ii-openssl.patch - randomcrap - random crap programs of varying quality
(HTM) git clone git://git.codemadness.org/randomcrap
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
ii-openssl.patch (5202B)
---
1 diff --git a/config.mk b/config.mk
2 index cae54f2..f904bd9 100644
3 --- a/config.mk
4 +++ b/config.mk
5 @@ -16,7 +16,7 @@ LIBDIR = ${PREFIX}/lib
6
7 # includes and libs
8 INCLUDES = -I. -I${INCDIR} -I/usr/include
9 -LIBS = -L${LIBDIR} -L/usr/lib -lc
10 +LIBS = -L${LIBDIR} -L/usr/lib -lc -lssl -lcrypto
11
12 # compiler
13 CC = cc
14 diff --git a/ii.1 b/ii.1
15 index 8e06af7..9b2170f 100644
16 --- a/ii.1
17 +++ b/ii.1
18 @@ -29,6 +29,7 @@ and ii creates a new channel directory with in and out file.
19 .IR nickname ]
20 .RB [ \-f
21 .IR realname ]
22 +.RB [ \-t ]
23 .RB < \-u
24 .IR sockname >
25 .SH OPTIONS
26 @@ -42,6 +43,9 @@ connect to a UNIX domain socket instead of directly to a server.
27 .BI \-p " port"
28 lets you override the default port (6667)
29 .TP
30 +.BI \-t
31 +connect using TLS
32 +.TP
33 .BI \-k " environment variable"
34 lets you specify an environment variable that contains your IRC password, e.g. IIPASS="foobar" ii -k IIPASS.
35 This is done in order to prevent other users from eavesdropping the server password via the process list.
36 diff --git a/ii.c b/ii.c
37 index 72e59b5..2761264 100644
38 --- a/ii.c
39 +++ b/ii.c
40 @@ -20,6 +20,8 @@
41 #include <time.h>
42 #include <unistd.h>
43
44 +#include <openssl/ssl.h>
45 +
46 char *argv0;
47
48 #include "arg.h"
49 @@ -64,7 +66,7 @@ static void loginuser(int, const char *, const char *);
50 static void proc_channels_input(int, Channel *, char *);
51 static void proc_channels_privmsg(int, Channel *, char *);
52 static void proc_server_cmd(int, char *);
53 -static int read_line(int, char *, size_t);
54 +static int read_line(int, char *, size_t, int);
55 static void run(int, const char *);
56 static void setup(void);
57 static void sighandler(int);
58 @@ -82,11 +84,15 @@ static char _nick[32]; /* nickname at startup */
59 static char ircpath[PATH_MAX]; /* irc dir (-i) */
60 static char msg[IRC_MSG_MAX]; /* message buf used for communication */
61
62 +static int usetls = 0;
63 +static SSL_CTX *ctx = NULL;
64 +static SSL *tls = NULL;
65 +
66 static void
67 usage(void)
68 {
69 fprintf(stderr, "usage: %s <-s host> [-i <irc dir>] [-p <port>] "
70 - "[-u <sockname>] [-n <nick>] [-k <password>] "
71 + "[-t] [-u <sockname>] [-n <nick>] [-k <password>] "
72 "[-f <fullname>]\n", argv0);
73 exit(1);
74 }
75 @@ -99,8 +105,13 @@ ewritestr(int fd, const char *s)
76
77 len = strlen(s);
78 for (off = 0; off < len; off += w) {
79 - if ((w = write(fd, s + off, len - off)) == -1)
80 - break;
81 + if (usetls) {
82 + if ((w = SSL_write(tls, s + off, len - off)) < 0)
83 + break;
84 + } else {
85 + if ((w = write(fd, s + off, len - off)) == -1)
86 + break;
