[e2b15bb] | 1 | /********************************************************************\ |
---|
| 2 | * BitlBee -- An IRC to other IM-networks gateway * |
---|
| 3 | * * |
---|
| 4 | * Copyright 2002-2008 Wilmer van der Gaast and others * |
---|
| 5 | \********************************************************************/ |
---|
| 6 | |
---|
| 7 | /* |
---|
| 8 | OTR support (cf. http://www.cypherpunks.ca/otr/) |
---|
| 9 | 2008, Sven Moritz Hallberg <pesco@khjk.org> |
---|
| 10 | |
---|
| 11 | files used to store OTR data: |
---|
| 12 | <configdir>/<nick>.otr_keys |
---|
| 13 | <configdir>/<nick>.otr_fprints |
---|
| 14 | |
---|
| 15 | top-level todos: (search for TODO for more ;-)) |
---|
| 16 | integrate otr_load/otr_save with existing storage backends |
---|
| 17 | per-account policy settings |
---|
| 18 | per-user policy settings |
---|
| 19 | */ |
---|
| 20 | |
---|
| 21 | /* |
---|
| 22 | This program is free software; you can redistribute it and/or modify |
---|
| 23 | it under the terms of the GNU General Public License as published by |
---|
| 24 | the Free Software Foundation; either version 2 of the License, or |
---|
| 25 | (at your option) any later version. |
---|
| 26 | |
---|
| 27 | This program is distributed in the hope that it will be useful, |
---|
| 28 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
| 29 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
| 30 | GNU General Public License for more details. |
---|
| 31 | |
---|
| 32 | You should have received a copy of the GNU General Public License with |
---|
| 33 | the Debian GNU/Linux distribution in /usr/share/common-licenses/GPL; |
---|
| 34 | if not, write to the Free Software Foundation, Inc., 59 Temple Place, |
---|
| 35 | Suite 330, Boston, MA 02111-1307 USA |
---|
| 36 | */ |
---|
| 37 | |
---|
[764c7d1] | 38 | #include "bitlbee.h" |
---|
| 39 | #ifdef WITH_OTR |
---|
| 40 | #include "irc.h" |
---|
| 41 | #include "otr.h" |
---|
| 42 | #include <sys/types.h> |
---|
| 43 | #include <unistd.h> |
---|
| 44 | |
---|
| 45 | |
---|
| 46 | /** OTR interface routines for the OtrlMessageAppOps struct: **/ |
---|
| 47 | |
---|
| 48 | OtrlPolicy op_policy(void *opdata, ConnContext *context); |
---|
| 49 | |
---|
| 50 | void op_create_privkey(void *opdata, const char *accountname, const char *protocol); |
---|
| 51 | |
---|
| 52 | int op_is_logged_in(void *opdata, const char *accountname, const char *protocol, |
---|
| 53 | const char *recipient); |
---|
| 54 | |
---|
| 55 | void op_inject_message(void *opdata, const char *accountname, const char *protocol, |
---|
| 56 | const char *recipient, const char *message); |
---|
| 57 | |
---|
| 58 | int op_display_otr_message(void *opdata, const char *accountname, const char *protocol, |
---|
| 59 | const char *username, const char *msg); |
---|
| 60 | |
---|
| 61 | void op_new_fingerprint(void *opdata, OtrlUserState us, const char *accountname, |
---|
| 62 | const char *protocol, const char *username, unsigned char fingerprint[20]); |
---|
| 63 | |
---|
| 64 | void op_write_fingerprints(void *opdata); |
---|
| 65 | |
---|
| 66 | void op_gone_secure(void *opdata, ConnContext *context); |
---|
| 67 | |
---|
| 68 | void op_gone_insecure(void *opdata, ConnContext *context); |
---|
| 69 | |
---|
| 70 | void op_still_secure(void *opdata, ConnContext *context, int is_reply); |
---|
| 71 | |
---|
| 72 | void op_log_message(void *opdata, const char *message); |
---|
| 73 | |
---|
[a13855a] | 74 | int op_max_message_size(void *opdata, ConnContext *context); |
---|
[764c7d1] | 75 | |
---|
[a13855a] | 76 | const char *op_account_name(void *opdata, const char *account, const char *protocol); |
---|
[764c7d1] | 77 | |
---|
| 78 | |
---|
| 79 | /** otr sub-command handlers: **/ |
---|
| 80 | |
---|
[8521b02] | 81 | void cmd_otr_connect(irc_t *irc, char **args); |
---|
| 82 | void cmd_otr_disconnect(irc_t *irc, char **args); |
---|
[5a71d9c] | 83 | void cmd_otr_smp(irc_t *irc, char **args); |
---|
| 84 | void cmd_otr_trust(irc_t *irc, char **args); |
---|
[764c7d1] | 85 | void cmd_otr_info(irc_t *irc, char **args); |
---|
[94e7eb3] | 86 | void cmd_otr_keygen(irc_t *irc, char **args); |
---|
[c595308] | 87 | void cmd_otr_forget(irc_t *irc, char **args); |
---|
[764c7d1] | 88 | |
---|
| 89 | const command_t otr_commands[] = { |
---|
[8521b02] | 90 | { "connect", 1, &cmd_otr_connect, 0 }, |
---|
| 91 | { "disconnect", 1, &cmd_otr_disconnect, 0 }, |
---|
| 92 | { "smp", 2, &cmd_otr_smp, 0 }, |
---|
| 93 | { "trust", 6, &cmd_otr_trust, 0 }, |
---|
| 94 | { "info", 0, &cmd_otr_info, 0 }, |
---|
[94e7eb3] | 95 | { "keygen", 1, &cmd_otr_keygen, 0 }, |
---|
[c595308] | 96 | { "forget", 2, &cmd_otr_forget, 0 }, |
---|
[764c7d1] | 97 | { NULL } |
---|
| 98 | }; |
---|
| 99 | |
---|
| 100 | |
---|
| 101 | /** misc. helpers/subroutines: **/ |
---|
| 102 | |
---|
| 103 | /* start background thread to generate a (new) key for a given account */ |
---|
| 104 | void otr_keygen(irc_t *irc, const char *handle, const char *protocol); |
---|
[c595308] | 105 | |
---|
[764c7d1] | 106 | /* keygen thread main func */ |
---|
| 107 | gpointer otr_keygen_thread_func(gpointer data); |
---|
[c595308] | 108 | |
---|
[764c7d1] | 109 | /* mainloop handler for when keygen thread finishes */ |
---|
| 110 | gboolean keygen_finish_handler(gpointer data, gint fd, b_input_condition cond); |
---|
[c595308] | 111 | |
---|
[764c7d1] | 112 | /* data to be passed to otr_keygen_thread_func */ |
---|
| 113 | struct kgdata { |
---|
| 114 | irc_t *irc; /* access to OTR userstate */ |
---|
| 115 | char *keyfile; /* free me! */ |
---|
| 116 | const char *handle; /* don't free! */ |
---|
| 117 | const char *protocol; /* don't free! */ |
---|
| 118 | GMutex *mutex; /* lock for the 'done' flag, free me! */ |
---|
| 119 | int done; /* is the thread done? */ |
---|
| 120 | gcry_error_t result; /* return value of otrl_privkey_generate */ |
---|
| 121 | }; |
---|
| 122 | |
---|
[c595308] | 123 | /* some yes/no handlers */ |
---|
[764c7d1] | 124 | void yes_keygen(gpointer w, void *data); |
---|
[c595308] | 125 | void yes_forget_fingerprint(gpointer w, void *data); |
---|
| 126 | void yes_forget_context(gpointer w, void *data); |
---|
[5f4eede] | 127 | void yes_forget_key(gpointer w, void *data); |
---|
[764c7d1] | 128 | |
---|
| 129 | /* helper to make sure accountname and protocol match the incoming "opdata" */ |
---|
| 130 | struct im_connection *check_imc(void *opdata, const char *accountname, |
---|
| 131 | const char *protocol); |
---|
| 132 | |
---|
[5a71d9c] | 133 | /* determine the nick for a given handle/protocol pair |
---|
| 134 | returns "handle/protocol" if not found */ |
---|
[764c7d1] | 135 | const char *peernick(irc_t *irc, const char *handle, const char *protocol); |
