summaryrefslogtreecommitdiff
path: root/src/modules/extra
diff options
context:
space:
mode:
Diffstat (limited to 'src/modules/extra')
-rw-r--r--src/modules/extra/m_ssl_gnutls.cpp33
1 files changed, 14 insertions, 19 deletions
diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp
index df77d8ae4..8254fec9d 100644
--- a/src/modules/extra/m_ssl_gnutls.cpp
+++ b/src/modules/extra/m_ssl_gnutls.cpp
@@ -414,44 +414,39 @@ class ModuleSSLGnuTLS : public Module
}
}
- void OnStreamSocketAccept(StreamSocket* user, irc::sockets::sockaddrs* client, irc::sockets::sockaddrs* server)
+ void InitSession(StreamSocket* user, bool me_server)
{
- int fd = user->GetFd();
- issl_session* session = &sessions[fd];
-
- /* For STARTTLS: Don't try and init a session on a socket that already has a session */
- if (session->sess)
- return;
+ issl_session* session = &sessions[user->GetFd()];
- gnutls_init(&session->sess, GNUTLS_SERVER);
+ gnutls_init(&session->sess, me_server ? GNUTLS_SERVER : GNUTLS_CLIENT);
gnutls_set_default_priority(session->sess); // Avoid calling all the priority functions, defaults are adequate.
gnutls_credentials_set(session->sess, GNUTLS_CRD_CERTIFICATE, x509_cred);
gnutls_dh_set_prime_bits(session->sess, dh_bits);
-
gnutls_transport_set_ptr(session->sess, reinterpret_cast<gnutls_transport_ptr_t>(user));
gnutls_transport_set_push_function(session->sess, gnutls_push_wrapper);
gnutls_transport_set_pull_function(session->sess, gnutls_pull_wrapper);
- gnutls_certificate_server_set_request(session->sess, GNUTLS_CERT_REQUEST); // Request client certificate if any.
+ if (me_server)
+ gnutls_certificate_server_set_request(session->sess, GNUTLS_CERT_REQUEST); // Request client certificate if any.
Handshake(session, user);
}
- void OnStreamSocketConnect(StreamSocket* user)
+ void OnStreamSocketAccept(StreamSocket* user, irc::sockets::sockaddrs* client, irc::sockets::sockaddrs* server)
{
issl_session* session = &sessions[user->GetFd()];
- gnutls_init(&session->sess, GNUTLS_CLIENT);
+ /* For STARTTLS: Don't try and init a session on a socket that already has a session */
+ if (session->sess)
+ return;
- gnutls_set_default_priority(session->sess); // Avoid calling all the priority functions, defaults are adequate.
- gnutls_credentials_set(session->sess, GNUTLS_CRD_CERTIFICATE, x509_cred);
- gnutls_dh_set_prime_bits(session->sess, dh_bits);
- gnutls_transport_set_ptr(session->sess, reinterpret_cast<gnutls_transport_ptr_t>(user));
- gnutls_transport_set_push_function(session->sess, gnutls_push_wrapper);
- gnutls_transport_set_pull_function(session->sess, gnutls_pull_wrapper);
+ InitSession(user, true);
+ }
- Handshake(session, user);
+ void OnStreamSocketConnect(StreamSocket* user)
+ {
+ InitSession(user, false);
}
void OnStreamSocketClose(StreamSocket* user)