/*
* ngIRCd -- The Next Generation IRC Daemon
- * Copyright (c)2001-2013 Alexander Barton (alex@barton.de) and Contributors.
+ * Copyright (c)2001-2014 Alexander Barton (alex@barton.de) and Contributors.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* IRC commands for server links
*/
-#include "imp.h"
#include <assert.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <strings.h>
-#include "defines.h"
-#include "conn.h"
#include "conn-func.h"
#include "conn-zip.h"
#include "conf.h"
#include "channel.h"
-#include "lists.h"
#include "log.h"
#include "messages.h"
#include "parse.h"
#include "numeric.h"
#include "ngircd.h"
#include "irc-info.h"
-#include "irc-macros.h"
#include "irc-write.h"
#include "op.h"
-#include "exp.h"
#include "irc-server.h"
/**
GLOBAL bool
IRC_SERVER( CLIENT *Client, REQUEST *Req )
{
- char str[LINE_LEN];
+ char str[100];
CLIENT *from, *c;
int i;
LogDebug("Connection %d: got SERVER command (new server link) ...",
Client_Conn(Client));
- if (Req->argc != 2 && Req->argc != 3) {
- IRC_SetPenalty(Client, 2);
+ if (Req->argc != 2 && Req->argc != 3)
return IRC_WriteErrClient(Client, ERR_NEEDMOREPARAMS_MSG,
Client_ID(Client),
Req->command);
- }
/* Get configuration index of new remote server ... */
for (i = 0; i < MAX_SERVERS; i++)
return DISCONNECTED;
}
+#ifdef SSL_SUPPORT
+ /*
+ * This check is only done if RequireClientCert is disabled, and this Servers [SERVER] section has
+ * "SSLVerify" enabled.
+ * (if RequireClientCert is set, certificate validation is done during SSL/TLS handshake)
+ */
+ CONN_ID con = Client_Conn (Client);
+ if (Conf_Server[i].SSLVerify && !(Conn_Options(con) & CONN_SSL_PEERCERT_OK)) {
+ Log(LOG_ERR, "Connection %d: SSLVerify is set, and server \"%s\" did not present a valid certificate",
+ Client_Conn(Client), Req->argv[0]);
+ Conn_Close(Client_Conn(Client), NULL, "No valid SSL certificate", true);
+ return DISCONNECTED;
+ }
+#endif
+
/* Is there a registered server with this ID? */
if (!Client_CheckID(Client, Req->argv[0]))
return DISCONNECTED;
{
/* New server is being introduced to the network */
- if (Req->argc != 4) {
- IRC_SetPenalty(Client, 2);
+ if (Req->argc != 4)
return IRC_WriteErrClient(Client, ERR_NEEDMOREPARAMS_MSG,
Client_ID(Client), Req->command);
- }
/* check for existing server with same ID */
if (!Client_CheckID(Client, Req->argv[0]))
Client_MyToken(c), Client_Info(c));
return CONNECTED;
- } else {
- IRC_SetPenalty(Client, 2);
+ } else
return IRC_WriteErrClient(Client, ERR_NEEDMOREPARAMS_MSG,
Client_ID(Client), Req->command);
- }
} /* IRC_SERVER */
/*