~ubuntu-branches/ubuntu/oneiric/inspircd/oneiric-security

Viewing changes to src/modules/extra/m_ssl_gnutls.cpp

Committer: Bazaar Package Importer
Author(s): Bhavani Shankar
Date: 2008-11-15 20:39:50 UTC
mfrom: (1.1.4 upstream) (3.1.2 sid)
Revision ID: james.westby@ubuntu.com-20081115203950-uv1pf98x2vkon7se

Tags: 1.1.21+dfsg-1ubuntu1

* Merge from debian unstable, remaining changes: (LP: #298418)
- debian/patches/04_include-limits-h.dpatch:
+ Explicitly include limits.h for gcc 4.3.

files added:
include/socketengine_poll.h

src/socketengine_poll.cpp

files modified:
conf/inspircd.quotes.example

configure

debian/changelog

debian/control

docs/inspircd.conf.example

include/inspircd.h

src/cmd_info.cpp

src/cmd_rehash.cpp

src/cmd_topic.cpp

src/cmd_userhost.cpp

src/configreader.cpp

src/helperfuncs.cpp

src/inspircd.cpp

src/inspsocket.cpp

src/modes/umode_o.cpp

src/modules/extra/m_ldapauth.cpp

src/modules/extra/m_mysql.cpp

src/modules/extra/m_sqlv2.h

src/modules/extra/m_ssl_gnutls.cpp

src/modules/extra/m_ssl_openssl.cpp

src/modules/extra/m_ziplink.cpp

src/modules/m_chanprotect.cpp

src/modules/m_customtitle.cpp

src/modules/m_ident.cpp

src/modules/m_jumpserver.cpp

src/modules/m_override.cpp

src/modules/m_restrictchans.cpp

src/modules/m_services.cpp

src/modules/m_spanningtree/main.cpp

src/modules/m_spanningtree/main.h

src/modules/m_spanningtree/treesocket1.cpp

src/modules/m_spanningtree/treesocket2.cpp

src/modules/m_sslmodes.cpp

src/modules/m_svshold.cpp

src/modules/m_swhois.cpp

src/modules/m_taxonomy.cpp

src/modules/m_userip.cpp

src/socket.cpp

src/socketengine_epoll.cpp

src/socketengine_select.cpp

src/users.cpp

src/version.sh

win/inspircdVC80.vcproj

Show diffs side-by-side

added added

removed removed

src/modules/extra/m_ssl_gnutls.cpp

int dh_bits;

int clientactive;

bool cred_alloc;

public:

inbufsize = ServerInstance->Config->NetBufferSize;

gnutls_global_init(); // This must be called once in the program

100

if(gnutls_certificate_allocate_credentials(&x509_cred) != 0)

101

ServerInstance->Log(DEFAULT, "m_ssl_gnutls.so: Failed to allocate certificate credentials");

102

103

// Guessing return meaning

104

if(gnutls_dh_params_init(&dh_params) < 0)

105

ServerInstance->Log(DEFAULT, "m_ssl_gnutls.so: Failed to initialise DH parameters");

106

100

101

cred_alloc = false;

107

102

// Needs the flag as it ignores a plain /rehash

108

103

OnRehash(NULL,"ssl");

109

104

207

202

keyfile = confdir + keyfile;

208

203

209

204

int ret;

210

205

206

if (cred_alloc)

207

{

208

// Deallocate the old credentials

209

gnutls_dh_params_deinit(dh_params);

210

gnutls_certificate_free_credentials(x509_cred);

211

}

212

else

213

cred_alloc = true;

214

215

if((ret = gnutls_certificate_allocate_credentials(&x509_cred)) < 0)

216

ServerInstance->Log(DEFAULT, "m_ssl_gnutls.so: Failed to allocate certificate credentials: %s", gnutls_strerror(ret));

217

218

if((ret = gnutls_dh_params_init(&dh_params)) < 0)

219

ServerInstance->Log(DEFAULT, "m_ssl_gnutls.so: Failed to initialise DH parameters: %s", gnutls_strerror(ret));

220

211

221

if((ret =gnutls_certificate_set_x509_trust_file(x509_cred, cafile.c_str(), GNUTLS_X509_FMT_PEM)) < 0)

212

222

ServerInstance->Log(DEFAULT, "m_ssl_gnutls.so: Failed to set X.509 trust file '%s': %s", cafile.c_str(), gnutls_strerror(ret));

213

223

496

506

{

497

507

memcpy(buffer, session->inbuf, count);

498

508

// Move the stuff left in inbuf to the beginning of it

499

memcpy(session->inbuf, session->inbuf + count, (length - count));

509

memmove(session->inbuf, session->inbuf + count, (length - count));

500

510

// Now we need to set session->inbufoffset to the amount of data still waiting to be handed to insp.

501

511

session->inbufoffset = length - count;

502

512

// Insp uses readresult as the count of how much data there is in buffer, so:

Older »