summaryrefslogtreecommitdiff
path: root/src/modules
diff options
context:
space:
mode:
authorattilamolnar <attilamolnar@hush.com>2012-07-26 23:39:07 +0200
committerattilamolnar <attilamolnar@hush.com>2012-07-27 00:08:21 +0200
commit6dbcfc3858cf58fa457bf6990760083c8a051feb (patch)
treef7b0e5291152167693ef61ab359e8e4dede247ad /src/modules
parent2f4c812e7cfb4b5a5497098127f4ffbe68d91dd2 (diff)
m_ssl_openssl Port ISUPPORT changes from m_ssl_gnutls to fix #261
Add a config option that can be used to set the value of the SSL token in ISUPPORT (77b42efc86122d3720f85bddd85a2dc80d0baff9) Advertise only one ssl port by default in ISUPPORT (d30cdacab7100426c3773eafffd50aebf8155bba)
Diffstat (limited to 'src/modules')
-rw-r--r--src/modules/extra/m_ssl_openssl.cpp24
1 files changed, 19 insertions, 5 deletions
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index 649b425c2..a8020bba1 100644
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -159,20 +159,34 @@ class ModuleSSLOpenSSL : public Module
if (Conf->getBool("showports", true))
{
+ sslports = Conf->getString("advertisedports");
+ if (!sslports.empty())
+ return;
+
for (size_t i = 0; i < ServerInstance->ports.size(); i++)
{
ListenSocket* port = ServerInstance->ports[i];
if (port->bind_tag->getString("ssl") != "openssl")
continue;
- std::string portid = port->bind_desc;
+ const std::string& portid = port->bind_desc;
ServerInstance->Logs->Log("m_ssl_openssl", DEFAULT, "m_ssl_openssl.so: Enabling SSL for port %s", portid.c_str());
+
if (port->bind_tag->getString("type", "clients") == "clients" && port->bind_addr != "127.0.0.1")
- sslports.append(portid).append(";");
+ {
+ /*
+ * Found an SSL port for clients that is not bound to 127.0.0.1 and handled by us, display
+ * the IP:port in ISUPPORT.
+ *
+ * We used to advertise all ports seperated by a ';' char that matched the above criteria,
+ * but this resulted in too long ISUPPORT lines if there were lots of ports to be displayed.
+ * To solve this by default we now only display the first IP:port found and let the user
+ * configure the exact value for the 005 token, if necessary.
+ */
+ sslports = portid;
+ break;
+ }
}
-
- if (!sslports.empty())
- sslports.erase(sslports.end() - 1);
}
}