]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * Copyright (c) 2012 William Pitcock <nenolod@dereferenced.org>. | |
3 | * | |
4 | * Permission to use, copy, modify, and/or distribute this software for any | |
5 | * purpose with or without fee is hereby granted, provided that the above | |
6 | * copyright notice and this permission notice is present in all copies. | |
7 | * | |
8 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |
9 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | |
10 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | |
11 | * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, | |
12 | * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | |
13 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |
14 | * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
15 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
16 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING | |
17 | * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | |
18 | * POSSIBILITY OF SUCH DAMAGE. | |
19 | */ | |
20 | ||
21 | #include "stdinc.h" | |
22 | #include "client.h" | |
23 | #include "common.h" | |
24 | #include "match.h" | |
25 | #include "hash.h" | |
26 | #include "ircd.h" | |
27 | #include "numeric.h" | |
28 | #include "send.h" | |
29 | #include "msg.h" | |
30 | #include "modules.h" | |
31 | #include "sslproc.h" | |
32 | ||
33 | static int mr_starttls(struct Client *, struct Client *, int, const char **); | |
34 | ||
35 | struct Message starttls_msgtab = { | |
36 | "STARTTLS", 0, 0, 0, MFLG_SLOW, | |
37 | {{mr_starttls, 0}, mg_ignore, mg_ignore, mg_ignore, mg_ignore, mg_ignore} | |
38 | }; | |
39 | ||
40 | mapi_clist_av1 starttls_clist[] = { &starttls_msgtab, NULL }; | |
41 | ||
42 | DECLARE_MODULE_AV1(starttls, NULL, NULL, starttls_clist, NULL, NULL, "$Revision$"); | |
43 | ||
44 | static int | |
45 | mr_starttls(struct Client *client_p, struct Client *source_p, int parc, const char *parv[]) | |
46 | { | |
47 | #ifdef HAVE_LIBCRYPTO | |
48 | ssl_ctl_t *ctl; | |
49 | rb_fde_t *F[2]; | |
50 | ||
51 | if (!MyConnect(client_p)) | |
52 | return 0; | |
53 | ||
54 | if (!ssl_ok || !get_ssld_count()) | |
55 | { | |
56 | sendto_one_numeric(client_p, ERR_STARTTLS, form_str(ERR_STARTTLS), "TLS is not configured"); | |
57 | return 1; | |
58 | } | |
59 | ||
60 | if (rb_socketpair(AF_UNIX, SOCK_STREAM, 0, &F[0], &F[1], "STARTTLS ssld session") == -1) | |
61 | { | |
62 | ilog_error("error creating SSL/TLS socketpair for ssld slave"); | |
63 | sendto_one_numeric(client_p, ERR_STARTTLS, form_str(ERR_STARTTLS), "Unable to create SSL/TLS socketpair for ssld offload slave"); | |
64 | return 1; | |
65 | } | |
66 | ||
67 | s_assert(client_p->localClient != NULL); | |
68 | ||
69 | /* clear out any remaining plaintext lines */ | |
70 | rb_linebuf_donebuf(&client_p->localClient->buf_recvq); | |
71 | ||
72 | sendto_one_numeric(client_p, RPL_STARTTLS, form_str(RPL_STARTTLS)); | |
73 | send_queued(client_p); | |
74 | ||
75 | ctl = start_ssld_accept(client_p->localClient->F, F[1], rb_get_fd(F[0])); | |
76 | if (ctl != NULL) | |
77 | { | |
78 | del_from_cli_fd_hash(client_p); | |
79 | client_p->localClient->F = F[0]; | |
80 | add_to_cli_fd_hash(client_p); | |
81 | client_p->localClient->ssl_ctl = ctl; | |
82 | SetSSL(client_p); | |
83 | } | |
84 | else | |
85 | return 1; | |
86 | ||
87 | #else | |
88 | sendto_one_numeric(client_p, ERR_STARTTLS, form_str(ERR_STARTTLS), "TLS is not configured"); | |
89 | #endif | |
90 | return 0; | |
91 | } |