Rename ssl_antidos to tls_antidos.

2025-08-13 21:51:36 +01:00 · 2019-08-12 14:40:11 +02:00 · 2019-08-12 14:40:11 +02:00 · ef739331b0
commit ef739331b0
parent 2b0afacdf0
5 changed files with 30 additions and 30 deletions
--- a/Makefile.windows
+++ b/Makefile.windows
@ -206,7 +206,7 @@ DLL_FILES=SRC/MODULES/CHGHOST.DLL SRC/MODULES/SDESC.DLL SRC/MODULES/SETIDENT.DLL
 SRC/MODULES/WEBREDIR.DLL \
 SRC/MODULES/CAP.DLL \
 SRC/MODULES/SASL.DLL \
- SRC/MODULES/SSL_ANTIDOS.DLL \
+ SRC/MODULES/TLS_ANTIDOS.DLL \
 SRC/MODULES/MD.DLL \
 SRC/MODULES/CERTFP.DLL \
 SRC/MODULES/CLOAK.DLL \
@ -843,8 +843,8 @@ src/modules/cap.dll: src/modules/cap.c $(INCLUDES)
 src/modules/sasl.dll: src/modules/sasl.c $(INCLUDES)
 	$(CC) $(MODCFLAGS) src/modules/sasl.c $(MODLFLAGS)

-src/modules/ssl_antidos.dll: src/modules/ssl_antidos.c $(INCLUDES)
-	$(CC) $(MODCFLAGS) src/modules/ssl_antidos.c $(MODLFLAGS)
+src/modules/tls_antidos.dll: src/modules/tls_antidos.c $(INCLUDES)
+	$(CC) $(MODCFLAGS) src/modules/tls_antidos.c $(MODLFLAGS)

 src/modules/antirandom.dll: src/modules/antirandom.c $(INCLUDES)
        $(CC) $(MODCFLAGS) src/modules/antirandom.c $(MODLFLAGS)
--- a/doc/conf/modules.default.conf
+++ b/doc/conf/modules.default.conf
@ -205,14 +205,14 @@ loadmodule "link-security"; /* link-security announce */
 loadmodule "message-ids"; /* adds unique msgid to various messages */
 loadmodule "plaintext-policy"; /* plaintext-policy announce */
 loadmodule "server-time"; /* adds server timestamp to various messages */
-loadmodule "sts"; /* strict transport policy (set::ssl::sts-policy) */
+loadmodule "sts"; /* strict transport policy (set::tls::sts-policy) */


 /*** Other ***/
 // These are modules that don't fit in any of the previous sections

-loadmodule "certfp"; /* SSL certificate fingerprint in /WHOIS (& more) */
-loadmodule "ssl_antidos"; /* prevent SSL DoS (renegotiate floods) */
+loadmodule "certfp"; /* SSL/TLS certificate fingerprint in /WHOIS (& more) */
+loadmodule "tls_antidos"; /* prevent TLS DoS (renegotiate floods) */
 loadmodule "webirc"; /* WEBIRC command. See webirc block. */
 loadmodule "blacklist"; /* Blacklist support (DNSBL). See blacklist block. */
 loadmodule "jointhrottle"; /* set::anti-flood::join-flood (previously chanmode +j) */
--- a/src/modules/Makefile.in
+++ b/src/modules/Makefile.in
@ -58,7 +58,7 @@ R_MODULES= \
 	botmotd.so lusers.so names.so svsnolag.so addmotd.so \
 	svslusers.so starttls.so webredir.so cap.so \
 	sasl.so md.so certfp.so \
-	ssl_antidos.so webirc.so websocket.so \
+	tls_antidos.so webirc.so websocket.so \
 	blacklist.so jointhrottle.so \
 	antirandom.so hideserver.so jumpserver.so \
 	ircops.so staff.so nocodes.so \
@ -475,9 +475,9 @@ certfp.so: certfp.c $(INCLUDES)
 	$(CC) $(CFLAGS) $(MODULEFLAGS) -DDYNAMIC_LINKING \
 		-o certfp.so certfp.c

-ssl_antidos.so: ssl_antidos.c $(INCLUDES)
+tls_antidos.so: tls_antidos.c $(INCLUDES)
 	$(CC) $(CFLAGS) $(MODULEFLAGS) -DDYNAMIC_LINKING \
-		-o ssl_antidos.so ssl_antidos.c
+		-o tls_antidos.so tls_antidos.c

 webirc.so: webirc.c $(INCLUDES)
 	$(CC) $(CFLAGS) $(MODULEFLAGS) -DDYNAMIC_LINKING \
--- a/src/modules/sts.c
+++ b/src/modules/sts.c
@ -66,7 +66,7 @@ int sts_capability_visible(aClient *acptr)
 	if (!IsSecure(acptr))
 	{
 		if (iConf.tls_options && iConf.tls_options->sts_port)
-			return 1; /* YES, non-SSL user and set::ssl::sts-policy configured */
+			return 1; /* YES, non-SSL user and set::tls::sts-policy configured */
 		return 0; /* NO, there is no sts-policy */
 	}