---|
| 136 | |
---|
[8521b02] | 137 | /* turn a hexadecimal digit into its numerical value */ |
---|
| 138 | int hexval(char a); |
---|
| 139 | |
---|
[5a71d9c] | 140 | /* determine the user_t for a given handle/protocol pair |
---|
| 141 | returns NULL if not found */ |
---|
| 142 | user_t *peeruser(irc_t *irc, const char *handle, const char *protocol); |
---|
| 143 | |
---|
[764c7d1] | 144 | /* handle SMP TLVs from a received message */ |
---|
| 145 | void otr_handle_smp(struct im_connection *ic, const char *handle, OtrlTLV *tlvs); |
---|
| 146 | |
---|
[5a71d9c] | 147 | /* update op/voice flag of given user according to encryption state and settings |
---|
| 148 | returns 0 if neither op_buddies nor voice_buddies is set to "encrypted", |
---|
| 149 | i.e. msgstate should be announced seperately */ |
---|
| 150 | int otr_update_modeflags(irc_t *irc, user_t *u); |
---|
| 151 | |
---|
[8521b02] | 152 | /* show general info about the OTR subsystem; called by 'otr info' */ |
---|
| 153 | void show_general_otr_info(irc_t *irc); |
---|
| 154 | |
---|
| 155 | /* show info about a given OTR context */ |
---|
| 156 | void show_otr_context_info(irc_t *irc, ConnContext *ctx); |
---|
| 157 | |
---|
[764c7d1] | 158 | /* show the list of fingerprints associated with a given context */ |
---|
| 159 | void show_fingerprints(irc_t *irc, ConnContext *ctx); |
---|
| 160 | |
---|
[c595308] | 161 | /* find a fingerprint by prefix (given as any number of hex strings) */ |
---|
| 162 | Fingerprint *match_fingerprint(irc_t *irc, ConnContext *ctx, const char **args); |
---|
| 163 | |
---|
[5f4eede] | 164 | /* find a private key by fingerprint prefix (given as any number of hex strings) */ |
---|
| 165 | OtrlPrivKey *match_privkey(irc_t *irc, const char **args); |
---|
| 166 | |
---|
[764c7d1] | 167 | |
---|
| 168 | /*** routines declared in otr.h: ***/ |
---|
| 169 | |
---|
| 170 | void otr_init(void) |
---|
| 171 | { |
---|
| 172 | if(!g_thread_supported()) g_thread_init(NULL); |
---|
| 173 | OTRL_INIT; |
---|
| 174 | |
---|
| 175 | /* fill global OtrlMessageAppOps */ |
---|
| 176 | global.otr_ops.policy = &op_policy; |
---|
| 177 | global.otr_ops.create_privkey = &op_create_privkey; |
---|
| 178 | global.otr_ops.is_logged_in = &op_is_logged_in; |
---|
| 179 | global.otr_ops.inject_message = &op_inject_message; |
---|
| 180 | global.otr_ops.notify = NULL; |
---|
| 181 | global.otr_ops.display_otr_message = &op_display_otr_message; |
---|
| 182 | global.otr_ops.update_context_list = NULL; |
---|
| 183 | global.otr_ops.protocol_name = NULL; |
---|
| 184 | global.otr_ops.protocol_name_free = NULL; |
---|
| 185 | global.otr_ops.new_fingerprint = &op_new_fingerprint; |
---|
| 186 | global.otr_ops.write_fingerprints = &op_write_fingerprints; |
---|
| 187 | global.otr_ops.gone_secure = &op_gone_secure; |
---|
| 188 | global.otr_ops.gone_insecure = &op_gone_insecure; |
---|
| 189 | global.otr_ops.still_secure = &op_still_secure; |
---|
| 190 | global.otr_ops.log_message = &op_log_message; |
---|
[a13855a] | 191 | global.otr_ops.max_message_size = &op_max_message_size; |
---|
| 192 | global.otr_ops.account_name = &op_account_name; |
---|
[764c7d1] | 193 | global.otr_ops.account_name_free = NULL; |
---|
| 194 | } |
---|
| 195 | |
---|
| 196 | /* Notice on the otr_mutex: |
---|
| 197 | |
---|
| 198 | The incoming/outgoing message handlers try to lock the otr_mutex. If they succeed, |
---|
| 199 | this will prevent a concurrent keygen (possibly spawned by that very command) |
---|
| 200 | from messing up the userstate. If the lock fails, that means there already is |
---|
| 201 | a keygen in progress. Instead of blocking for an unknown time, they |
---|
| 202 | will bail out gracefully, informing the user of this temporary "coma". |
---|
| 203 | TODO: Hold back incoming/outgoing messages and process them when keygen completes? |
---|
| 204 | |
---|
| 205 | The other routines do not lock the otr_mutex themselves, it is done as a |
---|
| 206 | catch-all in the root command handler. Rationale: |
---|
| 207 | a) it's easy to code |
---|
| 208 | b) it makes it obvious that no command can get its userstate corrupted |
---|
| 209 | c) the "irc" struct is readily available there for feedback to the user |
---|
| 210 | */ |
---|
| 211 | |
---|
| 212 | void otr_load(irc_t *irc) |
---|
| 213 | { |
---|
| 214 | char s[512]; |
---|
| 215 | account_t *a; |
---|
| 216 | gcry_error_t e; |
---|
| 217 | |
---|
| 218 | log_message(LOGLVL_DEBUG, "otr_load '%s'", irc->nick); |
---|
| 219 | |
---|
| 220 | g_snprintf(s, 511, "%s%s.otr_keys", global.conf->configdir, irc->nick); |
---|
| 221 | e = otrl_privkey_read(irc->otr_us, s); |
---|
| 222 | if(e && e!=ENOENT) { |
---|
[3c80a9d] | 223 | log_message(LOGLVL_ERROR, "otr load: %s: %s", s, strerror(e)); |
---|
[764c7d1] | 224 | } |
---|
| 225 | g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, irc->nick); |
---|
| 226 | e = otrl_privkey_read_fingerprints(irc->otr_us, s, NULL, NULL); |
---|
| 227 | if(e && e!=ENOENT) { |
---|
[3c80a9d] | 228 | log_message(LOGLVL_ERROR, "otr load: %s: %s", s, strerror(e)); |
---|
[764c7d1] | 229 | } |
---|
| 230 | |
---|
| 231 | /* check for otr keys on all accounts */ |
---|
| 232 | for(a=irc->accounts; a; a=a->next) { |
---|
| 233 | otr_check_for_key(a); |
---|
| 234 | } |
---|
| 235 | } |
---|
| 236 | |
---|
| 237 | void otr_save(irc_t *irc) |
---|
| 238 | { |
---|
| 239 | char s[512]; |
---|
[3c80a9d] | 240 | gcry_error_t e; |
---|
[764c7d1] | 241 | |
---|
| 242 | log_message(LOGLVL_DEBUG, "otr_save '%s'", irc->nick); |
---|
| 243 | |
---|
| 244 | g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, irc->nick); |
---|
[3c80a9d] | 245 | e = otrl_privkey_write_fingerprints(irc->otr_us, s); |
---|
| 246 | if(e) { |
---|
| 247 | log_message(LOGLVL_ERROR, "otr save: %s: %s", s, strerror(e)); |
---|
| 248 | } |
---|
[ef93a2f] | 249 | chmod(s, 0600); |
---|
[764c7d1] | 250 | } |
---|
| 251 | |
---|
| 252 | void otr_remove(const char *nick) |
---|
| 253 | { |
---|
| 254 | char s[512]; |
---|
| 255 | |
---|
| 256 | log_message(LOGLVL_DEBUG, "otr_remove '%s'", nick); |
---|
| 257 | |
---|
| 258 | g_snprintf(s, 511, "%s%s.otr_keys", global.conf->configdir, nick); |
---|
| 259 | unlink(s); |
---|
| 260 | g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, nick); |
---|
| 261 | unlink(s); |
---|
| 262 | } |
---|
| 263 | |
---|
| 264 | void otr_rename(const char *onick, const char *nnick) |
---|
| 265 | { |
---|
| 266 | char s[512], t[512]; |
---|
| 267 | |
---|
| 268 | log_message(LOGLVL_DEBUG, "otr_rename '%s' -> '%s'", onick, nnick); |
---|
| 269 | |
---|
| 270 | g_snprintf(s, 511, "%s%s.otr_keys", global.conf->configdir, onick); |
---|
| 271 | g_snprintf(t, 511, "%s%s.otr_keys", global.conf->configdir, nnick); |
