summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/modules/extra/m_ssl_gnutls.cpp51
-rw-r--r--src/modules/extra/m_ssl_openssl.cpp49
-rw-r--r--src/modules/m_ssl_data.cpp123
-rw-r--r--src/modules/m_ssl_dummy.cpp80
4 files changed, 131 insertions, 172 deletions
diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp
index 90005648a..8b865c559 100644
--- a/src/modules/extra/m_ssl_gnutls.cpp
+++ b/src/modules/extra/m_ssl_gnutls.cpp
@@ -129,10 +129,11 @@ class ModuleSSLGnuTLS : public Module
// Void return, guess we assume success
gnutls_certificate_set_dh_params(x509_cred, dh_params);
- Implementation eventlist[] = { I_On005Numeric, I_OnRawSocketConnect, I_OnRawSocketAccept, I_OnRawSocketClose, I_OnRawSocketRead, I_OnRawSocketWrite, I_OnCleanup,
- I_OnBufferFlushed, I_OnRequest, I_OnSyncUserMetaData, I_OnDecodeMetaData,
- I_OnUnloadModule, I_OnRehash, I_OnModuleRehash, I_OnWhois, I_OnPostConnect, I_OnEvent, I_OnHookUserIO };
- ServerInstance->Modules->Attach(eventlist, this, 18);
+ Implementation eventlist[] = { I_On005Numeric, I_OnRawSocketConnect, I_OnRawSocketAccept,
+ I_OnRawSocketClose, I_OnRawSocketRead, I_OnRawSocketWrite, I_OnCleanup,
+ I_OnBufferFlushed, I_OnRequest, I_OnUnloadModule, I_OnRehash, I_OnModuleRehash,
+ I_OnPostConnect, I_OnEvent, I_OnHookUserIO };
+ ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation));
starttls = new CommandStartTLS(ServerInstance, this);
ServerInstance->AddCommand(starttls);
@@ -617,48 +618,6 @@ class ModuleSSLGnuTLS : public Module
return ret < 1 ? 0 : ret;
}
- // :kenny.chatspike.net 320 Om Epy|AFK :is a Secure Connection
- virtual void OnWhois(User* source, User* dest)
- {
- if (!clientactive)
- return;
-
- // Bugfix, only send this numeric for *our* SSL users
- if (dest->GetExt("ssl"))
- {
- ServerInstance->SendWhoisLine(source, dest, 320, "%s %s :is using a secure connection", source->nick.c_str(), dest->nick.c_str());
- }
- }
-
- virtual void OnSyncUserMetaData(User* user, Module* proto, void* opaque, const std::string &extname, bool displayable)
- {
- // check if the linking module wants to know about OUR metadata
- if(extname == "ssl")
- {
- // check if this user has an swhois field to send
- if(user->GetExt(extname))
- {
- // call this function in the linking module, let it format the data how it
- // sees fit, and send it on its way. We dont need or want to know how.
- proto->ProtoSendMetaData(opaque, TYPE_USER, user, extname, displayable ? "Enabled" : "ON");
- }
- }
- }
-
- virtual void OnDecodeMetaData(int target_type, void* target, const std::string &extname, const std::string &extdata)
- {
- // check if its our metadata key, and its associated with a user
- if ((target_type == TYPE_USER) && (extname == "ssl"))
- {
- User* dest = (User*)target;
- // if they dont already have an ssl flag, accept the remote server's
- if (!dest->GetExt(extname))
- {
- dest->Extend(extname, "ON");
- }
- }
- }
-
bool Handshake(issl_session* session, int fd)
{
int ret = gnutls_handshake(session->sess);
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index 20803e082..f2f2801b4 100644
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -152,10 +152,9 @@ class ModuleSSLOpenSSL : public Module
OnModuleRehash(NULL,"ssl");
Implementation eventlist[] = { I_OnRawSocketConnect, I_OnRawSocketAccept,
I_OnRawSocketClose, I_OnRawSocketRead, I_OnRawSocketWrite, I_OnCleanup, I_On005Numeric,
- I_OnBufferFlushed, I_OnRequest, I_OnSyncUserMetaData, I_OnDecodeMetaData,
- I_OnUnloadModule, I_OnRehash, I_OnModuleRehash, I_OnWhois, I_OnPostConnect,
- I_OnHookUserIO };
- ServerInstance->Modules->Attach(eventlist, this, 17);
+ I_OnBufferFlushed, I_OnRequest, I_OnUnloadModule, I_OnRehash, I_OnModuleRehash,
+ I_OnPostConnect, I_OnHookUserIO };
+ ServerInstance->Modules->Attach(eventlist, this, sizeof(eventlist)/sizeof(Implementation));
}
virtual void OnHookUserIO(User* user, const std::string &targetip)
@@ -709,48 +708,6 @@ class ModuleSSLOpenSSL : public Module
}
}
- // :kenny.chatspike.net 320 Om Epy|AFK :is a Secure Connection
- virtual void OnWhois(User* source, User* dest)
- {
- if (!clientactive)
- return;
-
- // Bugfix, only send this numeric for *our* SSL users
- if (dest->GetExt("ssl", dummy))
- {
- ServerInstance->SendWhoisLine(source, dest, 320, "%s %s :is using a secure connection", source->nick.c_str(), dest->nick.c_str());
- }
- }
-
- virtual void OnSyncUserMetaData(User* user, Module* proto, void* opaque, const std::string &extname, bool displayable)
- {
- // check if the linking module wants to know about OUR metadata
- if (extname == "ssl")
- {
- // check if this user has an swhois field to send
- if(user->GetExt(extname, dummy))
- {
- // call this function in the linking module, let it format the data how it
- // sees fit, and send it on its way. We dont need or want to know how.
