From ad2f737405c9352326440984aff004ce84fc1d87 Mon Sep 17 00:00:00 2001 From: Sadie Powell Date: Sun, 20 Jun 2021 01:28:20 +0100 Subject: Show delayjoined users to themself in WHO. --- src/modules/m_delayjoin.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/modules') diff --git a/src/modules/m_delayjoin.cpp b/src/modules/m_delayjoin.cpp index d58f07c2b..d7f9e5a6e 100644 --- a/src/modules/m_delayjoin.cpp +++ b/src/modules/m_delayjoin.cpp @@ -161,8 +161,8 @@ ModResult ModuleDelayJoin::OnWhoLine(const Who::Request& request, LocalUser* sou if (!memb || !unjoined.get(memb)) return MOD_RES_PASSTHRU; - // Only show delayjoined users if the d flag has been specified. - if (!request.flags['d']) + // Only show delayjoined users to others if the d flag has been specified. + if (source != user && !request.flags['d']) return MOD_RES_DENY; // Add the < flag to mark the user as delayjoined. -- cgit v1.3.1-10-gc9f91 From 43b7e6a979a8cef48f907c565242b02a7cb36e98 Mon Sep 17 00:00:00 2001 From: Sadie Powell Date: Sun, 20 Jun 2021 17:42:20 +0100 Subject: Fix the silence TAGMSG flags being inverted in BitsToFlags. --- src/modules/m_silence.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/modules') diff --git a/src/modules/m_silence.cpp b/src/modules/m_silence.cpp index e7271e68f..042ecd3b1 100644 --- a/src/modules/m_silence.cpp +++ b/src/modules/m_silence.cpp @@ -171,9 +171,9 @@ class SilenceEntry out.push_back('P'); if (flags & SF_PRIVMSG_CHANNEL) out.push_back('p'); - if (flags & SF_TAGMSG_CHANNEL) - out.push_back('T'); if (flags & SF_TAGMSG_USER) + out.push_back('T'); + if (flags & SF_TAGMSG_CHANNEL) out.push_back('t'); if (flags & SF_EXEMPT) out.push_back('x'); -- cgit v1.3.1-10-gc9f91 From 5c8b212a3c494f636449783f761ff92c34013e92 Mon Sep 17 00:00:00 2001 From: Sadie Powell Date: Sun, 20 Jun 2021 21:29:45 +0100 Subject: Allow making the MKPASSWD command only usable by opers. --- docs/conf/modules.conf.example | 3 +++ src/modules/m_password_hash.cpp | 6 ++++++ 2 files changed, 9 insertions(+) (limited to 'src/modules') diff --git a/docs/conf/modules.conf.example b/docs/conf/modules.conf.example index 837d51e6a..e6c8d11b6 100644 --- a/docs/conf/modules.conf.example +++ b/docs/conf/modules.conf.example @@ -1748,6 +1748,9 @@ # # Generate hashes using the /MKPASSWD command on the server. # Don't run it on a server you don't trust with your password. +# +# You can also make the MKPASSWD command oper only by uncommenting this: +# #-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-# # PBKDF2 module: Allows other modules to generate PBKDF2 hashes, diff --git a/src/modules/m_password_hash.cpp b/src/modules/m_password_hash.cpp index 814c33512..86611d908 100644 --- a/src/modules/m_password_hash.cpp +++ b/src/modules/m_password_hash.cpp @@ -88,6 +88,12 @@ class ModulePasswordHash : public Module { } + void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE + { + ConfigTag* tag = ServerInstance->Config->ConfValue("mkpasswd"); + cmd.flags_needed = tag->getBool("operonly") ? 'o' : 0; + } + ModResult OnPassCompare(Extensible* ex, const std::string &data, const std::string &input, const std::string &hashtype) CXX11_OVERRIDE { if (!hashtype.compare(0, 5, "hmac-", 5)) -- cgit v1.3.1-10-gc9f91 From 2c5fdb670fe37d757e6d81b17c0e68e3b848c3fe Mon Sep 17 00:00:00 2001 From: Molly Miller Date: Sat, 12 Jun 2021 14:12:21 +0100 Subject: Add 'if-host-match' option to m_sslinfo oper autologin configuration. This adds an option to perform the source host check (which is usually performed on manual oper login) in addition to the certificate fingerprint check when automatically logging in opers upon connection to the ircd. --- src/modules/m_sslinfo.cpp | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) (limited to 'src/modules') diff --git a/src/modules/m_sslinfo.cpp b/src/modules/m_sslinfo.cpp index ae3d2b7b6..28ba3f177 100644 --- a/src/modules/m_sslinfo.cpp +++ b/src/modules/m_sslinfo.cpp @@ -373,7 +373,23 @@ class ModuleSSLInfo { OperInfo* ifo = i->second; std::string fp = ifo->oper_block->getString("fingerprint"); - if (MatchFP(cert, fp) && ifo->oper_block->getBool("autologin")) + if (!MatchFP(cert, fp)) + continue; + + bool do_login = false; + const std::string autologin = ifo->oper_block->getString("autologin"); + if (stdalgo::string::equalsci(autologin, "if-host-match")) + { + const std::string& userHost = localuser->MakeHost(); + const std::string& userIP = localuser->MakeHostIP(); + do_login = InspIRCd::MatchMask(ifo->oper_block->getString("host"), userHost, userIP); + } + else if (ifo->oper_block->getBool("autologin")) + { + do_login = true; + } + + if (do_login) user->Oper(ifo); } } -- cgit v1.3.1-10-gc9f91 From de6d4dbd1e8845e08c2d87cd89a919e5b21ba619 Mon Sep 17 00:00:00 2001 From: Josh Soref Date: Mon, 21 Jun 2021 16:47:06 -0400 Subject: Fix various spelling issues (#1883). Signed-off-by: Josh Soref --- docs/conf/quotes.txt.example | 2 +- include/command_parse.h | 2 +- include/extensible.h | 2 +- include/mode.h | 2 +- include/modules.h | 18 ++++++------- include/modules/httpd.h | 2 +- include/modules/ssl.h | 2 +- include/serialize.h | 4 +-- include/socketengine.h | 2 +- include/users.h | 10 +++---- locales/readme.txt | 2 +- make/template/inspircd | 2 +- src/coremods/core_message.cpp | 2 +- src/hashcomp.cpp | 4 +-- src/modules.cpp | 14 +++++----- src/modules/extra/m_mysql.cpp | 6 ++--- src/modules/extra/m_pgsql.cpp | 2 +- src/modules/extra/m_ssl_gnutls.cpp | 2 +- src/modules/extra/m_ssl_mbedtls.cpp | 2 +- src/modules/extra/m_ssl_openssl.cpp | 22 ++++++++-------- src/modules/m_censor.cpp | 4 +-- src/modules/m_check.cpp | 42 +++++++++++++++--------------- src/modules/m_commonchans.cpp | 6 ++--- src/modules/m_deaf.cpp | 2 +- src/modules/m_filter.cpp | 2 +- src/modules/m_ident.cpp | 10 +++---- src/modules/m_messageflood.cpp | 2 +- src/modules/m_operlog.cpp | 4 +-- src/modules/m_services_account.cpp | 8 +++--- src/modules/m_spanningtree/fjoin.cpp | 4 +-- src/modules/m_spanningtree/ftopic.cpp | 2 +- src/modules/m_spanningtree/treesocket.h | 2 +- src/users.cpp | 2 +- src/xline.cpp | 2 +- win/NSIS.template.in | 46 ++++++++++++++++----------------- 35 files changed, 121 insertions(+), 121 deletions(-) (limited to 'src/modules') diff --git a/docs/conf/quotes.txt.example b/docs/conf/quotes.txt.example index acb456858..18edecc12 100644 --- a/docs/conf/quotes.txt.example +++ b/docs/conf/quotes.txt.example @@ -49,7 +49,7 @@ Computers make very fast, very accurate mistakes Life would be so much easier if we only had the source code Who is this 'General Failure' and why is he reading my disk? hAS aNYONE sEEN MY cAPSLOCK kEY? -InspIRCd, now with excessive ammounts of Cheeze +InspIRCd, now with excessive amounts of Cheeze I'm in the computer business, I make Out-Of-Order signs Kevorkian Virus: helps your computer shut down whenever it wants to. [OUT OF QUOTES, PLEASE ORDER MORE] diff --git a/include/command_parse.h b/include/command_parse.h index 64981c634..8a373fded 100644 --- a/include/command_parse.h +++ b/include/command_parse.h @@ -68,7 +68,7 @@ class CoreExport CommandParser * and the command completeld successfully. It will return CMD_FAILURE if the command handler was found * and called, but the command did not complete successfully, and it will return CMD_INVALID if the * command simply did not exist at all or the wrong number of parameters were given, or the user - * was not privilaged enough to execute the command. + * was not privileged enough to execute the command. */ CmdResult CallHandler(const std::string& commandname, const CommandBase::Params& parameters, User* user, Command** cmd = NULL); diff --git a/include/extensible.h b/include/extensible.h index 2e7b83a28..f311bc959 100644 --- a/include/extensible.h +++ b/include/extensible.h @@ -157,7 +157,7 @@ class CoreExport Extensible unsigned int culled:1; public: /** - * Get the extension items for iteraton (i.e. for metadata sync during netburst) + * Get the extension items for iteration (i.e. for metadata sync during netburst) */ inline const ExtensibleStore& GetExtList() const { return extensions; } diff --git a/include/mode.h b/include/mode.h index 940ed2144..40760bf03 100644 --- a/include/mode.h +++ b/include/mode.h @@ -539,7 +539,7 @@ class CoreExport ModeWatcher : public classbase * @param dest The target user for the mode, if you are watching a user mode * @param channel The target channel for the mode, if you are watching a channel mode * @param parameter The parameter of the mode, if the mode is supposed to have a parameter. - * If you alter the parameter you are given, the mode handler will see your atered version + * If you alter the parameter you are given, the mode handler will see your altered version * when it handles the mode. * @param adding True if the mode is being added and false if it is being removed * @return True to allow the mode change to go ahead, false to abort it. If you abort the diff --git a/include/modules.h b/include/modules.h index 6e3122389..df8052089 100644 --- a/include/modules.h +++ b/include/modules.h @@ -493,7 +493,7 @@ class CoreExport Module : public classbase, public usecountbase * @param user The user joining the channel * @param chan If the channel is a new channel, this will be NULL, otherwise it will be a pointer to the channel being joined * @param cname The channel name being joined. For new channels this is valid where chan is not. - * @param privs A string containing the users privilages when joining the channel. For new channels this will contain "o". + * @param privs A string containing the users privileges when joining the channel. For new channels this will contain "o". * You may alter this string to alter the user's modes on the channel. * @param keygiven The key given to join the channel, or an empty string if none was provided * @return 1 To prevent the join, 0 to allow it. @@ -592,7 +592,7 @@ class CoreExport Module : public classbase, public usecountbase /** Called before local nickname changes. This can be used to implement Q-lines etc. * If your method returns nonzero, the nickchange is silently forbidden, and it is down to your - * module to generate some meaninful output. + * module to generate some meaningful output. * @param user The username changing their nick * @param newnick Their new nickname * @return 1 to deny the change, 0 to allow @@ -649,14 +649,14 @@ class CoreExport Module : public classbase, public usecountbase /** Called whenever a user's hostname is changed. * This event triggers after the host has been set. - * @param user The user whos host is being changed + * @param user The user whose host is being changed * @param newhost The new hostname being set */ virtual void OnChangeHost(User* user, const std::string &newhost); /** Called whenever a user's real hostname is changed. * This event triggers before the host has been set. - * @param user The user whos host is being changed + * @param user The user whose host is being changed * @param newhost The new hostname being set */ virtual void OnChangeRealHost(User* user, const std::string& newhost); @@ -713,7 +713,7 @@ class CoreExport Module : public classbase, public usecountbase /** Called after any nickchange, local or remote. This can be used to track users after nickchanges * have been applied. Please note that although you can see remote nickchanges through this function, you should - * NOT make any changes to the User if the user is a remote user as this may cause a desnyc. + * NOT make any changes to the User if the user is a remote user as this may cause a desync. * check user->server before taking any action (including returning nonzero from the method). * Because this method is called after the nickchange is taken place, no return values are possible * to indicate forbidding of the nick change. Use OnUserPreNick for this. @@ -830,14 +830,14 @@ class CoreExport Module : public classbase, public usecountbase /** Called after a user object is initialised and added to the user list. * When this is called the user has not had their I/O hooks checked or had their initial - * connect class assigned and may not yet have a serialiser. You probably want to use + * connect class assigned and may not yet have a serializer. You probably want to use * the OnUserPostInit or OnUserSetIP hooks instead of this one. * @param user The connecting user. */ virtual void OnUserInit(LocalUser* user); /** Called after a user object has had their I/O hooks checked, their