ouch/inspircd
2
0
Fork 0
mirror of https://github.com/inspircd/inspircd.git synced 2025-03-09 18:49:03 -04:00
Code Issues Packages Projects Releases Wiki Activity

Add an opt-out to the SSL enforcement for running in a container.

Browse Source
This commit is contained in:
Sadie Powell 2025-03-02 12:58:40 +00:00
parent 030d710575
commit 42afdfd072
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/modules/m_spanningtree/server.cpp
View File

@ -23,6 +23,8 @@
*/ */
#include <filesystem>
#include "inspircd.h" #include "inspircd.h"
#include "modules/ssl.h" #include "modules/ssl.h"
@ -33,6 +35,15 @@
#include "treesocket.h" #include "treesocket.h"
#include "commands.h" #include "commands.h"
namespace
{
bool RunningInContainer()
{
std::error_code ec;
return std::filesystem::is_regular_file("/.dockerenv", ec);
}
}
/* /*
* Some server somewhere in the network introducing another server. * Some server somewhere in the network introducing another server.
* -- w * -- w
@ -139,7 +150,7 @@ std::shared_ptr<Link> TreeSocket::AuthRemote(const CommandBase::Params& params)
ssliohook->GetCiphersuite(ciphersuite); ssliohook->GetCiphersuite(ciphersuite);
ServerInstance->SNO.WriteToSnoMask('l', "Negotiated ciphersuite {} on link {}", ciphersuite, x->Name); ServerInstance->SNO.WriteToSnoMask('l', "Negotiated ciphersuite {} on link {}", ciphersuite, x->Name);
} }
else if (!capab->remotesa.is_local()) else if (!capab->remotesa.is_local() && !RunningInContainer())
{ {
this->SendError("Non-local server connections MUST be linked with SSL!"); this->SendError("Non-local server connections MUST be linked with SSL!");
return nullptr; return nullptr;