Add requireident/requiressl to connect blocks

git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@12353 e03df62e-2008-0410-955e-edbf42e46eb7
2025-03-09 18:49:03 -04:00 · 2010-02-02 15:02:42 +00:00 · 2010-02-02 15:02:42 +00:00 · f288993a85
commit f288993a85
parent 8e34d66ef3
3 changed files with 26 additions and 5 deletions
--- a/conf/inspircd.conf.example
+++ b/conf/inspircd.conf.example
@ -275,9 +275,13 @@
         # module be loaded as well.
         modes="+x"

+         # requireident/requiressl: require that users of this block use SSL or
+         # have a valid ident response. Requires m_ident or m_sslinfo
+         requiressl="on"
+
         # port: What port this user is allowed to connect on. (optional)
         # The port MUST be set to listen in the bind blocks above.
-         port="6667">
+         port="6697">

 <connect
         # name: Name to use for this connect block. Mainly used for
--- a/src/modules/m_ident.cpp
+++ b/src/modules/m_ident.cpp
@ -280,8 +280,11 @@ class ModuleIdent : public Module
 	ModuleIdent() : ext("ident_socket", this)
 	{
 		OnRehash(NULL);
-		Implementation eventlist[] = { I_OnRehash, I_OnUserRegister, I_OnCheckReady, I_OnUserDisconnect };
-		ServerInstance->Modules->Attach(eventlist, this, 4);
+		Implementation eventlist[] = {
+			I_OnRehash, I_OnUserRegister, I_OnCheckReady,
+			I_OnUserDisconnect, I_OnSetConnectClass
+		};
+		ServerInstance->Modules->Attach(eventlist, this, 5);
 	}

 	~ModuleIdent()
@ -384,6 +387,13 @@ class ModuleIdent : public Module
 		return MOD_RES_PASSTHRU;
 	}

+	ModResult OnSetConnectClass(LocalUser* user, ConnectClass* myclass)
+	{
+		if (myclass->config->getBool("requireident") && user->ident[0] == '~')
+			return MOD_RES_DENY;
+		return MOD_RES_PASSTHRU;
+	}
+
 	virtual void OnCleanup(int target_type, void *item)
 	{
 		/* Module unloading, tidy up users */
--- a/src/modules/m_sslinfo.cpp
+++ b/src/modules/m_sslinfo.cpp
@ -127,8 +127,8 @@ class ModuleSSLInfo : public Module

 		ServerInstance->Extensions.Register(&cmd.CertExt);

-		Implementation eventlist[] = { I_OnWhois, I_OnPreCommand };
-		ServerInstance->Modules->Attach(eventlist, this, 2);
+		Implementation eventlist[] = { I_OnWhois, I_OnPreCommand, I_OnSetConnectClass };
+		ServerInstance->Modules->Attach(eventlist, this, 3);
 	}

 	Version GetVersion()
@ -191,6 +191,13 @@ class ModuleSSLInfo : public Module
 		return MOD_RES_PASSTHRU;
 	}

+	ModResult OnSetConnectClass(LocalUser* user, ConnectClass* myclass)
+	{
+		if (myclass->config->getBool("requiressl") && !cmd.CertExt.get(user))
+			return MOD_RES_DENY;
+		return MOD_RES_PASSTHRU;
+	}
+
 	void OnRequest(Request& request)
 	{
 		if (strcmp("GET_USER_CERT", request.id) == 0)