aboutsummaryrefslogtreecommitdiffstats
path: root/src/modules
diff options
context:
space:
mode:
authorGravatar Sadie Powell2021-07-01 12:33:51 +0100
committerGravatar Sadie Powell2021-07-01 12:33:51 +0100
commitd95d7fc4f574b4ce3593b6684dd9fd738c40fcab (patch)
tree88bc789896945fac5b82bc19dd4b8e440e590da6 /src/modules
parentRequire that hideserver is set to a valid hostname. (diff)
parentAllow reloading SSL profiles on rehash. (diff)
downloadinspircd++-d95d7fc4f574b4ce3593b6684dd9fd738c40fcab.tar.gz
inspircd++-d95d7fc4f574b4ce3593b6684dd9fd738c40fcab.tar.bz2
inspircd++-d95d7fc4f574b4ce3593b6684dd9fd738c40fcab.zip
Merge branch 'insp3' into master.
Diffstat (limited to 'src/modules')
-rw-r--r--src/modules/extra/m_mysql.cpp6
-rw-r--r--src/modules/extra/m_pgsql.cpp2
-rw-r--r--src/modules/extra/m_ssl_gnutls.cpp2
-rw-r--r--src/modules/extra/m_ssl_mbedtls.cpp2
-rw-r--r--src/modules/extra/m_ssl_openssl.cpp22
-rw-r--r--src/modules/m_check.cpp51
-rw-r--r--src/modules/m_commonchans.cpp6
-rw-r--r--src/modules/m_delayjoin.cpp4
-rw-r--r--src/modules/m_filter.cpp2
-rw-r--r--src/modules/m_ident.cpp10
-rw-r--r--src/modules/m_messageflood.cpp2
-rw-r--r--src/modules/m_password_hash.cpp8
-rw-r--r--src/modules/m_services_account.cpp8
-rw-r--r--src/modules/m_silence.cpp4
-rw-r--r--src/modules/m_spanningtree/fjoin.cpp4
-rw-r--r--src/modules/m_spanningtree/ftopic.cpp2
-rw-r--r--src/modules/m_spanningtree/treesocket.h2
-rw-r--r--src/modules/m_sslinfo.cpp18
18 files changed, 87 insertions, 68 deletions
diff --git a/src/modules/extra/m_mysql.cpp b/src/modules/extra/m_mysql.cpp
index ed26f3ab6..9df2bde0c 100644
--- a/src/modules/extra/m_mysql.cpp
+++ b/src/modules/extra/m_mysql.cpp
@@ -56,9 +56,9 @@
/* THE NONBLOCKING MYSQL API!
*
- * MySQL provides no nonblocking (asyncronous) API of its own, and its developers recommend
+ * MySQL provides no nonblocking (asynchronous) API of its own, and its developers recommend
* that instead, you should thread your program. This is what i've done here to allow for
- * asyncronous SQL requests via mysql. The way this works is as follows:
+ * asynchronous SQL requests via mysql. The way this works is as follows:
*
* The module spawns a thread via class Thread, and performs its mysql queries in this thread,
* using a queue with priorities. There is a mutex on either end which prevents two threads
@@ -81,7 +81,7 @@
* threadsafe. This module is designed to be threadsafe and is careful with its use of threads,
* however, if we were to call a module's OnRequest even from within a thread which was not the
* one the module was originally instantiated upon, there is a chance of all hell breaking loose
- * if a module is ever put in a re-enterant state (stack corruption could occur, crashes, data
+ * if a module is ever put in a reentrant state (stack corruption could occur, crashes, data
* corruption, and worse, so DONT think about it until the day comes when InspIRCd is 100%
* guaranteed threadsafe!)
*/
diff --git a/src/modules/extra/m_pgsql.cpp b/src/modules/extra/m_pgsql.cpp
index b61b96b3c..a5eb3c0ec 100644
--- a/src/modules/extra/m_pgsql.cpp
+++ b/src/modules/extra/m_pgsql.cpp
@@ -93,7 +93,7 @@ struct QueueItem
/** PgSQLresult is a subclass of the mostly-pure-virtual class SQLresult.
* All SQL providers must create their own subclass and define it's methods using that
- * database library's data retriveal functions. The aim is to avoid a slow and inefficient process
+ * database library's data retrieval functions. The aim is to avoid a slow and inefficient process
* of converting all data to a common format before it reaches the result structure. This way
* data is passes to the module nearly as directly as if it was using the API directly itself.