87 + }
88 off += w;
89 }
90 if (w == -1) {
91 @@ -660,14 +671,19 @@ proc_server_cmd(int fd, char *buf)
92 }
93
94 static int
95 -read_line(int fd, char *buf, size_t bufsiz)
96 +read_line(int fd, char *buf, size_t bufsiz, int readtls)
97 {
98 size_t i = 0;
99 char c = '\0';
100
101 do {
102 - if (read(fd, &c, sizeof(char)) != sizeof(char))
103 - return -1;
104 + if (usetls && readtls) {
105 + if (SSL_read(tls, &c, sizeof(char)) != sizeof(char))
106 + return -1;
107 + } else {
108 + if (read(fd, &c, sizeof(char)) != sizeof(char))
109 + return -1;
110 + }
111 buf[i++] = c;
112 } while (c != '\n' && i < bufsiz);
113 buf[i - 1] = '\0'; /* eliminates '\n' */
114 @@ -679,7 +695,7 @@ handle_channels_input(int ircfd, Channel *c)
115 {
116 char buf[IRC_MSG_MAX];
117
118 - if (read_line(c->fdin, buf, sizeof(buf)) == -1) {
119 + if (read_line(c->fdin, buf, sizeof(buf), 0) == -1) {
120 if (channel_reopen(c) == -1)
121 channel_rm(c);
122 return;
123 @@ -692,7 +708,7 @@ handle_server_output(int ircfd)
124 {
125 char buf[IRC_MSG_MAX];
126
127 - if (read_line(ircfd, buf, sizeof(buf)) == -1) {
128 + if (read_line(ircfd, buf, sizeof(buf), 1) == -1) {
129 fprintf(stderr, "%s: remote host closed connection: %s\n",
130 argv0, strerror(errno));
131 exit(1);
132 @@ -804,6 +820,9 @@ main(int argc, char *argv[])
133 case 's':
134 host = EARGF(usage());
135 break;
136 + case 't':
137 + usetls = 1;
138 + break;
139 case 'u':
140 uds = EARGF(usage());
141 break;
142 @@ -822,7 +841,7 @@ main(int argc, char *argv[])
143
144 #ifdef __OpenBSD__
145 /* OpenBSD pledge(2) support */
146 - if (pledge("stdio rpath wpath cpath dpath", NULL) == -1) {
147 + if (pledge("stdio rpath wpath cpath dpath dns inet", NULL) == -1) {
148 fprintf(stderr, "%s: pledge: %s\n", argv0, strerror(errno));
149 exit(1);
150 }
151 @@ -835,6 +854,28 @@ main(int argc, char *argv[])
152 }
153 create_dirtree(ircpath);
154
155 + if (usetls) {
156 + SSL_load_error_strings();
157 + SSL_library_init();
158 + if (!(ctx = SSL_CTX_new(SSLv23_client_method()))) {
159 + fprintf(stderr, "%s: could not initialize SSL context\n", argv0);
160 + exit(1);
161 + }
162 + tls = SSL_new(ctx);
163 + if (SSL_set_fd(tls, ircfd) == 0 || SSL_connect(tls) != 1) {
164 + fprintf(stderr, "%s: could not connect with SSL\n", argv0);
165 + exit(1);
166 + }
167 + }
168 +
169 +#ifdef __OpenBSD__
170 + /* OpenBSD pledge(2) support */
171 + if (pledge("stdio rpath wpath cpath dpath", NULL) == -1) {
172 + fprintf(stderr, "%s: pledge: %s\n", argv0, strerror(errno));
173 + exit(1);
174 + }
175 +#endif
176 +
177 channelmaster = channel_add(""); /* master channel */
178 if (key)
179 loginkey(ircfd, key);
180 @@ -849,5 +890,11 @@ main(int argc, char *argv[])
181 channel_leave(c);
182 }
183
184 + if (tls) {
185 + SSL_shutdown(tls);
186 + SSL_free(tls);
187 + SSL_CTX_free(ctx);
188 + }
189 +
190 return 0;
191 }