCH] Added stricter checking for encryption on connect, if enabled

git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@2584 e03df62e-2008-0410-955e-edbf42e46eb7
---
 src/modules/m_spanningtree.cpp | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/modules/m_spanningtree.cpp b/src/modules/m_spanningtree.cpp
index 6e2760e62..e42a7def0 100644
--- a/src/modules/m_spanningtree.cpp
+++ b/src/modules/m_spanningtree.cpp
@@ -1620,6 +1620,15 @@ class TreeSocket : public InspSocket
 					this->WriteLine("ERROR :Server "+servername+" already exists on server "+CheckDupe->GetParent()->GetName()+"!");
 					return false;
 				}
+				/* If the config says this link is encrypted, but the remote side
+				 * hasnt bothered to send the AES command before SERVER, then we
+				 * boot them off as we MUST have this connection encrypted.
+				 */
+				if ((x->EncryptionKey != "") && (!this->ctx))
+				{
+					this->WriteLine("ERROR :This link requires AES encryption to be enabled. Plaintext connection refused.");
+					return false;
+				}
 				Srv->SendOpers("*** Verified incoming server connection from \002"+servername+"\002["+this->GetIP()+"] ("+description+")");
 				this->InboundServerName = servername;
 				this->InboundDescription = description;
-- 
2.39.5