sites

public wiki contents of suckless.org
git clone git://git.suckless.org/sites
Log | Files | Refs

commit dd01b8f47223314ac08eaa7c45bd41cf6588158f
parent a3f2b1e21130bde27b397725044477fa42b06ff5
Author: Alexandre Hannedouche <alexandre.hannedouche@ectim.fr>
Date:   Mon, 10 Aug 2020 09:58:44 +0200

Port of the ssl patch for ii version 1.8.

Diffstat:
Atools.suckless.org/ii/patches/ssl/ii-1.8-ssl-20200810-b10421c.diff | 391+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Mtools.suckless.org/ii/patches/ssl/index.md | 2++
2 files changed, 393 insertions(+), 0 deletions(-)

diff --git a/tools.suckless.org/ii/patches/ssl/ii-1.8-ssl-20200810-b10421c.diff b/tools.suckless.org/ii/patches/ssl/ii-1.8-ssl-20200810-b10421c.diff @@ -0,0 +1,391 @@ +From b10421c548c3cf3507b8ade1679407a5af6202e6 Mon Sep 17 00:00:00 2001 +From: Alexandre Hannedouche <hannedouche.alex@gmail.com> +Date: Mon, 3 Aug 2020 18:37:01 +0200 +Subject: [PATCH] Adapting ssl patch + +--- + config.mk | 2 +- + ii.1 | 5 ++ + ii.c | 154 +++++++++++++++++++++++++++++++++++++++++------------- + 3 files changed, 123 insertions(+), 38 deletions(-) + +diff --git a/config.mk b/config.mk +index 957bae0..9becc42 100644 +--- a/config.mk ++++ b/config.mk +@@ -10,5 +10,5 @@ DOCPREFIX = ${PREFIX}/share/doc + # remove NEED_STRLCPY from CFLAGS and + # remove strlcpy.o from LIBS + CFLAGS = -DNEED_STRLCPY -Os +-LDFLAGS = -s ++LDFLAGS = -s -lssl -lcrypto + LIBS = strlcpy.o +diff --git a/ii.1 b/ii.1 +index 8e06af7..6d7704c 100644 +--- a/ii.1 ++++ b/ii.1 +@@ -21,6 +21,8 @@ and ii creates a new channel directory with in and out file. + .IR servername > + .RB [ \-p + .IR port ] ++.RB [ \-e ++.IR ssl ] + .RB [ \-k + .IR "environment variable" ] + .RB [ \-i +@@ -42,6 +44,9 @@ connect to a UNIX domain socket instead of directly to a server. + .BI \-p " port" + lets you override the default port (6667) + .TP ++.BI \-e " ssl" ++lets you connect using ssl encryption. The default ssl port is 6697. ++.TP + .BI \-k " environment variable" + lets you specify an environment variable that contains your IRC password, e.g. IIPASS="foobar" ii -k IIPASS. + This is done in order to prevent other users from eavesdropping the server password via the process list. +diff --git a/ii.c b/ii.c +index 426fcff..712f872 100644 +--- a/ii.c ++++ b/ii.c +@@ -20,6 +20,10 @@ + #include <time.h> + #include <unistd.h> + ++#include <openssl/rand.h> ++#include <openssl/ssl.h> ++#include <openssl/err.h> ++ + char *argv0; + + #include "arg.h" +@@ -43,6 +47,13 @@ struct Channel { + Channel *next; + }; + ++typedef struct { ++ int use_ssl; ++ int irc; ++ SSL *sslHandle; ++ SSL_CTX *sslContext; ++} conn; ++ + static Channel * channel_add(const char *); + static Channel * channel_find(const char *); + static Channel * channel_join(const char *); +@@ -56,20 +67,23 @@ static int channel_reopen(Channel *); + static void channel_rm(Channel *); + static void create_dirtree(const char *); + static void create_filepath(char *, size_t, const char *, const char *, const char *); +-static void ewritestr(int, const char *); +-static void handle_channels_input(int, Channel *); +-static void handle_server_output(int); ++static int swrite(conn *, const char *, size_t); ++static void ewritestr(conn *, const char *); ++static void handle_channels_input(conn *, Channel *); ++static void handle_server_output(conn *); + static int isnumeric(const char *); +-static void loginkey(int, const char *); +-static void loginuser(int, const char *, const char *); +-static void proc_channels_input(int, Channel *, char *); +-static void proc_channels_privmsg(int, Channel *, char *); +-static void proc_server_cmd(int, char *); +-static int read_line(int, char *, size_t); +-static void run(int, const char *); ++static void loginkey(conn *, const char *); ++static void loginuser(conn *, const char *, const char *); ++static void proc_channels_input(conn *, Channel *, char *); ++static void proc_channels_privmsg(conn *, Channel *, char *); ++static void proc_server_cmd(conn *, char *); ++static int sread(conn *, char *, size_t); ++static int read_line(conn *, char *, size_t); ++static int read_line_from_channel(int, char *, size_t); ++static void run(conn *, const char *); + static void setup(void); + static void sighandler(int); +-static int tcpopen(const char *, const char *); ++static void tcpopen(conn *ircfd, const char *, const char *); + static size_t tokenize(char **, size_t, char *, int); + static int udsopen(const char *); + static void usage(void); +@@ -87,20 +101,29 @@ static void + usage(void) + { + fprintf(stderr, "usage: %s <-s host> [-i <irc dir>] [-p <port>] " +- "[-u <sockname>] [-n <nick>] [-k <password>] " ++ "[-e <ssl>] [-u <sockname>] [-n <nick>] [-k <password>] " + "[-f <fullname>]\n", argv0); + exit(1); + } + ++static int ++swrite(conn *ircfd, const char *msg, size_t len) ++{ ++ if (ircfd->use_ssl) ++ return SSL_write(ircfd->sslHandle, msg, len); ++ ++ return write(ircfd->irc, msg, len); ++} ++ + static void +-ewritestr(int fd, const char *s) ++ewritestr(conn *fd, const char *s) + { + size_t len, off = 0; + int w = -1; + + len = strlen(s); + for (off = 0; off < len; off += w) { +- if ((w = write(fd, s + off, len - off)) == -1) ++ if ((w = swrite(fd, s + off, len - off)) == -1) + break; + } + if (w == -1) { +@@ -319,14 +342,14 @@ channel_leave(Channel *c) + } + + static void +-loginkey(int ircfd, const char *key) ++loginkey(conn *ircfd, const char *key) + { + snprintf(msg, sizeof(msg), "PASS %s\r\n", key); + ewritestr(ircfd, msg); + } + + static void +-loginuser(int ircfd, const char *host, const char *fullname) ++loginuser(conn *ircfd, const char *host, const char *fullname) + { + snprintf(msg, sizeof(msg), "NICK %s\r\nUSER %s localhost %s :%s\r\n", + nick, nick, host, fullname); +@@ -359,12 +382,15 @@ udsopen(const char *uds) + return fd; + } + +-static int +-tcpopen(const char *host, const char *service) ++static void ++tcpopen(conn *ircfd, const char *host, const char *service) + { + struct addrinfo hints, *res = NULL, *rp; + int fd = -1, e; + ++ ircfd->sslHandle = NULL; ++ ircfd->sslContext = NULL; ++ + memset(&hints, 0, sizeof(hints)); + hints.ai_family = AF_UNSPEC; /* allow IPv4 or IPv6 */ + hints.ai_flags = AI_NUMERICSERV; /* avoid name lookup for port */ +@@ -393,7 +419,19 @@ tcpopen(const char *host, const char *service) + } + + freeaddrinfo(res); +- return fd; ++ ircfd->irc = fd; ++ if (!ircfd->use_ssl) ++ return; ++ ++ //SSL_load_error_strings(); ++ //SSL_library_init(); ++ ircfd->sslContext = SSL_CTX_new(SSLv23_client_method()); ++ if (ircfd->sslContext == NULL) ++ ERR_print_errors_fp(stderr); ++ ircfd->sslHandle = SSL_new(ircfd->sslContext); ++ if (!SSL_set_fd(ircfd->sslHandle, ircfd->irc) || ++ (SSL_connect(ircfd->sslHandle) != 1)) ++ ERR_print_errors_fp(stderr); + } + + static int +@@ -445,7 +483,7 @@ channel_print(Channel *c, const char *buf) + } + + static void +-proc_channels_privmsg(int ircfd, Channel *c, char *buf) ++proc_channels_privmsg(conn *ircfd, Channel *c, char *buf) + { + snprintf(msg, sizeof(msg), "<%s> %s", nick, buf); + channel_print(c, msg); +@@ -454,7 +492,7 @@ proc_channels_privmsg(int ircfd, Channel *c, char *buf) + } + + static void +-proc_channels_input(int ircfd, Channel *c, char *buf) ++proc_channels_input(conn *ircfd, Channel *c, char *buf) + { + char *p = NULL; + size_t buflen; +@@ -546,7 +584,7 @@ proc_channels_input(int ircfd, Channel *c, char *buf) + } + + static void +-proc_server_cmd(int fd, char *buf) ++proc_server_cmd(conn *fd, char *buf) + { + Channel *c; + const char *channel; +@@ -665,8 +703,33 @@ proc_server_cmd(int fd, char *buf) + channel_print(c, msg); + } + ++ ++static int ++sread(conn *fd, char *buf, size_t bufsize) ++{ ++ if (fd->use_ssl) ++ return SSL_read(fd->sslHandle, buf, bufsize); ++ ++ return read(fd->irc, buf, bufsize); ++} ++ ++static int ++read_line(conn *fd, char *buf, size_t