ircd/listener: return a TLS record layer alert to D-Lined TLS clients
This commit is contained in:
parent
c0d93064a6
commit
3fdf26aa19
1 changed files with 16 additions and 4 deletions
|
@ -572,8 +572,6 @@ accept_sslcallback(struct Client *client_p, int status)
|
||||||
return 0; /* use default handler if status != RB_OK */
|
return 0; /* use default handler if status != RB_OK */
|
||||||
}
|
}
|
||||||
|
|
||||||
static const char *toofast = "ERROR :Reconnecting too fast, throttled.\r\n";
|
|
||||||
|
|
||||||
static int
|
static int
|
||||||
accept_precallback(rb_fde_t *F, struct sockaddr *addr, rb_socklen_t addrlen, void *data)
|
accept_precallback(rb_fde_t *F, struct sockaddr *addr, rb_socklen_t addrlen, void *data)
|
||||||
{
|
{
|
||||||
|
@ -583,6 +581,13 @@ accept_precallback(rb_fde_t *F, struct sockaddr *addr, rb_socklen_t addrlen, voi
|
||||||
static time_t last_oper_notice = 0;
|
static time_t last_oper_notice = 0;
|
||||||
int len;
|
int len;
|
||||||
|
|
||||||
|
static const char *toofast = "ERROR :Reconnecting too fast, throttled.\r\n";
|
||||||
|
|
||||||
|
static const unsigned char sslerrcode[] = {
|
||||||
|
// SSLv3.0 Fatal Alert: Access Denied
|
||||||
|
0x15, 0x03, 0x00, 0x00, 0x02, 0x02, 0x31
|
||||||
|
};
|
||||||
|
|
||||||
if(listener->ssl && (!ircd_ssl_ok || !get_ssld_count()))
|
if(listener->ssl && (!ircd_ssl_ok || !get_ssld_count()))
|
||||||
{
|
{
|
||||||
rb_close(F);
|
rb_close(F);
|
||||||
|
@ -618,7 +623,11 @@ accept_precallback(rb_fde_t *F, struct sockaddr *addr, rb_socklen_t addrlen, voi
|
||||||
{
|
{
|
||||||
ServerStats.is_ref++;
|
ServerStats.is_ref++;
|
||||||
|
|
||||||
if(ConfigFileEntry.dline_with_reason)
|
if(listener->ssl)
|
||||||
|
{
|
||||||
|
rb_write(F, sslerrcode, sizeof(sslerrcode));
|
||||||
|
}
|
||||||
|
else if(ConfigFileEntry.dline_with_reason)
|
||||||
{
|
{
|
||||||
len = snprintf(buf, sizeof(buf), "ERROR :*** Banned: %s\r\n", get_user_ban_reason(aconf));
|
len = snprintf(buf, sizeof(buf), "ERROR :*** Banned: %s\r\n", get_user_ban_reason(aconf));
|
||||||
if (len >= (int)(sizeof(buf)-1))
|
if (len >= (int)(sizeof(buf)-1))
|
||||||
|
@ -627,11 +636,14 @@ accept_precallback(rb_fde_t *F, struct sockaddr *addr, rb_socklen_t addrlen, voi
|
||||||
buf[sizeof(buf) - 2] = '\n';
|
buf[sizeof(buf) - 2] = '\n';
|
||||||
buf[sizeof(buf) - 1] = '\0';
|
buf[sizeof(buf) - 1] = '\0';
|
||||||
}
|
}
|
||||||
|
rb_write(F, buf, strlen(buf));
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
|
{
|
||||||
strcpy(buf, "ERROR :You have been D-lined.\r\n");
|
strcpy(buf, "ERROR :You have been D-lined.\r\n");
|
||||||
|
|
||||||
rb_write(F, buf, strlen(buf));
|
rb_write(F, buf, strlen(buf));
|
||||||
|
}
|
||||||
|
|
||||||
rb_close(F);
|
rb_close(F);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue