Merge branch 'insp3' into master.

src/modules/extra/m_ssl_gnutls.cpp

@@ -724,21 +724,11 @@ class GnuTLSIOHook final
 		}
 
 		if (gnutls_x509_crt_get_dn(cert, buffer, &buffer_size) == 0)
-		{
-			// Make sure there are no chars in the string that we consider invalid.
-			certinfo->dn = buffer;
-			if (certinfo->dn.find_first_of("\r\n") != std::string::npos)
-				certinfo->dn.clear();
-		}
+			ProcessDNString(buffer, buffer_size, certinfo->dn);
 
 		buffer_size = sizeof(buffer);
 		if (gnutls_x509_crt_get_issuer_dn(cert, buffer, &buffer_size) == 0)
-		{
-			// Make sure there are no chars in the string that we consider invalid.
-			certinfo->issuer = buffer;
-			if (certinfo->issuer.find_first_of("\r\n") != std::string::npos)
-				certinfo->issuer.clear();
-		}
+			ProcessDNString(buffer, buffer_size, certinfo->issuer);
 
 		buffer_size = sizeof(buffer);
 		if ((ret = gnutls_x509_crt_get_fingerprint(cert, GetProfile().GetHash(), buffer, &buffer_size)) < 0)
@@ -761,6 +751,13 @@ info_done_dealloc:
 		gnutls_x509_crt_deinit(cert);
 	}
 
+	static void ProcessDNString(const char* buffer, size_t buffer_size, std::string& out)
+	{
+		out.assign(buffer, buffer_size);
+		for (size_t pos = 0; ((pos = out.find_first_of("\r\n", pos)) != std::string::npos); )
+			out[pos] = ' ';
+	}
+
 	// Returns 1 if application I/O should proceed, 0 if it must wait for the underlying protocol to progress, -1 on fatal error
 	int PrepareIO(StreamSocket* sock)
 	{

src/modules/extra/m_ssl_mbedtls.cpp

@@ -641,6 +641,8 @@ class mbedTLSIOHook final
 			return;
 
 		out.assign(buf, ret);
+		for (size_t pos = 0; ((pos = out.find_first_of("\r\n", pos)) != std::string::npos); )
+			out[pos] = ' ';
 	}
 
 	static int Pull(void* userptr, unsigned char* buffer, size_t size)

src/modules/extra/m_ssl_openssl.cpp

@@ -589,17 +589,8 @@ class OpenSSLIOHook final
 			certinfo->trusted = false;
 		}
 
-		char buf[512];
-		X509_NAME_oneline(X509_get_subject_name(cert), buf, sizeof(buf));
-		certinfo->dn = buf;
-		// Make sure there are no chars in the string that we consider invalid
-		if (certinfo->dn.find_first_of("\r\n") != std::string::npos)
-			certinfo->dn.clear();
-
-		X509_NAME_oneline(X509_get_issuer_name(cert), buf, sizeof(buf));
-		certinfo->issuer = buf;
-		if (certinfo->issuer.find_first_of("\r\n") != std::string::npos)
-			certinfo->issuer.clear();
+		GetDNString(X509_get_subject_name(cert), certinfo->dn);
+		GetDNString(X509_get_issuer_name(cert), certinfo->issuer);
 
 		if (!X509_digest(cert, GetProfile().GetDigest(), md, &n))
 		{
@@ -618,6 +609,16 @@ class OpenSSLIOHook final
 		X509_free(cert);
 	}
 
+	static void GetDNString(const X509_NAME* x509name, std::string& out)
+	{
+		char buf[512];
+		X509_NAME_oneline(x509name, buf, sizeof(buf));
+
+		out.assign(buf);
+		for (size_t pos = 0; ((pos = out.find_first_of("\r\n", pos)) != std::string::npos); )
+			out[pos] = ' ';
+	}
+
 	void SSLInfoCallback(int where, int rc)
 	{
 		if ((where & SSL_CB_HANDSHAKE_START) && (status == STATUS_OPEN))

src/modules/m_customtitle.cpp

@@ -148,10 +148,8 @@ class ModuleCustomTitle final
 		{
 			/* Insert our numeric before 312 */
 			const std::string* ctitle = cmd.ctitle.Get(whois.GetTarget());
-			if (ctitle)
-			{
-				whois.SendLine(RPL_WHOISSPECIAL, ctitle);
-			}
+			if (ctitle && !ctitle->empty())
+				whois.SendLine(RPL_WHOISSPECIAL, *ctitle);
 		}
 		/* Don't block anything */
 		return MOD_RES_PASSTHRU;

src/modules/m_override.cpp

@@ -102,7 +102,7 @@ class ModuleOverride final
 
 	void OnBuildISupport(ISupport::TokenMap& tokens) override
 	{
-		tokens["OVERRIDE"];
+		tokens["OVERRIDE"] = ConvToStr(ou.GetModeChar());
 	}
 
 	bool CanOverride(User* source, const char* token)