ii-1.7-ssl.diff 7.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226
  1. diff -up a/config.mk b/config.mk
  2. --- a/config.mk 2013-01-05 08:26:47.000000000 -0500
  3. +++ b/config.mk 2013-02-15 15:27:10.183075163 -0500
  4. @@ -16,7 +16,7 @@ VERSION = 1.7
  5. # includes and libs
  6. INCLUDES = -I. -I${INCDIR} -I/usr/include
  7. -LIBS = -L${LIBDIR} -L/usr/lib -lc
  8. +LIBS = -L${LIBDIR} -L/usr/lib -lc -lssl -lcrypto
  9. # uncomment and comment other variables for compiling on Solaris
  10. #LIBS = -L${LIBDIR} -L/usr/lib -lc -lsocket -lnsl
  11. #CFLAGS = -g ${INCLUDES} -DVERSION=\"${VERSION}\"
  12. diff -up a/ii.1 b/ii.1
  13. --- a/ii.1 2013-01-05 08:26:47.000000000 -0500
  14. +++ b/ii.1 2013-02-15 15:28:42.739074771 -0500
  15. @@ -25,6 +25,8 @@ and ii creates a new channel directory w
  16. .IR servername ]
  17. .RB [ \-p
  18. .IR port ]
  19. +.RB [ \-e
  20. +.IR ssl ]
  21. .RB [ \-k
  22. .IR environment variable ]
  23. .RB [ \-i
  24. @@ -42,6 +44,9 @@ lets you override the default servername
  25. .BI \-p " port"
  26. lets you override the default port (6667)
  27. .TP
  28. +.BI \-e " ssl"
  29. +lets you connect using ssl encryption. The default ssl port is 6697.
  30. +.TP
  31. .BI \-k " environment variable"
  32. lets you specify an environment variable that contains your IRC password, e.g. IIPASS="foobar" ii -k IIPASS.
  33. This is done in order to prevent other users from eavesdropping the server password via the process list.
  34. diff -up a/ii.c b/ii.c
  35. --- a/ii.c 2013-01-05 08:26:47.000000000 -0500
  36. +++ b/ii.c 2013-02-15 15:33:39.603075095 -0500
  37. @@ -18,12 +18,23 @@
  38. #include <ctype.h>
  39. #include <time.h>
  40. #include <unistd.h>
  41. +#include <openssl/rand.h>
  42. +#include <openssl/ssl.h>
  43. +#include <openssl/err.h>
  44. #ifndef PIPE_BUF /* FreeBSD don't know PIPE_BUF */
  45. #define PIPE_BUF 4096
  46. #endif
  47. #define PING_TIMEOUT 300
  48. #define SERVER_PORT 6667
  49. +#define SSL_SERVER_PORT 6697
  50. +#define WRITE(con, mes, len) (use_ssl ? SSL_write(irc->sslHandle, mes, len) : write(con->irc, mes, len))
  51. +#define READ(fd, buf, size) (from_server && use_ssl ? SSL_read(irc->sslHandle, buf, size) : read(fd, buf, size))
  52. +typedef struct {
  53. + int irc;
  54. + SSL *sslHandle;
  55. + SSL_CTX *sslContext;
  56. +} conn;
  57. enum { TOK_NICKSRV = 0, TOK_USER, TOK_CMD, TOK_CHAN, TOK_ARG, TOK_TEXT, TOK_LAST };
  58. typedef struct Channel Channel;
  59. @@ -33,7 +44,8 @@ struct Channel {
  60. Channel *next;
  61. };
  62. -static int irc;
  63. +conn *irc;
  64. +static int use_ssl;
  65. static time_t last_response;
  66. static Channel *channels = NULL;
  67. static char *host = "irc.freenode.net";
  68. @@ -45,7 +57,7 @@ static void usage() {
  69. fputs("ii - irc it - " VERSION "\n"
  70. "(C)opyright MMV-MMVI Anselm R. Garbe\n"
  71. "(C)opyright MMV-MMXI Nico Golde\n"
  72. - "usage: ii [-i <irc dir>] [-s <host>] [-p <port>]\n"
  73. + "usage: ii [-i <irc dir>] [-s <host>] [-p <port>] [-e ssl]\n"
  74. " [-n <nick>] [-k <password>] [-f <fullname>]\n", stderr);
  75. exit(EXIT_FAILURE);
  76. }
  77. @@ -148,11 +160,12 @@ static void login(char *key, char *fulln
  78. nick, nick, host, fullname ? fullname : nick);
  79. else snprintf(message, PIPE_BUF, "NICK %s\r\nUSER %s localhost %s :%s\r\n",
  80. nick, nick, host, fullname ? fullname : nick);
  81. - write(irc, message, strlen(message)); /* login */
  82. + WRITE(irc, message, strlen(message)); /* login */
  83. }
  84. -static int tcpopen(unsigned short port) {
  85. +conn *tcpopen(unsigned short port) {
  86. int fd;
  87. + conn *c;
  88. struct sockaddr_in sin;
  89. struct hostent *hp = gethostbyname(host);
  90. @@ -172,7 +185,22 @@ static int tcpopen(unsigned short port)
  91. perror("ii: cannot connect to host");
  92. exit(EXIT_FAILURE);
  93. }
  94. - return fd;
  95. + c = malloc(sizeof(conn));
  96. + c->irc = fd;
  97. + if(use_ssl) {
  98. + c->sslHandle = NULL;
  99. + c->sslContext = NULL;
  100. + SSL_load_error_strings();
  101. + SSL_library_init();
  102. + c->sslContext = SSL_CTX_new(SSLv23_client_method());
  103. + if(c->sslContext == NULL)
  104. + ERR_print_errors_fp(stderr);
  105. + c->sslHandle = SSL_new(c->sslContext);
  106. + if(!SSL_set_fd(c->sslHandle, c->irc)
