virtual int OnKill(userrec* source, userrec* dest, const std::string &reason)
{
long dest_level = 0,source_level = 0;
// oper killing an oper?
if (IS_OPER(dest) && IS_OPER(source))
{
for (int j =0; j < conf->Enumerate("type"); j++)
{
std::string typen = conf->ReadValue("type","name",j);
if (!strcmp(typen.c_str(),dest->oper))
{
dest_level = conf->ReadInteger("type","level",j,true);
break;
}
}
for (int k =0; k < conf->Enumerate("type"); k++)
{
std::string typen = conf->ReadValue("type","name",k);
if (!strcmp(typen.c_str(),source->oper))
{
source_level = conf->ReadInteger("type","level",k,true);
break;
}
}
if (dest_level > source_level)
{
ServerInstance->WriteOpers("Oper %s (level %d) attempted to /kill a higher oper: %s (level %d): Reason: %s",source->nick,source_level,dest->nick,dest_level,reason.c_str());
dest->WriteServ("NOTICE %s :Oper %s attempted to /kill you!",dest->nick,source->nick);
source->WriteServ("481 %s :Permission Denied - Oper %s is a higher level than you",source->nick,dest->nick);
return 1;
}
}
return 0;
}
void InitConf()
{
/* read configuration variables */
conf = new ConfigReader(ServerInstance);
/* throttle configuration */
seconds = conf->ReadInteger("connflood", "seconds", 0, true);
maxconns = conf->ReadInteger("connflood", "maxconns", 0, true);
timeout = conf->ReadInteger("connflood", "timeout", 0, true);
quitmsg = conf->ReadValue("connflood", "quitmsg", 0);
/* seconds to wait when the server just booted */
boot_wait = conf->ReadInteger("connflood", "bootwait", 0, true);
first = ServerInstance->Time();
}
void ReadSettings()
{
Conf = new ConfigReader(ServerInstance);
IdentTimeout = Conf->ReadInteger("ident", "timeout", 0, true);
PortBind = Conf->ReadValue("ident", "bind", 0);
if (!IdentTimeout)
IdentTimeout = 1;
DELETE(Conf);
}
void OnReload()
{
ConfigReader config;
MaxEntries = config.ReadInteger("cs_entrymsg", "maxentries", "5", 0, true);
}
virtual void OnRehash(const std::string ¶m)
{
if(param != "ssl")
return;
Conf = new ConfigReader(ServerInstance);
for(unsigned int i = 0; i < listenports.size(); i++)
{
ServerInstance->Config->DelIOHook(listenports[i]);
}
listenports.clear();
for(int i = 0; i < Conf->Enumerate("bind"); i++)
{
// For each <bind> tag
if(((Conf->ReadValue("bind", "type", i) == "") || (Conf->ReadValue("bind", "type", i) == "clients")) && (Conf->ReadValue("bind", "ssl", i) == "openssl"))
{
// Get the port we're meant to be listening on with SSL
unsigned int port = Conf->ReadInteger("bind", "port", i, true);
if (ServerInstance->Config->AddIOHook(port, this))
{
// We keep a record of which ports we're listening on with SSL
listenports.push_back(port);
ServerInstance->Log(DEFAULT, "m_ssl_openssl.so: Enabling SSL for port %d", port);
}
else
{
ServerInstance->Log(DEFAULT, "m_ssl_openssl.so: FAILED to enable SSL on port %d, maybe you have another ssl or similar module loaded?", port);
}
}
}
std::string confdir(CONFIG_FILE);
// +1 so we the path ends with a /
confdir = confdir.substr(0, confdir.find_last_of('/') + 1);
cafile = Conf->ReadValue("openssl", "cafile", 0);
// crlfile = Conf->ReadValue("openssl", "crlfile", 0);
certfile = Conf->ReadValue("openssl", "certfile", 0);
keyfile = Conf->ReadValue("openssl", "keyfile", 0);
dhfile = Conf->ReadValue("openssl", "dhfile", 0);
// Set all the default values needed.
if(cafile == "")
cafile = "ca.pem";
//if(crlfile == "")
// crlfile = "crl.pem";
if(certfile == "")
certfile = "cert.pem";
if(keyfile == "")
keyfile = "key.pem";
if(dhfile == "")
dhfile = "dhparams.pem";
// Prepend relative paths with the path to the config directory.
if(cafile[0] != '/')
cafile = confdir + cafile;
//if(crlfile[0] != '/')
// crlfile = confdir + crlfile;
if(certfile[0] != '/')
certfile = confdir + certfile;
if(keyfile[0] != '/')
keyfile = confdir + keyfile;
if(dhfile[0] != '/')
dhfile = confdir + dhfile;
/* Load our keys and certificates*/
if(!SSL_CTX_use_certificate_chain_file(ctx, certfile.c_str()))
{
ServerInstance->Log(DEFAULT, "m_ssl_openssl.so: Can't read certificate file %s", certfile.c_str());
}
if(!SSL_CTX_use_PrivateKey_file(ctx, keyfile.c_str(), SSL_FILETYPE_PEM))
{
ServerInstance->Log(DEFAULT, "m_ssl_openssl.so: Can't read key file %s", keyfile.c_str());
}
/* Load the CAs we trust*/
if(!SSL_CTX_load_verify_locations(ctx, cafile.c_str(), 0))
{
ServerInstance->Log(DEFAULT, "m_ssl_openssl.so: Can't read CA list from ", cafile.c_str());
}
FILE* dhpfile = fopen(dhfile.c_str(), "r");
DH* ret;
if(dhpfile == NULL)
{
ServerInstance->Log(DEFAULT, "m_ssl_openssl.so Couldn't open DH file %s: %s", dhfile.c_str(), strerror(errno));
throw ModuleException();
}
else
{
ret = PEM_read_DHparams(dhpfile, NULL, NULL, NULL);
if(SSL_CTX_set_tmp_dh(ctx, ret) < 0)
{
ServerInstance->Log(DEFAULT, "m_ssl_openssl.so: Couldn't set DH parameters");
}
}
fclose(dhpfile);
DELETE(Conf);
}
