ii-libtls.patch - randomcrap - random crap programs of varying quality
(HTM) git clone git://git.codemadness.org/randomcrap
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
ii-libtls.patch (5726B)
---
1 diff --git a/config.mk b/config.mk
2 index cae54f2..739910a 100644
3 --- a/config.mk
4 +++ b/config.mk
5 @@ -16,7 +16,7 @@ LIBDIR = ${PREFIX}/lib
6
7 # includes and libs
8 INCLUDES = -I. -I${INCDIR} -I/usr/include
9 -LIBS = -L${LIBDIR} -L/usr/lib -lc
10 +LIBS = -L${LIBDIR} -L/usr/lib -lc -lssl -lcrypto -ltls
11
12 # compiler
13 CC = cc
14 diff --git a/ii.1 b/ii.1
15 index 64b3f24..3d7e4a1 100644
16 --- a/ii.1
17 +++ b/ii.1
18 @@ -29,6 +29,7 @@ and ii creates a new channel directory with in and out file.
19 .IR nickname ]
20 .RB [ \-f
21 .IR realname ]
22 +.RB [ \-t ]
23 .RB < \-u
24 .IR sockname >
25 .SH OPTIONS
26 @@ -42,6 +43,9 @@ connect to a UNIX domain socket instead of directly to a server.
27 .BI \-p " port"
28 lets you override the default port (6667)
29 .TP
30 +.BI \-t
31 +connect using TLS
32 +.TP
33 .BI \-k " environment variable"
34 lets you specify an environment variable that contains your IRC password, e.g. IIPASS="foobar" ii -k IIPASS.
35 This is done in order to prevent other users from eavesdropping the server password via the process list.
36 @@ -87,12 +91,12 @@ Everything which is not a command will be posted into the channel or to the serv
37 So if you need /who just write /WHO as described in RFC#1459 to the server in FIFO.
38 .SH SSL PROTOCOL SUPPORT
39 .LP
40 -For TLS/SSL protocol support you can connect to a local tunnel, for example with stunnel or socat.
41 +ii supports TLS using the LibreSSL libtls wrapper.
42 .SH CONTACT
43 .LP
44 Subscribe to the mailinglist and write to dev (at) suckless (dot) org for suggestions, fixes, etc.
45 .SH AUTHORS
46 -Copyright \(co 2005-2016 ii engineers, see LICENSE file
47 +Copyright \(co 2005-2017 ii engineers, see LICENSE file
48 .SH SEE ALSO
49 .BR echo (1),
50 .BR tail (1)
51 diff --git a/ii.c b/ii.c
52 index 72e59b5..0000c78 100644
53 --- a/ii.c
54 +++ b/ii.c
55 @@ -20,6 +20,8 @@
56 #include <time.h>
57 #include <unistd.h>
58
59 +#include <tls.h>
60 +
61 char *argv0;
62
63 #include "arg.h"
64 @@ -64,7 +66,7 @@ static void loginuser(int, const char *, const char *);
65 static void proc_channels_input(int, Channel *, char *);
66 static void proc_channels_privmsg(int, Channel *, char *);
67 static void proc_server_cmd(int, char *);
68 -static int read_line(int, char *, size_t);
69 +static int read_line(int, char *, size_t, int);
70 static void run(int, const char *);
71 static void setup(void);
72 static void sighandler(int);
73 @@ -82,11 +84,14 @@ static char _nick[32]; /* nickname at startup */
74 static char ircpath[PATH_MAX]; /* irc dir (-i) */
75 static char msg[IRC_MSG_MAX]; /* message buf used for communication */
76
77 +static int usetls = 0;
78 +static struct tls *tls = NULL;
79 +
80 static void
81 usage(void)
82 {
83 fprintf(stderr, "usage: %s <-s host> [-i <irc dir>] [-p <port>] "
84 - "[-u <sockname>] [-n <nick>] [-k <password>] "
85 + "[-t] [-u <sockname>] [-n <nick>] [-k <password>] "
