static time_t last_oper_notice = 0;
int len;
+ static const char *allinuse = "ERROR :All connections in use\r\n";
static const char *toofast = "ERROR :Reconnecting too fast, throttled.\r\n";
- static const unsigned char sslerrcode[] = {
+ static const unsigned char ssldeniederrcode[] = {
// SSLv3.0 Fatal Alert: Access Denied
0x15, 0x03, 0x00, 0x00, 0x02, 0x02, 0x31
};
+ static const unsigned char sslinternalerrcode[] = {
+ // SSLv3.0 Fatal Alert: Internal Error
+ 0x15, 0x03, 0x00, 0x00, 0x02, 0x02, 0x50
+ };
+
if(listener->ssl && (!ircd_ssl_ok || !get_ssld_count()))
{
rb_close(F);
last_oper_notice = rb_current_time();
}
- rb_write(F, "ERROR :All connections in use\r\n", 31);
+ if(listener->ssl)
+ rb_write(F, sslinternalerrcode, sizeof(sslinternalerrcode));
+ else
+ rb_write(F, allinuse, strlen(allinuse));
+
rb_close(F);
return 0;
}
if(listener->ssl)
{
- rb_write(F, sslerrcode, sizeof(sslerrcode));
+ rb_write(F, ssldeniederrcode, sizeof(ssldeniederrcode));
}
else if(ConfigFileEntry.dline_with_reason)
{
return 0;
}
- if(check_reject(F, addr)) {
+ if(check_reject(F, addr, listener->ssl)) {
/* Reject the connection without closing the socket
* because it is now on the delay_exit list. */
return 0;
if(throttle_add(addr))
{
- rb_write(F, toofast, strlen(toofast));
+ if(listener->ssl)
+ rb_write(F, ssldeniederrcode, sizeof(ssldeniederrcode));
+ else
+ rb_write(F, toofast, strlen(toofast));
+
rb_close(F);
return 0;
}
rb_fde_t *F;
struct ConfItem *aconf;
const char *reason;
+ bool ssl;
} delay_t;
typedef struct _throttle
delay_t *ddata;
static const char *errbuf = "ERROR :Closing Link: (*** Banned (cache))\r\n";
+ static const unsigned char ssldeniederrcode[] = {
+ // SSLv3.0 Fatal Alert: Access Denied
+ 0x15, 0x03, 0x00, 0x00, 0x02, 0x02, 0x31
+ };
+
RB_DLINK_FOREACH_SAFE(ptr, ptr_next, delay_exit.head)
{
ddata = ptr->data;
- *dynamic_reason = '\0';
-
- if (ddata->aconf)
+ if (ddata->ssl)
{
- snprintf(dynamic_reason, sizeof dynamic_reason, form_str(ERR_YOUREBANNEDCREEP) "\r\n",
- me.name, "*", get_user_ban_reason(ddata->aconf));
- rb_write(ddata->F, dynamic_reason, strlen(dynamic_reason));
-
- deref_conf(ddata->aconf);
+ rb_write(ddata->F, ssldeniederrcode, sizeof(ssldeniederrcode));
}
- else if (ddata->reason)
+ else
{
- snprintf(dynamic_reason, sizeof dynamic_reason, ":%s 465 %s :%s\r\n",
- me.name, "*", ddata->reason);
- rb_write(ddata->F, dynamic_reason, strlen(dynamic_reason));
+ *dynamic_reason = '\0';
+
+ if (ddata->aconf)
+ snprintf(dynamic_reason, sizeof dynamic_reason, form_str(ERR_YOUREBANNEDCREEP) "\r\n",
+ me.name, "*", get_user_ban_reason(ddata->aconf));
+ else if (ddata->reason)
+ snprintf(dynamic_reason, sizeof dynamic_reason, ":%s 465 %s :%s\r\n",
+ me.name, "*", ddata->reason);
+
+ if (*dynamic_reason)
+ rb_write(ddata->F, dynamic_reason, strlen(dynamic_reason));
+
+ rb_write(ddata->F, errbuf, strlen(errbuf));
}
- rb_write(ddata->F, errbuf, strlen(errbuf));
+ if (ddata->aconf)
+ deref_conf(ddata->aconf);
+
rb_close(ddata->F);
rb_free(ddata);
}
}
int
-check_reject(rb_fde_t *F, struct sockaddr *addr)
+check_reject(rb_fde_t *F, struct sockaddr *addr, bool ssl)
{
rb_patricia_node_t *pnode;
reject_t *rdata;
ddata->reason = NULL;
}
ddata->F = F;
+ ddata->ssl = ssl;
rb_dlinkAdd(ddata, &ddata->node, &delay_exit);
return 1;
}