Require opting out of SSL verification in /server and /reconnect.
This commit is contained in:
Sadie Powell
@@ -3225,16 +3225,19 @@ cmd_reconnect (struct session *sess, char *tbuf, char *word[], char *word_eol[])
|
|||||||
else if (*word[2])
|
else if (*word[2])
|
||||||
{
|
{
|
||||||
int offset = 0;
|
int offset = 0;
|
||||||
#ifdef USE_OPENSSL
|
|
||||||
int use_ssl = FALSE;
|
|
||||||
|
|
||||||
if (strcmp (word[2], "-ssl") == 0)
|
#ifdef USE_OPENSSL
|
||||||
|
if (g_strcmp0 (word[2], "-ssl") == 0)
|
||||||
{
|
{
|
||||||
use_ssl = TRUE;
|
serv->use_ssl = TRUE;
|
||||||
|
serv->accept_invalid_cert = FALSE;
|
||||||
|
offset++; /* args move up by 1 word */
|
||||||
|
} else if (g_strcmp0 (word[2], "-ssl-noverify") == 0)
|
||||||
|
{
|
||||||
|
serv->use_ssl = TRUE;
|
||||||
|
serv->accept_invalid_cert = TRUE;
|
||||||
offset++; /* args move up by 1 word */
|
offset++; /* args move up by 1 word */
|
||||||
}
|
}
|
||||||
serv->use_ssl = use_ssl;
|
|
||||||
serv->accept_invalid_cert = TRUE;
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (*word[4+offset])
|
if (*word[4+offset])
|
||||||
@@ -3422,17 +3425,24 @@ cmd_server (struct session *sess, char *tbuf, char *word[], char *word_eol[])
|
|||||||
char *channel = NULL;
|
char *channel = NULL;
|
||||||
char *key = NULL;
|
char *key = NULL;
|
||||||
int use_ssl = FALSE;
|
int use_ssl = FALSE;
|
||||||
|
int use_ssl_noverify = FALSE;
|
||||||
int is_url = TRUE;
|
int is_url = TRUE;
|
||||||
server *serv = sess->server;
|
server *serv = sess->server;
|
||||||
ircnet *net = NULL;
|
ircnet *net = NULL;
|
||||||
|
|
||||||
#ifdef USE_OPENSSL
|
#ifdef USE_OPENSSL
|
||||||
/* BitchX uses -ssl, mIRC uses -e, let's support both */
|
/* BitchX uses -ssl, mIRC uses -e, let's support both */
|
||||||
if (strcmp (word[2], "-ssl") == 0 || strcmp (word[2], "-e") == 0)
|
if (g_strcmp0 (word[2], "-ssl") == 0 || g_strcmp0 (word[2], "-e") == 0)
|
||||||
{
|
{
|
||||||
use_ssl = TRUE;
|
use_ssl = TRUE;
|
||||||
offset++; /* args move up by 1 word */
|
offset++; /* args move up by 1 word */
|
||||||
}
|
}
|
||||||
|
else if (g_strcmp0 (word[2], "-ssl-noverify") == 0)
|
||||||
|
{
|
||||||
|
use_ssl = TRUE;
|
||||||
|
use_ssl_noverify = TRUE;
|
||||||
|
offset++; /* args move up by 1 word */
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (!parse_irc_url (word[2 + offset], &server_name, &port, &channel, &key, &use_ssl))
|
if (!parse_irc_url (word[2 + offset], &server_name, &port, &channel, &key, &use_ssl))
|
||||||
@@ -3497,7 +3507,7 @@ cmd_server (struct session *sess, char *tbuf, char *word[], char *word_eol[])
|
|||||||
|
|
||||||
#ifdef USE_OPENSSL
|
#ifdef USE_OPENSSL
|
||||||
serv->use_ssl = use_ssl;
|
serv->use_ssl = use_ssl;
|
||||||
serv->accept_invalid_cert = TRUE;
|
serv->accept_invalid_cert = use_ssl_noverify;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* try to connect by Network name */
|
/* try to connect by Network name */
|
||||||
@@ -3528,7 +3538,7 @@ cmd_servchan (struct session *sess, char *tbuf, char *word[],
|
|||||||
int offset = 0;
|
int offset = 0;
