ii-1.7-ssl.diff (7631B)
1 diff -up a/config.mk b/config.mk 2 --- a/config.mk 2013-01-05 08:26:47.000000000 -0500 3 +++ b/config.mk 2013-02-15 15:27:10.183075163 -0500 4 @@ -16,7 +16,7 @@ VERSION = 1.7 5 6 # includes and libs 7 INCLUDES = -I. -I${INCDIR} -I/usr/include 8 -LIBS = -L${LIBDIR} -L/usr/lib -lc 9 +LIBS = -L${LIBDIR} -L/usr/lib -lc -lssl -lcrypto 10 # uncomment and comment other variables for compiling on Solaris 11 #LIBS = -L${LIBDIR} -L/usr/lib -lc -lsocket -lnsl 12 #CFLAGS = -g ${INCLUDES} -DVERSION=\"${VERSION}\" 13 diff -up a/ii.1 b/ii.1 14 --- a/ii.1 2013-01-05 08:26:47.000000000 -0500 15 +++ b/ii.1 2013-02-15 15:28:42.739074771 -0500 16 @@ -25,6 +25,8 @@ and ii creates a new channel directory w 17 .IR servername ] 18 .RB [ \-p 19 .IR port ] 20 +.RB [ \-e 21 +.IR ssl ] 22 .RB [ \-k 23 .IR environment variable ] 24 .RB [ \-i 25 @@ -42,6 +44,9 @@ lets you override the default servername 26 .BI \-p " port" 27 lets you override the default port (6667) 28 .TP 29 +.BI \-e " ssl" 30 +lets you connect using ssl encryption. The default ssl port is 6697. 31 +.TP 32 .BI \-k " environment variable" 33 lets you specify an environment variable that contains your IRC password, e.g. IIPASS="foobar" ii -k IIPASS. 34 This is done in order to prevent other users from eavesdropping the server password via the process list. 35 diff -up a/ii.c b/ii.c 36 --- a/ii.c 2013-01-05 08:26:47.000000000 -0500 37 +++ b/ii.c 2013-02-15 15:33:39.603075095 -0500 38 @@ -18,12 +18,23 @@ 39 #include <ctype.h> 40 #include <time.h> 41 #include <unistd.h> 42 +#include <openssl/rand.h> 43 +#include <openssl/ssl.h> 44 +#include <openssl/err.h> 45 46 #ifndef PIPE_BUF /* FreeBSD don't know PIPE_BUF */ 47 #define PIPE_BUF 4096 48 #endif 49 #define PING_TIMEOUT 300 50 #define SERVER_PORT 6667 51 +#define SSL_SERVER_PORT 6697 52 +#define WRITE(con, mes, len) (use_ssl ? SSL_write(irc->sslHandle, mes, len) : write(con->irc, mes, len)) 53 +#define READ(fd, buf, size) (from_server && use_ssl ? SSL_read(irc->sslHandle, buf, size) : read(fd, buf, size)) 54 +typedef struct { 55 + int irc; 56 + SSL *sslHandle; 57 + SSL_CTX *sslContext; 58 +} conn; 59 enum { TOK_NICKSRV = 0, TOK_USER, TOK_CMD, TOK_CHAN, TOK_ARG, TOK_TEXT, TOK_LAST }; 60 61 typedef struct Channel Channel; 62 @@ -33,7 +44,8 @@ struct Channel { 63 Channel *next; 64 }; 65 66 -static int irc; 67 +conn *irc; 68 +static int use_ssl; 69 static time_t last_response; 70 static Channel *channels = NULL; 71 static char *host = "irc.freenode.net"; 72 @@ -45,7 +57,7 @@ static void usage() { 73 fputs("ii - irc it - " VERSION "\n" 74 "(C)opyright MMV-MMVI Anselm R. Garbe\n" 75 "(C)opyright MMV-MMXI Nico Golde\n" 76 - "usage: ii [-i <irc dir>] [-s <host>] [-p <port>]\n" 77 + "usage: ii [-i <irc dir>] [-s <host>] [-p <port>] [-e ssl]\n" 78 " [-n <nick>] [-k <password>] [-f <fullname>]\n", stderr); 79 exit(EXIT_FAILURE); 80 } 81 @@ -148,11 +160,12 @@ static void login(char *key, char *fulln 82 nick, nick, host, fullname ? fullname : nick); 83 else snprintf(message, PIPE_BUF, "NICK %s\r\nUSER %s localhost %s :%s\r\n", 84 nick, nick, host, fullname ? fullname : nick); 85 - write(irc, message, strlen(message)); /* login */ 86 + WRITE(irc, message, strlen(message)); /* login */ 87 } 88 89 -static int tcpopen(unsigned short port) { 90 +conn *tcpopen(unsigned short port) { 91 int fd; 92 + conn *c; 93 struct sockaddr_in sin; 94 struct hostent *hp = gethostbyname(host); 95 96 @@ -172,7 +185,22 @@ static int tcpopen(unsigned short port) 97 perror("ii: cannot connect to host"); 98 exit(EXIT_FAILURE); 99 } 100 - return fd; 101 + c = malloc(sizeof(conn)); 102 + c->irc = fd; 103 + if(use_ssl) { 104 + c->sslHandle = NULL; 105 + c->sslContext = NULL; 106 + SSL_load_error_strings(); 107 + SSL_library_init(); 108 + c->sslContext = SSL_CTX_new(SSLv23_client_method()); 109 + if(c->sslContext == NULL) 110 + ERR_print_errors_fp(stderr); 111 + c->sslHandle = SSL_new(c->sslContext); 112 + if(!SSL_set_fd(c->sslHandle, c->irc) 113 + || (SSL_connect(c->sslHandle) != 1)) 114 + ERR_print_errors_fp(stderr); 115 + } 116 + return c; 117 } 118 119 static size_t tokenize(char **result, size_t reslen, char *str, char delim) { 120 @@ -219,7 +247,7 @@ static void proc_channels_privmsg(char * 121 snprintf(message, PIPE_BUF, "<%s> %s", nick, buf); 122 print_out(channel, message); 123 snprintf(message, PIPE_BUF, "PRIVMSG %s :%s\r\n", channel, buf); 124 - write(irc, message, strlen(message)); 125 + WRITE(irc, message, strlen(message)); 126 } 127 128 static void proc_channels_input(Channel *c, char *buf) { 129 @@ -273,7 +301,7 @@ static void proc_channels_input(Channel 130 else 131 snprintf(message, PIPE_BUF, 132 "PART %s :ii - 500 SLOC are too much\r\n", c->name); 133 - write(irc, message, strlen(message)); 134 + WRITE(irc, message, strlen(message)); 135 close(c->fd); 136 /*create_filepath(infile, sizeof(infile), c->name, "in"); 137 unlink(infile); */ 138 @@ -288,7 +316,7 @@ static void proc_channels_input(Channel 139 snprintf(message, PIPE_BUF, "%s\r\n", &buf[1]); 140 141 if (message[0] != '\0') 142 - write(irc, message, strlen(message)); 143 + WRITE(irc, message, strlen(message)); 144 } 145 146 static void proc_server_cmd(char *buf) { 147 @@ -339,7 +367,7 @@ static void proc_server_cmd(char *buf) { 148 return; 149 } else if(!strncmp("PING", argv[TOK_CMD], 5)) { 150 snprintf(message, PIPE_BUF, "PONG %s\r\n", argv[TOK_TEXT]); 151 - write(irc, message, strlen(message)); 152 + WRITE(irc, message, strlen(message)); 153 return; 154 } else if(!argv[TOK_NICKSRV] || !argv[TOK_USER]) { /* server command */ 155 snprintf(message, PIPE_BUF, "%s%s", argv[TOK_ARG] ? argv[TOK_ARG] : "", argv[TOK_TEXT] ? argv[TOK_TEXT] : ""); 156 @@ -373,11 +401,11 @@ static void proc_server_cmd(char *buf) { 157 print_out(argv[TOK_CHAN], message); 158 } 159 160 -static int read_line(int fd, size_t res_len, char *buf) { 161 +static int read_line(int fd, size_t res_len, char *buf, int from_server) { 162 size_t i = 0; 163 char c = 0; 164 do { 165 - if(read(fd, &c, sizeof(char)) != sizeof(char)) 166 + if(READ(fd, &c, sizeof(char)) != sizeof(char)) 167 return -1; 168 buf[i++] = c; 169 } 170 @@ -388,7 +416,7 @@ static int read_line(int fd, size_t res_ 171 172 static void handle_channels_input(Channel *c) { 173 static char buf[PIPE_BUF]; 174 - if(read_line(c->fd, PIPE_BUF, buf) == -1) { 175 + if(read_line(c->fd, PIPE_BUF, buf, 0) == -1) { 176 close(c->fd); 177 int fd = open_channel(c->name); 178 if(fd != -1) 179 @@ -402,7 +430,7 @@ static void handle_channels_input(Channe 180 181 static void handle_server_output() { 182 static char buf[PIPE_BUF]; 183 - if(read_line(irc, PIPE_BUF, buf) == -1) { 184 + if(read_line(irc->irc, PIPE_BUF, buf, 1) == -1) { 185 perror("ii: remote host closed connection"); 186 exit(EXIT_FAILURE); 187 } 188 @@ -419,8 +447,8 @@ static void run() { 189 snprintf(ping_msg, sizeof(ping_msg), "PING %s\r\n", host); 190 for(;;) { 191 FD_ZERO(&rd); 192 - maxfd = irc; 193 - FD_SET(irc, &rd); 194 + maxfd = irc->irc; 195 + FD_SET(irc->irc, &rd); 196 for(c = channels; c; c = c->next) { 197 if(maxfd < c->fd) 198 maxfd = c->fd; 199 @@ -440,10 +468,10 @@ static void run() { 200 print_out(NULL, "-!- ii shutting down: ping timeout"); 201 exit(EXIT_FAILURE); 202 } 203 - write(irc, ping_msg, strlen(ping_msg)); 204 + WRITE(irc, ping_msg, strlen(ping_msg)); 205 continue; 206 } 207 - if(FD_ISSET(irc, &rd)) { 208 + if(FD_ISSET(irc->irc, &rd)) { 209 handle_server_output(); 210 last_response = time(NULL); 211 } 212 @@ -475,10 +503,13 @@ int main(int argc, char *argv[]) { 213 case 'p': port = strtol(argv[++i], NULL, 10); break; 214 case 'n': snprintf(nick,sizeof(nick),"%s", argv[++i]); break; 215 case 'k': key = getenv(argv[++i]); break; 216 + case 'e': use_ssl = 1; ++i; break; 217 case 'f': fullname = argv[++i]; break; 218 default: usage(); break; 219 } 220 } 221 + if(use_ssl) 222 + port = port == SERVER_PORT ? SSL_SERVER_PORT : port; 223 irc = tcpopen(port); 224 if(!snprintf(path, sizeof(path), "%s/%s", prefix, host)) { 225 fputs("ii: path to irc directory too long\n", stderr);