summaryrefslogtreecommitdiff
path: root/src/modules/m_sslmodes.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/modules/m_sslmodes.cpp')
-rw-r--r--src/modules/m_sslmodes.cpp32
1 files changed, 22 insertions, 10 deletions
diff --git a/src/modules/m_sslmodes.cpp b/src/modules/m_sslmodes.cpp
index 360f63bc9..65933cc14 100644
--- a/src/modules/m_sslmodes.cpp
+++ b/src/modules/m_sslmodes.cpp
@@ -31,7 +31,13 @@
class SSLMode : public ModeHandler
{
public:
- SSLMode(Module* Creator) : ModeHandler(Creator, "sslonly", 'z', PARAM_NONE, MODETYPE_CHANNEL) { }
+ UserCertificateAPI API;
+
+ SSLMode(Module* Creator)
+ : ModeHandler(Creator, "sslonly", 'z', PARAM_NONE, MODETYPE_CHANNEL)
+ , API(Creator)
+ {
+ }
ModeAction OnModeChange(User* source, User* dest, Channel* channel, std::string &parameter, bool adding)
{
@@ -41,12 +47,14 @@ class SSLMode : public ModeHandler
{
if (IS_LOCAL(source))
{
+ if (!API)
+ return MODEACTION_DENY;
+
const UserMembList* userlist = channel->GetUsers();
for(UserMembCIter i = userlist->begin(); i != userlist->end(); i++)
{
- UserCertificateRequest req(i->first, creator);
- req.Send();
- if(!req.cert && !ServerInstance->ULine(i->first->server))
+ ssl_cert* cert = API->GetCertificate(i->first);
+ if (!cert && !ServerInstance->ULine(i->first->server))
{
source->WriteNumeric(ERR_ALLMUSTSSL, "%s %s :all members of the channel must be connected via SSL", source->nick.c_str(), channel->name.c_str());
return MODEACTION_DENY;
@@ -96,9 +104,11 @@ class ModuleSSLModes : public Module
{
if(chan && chan->IsModeSet('z'))
{
- UserCertificateRequest req(user, this);
- req.Send();
- if (req.cert)
+ if (!sslm.API)
+ return MOD_RES_DENY;
+
+ ssl_cert* cert = sslm.API->GetCertificate(user);
+ if (cert)
{
// Let them in
return MOD_RES_PASSTHRU;
@@ -118,9 +128,11 @@ class ModuleSSLModes : public Module
{
if ((mask.length() > 2) && (mask[0] == 'z') && (mask[1] == ':'))
{
- UserCertificateRequest req(user, this);
- req.Send();
- if (req.cert && InspIRCd::Match(req.cert->GetFingerprint(), mask.substr(2)))
+ if (!sslm.API)
+ return MOD_RES_DENY;
+
+ ssl_cert* cert = sslm.API->GetCertificate(user);
+ if (cert && InspIRCd::Match(cert->GetFingerprint(), mask.substr(2)))
return MOD_RES_DENY;
}
return MOD_RES_PASSTHRU;
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-20 08:42:34 +0000