bufsiz) ++{ ++ size_t i = 0; ++ char c = '\0'; ++ ++ do { ++ if (sread(fd, &c, sizeof(char)) != sizeof(char)) ++ return -1; ++ buf[i++] = c; ++ } while (c != '\n' && i < bufsiz); ++ buf[i - 1] = '\0'; /* eliminates '\n' */ ++ return 0; ++} ++ + static int +-read_line(int fd, char *buf, size_t bufsiz) ++read_line_from_channel(int fd, char *buf, size_t bufsiz) + { + size_t i = 0; + char c = '\0'; +@@ -681,11 +744,11 @@ read_line(int fd, char *buf, size_t bufsiz) + } + + static void +-handle_channels_input(int ircfd, Channel *c) ++handle_channels_input(conn *ircfd, Channel *c) + { + char buf[IRC_MSG_MAX]; + +- if (read_line(c->fdin, buf, sizeof(buf)) == -1) { ++ if (read_line_from_channel(c->fdin, buf, sizeof(buf)) == -1) { + if (channel_reopen(c) == -1) + channel_rm(c); + return; +@@ -694,7 +757,7 @@ handle_channels_input(int ircfd, Channel *c) + } + + static void +-handle_server_output(int ircfd) ++handle_server_output(conn *ircfd) + { + char buf[IRC_MSG_MAX]; + +@@ -727,7 +790,7 @@ setup(void) + } + + static void +-run(int ircfd, const char *host) ++run(conn *ircfd, const char *host) + { + Channel *c, *tmp; + fd_set rdset; +@@ -737,9 +800,9 @@ run(int ircfd, const char *host) + + snprintf(ping_msg, sizeof(ping_msg), "PING %s\r\n", host); + while (isrunning) { +- maxfd = ircfd; ++ maxfd = ircfd->irc; + FD_ZERO(&rdset); +- FD_SET(ircfd, &rdset); ++ FD_SET(ircfd->irc, &rdset); + for (c = channels; c; c = c->next) { + if (c->fdin > maxfd) + maxfd = c->fdin; +@@ -761,7 +824,7 @@ run(int ircfd, const char *host) + ewritestr(ircfd, ping_msg); + continue; + } +- if (FD_ISSET(ircfd, &rdset)) { ++ if (FD_ISSET(ircfd->irc, &rdset)) { + handle_server_output(ircfd); + last_response = time(NULL); + } +@@ -779,9 +842,12 @@ main(int argc, char *argv[]) + Channel *c, *tmp; + struct passwd *spw; + const char *key = NULL, *fullname = NULL, *host = ""; +- const char *uds = NULL, *service = "6667"; ++ const char *uds = NULL; ++ const char *service = "6667"; ++ const char *sservice = "6697"; + char prefix[PATH_MAX]; +- int ircfd, r; ++ int r, defaultPort = 1; ++ conn ircfd; + + /* use nickname and home dir of user by default */ + if (!(spw = getpwuid(getuid()))) { +@@ -806,6 +872,7 @@ main(int argc, char *argv[]) + break; + case 'p': + service = EARGF(usage()); ++ defaultPort = 0; + break; + case 's': + host = EARGF(usage()); +@@ -813,6 +880,11 @@ main(int argc, char *argv[]) + case 'u': + uds = EARGF(usage()); + break; ++ case 'e': ++ if (defaultPort) ++ service = sservice; ++ ircfd.use_ssl = 1; ++ break; + default: + usage(); + break; +@@ -822,9 +894,9 @@ main(int argc, char *argv[]) + usage(); + + if (uds) +- ircfd = udsopen(uds); ++ ircfd.irc = udsopen(uds); + else +- ircfd = tcpopen(host, service); ++ tcpopen(&ircfd, host, service); + + #ifdef __OpenBSD__ + /* OpenBSD pledge(2) support */ +@@ -843,10 +915,10 @@ main(int argc, char *argv[]) + + channelmaster = channel_add(""); /* master channel */ + if (key) +- loginkey(ircfd, key); +- loginuser(ircfd, host, fullname && *fullname ? fullname : nick); ++ loginkey(&ircfd, key); ++ loginuser(&ircfd, host, fullname && *fullname ? fullname : nick); + setup(); +- run(ircfd, host); ++ run(&ircfd, host); + if (channelmaster) + channel_leave(channelmaster); + +@@ -855,5 +927,13 @@ main(int argc, char *argv[]) + channel_leave(c); + } + ++ if (ircfd.use_ssl) { ++ SSL_shutdown(ircfd.sslHandle); ++ SSL_free(ircfd.sslHandle); ++ SSL_CTX_free(ircfd.sslContext); ++ } ++ ++ close(ircfd.irc); ++ + return 0; + } +-- +2.28.0 + diff --git a/tools.suckless.org/ii/patches/ssl/index.md b/tools.suckless.org/ii/patches/ssl/index.md @@ -9,8 +9,10 @@ port of 6697 unless an alternative port is specified with the -p flag. Download -------- * [ii-1.7-ssl.diff](ii-1.7-ssl.diff) +* [ii-1.8-ssl-20200810-b10421c.diff](ii-1.8-ssl-20200810-b10421c.diff) Author ------ * Written for 1.6 by Hunter Haugen * Ported to ii 1.7 by Nik Unger +* Ported to ii 1.8 by Alexandre Hannedouche