initial connection - * class assigned, and had a serialiser set. + * class assigned, and had a serializer set. * @param user The connecting user. */ virtual void OnUserPostInit(LocalUser* user); @@ -937,7 +937,7 @@ class CoreExport Module : public classbase, public usecountbase /** Called whenever a change of a local users displayed host is attempted. * Return 1 to deny the host change, or 0 to allow it. - * @param user The user whos host will be changed + * @param user The user whose host will be changed * @param newhost The new hostname * @return 1 to deny the host change, 0 to allow */ @@ -945,7 +945,7 @@ class CoreExport Module : public classbase, public usecountbase /** Called whenever a change of a local users real name is attempted. * return MOD_RES_DENY to deny the name change, or MOD_RES_ALLOW to allow it. - * @param user The user whos real name will be changed + * @param user The user whose real name will be changed * @param newhost The new real name. * @return MOD_RES_DENY to deny the real name change, MOD_RES_ALLOW to allow */ diff --git a/include/modules/httpd.h b/include/modules/httpd.h index f3402c8d8..681f62230 100644 --- a/include/modules/httpd.h +++ b/include/modules/httpd.h @@ -87,7 +87,7 @@ struct HTTPRequestURI std::string fragment; }; -/** A modifyable list of HTTP header fields +/** A modifiable list of HTTP header fields */ class HTTPHeaders { diff --git a/include/modules/ssl.h b/include/modules/ssl.h index 7af2ce3ee..8081adb36 100644 --- a/include/modules/ssl.h +++ b/include/modules/ssl.h @@ -110,7 +110,7 @@ class ssl_cert : public refcountbase return unknownsigner; } - /** Get revokation status. + /** Get revocation status. * @return True if the certificate is revoked. * Note that this only works properly for GnuTLS * right now. diff --git a/include/serialize.h b/include/serialize.h index df0cbd5d5..aa26da19b 100644 --- a/include/serialize.h +++ b/include/serialize.h @@ -60,7 +60,7 @@ class CoreExport Serializable /** Loads the value with the specified key. * @param key The key by which this data is identified. - * @param out The location to store the value for this keu + * @param out The location to store the value for this key. */ Data& Load(const std::string& key, std::string& out); @@ -109,7 +109,7 @@ class CoreExport Serializable */ virtual bool Deserialize(Data& data) = 0; - /** Serializes the this object into the specified Data obect. + /** Serializes the this object into the specified Data object. * @param data The Data object to serialize to. * @return True if the serialisation succeeded; otherwise, false. */ diff --git a/include/socketengine.h b/include/socketengine.h index d8d5e406d..8dc548a68 100644 --- a/include/socketengine.h +++ b/include/socketengine.h @@ -68,7 +68,7 @@ enum EventMask /** Mask for all read events */ FD_WANT_READ_MASK = 0x0F, - /** Do not test this socket for writeability + /** Do not test this socket for writability */ FD_WANT_NO_WRITE = 0x10, /** Give a write event at all times when writes will not block. diff --git a/include/users.h b/include/users.h index 28f94a215..d85224452 100644 --- a/include/users.h +++ b/include/users.h @@ -469,7 +469,7 @@ class CoreExport User : public Extensible void SetMode(ModeHandler* mh, bool value); void SetMode(ModeHandler& mh, bool value) { SetMode(&mh, value); } - /** Returns true or false for if a user can execute a privilaged oper command. + /** Returns true or false for if a user can execute a privileged oper command. * This is done by looking up their oper type from User::oper, then referencing * this to their oper classes and checking the commands they can execute. * @param command A command (should be all CAPS) @@ -481,7 +481,7 @@ class CoreExport User : public Extensible * This is used to check whether or not users may perform certain actions which admins may not wish to give to * all operators, yet are not commands. An example might be oper override, mass messaging (/notice $*), etc. * - * @param privstr The priv to chec, e.g. "users/override/topic". These are loaded free-form from the config file. + * @param privstr The priv to check, e.g. "users/override/topic". These are loaded free-form from the config file. * @return True if this user has the permission in question. */ virtual bool HasPrivPermission(const std::string& privstr); @@ -672,7 +672,7 @@ class CoreExport User : public Extensible /** Change the ident (username) of a user. * ALWAYS use this function, rather than writing User::ident directly, - * as this triggers module events allowing the change to be syncronized to + * as this triggers module events allowing the change to be synchronized to * remote servers. * @param newident The new ident to set * @return True if the change succeeded, false if it didn't @@ -863,7 +863,7 @@ class CoreExport LocalUser : public User, public insp::intrusive_list_node//i) && ($i !~ /^#/)) { - # Decend into that file, and check for PIDs.. (that sounds like an STD ;/) + # Descend into that file, and check for PIDs.. (that sounds like an STD ;/) getpidfile($1); # Was a PID found? if ($pidfile ne "") { diff --git a/src/coremods/core_message.cpp b/src/coremods/core_message.cpp index c9f6d19c2..57d813d9b 100644 --- a/src/coremods/core_message.cpp +++ b/src/coremods/core_message.cpp @@ -102,7 +102,7 @@ namespace FIRST_MOD_RESULT(OnUserPreMessage, modres, (source, msgtarget, msgdetails)); if (modres == MOD_RES_DENY) { - // Inform modules that a module blocked the mssage. + // Inform modules that a module blocked the message. FOREACH_MOD(OnUserMessageBlocked, (source, msgtarget, msgdetails)); return false; } diff --git a/src/hashcomp.cpp b/src/hashcomp.cpp index 5ca032229..93649f6db 100644 --- a/src/hashcomp.cpp +++ b/src/hashcomp.cpp @@ -38,7 +38,7 @@ * the best way to write hash functions to hash irc * nicknames, channels etc. * We are lucky as C++ developers as unordered_map does - * a lot of this for us. It does intellegent memory + * a lot of this for us. It does intelligent memory * requests, bucketing, search functions, insertion * and deletion etc. All we have to do is write some * overloaded comparison and hash value operators which @@ -48,7 +48,7 @@ * Case insensitivity: The hash_map will be case * insensitive. * - * Scandanavian Comparisons: The characters [, ], \ will + * Scandinavian Comparisons: The characters [, ], \ will * be considered the lowercase of {, } and |. * ******************************************************/ diff --git a/src/modules.cpp b/src/modules.cpp index 7cae3818c..779d15218 100644 --- a/src/modules.cpp +++ b/src/modules.cpp @@ -55,7 +55,7 @@ Version::Version(const std::string &desc, int flags, const std::string& linkdata { } -// These declarations define the behavours of the base class Module (which does nothing at all) +// These declarations define the behaviours of the base class Module (which does nothing at all) Module::Module() : ModuleDLLManager(NULL) @@ -318,17 +318,17 @@ swap_now: if (prioritizationState == PRIO_STATE_LAST) prioritizationState = PRIO_STATE_AGAIN; /* Suggestion from Phoenix, "shuffle" the modules to better retain call order */ - int incrmnt = 1; + int increment = 1; if (my_pos > swap_pos) - incrmnt = -1; + increment = -1; - for (unsigned int j = my_pos; j != swap_pos; j += incrmnt) + for (unsigned int j = my_pos; j != swap_pos; j += increment) { - if ((j + incrmnt > EventHandlers[i].size() - 1) || ((incrmnt == -1) && (j == 0))) + if ((j + increment > EventHandlers[i].size() - 1) || ((increment == -1) && (j == 0))) continue; - std::swap(EventHandlers[i][j], EventHandlers[i][j+incrmnt]); + std::swap(EventHandlers[i][j], EventHandlers[i][j+increment]); } } @@ -451,7 +451,7 @@ void ModuleManager::UnloadAll() { /* We do this more than once, so that any service providers get a * chance to be unhooked by the modules using them, but then get - * a chance to be removed themsleves. + * a chance to be removed themselves. * * Note: this deliberately does NOT delete the DLLManager objects */ diff --git a/src/modules/extra/m_mysql.cpp b/src/modules/extra/m_mysql.cpp index 64a460f77..b34cd0324 100644 --- a/src/modules/extra/m_mysql.cpp +++ b/src/modules/extra/m_mysql.cpp @@ -63,9 +63,9 @@ /* THE NONBLOCKING MYSQL API! * - * MySQL provides no nonblocking (asyncronous) API of its own, and its developers recommend + * MySQL provides no nonblocking (asynchronous) API of its own, and its developers recommend * that instead, you should thread your program. This is what i've done here to allow for - * asyncronous SQL requests via mysql. The way this works is as follows: + * asynchronous SQL requests via mysql. The way this works is as follows: * * The module spawns a thread via class Thread, and performs its mysql queries in this thread, * using a queue with priorities. There is a mutex on either end which prevents two threads @@ -88,7 +88,7 @@ * threadsafe. This module is designed to be threadsafe and is careful with its use of threads, * however, if we were to call a module's OnRequest even from within a thread which was not the * one the module was originally instantiated upon, there is a chance of all hell breaking loose - * if a module is ever put in a re-enterant state (stack corruption could occur, crashes, data + * if a module is ever put in a reentrant state (stack corruption could occur, crashes, data * corruption, and worse, so DONT think about it until the day comes when InspIRCd is 100% * guaranteed threadsafe!) */ diff --git a/src/modules/extra/m_pgsql.cpp b/src/modules/extra/m_pgsql.cpp index e1db996c8..65ae621f9 100644 --- a/src/modules/extra/m_pgsql.cpp +++ b/src/modules/extra/m_pgsql.cpp @@ -93,7 +93,7 @@ struct QueueItem /** PgSQLresult is a subclass of the mostly-pure-virtual class SQLresult. * All SQL providers must create their own subclass and define it's methods using that - * database library's data retriveal functions. The aim is to avoid a slow and inefficient process + * database library's data retrieval functions. The aim is to avoid a slow and inefficient process * of converting all data to a common format before it reaches the result structure. This way * data is passes to the module nearly as directly as if it was using the API directly itself. */ diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp index 670ff79b1..86c2c43b7 100644 --- a/src/modules/extra/m_ssl_gnutls.cpp +++ b/src/modules/extra/m_ssl_gnutls.cpp @@ -779,7 +779,7 @@ class GnuTLSIOHook : public SSLIOHook } else { - // Change the seesion state + // Change the session state this->status = ISSL_HANDSHAKEN; VerifyCertificate(); diff --git a/src/modules/extra/m_ssl_mbedtls.cpp b/src/modules/extra/m_ssl_mbedtls.cpp index c3d040ad0..a33ea367e 100644 --- a/src/modules/extra/m_ssl_mbedtls.cpp +++ b/src/modules/extra/m_ssl_mbedtls.cpp @@ -546,7 +546,7 @@ class mbedTLSIOHook : public SSLIOHook int ret = mbedtls_ssl_handshake(&sess); if (ret == 0) { - // Change the seesion state + // Change the session state this->status = ISSL_HANDSHAKEN; VerifyCertificate(); diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index f84468da8..cd96022c8 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -336,7 +336,7 @@ namespace OpenSSL /** OpenSSL makes us have two contexts, one for servers and one for clients */ Context ctx; - Context clictx; + Context clientctx; /** Digest to use when generating fingerprints */ @@ -406,11 +406,11 @@ namespace OpenSSL : name(profilename) , dh(ServerInstance->Config->Paths.PrependConfig(tag->getString("dhfile", "dhparams.pem", 1))) , ctx(SSL_CTX_new(SSLv23_server_method())) - , clictx(SSL_CTX_new(SSLv23_client_method())) + , clientctx(SSL_CTX_new(SSLv23_client_method())) , allowrenego(tag->getBool("renegotiation")) // Disallow by default , outrecsize(tag->getUInt("outrecsize", 2048, 512, 16384)) { - if ((!ctx.SetDH(dh)) || (!clictx.SetDH(dh))) + if ((!ctx.SetDH(dh)) || (!clientctx.SetDH(dh))) throw Exception("Couldn't set DH parameters"); const std::string hash = tag->getString("hash", "md5", 1); @@ -421,7 +421,7 @@ namespace OpenSSL const std::string ciphers = tag->getString("ciphers"); if (!ciphers.empty()) { - if ((!ctx.SetCiphers(ciphers)) || (!clictx.SetCiphers(ciphers))) + if ((!ctx.SetCiphers(ciphers)) || (!clientctx.SetCiphers(ciphers))) { ERR_print_errors_cb(error_callback, this); throw Exception("Can't set cipher list to \"" + ciphers + "\" " + lasterr); @@ -432,7 +432,7 @@ namespace OpenSSL if (!ciphers.empty()) { #if OPENSSL_VERSION_NUMBER >= 0x10101000L - if ((!ctx.SetCiphersuites(ciphersuites)) || (!clictx.SetCiphersuites(ciphersuites))) + if ((!ctx.SetCiphersuites(ciphersuites)) || (!clientctx.SetCiphersuites(ciphersuites))) { ERR_print_errors_cb(error_callback, this); throw Exception("Can't set ciphersuite list to \"" + ciphersuites + "\" " + lasterr); @@ -449,20 +449,20 @@ namespace OpenSSL #endif SetContextOptions("server", tag, ctx); - SetContextOptions("client", tag, clictx); + SetContextOptions("client", tag, clientctx); /* Load our keys and certificates * NOTE: OpenSSL's error logging API sucks, don't blame us for this clusterfuck. */ std::string filename = ServerInstance->Config->Paths.PrependConfig(tag->getString("certfile", "cert.pem", 1)); - if ((!ctx.SetCerts(filename)) || (!clictx.SetCerts(filename))) + if ((!ctx.SetCerts(filename)) || (!clientctx.SetCerts(filename))) { ERR_print_errors_cb(error_callback, this); throw Exception("Can't read certificate file: " + lasterr); } filename = ServerInstance->Config->Paths.PrependConfig(tag->getString("keyfile", "key.pem", 1)); - if ((!ctx.SetPrivateKey(filename)) || (!clictx.SetPrivateKey(filename))) + if ((!ctx.SetPrivateKey(filename)) || (!clientctx.SetPrivateKey(filename))) { ERR_print_errors_cb(error_callback, this); throw Exception("Can't read key file: " + lasterr); @@ -470,7 +470,7 @@ namespace OpenSSL // Load the CAs we trust filename = ServerInstance->Config->Paths.PrependConfig(tag->getString("cafile", "ca.pem", 1)); - if ((!ctx.SetCA(filename)) || (!clictx.SetCA(filename))) + if ((!ctx.SetCA(filename)) || (!clientctx.SetCA(filename))) { ERR_print_errors_cb(error_callback, this); ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "Can't read CA list from %s. This is only a problem if you want to verify client certificates, otherwise it's safe to ignore this message. Error: %s", filename.c_str(), lasterr.c_str()); @@ -482,14 +482,14 @@ namespace OpenSSL const std::string crlmode = tag->getString("crlmode", "chain", 1); ctx.SetCRL(crlfile, crlpath, crlmode); - clictx.SetVerifyCert(); + clientctx.SetVerifyCert(); if (tag->getBool("requestclientcert", true)) ctx.SetVerifyCert(); } const std::string& GetName() const { return name; } SSL* CreateServerSession() { return ctx.CreateServerSession(); } - SSL* CreateClientSession() { return clictx.CreateClientSession(); } + SSL* CreateClientSession() { return clientctx.CreateClientSession(); } const EVP_MD* GetDigest() { return digest; } bool AllowRenegotiation() const { return allowrenego; } unsigned int GetOutgoingRecordSize() const { return outrecsize; } diff --git a/src/modules/m_censor.cpp b/src/modules/m_censor.cpp index c13c677e9..e369f71a9 100644 --- a/src/modules/m_censor.cpp +++ b/src/modules/m_censor.cpp @@ -55,8 +55,8 @@ class ModuleCensor : public Module { case MessageTarget::TYPE_USER: { - User* targuser = target.Get(); - if (!targuser->IsModeSet(cu)) + User* targetuser = target.Get(); + if (!targetuser->IsModeSet(cu)) return MOD_RES_PASSTHRU; break; } diff --git a/src/modules/m_check.cpp b/src/modules/m_check.cpp index 2eafc0358..87e601913 100644 --- a/src/modules/m_check.cpp +++ b/src/modules/m_check.cpp @@ -169,10 +169,10 @@ class CommandCheck : public Command if (parameters.size() > 1 && !irc::equals(parameters[1], ServerInstance->Config->ServerName)) return CMD_SUCCESS; - User *targuser; + User *targetuser; Channel *targchan; - targuser = ServerInstance->FindNick(parameters[0]); + targetuser = ServerInstance->FindNick(parameters[0]); targchan = ServerInstance->FindChan(parameters[0]); /* @@ -185,32 +185,32 @@ class CommandCheck : public Command // Constructor sends START, destructor sends END CheckContext context(user, parameters[0]); - if (targuser) + if (targetuser) { - LocalUser* loctarg = IS_LOCAL(targuser); + LocalUser* loctarg = IS_LOCAL(targetuser); /* /check on a user */ - context.Write("nuh", targuser->GetFullHost()); - context.Write("realnuh", targuser->GetFullRealHost()); - context.Write("realname", targuser->GetRealName()); - context.Write("modes", targuser->GetModeLetters()); - context.Write("snomasks", GetSnomasks(targuser)); - context.Write("server", targuser->server->GetName()); - context.Write("uid", targuser->uuid); - context.Write("signon", targuser->signon); - context.Write("nickts", targuser->age); + context.Write("nuh", targetuser->GetFullHost()); + context.Write("realnuh", targetuser->GetFullRealHost()); + context.Write("realname", targetuser->GetRealName()); + context.Write("modes", targetuser->GetModeLetters()); + context.Write("snomasks", GetSnomasks(targetuser)); + context.Write("server", targetuser->server->GetName()); + context.Write("uid", targetuser->uuid); + context.Write("signon", targetuser->signon); + context.Write("nickts", targetuser->age); if (loctarg) context.Write("lastmsg", loctarg->idle_lastmsg); - if (targuser->IsAway()) + if (targetuser->IsAway()) { /* user is away */ - context.Write("awaytime", targuser->awaytime); - context.Write("awaymsg", targuser->awaymsg); + context.Write("awaytime", targetuser->awaytime); + context.Write("awaymsg", targetuser->awaymsg); } - if (targuser->IsOper()) + if (targetuser->IsOper()) { - OperInfo* oper = targuser->oper; + OperInfo* oper = targetuser->oper; /* user is an oper of type ____ */ context.Write("opertype", oper->name); if (loctarg) @@ -235,10 +235,10 @@ class CommandCheck : public Command context.Write("exempt", loctarg->exempt ? "yes" : "no"); } else - context.Write("onip", targuser->GetIPString()); + context.Write("onip", targetuser->GetIPString()); CheckContext::List chanlist(context, "onchans"); - for (User::ChanList::iterator i = targuser->chans.begin(); i != targuser->chans.end(); i++) + for (User::ChanList::iterator i = targetuser->chans.begin(); i != targetuser->chans.end(); i++) { Membership* memb = *i; chanlist.Add(memb->GetAllPrefixChars() + memb->chan->name); @@ -246,7 +246,7 @@ class CommandCheck : public Command chanlist.Flush(); - context.DumpExt(targuser); + context.DumpExt(targetuser); } else if (targchan) { diff --git a/src/modules/m_commonchans.cpp b/src/modules/m_commonchans.cpp index 23a1472c2..66c56bafc 100644 --- a/src/modules/m_commonchans.cpp +++ b/src/modules/m_commonchans.cpp @@ -36,14 +36,14 @@ class ModuleCommonChans if (target.type != MessageTarget::TYPE_USER) return MOD_RES_PASSTHRU; - User* targuser = target.Get(); - if (!targuser->IsModeSet(mode) || user->SharesChannelWith(targuser)) + User* targetuser = target.Get(); + if (!targetuser->IsModeSet(mode) || user->SharesChannelWith(targetuser)) return MOD_RES_PASSTHRU; if (user->HasPrivPermission("users/ignore-commonchans") || user->server->IsULine()) return MOD_RES_PASSTHRU; - user->WriteNumeric(Numerics::CannotSendTo(targuser, "messages", &mode)); + user->WriteNumeric(Numerics::CannotSendTo(targetuser, "messages", &mode)); return MOD_RES_DENY; } diff --git a/src/modules/m_deaf.cpp b/src/modules/m_deaf.cpp index 1a2ec9b22..74018d245 100644 --- a/src/modules/m_deaf.cpp +++ b/src/modules/m_deaf.cpp @@ -114,7 +114,7 @@ class ModuleDeaf if (!target->IsModeSet(privdeafmode)) return MOD_RES_PASSTHRU; - // Reject if the source is ulined and privdeafuline is disaled. + // Reject if the source is ulined and privdeafuline is disabled. if (!privdeafuline && source->server->IsULine()) return MOD_RES_DENY; diff --git a/src/modules/m_filter.cpp b/src/modules/m_filter.cpp index 158f8eb57..e3987f2c9 100644 --- a/src/modules/m_filter.cpp +++ b/src/modules/m_filter.cpp @@ -552,7 +552,7 @@ ModResult ModuleFilter::OnPreCommand(std::string& command, CommandBase::Params& parameters[parting ? 1 : 0] = "Reason filtered"; /* We're warning or blocking, OR they're quitting and its a KILL action - * (we cant kill someone whos already quitting, so filter them anyway) + * (we cant kill someone who's already quitting, so filter them anyway) */ if ((f->action == FA_WARN) || (f->action == FA_BLOCK) || (((!parting) && (f->action == FA_KILL))) || (f->action == FA_SILENT)) { diff --git a/src/modules/m_ident.cpp b/src/modules/m_ident.cpp index 0f746b05b..aa6b6c7d0 100644 --- a/src/modules/m_ident.cpp +++ b/src/modules/m_ident.cpp @@ -28,13 +28,13 @@ enum { - // Either the ident looup has not started yet or the user is registered. + // Either the ident lookup has not started yet or the user is registered. IDENT_UNKNOWN = 0, // Ident lookups are not enabled and a user has been marked as being skipped. IDENT_SKIPPED, - // Ident looups are not enabled and a user has been an insecure ident prefix. + // Ident lookups are not enabled and a user has been an insecure ident prefix. IDENT_PREFIXED, // An ident lookup was done and an ident was found. @@ -56,7 +56,7 @@ enum * nasty race conditions that would cause segfaults etc) we have * rewritten this module to use a simplified socket object based * directly off EventHandler. As EventHandler only has low level - * readability, writeability and error events tied directly to the + * readability, writability and error events tied directly to the * socket engine, this makes our lives easier as nothing happens to * our ident lookup class that is outside of this module, or out- * side of the control of the class. There are no timers, internal @@ -74,11 +74,11 @@ enum * itself. * * O Closure of the ident socket with the Close() method will - * not cause removal of the socket from memory or detatchment + * not cause removal of the socket from memory or detachment * from its 'parent' User class. It will only flag it as an * inactive socket in the socket engine. * - * O Timeouts are handled in OnCheckReaady at the same time as + * O Timeouts are handled in OnCheckReady at the same time as * checking if the ident socket has a result. This is done * by checking if the age the of the class (its instantiation * time) plus the timeout value is greater than the current time. diff --git a/src/modules/m_messageflood.cpp b/src/modules/m_messageflood.cpp index 329d77aac..216c20c03 100644 --- a/src/modules/m_messageflood.cpp +++ b/src/modules/m_messageflood.cpp @@ -154,7 +154,7 @@ private: { if (f->addmessage(user, weight)) { - /* Youre outttta here! */ + /* You're outttta here! */ f->clear(user); if (f->ban) { diff --git a/src/modules/m_operlog.cpp b/src/modules/m_operlog.cpp index 388b0f607..ac3b6d467 100644 --- a/src/modules/m_operlog.cpp +++ b/src/modules/m_operlog.cpp @@ -53,8 +53,8 @@ class ModuleOperLog : public Module if ((user->IsOper()) && (user->HasCommandPermission(command))) { - Command* thiscommand = ServerInstance->Parser.GetHandler(command); - if ((thiscommand) && (thiscommand->flags_needed == 'o')) + Command* thiscmd = ServerInstance->Parser.GetHandler(command); + if ((thiscmd) && (thiscmd->flags_needed == 'o')) { std::string msg = "[" + user->GetFullRealHost() + "] " + command + " " + stdalgo::string::join(parameters); if (tosnomask) diff --git a/src/modules/m_services_account.cpp b/src/modules/m_services_account.cpp index 7baa9c75f..0192e7e78 100644 --- a/src/modules/m_services_account.cpp +++ b/src/modules/m_services_account.cpp @@ -230,15 +230,15 @@ class ModuleServicesAccount } case MessageTarget::TYPE_USER: { - User* targuser = target.Get(); - if (!targuser->IsModeSet(regdeafmode) || is_registered) + User* targetuser = target.Get(); + if (!targetuser->IsModeSet(regdeafmode) || is_registered) return MOD_RES_PASSTHRU; - if (calleridapi && calleridapi->IsOnAcceptList(user, targuser)) + if (calleridapi && calleridapi->IsOnAcceptList(user, targetuser)) return MOD_RES_PASSTHRU; // User is messaging a +R user and is not registered or on an accept list. - user->WriteNumeric(ERR_NEEDREGGEDNICK, targuser->nick, "You need to be identified to a registered account to message this user"); + user->WriteNumeric(ERR_NEEDREGGEDNICK, targetuser->nick, "You need to be identified to a registered account to message this user"); return MOD_RES_DENY; break; } diff --git a/src/modules/m_spanningtree/fjoin.cpp b/src/modules/m_spanningtree/fjoin.cpp index 962539970..4bc24b0d5 100644 --- a/src/modules/m_spanningtree/fjoin.cpp +++ b/src/modules/m_spanningtree/fjoin.cpp @@ -57,7 +57,7 @@ CmdResult CommandFJoin::Handle(User* srcuser, Params& params) * When two sides of a split heal and this occurs, the following things * will happen: * - * If the timestamps are exactly equal, both sides merge their privilages + * If the timestamps are exactly equal, both sides merge their privileges * and users, as in InspIRCd 1.0 and ircd2.8. The channels have not been * re-created during a split, this is safe to do. * @@ -83,7 +83,7 @@ CmdResult CommandFJoin::Handle(User* srcuser, Params& params) * [[,][:] * is a concatenation of the mode letters the user has on the channel * (e.g.: "ov" if the user is opped and voiced). The order of the mode letters - * are not important but if a server ecounters an unknown mode letter, it will + * are not important but if a server encounters an unknown mode letter, it will * drop the link to avoid desync. * * InspIRCd 2.0 and older required a comma before the uuid even if the user diff --git a/src/modules/m_spanningtree/ftopic.cpp b/src/modules/m_spanningtree/ftopic.cpp index 2f9813860..bf76f834f 100644 --- a/src/modules/m_spanningtree/ftopic.cpp +++ b/src/modules/m_spanningtree/ftopic.cpp @@ -50,7 +50,7 @@ CmdResult CommandFTopic::Handle(User* user, Params& params) /* * If the topics were updated at the exact same second, accept * the remote only when it's "bigger" than ours as defined by - * string comparison, so non-empty topics always overridde + * string comparison, so non-empty topics always override * empty topics if their timestamps are equal * * Similarly, if the topic texts are equal too, keep one topic diff --git a/src/modules/m_spanningtree/treesocket.h b/src/modules/m_spanningtree/treesocket.h index 5d0fc9f2d..fd01c8e34 100644 --- a/src/modules/m_spanningtree/treesocket.h +++ b/src/modules/m_spanningtree/treesocket.h @@ -34,7 +34,7 @@ /* * The server list in InspIRCd is maintained as two structures * which hold the data in different ways. Most of the time, we - * want to very quicky obtain three pieces of information: + * want to very quickly obtain three pieces of information: * * (1) The information on a server * (2) The information on the server we must send data through diff --git a/src/users.cpp b/src/users.cpp index 02d215b9f..850909e47 100644 --- a/src/users.cpp +++ b/src/users.cpp @@ -1206,7 +1206,7 @@ void LocalUser::SetClass(const std::string &explicit_name) continue; } - /* we stop at the first class that meets ALL critera. */ + /* we stop at the first class that meets ALL criteria. */ ServerInstance->Logs->Log("CONNECTCLASS", LOG_DEBUG, "The %s connect class is suitable for %s (%s)", c->GetName().c_str(), this->uuid.c_str(), this->GetFullRealHost().c_str()); found = c; diff --git a/src/xline.cpp b/src/xline.cpp index 1d03f3a9e..c48ac2530 100644 --- a/src/xline.cpp +++ b/src/xline.cpp @@ -167,7 +167,7 @@ void XLineManager::CheckELines() LocalUser* u = *u2; u->exempt = false; - /* This uses safe iteration to ensure that if a line expires here, it doenst trash the iterator */ + /* This uses safe iteration to ensure that if a line expires here, it doesn't trash the iterator */ LookupIter safei; for (LookupIter i = ELines.begin(); i != ELines.end(); ) diff --git a/win/NSIS.template.in b/win/NSIS.template.in index 2e6abd784..e9446092a 100644 --- a/win/NSIS.template.in +++ b/win/NSIS.template.in @@ -385,7 +385,7 @@ Function un.RemoveFromPath FunctionEnd ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Uninstall sutff +; Uninstall stuff ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ########################################### @@ -489,15 +489,15 @@ Done: Exch $R1 FunctionEnd -Function ConditionalAddToRegisty +Function ConditionalAddToRegistry Pop $0 Pop $1 - StrCmp "$0" "" ConditionalAddToRegisty_EmptyString + StrCmp "$0" "" ConditionalAddToRegistry_EmptyString WriteRegStr SHCTX "Software\Microsoft\Windows\CurrentVersion\Uninstall\@CPACK_PACKAGE_INSTALL_REGISTRY_KEY@" \ "$1" "$0" ;MessageBox MB_OK "Set Registry: '$1' to '$0'" DetailPrint "Set install registry entry: '$1' to '$0'" - ConditionalAddToRegisty_EmptyString: + ConditionalAddToRegistry_EmptyString: FunctionEnd ;-------------------------------- @@ -647,44 +647,44 @@ Section "-Core installation" WriteUninstaller "$INSTDIR\Uninstall.exe" Push "DisplayName" Push "@CPACK_NSIS_DISPLAY_NAME@" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry Push "DisplayVersion" Push "@CPACK_PACKAGE_VERSION@" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry Push "Publisher" Push "@CPACK_PACKAGE_VENDOR@" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry Push "UninstallString" Push "$INSTDIR\Uninstall.exe" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry Push "NoRepair" Push "1" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry !ifdef CPACK_NSIS_ADD_REMOVE ;Create add/remove functionality Push "ModifyPath" Push "$INSTDIR\AddRemove.exe" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry !else Push "NoModify" Push "1" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry !endif ; Optional registration Push "DisplayIcon" Push "$INSTDIR\@CPACK_NSIS_INSTALLED_ICON_NAME@" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry Push "HelpLink" Push "@CPACK_NSIS_HELP_LINK@" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry Push "URLInfoAbout" Push "@CPACK_NSIS_URL_INFO_ABOUT@" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry Push "Contact" Push "@CPACK_NSIS_CONTACT@" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry !insertmacro MUI_INSTALLOPTIONS_READ $INSTALL_DESKTOP "NSIS.InstallOptions.ini" "Field 5" "State" !insertmacro MUI_STARTMENU_WRITE_BEGIN Application @@ -702,19 +702,19 @@ Section "-Core installation" ; Write special uninstall registry entries Push "StartMenu" Push "$STARTMENU_FOLDER" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry Push "DoNotAddToPath" Push "$DO_NOT_ADD_TO_PATH" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry Push "AddToPathAllUsers" Push "$ADD_TO_PATH_ALL_USERS" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry Push "AddToPathCurrentUser" Push "$ADD_TO_PATH_CURRENT_USER" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry Push "InstallToDesktop" Push "$INSTALL_DESKTOP" - Call ConditionalAddToRegisty + Call ConditionalAddToRegistry !insertmacro MUI_STARTMENU_WRITE_END @@ -855,7 +855,7 @@ Section "Uninstall" @CPACK_NSIS_DELETE_ICONS@ @CPACK_NSIS_DELETE_ICONS_EXTRA@ - ;Delete empty start menu parent diretories + ;Delete empty start menu parent directories StrCpy $MUI_TEMP "$SMPROGRAMS\$MUI_TEMP" startMenuDeleteLoop: @@ -868,13 +868,13 @@ Section "Uninstall" StrCmp "$MUI_TEMP" "$SMPROGRAMS" startMenuDeleteLoopDone startMenuDeleteLoop