From db3665d03e35192510ddeef5c41762cf195d0609 Mon Sep 17 00:00:00 2001 From: brain Date: Sun, 3 Sep 2006 23:16:09 +0000 Subject: Output the certificate hash to the user when they connect git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@5138 e03df62e-2008-0410-955e-edbf42e46eb7 --- src/modules/extra/m_ssl_gnutls.cpp | 1 + src/modules/extra/m_ssl_openssl.cpp | 13 ++----------- 2 files changed, 3 insertions(+), 11 deletions(-) (limited to 'src') diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp index b9bc835d5..fc8429ee2 100644 --- a/src/modules/extra/m_ssl_gnutls.cpp +++ b/src/modules/extra/m_ssl_gnutls.cpp @@ -720,6 +720,7 @@ class ModuleSSLGnuTLS : public Module else { certinfo->data.insert(std::make_pair("fingerprint",irc::hex(digest, digest_size))); + user->WriteServ("NOTICE %s :*** Your SSL Certificate fingerprint is: %s", user->nick, irc::hex(digest, digest_size).c_str()); } /* Beware here we do not check for errors. diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index 5711891d7..a69dc0e4f 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -695,7 +695,6 @@ class ModuleSSLOpenSSL : public Module unsigned int n; unsigned char md[EVP_MAX_MD_SIZE]; const EVP_MD *digest = EVP_md5(); - //char* buf; user->Extend("ssl_cert",certinfo); @@ -720,16 +719,6 @@ class ModuleSSLOpenSSL : public Module certinfo->data.insert(std::make_pair("trusted",ConvToStr(0))); } - /*if (!X509_verify_cert(cert)) - { - certinfo->data.insert(std::make_pair("invalid",ConvToStr(1))); - } - else - { - certinfo->data.insert(std::make_pair("invalid",ConvToStr(0))); - }*/ - - //X509_NAME_oneline(nm, 0, 0); certinfo->data.insert(std::make_pair("dn",std::string(X509_NAME_oneline(X509_get_subject_name(cert),0,0)))); certinfo->data.insert(std::make_pair("issuer",std::string(X509_NAME_oneline(X509_get_issuer_name(cert),0,0)))); @@ -742,6 +731,8 @@ class ModuleSSLOpenSSL : public Module certinfo->data.insert(std::make_pair("fingerprint",irc::hex(md, n))); } + user->WriteServ("NOTICE %s :*** Your SSL Certificate fingerprint is: %s", user->nick, irc::hex(md, n).c_str()); + if ((ASN1_UTCTIME_cmp_time_t(X509_get_notAfter(cert), time(NULL)) == -1) || (ASN1_UTCTIME_cmp_time_t(X509_get_notBefore(cert), time(NULL)) == 0)) { certinfo->data.insert(std::make_pair("error","Not activated, or expired certificate")); -- cgit v1.2.3