---|
| 272 | rename(s,t); |
---|
| 273 | g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, onick); |
---|
| 274 | g_snprintf(t, 511, "%s%s.otr_fprints", global.conf->configdir, nnick); |
---|
| 275 | rename(s,t); |
---|
| 276 | } |
---|
| 277 | |
---|
| 278 | void otr_check_for_key(account_t *a) |
---|
| 279 | { |
---|
| 280 | irc_t *irc = a->irc; |
---|
[a13855a] | 281 | OtrlPrivKey *k; |
---|
[764c7d1] | 282 | |
---|
[a13855a] | 283 | k = otrl_privkey_find(irc->otr_us, a->user, a->prpl->name); |
---|
| 284 | if(k) { |
---|
| 285 | irc_usermsg(irc, "otr: %s/%s ready", |
---|
| 286 | a->user, a->prpl->name); |
---|
[764c7d1] | 287 | } else { |
---|
| 288 | otr_keygen(irc, a->user, a->prpl->name); |
---|
| 289 | } |
---|
| 290 | } |
---|
| 291 | |
---|
| 292 | char *otr_handle_message(struct im_connection *ic, const char *handle, const char *msg) |
---|
| 293 | { |
---|
| 294 | int ignore_msg; |
---|
| 295 | char *newmsg = NULL; |
---|
| 296 | OtrlTLV *tlvs = NULL; |
---|
| 297 | char *colormsg; |
---|
| 298 | |
---|
[c595308] | 299 | if(!g_static_rec_mutex_trylock(&ic->irc->otr_mutex)) { |
---|
[f3597a1] | 300 | user_t *u = user_findhandle(ic, handle); |
---|
| 301 | |
---|
| 302 | /* fallback for non-otr clients */ |
---|
| 303 | if(u && !u->encrypted) { |
---|
| 304 | return g_strdup(msg); |
---|
| 305 | } |
---|
| 306 | |
---|
| 307 | irc_usermsg(ic->irc, "encrypted msg from %s during keygen - dropped", |
---|
[a13855a] | 308 | peernick(ic->irc, handle, ic->acc->prpl->name)); |
---|
[764c7d1] | 309 | return NULL; |
---|
| 310 | } |
---|
| 311 | |
---|
| 312 | ignore_msg = otrl_message_receiving(ic->irc->otr_us, &global.otr_ops, ic, |
---|
| 313 | ic->acc->user, ic->acc->prpl->name, handle, msg, &newmsg, |
---|
| 314 | &tlvs, NULL, NULL); |
---|
| 315 | |
---|
| 316 | otr_handle_smp(ic, handle, tlvs); |
---|
| 317 | |
---|
| 318 | if(ignore_msg) { |
---|
| 319 | /* this was an internal OTR protocol message */ |
---|
[c595308] | 320 | g_static_rec_mutex_unlock(&ic->irc->otr_mutex); |
---|
[764c7d1] | 321 | return NULL; |
---|
| 322 | } else if(!newmsg) { |
---|
| 323 | /* this was a non-OTR message */ |
---|
[c595308] | 324 | g_static_rec_mutex_unlock(&ic->irc->otr_mutex); |
---|
[764c7d1] | 325 | return g_strdup(msg); |
---|
| 326 | } else { |
---|
| 327 | /* OTR has processed this message */ |
---|
| 328 | ConnContext *context = otrl_context_find(ic->irc->otr_us, handle, |
---|
| 329 | ic->acc->user, ic->acc->prpl->name, 0, NULL, NULL, NULL); |
---|
[5f4eede] | 330 | if(context && context->msgstate == OTRL_MSGSTATE_ENCRYPTED && |
---|
| 331 | set_getbool(&ic->irc->set, "color_encrypted")) { |
---|
[764c7d1] | 332 | /* color according to f'print trust */ |
---|
| 333 | char color; |
---|
| 334 | const char *trust = context->active_fingerprint->trust; |
---|
| 335 | if(trust && trust[0] != '\0') |
---|
| 336 | color='3'; /* green */ |
---|
| 337 | else |
---|
| 338 | color='5'; /* red */ |
---|
| 339 | colormsg = g_strdup_printf("\x03%c%s\x0F", color, newmsg); |
---|
| 340 | } else { |
---|
| 341 | colormsg = g_strdup(newmsg); |
---|
| 342 | } |
---|
| 343 | otrl_message_free(newmsg); |
---|
[c595308] | 344 | g_static_rec_mutex_unlock(&ic->irc->otr_mutex); |
---|
[764c7d1] | 345 | return colormsg; |
---|
| 346 | } |
---|
| 347 | } |
---|
| 348 | |
---|
| 349 | int otr_send_message(struct im_connection *ic, const char *handle, const char *msg, int flags) |
---|
| 350 | { |
---|
[5a71d9c] | 351 | int st; |
---|
| 352 | char *otrmsg = NULL; |
---|
| 353 | ConnContext *ctx = NULL; |
---|
| 354 | |
---|
[c595308] | 355 | if(!g_static_rec_mutex_trylock(&ic->irc->otr_mutex)) { |
---|
[f3597a1] | 356 | user_t *u = user_findhandle(ic, handle); |
---|
| 357 | |
---|
| 358 | /* Fallback for non-otr clients. |
---|
| 359 | Yes, this better shouldn't send private stuff in the clear... */ |
---|
| 360 | if(u && !u->encrypted) { |
---|
| 361 | return ic->acc->prpl->buddy_msg(ic, (char *)handle, (char *)msg, flags); |
---|
| 362 | } |
---|
| 363 | |
---|
| 364 | irc_usermsg(ic->irc, "encrypted message to %s during keygen - not sent", |
---|
[5a71d9c] | 365 | peernick(ic->irc, handle, ic->acc->prpl->name)); |
---|
| 366 | return 1; |
---|
[764c7d1] | 367 | } |
---|
| 368 | |
---|
| 369 | st = otrl_message_sending(ic->irc->otr_us, &global.otr_ops, ic, |
---|
| 370 | ic->acc->user, ic->acc->prpl->name, handle, |
---|
| 371 | msg, NULL, &otrmsg, NULL, NULL); |
---|
| 372 | if(st) { |
---|
[c595308] | 373 | g_static_rec_mutex_unlock(&ic->irc->otr_mutex); |
---|
[764c7d1] | 374 | return st; |
---|
| 375 | } |
---|
| 376 | |
---|
| 377 | ctx = otrl_context_find(ic->irc->otr_us, |
---|
| 378 | handle, ic->acc->user, ic->acc->prpl->name, |
---|
| 379 | 1, NULL, NULL, NULL); |
---|
| 380 | |
---|
| 381 | if(otrmsg) { |
---|
| 382 | if(!ctx) { |
---|
| 383 | otrl_message_free(otrmsg); |
---|
[c595308] | 384 | g_static_rec_mutex_unlock(&ic->irc->otr_mutex); |
---|
[764c7d1] | 385 | return 1; |
---|
| 386 | } |
---|
| 387 | st = otrl_message_fragment_and_send(&global.otr_ops, ic, ctx, |
---|
| 388 | otrmsg, OTRL_FRAGMENT_SEND_ALL, NULL); |
---|
| 389 | otrl_message_free(otrmsg); |
---|
| 390 | } else { |
---|
[e2b15bb] | 391 | /* note: otrl_message_sending handles policy, so that if REQUIRE_ENCRYPTION is set, |
---|
| 392 | this case does not occur */ |
---|
[764c7d1] | 393 | st = ic->acc->prpl->buddy_msg( ic, (char *)handle, (char *)msg, flags ); |
---|
| 394 | } |
---|
| 395 | |
---|
[c595308] | 396 | g_static_rec_mutex_unlock(&ic->irc->otr_mutex); |
---|
[764c7d1] | 397 | return st; |
---|
| 398 | } |
---|
| 399 | |
---|
| 400 | void cmd_otr(irc_t *irc, char **args) |
---|
| 401 | { |
---|
| 402 | const command_t *cmd; |
---|
| 403 | |
---|
| 404 | if(!args[0]) |
---|
| 405 | return; |
---|
| 406 | |
---|
| 407 | if(!args[1]) |
---|
| 408 | return; |
---|
| 409 | |
---|
| 410 | for(cmd=otr_commands; cmd->command; cmd++) { |
---|
| 411 | if(strcmp(cmd->command, args[1]) == 0) |
---|
| 412 | break; |
---|
| 413 | } |
---|
| 414 | |
---|
| 415 | if(!cmd->command) { |
---|
[c595308] | 416 | irc_usermsg(irc, "%s: unknown subcommand \"%s\", see \x02help otr\x02", |
---|
[764c7d1] | 417 | args[0], args[1]); |
---|
| 418 | return; |
---|
| 419 | } |
---|
| 420 | |
---|
| 421 | if(!args[cmd->required_parameters+1]) { |
---|
| 422 | irc_usermsg(irc, "%s %s: not enough arguments (%d req.)", |
---|
| 423 | args[0], args[1], cmd->required_parameters); |
---|
| 424 | return; |
---|
| 425 | } |
---|
| 426 | |
---|
| 427 | cmd->execute(irc, args+1); |
---|
| 428 | } |
---|
| 429 | |
---|
| 430 | |
---|
| 431 | /*** OTR "MessageAppOps" callbacks for global.otr_ui: ***/ |
---|
| 432 | |
---|
| 433 | OtrlPolicy op_policy(void *opdata, ConnContext *context) |