  107. + || (SSL_connect(c->sslHandle) != 1))
  108. + ERR_print_errors_fp(stderr);
  109. + }
  110. + return c;
  111. }
  112. static size_t tokenize(char **result, size_t reslen, char *str, char delim) {
  113. @@ -219,7 +247,7 @@ static void proc_channels_privmsg(char *
  114. snprintf(message, PIPE_BUF, "<%s> %s", nick, buf);
  115. print_out(channel, message);
  116. snprintf(message, PIPE_BUF, "PRIVMSG %s :%s\r\n", channel, buf);
  117. - write(irc, message, strlen(message));
  118. + WRITE(irc, message, strlen(message));
  119. }
  120. static void proc_channels_input(Channel *c, char *buf) {
  121. @@ -273,7 +301,7 @@ static void proc_channels_input(Channel
  122. else
  123. snprintf(message, PIPE_BUF,
  124. "PART %s :ii - 500 SLOC are too much\r\n", c->name);
  125. - write(irc, message, strlen(message));
  126. + WRITE(irc, message, strlen(message));
  127. close(c->fd);
  128. /*create_filepath(infile, sizeof(infile), c->name, "in");
  129. unlink(infile); */
  130. @@ -288,7 +316,7 @@ static void proc_channels_input(Channel
  131. snprintf(message, PIPE_BUF, "%s\r\n", &buf[1]);
  132. if (message[0] != '\0')
  133. - write(irc, message, strlen(message));
  134. + WRITE(irc, message, strlen(message));
  135. }
  136. static void proc_server_cmd(char *buf) {
  137. @@ -339,7 +367,7 @@ static void proc_server_cmd(char *buf) {
  138. return;
  139. } else if(!strncmp("PING", argv[TOK_CMD], 5)) {
  140. snprintf(message, PIPE_BUF, "PONG %s\r\n", argv[TOK_TEXT]);
  141. - write(irc, message, strlen(message));
  142. + WRITE(irc, message, strlen(message));
  143. return;
  144. } else if(!argv[TOK_NICKSRV] || !argv[TOK_USER]) { /* server command */
  145. snprintf(message, PIPE_BUF, "%s%s", argv[TOK_ARG] ? argv[TOK_ARG] : "", argv[TOK_TEXT] ? argv[TOK_TEXT] : "");
  146. @@ -373,11 +401,11 @@ static void proc_server_cmd(char *buf) {
  147. print_out(argv[TOK_CHAN], message);
  148. }
  149. -static int read_line(int fd, size_t res_len, char *buf) {
  150. +static int read_line(int fd, size_t res_len, char *buf, int from_server) {
  151. size_t i = 0;
  152. char c = 0;
  153. do {
  154. - if(read(fd, &c, sizeof(char)) != sizeof(char))
  155. + if(READ(fd, &c, sizeof(char)) != sizeof(char))
  156. return -1;
  157. buf[i++] = c;
  158. }
  159. @@ -388,7 +416,7 @@ static int read_line(int fd, size_t res_
  160. static void handle_channels_input(Channel *c) {
  161. static char buf[PIPE_BUF];
  162. - if(read_line(c->fd, PIPE_BUF, buf) == -1) {
  163. + if(read_line(c->fd, PIPE_BUF, buf, 0) == -1) {
  164. close(c->fd);
  165. int fd = open_channel(c->name);
  166. if(fd != -1)
  167. @@ -402,7 +430,7 @@ static void handle_channels_input(Channe
  168. static void handle_server_output() {
  169. static char buf[PIPE_BUF];
  170. - if(read_line(irc, PIPE_BUF, buf) == -1) {
  171. + if(read_line(irc->irc, PIPE_BUF, buf, 1) == -1) {
  172. perror("ii: remote host closed connection");
  173. exit(EXIT_FAILURE);
  174. }
  175. @@ -419,8 +447,8 @@ static void run() {
  176. snprintf(ping_msg, sizeof(ping_msg), "PING %s\r\n", host);
  177. for(;;) {
  178. FD_ZERO(&rd);
  179. - maxfd = irc;
  180. - FD_SET(irc, &rd);
  181. + maxfd = irc->irc;
  182. + FD_SET(irc->irc, &rd);
  183. for(c = channels; c; c = c->next) {
  184. if(maxfd < c->fd)
  185. maxfd = c->fd;
  186. @@ -440,10 +468,10 @@ static void run() {
  187. print_out(NULL, "-!- ii shutting down: ping timeout");
  188. exit(EXIT_FAILURE);
  189. }
  190. - write(irc, ping_msg, strlen(ping_msg));
  191. + WRITE(irc, ping_msg, strlen(ping_msg));
  192. continue;
  193. }
  194. - if(FD_ISSET(irc, &rd)) {
  195. + if(FD_ISSET(irc->irc, &rd)) {
  196. handle_server_output();
  197. last_response = time(NULL);
  198. }
  199. @@ -475,10 +503,13 @@ int main(int argc, char *argv[]) {
  200. case 'p': port = strtol(argv[++i], NULL, 10); break;
  201. case 'n': snprintf(nick,sizeof(nick),"%s", argv[++i]); break;
  202. case 'k': key = getenv(argv[++i]); break;
  203. + case 'e': use_ssl = 1; ++i; break;
  204. case 'f': fullname = argv[++i]; break;
  205. default: usage(); break;
  206. }
  207. }
  208. + if(use_ssl)
  209. + port = port == SERVER_PORT ? SSL_SERVER_PORT : port;
  210. irc = tcpopen(port);
  211. if(!snprintf(path, sizeof(path), "%s/%s", prefix, host)) {
  212. fputs("ii: path to irc directory too long\n", stderr);