mirror of
https://github.com/weechat/weechat.git
synced 2026-07-01 07:16:37 +02:00
Add mechanism DH-BLOWFISH for SASL authentication with IRC server
This commit is contained in:
@@ -34,6 +34,7 @@ irc-msgbuffer.c irc-msgbuffer.h
|
||||
irc-nick.c irc-nick.h
|
||||
irc-protocol.c irc-protocol.h
|
||||
irc-raw.c irc-raw.h
|
||||
irc-sasl.c irc-sasl.h
|
||||
irc-server.c irc-server.h
|
||||
irc-upgrade.c irc-upgrade.h)
|
||||
SET_TARGET_PROPERTIES(irc PROPERTIES PREFIX "")
|
||||
@@ -41,11 +42,17 @@ SET_TARGET_PROPERTIES(irc PROPERTIES PREFIX "")
|
||||
CHECK_INCLUDE_FILES("regex.h" HAVE_REGEX_H)
|
||||
CHECK_FUNCTION_EXISTS(regexec HAVE_REGEXEC)
|
||||
|
||||
SET (LINK_LIBS)
|
||||
|
||||
IF(GNUTLS_FOUND)
|
||||
INCLUDE_DIRECTORIES(${GNUTLS_INCLUDE_PATH})
|
||||
TARGET_LINK_LIBRARIES(irc ${GNUTLS_LIBRARY})
|
||||
ELSE(GNUTLS_FOUND)
|
||||
TARGET_LINK_LIBRARIES(irc)
|
||||
LIST(APPEND LINK_LIBS ${GNUTLS_LIBRARY})
|
||||
ENDIF(GNUTLS_FOUND)
|
||||
|
||||
IF(GCRYPT_FOUND)
|
||||
LIST(APPEND LINK_LIBS gcrypt)
|
||||
ENDIF(GCRYPT_FOUND)
|
||||
|
||||
TARGET_LINK_LIBRARIES(irc ${LINK_LIBS})
|
||||
|
||||
INSTALL(TARGETS irc LIBRARY DESTINATION ${LIBDIR}/plugins)
|
||||
|
||||
@@ -14,7 +14,7 @@
|
||||
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
|
||||
INCLUDES = -DLOCALEDIR=\"$(datadir)/locale\" $(GNUTLS_CFLAGS)
|
||||
INCLUDES = -DLOCALEDIR=\"$(datadir)/locale\" $(GCRYPT_CFLAGS) $(GNUTLS_CFLAGS)
|
||||
|
||||
libdir = ${weechat_libdir}/plugins
|
||||
|
||||
@@ -58,12 +58,14 @@ irc_la_SOURCES = irc.c \
|
||||
irc-protocol.h \
|
||||
irc-raw.c \
|
||||
irc-raw.h \
|
||||
irc-sasl.c \
|
||||
irc-sasl.h \
|
||||
irc-server.c \
|
||||
irc-server.h \
|
||||
irc-upgrade.c \
|
||||
irc-upgrade.h
|
||||
|
||||
irc_la_LDFLAGS = -module
|
||||
irc_la_LIBADD = $(IRC_LFLAGS) $(GNUTLS_LFLAGS)
|
||||
irc_la_LIBADD = $(IRC_LFLAGS) $(GCRYPT_LFLAGS) $(GNUTLS_LFLAGS)
|
||||
|
||||
EXTRA_DIST = CMakeLists.txt
|
||||
|
||||
@@ -969,7 +969,7 @@ irc_config_server_new_option (struct t_config_file *config_file,
|
||||
config_file, section,
|
||||
option_name, "integer",
|
||||
N_("mechanism for SASL authentication"),
|
||||
"plain" /*"plain|dh-blowfish"*/, 0, 0,
|
||||
"plain|dh-blowfish", 0, 0,
|
||||
default_value, value,
|
||||
null_value_allowed,
|
||||
NULL, NULL,
|
||||
@@ -1000,6 +1000,19 @@ irc_config_server_new_option (struct t_config_file *config_file,
|
||||
callback_change, callback_change_data,
|
||||
NULL, NULL);
|
||||
break;
|
||||
case IRC_SERVER_OPTION_SASL_TIMEOUT:
|
||||
new_option = weechat_config_new_option (
|
||||
config_file, section,
|
||||
option_name, "integer",
|
||||
N_("timeout (in seconds) before giving up SASL "
|
||||
"authentication"),
|
||||
NULL, 1, 3600,
|
||||
default_value, value,
|
||||
null_value_allowed,
|
||||
NULL, NULL,
|
||||
callback_change, callback_change_data,
|
||||
NULL, NULL);
|
||||
break;
|
||||
case IRC_SERVER_OPTION_AUTOCONNECT:
|
||||
new_option = weechat_config_new_option (