---|
| 434 | { |
---|
[e2b15bb] | 435 | struct im_connection *ic = check_imc(opdata, context->accountname, context->protocol); |
---|
| 436 | const char *p; |
---|
| 437 | |
---|
| 438 | p = set_getstr(&ic->irc->set, "otr_policy"); |
---|
| 439 | if(!strcmp(p, "never")) |
---|
| 440 | return OTRL_POLICY_NEVER; |
---|
| 441 | if(!strcmp(p, "opportunistic")) |
---|
| 442 | return OTRL_POLICY_OPPORTUNISTIC; |
---|
| 443 | if(!strcmp(p, "manual")) |
---|
| 444 | return OTRL_POLICY_MANUAL; |
---|
| 445 | if(!strcmp(p, "always")) |
---|
| 446 | return OTRL_POLICY_ALWAYS; |
---|
| 447 | |
---|
[764c7d1] | 448 | return OTRL_POLICY_OPPORTUNISTIC; |
---|
| 449 | } |
---|
| 450 | |
---|
| 451 | void op_create_privkey(void *opdata, const char *accountname, |
---|
| 452 | const char *protocol) |
---|
| 453 | { |
---|
| 454 | struct im_connection *ic = check_imc(opdata, accountname, protocol); |
---|
| 455 | char *s; |
---|
| 456 | |
---|
| 457 | log_message(LOGLVL_DEBUG, "op_create_privkey '%s' '%s'", accountname, protocol); |
---|
| 458 | |
---|
[5f4eede] | 459 | s = g_strdup_printf("oops, no otr privkey for %s - generate one now?", |
---|
| 460 | accountname); |
---|
[c595308] | 461 | query_add(ic->irc, ic, s, yes_keygen, NULL, ic->acc); |
---|
[764c7d1] | 462 | } |
---|
| 463 | |
---|
| 464 | int op_is_logged_in(void *opdata, const char *accountname, |
---|
| 465 | const char *protocol, const char *recipient) |
---|
| 466 | { |
---|
| 467 | struct im_connection *ic = check_imc(opdata, accountname, protocol); |
---|
| 468 | user_t *u; |
---|
| 469 | |
---|
| 470 | log_message(LOGLVL_DEBUG, "op_is_logged_in '%s' '%s' '%s'", accountname, protocol, recipient); |
---|
| 471 | |
---|
| 472 | /* lookup the user_t for the given recipient */ |
---|
| 473 | u = user_findhandle(ic, recipient); |
---|
| 474 | if(u) { |
---|
| 475 | if(u->online) |
---|
| 476 | return 1; |
---|
| 477 | else |
---|
| 478 | return 0; |
---|
| 479 | } else { |
---|
| 480 | return -1; |
---|
| 481 | } |
---|
| 482 | } |
---|
| 483 | |
---|
| 484 | void op_inject_message(void *opdata, const char *accountname, |
---|
| 485 | const char *protocol, const char *recipient, const char *message) |
---|
| 486 | { |
---|
| 487 | struct im_connection *ic = check_imc(opdata, accountname, protocol); |
---|
| 488 | |
---|
| 489 | log_message(LOGLVL_DEBUG, "op_inject_message '%s' '%s' '%s' '%s'", accountname, protocol, recipient, message); |
---|
| 490 | |
---|
| 491 | if (strcmp(accountname, recipient) == 0) { |
---|
| 492 | /* huh? injecting messages to myself? */ |
---|
| 493 | irc_usermsg(ic->irc, "note to self: %s", message); |
---|
| 494 | } else { |
---|
| 495 | /* need to drop some consts here :-( */ |
---|
| 496 | /* TODO: get flags into op_inject_message?! */ |
---|
| 497 | ic->acc->prpl->buddy_msg(ic, (char *)recipient, (char *)message, 0); |
---|
| 498 | /* ignoring return value :-/ */ |
---|
| 499 | } |
---|
| 500 | } |
---|
| 501 | |
---|
| 502 | int op_display_otr_message(void *opdata, const char *accountname, |
---|
[5a71d9c] | 503 | const char *protocol, const char *username, const char *message) |
---|
[764c7d1] | 504 | { |
---|
| 505 | struct im_connection *ic = check_imc(opdata, accountname, protocol); |
---|
[5a71d9c] | 506 | char *msg = g_strdup(message); |
---|
[764c7d1] | 507 | |
---|
[5a71d9c] | 508 | log_message(LOGLVL_DEBUG, "op_display_otr_message '%s' '%s' '%s' '%s'", accountname, protocol, username, message); |
---|
[764c7d1] | 509 | |
---|
[5a71d9c] | 510 | strip_html(msg); |
---|
| 511 | irc_usermsg(ic->irc, "otr: %s", msg); |
---|
[764c7d1] | 512 | |
---|
[5a71d9c] | 513 | g_free(msg); |
---|
[764c7d1] | 514 | return 0; |
---|
| 515 | } |
---|
| 516 | |
---|
| 517 | void op_new_fingerprint(void *opdata, OtrlUserState us, |
---|
| 518 | const char *accountname, const char *protocol, |
---|
| 519 | const char *username, unsigned char fingerprint[20]) |
---|
| 520 | { |
---|
| 521 | struct im_connection *ic = check_imc(opdata, accountname, protocol); |
---|
| 522 | char hunam[45]; /* anybody looking? ;-) */ |
---|
| 523 | |
---|
| 524 | otrl_privkey_hash_to_human(hunam, fingerprint); |
---|
| 525 | log_message(LOGLVL_DEBUG, "op_new_fingerprint '%s' '%s' '%s' '%s'", accountname, protocol, username, hunam); |
---|
| 526 | |
---|
| 527 | irc_usermsg(ic->irc, "new fingerprint for %s: %s", |
---|
| 528 | peernick(ic->irc, username, protocol), hunam); |
---|
| 529 | } |
---|
| 530 | |
---|
| 531 | void op_write_fingerprints(void *opdata) |
---|
| 532 | { |
---|
| 533 | struct im_connection *ic = (struct im_connection *)opdata; |
---|
| 534 | |
---|
| 535 | log_message(LOGLVL_DEBUG, "op_write_fingerprints"); |
---|
| 536 | |
---|
| 537 | otr_save(ic->irc); |
---|
| 538 | } |
---|
| 539 | |
---|
| 540 | void op_gone_secure(void *opdata, ConnContext *context) |
---|
| 541 | { |
---|
| 542 | struct im_connection *ic = |
---|
| 543 | check_imc(opdata, context->accountname, context->protocol); |
---|
[5a71d9c] | 544 | user_t *u; |
---|
[c595308] | 545 | const char *trust; |
---|
[764c7d1] | 546 | |
---|
| 547 | log_message(LOGLVL_DEBUG, "op_gone_secure '%s' '%s' '%s'", context->accountname, context->protocol, context->username); |
---|
| 548 | |
---|
[5a71d9c] | 549 | u = peeruser(ic->irc, context->username, context->protocol); |
---|
| 550 | if(!u) { |
---|
| 551 | log_message(LOGLVL_ERROR, |
---|
[8521b02] | 552 | "BUG: otr.c: op_gone_secure: user_t for %s/%s/%s not found!", |
---|
| 553 | context->username, context->protocol, context->accountname); |
---|
[5a71d9c] | 554 | return; |
---|
| 555 | } |
---|
[c595308] | 556 | |
---|
| 557 | trust = context->active_fingerprint->trust; |
---|
| 558 | if(trust && trust[0]) |
---|
[5a71d9c] | 559 | u->encrypted = 2; |
---|
| 560 | else |
---|
| 561 | u->encrypted = 1; |
---|
| 562 | if(!otr_update_modeflags(ic->irc, u)) |
---|
| 563 | irc_usermsg(ic->irc, "conversation with %s is now off the record", u->nick); |
---|
[764c7d1] | 564 | } |
---|
| 565 | |
---|
| 566 | void op_gone_insecure(void *opdata, ConnContext *context) |
---|
| 567 | { |
---|
| 568 | struct im_connection *ic = |
---|
| 569 | check_imc(opdata, context->accountname, context->protocol); |
---|
[5a71d9c] | 570 | user_t *u; |
---|
[764c7d1] | 571 | |
---|
| 572 | log_message(LOGLVL_DEBUG, "op_gone_insecure '%s' '%s' '%s'", context->accountname, context->protocol, context->username); |
---|
| 573 | |
---|
[5a71d9c] | 574 | u = peeruser(ic->irc, context->username, context->protocol); |
---|
| 575 | if(!u) { |
---|
| 576 | log_message(LOGLVL_ERROR, |
---|
[8521b02] | 577 | "BUG: otr.c: op_gone_insecure: user_t for %s/%s/%s not found!", |
---|
| 578 | context->username, context->protocol, context->accountname); |
---|
[5a71d9c] | 579 | return; |
---|