*/
diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp
index d13bd0cfd..bb90538f7 100644
--- a/src/modules/extra/m_ssl_gnutls.cpp
+++ b/src/modules/extra/m_ssl_gnutls.cpp
@@ -662,7 +662,7 @@ class GnuTLSIOHook : public SSLIOHook
}
else
{
- // Change the seesion state
+ // Change the session state
this->status = ISSL_HANDSHAKEN;
VerifyCertificate();
diff --git a/src/modules/extra/m_ssl_mbedtls.cpp b/src/modules/extra/m_ssl_mbedtls.cpp
index 89ffed0f9..3f1c8840f 100644
--- a/src/modules/extra/m_ssl_mbedtls.cpp
+++ b/src/modules/extra/m_ssl_mbedtls.cpp
@@ -534,7 +534,7 @@ class mbedTLSIOHook : public SSLIOHook
int ret = mbedtls_ssl_handshake(&sess);
if (ret == 0)
{
- // Change the seesion state
+ // Change the session state
this->status = ISSL_HANDSHAKEN;
VerifyCertificate();
diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp
index 9091d11fe..0d8569ceb 100644
--- a/src/modules/extra/m_ssl_openssl.cpp
+++ b/src/modules/extra/m_ssl_openssl.cpp
@@ -286,7 +286,7 @@ namespace OpenSSL
/** OpenSSL makes us have two contexts, one for servers and one for clients
*/
Context ctx;
- Context clictx;
+ Context clientctx;
/** Digest to use when generating fingerprints
*/
@@ -352,11 +352,11 @@ namespace OpenSSL
: name(profilename)
, dh(ServerInstance->Config->Paths.PrependConfig(tag->getString("dhfile", "dhparams.pem", 1)))
, ctx(SSL_CTX_new(SSLv23_server_method()))
- , clictx(SSL_CTX_new(SSLv23_client_method()))
+ , clientctx(SSL_CTX_new(SSLv23_client_method()))
, allowrenego(tag->getBool("renegotiation")) // Disallow by default
, outrecsize(static_cast<unsigned int>(tag->getUInt("outrecsize", 2048, 512, 16384)))
{
- if ((!ctx.SetDH(dh)) || (!clictx.SetDH(dh)))
+ if ((!ctx.SetDH(dh)) || (!clientctx.SetDH(dh)))
throw Exception("Couldn't set DH parameters");
const std::string hash = tag->getString("hash", "sha256", 1);
@@ -367,7 +367,7 @@ namespace OpenSSL
const std::string ciphers = tag->getString("ciphers");
if (!ciphers.empty())
{
- if ((!ctx.SetCiphers(ciphers)) || (!clictx.SetCiphers(ciphers)))
+ if ((!ctx.SetCiphers(ciphers)) || (!clientctx.SetCiphers(ciphers)))
{
ERR_print_errors_cb(error_callback, this);
throw Exception("Can't set cipher list to \"" + ciphers + "\" " + lasterr);
@@ -378,7 +378,7 @@ namespace OpenSSL
if (!ciphers.empty())
{
#if OPENSSL_VERSION_NUMBER >= 0x10101000L
- if ((!ctx.SetCiphersuites(ciphersuites)) || (!clictx.SetCiphersuites(ciphersuites)))
+ if ((!ctx.SetCiphersuites(ciphersuites)) || (!clientctx.SetCiphersuites(ciphersuites)))
{
ERR_print_errors_cb(error_callback, this);
throw Exception("Can't set ciphersuite list to \"" + ciphersuites + "\" " + lasterr);
@@ -395,20 +395,20 @@ namespace OpenSSL
#endif
SetContextOptions("server", tag, ctx);
- SetContextOptions("client", tag, clictx);
+ SetContextOptions("client", tag, clientctx);
/* Load our keys and certificates
* NOTE: OpenSSL's error logging API sucks, don't blame us for this clusterfuck.
