"US Leaf" is not in the list (Hub, Leaf, Chaos Node, Art, Pseudoserver, Provisional, Banned) of allowed values for the "Node Type" property.{| class="infobox" |- |colspan="2" class="infobox-title"| dunes.p.mojavenet.xyz |- ! Name | dunes.p.mojavenet.xyz |- ! Location | San Jose, CA |-
|- ! Owner | clrx |- ! SID | 8SL |- ! Type | US Leaf"US Leaf" is not in the list (Hub, Leaf, Chaos Node, Art, Pseudoserver, Provisional, Banned) of allowed values for the "Node Type" property. |- ! Status | Active |- !
|
|}
ports: 6667, 6697 (SSL) IPv4 & IPv6!
Cool features:
Create a new #channel, get a free +q!
Modules
/src/modules/third/certificate-refresh.c
automatically reload your SSL/TLS certificates when they are changed on the filesystem, no need for a cron job.
/* License: GPLv2 */
#include "unrealircd.h"
ModuleHeader MOD_HEADER
= {
"third/certificate-refresh", /* name */
"1.0.0", /* version */
"Certificate Refresh: Automatically checks SSL/TLS certificates for changes, and reloads SSL/TLS if the certificate has been updated.", /* description */
"clrx", /* author */
"unrealircd-5", /* do not change this, it indicates module API version */
};
#define _MCRF_TIMEOUT 43200000 /* 12 hours, in milliseconds. */
typedef struct mCRF_Watch_File mCRF_Watch_File;
struct mCRF_Watch_File {
char *path;
time_t last_modified;
mCRF_Watch_File *next;
};
/* Forward Declarations. */
EVENT(mCRF_timeout);
EVENT(mCRF_setup_files);
time_t mCRF_get_cert_time(const char *path);
mCRF_Watch_File *mCRF_add_watch_file(const char *path);
void mCRF_remove_watch_file(mCRF_Watch_File *wptr);
mCRF_Watch_File *mCRF_find_watch_file(const char *path);
static mCRF_Watch_File *watched_files;
EVENT(mCRF_timeout)
{
TLSOptions *tls_options;
int needReload = 0;
mCRF_Watch_File *wptr;
for (wptr = watched_files; wptr; wptr = wptr->next)
{
time_t ts_curr = mCRF_get_cert_time(wptr->path);
if (ts_curr != wptr->last_modified)
{
needReload = 1;
wptr->last_modified = ts_curr;
}
}
if (needReload)
{
sendto_snomask(SNO_SNOTICE, "*** [third/certificate-refresh]: Server TLS certificate(s) updated, reloading certificates.");
reinit_ssl(NULL);
}
}
EVENT(mCRF_setup_files)
{
ConfigItem_listen *lptr;
ConfigItem_sni *sptr;
mCRF_Watch_File *wptr, *wptri;
TLSOptions *tls_options = get_tls_options_for_client(&me);
if (tls_options)
mCRF_add_watch_file(tls_options->certificate_file);
for (lptr = conf_listen; lptr; lptr = lptr->next)
{
tls_options = lptr->tls_options;
if (tls_options)
mCRF_add_watch_file(tls_options->certificate_file);
}
for (sptr = conf_sni; sptr; sptr = sptr->next)
{
mCRF_add_watch_file(sptr->tls_options->certificate_file);
}
}
time_t mCRF_get_cert_time(const char *path)
{
time_t r = 0;
struct stat st;
if (!stat(path, &st))
{
r = st.st_mtime;
}
return r;
}
mCRF_Watch_File *mCRF_add_watch_file(const char *path)
{
mCRF_Watch_File *wptr;
if (path == NULL)
return NULL;
if (mCRF_find_watch_file(path))
return NULL;
wptr = safe_alloc(sizeof(mCRF_Watch_File));
memset(wptr, 0, sizeof(mCRF_Watch_File));
wptr->path = our_strdup(path);
wptr->last_modified = mCRF_get_cert_time(wptr->path);
if (watched_files == NULL)
{
watched_files = wptr;
}
else
{
mCRF_Watch_File *tmp, *prv;
tmp = watched_files;
while (tmp != NULL)
{
prv = tmp;
tmp = tmp->next;
}
prv->next = wptr;
}
return wptr;
}
mCRF_Watch_File *mCRF_find_watch_file(const char *path)
{
mCRF_Watch_File *wptr;
for (wptr = watched_files; wptr; wptr = wptr->next)
{
if (smycmp(path, wptr->path) == 0)
return wptr;
}
return NULL;
}
MOD_INIT()
{
EventAdd(modinfo->handle, "mCRF_timeout", mCRF_timeout, NULL, _MCRF_TIMEOUT, 0);
EventAdd(modinfo->handle, "mCRF_setup_files", mCRF_setup_files, NULL, 5 * 1000, 1);
return MOD_SUCCESS;
}
MOD_UNLOAD()
{
mCRF_Watch_File *wptr, *wptri;
for (wptr = watched_files; wptr; wptr = wptri)
{
wptri = wptr->next;
safe_free(wptr->path);
safe_free(wptr);
}
return MOD_SUCCESS;
}
MOD_TEST()
{
return MOD_SUCCESS;
}
MOD_LOAD()
{
return MOD_SUCCESS;
}