ircd/listener: return a TLS record layer alert to D-Lined TLS clients
This commit is contained in:
parent
c0d93064a6
commit
3fdf26aa19
1 changed files with 16 additions and 4 deletions
|
@ -572,8 +572,6 @@ accept_sslcallback(struct Client *client_p, int status)
|
|||
return 0; /* use default handler if status != RB_OK */
|
||||
}
|
||||
|
||||
static const char *toofast = "ERROR :Reconnecting too fast, throttled.\r\n";
|
||||
|
||||
static int
|
||||
accept_precallback(rb_fde_t *F, struct sockaddr *addr, rb_socklen_t addrlen, void *data)
|
||||
{
|
||||
|
@ -583,6 +581,13 @@ accept_precallback(rb_fde_t *F, struct sockaddr *addr, rb_socklen_t addrlen, voi
|
|||
static time_t last_oper_notice = 0;
|
||||
int len;
|
||||
|
||||
static const char *toofast = "ERROR :Reconnecting too fast, throttled.\r\n";
|
||||
|
||||
static const unsigned char sslerrcode[] = {
|
||||
// SSLv3.0 Fatal Alert: Access Denied
|
||||
0x15, 0x03, 0x00, 0x00, 0x02, 0x02, 0x31
|
||||
};
|
||||
|
||||
if(listener->ssl && (!ircd_ssl_ok || !get_ssld_count()))
|
||||
{
|
||||
rb_close(F);
|
||||
|
@ -618,7 +623,11 @@ accept_precallback(rb_fde_t *F, struct sockaddr *addr, rb_socklen_t addrlen, voi
|
|||
{
|
||||
ServerStats.is_ref++;
|
||||
|
||||
if(ConfigFileEntry.dline_with_reason)
|
||||
if(listener->ssl)
|
||||
{
|
||||
rb_write(F, sslerrcode, sizeof(sslerrcode));
|
||||
}
|
||||
else if(ConfigFileEntry.dline_with_reason)
|
||||
{
|
||||
len = snprintf(buf, sizeof(buf), "ERROR :*** Banned: %s\r\n", get_user_ban_reason(aconf));
|
||||
if (len >= (int)(sizeof(buf)-1))
|
||||
|
@ -627,11 +636,14 @@ accept_precallback(rb_fde_t *F, struct sockaddr *addr, rb_socklen_t addrlen, voi
|
|||
buf[sizeof(buf) - 2] = '\n';
|
||||
buf[sizeof(buf) - 1] = '\0';
|
||||
}
|
||||
rb_write(F, buf, strlen(buf));
|
||||
}
|
||||
else
|
||||
{
|
||||
strcpy(buf, "ERROR :You have been D-lined.\r\n");
|
||||
|
||||
rb_write(F, buf, strlen(buf));
|
||||
}
|
||||
|
||||
rb_close(F);
|
||||
return 0;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue