mirror of
https://github.com/profanity-im/profanity.git
synced 2024-12-04 14:46:46 -05:00
Added TLS trusted certificate path preference
This commit is contained in:
parent
bd9c28c100
commit
a37d55e1a9
@ -106,6 +106,7 @@ static char * _time_autocomplete(ProfWin *window, const char * const input);
|
|||||||
static char * _receipts_autocomplete(ProfWin *window, const char * const input);
|
static char * _receipts_autocomplete(ProfWin *window, const char * const input);
|
||||||
static char * _help_autocomplete(ProfWin *window, const char * const input);
|
static char * _help_autocomplete(ProfWin *window, const char * const input);
|
||||||
static char * _wins_autocomplete(ProfWin *window, const char * const input);
|
static char * _wins_autocomplete(ProfWin *window, const char * const input);
|
||||||
|
static char * _tls_autocomplete(ProfWin *window, const char * const input);
|
||||||
|
|
||||||
GHashTable *commands = NULL;
|
GHashTable *commands = NULL;
|
||||||
|
|
||||||
@ -187,19 +188,25 @@ static struct cmd_t command_defs[] =
|
|||||||
},
|
},
|
||||||
|
|
||||||
{ "/tls",
|
{ "/tls",
|
||||||
cmd_tls, parse_args, 0, 0, NULL,
|
cmd_tls, parse_args, 1, 3, NULL,
|
||||||
CMD_TAGS(
|
CMD_TAGS(
|
||||||
CMD_TAG_CONNECTION)
|
CMD_TAG_CONNECTION)
|
||||||
CMD_SYN(
|
CMD_SYN(
|
||||||
"/tls allow",
|
"/tls allow",
|
||||||
"/tls always",
|
"/tls always",
|
||||||
"/tls deny")
|
"/tls deny",
|
||||||
|
"/tls certpath",
|
||||||
|
"/tls certpath set <path>",
|
||||||
|
"/tls certpath clear")
|
||||||
CMD_DESC(
|
CMD_DESC(
|
||||||
"Handle TLS certificates. ")
|
"Handle TLS certificates. ")
|
||||||
CMD_ARGS(
|
CMD_ARGS(
|
||||||
{ "allow", "Allow connection to continue with an invalid TLS certificate." },
|
{ "allow", "Allow connection to continue with an invalid TLS certificate." },
|
||||||
{ "always", "Always allow connections with this invalid TLS certificate." },
|
{ "always", "Always allow connections with this invalid TLS certificate." },
|
||||||
{ "deny", "Terminate TLS connection." })
|
{ "deny", "Terminate TLS connection." },
|
||||||
|
{ "certpath", "Show the trusted certificate path." },
|
||||||
|
{ "certpath set <path>", "Specify filesystem path containing trusted certificates." },
|
||||||
|
{ "certpath clear", "Clear the trusted certificate path." })
|
||||||
CMD_NOEXAMPLES
|
CMD_NOEXAMPLES
|
||||||
},
|
},
|
||||||
|
|
||||||
@ -1692,6 +1699,7 @@ static Autocomplete receipts_ac;
|
|||||||
static Autocomplete pgp_ac;
|
static Autocomplete pgp_ac;
|
||||||
static Autocomplete pgp_log_ac;
|
static Autocomplete pgp_log_ac;
|
||||||
static Autocomplete tls_ac;
|
static Autocomplete tls_ac;
|
||||||
|
static Autocomplete tls_certpath_ac;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Initialise command autocompleter and history
|
* Initialise command autocompleter and history
|
||||||
@ -2092,6 +2100,11 @@ cmd_init(void)
|
|||||||
autocomplete_add(tls_ac, "allow");
|
autocomplete_add(tls_ac, "allow");
|
||||||
autocomplete_add(tls_ac, "always");
|
autocomplete_add(tls_ac, "always");
|
||||||
autocomplete_add(tls_ac, "deny");
|
autocomplete_add(tls_ac, "deny");
|
||||||
|
autocomplete_add(tls_ac, "certpath");
|
||||||
|
|
||||||
|
tls_certpath_ac = autocomplete_new();
|
||||||
|
autocomplete_add(tls_certpath_ac, "set");
|
||||||
|
autocomplete_add(tls_certpath_ac, "clear");