*/
std::string filename = ServerInstance->Config->Paths.PrependConfig(tag->getString("certfile", "cert.pem", 1));
- if ((!ctx.SetCerts(filename)) || (!clictx.SetCerts(filename)))
+ if ((!ctx.SetCerts(filename)) || (!clientctx.SetCerts(filename)))
{
ERR_print_errors_cb(error_callback, this);
throw Exception("Can't read certificate file: " + lasterr);
}
filename = ServerInstance->Config->Paths.PrependConfig(tag->getString("keyfile", "key.pem", 1));
- if ((!ctx.SetPrivateKey(filename)) || (!clictx.SetPrivateKey(filename)))
+ if ((!ctx.SetPrivateKey(filename)) || (!clientctx.SetPrivateKey(filename)))
{
ERR_print_errors_cb(error_callback, this);
throw Exception("Can't read key file: " + lasterr);
@@ -416,7 +416,7 @@ namespace OpenSSL
// Load the CAs we trust
filename = ServerInstance->Config->Paths.PrependConfig(tag->getString("cafile", "ca.pem", 1));
- if ((!ctx.SetCA(filename)) || (!clictx.SetCA(filename)))
+ if ((!ctx.SetCA(filename)) || (!clientctx.SetCA(filename)))
{
ERR_print_errors_cb(error_callback, this);
ServerInstance->Logs.Log(MODNAME, LOG_DEFAULT, "Can't read CA list from %s. This is only a problem if you want to verify client certificates, otherwise it's safe to ignore this message. Error: %s", filename.c_str(), lasterr.c_str());
@@ -428,14 +428,14 @@ namespace OpenSSL
const std::string crlmode = tag->getString("crlmode", "chain", 1);
ctx.SetCRL(crlfile, crlpath, crlmode);
- clictx.SetVerifyCert();
+ clientctx.SetVerifyCert();
if (tag->getBool("requestclientcert", true))
ctx.SetVerifyCert();
}
const std::string& GetName() const { return name; }
SSL* CreateServerSession() { return ctx.CreateServerSession(); }
- SSL* CreateClientSession() { return clictx.CreateClientSession(); }
+ SSL* CreateClientSession() { return clientctx.CreateClientSession(); }
const EVP_MD* GetDigest() { return digest; }
bool AllowRenegotiation() const { return allowrenego; }
unsigned int GetOutgoingRecordSize() const { return outrecsize; }
diff --git a/src/modules/m_check.cpp b/src/modules/m_check.cpp
index dbac112fe..6a0b7c24c 100644
--- a/src/modules/m_check.cpp
+++ b/src/modules/m_check.cpp
@@ -12,7 +12,7 @@
* Copyright (C) 2006-2008 Robin Burchell <robin+git@viroteck.net>
*
* This file is part of InspIRCd. InspIRCd is free software: you can
- * redistribute it and/or modify it under the terms of the GNU General Public
+ * reditargchanstribute it and/or modify it under the terms of the GNU General Public
* License as published by the Free Software Foundation, version 2.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
@@ -164,11 +164,8 @@ class CommandCheck : public Command
if (parameters.size() > 1 && !irc::equals(parameters[1], ServerInstance->Config->ServerName))
return CmdResult::SUCCESS;
- User *targuser;
- Channel *targchan;
-
- targuser = ServerInstance->Users.Find(parameters[0]);
- targchan = ServerInstance->Channels.Find(parameters[0]);
+ User* targetuser = ServerInstance->Users.Find(parameters[0]);
+ Channel* targchan = ServerInstance->Channels.Find(parameters[0]);
/*
* Syntax of a /check reply:
@@ -180,40 +177,40 @@ class CommandCheck : public Command
// Constructor sends START, destructor sends END
CheckContext context(user, parameters[0]);
- if (targuser)
+ if (targetuser)
{
- LocalUser* loctarg = IS_LOCAL(targuser);
+ LocalUser* loctarg = IS_LOCAL(targetuser);
/* /check on a user */
- context.Write("nuh", targuser->GetFullHost());
- context.Write("realnuh", targuser->GetFullRealHost());
- context.Write("realname", targuser->GetRealName());
- context.Write("modes", targuser->GetModeLetters());
- context.Write("snomasks", GetSnomasks(targuser));
- context.Write("server", targuser->server->GetName());
- context.Write("uid", targuser->uuid);
- context.Write("signon", targuser->signon);
- context.Write("nickts", targuser->age);
+ context.Write("nuh", targetuser->GetFullHost());
+ context.Write("realnuh", targetuser->GetFullRealHost());
+ context.Write("realname", targetuser->GetRealName());
+ context.Write("modes", targetuser->GetModeLetters());
+ context.Write("snomasks", GetSnomasks(targetuser));
+ context.Write("server", targetuser->server->GetName());
