#include "client.h"
#include "send.h"
#include "packet.h"
+#include "certfp.h"
#define ZIPSTATS_TIME 60
}
}
+ ssld_spin_count = 0;
+ last_spin = 0;
+ ssld_wait = 0;
start_ssldaemon(ServerInfo.ssld_count);
}
if(client_p->localClient->ssl_callback)
{
- CNCB *hdl = client_p->localClient->ssl_callback;
- void *data = client_p->localClient->ssl_data;
+ SSL_OPEN_CB *hdl = client_p->localClient->ssl_callback;
client_p->localClient->ssl_callback = NULL;
- client_p->localClient->ssl_data = NULL;
- hdl(client_p->localClient->F, RB_OK, data);
+ hdl(client_p, RB_OK);
}
}
/* if there is still a pending callback, call it now */
if(client_p->localClient->ssl_callback)
{
- CNCB *hdl = client_p->localClient->ssl_callback;
- void *data = client_p->localClient->ssl_data;
+ SSL_OPEN_CB *hdl = client_p->localClient->ssl_callback;
client_p->localClient->ssl_callback = NULL;
- client_p->localClient->ssl_data = NULL;
- hdl(client_p->localClient->F, RB_ERROR_SSL, data);
-
- /* the callback should have exited the client */
- return;
+ if (hdl(client_p, RB_ERROR_SSL))
+ {
+ /* the callback has exited the client */
+ return;
+ }
}
if(IsAnyServer(client_p) || IsRegistered(client_p))
switch (certfp_method) {
case RB_SSL_CERTFP_METH_CERT_SHA1:
+ method_string = CERTFP_PREFIX_CERT_SHA1;
+ break;
case RB_SSL_CERTFP_METH_CERT_SHA256:
+ method_string = CERTFP_PREFIX_CERT_SHA256;
+ break;
case RB_SSL_CERTFP_METH_CERT_SHA512:
- method_string = "";
+ method_string = CERTFP_PREFIX_CERT_SHA512;
break;
-
- /* These names are copied from RFC 7218 */
case RB_SSL_CERTFP_METH_SPKI_SHA256:
- method_string = "SPKI:SHA2-256:";
+ method_string = CERTFP_PREFIX_SPKI_SHA256;
break;
case RB_SSL_CERTFP_METH_SPKI_SHA512:
- method_string = "SPKI:SHA2-512:";
+ method_string = CERTFP_PREFIX_SPKI_SHA512;
break;
default:
return;
rb_free(client_p->certfp);
certfp_string = rb_malloc(method_len + len * 2 + 1);
- strcpy(certfp_string, method_string);
+ rb_strlcpy(certfp_string, method_string, method_len + len * 2 + 1);
for(uint32_t i = 0; i < len; i++)
snprintf(certfp_string + method_len + 2 * i, 3, "%02x",
certfp[i]);
static void
send_new_ssl_certs_one(ssl_ctl_t * ctl)
{
- size_t len;
+ size_t len = 5;
+
+ if(ServerInfo.ssl_cert)
+ len += strlen(ServerInfo.ssl_cert);
+ else
+ return;
+
+ if(ServerInfo.ssl_private_key)
+ len += strlen(ServerInfo.ssl_private_key);
- len = strlen(ServerInfo.ssl_cert) + strlen(ServerInfo.ssl_private_key) + 5;
if(ServerInfo.ssl_dh_params)
len += strlen(ServerInfo.ssl_dh_params);
+
if(ServerInfo.ssl_cipher_list)
len += strlen(ServerInfo.ssl_cipher_list);
+
if(len > sizeof(tmpbuf))
{
sendto_realops_snomask(SNO_GENERAL, L_ALL,
len, sizeof(tmpbuf));
return;
}
- len = snprintf(tmpbuf, sizeof(tmpbuf), "K%c%s%c%s%c%s%c%s%c", nul,
- ServerInfo.ssl_cert, nul,
- ServerInfo.ssl_private_key, nul,
- ServerInfo.ssl_dh_params != NULL ? ServerInfo.ssl_dh_params : "", nul,
- ServerInfo.ssl_cipher_list != NULL ? ServerInfo.ssl_cipher_list : "", nul);
- ssl_cmd_write_queue(ctl, NULL, 0, tmpbuf, len);
+
+ int ret = snprintf(tmpbuf, sizeof(tmpbuf), "K%c%s%c%s%c%s%c%s%c", nul,
+ ServerInfo.ssl_cert, nul,
+ ServerInfo.ssl_private_key != NULL ? ServerInfo.ssl_private_key : "", nul,
+ ServerInfo.ssl_dh_params != NULL ? ServerInfo.ssl_dh_params : "", nul,
+ ServerInfo.ssl_cipher_list != NULL ? ServerInfo.ssl_cipher_list : "", nul);
+
+ if(ret > 5)
+ ssl_cmd_write_queue(ctl, NULL, 0, tmpbuf, (size_t) ret);
}
static void
RB_DLINK_FOREACH(ptr, ssl_daemons.head)
{
ssl_ctl_t *ctl = ptr->data;
+
+ if (ctl->dead || ctl->shutdown)
+ continue;
+
ssld_update_config_one(ctl);
}
}