| 580 | } |
---|
| 581 | u->encrypted = 0; |
---|
| 582 | if(!otr_update_modeflags(ic->irc, u)) |
---|
| 583 | irc_usermsg(ic->irc, "conversation with %s is now in the clear", u->nick); |
---|
[764c7d1] | 584 | } |
---|
| 585 | |
---|
| 586 | void op_still_secure(void *opdata, ConnContext *context, int is_reply) |
---|
| 587 | { |
---|
| 588 | struct im_connection *ic = |
---|
| 589 | check_imc(opdata, context->accountname, context->protocol); |
---|
[5a71d9c] | 590 | user_t *u; |
---|
[764c7d1] | 591 | |
---|
| 592 | log_message(LOGLVL_DEBUG, "op_still_secure '%s' '%s' '%s' is_reply=%d", |
---|
| 593 | context->accountname, context->protocol, context->username, is_reply); |
---|
| 594 | |
---|
[5a71d9c] | 595 | u = peeruser(ic->irc, context->username, context->protocol); |
---|
| 596 | if(!u) { |
---|
| 597 | log_message(LOGLVL_ERROR, |
---|
[8521b02] | 598 | "BUG: otr.c: op_still_secure: user_t for %s/%s/%s not found!", |
---|
| 599 | context->username, context->protocol, context->accountname); |
---|
[5a71d9c] | 600 | return; |
---|
| 601 | } |
---|
| 602 | if(context->active_fingerprint->trust[0]) |
---|
| 603 | u->encrypted = 2; |
---|
| 604 | else |
---|
| 605 | u->encrypted = 1; |
---|
| 606 | if(!otr_update_modeflags(ic->irc, u)) |
---|
| 607 | irc_usermsg(ic->irc, "otr connection with %s has been refreshed", u->nick); |
---|
[764c7d1] | 608 | } |
---|
| 609 | |
---|
| 610 | void op_log_message(void *opdata, const char *message) |
---|
| 611 | { |
---|
[5a71d9c] | 612 | char *msg = g_strdup(message); |
---|
| 613 | |
---|
| 614 | strip_html(msg); |
---|
| 615 | log_message(LOGLVL_INFO, "otr: %s", msg); |
---|
| 616 | g_free(msg); |
---|
[764c7d1] | 617 | } |
---|
| 618 | |
---|
[a13855a] | 619 | int op_max_message_size(void *opdata, ConnContext *context) |
---|
| 620 | { |
---|
[5a71d9c] | 621 | struct im_connection *ic = |
---|
| 622 | check_imc(opdata, context->accountname, context->protocol); |
---|
| 623 | |
---|
| 624 | return ic->acc->prpl->mms; |
---|
[a13855a] | 625 | } |
---|
| 626 | |
---|
| 627 | const char *op_account_name(void *opdata, const char *account, const char *protocol) |
---|
| 628 | { |
---|
| 629 | struct im_connection *ic = (struct im_connection *)opdata; |
---|
| 630 | |
---|
| 631 | log_message(LOGLVL_DEBUG, "op_account_name '%s' '%s'", account, protocol); |
---|
| 632 | |
---|
| 633 | return peernick(ic->irc, account, protocol); |
---|
| 634 | } |
---|
| 635 | |
---|
[764c7d1] | 636 | |
---|
| 637 | /*** OTR sub-command handlers ***/ |
---|
| 638 | |
---|
[8521b02] | 639 | void cmd_otr_disconnect(irc_t *irc, char **args) |
---|
[764c7d1] | 640 | { |
---|
| 641 | user_t *u; |
---|
| 642 | |
---|
| 643 | u = user_find(irc, args[1]); |
---|
| 644 | if(!u || !u->ic) { |
---|
| 645 | irc_usermsg(irc, "%s: unknown user", args[1]); |
---|
| 646 | return; |
---|
| 647 | } |
---|
| 648 | |
---|
| 649 | otrl_message_disconnect(irc->otr_us, &global.otr_ops, |
---|
| 650 | u->ic, u->ic->acc->user, u->ic->acc->prpl->name, u->handle); |
---|
[c595308] | 651 | |
---|
| 652 | /* for some reason, libotr (3.1.0) doesn't do this itself: */ |
---|
| 653 | if(u->encrypted) { |
---|
| 654 | ConnContext *ctx; |
---|
| 655 | ctx = otrl_context_find(irc->otr_us, u->handle, u->ic->acc->user, |
---|
| 656 | u->ic->acc->prpl->name, 0, NULL, NULL, NULL); |
---|
| 657 | if(ctx) |
---|
| 658 | op_gone_insecure(u->ic, ctx); |
---|
| 659 | else /* huh? */ |
---|
| 660 | u->encrypted = 0; |
---|
| 661 | } |
---|
[764c7d1] | 662 | } |
---|
| 663 | |
---|
[8521b02] | 664 | void cmd_otr_connect(irc_t *irc, char **args) |
---|
[764c7d1] | 665 | { |
---|
| 666 | user_t *u; |
---|
| 667 | |
---|
| 668 | u = user_find(irc, args[1]); |
---|
| 669 | if(!u || !u->ic) { |
---|
| 670 | irc_usermsg(irc, "%s: unknown user", args[1]); |
---|
| 671 | return; |
---|
| 672 | } |
---|
| 673 | if(!u->online) { |
---|
| 674 | irc_usermsg(irc, "%s is offline", args[1]); |
---|
| 675 | return; |
---|
| 676 | } |
---|
| 677 | |
---|
| 678 | imc_buddy_msg(u->ic, u->handle, "?OTR?", 0); |
---|
| 679 | } |
---|
| 680 | |
---|
[5a71d9c] | 681 | void cmd_otr_smp(irc_t *irc, char **args) |
---|
[764c7d1] | 682 | { |
---|
| 683 | user_t *u; |
---|
| 684 | ConnContext *ctx; |
---|
| 685 | |
---|
| 686 | u = user_find(irc, args[1]); |
---|
| 687 | if(!u || !u->ic) { |
---|
| 688 | irc_usermsg(irc, "%s: unknown user", args[1]); |
---|
| 689 | return; |
---|
| 690 | } |
---|
| 691 | if(!u->online) { |
---|
| 692 | irc_usermsg(irc, "%s is offline", args[1]); |
---|
| 693 | return; |
---|
| 694 | } |
---|
| 695 | |
---|
| 696 | ctx = otrl_context_find(irc->otr_us, u->handle, |
---|
| 697 | u->ic->acc->user, u->ic->acc->prpl->name, 1, NULL, NULL, NULL); |
---|
| 698 | if(!ctx) { |
---|
[3c80a9d] | 699 | /* huh? out of memory or what? */ |
---|
[764c7d1] | 700 | return; |
---|
| 701 | } |
---|
| 702 | |
---|
| 703 | if(ctx->smstate->nextExpected != OTRL_SMP_EXPECT1) { |
---|
| 704 | log_message(LOGLVL_INFO, |
---|
| 705 | "SMP already in phase %d, sending abort before reinitiating", |
---|
| 706 | ctx->smstate->nextExpected+1); |
---|
| 707 | otrl_message_abort_smp(irc->otr_us, &global.otr_ops, u->ic, ctx); |
---|
| 708 | otrl_sm_state_free(ctx->smstate); |
---|
| 709 | } |
---|
| 710 | |
---|
| 711 | /* warning: the following assumes that smstates are cleared whenever an SMP |
---|
| 712 | is completed or aborted! */ |
---|
| 713 | if(ctx->smstate->secret == NULL) { |
---|
| 714 | irc_usermsg(irc, "smp: initiating with %s...", u->nick); |
---|
| 715 | otrl_message_initiate_smp(irc->otr_us, &global.otr_ops, |
---|
| 716 | u->ic, ctx, (unsigned char *)args[2], strlen(args[2])); |
---|
| 717 | /* smp is now in EXPECT2 */ |
---|
| 718 | } else { |
---|
| 719 | /* if we're still in EXPECT1 but smstate is initialized, we must have |
---|
| 720 | received the SMP1, so let's issue a response */ |
---|
| 721 | irc_usermsg(irc, "smp: responding to %s...", u->nick); |
---|
| 722 | otrl_message_respond_smp(irc->otr_us, &global.otr_ops, |
---|
| 723 | u->ic, ctx, (unsigned char *)args[2], strlen(args[2])); |
---|
| 724 | /* smp is now in EXPECT3 */ |
---|
| 725 | } |
---|
| 726 | } |
---|
| 727 | |
---|
[5a71d9c] | 728 | void cmd_otr_trust(irc_t *irc, char **args) |
---|
| 729 | { |
---|
| 730 | user_t *u; |
---|
| 731 | ConnContext *ctx; |
---|
| 732 | unsigned char raw[20]; |
---|
| 733 | Fingerprint *fp; |
---|
| 734 | int i,j; |
---|
| 735 | |
---|
| 736 | u = user_find(irc, args[1]); |
---|
| 737 | if(!u || !u->ic) { |
---|
| 738 | irc_usermsg(irc, "%s: unknown user", args[1]); |
---|
| 739 | return; |
---|
| 740 | } |
---|
| 741 | |
---|
| 742 | ctx = otrl_context_find(irc->otr_us, u->handle, |
---|
| 743 | u->ic->acc->user, u->ic->acc->prpl->name, 0, NULL, NULL, NULL); |