- proto->ProtoSendMetaData(opaque, TYPE_USER, user, extname, displayable ? "Enabled" : "ON");
- }
- }
- }
-
- virtual void OnDecodeMetaData(int target_type, void* target, const std::string &extname, const std::string &extdata)
- {
- // check if its our metadata key, and its associated with a user
- if ((target_type == TYPE_USER) && (extname == "ssl"))
- {
- User* dest = (User*)target;
- // if they dont already have an ssl flag, accept the remote server's
- if (!dest->GetExt(extname, dummy))
- {
- dest->Extend(extname, "ON");
- }
- }
- }
-
bool Handshake(issl_session* session)
{
int ret;
diff --git a/src/modules/m_ssl_data.cpp b/src/modules/m_ssl_data.cpp
new file mode 100644
index 000000000..0ce760971
--- /dev/null
+++ b/src/modules/m_ssl_data.cpp
@@ -0,0 +1,123 @@
+/* +------------------------------------+
+ * | Inspire Internet Relay Chat Daemon |
+ * +------------------------------------+
+ *
+ * InspIRCd: (C) 2002-2009 InspIRCd Development Team
+ * See: http://wiki.inspircd.org/Credits
+ *
+ * This program is free but copyrighted software; see
+ * the file COPYING for details.
+ *
+ * ---------------------------------------------------
+ */
+
+#include "inspircd.h"
+#include "transport.h"
+
+/* $ModDesc: Provides SSL metadata and /WHOIS information */
+class ModuleSSLData : public Module
+{
+ public:
+ ModuleSSLData(InspIRCd* Me) : Module(Me)
+ {
+ Implementation eventlist[] = { I_OnSyncUserMetaData, I_OnDecodeMetaData, I_OnWhois };
+ ServerInstance->Modules->Attach(eventlist, this, 3);
+ }
+
+ virtual Version GetVersion()
+ {
+ return Version("$Id$", VF_VENDOR|VF_COMMON, API_VERSION);
+ }
+
+
+ // :kenny.chatspike.net 320 Om Epy|AFK :is a Secure Connection
+ virtual void OnWhois(User* source, User* dest)
+ {
+ if(dest->GetExt("ssl"))
+ {
+ ServerInstance->SendWhoisLine(source, dest, 320, "%s %s :is using a secure connection", source->nick.c_str(), dest->nick.c_str());
+ }
+ }
+
+ virtual void OnSyncUserMetaData(User* user, Module* proto, void* opaque, const std::string &extname, bool displayable)
+ {
+ // check if the linking module wants to know about OUR metadata
+ if (extname == "ssl")
+ {
+ // check if this user has an ssl field to send
+ if (!user->GetExt(extname))
+ return;
+
+ // call this function in the linking module, let it format the data how it
+ // sees fit, and send it on its way. We dont need or want to know how.
+ proto->ProtoSendMetaData(opaque, TYPE_USER, user, extname, displayable ? "Enabled" : "ON");
+ }
+ else if (extname == "ssl_cert")
+ {
+ ssl_cert* cert;
+ if (!user->GetExt("ssl_cert", cert))
+ return;
+
+ std::stringstream value;
+ bool hasError = cert->GetError().length();
+ value << (cert->IsInvalid() ? "v" : "V") << (cert->IsTrusted() ? "T" : "t") << (cert->IsRevoked() ? "R" : "r")
+ << (cert->IsUnknownSigner() ? "s" : "S") << (hasError ? "E" : "e") << " ";
+ if (hasError)
+ value << cert->GetError();
+ else
+ value << cert->GetFingerprint() << " " << cert->GetDN() << " " << cert->GetIssuer();
+
+ proto->ProtoSendMetaData(opaque, TYPE_USER, user, extname, value.str().c_str());
+ }
+ }
+
+ virtual void OnDecodeMetaData(int target_type, void* target, const std::string &extname, const std::string &extdata)
+ {
+ // check if its our metadata key, and its associated with a user
+ if ((target_type == TYPE_USER) && (extname == "ssl"))
+ {
+ User* dest = static_cast<User*>(target);
+ // if they dont already have an ssl flag, accept the remote server's
+ if (!dest->GetExt(extname))
+ {
+ dest->Extend(extname);
+ }
+ }
+ else if ((target_type == TYPE_USER) && (extname == "ssl_cert"))
+ {
+ User* dest = static_cast<User*>(target);
+ if (dest->GetExt(extname))
+ return;
+
+ ssl_cert* cert = new ssl_cert;
+ dest->Extend(extname, cert);
+
+ std::stringstream s(extdata);
+ std::string v;
+ getline(s,v,' ');
+
+ cert->data.insert(std::make_pair("invalid", ConvToStr(v.find('v') != std::string::npos)));
+ cert->data.insert(std::make_pair("trusted", ConvToStr(v.find('T') != std::string::npos)));
+ cert->data.insert(std::make_pair("revoked", ConvToStr(v.find('R') != std::string::npos)));
+ cert->data.insert(std::make_pair("unknownsigner", ConvToStr(v.find('s') != std::string::npos)));
+ if (v.find('E') != std::string::npos)
+ {
+ getline(s,v,'\n');
+ cert->data.insert(std::make_pair("error", v));
+ }
+ else
+ {
+ getline(s,v,' ');
+ cert->data.insert(std::make_pair("fingerprint", v));
+
+ getline(s,v,' ');
+ cert->data.insert(std::make_pair("dn", v));
+
+ getline(s,v,'\n');
+ cert->data.insert(std::make_pair("issuer", v));
+ }
+ }
+ }
+};
+
+MODULE_INIT(ModuleSSLData)
diff --git a/src/modules/m_ssl_dummy.cpp b/src/modules/m_ssl_dummy.cpp
deleted file mode 100644
index dd61e747e..000000000
--- a/src/modules/m_ssl_dummy.cpp
+++ /dev/null
@@ -1,80 +0,0 @@
-/* +------------------------------------+
- * | Inspire Internet Relay Chat Daemon |
- * +------------------------------------+
- *
- * InspIRCd: (C) 2002-2009 InspIRCd Development Team
- * See: http://wiki.inspircd.org/Credits
- *
- * This program is free but copyrighted software; see
- * the file COPYING for details.
- *
- * ---------------------------------------------------
- */
-
-#include "inspircd.h"
-
-/* $ModDesc: Makes remote /whoises to SSL servers work on a non-ssl server */
-
-class ModuleSSLDummy : public Module
-{
-
- char* dummy;
- public:
-
- ModuleSSLDummy(InspIRCd* Me) : Module(Me)
- {
-
- Implementation eventlist[] = { I_OnSyncUserMetaData, I_OnDecodeMetaData, I_OnWhois };
- ServerInstance->Modules->Attach(eventlist, this, 3);
- }
-
- virtual ~ModuleSSLDummy()
- {
- }
-
- virtual Version GetVersion()
- {
- return Version("$Id$", VF_VENDOR, API_VERSION);
- }
-
-
- // :kenny.chatspike.net 320 Om Epy|AFK :is a Secure Connection
- virtual void OnWhois(User* source, User* dest)
- {
- if(dest->GetExt("ssl", dummy))
- {
- ServerInstance->SendWhoisLine(source, dest, 320, "%s %s :is using a secure connection", source->nick.c_str(), dest->nick.c_str());
- }
- }
-
- virtual void OnSyncUserMetaData(User* user, Module* proto, void* opaque, const std::string &extname, bool displayable)
- {
- // check if the linking module wants to know about OUR metadata
- if(extname == "ssl")
- {
- // check if this user has an ssl field to send
- if(user->GetExt(extname, dummy))
- {
- // call this function in the linking module, let it format the data how it
- // sees fit, and send it on its way. We dont need or want to know how.
- proto->ProtoSendMetaData(opaque, TYPE_USER, user, extname, displayable ? "Enabled" : "ON");
- }
- }
- }
-
- virtual void OnDecodeMetaData(int target_type, void* target, const std::string &extname, const std::string &extdata)
- {
- // check if its our metadata key, and its associated with a user
- if ((target_type == TYPE_USER) && (extname == "ssl"))
- {
- User* dest = (User*)target;
- // if they dont already have an ssl flag, accept the remote server's
- if (!dest->GetExt(extname, dummy))
- {
- dest->Extend(extname, "ON");
- }
- }
- }
-};
-
-MODULE_INIT(ModuleSSLDummy)