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
void
|
||||||
@ -2157,6 +2170,7 @@ cmd_uninit(void)
|
|||||||
autocomplete_free(pgp_ac);
|
autocomplete_free(pgp_ac);
|
||||||
autocomplete_free(pgp_log_ac);
|
autocomplete_free(pgp_log_ac);
|
||||||
autocomplete_free(tls_ac);
|
autocomplete_free(tls_ac);
|
||||||
|
autocomplete_free(tls_certpath_ac);
|
||||||
}
|
}
|
||||||
|
|
||||||
gboolean
|
gboolean
|
||||||
@ -2338,6 +2352,7 @@ cmd_reset_autocomplete(ProfWin *window)
|
|||||||
autocomplete_reset(pgp_ac);
|
autocomplete_reset(pgp_ac);
|
||||||
autocomplete_reset(pgp_log_ac);
|
autocomplete_reset(pgp_log_ac);
|
||||||
autocomplete_reset(tls_ac);
|
autocomplete_reset(tls_ac);
|
||||||
|
autocomplete_reset(tls_certpath_ac);
|
||||||
|
|
||||||
if (window->type == WIN_CHAT) {
|
if (window->type == WIN_CHAT) {
|
||||||
ProfChatWin *chatwin = (ProfChatWin*)window;
|
ProfChatWin *chatwin = (ProfChatWin*)window;
|
||||||
@ -2550,8 +2565,8 @@ _cmd_complete_parameters(ProfWin *window, const char * const input)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
gchar *cmds[] = { "/prefs", "/disco", "/close", "/subject", "/room", "/tls" };
|
gchar *cmds[] = { "/prefs", "/disco", "/close", "/subject", "/room" };
|
||||||
Autocomplete completers[] = { prefs_ac, disco_ac, close_ac, subject_ac, room_ac, tls_ac };
|
Autocomplete completers[] = { prefs_ac, disco_ac, close_ac, subject_ac, room_ac };
|
||||||
|
|
||||||
for (i = 0; i < ARRAY_SIZE(cmds); i++) {
|
for (i = 0; i < ARRAY_SIZE(cmds); i++) {
|
||||||
result = autocomplete_param_with_ac(input, cmds[i], completers[i], TRUE);
|
result = autocomplete_param_with_ac(input, cmds[i], completers[i], TRUE);
|
||||||
@ -2591,6 +2606,7 @@ _cmd_complete_parameters(ProfWin *window, const char * const input)
|
|||||||
g_hash_table_insert(ac_funcs, "/time", _time_autocomplete);
|
g_hash_table_insert(ac_funcs, "/time", _time_autocomplete);
|
||||||
g_hash_table_insert(ac_funcs, "/receipts", _receipts_autocomplete);
|
g_hash_table_insert(ac_funcs, "/receipts", _receipts_autocomplete);
|
||||||
g_hash_table_insert(ac_funcs, "/wins", _wins_autocomplete);
|
g_hash_table_insert(ac_funcs, "/wins", _wins_autocomplete);
|
||||||
|
g_hash_table_insert(ac_funcs, "/tls", _tls_autocomplete);
|
||||||
|
|
||||||
int len = strlen(input);
|
int len = strlen(input);
|
||||||
char parsed[len+1];
|
char parsed[len+1];
|
||||||
@ -3497,6 +3513,24 @@ _wins_autocomplete(ProfWin *window, const char * const input)
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
static char *
|
||||||
|
_tls_autocomplete(ProfWin *window, const char * const input)
|
||||||
|
{
|
||||||
|
char *result = NULL;
|
||||||
|
|
||||||
|
result = autocomplete_param_with_ac(input, "/tls certpath", tls_certpath_ac, TRUE);
|
||||||
|
if (result) {
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
result = autocomplete_param_with_ac(input, "/tls", tls_ac, TRUE);
|
||||||
|
if (result) {
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
|
return result;
|
||||||
|
}
|
||||||
|
|
||||||
static char *
|
static char *
|
||||||
_receipts_autocomplete(ProfWin *window, const char * const input)
|
_receipts_autocomplete(ProfWin *window, const char * const input)
|
||||||
{
|
{
|
||||||
|
@ -159,8 +159,36 @@ cmd_execute_alias(ProfWin *window, const char * const inp, gboolean *ran)
|
