extensions/extb_ssl.c: add support for matching by certificate fingerprint

This commit is contained in:
Ellenor Malik 2017-06-16 01:48:30 +00:00 committed by Aaron Jones
parent 68ba8e8125
commit e0f1c3b5bc
No known key found for this signature in database
GPG key ID: EC6F86EE9CD840B5
2 changed files with 15 additions and 3 deletions

View file

@ -1,5 +1,9 @@
/* SSL extban type: matches ssl users */ /* SSL extban type: matches ssl users */
/* This file is available under the same conditions as the rest of
https://github.com/asterIRC/ircd-chatd, and by extension, the rest
of Charybdis. */
#include "stdinc.h" #include "stdinc.h"
#include "modules.h" #include "modules.h"
#include "client.h" #include "client.h"
@ -9,7 +13,7 @@ static int _modinit(void);
static void _moddeinit(void); static void _moddeinit(void);
static int eb_ssl(const char *data, struct Client *client_p, struct Channel *chptr, long mode_type); static int eb_ssl(const char *data, struct Client *client_p, struct Channel *chptr, long mode_type);
DECLARE_MODULE_AV1(extb_ssl, _modinit, _moddeinit, NULL, NULL, NULL, "$Revision$"); DECLARE_MODULE_AV1(extb_ssl, _modinit, _moddeinit, NULL, NULL, NULL, "1.05");
static int static int
_modinit(void) _modinit(void)
@ -26,12 +30,19 @@ _moddeinit(void)
} }
static int eb_ssl(const char *data, struct Client *client_p, static int eb_ssl(const char *data, struct Client *client_p,
struct Channel *chptr, long mode_type) struct Channel *chptr, long mode_type)
{ {
(void)chptr; (void)chptr;
(void)mode_type; (void)mode_type;
if (data != NULL) if (data != NULL)
return EXTBAN_INVALID; {
if (EmptyString(client_p->certfp))
return EXTBAN_NOMATCH;
return !irccmp(data, client_p->certfp) ? EXTBAN_MATCH : EXTBAN_NOMATCH;
}
return IsSSLClient(client_p) ? EXTBAN_MATCH : EXTBAN_NOMATCH; return IsSSLClient(client_p) ? EXTBAN_MATCH : EXTBAN_NOMATCH;
} }

View file

@ -28,4 +28,5 @@ Unless noted below, all types can be used with +b, +q, +e and +I.
channel channel
$x:<mask> - Bans all users with matching nick!user@host#gecos $x:<mask> - Bans all users with matching nick!user@host#gecos
$z - Matches all SSL users $z - Matches all SSL users
$z:<data> - Matches all SSL users with a fingerprint matching the data