+ context.Write("uid", targetuser->uuid);
+ context.Write("signon", targetuser->signon);
+ context.Write("nickts", targetuser->age);
if (loctarg)
context.Write("lastmsg", loctarg->idle_lastmsg);
- if (targuser->IsAway())
+ if (targetuser->IsAway())
{
/* user is away */
- context.Write("awaytime", targuser->awaytime);
- context.Write("awaymsg", targuser->awaymsg);
+ context.Write("awaytime", targetuser->awaytime);
+ context.Write("awaymsg", targetuser->awaymsg);
}
- if (targuser->IsOper())
+ if (targetuser->IsOper())
{
/* user is an oper of type ____ */
- context.Write("opertype", targuser->oper->name);
+ context.Write("opertype", targetuser->oper->name);
if (loctarg)
{
context.Write("chanmodeperms", GetAllowedOperOnlyModes(loctarg, MODETYPE_CHANNEL));
context.Write("usermodeperms", GetAllowedOperOnlyModes(loctarg, MODETYPE_USER));
context.Write("snomaskperms", GetAllowedOperOnlySnomasks(loctarg));
- context.Write("commandperms", targuser->oper->AllowedOperCommands.ToString());
- context.Write("permissions", targuser->oper->AllowedPrivs.ToString());
+ context.Write("commandperms", targetuser->oper->AllowedOperCommands.ToString());
+ context.Write("permissions", targetuser->oper->AllowedPrivs.ToString());
}
}
@@ -229,14 +226,14 @@ class CommandCheck : public Command
context.Write("exempt", loctarg->exempt ? "yes" : "no");
}
else
- context.Write("onip", targuser->GetIPString());
+ context.Write("onip", targetuser->GetIPString());
CheckContext::List chanlist(context, "onchans");
- for (const auto* memb : targuser->chans)
+ for (const auto* memb : targetuser->chans)
chanlist.Add(memb->GetAllPrefixChars() + memb->chan->name);
chanlist.Flush();
- context.DumpExt(targuser);
+ context.DumpExt(targetuser);
}
else if (targchan)
{
diff --git a/src/modules/m_commonchans.cpp b/src/modules/m_commonchans.cpp
index 83976d71b..74a80fca6 100644
--- a/src/modules/m_commonchans.cpp
+++ b/src/modules/m_commonchans.cpp
@@ -36,14 +36,14 @@ class ModuleCommonChans
if (target.type != MessageTarget::TYPE_USER)
return MOD_RES_PASSTHRU;
- User* targuser = target.Get<User>();
- if (!targuser->IsModeSet(mode) || user->SharesChannelWith(targuser))
+ User* targetuser = target.Get<User>();
+ if (!targetuser->IsModeSet(mode) || user->SharesChannelWith(targetuser))
return MOD_RES_PASSTHRU;
if (user->HasPrivPermission("users/ignore-commonchans") || user->server->IsService())
return MOD_RES_PASSTHRU;
- user->WriteNumeric(Numerics::CannotSendTo(targuser, "messages", &mode));
+ user->WriteNumeric(Numerics::CannotSendTo(targetuser, "messages", &mode));
return MOD_RES_DENY;
}
diff --git a/src/modules/m_delayjoin.cpp b/src/modules/m_delayjoin.cpp
index 2a3f111b2..829a34de2 100644
--- a/src/modules/m_delayjoin.cpp
+++ b/src/modules/m_delayjoin.cpp
@@ -165,8 +165,8 @@ ModResult ModuleDelayJoin::OnWhoLine(const Who::Request& request, LocalUser* sou
if (!memb || !unjoined.Get(memb))
return MOD_RES_PASSTHRU;
- // Only show delayjoined users if the d flag has been specified.
- if (!request.flags['d'])
+ // Only show delayjoined users to others if the d flag has been specified.
+ if (source != user && !request.flags['d'])
return MOD_RES_DENY;
// Add the < flag to mark the user as delayjoined.
diff --git a/src/modules/m_filter.cpp b/src/modules/m_filter.cpp
index 854a94f41..830d89f49 100644
--- a/src/modules/m_filter.cpp
+++ b/src/modules/m_filter.cpp
@@ -546,7 +546,7 @@ ModResult ModuleFilter::OnPreCommand(std::string& command, CommandBase::Params&
parameters[parting ? 1 : 0] = "Reason filtered";
/* We're warning or blocking, OR they're quitting and its a KILL action
- * (we cant kill someone whos already quitting, so filter them anyway)
+ * (we cant kill someone who's already quitting, so filter them anyway)
*/
if ((f->action == FA_WARN) || (f->action == FA_BLOCK) || (((!parting) && (f->action == FA_KILL))) || (f->action == FA_SILENT))
{
diff --git a/src/modules/m_ident.cpp b/src/modules/m_ident.cpp
index 6e09646a5..489051b36 100644
--- a/src/modules/m_ident.cpp
+++ b/src/modules/m_ident.cpp
@@ -28,13 +28,13 @@
enum
{
- // Either the ident looup has not started yet or the user is registered.
