mirror of
https://github.com/unrealircd/unrealircd.git
synced 2026-07-05 13:53:12 +02:00
Fix SSL client certificate fingerprint authentication not working for server linking. Broken since May 23 already.
This commit is contained in:
@@ -771,6 +771,7 @@ extern char *moddata_client_get(aClient *acptr, char *varname);
|
||||
#define HOOKTYPE_PRE_KILL 85
|
||||
#define HOOKTYPE_SEE_CHANNEL_IN_WHOIS 86
|
||||
#define HOOKTYPE_DCC_DENIED 87
|
||||
#define HOOKTYPE_SERVER_HANDSHAKE_OUT 88
|
||||
|
||||
/* Hook return values */
|
||||
#define HOOK_CONTINUE 0
|
||||
|
||||
+19
-4
@@ -24,6 +24,7 @@ ModuleHeader MOD_HEADER(certfp)
|
||||
void certfp_free(ModData *m);
|
||||
char *certfp_serialize(ModData *m);
|
||||
void certfp_unserialize(char *str, ModData *m);
|
||||
int certfp_handshake(aClient *sptr);
|
||||
int certfp_connect(aClient *sptr);
|
||||
int certfp_whois(aClient *sptr, aClient *acptr);
|
||||
|
||||
@@ -49,6 +50,8 @@ ModDataInfo mreq;
|
||||
abort();
|
||||
|
||||
HookAdd(modinfo->handle, HOOKTYPE_LOCAL_CONNECT, 0, certfp_connect);
|
||||
HookAdd(modinfo->handle, HOOKTYPE_HANDSHAKE, 0, certfp_handshake);
|
||||
HookAdd(modinfo->handle, HOOKTYPE_SERVER_HANDSHAKE_OUT, 0, certfp_handshake);
|
||||
HookAdd(modinfo->handle, HOOKTYPE_WHOIS, 0, certfp_whois);
|
||||
|
||||
return MOD_SUCCESS;
|
||||
@@ -100,21 +103,33 @@ char *get_fingerprint_for_client(aClient *cptr)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
int certfp_connect(aClient *acptr)
|
||||
int certfp_handshake(aClient *acptr)
|
||||
{
|
||||
if (IsSecure(acptr))
|
||||
if (acptr->ssl)
|
||||
{
|
||||
char *fp = get_fingerprint_for_client(acptr);
|
||||
|
||||
if (!fp)
|
||||
return 0; /* wtf? */
|
||||
return 0;
|
||||
|
||||
moddata_client_set(acptr, "certfp", fp); /* set & broadcast */
|
||||
sendnotice(acptr, "*** Your SSL fingerprint is %s", fp);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
int certfp_connect(aClient *acptr)
|
||||
{
|
||||
if (IsSecure(acptr))
|
||||
{
|
||||
char *fp = moddata_client_get(acptr, "certfp");
|
||||
|
||||
if (fp)
|
||||
sendnotice(acptr, "*** Your SSL fingerprint is %s", fp);
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int certfp_whois(aClient *sptr, aClient *acptr)
|
||||
{
|
||||
char *fp = moddata_client_get(acptr, "certfp");
|
||||
|
||||
@@ -767,6 +767,8 @@ void start_server_handshake(aClient *cptr)
|
||||
return;
|
||||
}
|
||||
|
||||
RunHook(HOOKTYPE_SERVER_HANDSHAKE_OUT, cptr);
|
||||
|
||||
sendto_one(cptr, "PASS :%s", (aconf->auth->type == AUTHTYPE_PLAINTEXT) ? aconf->auth->data : "*");
|
||||
|
||||
send_protoctl_servers(cptr, 0);
|
||||
|
||||
Reference in New Issue
Block a user