diff options
Diffstat (limited to 'src/modules/extra')
-rw-r--r-- | src/modules/extra/m_ssl_gnutls.cpp | 58 | ||||
-rw-r--r-- | src/modules/extra/m_ssl_openssl.cpp | 22 |
2 files changed, 25 insertions, 55 deletions
diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp index 8b865c559..4ff5a9062 100644 --- a/src/modules/extra/m_ssl_gnutls.cpp +++ b/src/modules/extra/m_ssl_gnutls.cpp @@ -749,42 +749,14 @@ class ModuleSSLGnuTLS : public Module if (ret < 0) { - certinfo->data.insert(std::make_pair("error",std::string(gnutls_strerror(ret)))); + certinfo->error = std::string(gnutls_strerror(ret)); return; } - if (status & GNUTLS_CERT_INVALID) - { - certinfo->data.insert(std::make_pair("invalid",ConvToStr(1))); - } - else - { - certinfo->data.insert(std::make_pair("invalid",ConvToStr(0))); - } - if (status & GNUTLS_CERT_SIGNER_NOT_FOUND) - { - certinfo->data.insert(std::make_pair("unknownsigner",ConvToStr(1))); - } - else - { - certinfo->data.insert(std::make_pair("unknownsigner",ConvToStr(0))); - } - if (status & GNUTLS_CERT_REVOKED) - { - certinfo->data.insert(std::make_pair("revoked",ConvToStr(1))); - } - else - { - certinfo->data.insert(std::make_pair("revoked",ConvToStr(0))); - } - if (status & GNUTLS_CERT_SIGNER_NOT_CA) - { - certinfo->data.insert(std::make_pair("trusted",ConvToStr(0))); - } - else - { - certinfo->data.insert(std::make_pair("trusted",ConvToStr(1))); - } + certinfo->invalid = (status & GNUTLS_CERT_INVALID); + certinfo->unknownsigner = (status & GNUTLS_CERT_SIGNER_NOT_FOUND); + certinfo->revoked = (status & GNUTLS_CERT_REVOKED); + certinfo->trusted = !(status & GNUTLS_CERT_SIGNER_NOT_CA); /* Up to here the process is the same for X.509 certificates and * OpenPGP keys. From now on X.509 certificates are assumed. This can @@ -792,14 +764,14 @@ class ModuleSSLGnuTLS : public Module */ if (gnutls_certificate_type_get(session->sess) != GNUTLS_CRT_X509) { - certinfo->data.insert(std::make_pair("error","No X509 keys sent")); + certinfo->error = "No X509 keys sent"; return; } ret = gnutls_x509_crt_init(&cert); if (ret < 0) { - certinfo->data.insert(std::make_pair("error",gnutls_strerror(ret))); + certinfo->error = gnutls_strerror(ret); return; } @@ -807,7 +779,7 @@ class ModuleSSLGnuTLS : public Module cert_list = gnutls_certificate_get_peers(session->sess, &cert_list_size); if (cert_list == NULL) { - certinfo->data.insert(std::make_pair("error","No certificate was found")); + certinfo->error = "No certificate was found"; return; } @@ -818,32 +790,30 @@ class ModuleSSLGnuTLS : public Module ret = gnutls_x509_crt_import(cert, &cert_list[0], GNUTLS_X509_FMT_DER); if (ret < 0) { - certinfo->data.insert(std::make_pair("error",gnutls_strerror(ret))); + certinfo->error = gnutls_strerror(ret); return; } gnutls_x509_crt_get_dn(cert, name, &name_size); - - certinfo->data.insert(std::make_pair("dn",name)); + certinfo->dn = name; gnutls_x509_crt_get_issuer_dn(cert, name, &name_size); - - certinfo->data.insert(std::make_pair("issuer",name)); + certinfo->issuer = name; if ((ret = gnutls_x509_crt_get_fingerprint(cert, GNUTLS_DIG_MD5, digest, &digest_size)) < 0) { - certinfo->data.insert(std::make_pair("error",gnutls_strerror(ret))); + certinfo->error = gnutls_strerror(ret); } else { - certinfo->data.insert(std::make_pair("fingerprint",irc::hex(digest, digest_size))); + certinfo->fingerprint = irc::hex(digest, digest_size); } /* Beware here we do not check for errors. */ if ((gnutls_x509_crt_get_expiration_time(cert) < ServerInstance->Time()) || (gnutls_x509_crt_get_activation_time(cert) > ServerInstance->Time())) { - certinfo->data.insert(std::make_pair("error","Not activated, or expired certificate")); + certinfo->error = "Not activated, or expired certificate"; } gnutls_x509_crt_deinit(cert); diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index f2f2801b4..6aaf8ab1f 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -839,38 +839,38 @@ class ModuleSSLOpenSSL : public Module if (!cert) { - certinfo->data.insert(std::make_pair("error","Could not get peer certificate: "+std::string(get_error()))); + certinfo->error = "Could not get peer certificate: "+std::string(get_error()); return; } - certinfo->data.insert(std::make_pair("invalid", SSL_get_verify_result(session->sess) != X509_V_OK ? ConvToStr(1) : ConvToStr(0))); + certinfo->invalid = (SSL_get_verify_result(session->sess) != X509_V_OK); if (SelfSigned) { - certinfo->data.insert(std::make_pair("unknownsigner",ConvToStr(0))); - certinfo->data.insert(std::make_pair("trusted",ConvToStr(1))); + certinfo->unknownsigner = false; + certinfo->trusted = true; } else { - certinfo->data.insert(std::make_pair("unknownsigner",ConvToStr(1))); - certinfo->data.insert(std::make_pair("trusted",ConvToStr(0))); + certinfo->unknownsigner = true; + certinfo->trusted = false; } - certinfo->data.insert(std::make_pair("dn",std::string(X509_NAME_oneline(X509_get_subject_name(cert),0,0)))); - certinfo->data.insert(std::make_pair("issuer",std::string(X509_NAME_oneline(X509_get_issuer_name(cert),0,0)))); + certinfo->dn = X509_NAME_oneline(X509_get_subject_name(cert),0,0); + certinfo->issuer = X509_NAME_oneline(X509_get_issuer_name(cert),0,0); if (!X509_digest(cert, digest, md, &n)) { - certinfo->data.insert(std::make_pair("error","Out of memory generating fingerprint")); + certinfo->error = "Out of memory generating fingerprint"; } else { - certinfo->data.insert(std::make_pair("fingerprint",irc::hex(md, n))); + certinfo->fingerprint = irc::hex(md, n); } if ((ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(cert), ServerInstance->Time()) == -1) || (ASN1_UTCTIME_cmp_time_t(X509_get_notBefore(cert), ServerInstance->Time()) == 0)) { - certinfo->data.insert(std::make_pair("error","Not activated, or expired certificate")); + certinfo->error = "Not activated, or expired certificate"; } X509_free(cert); |