ircd: Don't try to connect to servers that we know have an invalid fingerprint
This just causes an unnecessary link/squit on the other server.
This commit is contained in:
parent
4fbb736202
commit
65f43a4fc4
1 changed files with 12 additions and 0 deletions
|
@ -1257,6 +1257,18 @@ serv_connect_callback(rb_fde_t *F, int status, void *data)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(server_p->certfp && (!client_p->certfp || rb_strcasecmp(server_p->certfp, client_p->certfp) != 0))
|
||||||
|
{
|
||||||
|
sendto_realops_snomask(SNO_GENERAL, is_remote_connect(client_p) ? L_NETWIDE : L_ALL,
|
||||||
|
"Connection to %s has invalid certificate fingerprint %s",
|
||||||
|
client_p->name, client_p->certfp);
|
||||||
|
ilog(L_SERVER, "Access denied, invalid certificate fingerprint %s from %s",
|
||||||
|
client_p->certfp, log_client_name(client_p, SHOW_IP));
|
||||||
|
|
||||||
|
exit_client(client_p, client_p, &me, "Invalid fingerprint.");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
/* Next, send the initial handshake */
|
/* Next, send the initial handshake */
|
||||||
SetHandshake(client_p);
|
SetHandshake(client_p);
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue