Default /SERVER and friends to use SSL when built with OpenSSL.
Since commit 747a52aae8
users have to
opt-out of using SSL when creating a new server. This commit makes
it so /SERVER also uses SSL by default.
In order to connect insecurely users must now use one of these
methods:
/SERVER -insecure irc.example.com
/SERVER irc.example.com -6667
The `-ssl` flag and the `+port` syntax have been retained for compat
reasons.
This commit is contained in:
parent
2dbc6adbc2
commit
8fb0d2311f
@ -3249,7 +3249,7 @@ cmd_reconnect (struct session *sess, char *tbuf, char *word[], char *word_eol[])
|
|||||||
int offset = 0;
|
int offset = 0;
|
||||||
|
|
||||||
#ifdef USE_OPENSSL
|
#ifdef USE_OPENSSL
|
||||||
int use_ssl = FALSE;
|
int use_ssl = TRUE;
|
||||||
int use_ssl_noverify = FALSE;
|
int use_ssl_noverify = FALSE;
|
||||||
if (g_strcmp0 (word[2], "-ssl") == 0)
|
if (g_strcmp0 (word[2], "-ssl") == 0)
|
||||||
{
|
{
|
||||||
@ -3261,6 +3261,11 @@ cmd_reconnect (struct session *sess, char *tbuf, char *word[], char *word_eol[])
|
|||||||
use_ssl = TRUE;
|
use_ssl = TRUE;
|
||||||
use_ssl_noverify = TRUE;
|
use_ssl_noverify = TRUE;
|
||||||
offset++; /* args move up by 1 word */
|
offset++; /* args move up by 1 word */
|
||||||
|
} else if (g_strcmp0 (word[2], "-insecure") == 0)
|
||||||
|
{
|
||||||
|
use_ssl = FALSE;
|
||||||
|
use_ssl_noverify = FALSE;
|
||||||
|
offset++; /* args move up by 1 word */
|
||||||
}
|
}
|
||||||
serv->use_ssl = use_ssl;
|
serv->use_ssl = use_ssl;
|
||||||
serv->accept_invalid_cert = use_ssl_noverify;
|
serv->accept_invalid_cert = use_ssl_noverify;
|
||||||
@ -3450,8 +3455,10 @@ cmd_server (struct session *sess, char *tbuf, char *word[], char *word_eol[])
|
|||||||
char *pass = NULL;
|
char *pass = NULL;
|
||||||
char *channel = NULL;
|
char *channel = NULL;
|
||||||
char *key = NULL;
|
char *key = NULL;
|
||||||
int use_ssl = FALSE;
|
#ifdef USE_OPENSSL
|
||||||
|
int use_ssl = TRUE;
|
||||||
int use_ssl_noverify = FALSE;
|
int use_ssl_noverify = FALSE;
|
||||||
|
#endif
|
||||||
int is_url = TRUE;
|
int is_url = TRUE;
|
||||||
server *serv = sess->server;
|
server *serv = sess->server;
|
||||||
ircnet *net = NULL;
|
ircnet *net = NULL;
|
||||||
@ -3469,6 +3476,11 @@ cmd_server (struct session *sess, char *tbuf, char *word[], char *word_eol[])
|
|||||||
use_ssl_noverify = TRUE;
|
use_ssl_noverify = TRUE;
|
||||||
offset++; /* args move up by 1 word */
|
offset++; /* args move up by 1 word */
|
||||||
}
|
}
|
||||||
|
else if (g_strcmp0 (word[2], "-insecure") == 0)
|
||||||
|
{
|
||||||
|
use_ssl = FALSE;
|
||||||
|
offset++; /* args move up by 1 word */
|
||||||
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (!parse_irc_url (word[2 + offset], &server_name, &port, &channel, &key, &use_ssl))
|
if (!parse_irc_url (word[2 + offset], &server_name, &port, &channel, &key, &use_ssl))
|
||||||
@ -3509,6 +3521,13 @@ cmd_server (struct session *sess, char *tbuf, char *word[], char *word_eol[])
|
|||||||
use_ssl = TRUE;
|
use_ssl = TRUE;
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
|
else if (port[0] == '-')
|
||||||
|
{
|
||||||
|
port++;
|
||||||
|
#ifdef USE_OPENSSL
|
||||||
|
use_ssl = FALSE;
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
if (*pass)
|
if (*pass)
|
||||||
{
|
{
|
||||||
@ -3564,7 +3583,7 @@ cmd_servchan (struct session *sess, char *tbuf, char *word[],
|
|||||||
int offset = 0;
|
int offset = 0;
|
||||||
|
|
||||||
#ifdef USE_OPENSSL
|
#ifdef USE_OPENSSL
|
||||||
if (g_strcmp0 (word[2], "-ssl") == 0 || g_strcmp0 (word[2], "-ssl-noverify") == 0)
|
if (g_strcmp0 (word[2], "-ssl") == 0 || g_strcmp0 (word[2], "-ssl-noverify") == 0 || g_strcmp0 (word[2], "-insecure") == 0)
|
||||||
offset++;
|
offset++;
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
@ -4098,14 +4117,14 @@ const struct commands xc_cmds[] = {
|
|||||||
{"SEND", cmd_send, 0, 0, 1, N_("SEND <nick> [<file>]")},
|
{"SEND", cmd_send, 0, 0, 1, N_("SEND <nick> [<file>]")},
|
||||||
#ifdef USE_OPENSSL
|
#ifdef USE_OPENSSL
|
||||||
{"SERVCHAN", cmd_servchan, 0, 0, 1,
|
{"SERVCHAN", cmd_servchan, 0, 0, 1,
|
||||||
N_("SERVCHAN [-ssl|-ssl-noverify] <host> <port> <channel>, connects and joins a channel")},
|
N_("SERVCHAN [-insecure|-ssl|-ssl-noverify] <host> <port> <channel>, connects and joins a channel")},
|
||||||
#else
|
#else
|
||||||
{"SERVCHAN", cmd_servchan, 0, 0, 1,
|
{"SERVCHAN", cmd_servchan, 0, 0, 1,
|
||||||
N_("SERVCHAN <host> <port> <channel>, connects and joins a channel")},
|
N_("SERVCHAN <host> <port> <channel>, connects and joins a channel")},
|
||||||
#endif
|
#endif
|
||||||
#ifdef USE_OPENSSL
|
#ifdef USE_OPENSSL
|
||||||
{"SERVER", cmd_server, 0, 0, 1,
|
{"SERVER", cmd_server, 0, 0, 1,
|
||||||
N_("SERVER [-ssl|-ssl-noverify] <host> [<port>] [<password>], connects to a server, the default port is 6667 for normal connections, and 6697 for ssl connections")},
|
N_("SERVER [-insecure|-ssl|-ssl-noverify] <host> [<port>] [<password>], connects to a server, the default port is 6667 for insecure connections, and 6697 for ssl connections")},
|
||||||
#else
|
#else
|
||||||
{"SERVER", cmd_server, 0, 0, 1,
|
{"SERVER", cmd_server, 0, 0, 1,
|
||||||
N_("SERVER <host> [<port>] [<password>], connects to a server, the default port is 6667")},
|
N_("SERVER <host> [<port>] [<password>], connects to a server, the default port is 6667")},
|
||||||
|
Loading…
Reference in New Issue
Block a user