---|
| 744 | if(!ctx) { |
---|
| 745 | irc_usermsg(irc, "%s: no otr context with user", args[1]); |
---|
| 746 | return; |
---|
| 747 | } |
---|
| 748 | |
---|
| 749 | /* convert given fingerprint to raw representation */ |
---|
| 750 | for(i=0; i<5; i++) { |
---|
| 751 | for(j=0; j<4; j++) { |
---|
| 752 | char *p = args[2+i]+(2*j); |
---|
| 753 | char *q = p+1; |
---|
| 754 | int x, y; |
---|
| 755 | |
---|
| 756 | if(!*p || !*q) { |
---|
| 757 | irc_usermsg(irc, "failed: truncated fingerprint block %d", i+1); |
---|
| 758 | return; |
---|
| 759 | } |
---|
| 760 | |
---|
| 761 | x = hexval(*p); |
---|
| 762 | y = hexval(*q); |
---|
| 763 | if(x<0) { |
---|
| 764 | irc_usermsg(irc, "failed: %d. hex digit of block %d out of range", 2*j+1, i+1); |
---|
| 765 | return; |
---|
| 766 | } |
---|
| 767 | if(y<0) { |
---|
| 768 | irc_usermsg(irc, "failed: %d. hex digit of block %d out of range", 2*j+2, i+1); |
---|
| 769 | return; |
---|
| 770 | } |
---|
| 771 | |
---|
| 772 | raw[i*4+j] = x*16 + y; |
---|
| 773 | } |
---|
| 774 | } |
---|
| 775 | fp = otrl_context_find_fingerprint(ctx, raw, 0, NULL); |
---|
| 776 | if(!fp) { |
---|
| 777 | irc_usermsg(irc, "failed: no such fingerprint for %s", args[1]); |
---|
| 778 | } else { |
---|
| 779 | char *trust = args[7] ? args[7] : "affirmed"; |
---|
| 780 | otrl_context_set_trust(fp, trust); |
---|
| 781 | irc_usermsg(irc, "fingerprint match, trust set to \"%s\"", trust); |
---|
| 782 | if(u->encrypted) |
---|
| 783 | u->encrypted = 2; |
---|
| 784 | otr_update_modeflags(irc, u); |
---|
| 785 | } |
---|
| 786 | } |
---|
| 787 | |
---|
[8521b02] | 788 | void cmd_otr_info(irc_t *irc, char **args) |
---|
[764c7d1] | 789 | { |
---|
[8521b02] | 790 | if(!args[1]) { |
---|
| 791 | show_general_otr_info(irc); |
---|
[764c7d1] | 792 | } else { |
---|
[8521b02] | 793 | char *arg = g_strdup(args[1]); |
---|
| 794 | char *myhandle, *handle, *protocol; |
---|
[764c7d1] | 795 | ConnContext *ctx; |
---|
[8521b02] | 796 | |
---|
| 797 | /* interpret arg as 'user/protocol/account' if possible */ |
---|
| 798 | protocol = strchr(arg, '/'); |
---|
| 799 | if(protocol) { |
---|
| 800 | *(protocol++) = '\0'; |
---|
| 801 | myhandle = strchr(protocol, '/'); |
---|
[764c7d1] | 802 | } |
---|
[8521b02] | 803 | if(protocol && myhandle) { |
---|
| 804 | *(myhandle++) = '\0'; |
---|
| 805 | handle = arg; |
---|
| 806 | ctx = otrl_context_find(irc->otr_us, handle, myhandle, protocol, 0, NULL, NULL, NULL); |
---|
| 807 | if(!ctx) { |
---|
[c595308] | 808 | irc_usermsg(irc, "no such context"); |
---|
[8521b02] | 809 | g_free(arg); |
---|
| 810 | return; |
---|
| 811 | } |
---|
[764c7d1] | 812 | } else { |
---|
[8521b02] | 813 | user_t *u = user_find(irc, args[1]); |
---|
| 814 | if(!u || !u->ic) { |
---|
| 815 | irc_usermsg(irc, "%s: unknown user", args[1]); |
---|
| 816 | g_free(arg); |
---|
| 817 | return; |
---|
[5a71d9c] | 818 | } |
---|
[8521b02] | 819 | ctx = otrl_context_find(irc->otr_us, u->handle, u->ic->acc->user, |
---|
| 820 | u->ic->acc->prpl->name, 0, NULL, NULL, NULL); |
---|
| 821 | if(!ctx) { |
---|
| 822 | irc_usermsg(irc, "no otr context with %s", args[1]); |
---|
| 823 | g_free(arg); |
---|
| 824 | return; |
---|
| 825 | } |
---|
| 826 | } |
---|
| 827 | |
---|
| 828 | /* show how we resolved the (nick) argument, if we did */ |
---|
| 829 | if(handle!=arg) { |
---|
| 830 | irc_usermsg(irc, "%s is %s/%s; we are %s/%s to them", args[1], |
---|
| 831 | ctx->username, ctx->protocol, ctx->accountname, ctx->protocol); |
---|
[764c7d1] | 832 | } |
---|
[8521b02] | 833 | show_otr_context_info(irc, ctx); |
---|
| 834 | g_free(arg); |
---|
[764c7d1] | 835 | } |
---|
| 836 | } |
---|
| 837 | |
---|
[94e7eb3] | 838 | void cmd_otr_keygen(irc_t *irc, char **args) |
---|
| 839 | { |
---|
| 840 | int i, n; |
---|
| 841 | account_t *a; |
---|
| 842 | |
---|
| 843 | n = atoi(args[1]); |
---|
| 844 | if(n<0 || (!n && strcmp(args[1], "0"))) { |
---|
| 845 | irc_usermsg(irc, "%s: invalid account number", args[1]); |
---|
| 846 | return; |
---|
| 847 | } |
---|
| 848 | |
---|
| 849 | a = irc->accounts; |
---|
| 850 | for(i=0; i<n && a; i++, a=a->next); |
---|
| 851 | if(!a) { |
---|
| 852 | irc_usermsg(irc, "%s: no such account", args[1]); |
---|
| 853 | return; |
---|
| 854 | } |
---|
| 855 | |
---|
| 856 | if(otrl_privkey_find(irc->otr_us, a->user, a->prpl->name)) { |
---|
| 857 | char *s = g_strdup_printf("account %d already has a key, replace it?", n); |
---|
[5f4eede] | 858 | query_add(irc, NULL, s, yes_keygen, NULL, a); |
---|
[94e7eb3] | 859 | } else { |
---|
| 860 | otr_keygen(irc, a->user, a->prpl->name); |
---|
| 861 | } |
---|
| 862 | } |
---|
| 863 | |
---|
[c595308] | 864 | void yes_forget_fingerprint(gpointer w, void *data) |
---|
| 865 | { |
---|
[5f4eede] | 866 | irc_t *irc = (irc_t *)w; |
---|
[c595308] | 867 | Fingerprint *fp = (Fingerprint *)data; |
---|
| 868 | |
---|
| 869 | if(fp == fp->context->active_fingerprint) { |
---|
[5f4eede] | 870 | irc_usermsg(irc, "that fingerprint is active, terminate otr connection first"); |
---|
[c595308] | 871 | return; |
---|
| 872 | } |
---|
| 873 | |
---|
| 874 | otrl_context_forget_fingerprint(fp, 0); |
---|
| 875 | } |
---|
| 876 | |
---|
| 877 | void yes_forget_context(gpointer w, void *data) |
---|
| 878 | { |
---|
[5f4eede] | 879 | irc_t *irc = (irc_t *)w; |
---|
[c595308] | 880 | ConnContext *ctx = (ConnContext *)data; |
---|
| 881 | |
---|
| 882 | if(ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) { |
---|
[5f4eede] | 883 | irc_usermsg(irc, "active otr connection with %s, terminate it first", |
---|
| 884 | peernick(irc, ctx->username, ctx->protocol)); |
---|
[c595308] | 885 | return; |
---|
| 886 | } |
---|
| 887 | |
---|
| 888 | if(ctx->msgstate == OTRL_MSGSTATE_FINISHED) |
---|
| 889 | otrl_context_force_plaintext(ctx); |
---|
| 890 | otrl_context_forget(ctx); |
---|
| 891 | } |
---|
| 892 | |
---|
[5f4eede] | 893 | void yes_forget_key(gpointer w, void *data) |
---|
| 894 | { |
---|
| 895 | OtrlPrivKey *key = (OtrlPrivKey *)data; |
---|
| 896 | |
---|
| 897 | /* FIXME: For some reason which /completely eludes me/, this call keeps |
---|
| 898 | barfing on the gcry_sexp_release inside (invalid pointer free). */ |
---|
| 899 | otrl_privkey_forget(key); |
---|
| 900 | } |
---|
| 901 | |
---|
[c595308] | 902 | void cmd_otr_forget(irc_t *irc, char **args) |
---|
| 903 | { |
---|
| 904 | if(!strcmp(args[1], "fingerprint")) |
---|
| 905 | { |
---|
| 906 | user_t *u; |
---|
| 907 | ConnContext *ctx; |
---|
| 908 | Fingerprint *fp; |
---|
| 909 | char human[54]; |
---|
| 910 | char *s; |
---|
| 911 | |
---|
| 912 | if(!args[3]) { |
---|
| 913 | irc_usermsg(irc, "otr %s %s: not enough arguments (2 req.)", args[0], args[1]); |
---|
| 914 | return; |
---|