+ // Either the ident lookup has not started yet or the user is registered.
IDENT_UNKNOWN = 0,
// Ident lookups are not enabled and a user has been marked as being skipped.
IDENT_SKIPPED,
- // Ident looups are not enabled and a user has been an insecure ident prefix.
+ // Ident lookups are not enabled and a user has been an insecure ident prefix.
IDENT_PREFIXED,
// An ident lookup was done and an ident was found.
@@ -56,7 +56,7 @@ enum
* nasty race conditions that would cause segfaults etc) we have
* rewritten this module to use a simplified socket object based
* directly off EventHandler. As EventHandler only has low level
- * readability, writeability and error events tied directly to the
+ * readability, writability and error events tied directly to the
* socket engine, this makes our lives easier as nothing happens to
* our ident lookup class that is outside of this module, or out-
* side of the control of the class. There are no timers, internal
@@ -74,11 +74,11 @@ enum
* itself.
*
* O Closure of the ident socket with the Close() method will
- * not cause removal of the socket from memory or detatchment
+ * not cause removal of the socket from memory or detachment
* from its 'parent' User class. It will only flag it as an
* inactive socket in the socket engine.
*
- * O Timeouts are handled in OnCheckReaady at the same time as
+ * O Timeouts are handled in OnCheckReady at the same time as
* checking if the ident socket has a result. This is done
* by checking if the age the of the class (its instantiation
* time) plus the timeout value is greater than the current time.
diff --git a/src/modules/m_messageflood.cpp b/src/modules/m_messageflood.cpp
index f3160a28b..245438766 100644
--- a/src/modules/m_messageflood.cpp
+++ b/src/modules/m_messageflood.cpp
@@ -155,7 +155,7 @@ private:
{
if (f->addmessage(user, weight))
{
- /* Youre outttta here! */
+ /* You're outttta here! */
f->clear(user);
if (f->ban)
{
diff --git a/src/modules/m_password_hash.cpp b/src/modules/m_password_hash.cpp
index e18744d73..a9ef722e5 100644
--- a/src/modules/m_password_hash.cpp
+++ b/src/modules/m_password_hash.cpp
@@ -87,7 +87,13 @@ class ModulePasswordHash : public Module
{
}
- ModResult OnPassCompare(Extensible* ex, const std::string &data, const std::string &input, const std::string &hashtype) override
+ void ReadConfig(ConfigStatus& status) override
+ {
+ auto tag = ServerInstance->Config->ConfValue("mkpasswd");
+ cmd.access_needed = tag->getBool("operonly") ? CmdAccess::OPERATOR : CmdAccess::NORMAL;
+ }
+
+ ModResult OnPassCompare(Extensible* ex, const std::string& data, const std::string& input, const std::string& hashtype) override
{
if (!hashtype.compare(0, 5, "hmac-", 5))
{
diff --git a/src/modules/m_services_account.cpp b/src/modules/m_services_account.cpp
index 6271b35a0..205f925be 100644
--- a/src/modules/m_services_account.cpp
+++ b/src/modules/m_services_account.cpp
@@ -261,15 +261,15 @@ class ModuleServicesAccount
}
case MessageTarget::TYPE_USER:
{
- User* targuser = target.Get<User>();
- if (!targuser->IsModeSet(regdeafmode) || is_registered)
+ User* targetuser = target.Get<User>();
+ if (!targetuser->IsModeSet(regdeafmode) || is_registered)
return MOD_RES_PASSTHRU;
- if (calleridapi && calleridapi->IsOnAcceptList(user, targuser))
+ if (calleridapi && calleridapi->IsOnAcceptList(user, targetuser))
return MOD_RES_PASSTHRU;
// User is messaging a +R user and is not registered or on an accept list.
