summaryrefslogtreecommitdiff
path: root/src/modules/extra
diff options
context:
space:
mode:
Diffstat (limited to 'src/modules/extra')
-rw-r--r--src/modules/extra/m_ssl_gnutls.cpp58
-rw-r--r--src/modules/extra/m_ssl_openssl.cpp22
2 files changed, 25 insertions, 55 deletions
diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp
index 8b865c559..4ff5a9062 100644
--- a/src/modules/extra/m_ssl_gnutls.cpp
+++ b/src/modules/extra/m_ssl_gnutls.cpp
@@ -749,42 +749,14 @@ class ModuleSSLGnuTLS : public Module
if (ret < 0)
{
- certinfo->data.insert(std::make_pair("error",std::string(gnutls_strerror(ret))));
+ certinfo->error = std::string(gnutls_strerror(ret));
return;
}
- if (status & GNUTLS_CERT_INVALID)
- {
- certinfo->data.insert(std::make_pair("invalid",ConvToStr(1)));
- }
- else
- {
- certinfo->data.insert(std::make_pair("invalid",ConvToStr(0)));
- }
- if (status & GNUTLS_CERT_SIGNER_NOT_FOUND)
- {
- certinfo->data.insert(std::make_pair("unknownsigner",ConvToStr(1)));
- }
- else
- {
- certinfo->data.insert(std::make_pair("unknownsigner",ConvToStr(0)));
- }
- if (status & GNUTLS_CERT_REVOKED)
- {
- certinfo->data.insert(std::make_pair("revoked",ConvToStr(1)));
- }
- else
- {
- certinfo->data.insert(std::make_pair("revoked",ConvToStr(0)));
- }
- if (status & GNUTLS_CERT_SIGNER_NOT_CA)
- {
- certinfo->data.insert(std::make_pair("trusted",ConvToStr(0)));
- }
- else
- {
- certinfo->data.insert(std::make_pair("trusted",ConvToStr(1)));
- }
+ certinfo->invalid = (status & GNUTLS_CERT_INVALID);
+ certinfo->unknownsigner = (status & GNUTLS_CERT_SIGNER_NOT_FOUND);
+ certinfo->revoked = (status & GNUTLS_CERT_REVOKED);
+ certinfo->trusted = !(status & GNUTLS_CERT_SIGNER_NOT_CA);
/* Up to here the process is the same for X.509 certificates and
* OpenPGP keys. From now on X.509 certificates are assumed. This can
@@ -792,14 +764,14 @@ class ModuleSSLGnuTLS : public Module
*/
if (gnutls_certificate_type_get(session->sess) != GNUTLS_CRT_X509)
{
- certinfo->data.insert(std::make_pair("error","No X509 keys sent"));
+ certinfo->error = "No X509 keys sent";
return;
}
ret = gnutls_x509_crt_init(&cert);
if (ret < 0)
{
- certinfo->data.insert(std::make_pair("error",gnutls_strerror(ret)));
+ certinfo->error = gnutls_strerror(ret);
return;
}
@@ -807,7 +779,7 @@ class ModuleSSLGnuTLS : public Module
cert_list = gnutls_certificate_get_peers(session->sess, &cert_list_size);
if (cert_list == NULL)
{
- certinfo->data.insert(std::make_pair("error","No certificate was found"));
+ certinfo->error = "No certificate was found";
return;
}
@@ -818,32 +790,30 @@ class ModuleSSLGnuTLS : public Module
ret = gnutls_x509_crt_import(cert, &cert_list[0], GNUTLS_X509_FMT_DER);
if (ret < 0)
{
- certinfo->data.insert(std::make_pair("error",gnutls_strerror(ret)));
+ certinfo->error = gnutls_strerror(ret);
return;
}
gnutls_x509_crt_get_dn(cert, name, &name_size);
-
- certinfo->data.insert(std::make_pair("dn",name));
+ certinfo->dn = name;
gnutls_x509_crt_get_issuer_dn(cert, name, &name_size);
-
- certinfo->data.insert(std::make_pair("issuer",name));
+ certinfo->issuer = name;
if ((ret = gnutls_x509_crt_get_fingerprint(cert, GNUTLS_DIG_MD5, digest, &digest_size)) < 0)
{
- certinfo->data.insert(std::make_pair("error",gnutls_strerror(ret)));
+ certinfo->error = gnutls_strerror(ret);
}
else
{
- certinfo->data.insert(std::make_pair("fingerprint",irc::hex(digest, digest_size)));
+ certinfo->fingerprint = irc::hex(digest, digest_size);
}
/* Beware here we do not check for errors.
*/
if ((gnutls_x509_crt_get_expiration_time(cert) < ServerInstance->Time()) || (gnutls_x509_crt_get_activation_time(cert) > ServerInstance->Time()))
{
- certinfo->data.insert(std::make_pair("error","Not activated, or expired certificate"));
+ certinfo->error = "Not activated, or expired certificate";
}
gnutls_x509_crt_deinit(cert);
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index f2f2801b4..6aaf8ab1f 100644
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -839,38 +839,38 @@ class ModuleSSLOpenSSL : public Module
if (!cert)
{
- certinfo->data.insert(std::make_pair("error","Could not get peer certificate: "+std::string(get_error())));
+ certinfo->error = "Could not get peer certificate: "+std::string(get_error());
return;
}
- certinfo->data.insert(std::make_pair("invalid", SSL_get_verify_result(session->sess) != X509_V_OK ? ConvToStr(1) : ConvToStr(0)));
+ certinfo->invalid = (SSL_get_verify_result(session->sess) != X509_V_OK);
if (SelfSigned)
{
- certinfo->data.insert(std::make_pair("unknownsigner",ConvToStr(0)));
- certinfo->data.insert(std::make_pair("trusted",ConvToStr(1)));
+ certinfo->unknownsigner = false;
+ certinfo->trusted = true;
}
else
{
- certinfo->data.insert(std::make_pair("unknownsigner",ConvToStr(1)));
- certinfo->data.insert(std::make_pair("trusted",ConvToStr(0)));
+ certinfo->unknownsigner = true;
+ certinfo->trusted = false;
}
- certinfo->data.insert(std::make_pair("dn",std::string(X509_NAME_oneline(X509_get_subject_name(cert),0,0))));
- certinfo->data.insert(std::make_pair("issuer",std::string(X509_NAME_oneline(X509_get_issuer_name(cert),0,0))));
+ certinfo->dn = X509_NAME_oneline(X509_get_subject_name(cert),0,0);
+ certinfo->issuer = X509_NAME_oneline(X509_get_issuer_name(cert),0,0);
if (!X509_digest(cert, digest, md, &n))
{
- certinfo->data.insert(std::make_pair("error","Out of memory generating fingerprint"));
+ certinfo->error = "Out of memory generating fingerprint";
}
else
{
- certinfo->data.insert(std::make_pair("fingerprint",irc::hex(md, n)));
+ certinfo->fingerprint = irc::hex(md, n);
}
if ((ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(cert), ServerInstance->Time()) == -1) || (ASN1_UTCTIME_cmp_time_t(X509_get_notBefore(cert), ServerInstance->Time()) == 0))
{
- certinfo->data.insert(std::make_pair("error","Not activated, or expired certificate"));
+ certinfo->error = "Not activated, or expired certificate";
}
X509_free(cert);