|
||||||
|
|
||||||
#ifdef USE_OPENSSL
|
#ifdef USE_OPENSSL
|
||||||
if (strcmp (word[2], "-ssl") == 0)
|
if (g_strcmp0 (word[2], "-ssl") == 0 || g_strcmp0 (word[2], "-ssl-noverify") == 0)
|
||||||
offset++;
|
offset++;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@@ -4077,7 +4087,7 @@ const struct commands xc_cmds[] = {
|
|||||||
N_("QUOTE <text>, sends the text in raw form to the server")},
|
N_("QUOTE <text>, sends the text in raw form to the server")},
|
||||||
#ifdef USE_OPENSSL
|
#ifdef USE_OPENSSL
|
||||||
{"RECONNECT", cmd_reconnect, 0, 0, 1,
|
{"RECONNECT", cmd_reconnect, 0, 0, 1,
|
||||||
N_("RECONNECT [-ssl] [<host>] [<port>] [<password>], Can be called just as /RECONNECT to reconnect to the current server or with /RECONNECT ALL to reconnect to all the open servers")},
|
N_("RECONNECT [-ssl|-ssl-noverify] [<host>] [<port>] [<password>], Can be called just as /RECONNECT to reconnect to the current server or with /RECONNECT ALL to reconnect to all the open servers")},
|
||||||
#else
|
#else
|
||||||
{"RECONNECT", cmd_reconnect, 0, 0, 1,
|
{"RECONNECT", cmd_reconnect, 0, 0, 1,
|
||||||
N_("RECONNECT [<host>] [<port>] [<password>], Can be called just as /RECONNECT to reconnect to the current server or with /RECONNECT ALL to reconnect to all the open servers")},
|
N_("RECONNECT [<host>] [<port>] [<password>], Can be called just as /RECONNECT to reconnect to the current server or with /RECONNECT ALL to reconnect to all the open servers")},
|
||||||
@@ -4089,14 +4099,14 @@ const struct commands xc_cmds[] = {
|
|||||||
{"SEND", cmd_send, 0, 0, 1, N_("SEND <nick> [<file>]")},
|
{"SEND", cmd_send, 0, 0, 1, N_("SEND <nick> [<file>]")},
|
||||||
#ifdef USE_OPENSSL
|
#ifdef USE_OPENSSL
|
||||||
{"SERVCHAN", cmd_servchan, 0, 0, 1,
|
{"SERVCHAN", cmd_servchan, 0, 0, 1,
|
||||||
N_("SERVCHAN [-ssl] <host> <port> <channel>, connects and joins a channel")},
|
N_("SERVCHAN [-ssl|-ssl-noverify] <host> <port> <channel>, connects and joins a channel")},
|
||||||
#else
|
#else
|
||||||
{"SERVCHAN", cmd_servchan, 0, 0, 1,
|
{"SERVCHAN", cmd_servchan, 0, 0, 1,
|
||||||
N_("SERVCHAN <host> <port> <channel>, connects and joins a channel")},
|
N_("SERVCHAN <host> <port> <channel>, connects and joins a channel")},
|
||||||
#endif
|
#endif
|
||||||
#ifdef USE_OPENSSL
|
#ifdef USE_OPENSSL
|
||||||
{"SERVER", cmd_server, 0, 0, 1,
|
{"SERVER", cmd_server, 0, 0, 1,
|
||||||
N_("SERVER [-ssl] <host> [<port>] [<password>], connects to a server, the default port is 6667 for normal connections, and 6697 for ssl connections")},
|
N_("SERVER [-ssl|-ssl-noverify] <host> [<port>] [<password>], connects to a server, the default port is 6667 for normal connections, and 6697 for ssl connections")},
|
||||||
#else
|
#else
|
||||||
{"SERVER", cmd_server, 0, 0, 1,
|
{"SERVER", cmd_server, 0, 0, 1,
|
||||||
N_("SERVER <host> [<port>] [<password>], connects to a server, the default port is 6667")},
|
N_("SERVER <host> [<port>] [<password>], connects to a server, the default port is 6667")},
|
||||||
|
|||||||
Reference in New Issue
Block a user