|
||||
config_file, section,
|
||||
|
||||
@@ -29,8 +29,9 @@
|
||||
#include "irc-channel.h"
|
||||
#include "irc-command.h"
|
||||
#include "irc-config.h"
|
||||
#include "irc-server.h"
|
||||
#include "irc-nick.h"
|
||||
#include "irc-server.h"
|
||||
#include "irc-sasl.h"
|
||||
|
||||
|
||||
/*
|
||||
|
||||
@@ -44,6 +44,7 @@
|
||||
#include "irc-mode.h"
|
||||
#include "irc-msgbuffer.h"
|
||||
#include "irc-nick.h"
|
||||
#include "irc-sasl.h"
|
||||
#include "irc-server.h"
|
||||
|
||||
|
||||
@@ -224,8 +225,7 @@ irc_protocol_cmd_authenticate (struct t_irc_server *server, const char *command,
|
||||
int argc, char **argv, char **argv_eol)
|
||||
{
|
||||
const char *sasl_username, *sasl_password;
|
||||
char *string, *string_base64;
|
||||
int length_username, length;
|
||||
char *answer;
|
||||
|
||||
/* AUTHENTICATE message looks like:
|
||||
AUTHENTICATE +
|
||||
@@ -236,7 +236,7 @@ irc_protocol_cmd_authenticate (struct t_irc_server *server, const char *command,
|
||||
|
||||
/* make C compiler happy */
|
||||
(void) command;
|
||||
(void) argv_eol;
|
||||
(void) argv;
|
||||
|
||||
sasl_username = IRC_SERVER_OPTION_STRING(server,
|
||||
IRC_SERVER_OPTION_SASL_USERNAME);
|
||||
@@ -245,33 +245,33 @@ irc_protocol_cmd_authenticate (struct t_irc_server *server, const char *command,
|
||||
if (sasl_username && sasl_username[0]
|
||||
&& sasl_password && sasl_password[0])
|
||||
{
|
||||
length_username = strlen (sasl_username);
|
||||
length = ((length_username + 1) * 2) + strlen (sasl_password) + 1;
|
||||
string = malloc (length);
|
||||
if (string)
|
||||
switch (IRC_SERVER_OPTION_INTEGER(server,
|
||||
IRC_SERVER_OPTION_SASL_MECHANISM))
|
||||
{
|
||||
snprintf (string, length, "%s|%s|%s",
|
||||
sasl_username, sasl_username, sasl_password);
|
||||
string[length_username] = '\0';
|
||||
string[(length_username * 2) + 1] = '\0';
|
||||
|
||||
if (strcmp (argv[1], "+") == 0)
|
||||
{
|
||||
/* mechanism PLAIN */
|
||||
string_base64 = malloc (length * 2);
|
||||
if (string_base64)
|
||||
{
|
||||
weechat_string_encode_base64 (string, length - 1, string_base64);
|
||||
irc_server_sendf (server, 0, "AUTHENTICATE %s", string_base64);
|
||||
free (string_base64);
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
/* TODO: other mechanisms */
|
||||
}
|
||||
|
||||
free (string);
|
||||
case IRC_SASL_MECHANISM_DH_BLOWFISH:
|
||||
answer = irc_sasl_mechanism_dh_blowfish (argv_eol[1],
|
||||
sasl_username,
|
||||
sasl_password);
|
||||
break;
|
||||
case IRC_SASL_MECHANISM_PLAIN:
|
||||
default:
|
||||
answer = irc_sasl_mechanism_plain (sasl_username,
|
||||
sasl_password);
|
||||
break;
|
||||
}
|
||||
if (answer)
|
||||
{
|
||||
irc_server_sendf (server, 0, "AUTHENTICATE %s", answer);
|
||||
free (answer);
|
||||
}
|
||||
else
|
||||
{
|
||||
weechat_printf (server->buffer,
|
||||
_("%s%s: error building answer for "
|
||||
"SASL authentication, using mechanism \"%s\""),
|
||||
