static void mod_cmd_write_queue(mod_ctl_t * ctl, const void *data, size_t len);
static const char *remote_closed = "Remote host closed the connection";
static bool ssld_ssl_ok;
-static int certfp_method = RB_SSL_CERTFP_METH_SHA1;
+static int certfp_method = RB_SSL_CERTFP_METH_CERT_SHA1;
#ifdef HAVE_LIBZ
static bool zlib_ok = true;
#else
static void
ssl_send_certfp(conn_t *conn)
{
- uint8_t buf[9 + RB_SSL_CERTFP_LEN];
+ uint8_t buf[13 + RB_SSL_CERTFP_LEN];
- int len = rb_get_ssl_certfp(conn->mod_fd, &buf[9], certfp_method);
+ int len = rb_get_ssl_certfp(conn->mod_fd, &buf[13], certfp_method);
if (!len)
return;
lrb_assert(len <= RB_SSL_CERTFP_LEN);
buf[0] = 'F';
uint32_to_buf(&buf[1], conn->id);
- uint32_to_buf(&buf[5], len);
- mod_cmd_write_queue(conn->ctl, buf, 9 + len);
+ uint32_to_buf(&buf[5], certfp_method);
+ uint32_to_buf(&buf[9], len);
+ mod_cmd_write_queue(conn->ctl, buf, 13 + len);
+}
+
+static void
+ssl_send_open(conn_t *conn)
+{
+ uint8_t buf[5];
+
+ buf[0] = 'O';
+ uint32_to_buf(&buf[1], conn->id);
+ mod_cmd_write_queue(conn->ctl, buf, 5);
}
static void
if(status == RB_OK)
{
- conn_mod_read_cb(conn->mod_fd, conn);
- conn_plain_read_cb(conn->plain_fd, conn);
ssl_send_cipher(conn);
ssl_send_certfp(conn);
+ ssl_send_open(conn);
+ conn_mod_read_cb(conn->mod_fd, conn);
+ conn_plain_read_cb(conn->plain_fd, conn);
return;
}
/* ircd doesn't care about the reason for this */
if(status == RB_OK)
{
- conn_mod_read_cb(conn->mod_fd, conn);
- conn_plain_read_cb(conn->plain_fd, conn);
ssl_send_cipher(conn);
ssl_send_certfp(conn);
+ ssl_send_open(conn);
+ conn_mod_read_cb(conn->mod_fd, conn);
+ conn_plain_read_cb(conn->plain_fd, conn);
}
else if(status == RB_ERR_TIMEOUT)
close_conn(conn, WAIT_PLAIN, "SSL handshake timed out");
}
#endif
-static void
-init_prng(mod_ctl_t * ctl, mod_ctl_buf_t * ctl_buf)
-{
- char *path;
- prng_seed_t seed_type;
-
- seed_type = (prng_seed_t) ctl_buf->buf[1];
- path = (char *) &ctl_buf->buf[2];
- rb_init_prng(path, seed_type);
-}
-
-
static void
ssl_new_keys(mod_ctl_t * ctl, mod_ctl_buf_t * ctl_buf)
{
key = buf;
buf += strlen(key) + 1;
dhparam = buf;
- if(strlen(dhparam) == 0)
- dhparam = NULL;
buf += strlen(dhparam) + 1;
cipher_list = buf;
+ if(strlen(dhparam) == 0)
+ dhparam = NULL;
if(strlen(cipher_list) == 0)
cipher_list = NULL;
}
case 'C':
{
- if (ctl_buf->nfds != 2 || ctl_buf->buflen != 5)
+ if (ctl_buf->buflen != 5)
{
cleanup_bad_message(ctl, ctl_buf);
break;
}
case 'F':
{
- if (ctl_buf->nfds != 2 || ctl_buf->buflen != 5)
+ if (ctl_buf->buflen != 5)
{
cleanup_bad_message(ctl, ctl_buf);
break;
ssl_new_keys(ctl, ctl_buf);
break;
}
- case 'I':
- init_prng(ctl, ctl_buf);
- break;
case 'S':
{
process_stats(ctl, ctl_buf);
setup_signals();
rb_lib_init(NULL, NULL, NULL, 0, maxfd, 1024, 4096);
rb_init_rawbuffers(1024);
+ rb_init_prng(NULL, RB_PRNG_DEFAULT);
ssld_ssl_ok = rb_supports_ssl();
mod_ctl = rb_malloc(sizeof(mod_ctl_t));
mod_ctl->F = rb_open(ctlfd, RB_FD_SOCKET, "ircd control socket");