if(ssld_path == NULL)
{
- rb_snprintf(fullpath, sizeof(fullpath), "%s/ssld%s", BINPATH, suffix);
+ rb_snprintf(fullpath, sizeof(fullpath), "%s/ssld%s", PKGLIBEXECDIR, suffix);
if(access(fullpath, X_OK) == -1)
{
if(access(fullpath, X_OK) == -1)
{
ilog(L_MAIN,
- "Unable to execute ssld%s in %s/bin or %s",
- ConfigFileEntry.dpath, suffix, BINPATH);
+ "Unable to execute ssld%s in %s or %s/bin",
+ suffix, PKGLIBEXECDIR, ConfigFileEntry.dpath);
return 0;
}
}
exit_client(client_p, client_p, &me, reason);
}
+static void
+ssl_process_certfp(ssl_ctl_t * ctl, ssl_ctl_buf_t * ctl_buf)
+{
+ struct Client *client_p;
+ int32_t fd;
+ uint8_t *certfp;
+ char *certfp_string;
+ int i;
+
+ if(ctl_buf->buflen != 5 + RB_SSL_CERTFP_LEN)
+ return; /* bogus message..drop it.. XXX should warn here */
+
+ fd = buf_to_int32(&ctl_buf->buf[1]);
+ certfp = (uint8_t *)&ctl_buf->buf[5];
+ client_p = find_cli_fd_hash(fd);
+ if(client_p == NULL)
+ return;
+ rb_free(client_p->certfp);
+ certfp_string = rb_malloc(RB_SSL_CERTFP_LEN * 2 + 1);
+ for(i = 0; i < RB_SSL_CERTFP_LEN; i++)
+ rb_snprintf(certfp_string + 2 * i, 3, "%02x",
+ certfp[i]);
+ client_p->certfp = certfp_string;
+}
+
static void
ssl_process_cmd_recv(ssl_ctl_t * ctl)
{
case 'D':
ssl_process_dead_fd(ctl, ctl_buf);
break;
+ case 'F':
+ ssl_process_certfp(ctl, ctl_buf);
+ break;
case 'S':
ssl_process_zipstats(ctl, ctl_buf);
break;
case 'I':
ssl_ok = 0;
- ilog(L_MAIN, cannot_setup_ssl);
- sendto_realops_snomask(SNO_GENERAL, L_ALL, cannot_setup_ssl);
+ ilog(L_MAIN, "%s", cannot_setup_ssl);
+ sendto_realops_snomask(SNO_GENERAL, L_ALL, "%s", cannot_setup_ssl);
case 'U':
zlib_ok = 0;
ssl_ok = 0;
- ilog(L_MAIN, no_ssl_or_zlib);
- sendto_realops_snomask(SNO_GENERAL, L_ALL, no_ssl_or_zlib);
+ ilog(L_MAIN, "%s", no_ssl_or_zlib);
+ sendto_realops_snomask(SNO_GENERAL, L_ALL, "%s", no_ssl_or_zlib);
ssl_killall();
break;
case 'z':