weechat_prefix ("error"), IRC_PLUGIN_NAME,
|
||||
irc_sasl_mechanism_string[IRC_SERVER_OPTION_INTEGER(server, IRC_SERVER_OPTION_SASL_MECHANISM)]);
|
||||
irc_server_sendf (server, 0, "CAP END");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -287,11 +287,12 @@ irc_protocol_cmd_cap (struct t_irc_server *server, const char *command,
|
||||
int argc, char **argv, char **argv_eol)
|
||||
{
|
||||
char *ptr_caps, **items;
|
||||
int num_items, sasl, i;
|
||||
int num_items, sasl, i, timeout;
|
||||
|
||||
/* CAP message looks like:
|
||||
:server CAP * LS :identify-msg multi-prefix sasl
|
||||
:server CAP * ACK :sasl
|
||||
:server CAP * NAK :sasl
|
||||
*/
|
||||
|
||||
IRC_PROTOCOL_MIN_ARGS(4);
|
||||
@@ -348,14 +349,27 @@ irc_protocol_cmd_cap (struct t_irc_server *server, const char *command,
|
||||
ptr_caps = (argv_eol[4][0] == ':') ? argv_eol[4] + 1 : argv_eol[4];
|
||||
weechat_printf (server->buffer,
|
||||
_("%s%s: client capability, enabled: %s"),
|
||||
weechat_prefix ("network"),
|
||||
IRC_PLUGIN_NAME,
|
||||
weechat_prefix ("network"), IRC_PLUGIN_NAME,
|
||||
ptr_caps);
|
||||
if (strcmp (ptr_caps, "sasl") == 0)
|
||||
{
|
||||
switch (IRC_SERVER_OPTION_INTEGER(server,
|
||||
IRC_SERVER_OPTION_SASL_MECHANISM))
|
||||
{
|
||||
case IRC_SASL_MECHANISM_DH_BLOWFISH:
|
||||
#ifdef HAVE_GCRYPT
|
||||
irc_server_sendf (server, 0, "AUTHENTICATE DH-BLOWFISH");
|
||||
#else
|
||||
weechat_printf (server->buffer,
|
||||
_("%s%s: cannot authenticate with SASL "
|
||||
"and mechanism DH-BLOWFISH because "
|
||||
"WeeChat was not built with "
|
||||
"libgcrypt support"),
|
||||
weechat_prefix ("error"),
|
||||
IRC_PLUGIN_NAME);
|
||||
irc_server_sendf (server, 0, "CAP END");
|
||||
#endif
|
||||
break;
|
||||
case IRC_SASL_MECHANISM_PLAIN:
|
||||
default:
|
||||
irc_server_sendf (server, 0, "AUTHENTICATE PLAIN");
|
||||
@@ -363,12 +377,28 @@ irc_protocol_cmd_cap (struct t_irc_server *server, const char *command,
|
||||
}
|
||||
if (server->hook_timer_sasl)
|
||||
weechat_unhook (server->hook_timer_sasl);
|
||||
server->hook_timer_sasl = weechat_hook_timer (5 * 1000, 0, 1,
|
||||
timeout = IRC_SERVER_OPTION_INTEGER(server,
|
||||
IRC_SERVER_OPTION_SASL_TIMEOUT);
|
||||
server->hook_timer_sasl = weechat_hook_timer (timeout * 1000,
|
||||
0, 1,
|
||||
&irc_server_timer_sasl_cb,
|
||||
server);
|
||||
}
|
||||
}
|
||||
}
|
||||
else if (strcmp (argv[3], "NAK") == 0)
|
||||
{
|
||||
if (argc > 4)
|
||||
{
|
||||
ptr_caps = (argv_eol[4][0] == ':') ? argv_eol[4] + 1 : argv_eol[4];
|
||||
weechat_printf (server->buffer,
|
||||
_("%s%s: client capability, refused: %s"),
|
||||
weechat_prefix ("error"), IRC_PLUGIN_NAME,
|
||||
ptr_caps);
|
||||
if (!server->is_connected)
|
||||
irc_server_sendf (server, 0, "CAP END");
|
||||
}
|
||||
}
|
||||
|
||||
return WEECHAT_RC_OK;
|
||||
}
|
||||
|
||||
@@ -0,0 +1,236 @@
|
||||
/*
|
||||
* Copyright (c) 2003-2010 by FlashCode <flashcode@flashtux.org>
|
||||
