aniani/irssi
1
0
Fork 0
mirror of https://github.com/irssi/irssi.git synced 2024-12-04 14:46:39 -05:00
Code

Pass SERVER_REC directly to net_connect_ip_ssl

Browse Source 
This patch refactors how we are passing connection information for SSL
connections. This will allow us to emit signals with a SERVER_REC as
parameter during SSL handshake.

git-svn-id: file:///var/www/svn.irssi.org/SVN/irssi/trunk@5219 dbcabf3a-b0e7-0310-adc4-f8d773084564
This commit is contained in:
Alexander Færøy 2013-06-23 23:50:26 +00:00 committed by ahf
parent d826896f74
commit cb873d5b91
3 changed files with 17 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
src/core/network-openssl.c
View File

@ -21,6 +21,7 @@
#include "module.h" #include "module.h"
#include "network.h" #include "network.h"
#include "misc.h" #include "misc.h"
#include "servers.h"
#ifdef HAVE_OPENSSL #ifdef HAVE_OPENSSL
@ -45,7 +46,7 @@ typedef struct
SSL *ssl; SSL *ssl;
SSL_CTX *ctx; SSL_CTX *ctx;
unsigned int verify:1; unsigned int verify:1;
const char *hostname; SERVER_REC *server;
int port; int port;
} GIOSSLChannel; } GIOSSLChannel;
@ -428,7 +429,7 @@ static gboolean irssi_ssl_init(void)
} }
static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostname, int port, const char *mycert, const char *mypkey, const char *cafile, const char *capath, gboolean verify) static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, int port, SERVER_REC *server)
{ {
GIOSSLChannel *chan; GIOSSLChannel *chan;
GIOChannel *gchan; GIOChannel *gchan;
@ -436,6 +437,12 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostn
SSL *ssl; SSL *ssl;
SSL_CTX *ctx = NULL; SSL_CTX *ctx = NULL;
const char *mycert = server->connrec->ssl_cert;
const char *mypkey = server->connrec->ssl_pkey;
const char *cafile = server->connrec->ssl_cafile;
const char *capath = server->connrec->ssl_capath;
gboolean verify = server->connrec->ssl_verify;
g_return_val_if_fail(handle != NULL, NULL); g_return_val_if_fail(handle != NULL, NULL);
if(!ssl_inited && !irssi_ssl_init()) if(!ssl_inited && !irssi_ssl_init())
@ -511,9 +518,9 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostn
chan->giochan = handle; chan->giochan = handle;
chan->ssl = ssl; chan->ssl = ssl;
chan->ctx = ctx; chan->ctx = ctx;
chan->verify = verify; chan->server = server;
chan->hostname = hostname;
chan->port = port; chan->port = port;
chan->verify = verify;
gchan = (GIOChannel *)chan; gchan = (GIOChannel *)chan;
gchan->funcs = &irssi_ssl_channel_funcs; gchan->funcs = &irssi_ssl_channel_funcs;
@ -524,14 +531,14 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostn
return gchan; return gchan;
} }
GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, const char* hostname, IPADDR *my_ip, const char *cert, const char *pkey, const char *cafile, const char *capath, gboolean verify) GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, IPADDR *my_ip, SERVER_REC *server)
{ {
GIOChannel *handle, *ssl_handle; GIOChannel *handle, *ssl_handle;
handle = net_connect_ip(ip, port, my_ip); handle = net_connect_ip(ip, port, my_ip);
if (handle == NULL) if (handle == NULL)
return NULL; return NULL;
ssl_handle = irssi_ssl_get_iochannel(handle, hostname, port, cert, pkey, cafile, capath, verify); ssl_handle = irssi_ssl_get_iochannel(handle, port, server);
if (ssl_handle == NULL) if (ssl_handle == NULL)
g_io_channel_unref(handle); g_io_channel_unref(handle);
return ssl_handle; return ssl_handle;
@ -573,14 +580,14 @@ int irssi_ssl_handshake(GIOChannel *handle)
g_warning("SSL server supplied no certificate"); g_warning("SSL server supplied no certificate");
return -1; return -1;
} }
ret = !chan->verify || irssi_ssl_verify(chan->ssl, chan->ctx, chan->hostname, chan->port, cert); ret = !chan->verify || irssi_ssl_verify(chan->ssl, chan->ctx, chan->server->connrec->address, chan->port, cert);
X509_free(cert); X509_free(cert);
return ret ? 0 : -1; return ret ? 0 : -1;
} }
#else /* HAVE_OPENSSL */ #else /* HAVE_OPENSSL */
GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, const char* hostname, IPADDR *my_ip, const char *cert, const char *pkey, const char *cafile, const char *capath, gboolean verify) GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, IPADDR *my_ip, SERVER_REC *server)
{ {
g_warning("Connection failed: SSL support not enabled in this build."); g_warning("Connection failed: SSL support not enabled in this build.");
errno = ENOSYS; errno = ENOSYS;

2
src/core/network.h
View File

@ -49,7 +49,7 @@ int net_ip_compare(IPADDR *ip1, IPADDR *ip2);
/* Connect to socket */ /* Connect to socket */
GIOChannel *net_connect(const char *addr, int port, IPADDR *my_ip); GIOChannel *net_connect(const char *addr, int port, IPADDR *my_ip);
/* Connect to socket with ip address and SSL*/ /* Connect to socket with ip address and SSL*/
GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, const char* hostname, IPADDR *my_ip, const char *cert, const char *pkey, const char *cafile, const char *capath, gboolean verify); GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, IPADDR *my_ip, SERVER_REC *server);
int irssi_ssl_handshake(GIOChannel *handle); int irssi_ssl_handshake(GIOChannel *handle);
/* Connect to socket with ip address */ /* Connect to socket with ip address */
GIOChannel *net_connect_ip(IPADDR *ip, int port, IPADDR *my_ip); GIOChannel *net_connect_ip(IPADDR *ip, int port, IPADDR *my_ip);

4
src/core/servers.c
View File

@ -224,9 +224,7 @@ static void server_real_connect(SERVER_REC *server, IPADDR *ip,
port = server->connrec->proxy != NULL ? port = server->connrec->proxy != NULL ?
server->connrec->proxy_port : server->connrec->port; server->connrec->proxy_port : server->connrec->port;
handle = server->connrec->use_ssl ? handle = server->connrec->use_ssl ?
net_connect_ip_ssl(ip, port, server->connrec->address, own_ip, server->connrec->ssl_cert, server->connrec->ssl_pkey, net_connect_ip_ssl(ip, port, own_ip, server) : net_connect_ip(ip, port, own_ip);
server->connrec->ssl_cafile, server->connrec->ssl_capath, server->connrec->ssl_verify) :
net_connect_ip(ip, port, own_ip);
} else { } else {
handle = net_connect_unix(unix_socket); handle = net_connect_unix(unix_socket);
} }