aniani/profanity
1
0
Fork 0
mirror of https://github.com/profanity-im/profanity.git synced 2024-12-04 14:46:46 -05:00
Code

Store current TLS certificate fingerpint in memory for reconnect

Browse Source
This commit is contained in:
James Booth 2015-11-09 20:57:26 +00:00
parent b3737b225f
commit 4cbfb88814
4 changed files with 47 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/command/commands.c
View File

@ -831,6 +831,7 @@ cmd_disconnect(ProfWin *window, const char *const command, gchar **args)
roster_clear(); roster_clear();
muc_invites_clear(); muc_invites_clear();
chat_sessions_clear(); chat_sessions_clear();
tlscerts_clear_current();
ui_disconnected(); ui_disconnected();
#ifdef HAVE_LIBGPGME #ifdef HAVE_LIBGPGME
p_gpg_on_disconnect(); p_gpg_on_disconnect();

32
src/config/tlscerts.c
View File

@ -51,6 +51,8 @@ static void _save_tlscerts(void);
static Autocomplete certs_ac; static Autocomplete certs_ac;
static char *current_fp;
void void
tlscerts_init(void) tlscerts_init(void)
{ {
@ -73,6 +75,32 @@ tlscerts_init(void)
autocomplete_add(certs_ac, groups[i]); autocomplete_add(certs_ac, groups[i]);
} }
g_strfreev(groups); g_strfreev(groups);
current_fp = NULL;
}
void
tlscerts_set_current(const char *const fp)
{
if (current_fp) {
free(current_fp);
}
current_fp = strdup(fp);
}
char*
tlscerts_get_current(void)
{
return current_fp;
}
void
tlscerts_clear_current(void)
{
if (current_fp) {
free(current_fp);
current_fp = NULL;
}
} }
gboolean gboolean
@ -223,6 +251,10 @@ tlscerts_close(void)
{ {
g_key_file_free(tlscerts); g_key_file_free(tlscerts);
tlscerts = NULL; tlscerts = NULL;
free(current_fp);
current_fp = NULL;
autocomplete_free(certs_ac); autocomplete_free(certs_ac);
} }

6
src/config/tlscerts.h
View File

@ -50,6 +50,12 @@ TLSCertificate* tlscerts_new(const char *const fingerprint, const char *const do
const char *const organisation, const char *const email, const char *const organisation, const char *const email,
const char *const notbefore, const char *const notafter); const char *const notbefore, const char *const notafter);
void tlscerts_set_current(const char *const fp);
char* tlscerts_get_current(void);
void tlscerts_clear_current(void);
gboolean tlscerts_exists(const char *const fingerprint); gboolean tlscerts_exists(const char *const fingerprint);
void tlscerts_add(TLSCertificate *cert); void tlscerts_add(TLSCertificate *cert);

8
src/event/server_events.c
View File

@ -718,10 +718,17 @@ int
sv_ev_certfail(const char *const errormsg, const char *const certname, const char *const certfp, sv_ev_certfail(const char *const errormsg, const char *const certname, const char *const certfp,
const char *const notbefore, const char *const notafter) const char *const notbefore, const char *const notafter)
{ {
// check profanity trusted certs
if (tlscerts_exists(certfp)) { if (tlscerts_exists(certfp)) {
return 1; return 1;
} }
// check current cert
char *current_fp = tlscerts_get_current();
if (current_fp && g_strcmp0(current_fp, certfp) == 0) {
return 1;
}
char *domain = NULL; char *domain = NULL;
char *org = NULL; char *org = NULL;
char *email = NULL; char *email = NULL;
@ -780,6 +787,7 @@ sv_ev_certfail(const char *const errormsg, const char *const certname, const cha
} }
if (g_strcmp0(cmd, "/tls allow") == 0) { if (g_strcmp0(cmd, "/tls allow") == 0) {
tlscerts_set_current(certfp);
free(cmd); free(cmd);
free(domain); free(domain);
free(org); free(org);