- user->WriteNumeric(ERR_NEEDREGGEDNICK, targuser->nick, "You need to be identified to a registered account to message this user");
+ user->WriteNumeric(ERR_NEEDREGGEDNICK, targetuser->nick, "You need to be identified to a registered account to message this user");
return MOD_RES_DENY;
}
case MessageTarget::TYPE_SERVER:
diff --git a/src/modules/m_silence.cpp b/src/modules/m_silence.cpp
index a8e1be44a..7194a1136 100644
--- a/src/modules/m_silence.cpp
+++ b/src/modules/m_silence.cpp
@@ -172,9 +172,9 @@ class SilenceEntry
out.push_back('P');
if (flags & SF_PRIVMSG_CHANNEL)
out.push_back('p');
- if (flags & SF_TAGMSG_CHANNEL)
- out.push_back('T');
if (flags & SF_TAGMSG_USER)
+ out.push_back('T');
+ if (flags & SF_TAGMSG_CHANNEL)
out.push_back('t');
if (flags & SF_EXEMPT)
out.push_back('x');
diff --git a/src/modules/m_spanningtree/fjoin.cpp b/src/modules/m_spanningtree/fjoin.cpp
index 350145e23..5b2f83384 100644
--- a/src/modules/m_spanningtree/fjoin.cpp
+++ b/src/modules/m_spanningtree/fjoin.cpp
@@ -54,7 +54,7 @@ CmdResult CommandFJoin::Handle(User* srcuser, Params& params)
* When two sides of a split heal and this occurs, the following things
* will happen:
*
- * If the timestamps are exactly equal, both sides merge their privilages
+ * If the timestamps are exactly equal, both sides merge their privileges
* and users, as in InspIRCd 1.0 and ircd2.8. The channels have not been
* re-created during a split, this is safe to do.
*
@@ -80,7 +80,7 @@ CmdResult CommandFJoin::Handle(User* srcuser, Params& params)
* [[<modes>,]<uuid>[:<membid>]
* <modes> is a concatenation of the mode letters the user has on the channel
* (e.g.: "ov" if the user is opped and voiced). The order of the mode letters
- * are not important but if a server ecounters an unknown mode letter, it will
+ * are not important but if a server encounters an unknown mode letter, it will
* drop the link to avoid desync.
*
* InspIRCd 2.0 and older required a comma before the uuid even if the user
diff --git a/src/modules/m_spanningtree/ftopic.cpp b/src/modules/m_spanningtree/ftopic.cpp
index cf124cb7b..8b365bec8 100644
--- a/src/modules/m_spanningtree/ftopic.cpp
+++ b/src/modules/m_spanningtree/ftopic.cpp
@@ -50,7 +50,7 @@ CmdResult CommandFTopic::Handle(User* user, Params& params)
/*
* If the topics were updated at the exact same second, accept
* the remote only when it's "bigger" than ours as defined by
- * string comparison, so non-empty topics always overridde
+ * string comparison, so non-empty topics always override
* empty topics if their timestamps are equal
*
* Similarly, if the topic texts are equal too, keep one topic
diff --git a/src/modules/m_spanningtree/treesocket.h b/src/modules/m_spanningtree/treesocket.h
index 89c2b9aec..94b9df98e 100644
--- a/src/modules/m_spanningtree/treesocket.h
+++ b/src/modules/m_spanningtree/treesocket.h
@@ -34,7 +34,7 @@
/*
* The server list in InspIRCd is maintained as two structures
* which hold the data in different ways. Most of the time, we
- * want to very quicky obtain three pieces of information:
+ * want to very quickly obtain three pieces of information:
*
* (1) The information on a server
* (2) The information on the server we must send data through
diff --git a/src/modules/m_sslinfo.cpp b/src/modules/m_sslinfo.cpp
index b83860166..c4d426241 100644
--- a/src/modules/m_sslinfo.cpp
+++ b/src/modules/m_sslinfo.cpp
@@ -385,7 +385,23 @@ class ModuleSSLInfo
for (const auto& [_, ifo] : ServerInstance->Config->oper_blocks)
{
std::string fp = ifo->oper_block->getString("fingerprint");
- if (MatchFP(cert, fp) && ifo->oper_block->getBool("autologin"))
+ if (!MatchFP(cert, fp))
+ continue;
+
+ bool do_login = false;
+ const std::string autologin = ifo->oper_block->getString("autologin");
+ if (stdalgo::string::equalsci(autologin, "if-host-match"))
+ {
+ const std::string& userHost = localuser->MakeHost();
+ const std::string& userIP = localuser->MakeHostIP();
+ do_login = InspIRCd::MatchMask(ifo->oper_block->getString("host"), userHost, userIP);
+ }
+ else if (ifo->oper_block->getBool("autologin"))
+ {
+ do_login = true;
+ }
+
+ if (do_login)
user->Oper(ifo);
}
}