* See README for License detail, AUTHORS for developers list.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
/* irc-sasl.c: SASL authentication with IRC server */
|
||||
|
||||
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <arpa/inet.h>
|
||||
|
||||
#ifdef HAVE_GCRYPT
|
||||
#include <gcrypt.h>
|
||||
#endif
|
||||
|
||||
#include "../weechat-plugin.h"
|
||||
#include "irc.h"
|
||||
#include "irc-sasl.h"
|
||||
|
||||
|
||||
char *irc_sasl_mechanism_string[IRC_NUM_SASL_MECHANISMS] =
|
||||
{ "plain", "dh-blowfish" };
|
||||
|
||||
|
||||
/*
|
||||
* irc_sasl_mechanism_plain: build answer for SASL authentication, using
|
||||
* mechanism "PLAIN"
|
||||
* Note: result must be freed after use
|
||||
*/
|
||||
|
||||
char *
|
||||
irc_sasl_mechanism_plain (const char *sasl_username, const char *sasl_password)
|
||||
{
|
||||
char *string, *answer_base64;
|
||||
int length_username, length;
|
||||
|
||||
length_username = strlen (sasl_username);
|
||||
length = ((length_username + 1) * 2) + strlen (sasl_password) + 1;
|
||||
string = malloc (length);
|
||||
if (string)
|
||||
{
|
||||
snprintf (string, length, "%s|%s|%s",
|
||||
sasl_username, sasl_username, sasl_password);
|
||||
string[length_username] = '\0';
|
||||
string[(length_username * 2) + 1] = '\0';
|
||||
|
||||
answer_base64 = malloc (length * 2);
|
||||
if (answer_base64)
|
||||
weechat_string_encode_base64 (string, length - 1, answer_base64);
|
||||
|
||||
free (string);
|
||||
}
|
||||
|
||||
return answer_base64;
|
||||
}
|
||||
|
||||
/*
|
||||
* irc_sasl_mechanism_dh_blowfish: build answer for SASL authentication, using
|
||||
* mechanism "DH-BLOWFISH"
|
||||
* Note: result must be freed after use
|
||||
*
|
||||
* data_base64 is a concatenation of 3 strings,
|
||||
* each string is composed of 2 bytes (length
|
||||
* of string), followed by content of string:
|
||||
* 1. a prime number
|
||||
* 2. a generator number
|
||||
* 3. server-generated public key
|
||||
*/
|
||||
|
||||
char *
|
||||
irc_sasl_mechanism_dh_blowfish (const char *data_base64,
|
||||
const char *sasl_username,
|
||||
const char *sasl_password)
|
||||
{
|
||||
#ifdef HAVE_GCRYPT
|
||||
char *data, *answer, *ptr_answer, *answer_base64;
|
||||
unsigned char *ptr_data, *secret_bin, *public_bin;
|
||||
unsigned char *password_clear, *password_crypted;
|
||||
int length_data, size, num_bits_prime_number, length_key;
|
||||
int length_username, length_password, length_answer;
|
||||
size_t num_written;
|
||||
gcry_mpi_t data_prime_number, data_generator_number, data_server_pub_key;
|
||||
gcry_mpi_t pub_key, priv_key, secret_mpi;
|
||||
gcry_cipher_hd_t gcrypt_handle;
|
||||
|
||||
data = NULL;
|
||||
secret_bin = NULL;
|
||||
public_bin = NULL;
|
||||
password_clear = NULL;
|
||||
password_crypted = NULL;
|
||||
answer = NULL;
|
||||
answer_base64 = NULL;
|
||||
|
||||
/* decode data */
|
||||
data = malloc (strlen (data_base64) + 1);
|
||||
length_data = weechat_string_decode_base64 (data_base64, data);
