aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGravatar Sadie Powell2025-10-26 14:57:51 +0000
committerGravatar Sadie Powell2025-10-26 15:04:22 +0000
commita05abef182846dfe06ee91d1c77838aa78b8049c (patch)
tree705bfc36d240228980027d2d8b1ba32891a3872b
parentCheck all fingerprints for server links not just the primary one. (diff)
Deprecate the contents of the SSLClientCert namespace.
This is full of footguns and isn't really needed.
-rw-r--r--include/modules/ssl.h15
-rw-r--r--src/modules/m_sslinfo.cpp6
2 files changed, 16 insertions, 5 deletions
diff --git a/include/modules/ssl.h b/include/modules/ssl.h
index 3d4b459c1..4526d7c9f 100644
--- a/include/modules/ssl.h
+++ b/include/modules/ssl.h
@@ -289,6 +289,7 @@ public:
* @param sock The socket to get the certificate from, the socket does not have to use TLS
* @return The TLS client certificate information, NULL if the peer is not using TLS
*/
+ [[deprecated("Use SSLIOHook::IsSSL()->GetCertificate() instead")]]
static ssl_cert* GetCertificate(StreamSocket* sock)
{
SSLIOHook* ssliohook = SSLIOHook::IsSSL(sock);
@@ -305,12 +306,18 @@ public:
* @return The key fingerprint from the TLS certificate sent by the peer,
* empty if no cert was sent or the peer is not using TLS
*/
+ [[deprecated("Use SSLIOHook::IsSSL()->GetCertificate()->GetFingerprint() instead")]]
static std::string GetFingerprint(StreamSocket* sock)
{
- ssl_cert* cert = SSLClientCert::GetCertificate(sock);
- if (cert)
- return cert->GetFingerprint();
- return "";
+ auto* ssliohook = SSLIOHook::IsSSL(sock);
+ if (!ssliohook)
+ return nullptr;
+
+ auto* cert = ssliohook->GetCertificate();
+ if (!cert)
+ return "";
+
+ return cert->GetFingerprint();
}
};
diff --git a/src/modules/m_sslinfo.cpp b/src/modules/m_sslinfo.cpp
index b38931871..4a1f73f74 100644
--- a/src/modules/m_sslinfo.cpp
+++ b/src/modules/m_sslinfo.cpp
@@ -161,7 +161,11 @@ public:
if (!luser || nosslext.Get(luser))
return nullptr;
- cert = SSLClientCert::GetCertificate(&luser->eh);
+ auto* ssliohook = SSLIOHook::IsSSL(&luser->eh);
+ if (!ssliohook)
+ return nullptr;
+
+ cert = ssliohook->GetCertificate();
if (!cert)
return nullptr;