diff options
author | attilamolnar <attilamolnar@hush.com> | 2012-07-26 23:39:07 +0200 |
---|---|---|
committer | attilamolnar <attilamolnar@hush.com> | 2012-07-27 00:08:21 +0200 |
commit | 6dbcfc3858cf58fa457bf6990760083c8a051feb (patch) | |
tree | f7b0e5291152167693ef61ab359e8e4dede247ad /src/modules | |
parent | 2f4c812e7cfb4b5a5497098127f4ffbe68d91dd2 (diff) |
m_ssl_openssl Port ISUPPORT changes from m_ssl_gnutls to fix #261
Add a config option that can be used to set the value of the SSL token in ISUPPORT (77b42efc86122d3720f85bddd85a2dc80d0baff9)
Advertise only one ssl port by default in ISUPPORT (d30cdacab7100426c3773eafffd50aebf8155bba)
Diffstat (limited to 'src/modules')
-rw-r--r-- | src/modules/extra/m_ssl_openssl.cpp | 24 |
1 files changed, 19 insertions, 5 deletions
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index 649b425c2..a8020bba1 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -159,20 +159,34 @@ class ModuleSSLOpenSSL : public Module if (Conf->getBool("showports", true)) { + sslports = Conf->getString("advertisedports"); + if (!sslports.empty()) + return; + for (size_t i = 0; i < ServerInstance->ports.size(); i++) { ListenSocket* port = ServerInstance->ports[i]; if (port->bind_tag->getString("ssl") != "openssl") continue; - std::string portid = port->bind_desc; + const std::string& portid = port->bind_desc; ServerInstance->Logs->Log("m_ssl_openssl", DEFAULT, "m_ssl_openssl.so: Enabling SSL for port %s", portid.c_str()); + if (port->bind_tag->getString("type", "clients") == "clients" && port->bind_addr != "127.0.0.1") - sslports.append(portid).append(";"); + { + /* + * Found an SSL port for clients that is not bound to 127.0.0.1 and handled by us, display + * the IP:port in ISUPPORT. + * + * We used to advertise all ports seperated by a ';' char that matched the above criteria, + * but this resulted in too long ISUPPORT lines if there were lots of ports to be displayed. + * To solve this by default we now only display the first IP:port found and let the user + * configure the exact value for the 005 token, if necessary. + */ + sslports = portid; + break; + } } - - if (!sslports.empty()) - sslports.erase(sslports.end() - 1); } } |