pegasus/weechat
1
0
Fork 0
mirror of https://github.com/weechat/weechat.git synced 2026-06-30 06:46:38 +02:00
Code Activity

Merge branch 'secured-data'

Browse Source
This commit is contained in:
Sebastien Helleu
2013-08-02 19:19:25 +02:00
parent fd5fc2e5a3 ade379ac11
commit 663de42284
26 changed files with 1956 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/core/wee-command.c
+231 -4
View File
@@ -45,6 +45,7 @@
#include "wee-list.h"
#include "wee-log.h"
#include "wee-proxy.h"
#include "wee-secure.h"
#include "wee-string.h"
#include "wee-upgrade.h"
#include "wee-utf8.h"
@@ -4481,6 +4482,168 @@ COMMAND_CALLBACK(save)
return WEECHAT_RC_OK;
}
/*
* Displays a secured data.
*/
void
command_secure_display_data (void *data,
struct t_hashtable *hashtable,
const void *key, const void *value)
{
/* make C compiler happy */
(void) data;
(void) hashtable;
(void) value;
if (key)
gui_chat_printf (NULL, " %s", key);
}
/*
* Callback for command "/secure": manage secured data
*/
COMMAND_CALLBACK(secure)
{
int passphrase_was_set, count_encrypted;
/* make C compiler happy */
(void) data;
(void) buffer;
/* list of secured data */
if (argc == 1)
{
secure_buffer_open ();
return WEECHAT_RC_OK;
}
count_encrypted = secure_hashtable_data_encrypted->items_count;
/* decrypt data still encrypted */
if (string_strcasecmp (argv[1], "decrypt") == 0)
{
COMMAND_MIN_ARGS(3, "secure decrypt");
if (count_encrypted == 0)
{
gui_chat_printf (NULL, _("There is no encrypted data"));
return WEECHAT_RC_OK;
}
if (strcmp (argv[2], "-discard") == 0)
{
hashtable_remove_all (secure_hashtable_data_encrypted);
gui_chat_printf (NULL, _("Encrypted data deleted"));
return WEECHAT_RC_OK;
}
if (secure_decrypt_data_not_decrypted (argv_eol[2]) > 0)
{
gui_chat_printf (NULL,
_("Encrypted data has been successfully decrypted"));
if (secure_passphrase)
free (secure_passphrase);
secure_passphrase = strdup (argv_eol[2]);
}
else
{
gui_chat_printf (NULL,
_("%sFailed to decrypt data (wrong passphrase?)"),
gui_chat_prefix[GUI_CHAT_PREFIX_ERROR]);
}
return WEECHAT_RC_OK;
}
if (count_encrypted > 0)
{
gui_chat_printf (NULL,
_("%sYou must decrypt data still encrypted before "
"doing any operation on secured data or passphrase"),
gui_chat_prefix[GUI_CHAT_PREFIX_ERROR]);
return WEECHAT_RC_OK;
}
/* set the passphrase */
if (string_strcasecmp (argv[1], "passphrase") == 0)
{
COMMAND_MIN_ARGS(3, "secure passphrase");
passphrase_was_set = 0;
if (secure_passphrase)
{
free (secure_passphrase);
secure_passphrase = NULL;
passphrase_was_set = 1;
}
if (strcmp (argv[2], "-delete") == 0)
{
gui_chat_printf (NULL,
(passphrase_was_set) ?
_("Passphrase deleted") : _("Passphrase is not set"));
if (passphrase_was_set)
{
if (secure_hashtable_data->items_count > 0)
command_save_file (secure_config_file);
secure_buffer_display ();
}
}
else
{
secure_passphrase = strdup (argv_eol[2]);
gui_chat_printf (NULL,
(passphrase_was_set) ?
_("Passphrase changed") : _("Passphrase added"));
if (secure_hashtable_data->items_count > 0)
command_save_file (secure_config_file);
secure_buffer_display ();
}
return WEECHAT_RC_OK;
}
/* set a secured data */
if (string_strcasecmp (argv[1], "set") == 0)
{
COMMAND_MIN_ARGS(4, "secure set");
hashtable_set (secure_hashtable_data, argv[2], argv_eol[3]);
gui_chat_printf (NULL, _("Secured data \"%s\" set"), argv[2]);
command_save_file (secure_config_file);
secure_buffer_display ();
return WEECHAT_RC_OK;
}
/* delete a secured data */
if (string_strcasecmp (argv[1], "del") == 0)
{
COMMAND_MIN_ARGS(3, "secure del");
if (hashtable_has_key (secure_hashtable_data, argv[2]))
{
hashtable_remove (secure_hashtable_data, argv[2]);
gui_chat_printf (NULL, _("Secured data \"%s\" deleted"), argv[2]);
command_save_file (secure_config_file);
secure_buffer_display ();
}
else
{
gui_chat_printf (NULL,
_("%sSecured data \"%s\" not found"),
gui_chat_prefix[GUI_CHAT_PREFIX_ERROR],
argv[2]);
}
return WEECHAT_RC_OK;
}
/* toggle values on secured data buffer */
if (string_strcasecmp (argv[1], "toggle_values") == 0)
{
if (secure_buffer)
{
secure_buffer_display_values ^= 1;
secure_buffer_display ();
}
return WEECHAT_RC_OK;
}
return WEECHAT_RC_OK;
}
/*
* Displays a configuration section.
