178 lines
5.1 KiB
C
178 lines
5.1 KiB
C
/*
|
|
* relay-network.c - network functions for relay plugin
|
|
*
|
|
* Copyright (C) 2003-2020 Sébastien Helleu <flashcode@flashtux.org>
|
|
*
|
|
* This file is part of WeeChat, the extensible chat client.
|
|
*
|
|
* WeeChat is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* WeeChat is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with WeeChat. If not, see <https://www.gnu.org/licenses/>.
|
|
*/
|
|
|
|
#include <stdlib.h>
|
|
|
|
#ifdef HAVE_GNUTLS
|
|
#include <gnutls/gnutls.h>
|
|
#endif /* HAVE_GNUTLS */
|
|
|
|
#include "../weechat-plugin.h"
|
|
#include "relay.h"
|
|
#include "relay-network.h"
|
|
#include "relay-config.h"
|
|
|
|
|
|
int relay_network_init_ok = 0;
|
|
int relay_network_init_ssl_cert_key_ok = 0;
|
|
|
|
#ifdef HAVE_GNUTLS
|
|
gnutls_certificate_credentials_t relay_gnutls_x509_cred;
|
|
gnutls_priority_t *relay_gnutls_priority_cache = NULL;
|
|
gnutls_dh_params_t *relay_gnutls_dh_params = NULL;
|
|
#endif /* HAVE_GNUTLS */
|
|
|
|
|
|
/*
|
|
* Sets SSL certificate/key file.
|
|
*
|
|
* If verbose == 1, a message is displayed if successful, otherwise a warning
|
|
* (if no cert/key found in file).
|
|
*/
|
|
|
|
void
|
|
relay_network_set_ssl_cert_key (int verbose)
|
|
{
|
|
#ifdef HAVE_GNUTLS
|
|
char *certkey_path, *certkey_path2, *weechat_dir;
|
|
int ret;
|
|
|
|
gnutls_certificate_free_credentials (relay_gnutls_x509_cred);
|
|
gnutls_certificate_allocate_credentials (&relay_gnutls_x509_cred);
|
|
|
|
relay_network_init_ssl_cert_key_ok = 0;
|
|
|
|
certkey_path = weechat_string_expand_home (weechat_config_string (relay_config_network_ssl_cert_key));
|
|
if (certkey_path)
|
|
{
|
|
weechat_dir = weechat_info_get ("weechat_dir", NULL);
|
|
certkey_path2 = weechat_string_replace (certkey_path, "%h",
|
|
weechat_dir);
|
|
if (weechat_dir)
|
|
free (weechat_dir);
|
|
if (certkey_path2)
|
|
{
|
|
ret = gnutls_certificate_set_x509_key_file (relay_gnutls_x509_cred,
|
|
certkey_path2,
|
|
certkey_path2,
|
|
GNUTLS_X509_FMT_PEM);
|
|
if (ret >= 0)
|
|
{
|
|
relay_network_init_ssl_cert_key_ok = 1;
|
|
if (verbose)
|
|
{
|
|
weechat_printf (NULL,
|
|
_("%s: SSL certificate and key have been "
|
|
"set"),
|
|
RELAY_PLUGIN_NAME);
|
|
}
|
|
}
|
|
else
|
|
{
|
|
if (verbose)
|
|
{
|
|
weechat_printf (NULL,
|
|
_("%s%s: warning: no SSL certificate/key "
|
|
"found (option relay.network.ssl_cert_key)"),
|
|
weechat_prefix ("error"), RELAY_PLUGIN_NAME);
|
|
}
|
|
}
|
|
free (certkey_path2);
|
|
}
|
|
free (certkey_path);
|
|
}
|
|
#else
|
|
/* make C compiler happy */
|
|
(void) verbose;
|
|
#endif /* HAVE_GNUTLS */
|
|
}
|
|
|
|
/*
|
|
* Sets gnutls priority cache.
|
|
*/
|
|
|
|
void
|
|
relay_network_set_priority ()
|
|
{
|
|
#ifdef HAVE_GNUTLS
|
|
if (gnutls_priority_init (relay_gnutls_priority_cache,
|
|
weechat_config_string (
|
|
relay_config_network_ssl_priorities),
|
|
NULL) != GNUTLS_E_SUCCESS)
|
|
{
|
|
weechat_printf (NULL,
|
|
_("%s%s: unable to initialize priority for SSL"),
|
|
weechat_prefix ("error"), RELAY_PLUGIN_NAME);
|
|
free (relay_gnutls_priority_cache);
|
|
relay_gnutls_priority_cache = NULL;
|
|
}
|
|
#endif /* HAVE_GNUTLS */
|
|
}
|
|
|
|
/*
|
|
* Initializes network for relay.
|
|
*/
|
|
|
|
void
|
|
relay_network_init ()
|
|
{
|
|
#ifdef HAVE_GNUTLS
|
|
|
|
/* credentials */
|
|
gnutls_certificate_allocate_credentials (&relay_gnutls_x509_cred);
|
|
relay_network_set_ssl_cert_key (0);
|
|
|
|
/* priority */
|
|
relay_gnutls_priority_cache = malloc (sizeof (*relay_gnutls_priority_cache));
|
|
if (relay_gnutls_priority_cache)
|
|
relay_network_set_priority ();
|
|
#endif /* HAVE_GNUTLS */
|
|
relay_network_init_ok = 1;
|
|
}
|
|
|
|
/*
|
|
* Ends network for relay.
|
|
*/
|
|
|
|
void
|
|
relay_network_end ()
|
|
{
|
|
if (relay_network_init_ok)
|
|
{
|
|
#ifdef HAVE_GNUTLS
|
|
if (relay_gnutls_priority_cache)
|
|
{
|
|
gnutls_priority_deinit (*relay_gnutls_priority_cache);
|
|
free (relay_gnutls_priority_cache);
|
|
relay_gnutls_priority_cache = NULL;
|
|
}
|
|
if (relay_gnutls_dh_params)
|
|
{
|
|
gnutls_dh_params_deinit (*relay_gnutls_dh_params);
|
|
free (relay_gnutls_dh_params);
|
|
relay_gnutls_dh_params = NULL;
|
|
}
|
|
gnutls_certificate_free_credentials (relay_gnutls_x509_cred);
|
|
#endif /* HAVE_GNUTLS */
|
|
relay_network_init_ok = 0;
|
|
}
|
|
}
|