86 "[-f <fullname>]\n", argv0);
87 exit(1);
88 }
89 @@ -99,8 +104,13 @@ ewritestr(int fd, const char *s)
90
91 len = strlen(s);
92 for (off = 0; off < len; off += w) {
93 - if ((w = write(fd, s + off, len - off)) == -1)
94 - break;
95 + if (usetls) {
96 + if ((w = tls_write(tls, s + off, len - off)) == -1)
97 + break;
98 + } else {
99 + if ((w = write(fd, s + off, len - off)) == -1)
100 + break;
101 + }
102 off += w;
103 }
104 if (w == -1) {
105 @@ -660,14 +670,19 @@ proc_server_cmd(int fd, char *buf)
106 }
107
108 static int
109 -read_line(int fd, char *buf, size_t bufsiz)
110 +read_line(int fd, char *buf, size_t bufsiz, int readtls)
111 {
112 size_t i = 0;
113 char c = '\0';
114
115 do {
116 - if (read(fd, &c, sizeof(char)) != sizeof(char))
117 - return -1;
118 + if (usetls && readtls) {
119 + if (tls_read(tls, &c, sizeof(char)) != sizeof(char))
120 + return -1;
121 + } else {
122 + if (read(fd, &c, sizeof(char)) != sizeof(char))
123 + return -1;
124 + }
125 buf[i++] = c;
126 } while (c != '\n' && i < bufsiz);
127 buf[i - 1] = '\0'; /* eliminates '\n' */
128 @@ -679,7 +694,7 @@ handle_channels_input(int ircfd, Channel *c)
129 {
130 char buf[IRC_MSG_MAX];
131
132 - if (read_line(c->fdin, buf, sizeof(buf)) == -1) {
133 + if (read_line(c->fdin, buf, sizeof(buf), 0) == -1) {
134 if (channel_reopen(c) == -1)
135 channel_rm(c);
136 return;
137 @@ -692,7 +707,7 @@ handle_server_output(int ircfd)
138 {
139 char buf[IRC_MSG_MAX];
140
141 - if (read_line(ircfd, buf, sizeof(buf)) == -1) {
142 + if (read_line(ircfd, buf, sizeof(buf), 1) == -1) {
143 fprintf(stderr, "%s: remote host closed connection: %s\n",
144 argv0, strerror(errno));
145 exit(1);
146 @@ -804,6 +819,9 @@ main(int argc, char *argv[])
147 case 's':
148 host = EARGF(usage());
149 break;
150 + case 't':
151 + usetls = 1;
152 + break;
153 case 'u':
154 uds = EARGF(usage());
155 break;
156 @@ -822,7 +840,7 @@ main(int argc, char *argv[])
157
158 #ifdef __OpenBSD__
159 /* OpenBSD pledge(2) support */
160 - if (pledge("stdio rpath wpath cpath dpath", NULL) == -1) {
161 + if (pledge("stdio rpath wpath cpath dpath dns inet", NULL) == -1) {
162 fprintf(stderr, "%s: pledge: %s\n", argv0, strerror(errno));
163 exit(1);
164 }
165 @@ -835,6 +853,28 @@ main(int argc, char *argv[])
166 }
167 create_dirtree(ircpath);
168
169 + if (usetls) {
170 + if (tls_init() < 0) {
171 + fprintf(stderr, "tls_init: %s\n", strerror(errno));
172 + exit(1);
173 + }
174 + if (!(tls = tls_client())) {
175 + fprintf(stderr, "tls_client: %s\n", tls_error(tls));
176 + exit(1);
177 + }
178 + if (tls_connect_socket(tls, ircfd, host) < 0) {
179 + fprintf(stderr, "tls_connect_socket: %s\n", tls_error(tls));
180 + exit(1);
181 + }
182 + }
183 +
184 +#ifdef __OpenBSD__
185 + if (pledge("stdio rpath wpath cpath dpath", NULL) == -1) {
186 + fprintf(stderr, "%s: pledge: %s\n", argv0, strerror(errno));
187 + exit(1);
188 + }
189 +#endif
190 +
191 channelmaster = channel_add(""); /* master channel */
192 if (key)
193 loginkey(ircfd, key);
194 @@ -849,5 +889,8 @@ main(int argc, char *argv[])
195 channel_leave(c);
196 }
197
198 + if (tls)
199 + tls_close(tls);
200 +
201 return 0;
202 }