|
||||
ptr_data = (unsigned char *)data;
|
||||
|
||||
/* extract prime number */
|
||||
size = ntohs ((((unsigned int)ptr_data[1]) << 8) | ptr_data[0]);
|
||||
ptr_data += 2;
|
||||
length_data -= 2;
|
||||
if (size > length_data)
|
||||
goto end;
|
||||
data_prime_number = gcry_mpi_new (size * 8);
|
||||
gcry_mpi_scan (&data_prime_number, GCRYMPI_FMT_USG, ptr_data, size, NULL);
|
||||
num_bits_prime_number = gcry_mpi_get_nbits (data_prime_number);
|
||||
ptr_data += size;
|
||||
length_data -= size;
|
||||
|
||||
/* extract generator number */
|
||||
size = ntohs ((((unsigned int)ptr_data[1]) << 8) | ptr_data[0]);
|
||||
ptr_data += 2;
|
||||
length_data -= 2;
|
||||
if (size > length_data)
|
||||
goto end;
|
||||
data_generator_number = gcry_mpi_new (size * 8);
|
||||
gcry_mpi_scan (&data_generator_number, GCRYMPI_FMT_USG, ptr_data, size, NULL);
|
||||
ptr_data += size;
|
||||
length_data -= size;
|
||||
|
||||
/* extract server-generated public key */
|
||||
size = ntohs ((((unsigned int)ptr_data[1]) << 8) | ptr_data[0]);
|
||||
ptr_data += 2;
|
||||
length_data -= 2;
|
||||
if (size > length_data)
|
||||
goto end;
|
||||
data_server_pub_key = gcry_mpi_new (size * 8);
|
||||
gcry_mpi_scan (&data_server_pub_key, GCRYMPI_FMT_USG, ptr_data, size, NULL);
|
||||
ptr_data += size;
|
||||
length_data -= size;
|
||||
|
||||
/* generate keys */
|
||||
pub_key = gcry_mpi_new (num_bits_prime_number);
|
||||
priv_key = gcry_mpi_new (num_bits_prime_number);
|
||||
gcry_mpi_randomize (priv_key, num_bits_prime_number, GCRY_STRONG_RANDOM);
|
||||
/* pub_key = (g ^ priv_key) % p */
|
||||
gcry_mpi_powm (pub_key, data_generator_number, priv_key, data_prime_number);
|
||||
|
||||
/* compute secret_bin */
|
||||
length_key = num_bits_prime_number / 8;
|
||||
secret_bin = malloc (length_key);
|
||||
secret_mpi = gcry_mpi_new (num_bits_prime_number);
|
||||
/* secret_mpi = (y ^ priv_key) % p */
|
||||
gcry_mpi_powm (secret_mpi, data_server_pub_key, priv_key, data_prime_number);
|
||||
gcry_mpi_print (GCRYMPI_FMT_USG, secret_bin, length_key,
|
||||
&num_written, secret_mpi);
|
||||
|
||||
/* create public_bin */
|
||||
public_bin = malloc (length_key);
|
||||
gcry_mpi_print (GCRYMPI_FMT_USG, public_bin, length_key,
|
||||
&num_written, pub_key);
|
||||
|
||||
/* create password buffers (clear and crypted) */
|
||||
length_password = strlen (sasl_password) +
|
||||
((8 - (strlen (sasl_password) % 8)) % 8);
|
||||
password_clear = malloc (length_password);
|
||||
password_crypted = malloc (length_password);
|
||||
memset (password_clear, 0, length_password);
|
||||
memset (password_crypted, 0, length_password);
|
||||
memcpy (password_clear, sasl_password, strlen (sasl_password));
|
||||
|
||||
/* crypt password using blowfish */
|
||||
if (gcry_cipher_open (&gcrypt_handle, GCRY_CIPHER_BLOWFISH,
|
||||
GCRY_CIPHER_MODE_ECB, 0) != 0)
|
||||
goto end;
|
||||
if (gcry_cipher_setkey (gcrypt_handle, secret_bin, length_key) != 0)
