From be11282fb8cb197fd18c89623de26a07dd860257 Mon Sep 17 00:00:00 2001 From: brain Date: Tue, 20 Dec 2005 09:58:03 +0000 Subject: Added stricter checking for encryption on connect, if enabled git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@2584 e03df62e-2008-0410-955e-edbf42e46eb7 --- src/modules/m_spanningtree.cpp | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'src') diff --git a/src/modules/m_spanningtree.cpp b/src/modules/m_spanningtree.cpp index 6e2760e62..e42a7def0 100644 --- a/src/modules/m_spanningtree.cpp +++ b/src/modules/m_spanningtree.cpp @@ -1620,6 +1620,15 @@ class TreeSocket : public InspSocket this->WriteLine("ERROR :Server "+servername+" already exists on server "+CheckDupe->GetParent()->GetName()+"!"); return false; } + /* If the config says this link is encrypted, but the remote side + * hasnt bothered to send the AES command before SERVER, then we + * boot them off as we MUST have this connection encrypted. + */ + if ((x->EncryptionKey != "") && (!this->ctx)) + { + this->WriteLine("ERROR :This link requires AES encryption to be enabled. Plaintext connection refused."); + return false; + } Srv->SendOpers("*** Verified incoming server connection from \002"+servername+"\002["+this->GetIP()+"] ("+description+")"); this->InboundServerName = servername; this->InboundDescription = description; -- cgit v1.2.3