1
0
mirror of https://github.com/irssi/irssi.git synced 2024-12-04 14:46:39 -05:00

Pass SERVER_REC directly to net_connect_ip_ssl

This patch refactors how we are passing connection information for SSL
connections. This will allow us to emit signals with a SERVER_REC as
parameter during SSL handshake.

git-svn-id: file:///var/www/svn.irssi.org/SVN/irssi/trunk@5219 dbcabf3a-b0e7-0310-adc4-f8d773084564
This commit is contained in:
Alexander Færøy 2013-06-23 23:50:26 +00:00 committed by ahf
parent d826896f74
commit cb873d5b91
3 changed files with 17 additions and 12 deletions

View File

@ -21,6 +21,7 @@
#include "module.h"
#include "network.h"
#include "misc.h"
#include "servers.h"
#ifdef HAVE_OPENSSL
@ -45,7 +46,7 @@ typedef struct
SSL *ssl;
SSL_CTX *ctx;
unsigned int verify:1;
const char *hostname;
SERVER_REC *server;
int port;
} GIOSSLChannel;
@ -428,7 +429,7 @@ static gboolean irssi_ssl_init(void)
}
static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostname, int port, const char *mycert, const char *mypkey, const char *cafile, const char *capath, gboolean verify)
static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, int port, SERVER_REC *server)
{
GIOSSLChannel *chan;
GIOChannel *gchan;
@ -436,6 +437,12 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostn
SSL *ssl;
SSL_CTX *ctx = NULL;
const char *mycert = server->connrec->ssl_cert;
const char *mypkey = server->connrec->ssl_pkey;
const char *cafile = server->connrec->ssl_cafile;
const char *capath = server->connrec->ssl_capath;
gboolean verify = server->connrec->ssl_verify;
g_return_val_if_fail(handle != NULL, NULL);
if(!ssl_inited && !irssi_ssl_init())
@ -511,9 +518,9 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostn
chan->giochan = handle;
chan->ssl = ssl;
chan->ctx = ctx;
chan->verify = verify;
chan->hostname = hostname;
chan->server = server;
chan->port = port;
chan->verify = verify;
gchan = (GIOChannel *)chan;
gchan->funcs = &irssi_ssl_channel_funcs;
@ -524,14 +531,14 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostn
return gchan;
}
GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, const char* hostname, IPADDR *my_ip, const char *cert, const char *pkey, const char *cafile, const char *capath, gboolean verify)
GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, IPADDR *my_ip, SERVER_REC *server)
{
GIOChannel *handle, *ssl_handle;
handle = net_connect_ip(ip, port, my_ip);
if (handle == NULL)
return NULL;
ssl_handle = irssi_ssl_get_iochannel(handle, hostname, port, cert, pkey, cafile, capath, verify);
ssl_handle = irssi_ssl_get_iochannel(handle, port, server);
if (ssl_handle == NULL)
g_io_channel_unref(handle);
return ssl_handle;
@ -573,14 +580,14 @@ int irssi_ssl_handshake(GIOChannel *handle)
g_warning("SSL server supplied no certificate");
return -1;
}
ret = !chan->verify || irssi_ssl_verify(chan->ssl, chan->ctx, chan->hostname, chan->port, cert);
ret = !chan->verify || irssi_ssl_verify(chan->ssl, chan->ctx, chan->server->connrec->address, chan->port, cert);
X509_free(cert);
return ret ? 0 : -1;
}
#else /* HAVE_OPENSSL */
GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, const char* hostname, IPADDR *my_ip, const char *cert, const char *pkey, const char *cafile, const char *capath, gboolean verify)
GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, IPADDR *my_ip, SERVER_REC *server)
{
g_warning("Connection failed: SSL support not enabled in this build.");
errno = ENOSYS;

View File

@ -49,7 +49,7 @@ int net_ip_compare(IPADDR *ip1, IPADDR *ip2);
/* Connect to socket */
GIOChannel *net_connect(const char *addr, int port, IPADDR *my_ip);
/* Connect to socket with ip address and SSL*/
GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, const char* hostname, IPADDR *my_ip, const char *cert, const char *pkey, const char *cafile, const char *capath, gboolean verify);
GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, IPADDR *my_ip, SERVER_REC *server);
int irssi_ssl_handshake(GIOChannel *handle);
/* Connect to socket with ip address */
GIOChannel *net_connect_ip(IPADDR *ip, int port, IPADDR *my_ip);

View File

@ -224,9 +224,7 @@ static void server_real_connect(SERVER_REC *server, IPADDR *ip,
port = server->connrec->proxy != NULL ?
server->connrec->proxy_port : server->connrec->port;
handle = server->connrec->use_ssl ?
net_connect_ip_ssl(ip, port, server->connrec->address, own_ip, server->connrec->ssl_cert, server->connrec->ssl_pkey,
server->connrec->ssl_cafile, server->connrec->ssl_capath, server->connrec->ssl_verify) :
net_connect_ip(ip, port, own_ip);
net_connect_ip_ssl(ip, port, own_ip, server) : net_connect_ip(ip, port, own_ip);
} else {
handle = net_connect_unix(unix_socket);
}