|
||||
goto end;
|
||||
if (gcry_cipher_encrypt (gcrypt_handle,
|
||||
password_crypted, length_password,
|
||||
password_clear, length_password) != 0)
|
||||
goto end;
|
||||
|
||||
/* build answer for server, it is concatenation of:
|
||||
1. key length (2 bytes)
|
||||
2. public key ('length_key' bytes)
|
||||
3. sasl_username ('length_username'+1 bytes)
|
||||
4. encrypted password ('length_password' bytes)
|
||||
*/
|
||||
length_username = strlen (sasl_username);
|
||||
length_answer = 2 + length_key + length_username + 1 + length_password;
|
||||
answer = malloc (length_answer);
|
||||
ptr_answer = answer;
|
||||
*((unsigned int *)ptr_answer) = htons(length_key);
|
||||
ptr_answer += 2;
|
||||
memcpy (ptr_answer, public_bin, length_key);
|
||||
ptr_answer += length_key;
|
||||
memcpy (ptr_answer, sasl_username, length_username + 1);
|
||||
ptr_answer += length_username + 1;
|
||||
memcpy (ptr_answer, password_crypted, length_password);
|
||||
ptr_answer += length_password;
|
||||
|
||||
/* encode answer to base64 */
|
||||
answer_base64 = malloc (length_answer * 2);
|
||||
if (answer_base64)
|
||||
weechat_string_encode_base64 (answer, length_answer, answer_base64);
|
||||
|
||||
end:
|
||||
if (data)
|
||||
free (data);
|
||||
if (secret_bin)
|
||||
free (secret_bin);
|
||||
if (public_bin)
|
||||
free (public_bin);
|
||||
if (password_clear)
|
||||
free (password_clear);
|
||||
if (password_crypted)
|
||||
free (password_crypted);
|
||||
if (answer)
|
||||
free (answer);
|
||||
|
||||
return answer_base64;
|
||||
#else
|
||||
/* make C compiler happy */
|
||||
(void) data_base64;
|
||||
(void) sasl_username;
|
||||
(void) sasl_password;
|
||||
|
||||
return NULL;
|
||||
#endif
|
||||
}
|
||||
@@ -0,0 +1,41 @@
|
||||
/*
|
||||
* Copyright (c) 2003-2010 by FlashCode <flashcode@flashtux.org>
|
||||
* See README for License detail, AUTHORS for developers list.
|
||||
*
|
||||
* This program is free software; you can redistribute it and/or modify
|
||||
* it under the terms of the GNU General Public License as published by
|
||||
* the Free Software Foundation; either version 3 of the License, or
|
||||
* (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
|
||||
#ifndef __WEECHAT_IRC_SASL_H
|
||||
#define __WEECHAT_IRC_SASL_H 1
|
||||
|
||||
/* SASL authentication mechanisms */
|
||||
|
||||
enum t_irc_sasl_mechanism
|
||||
{
|
||||
IRC_SASL_MECHANISM_PLAIN = 0,
|
||||
IRC_SASL_MECHANISM_DH_BLOWFISH,
|
||||
/* number of SASL mechanisms */
|
||||
IRC_NUM_SASL_MECHANISMS,
|
||||
};
|
||||
|
||||
extern char *irc_sasl_mechanism_string[];
|
||||
|
||||
extern char *irc_sasl_mechanism_plain (const char *sasl_username,
|
||||
const char *sasl_password);
|
||||
extern char *irc_sasl_mechanism_dh_blowfish (const char *data_base64,
|
||||
const char *sasl_username,
|
||||
const char *sasl_password);
|
||||
|
||||
#endif /* irc-sasl.h */
|
||||
@@ -49,6 +49,7 @@
|
||||
#include "irc-nick.h"