| 915 | } |
---|
| 916 | |
---|
[e2b15bb] | 917 | /* TODO: allow context specs ("user/proto/account") in 'otr forget fingerprint'? */ |
---|
[c595308] | 918 | u = user_find(irc, args[2]); |
---|
| 919 | if(!u || !u->ic) { |
---|
| 920 | irc_usermsg(irc, "%s: unknown user", args[2]); |
---|
| 921 | return; |
---|
| 922 | } |
---|
| 923 | |
---|
| 924 | ctx = otrl_context_find(irc->otr_us, u->handle, u->ic->acc->user, |
---|
| 925 | u->ic->acc->prpl->name, 0, NULL, NULL, NULL); |
---|
| 926 | if(!ctx) { |
---|
| 927 | irc_usermsg(irc, "no otr context with %s", args[2]); |
---|
| 928 | return; |
---|
| 929 | } |
---|
| 930 | |
---|
| 931 | fp = match_fingerprint(irc, ctx, ((const char **)args)+3); |
---|
| 932 | if(!fp) { |
---|
| 933 | /* match_fingerprint does error messages */ |
---|
| 934 | return; |
---|
| 935 | } |
---|
| 936 | |
---|
| 937 | if(fp == ctx->active_fingerprint) { |
---|
| 938 | irc_usermsg(irc, "that fingerprint is active, terminate otr connection first"); |
---|
| 939 | return; |
---|
| 940 | } |
---|
| 941 | |
---|
| 942 | otrl_privkey_hash_to_human(human, fp->fingerprint); |
---|
| 943 | s = g_strdup_printf("about to forget fingerprint %s, are you sure?", human); |
---|
[5f4eede] | 944 | query_add(irc, NULL, s, yes_forget_fingerprint, NULL, fp); |
---|
[c595308] | 945 | } |
---|
| 946 | |
---|
| 947 | else if(!strcmp(args[1], "context")) |
---|
| 948 | { |
---|
| 949 | user_t *u; |
---|
| 950 | ConnContext *ctx; |
---|
| 951 | char *s; |
---|
| 952 | |
---|
[e2b15bb] | 953 | /* TODO: allow context specs ("user/proto/account") in 'otr forget contex'? */ |
---|
[c595308] | 954 | u = user_find(irc, args[2]); |
---|
| 955 | if(!u || !u->ic) { |
---|
| 956 | irc_usermsg(irc, "%s: unknown user", args[2]); |
---|
| 957 | return; |
---|
| 958 | } |
---|
| 959 | |
---|
| 960 | ctx = otrl_context_find(irc->otr_us, u->handle, u->ic->acc->user, |
---|
| 961 | u->ic->acc->prpl->name, 0, NULL, NULL, NULL); |
---|
| 962 | if(!ctx) { |
---|
| 963 | irc_usermsg(irc, "no otr context with %s", args[2]); |
---|
| 964 | return; |
---|
| 965 | } |
---|
| 966 | |
---|
| 967 | if(ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) { |
---|
| 968 | irc_usermsg(irc, "active otr connection with %s, terminate it first", args[2]); |
---|
| 969 | return; |
---|
| 970 | } |
---|
| 971 | |
---|
| 972 | s = g_strdup_printf("about to forget otr data about %s, are you sure?", args[2]); |
---|
[5f4eede] | 973 | query_add(irc, NULL, s, yes_forget_context, NULL, ctx); |
---|
[c595308] | 974 | } |
---|
| 975 | |
---|
| 976 | else if(!strcmp(args[1], "key")) |
---|
| 977 | { |
---|
[5f4eede] | 978 | OtrlPrivKey *key; |
---|
| 979 | char *s; |
---|
| 980 | |
---|
| 981 | key = match_privkey(irc, ((const char **)args)+2); |
---|
| 982 | if(!key) { |
---|
| 983 | /* match_privkey does error messages */ |
---|
| 984 | return; |
---|
| 985 | } |
---|
| 986 | |
---|
| 987 | /* TODO: Find out why 'otr forget key' barfs (cf. yes_forget_key) */ |
---|
| 988 | irc_usermsg(irc, "otr %s %s: not implemented, please edit \x02%s%s.otr_keys\x02 manually :-/", |
---|
| 989 | args[0], args[1], global.conf->configdir, irc->nick); |
---|
| 990 | return; |
---|
| 991 | |
---|
| 992 | s = g_strdup_printf("about to forget the private key for %s/%s, are you sure?", |
---|
| 993 | key->accountname, key->protocol); |
---|
| 994 | query_add(irc, NULL, s, yes_forget_key, NULL, key); |
---|
[c595308] | 995 | } |
---|
| 996 | |
---|
| 997 | else |
---|
| 998 | { |
---|
| 999 | irc_usermsg(irc, "otr %s: unknown subcommand \"%s\", see \x02help otr forget\x02", |
---|
| 1000 | args[0], args[1]); |
---|
| 1001 | } |
---|
| 1002 | } |
---|
| 1003 | |
---|
[764c7d1] | 1004 | |
---|
| 1005 | /*** local helpers / subroutines: ***/ |
---|
| 1006 | |
---|
| 1007 | /* Socialist Millionaires' Protocol */ |
---|
| 1008 | void otr_handle_smp(struct im_connection *ic, const char *handle, OtrlTLV *tlvs) |
---|
| 1009 | { |
---|
| 1010 | irc_t *irc = ic->irc; |
---|
| 1011 | OtrlUserState us = irc->otr_us; |
---|
| 1012 | OtrlMessageAppOps *ops = &global.otr_ops; |
---|
| 1013 | OtrlTLV *tlv = NULL; |
---|
| 1014 | ConnContext *context; |
---|
| 1015 | NextExpectedSMP nextMsg; |
---|
| 1016 | user_t *u; |
---|
| 1017 | |
---|
| 1018 | u = user_findhandle(ic, handle); |
---|
| 1019 | if(!u) return; |
---|
| 1020 | context = otrl_context_find(us, handle, |
---|
| 1021 | ic->acc->user, ic->acc->prpl->name, 1, NULL, NULL, NULL); |
---|
[3c80a9d] | 1022 | if(!context) { |
---|
| 1023 | /* huh? out of memory or what? */ |
---|
| 1024 | return; |
---|
| 1025 | } |
---|
[764c7d1] | 1026 | nextMsg = context->smstate->nextExpected; |
---|
| 1027 | |
---|
| 1028 | tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP1); |
---|
| 1029 | if (tlv) { |
---|
| 1030 | if (nextMsg != OTRL_SMP_EXPECT1) { |
---|
| 1031 | irc_usermsg(irc, "smp %s: spurious SMP1 received, aborting", u->nick); |
---|
| 1032 | otrl_message_abort_smp(us, ops, u->ic, context); |
---|
| 1033 | otrl_sm_state_free(context->smstate); |
---|
| 1034 | } else { |
---|
| 1035 | irc_usermsg(irc, "smp: initiated by %s" |
---|
| 1036 | " - respond with \x02otr smp %s <secret>\x02", |
---|
| 1037 | u->nick, u->nick); |
---|
| 1038 | /* smp stays in EXPECT1 until user responds */ |
---|
| 1039 | } |
---|
| 1040 | } |
---|
| 1041 | tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP2); |
---|
| 1042 | if (tlv) { |
---|
| 1043 | if (nextMsg != OTRL_SMP_EXPECT2) { |
---|
| 1044 | irc_usermsg(irc, "smp %s: spurious SMP2 received, aborting", u->nick); |
---|
| 1045 | otrl_message_abort_smp(us, ops, u->ic, context); |
---|
| 1046 | otrl_sm_state_free(context->smstate); |
---|
| 1047 | } else { |
---|
| 1048 | /* SMP2 received, otrl_message_receiving will have sent SMP3 */ |
---|
| 1049 | context->smstate->nextExpected = OTRL_SMP_EXPECT4; |
---|
| 1050 | } |
---|
| 1051 | } |
---|
| 1052 | tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP3); |
---|
| 1053 | if (tlv) { |
---|
| 1054 | if (nextMsg != OTRL_SMP_EXPECT3) { |
---|
| 1055 | irc_usermsg(irc, "smp %s: spurious SMP3 received, aborting", u->nick); |
---|
| 1056 | otrl_message_abort_smp(us, ops, u->ic, context); |
---|
| 1057 | otrl_sm_state_free(context->smstate); |
---|
| 1058 | } else { |
---|
| 1059 | /* SMP3 received, otrl_message_receiving will have sent SMP4 and set fp trust */ |
---|
| 1060 | const char *trust = context->active_fingerprint->trust; |
---|
| 1061 | if(!trust || trust[0]=='\0') { |
---|
| 1062 | irc_usermsg(irc, "smp %s: secrets did not match, fingerprint not trusted", |
---|
| 1063 | u->nick); |
---|
| 1064 | } else { |
---|
| 1065 | irc_usermsg(irc, "smp %s: secrets proved equal, fingerprint trusted", |
---|
| 1066 | u->nick); |
---|
| 1067 | } |
---|