startMenuDeleteLoopDone: - ; If the user changed the shortcut, then untinstall may not work. This should + ; If the user changed the shortcut, then uninstall may not work. This should ; try to fix it. StrCpy $MUI_TEMP "$START_MENU" Delete "$SMPROGRAMS\$MUI_TEMP\Uninstall.lnk" @CPACK_NSIS_DELETE_ICONS_EXTRA@ - ;Delete empty start menu parent diretories + ;Delete empty start menu parent directories StrCpy $MUI_TEMP "$SMPROGRAMS\$MUI_TEMP" secondStartMenuDeleteLoop: -- cgit v1.3.1-10-gc9f91 From caab4c101a7bea30e6b6d7860e90db91278a90c4 Mon Sep 17 00:00:00 2001 From: Sadie Powell Date: Thu, 24 Jun 2021 22:43:17 +0100 Subject: Add a log message to the SSL mods to remind users how to reload profiles. --- src/modules/extra/m_ssl_gnutls.cpp | 5 +++++ src/modules/extra/m_ssl_mbedtls.cpp | 5 +++++ src/modules/extra/m_ssl_openssl.cpp | 5 +++++ 3 files changed, 15 insertions(+) (limited to 'src/modules') diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp index 86c2c43b7..210e38489 100644 --- a/src/modules/extra/m_ssl_gnutls.cpp +++ b/src/modules/extra/m_ssl_gnutls.cpp @@ -1357,6 +1357,11 @@ class ModuleSSLGnuTLS : public Module ServerInstance->GenRandom = RandGen::Call; } + void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE + { + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "IMPORTANT: SSL profiles are not reloaded on rehash. To reload SSL profiles you must do `/REHASH -ssl` or load the sslrehashsignal module and send SIGUSR1 to the IRCd process."); + } + void OnModuleRehash(User* user, const std::string ¶m) CXX11_OVERRIDE { if (!irc::equals(param, "tls") && !irc::equals(param, "ssl")) diff --git a/src/modules/extra/m_ssl_mbedtls.cpp b/src/modules/extra/m_ssl_mbedtls.cpp index a33ea367e..d10321e5a 100644 --- a/src/modules/extra/m_ssl_mbedtls.cpp +++ b/src/modules/extra/m_ssl_mbedtls.cpp @@ -943,6 +943,11 @@ class ModuleSSLmbedTLS : public Module ReadProfiles(); } + void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE + { + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "IMPORTANT: SSL profiles are not reloaded on rehash. To reload SSL profiles you must do `/REHASH -ssl` or load the sslrehashsignal module and send SIGUSR1 to the IRCd process."); + } + void OnModuleRehash(User* user, const std::string ¶m) CXX11_OVERRIDE { if (!irc::equals(param, "tls") && !irc::equals(param, "ssl")) diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index cd96022c8..16a10bbf4 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -1092,6 +1092,11 @@ class ModuleSSLOpenSSL : public Module ReadProfiles(); } + void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE + { + ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "IMPORTANT: SSL profiles are not reloaded on rehash. To reload SSL profiles you must do `/REHASH -ssl` or load the sslrehashsignal module and send SIGUSR1 to the IRCd process."); + } + void OnModuleRehash(User* user, const std::string ¶m) CXX11_OVERRIDE { if (!irc::equals(param, "tls") && !irc::equals(param, "ssl")) -- cgit v1.3.1-10-gc9f91 From d9572c0a252ed3ec0990b65650778085c2f38b41 Mon Sep 17 00:00:00 2001 From: Sadie Powell Date: Thu, 24 Jun 2021 23:00:32 +0100 Subject: Allow reloading SSL profiles on rehash. --- src/modules/extra/m_ssl_gnutls.cpp | 5 +++-- src/modules/extra/m_ssl_mbedtls.cpp | 5 +++-- src/modules/extra/m_ssl_openssl.cpp | 6 +++--- 3 files changed, 9 insertions(+), 7 deletions(-) (limited to 'src/modules') diff --git a/src/modules/extra/m_ssl_gnutls.cpp b/src/modules/extra/m_ssl_gnutls.cpp index 210e38489..0d8821cd9 100644 --- a/src/modules/extra/m_ssl_gnutls.cpp +++ b/src/modules/extra/m_ssl_gnutls.cpp @@ -1353,13 +1353,14 @@ class ModuleSSLGnuTLS : public Module void init() CXX11_OVERRIDE { ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "GnuTLS lib version %s module was compiled for " GNUTLS_VERSION, gnutls_check_version(NULL)); - ReadProfiles(); ServerInstance->GenRandom = RandGen::Call; } void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE { - ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "IMPORTANT: SSL profiles are not reloaded on rehash. To reload SSL profiles you must do `/REHASH -ssl` or load the sslrehashsignal module and send SIGUSR1 to the IRCd process."); + ConfigTag* tag = ServerInstance->Config->ConfValue("gnutls"); + if (status.initial || tag->getBool("onrehash")) + ReadProfiles(); } void OnModuleRehash(User* user, const std::string ¶m) CXX11_OVERRIDE diff --git a/src/modules/extra/m_ssl_mbedtls.cpp b/src/modules/extra/m_ssl_mbedtls.cpp index d10321e5a..982e5d025 100644 --- a/src/modules/extra/m_ssl_mbedtls.cpp +++ b/src/modules/extra/m_ssl_mbedtls.cpp @@ -940,12 +940,13 @@ class ModuleSSLmbedTLS : public Module if (!ctr_drbg.Seed(entropy)) throw ModuleException("CTR DRBG seed failed"); - ReadProfiles(); } void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE { - ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "IMPORTANT: SSL profiles are not reloaded on rehash. To reload SSL profiles you must do `/REHASH -ssl` or load the sslrehashsignal module and send SIGUSR1 to the IRCd process."); + ConfigTag* tag = ServerInstance->Config->ConfValue("mbedtls"); + if (status.initial || tag->getBool("onrehash")) + ReadProfiles(); } void OnModuleRehash(User* user, const std::string ¶m) CXX11_OVERRIDE diff --git a/src/modules/extra/m_ssl_openssl.cpp b/src/modules/extra/m_ssl_openssl.cpp index 16a10bbf4..5f0ec68a3 100644 --- a/src/modules/extra/m_ssl_openssl.cpp +++ b/src/modules/extra/m_ssl_openssl.cpp @@ -1088,13 +1088,13 @@ class ModuleSSLOpenSSL : public Module exdataindex = SSL_get_ex_new_index(0, exdatastr, NULL, NULL, NULL); if (exdataindex < 0) throw ModuleException("Failed to register application specific data"); - - ReadProfiles(); } void ReadConfig(ConfigStatus& status) CXX11_OVERRIDE { - ServerInstance->Logs->Log(MODNAME, LOG_DEFAULT, "IMPORTANT: SSL profiles are not reloaded on rehash. To reload SSL profiles you must do `/REHASH -ssl` or load the sslrehashsignal module and send SIGUSR1 to the IRCd process."); + ConfigTag* tag = ServerInstance->Config->ConfValue("openssl"); + if (status.initial || tag->getBool("onrehash")) + ReadProfiles(); } void OnModuleRehash(User* user, const std::string ¶m) CXX11_OVERRIDE -- cgit v1.3.1-10-gc9f91