|
||||
#include "irc-protocol.h"
|
||||
#include "irc-raw.h"
|
||||
#include "irc-sasl.h"
|
||||
|
||||
|
||||
struct t_irc_server *irc_servers = NULL;
|
||||
@@ -60,7 +61,7 @@ struct t_irc_message *irc_msgq_last_msg = NULL;
|
||||
char *irc_server_option_string[IRC_SERVER_NUM_OPTIONS] =
|
||||
{ "addresses", "proxy", "ipv6",
|
||||
"ssl", "ssl_cert", "ssl_dhkey_size", "ssl_verify",
|
||||
"password", "sasl_mechanism", "sasl_username", "sasl_password",
|
||||
"password", "sasl_mechanism", "sasl_username", "sasl_password", "sasl_timeout",
|
||||
"autoconnect", "autoreconnect", "autoreconnect_delay",
|
||||
"nicks", "username", "realname", "local_hostname",
|
||||
"command", "command_delay", "autojoin", "autorejoin", "autorejoin_delay",
|
||||
@@ -69,15 +70,12 @@ char *irc_server_option_string[IRC_SERVER_NUM_OPTIONS] =
|
||||
char *irc_server_option_default[IRC_SERVER_NUM_OPTIONS] =
|
||||
{ "", "", "off",
|
||||
"off", "", "2048", "on",
|
||||
"", "plain", "", "",
|
||||
"", "plain", "", "", "15",
|
||||
"off", "on", "30",
|
||||
"", "", "", "",
|
||||
"", "0", "", "off", "30",
|
||||
};
|
||||
|
||||
char *irc_sasl_mechanism_string[IRC_NUM_SASL_MECHANISMS] =
|
||||
{ "plain", /*"dh-blowfish"*/ };
|
||||
|
||||
|
||||
void irc_server_reconnect (struct t_irc_server *server);
|
||||
void irc_server_check_away ();
|
||||
|
||||
@@ -44,6 +44,7 @@ enum t_irc_server_option
|
||||
IRC_SERVER_OPTION_SASL_MECHANISM,/* mechanism for SASL authentication */
|
||||
IRC_SERVER_OPTION_SASL_USERNAME, /* username for SASL authentication */
|
||||
IRC_SERVER_OPTION_SASL_PASSWORD, /* password for SASL authentication */
|
||||
IRC_SERVER_OPTION_SASL_TIMEOUT, /* timeout for SASL authentication */
|
||||
IRC_SERVER_OPTION_AUTOCONNECT, /* autoconnect to server at startup */
|
||||
IRC_SERVER_OPTION_AUTORECONNECT, /* autoreconnect when disconnected */
|
||||
IRC_SERVER_OPTION_AUTORECONNECT_DELAY, /* delay before trying again reco */
|
||||
@@ -90,16 +91,6 @@ enum t_irc_server_option
|
||||
#define IRC_SERVER_OUTQUEUE_PRIO_LOW 2
|
||||
#define IRC_SERVER_NUM_OUTQUEUES_PRIO 2
|
||||
|
||||
/* SASL authentication mechanisms */
|
||||
|
||||
enum t_irc_sasl_mechanism
|
||||
{
|
||||
IRC_SASL_MECHANISM_PLAIN = 0,
|
||||
/* TODO: IRC_SASL_MECHANISM_DH_BLOWFISH, */
|
||||
/* number of SASL mechanisms */
|
||||
IRC_NUM_SASL_MECHANISMS,
|
||||
};
|
||||
|
||||
/* output queue of messages to server (for sending slowly to server) */
|
||||
|
||||
struct t_irc_outqueue
|
||||
@@ -185,7 +176,6 @@ extern const int gnutls_prot_prio[];
|
||||
extern struct t_irc_message *irc_recv_msgq, *irc_msgq_last_msg;
|
||||
extern char *irc_server_option_string[];
|
||||
extern char *irc_server_option_default[];
|
||||
extern char *irc_sasl_mechanism_string[];
|
||||
|
||||
extern int irc_server_valid (struct t_irc_server *server);
|
||||
extern int irc_server_search_option (const char *option_name);
|
||||
|
||||
Reference in New Issue
Block a user