*/
@@ -5159,6 +5322,14 @@ COMMAND_CALLBACK(upgrade)
return WEECHAT_RC_OK;
}
/*
* set passphrase in environment var, so that it will not be asked to user
* when starting the new binary
*/
if (secure_passphrase)
setenv (SECURE_ENV_PASSPHRASE, secure_passphrase, 1);
/* execute binary */
exec_args[0] = ptr_binary;
exec_args[3] = strdup (weechat_home);
execvp (exec_args[0], exec_args);
@@ -5166,7 +5337,8 @@ COMMAND_CALLBACK(upgrade)
/* this code should not be reached if execvp is OK */
string_iconv_fprintf (stderr, "\n\n*****\n");
string_iconv_fprintf (stderr,
_("***** Error: exec failed (program: \"%s\"), exiting WeeChat"),
_("***** Error: exec failed (program: \"%s\"), "
"exiting WeeChat"),
exec_args[0]);
string_iconv_fprintf (stderr, "\n*****\n\n");
@@ -6634,6 +6806,55 @@ command_init ()
"saved."),
"%(config_files)|%*",
&command_save, NULL);
hook_command (NULL, "secure",
N_("manage secured data (passwords or private data encrypted "
"in file sec.conf)"),
N_("passphrase <passphrase>|-delete"
" || decrypt <passphrase>|-discard"
" || set <name> <value>"
" || del <name>"),
N_("passphrase: set or change the passphrase used for "
"encryption (without passphrase, data is stored as "
"plain text in file sec.conf)\n"
" -delete: delete passphrase\n"
" decrypt: decrypt data still encrypted (it happens only "
"if no passphrase was given for encrypted data on startup)\n"
" -discard: discard all encrypted data (WARNING: this "
"will clear the file sec.conf)\n"
" set: add or change secured data\n"
" del: delete secured data\n\n"
"Without argument, this command displays secured data "
"in a new buffer.\n\n"
"When a passphrase is used (data encrypted), it is asked "
"by WeeChat on startup.\n"
"It is possible to set environment variable \""
SECURE_ENV_PASSPHRASE "\" to prevent the prompt (this same "
"variable is used by WeeChat on /upgrade).\n\n"
"Secured data with format ${sec.data.xxx} can be used in:\n"
" - command line argument \"--run-command\"\n"
" - irc server options: autojoin, command, password, "
"sasl_{username|password}\n"
" - options weechat.startup.command_{before|after}_plugins\n"
" - command /eval.\n\n"
"Examples:\n"
" set a passphrase:\n"
" /secure passphrase this is my passphrase\n"
" encrypt freenode SASL password:\n"
" /secure set freenode mypassword\n"
" /set irc.server.freenode.sasl_password "
"\"${sec.data.freenode}\"\n"
" encrypt oftc password for nickserv:\n"
" /secure set oftc mypassword\n"
" /set irc.server.oftc.command \"/msg nickserv identify "
"${sec.data.oftc}\"\n"
" alias to ghost \"mynick\":\n"
" /alias ghost /eval /msg -server freenode nickserv "
"ghost mynick ${sec.data.freenode}"),
"passphrase -delete"
" || decrypt -discard"
" || set %(secured_data)"
" || del %(secured_data)",
&command_secure, NULL);
hook_command (NULL, "set",
N_("set config options"),
N_("[<option> [<value>]] || diff [<option> [<option>...]]"),
@@ -6864,12 +7085,16 @@ command_init ()
void
command_exec_list (const char *command_list)
{
char **commands, **ptr_cmd;
char *command_list2, **commands, **ptr_cmd;
struct t_gui_buffer *weechat_buffer;
if (command_list && command_list[0])
if (!command_list || !command_list[0])
return;
command_list2 = eval_expression (command_list, NULL, NULL);
if (command_list2 && command_list2[0])
{
commands = string_split_command (command_list, ';');
commands = string_split_command (command_list2, ';');
if (commands)
{
weechat_buffer = gui_buffer_search_main ();
@@ -6880,6 +7105,8 @@ command_exec_list (const char *command_list)
string_free_split_command (commands);
}
}
if (command_list2)
free (command_list2);
}
/*