diff options
| author | 2020-08-29 19:21:06 +0100 | |
|---|---|---|
| committer | 2020-08-29 19:21:06 +0100 | |
| commit | ff766773bc547b03ffa3a15cb1c89896a2a7b8cf (patch) | |
| tree | 1f8333b12b57d2d261aea64421f86429f4201bd0 /src/modules/m_spanningtree/server.cpp | |
| parent | Add a link to the packaging advice to the configure help. (diff) | |
Warn about non-local plaintext server connections.
Diffstat (limited to 'src/modules/m_spanningtree/server.cpp')
| -rw-r--r-- | src/modules/m_spanningtree/server.cpp | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/modules/m_spanningtree/server.cpp b/src/modules/m_spanningtree/server.cpp index c635856e3..b55743659 100644 --- a/src/modules/m_spanningtree/server.cpp +++ b/src/modules/m_spanningtree/server.cpp @@ -141,6 +141,10 @@ Link* TreeSocket::AuthRemote(const CommandBase::Params& params) ssliohook->GetCiphersuite(ciphersuite); ServerInstance->SNO->WriteToSnoMask('l', "Negotiated ciphersuite %s on link %s", ciphersuite.c_str(), x->Name.c_str()); } + else if (!irc::sockets::cidr_mask("127.0.0.0/8").match(capab->remotesa) && !irc::sockets::cidr_mask("::1/128").match(capab->remotesa)) + { + ServerInstance->SNO->WriteGlobalSno('l', "Server connection to %s is not using SSL (TLS). This is VERY INSECURE and will not be allowed the next major version of InspIRCd.", x->Name.c_str()); + } return x; } |
