| 15 |
|
* |
| 16 |
|
* You should have received a copy of the GNU General Public License |
| 17 |
|
* along with this program; if not, write to the Free Software |
| 18 |
< |
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 |
| 18 |
> |
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 |
| 19 |
|
* USA |
| 20 |
|
*/ |
| 21 |
|
|
| 63 |
|
GeoIP *geoip_ctx; |
| 64 |
|
#endif |
| 65 |
|
|
| 66 |
– |
struct ServerStatistics ServerStats; |
| 66 |
|
struct timeval SystemTime; |
| 67 |
|
struct Client me; /* That's me */ |
| 68 |
< |
struct LocalUser meLocalUser; /* That's also part of me */ |
| 68 |
> |
struct Connection meConnection; /* That's also part of me */ |
| 69 |
|
|
| 70 |
|
const char *logFileName = LPATH; |
| 71 |
|
const char *pidFileName = PPATH; |
| 417 |
|
ssl_init(void) |
| 418 |
|
{ |
| 419 |
|
#ifdef HAVE_LIBCRYPTO |
| 421 |
– |
const unsigned char session_id[] = "ircd-hybrid"; |
| 422 |
– |
|
| 420 |
|
SSL_load_error_strings(); |
| 421 |
|
SSLeay_add_ssl_algorithms(); |
| 422 |
|
|
| 429 |
|
exit(EXIT_FAILURE); |
| 430 |
|
} |
| 431 |
|
|
| 432 |
< |
SSL_CTX_set_options(ConfigServerInfo.server_ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3); |
| 433 |
< |
SSL_CTX_set_options(ConfigServerInfo.server_ctx, SSL_OP_SINGLE_DH_USE); |
| 432 |
> |
SSL_CTX_set_options(ConfigServerInfo.server_ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TICKET); |
| 433 |
> |
SSL_CTX_set_options(ConfigServerInfo.server_ctx, SSL_OP_SINGLE_DH_USE|SSL_OP_CIPHER_SERVER_PREFERENCE); |
| 434 |
|
SSL_CTX_set_verify(ConfigServerInfo.server_ctx, SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE, |
| 435 |
|
always_accept_verify_cb); |
| 436 |
< |
SSL_CTX_set_session_id_context(ConfigServerInfo.server_ctx, session_id, sizeof(session_id) - 1); |
| 436 |
> |
SSL_CTX_set_session_cache_mode(ConfigServerInfo.server_ctx, SSL_SESS_CACHE_OFF); |
| 437 |
|
|
| 438 |
|
#if OPENSSL_VERSION_NUMBER >= 0x1000005FL && !defined(OPENSSL_NO_ECDH) |
| 439 |
|
{ |
| 458 |
|
exit(EXIT_FAILURE); |
| 459 |
|
} |
| 460 |
|
|
| 461 |
< |
SSL_CTX_set_options(ConfigServerInfo.client_ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3); |
| 461 |
> |
SSL_CTX_set_options(ConfigServerInfo.client_ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TICKET); |
| 462 |
|
SSL_CTX_set_options(ConfigServerInfo.client_ctx, SSL_OP_SINGLE_DH_USE); |
| 463 |
|
SSL_CTX_set_verify(ConfigServerInfo.client_ctx, SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE, |
| 464 |
|
always_accept_verify_cb); |
| 465 |
+ |
SSL_CTX_set_session_cache_mode(ConfigServerInfo.client_ctx, SSL_SESS_CACHE_OFF); |
| 466 |
|
#endif /* HAVE_LIBCRYPTO */ |
| 467 |
|
} |
| 468 |
|
|
| 485 |
|
/* It ain't random, but it ought to be a little harder to guess */ |
| 486 |
|
init_genrand(SystemTime.tv_sec ^ (SystemTime.tv_usec | (getpid() << 20))); |
| 487 |
|
|
| 488 |
< |
me.localClient = &meLocalUser; |
| 488 |
> |
me.connection = &meConnection; |
| 489 |
|
dlinkAdd(&me, &me.node, &global_client_list); /* Pointer to beginning |
| 490 |
|
of Client list */ |
| 491 |
|
ConfigLog.use_logging = 1; |
| 589 |
|
|
| 590 |
|
me.from = &me; |
| 591 |
|
me.servptr = &me; |
| 592 |
< |
me.localClient->lasttime = CurrentTime; |
| 593 |
< |
me.localClient->since = CurrentTime; |
| 594 |
< |
me.localClient->firsttime = CurrentTime; |
| 592 |
> |
me.connection->lasttime = CurrentTime; |
| 593 |
> |
me.connection->since = CurrentTime; |
| 594 |
> |
me.connection->firsttime = CurrentTime; |
| 595 |
|
|
| 596 |
|
SetMe(&me); |
| 597 |
|
make_server(&me); |
