From b7bed41eb90a1c71bf99af1ce7cb0685e5582cf7 Mon Sep 17 00:00:00 2001 From: danieldg Date: Mon, 8 Feb 2010 22:40:30 +0000 Subject: SSL certificate requests prior to full registration must use SocketCertificateRequest git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@12402 e03df62e-2008-0410-955e-edbf42e46eb7 --- src/modules/m_spanningtree/hmac.cpp | 2 +- src/modules/m_sslinfo.cpp | 7 ++++--- src/modules/ssl.h | 4 ++-- 3 files changed, 7 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/modules/m_spanningtree/hmac.cpp b/src/modules/m_spanningtree/hmac.cpp index e1b20520a..c08ac1522 100644 --- a/src/modules/m_spanningtree/hmac.cpp +++ b/src/modules/m_spanningtree/hmac.cpp @@ -134,7 +134,7 @@ bool TreeSocket::ComparePass(const Link& link, const std::string &theirs) std::string fp; if (GetIOHook()) { - SocketCertificateRequest req(this, Utils->Creator, GetIOHook()); + SocketCertificateRequest req(this, Utils->Creator); if (req.cert) { fp = req.cert->GetFingerprint(); diff --git a/src/modules/m_sslinfo.cpp b/src/modules/m_sslinfo.cpp index 9ad742416..19b6160cc 100644 --- a/src/modules/m_sslinfo.cpp +++ b/src/modules/m_sslinfo.cpp @@ -193,15 +193,16 @@ class ModuleSSLInfo : public Module ModResult OnSetConnectClass(LocalUser* user, ConnectClass* myclass) { - ssl_cert* cert = cmd.CertExt.get(user); + SocketCertificateRequest req(&user->eh, this); + req.Send(); bool ok = true; if (myclass->config->getBool("requiressl")) { - ok = (cert != NULL); + ok = (req.cert != NULL); } else if (myclass->config->getString("requiressl") == "trusted") { - ok = (cert && cert->IsCAVerified()); + ok = (req.cert && req.cert->IsCAVerified()); } if (!ok) diff --git a/src/modules/ssl.h b/src/modules/ssl.h index 5b1f03627..2d0a2b1ee 100644 --- a/src/modules/ssl.h +++ b/src/modules/ssl.h @@ -131,8 +131,8 @@ struct SocketCertificateRequest : public Request StreamSocket* const sock; ssl_cert* cert; - SocketCertificateRequest(StreamSocket* ss, Module* Me, Module* hook) - : Request(Me, hook, "GET_SSL_CERT"), sock(ss), cert(NULL) + SocketCertificateRequest(StreamSocket* ss, Module* Me) + : Request(Me, ss->GetIOHook(), "GET_SSL_CERT"), sock(ss), cert(NULL) { Send(); } -- cgit v1.2.3