diff options
| author | danieldg <danieldg@e03df62e-2008-0410-955e-edbf42e46eb7> | 2010-02-15 18:04:53 +0000 |
|---|---|---|
| committer | danieldg <danieldg@e03df62e-2008-0410-955e-edbf42e46eb7> | 2010-02-15 18:04:53 +0000 |
| commit | 56d733a9fa9477d281b62ac9237eb7ac8356340d (patch) | |
| tree | b521a5c0bcbc7692659994af33fb02c85034e241 /src/modules/m_sslinfo.cpp | |
| parent | 065d1788b602c807a4d669ba413a175c0059e357 (diff) | |
Add <oper:autologin> to allow SSL fingerprint-based automatic oper login
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@12467 e03df62e-2008-0410-955e-edbf42e46eb7
Diffstat (limited to 'src/modules/m_sslinfo.cpp')
| -rw-r--r-- | src/modules/m_sslinfo.cpp | 36 |
1 files changed, 24 insertions, 12 deletions
diff --git a/src/modules/m_sslinfo.cpp b/src/modules/m_sslinfo.cpp index b9e9fb146..578b07c22 100644 --- a/src/modules/m_sslinfo.cpp +++ b/src/modules/m_sslinfo.cpp @@ -130,8 +130,8 @@ class ModuleSSLInfo : public Module ServerInstance->Extensions.Register(&cmd.CertExt); - Implementation eventlist[] = { I_OnWhois, I_OnPreCommand, I_OnSetConnectClass }; - ServerInstance->Modules->Attach(eventlist, this, 3); + Implementation eventlist[] = { I_OnWhois, I_OnPreCommand, I_OnSetConnectClass, I_OnUserConnect }; + ServerInstance->Modules->Attach(eventlist, this, 4); } Version GetVersion() @@ -199,18 +199,35 @@ class ModuleSSLInfo : public Module return MOD_RES_PASSTHRU; } + void OnUserConnect(LocalUser* user) + { + SocketCertificateRequest req(&user->eh, this); + if (!req.cert) + return; + cmd.CertExt.set(user, req.cert); + if (req.cert->fingerprint.empty()) + return; + // find an auto-oper block for this user + for(OperIndex::iterator i = ServerInstance->Config->oper_blocks.begin(); i != ServerInstance->Config->oper_blocks.end(); i++) + { + OperInfo* ifo = i->second; + std::string fp = ifo->oper_block->getString("fingerprint"); + if (fp == req.cert->fingerprint && ifo->oper_block->getBool("autologin")) + user->Oper(ifo); + } + } + ModResult OnSetConnectClass(LocalUser* user, ConnectClass* myclass) { SocketCertificateRequest req(&user->eh, this); - req.Send(); bool ok = true; - if (myclass->config->getBool("requiressl")) + if (myclass->config->getString("requiressl") == "trusted") { - ok = (req.cert != NULL); + ok = (req.cert && req.cert->IsCAVerified()); } - else if (myclass->config->getString("requiressl") == "trusted") + else if (myclass->config->getBool("requiressl")) { - ok = (req.cert && req.cert->IsCAVerified()); + ok = (req.cert != NULL); } if (!ok) @@ -225,11 +242,6 @@ class ModuleSSLInfo : public Module UserCertificateRequest& req = static_cast<UserCertificateRequest&>(request); req.cert = cmd.CertExt.get(req.user); } - else if (strcmp("SET_CERT", request.id) == 0) - { - SSLCertSubmission& req = static_cast<SSLCertSubmission&>(request); - cmd.CertExt.set(req.item, req.cert); - } } }; |