|||||||
gboolean
|
gboolean
|
||||||
cmd_tls(ProfWin *window, const char * const command, gchar **args)
|
cmd_tls(ProfWin *window, const char * const command, gchar **args)
|
||||||
{
|
{
|
||||||
cons_bad_cmd_usage(command);
|
if (g_strcmp0(args[0], "certpath") == 0) {
|
||||||
return TRUE;
|
if (g_strcmp0(args[1], "set") == 0) {
|
||||||
|
if (args[2] == NULL) {
|
||||||
|
cons_bad_cmd_usage(command);
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
prefs_set_string(PREF_CERT_PATH, args[2]);
|
||||||
|
cons_show("Certificate path set to: %s", args[2]);
|
||||||
|
return TRUE;
|
||||||
|
} else if (g_strcmp0(args[1], "clear") == 0) {
|
||||||
|
prefs_set_string(PREF_CERT_PATH, NULL);
|
||||||
|
cons_show("Certificate path cleared");
|
||||||
|
return TRUE;
|
||||||
|
} else if (args[1] == NULL) {
|
||||||
|
char *path = prefs_get_string(PREF_CERT_PATH);
|
||||||
|
if (path) {
|
||||||
|
cons_show("Trusted certificate path: %s", path);
|
||||||
|
prefs_free_string(path);
|
||||||
|
} else {
|
||||||
|
cons_show("No trusted certificate path set.");
|
||||||
|
}
|
||||||
|
return TRUE;
|
||||||
|
} else {
|
||||||
|
cons_bad_cmd_usage(command);
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
cons_bad_cmd_usage(command);
|
||||||
|
return TRUE;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
gboolean
|
gboolean
|
||||||
|
@ -686,6 +686,7 @@ _get_group(preference_t pref)
|
|||||||
case PREF_CARBONS:
|
case PREF_CARBONS:
|
||||||
case PREF_RECEIPTS_SEND:
|
case PREF_RECEIPTS_SEND:
|
||||||
case PREF_RECEIPTS_REQUEST:
|
case PREF_RECEIPTS_REQUEST:
|
||||||
|
case PREF_CERT_PATH:
|
||||||
return PREF_GROUP_CONNECTION;
|
return PREF_GROUP_CONNECTION;
|
||||||
case PREF_OTR_LOG:
|
case PREF_OTR_LOG:
|
||||||
case PREF_OTR_POLICY:
|
case PREF_OTR_POLICY:
|
||||||
@ -818,6 +819,8 @@ _get_key(preference_t pref)
|
|||||||
return "enc.warn";
|
return "enc.warn";
|
||||||
case PREF_PGP_LOG:
|
case PREF_PGP_LOG:
|
||||||
return "log";
|
return "log";
|
||||||
|
case PREF_CERT_PATH:
|
||||||
|
return "certpath";
|
||||||
default:
|
default:
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
@ -103,7 +103,8 @@ typedef enum {
|
|||||||
PREF_RESOURCE_MESSAGE,
|
PREF_RESOURCE_MESSAGE,
|
||||||
PREF_INPBLOCK_DYNAMIC,
|
PREF_INPBLOCK_DYNAMIC,
|
||||||
PREF_ENC_WARN,
|
PREF_ENC_WARN,
|
||||||
PREF_PGP_LOG
|
PREF_PGP_LOG,
|
||||||
|
PREF_CERT_PATH,
|
||||||
} preference_t;
|
} preference_t;
|
||||||
|
|
||||||
typedef struct prof_alias_t {
|
typedef struct prof_alias_t {
|
||||||
|
@ -419,6 +419,11 @@ _jabber_connect(const char * const fulljid, const char * const passwd,
|
|||||||
xmpp_conn_disable_tls(jabber_conn.conn);
|
xmpp_conn_disable_tls(jabber_conn.conn);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
char *cert_path = prefs_get_string(PREF_CERT_PATH);
|
||||||
|
if (cert_path) {
|
||||||
|
xmpp_conn_tlscert_path(jabber_conn.conn, cert_path);
|
||||||
|
}
|
||||||
|
|
||||||
#ifdef HAVE_LIBMESODE
|
#ifdef HAVE_LIBMESODE
|
||||||
int connect_status = xmpp_connect_client(jabber_conn.conn, altdomain, port,
|
int connect_status = xmpp_connect_client(jabber_conn.conn, altdomain, port,
|
||||||
_connection_certfail_cb, _connection_handler, jabber_conn.ctx);
|
_connection_certfail_cb, _connection_handler, jabber_conn.ctx);
|
||||||
|
Loading…
Reference in New Issue
Block a user