Add secure{} blocks
This commit is contained in:
parent
bbdc439aa3
commit
1cf798beb1
4 changed files with 33 additions and 2 deletions
|
@ -84,6 +84,7 @@ struct ConfItem
|
|||
|
||||
#define CONF_DLINE 0x020000
|
||||
#define CONF_EXEMPTDLINE 0x100000
|
||||
#define CONF_SECURE 0x200000
|
||||
|
||||
#define IsIllegal(x) ((x)->status & CONF_ILLEGAL)
|
||||
|
||||
|
|
|
@ -646,7 +646,7 @@ clear_out_address_conf(void)
|
|||
/* We keep the temporary K-lines and destroy the
|
||||
* permanent ones, just to be confusing :) -A1kmm */
|
||||
if(arec->aconf->flags & CONF_FLAGS_TEMPORARY ||
|
||||
(arec->type != CONF_CLIENT && arec->type != CONF_EXEMPTDLINE))
|
||||
(arec->type != CONF_CLIENT && arec->type != CONF_EXEMPTDLINE && arec->type != CONF_SECURE))
|
||||
{
|
||||
*store_next = arec;
|
||||
store_next = &arec->next;
|
||||
|
@ -679,7 +679,7 @@ clear_out_address_conf_bans(void)
|
|||
/* We keep the temporary K-lines and destroy the
|
||||
* permanent ones, just to be confusing :) -A1kmm */
|
||||
if(arec->aconf->flags & CONF_FLAGS_TEMPORARY ||
|
||||
(arec->type == CONF_CLIENT || arec->type == CONF_EXEMPTDLINE))
|
||||
(arec->type == CONF_CLIENT || arec->type == CONF_EXEMPTDLINE || arec->type == CONF_SECURE))
|
||||
{
|
||||
*store_next = arec;
|
||||
store_next = &arec->next;
|
||||
|
|
|
@ -541,6 +541,14 @@ add_connection(struct Listener *listener, rb_fde_t *F, struct sockaddr *sai, str
|
|||
SetSSL(new_client);
|
||||
SetSecure(new_client);
|
||||
}
|
||||
else
|
||||
{
|
||||
struct ConfItem *aconf;
|
||||
aconf = find_conf_by_address(NULL, NULL, NULL, sai, CONF_SECURE | 1, sai->sa_family, NULL, NULL);
|
||||
|
||||
if (aconf != NULL)
|
||||
SetSecure(new_client);
|
||||
}
|
||||
|
||||
if (listener->wsock)
|
||||
{
|
||||
|
|
|
@ -1536,6 +1536,25 @@ conf_set_exempt_ip(void *data)
|
|||
add_conf_by_address(yy_tmp->host, CONF_EXEMPTDLINE, NULL, NULL, yy_tmp);
|
||||
}
|
||||
|
||||
static void
|
||||
conf_set_secure_ip(void *data)
|
||||
{
|
||||
struct ConfItem *yy_tmp;
|
||||
int masktype = parse_netmask_strict(data, NULL, NULL);
|
||||
|
||||
if(masktype != HM_IPV4 && masktype != HM_IPV6)
|
||||
{
|
||||
conf_report_error("Ignoring secure -- invalid secure::ip.");
|
||||
return;
|
||||
}
|
||||
|
||||
yy_tmp = make_conf();
|
||||
yy_tmp->passwd = rb_strdup("*");
|
||||
yy_tmp->host = rb_strdup(data);
|
||||
yy_tmp->status = CONF_SECURE;
|
||||
add_conf_by_address(yy_tmp->host, CONF_SECURE, NULL, NULL, yy_tmp);
|
||||
}
|
||||
|
||||
static int
|
||||
conf_cleanup_cluster(struct TopConf *tc)
|
||||
{
|
||||
|
@ -2894,6 +2913,9 @@ newconf_init()
|
|||
add_top_conf("exempt", NULL, NULL, NULL);
|
||||
add_conf_item("exempt", "ip", CF_QSTRING, conf_set_exempt_ip);
|
||||
|
||||
add_top_conf("secure", NULL, NULL, NULL);
|
||||
add_conf_item("secure", "ip", CF_QSTRING, conf_set_secure_ip);
|
||||
|
||||
add_top_conf("cluster", conf_cleanup_cluster, conf_cleanup_cluster, NULL);
|
||||
add_conf_item("cluster", "name", CF_QSTRING, conf_set_cluster_name);
|
||||
add_conf_item("cluster", "flags", CF_STRING | CF_FLIST, conf_set_cluster_flags);
|
||||
|
|
Loading…
Reference in a new issue