--- a/src/modules/tls_antidos.c
+++ b/src/modules/tls_antidos.c
@ -1,20 +1,20 @@
 /*
- * SSL Anti DoS module
+ * SSL/TLS Anti DoS module
 * This protects against SSL renegotiation attacks while still allowing us
 * to leave renegotiation on with all it's security benefits.
 *
- * (C) Copyright 2015 The UnrealIRCd team (Syzop and others)
+ * (C) Copyright 2015- Bram Matthys and the UnrealIRCd team.
 * 
 * License: GPLv2
 */

 #include "unrealircd.h"

-ModuleHeader MOD_HEADER(ssl_antidos)
+ModuleHeader MOD_HEADER(tls_antidos)
  = {
-	"ssl_antidos",
+	"tls_antidos",
 	"5.0",
-	"SSL Renegotiation DoS protection",
+	"TLS Renegotiation DoS protection",
 	"3.2-b8-1",
 	NULL 
    };
@ -29,16 +29,16 @@ struct _sad {
 	int n; /**< number of times */
 };

-int ssl_antidos_index = 0; /* slot# we acquire from OpenSSL. Hmm.. looks awfully similar to our moddata system ;) */
+int tls_antidos_index = 0; /* slot# we acquire from OpenSSL. Hmm.. looks awfully similar to our moddata system ;) */

 /* Forward declaration */
-int ssl_antidos_handshake(aClient *acptr);
+int tls_antidos_handshake(aClient *acptr);

-void ssl_antidos_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp);
+void tls_antidos_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp);

-MOD_INIT(ssl_antidos)
+MOD_INIT(tls_antidos)
 {
-	HookAdd(modinfo->handle, HOOKTYPE_HANDSHAKE, 0, ssl_antidos_handshake);
+	HookAdd(modinfo->handle, HOOKTYPE_HANDSHAKE, 0, tls_antidos_handshake);

 	MARK_AS_OFFICIAL_MODULE(modinfo);
 	
@ -47,17 +47,17 @@ MOD_INIT(ssl_antidos)
 	 * an index and callback function.
 	 */
 	
-	ssl_antidos_index = SSL_get_ex_new_index(0, "ssl_antidos", NULL, NULL, ssl_antidos_free);
+	tls_antidos_index = SSL_get_ex_new_index(0, "tls_antidos", NULL, NULL, tls_antidos_free);
 	
 	return MOD_SUCCESS;
 }

-MOD_LOAD(ssl_antidos)
+MOD_LOAD(tls_antidos)
 {
 	return MOD_SUCCESS;
 }

-MOD_UNLOAD(ssl_antidos)
+MOD_UNLOAD(tls_antidos)
 {
 	return MOD_SUCCESS;
 }
@ -67,7 +67,7 @@ void ssl_info_callback(const SSL *ssl, int where, int ret)
 {
 	if (where & SSL_CB_HANDSHAKE_START)
 	{
-		SAD *e = SSL_get_ex_data(ssl, ssl_antidos_index);
+		SAD *e = SSL_get_ex_data(ssl, tls_antidos_index);
 		aClient *acptr = e->acptr;
 		
 		if (IsServer(acptr) || IsDead(acptr))
@ -81,9 +81,9 @@ void ssl_info_callback(const SSL *ssl, int where, int ret)
 			e->n++;
 			if (e->n >= HANDSHAKE_LIMIT_COUNT)
 			{
-				ircd_log(LOG_ERROR, "SSL Handshake flood detected from %s -- killed", get_client_name(acptr, TRUE));
-				sendto_realops("SSL Handshake flood detected from %s -- killed", get_client_name(acptr, TRUE));
-				dead_link(acptr, "SSL Handshake flood detected");
+				ircd_log(LOG_ERROR, "TLS Handshake flood detected from %s -- killed", get_client_name(acptr, TRUE));
+				sendto_realops("TLS Handshake flood detected from %s -- killed", get_client_name(acptr, TRUE));
+				dead_link(acptr, "TLS Handshake flood detected");
 			}
 		}
 	}
@ -93,20 +93,20 @@ void ssl_info_callback(const SSL *ssl, int where, int ret)
 * This function is called quite quickly after accept(),
 * in any case very likely before any data has been received.
 */
-int ssl_antidos_handshake(aClient *acptr)
+int tls_antidos_handshake(aClient *acptr)
 {
 	if (acptr->local->ssl)
 	{
 		SAD *sad = MyMallocEx(sizeof(SAD));
 		sad->acptr = acptr;
 		SSL_set_info_callback(acptr->local->ssl, ssl_info_callback);
-		SSL_set_ex_data(acptr->local->ssl, ssl_antidos_index, sad);
+		SSL_set_ex_data(acptr->local->ssl, tls_antidos_index, sad);
 	}
 	return 0;
 }

 /** Called by OpenSSL when the SSL structure is freed (so we can free up our custom struct too) */
-void ssl_antidos_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp)
+void tls_antidos_free(void *parent, void *ptr, CRYPTO_EX_DATA *ad, int idx, long argl, void *argp)
 {
 	MyFree(ptr);
 }