aboutsummaryrefslogtreecommitdiff
path: root/src/modules/m_sslmodes.cpp
diff options
context:
space:
mode:
authorGravatar Sadie Powell2024-07-13 22:37:41 +0100
committerGravatar Sadie Powell2024-07-13 22:37:41 +0100
commit13cfe13d7bf665a2f9cf8d18d4d5ffa6da8f24c6 (patch)
treebd31c5e25bb9935f6411bd6dede365ece6708cdf /src/modules/m_sslmodes.cpp
parentMerge branch 'insp4' into master. (diff)
parentFix the getentropy test on systems with a new libc and old kernel. (diff)
Merge branch 'insp4' into master.
Diffstat (limited to 'src/modules/m_sslmodes.cpp')
-rw-r--r--src/modules/m_sslmodes.cpp7
1 files changed, 5 insertions, 2 deletions
diff --git a/src/modules/m_sslmodes.cpp b/src/modules/m_sslmodes.cpp
index 52e631cca..07880eef1 100644
--- a/src/modules/m_sslmodes.cpp
+++ b/src/modules/m_sslmodes.cpp
@@ -26,6 +26,7 @@
#include "inspircd.h"
+#include "modules/callerid.h"
#include "modules/ctctags.h"
#include "modules/extban.h"
#include "modules/ssl.h"
@@ -165,6 +166,7 @@ class ModuleSSLModes final
{
private:
UserCertificateAPI api;
+ CallerID::API calleridapi;
SSLMode sslm;
SSLModeUser sslquery;
FingerprintExtBan extban;
@@ -174,6 +176,7 @@ public:
: Module(VF_VENDOR, "Adds channel mode z (sslonly) which prevents users who are not connecting using TLS from joining the channel and user mode z (sslqueries) to prevent messages from non-TLS users.")
, CTCTags::EventListener(this)
, api(this)
+ , calleridapi(this)
, sslm(this, api)
, sslquery(this, api)
, extban(this, api)
@@ -207,7 +210,7 @@ public:
if (msgtarget.type != MessageTarget::TYPE_USER)
return MOD_RES_PASSTHRU;
- User* target = msgtarget.Get<User>();
+ auto* target = msgtarget.Get<User>();
/* If one or more of the parties involved is a services user, we won't stop it. */
if (user->server->IsService() || target->server->IsService())
@@ -216,7 +219,7 @@ public:
/* If the target is +z */
if (target->IsModeSet(sslquery))
{
- if (!api || !api->IsSecure(user))
+ if (!api || !api->IsSecure(user) || (calleridapi && !calleridapi->IsOnAcceptList(user, target)))
{
/* The sending user is not on an TLS connection */
user->WriteNumeric(Numerics::CannotSendTo(target, "messages", &sslquery));