| 1068 | otrl_sm_state_free(context->smstate); |
---|
| 1069 | /* smp is in back in EXPECT1 */ |
---|
| 1070 | } |
---|
| 1071 | } |
---|
| 1072 | tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP4); |
---|
| 1073 | if (tlv) { |
---|
| 1074 | if (nextMsg != OTRL_SMP_EXPECT4) { |
---|
| 1075 | irc_usermsg(irc, "smp %s: spurious SMP4 received, aborting", u->nick); |
---|
| 1076 | otrl_message_abort_smp(us, ops, u->ic, context); |
---|
| 1077 | otrl_sm_state_free(context->smstate); |
---|
| 1078 | } else { |
---|
| 1079 | /* SMP4 received, otrl_message_receiving will have set fp trust */ |
---|
| 1080 | const char *trust = context->active_fingerprint->trust; |
---|
| 1081 | if(!trust || trust[0]=='\0') { |
---|
| 1082 | irc_usermsg(irc, "smp %s: secrets did not match, fingerprint not trusted", |
---|
| 1083 | u->nick); |
---|
| 1084 | } else { |
---|
| 1085 | irc_usermsg(irc, "smp %s: secrets proved equal, fingerprint trusted", |
---|
| 1086 | u->nick); |
---|
| 1087 | } |
---|
| 1088 | otrl_sm_state_free(context->smstate); |
---|
| 1089 | /* smp is in back in EXPECT1 */ |
---|
| 1090 | } |
---|
| 1091 | } |
---|
| 1092 | tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP_ABORT); |
---|
| 1093 | if (tlv) { |
---|
| 1094 | irc_usermsg(irc, "smp: received abort from %s", u->nick); |
---|
| 1095 | otrl_sm_state_free(context->smstate); |
---|
| 1096 | /* smp is in back in EXPECT1 */ |
---|
| 1097 | } |
---|
| 1098 | } |
---|
| 1099 | |
---|
| 1100 | /* helper to assert that account and protocol names given to ops below always |
---|
| 1101 | match the im_connection passed through as opdata */ |
---|
| 1102 | struct im_connection *check_imc(void *opdata, const char *accountname, |
---|
| 1103 | const char *protocol) |
---|
| 1104 | { |
---|
| 1105 | struct im_connection *ic = (struct im_connection *)opdata; |
---|
| 1106 | |
---|
| 1107 | if (strcmp(accountname, ic->acc->user) != 0) { |
---|
| 1108 | log_message(LOGLVL_WARNING, |
---|
| 1109 | "otr: internal account name mismatch: '%s' vs '%s'", |
---|
| 1110 | accountname, ic->acc->user); |
---|
| 1111 | } |
---|
| 1112 | if (strcmp(protocol, ic->acc->prpl->name) != 0) { |
---|
| 1113 | log_message(LOGLVL_WARNING, |
---|
| 1114 | "otr: internal protocol name mismatch: '%s' vs '%s'", |
---|
| 1115 | protocol, ic->acc->prpl->name); |
---|
| 1116 | } |
---|
| 1117 | |
---|
| 1118 | return ic; |
---|
| 1119 | } |
---|
| 1120 | |
---|
[5a71d9c] | 1121 | user_t *peeruser(irc_t *irc, const char *handle, const char *protocol) |
---|
[764c7d1] | 1122 | { |
---|
| 1123 | user_t *u; |
---|
| 1124 | |
---|
[8521b02] | 1125 | log_message(LOGLVL_DEBUG, "peeruser '%s' '%s'", handle, protocol); |
---|
| 1126 | |
---|
[764c7d1] | 1127 | for(u=irc->users; u; u=u->next) { |
---|
| 1128 | struct prpl *prpl; |
---|
| 1129 | if(!u->ic || !u->handle) |
---|
[8521b02] | 1130 | continue; |
---|
[764c7d1] | 1131 | prpl = u->ic->acc->prpl; |
---|
| 1132 | if(strcmp(prpl->name, protocol) == 0 |
---|
| 1133 | && prpl->handle_cmp(u->handle, handle) == 0) { |
---|
[5a71d9c] | 1134 | return u; |
---|
[764c7d1] | 1135 | } |
---|
| 1136 | } |
---|
| 1137 | |
---|
[5a71d9c] | 1138 | return NULL; |
---|
| 1139 | } |
---|
| 1140 | |
---|
[8521b02] | 1141 | int hexval(char a) |
---|
| 1142 | { |
---|
| 1143 | int x=tolower(a); |
---|
| 1144 | |
---|
| 1145 | if(x>='a' && x<='f') |
---|
| 1146 | x = x - 'a' + 10; |
---|
| 1147 | else if(x>='0' && x<='9') |
---|
| 1148 | x = x - '0'; |
---|
| 1149 | else |
---|
| 1150 | return -1; |
---|
| 1151 | |
---|
| 1152 | return x; |
---|
| 1153 | } |
---|
| 1154 | |
---|
[5a71d9c] | 1155 | const char *peernick(irc_t *irc, const char *handle, const char *protocol) |
---|
| 1156 | { |
---|
| 1157 | static char fallback[512]; |
---|
| 1158 | |
---|
| 1159 | user_t *u = peeruser(irc, handle, protocol); |
---|
| 1160 | if(u) { |
---|
| 1161 | return u->nick; |
---|
| 1162 | } else { |
---|
| 1163 | g_snprintf(fallback, 511, "%s/%s", handle, protocol); |
---|
| 1164 | return fallback; |
---|
| 1165 | } |
---|
| 1166 | } |
---|
| 1167 | |
---|
| 1168 | int otr_update_modeflags(irc_t *irc, user_t *u) |
---|
| 1169 | { |
---|
[52e6e17] | 1170 | char *vb = set_getstr(&irc->set, "voice_buddies"); |
---|
| 1171 | char *hb = set_getstr(&irc->set, "halfop_buddies"); |
---|
| 1172 | char *ob = set_getstr(&irc->set, "op_buddies"); |
---|
| 1173 | int encrypted = u->encrypted; |
---|
| 1174 | int trusted = u->encrypted > 1; |
---|
| 1175 | char flags[7]; |
---|
[c595308] | 1176 | int nflags=0; |
---|
[52e6e17] | 1177 | char *p = flags; |
---|
[8c2b1c3] | 1178 | char *from; |
---|
[52e6e17] | 1179 | int i; |
---|
[5a71d9c] | 1180 | |
---|
[52e6e17] | 1181 | if(!strcmp(vb, "encrypted")) { |
---|
| 1182 | *(p++) = encrypted ? '+' : '-'; |
---|
| 1183 | *(p++) = 'v'; |
---|
| 1184 | nflags++; |
---|
| 1185 | } else if(!strcmp(vb, "trusted")) { |
---|
| 1186 | *(p++) = trusted ? '+' : '-'; |
---|
| 1187 | *(p++) = 'v'; |
---|
| 1188 | nflags++; |
---|
| 1189 | } |
---|
| 1190 | if(!strcmp(hb, "encrypted")) { |
---|
| 1191 | *(p++) = encrypted ? '+' : '-'; |
---|
| 1192 | *(p++) = 'h'; |
---|
| 1193 | nflags++; |
---|
| 1194 | } else if(!strcmp(hb, "trusted")) { |
---|
| 1195 | *(p++) = trusted ? '+' : '-'; |
---|
| 1196 | *(p++) = 'h'; |
---|
| 1197 | nflags++; |
---|
| 1198 | } |
---|
| 1199 | if(!strcmp(ob, "encrypted")) { |
---|
| 1200 | *(p++) = encrypted ? '+' : '-'; |
---|
| 1201 | *(p++) = 'o'; |
---|
| 1202 | nflags++; |
---|
| 1203 | } else if(!strcmp(ob, "trusted")) { |
---|
| 1204 | *(p++) = trusted ? '+' : '-'; |
---|
| 1205 | *(p++) = 'o'; |
---|
| 1206 | nflags++; |
---|
| 1207 | } |
---|
| 1208 | *p = '\0'; |
---|
[5a71d9c] | 1209 | |
---|
[52e6e17] | 1210 | p = g_malloc(nflags * (strlen(u->nick)+1) + 1); |
---|
| 1211 | *p = '\0'; |
---|
| 1212 | if(!p) |
---|
[5a71d9c] | 1213 | return 0; |
---|
[52e6e17] | 1214 | for(i=0; i<nflags; i++) { |
---|
| 1215 | strcat(p, " "); |
---|
| 1216 | strcat(p, u->nick); |
---|
[5a71d9c] | 1217 | } |
---|
[8c2b1c3] | 1218 | if(set_getbool(&irc->set, "simulate_netsplit")) |
---|
| 1219 | from = g_strdup(irc->myhost); |
---|
| 1220 | else |
---|
| 1221 | from = g_strdup_printf("%s!%s@%s", irc->mynick, irc->mynick, irc->myhost); |
---|
| 1222 | irc_write(irc, ":%s MODE %s %s%s", from, irc->channel, flags, p); |
---|
| 1223 | g_free(from); |
---|
[52e6e17] | 1224 | g_free(p); |
---|
[5a71d9c] | 1225 | |
---|
| 1226 | return 1; |
---|
[764c7d1] | 1227 | } |
---|
| 1228 | |
---|
| 1229 | void show_fingerprints(irc_t *irc, ConnContext *ctx) |
---|
| 1230 | { |
---|
| 1231 | char human[45]; |
---|
| 1232 | Fingerprint *fp; |
---|
| 1233 | const char *trust; |
---|
| 1234 | int count=0; |
---|
| 1235 | |
---|
| 1236 | for(fp=&ctx->fingerprint_root; fp; fp=fp->next) { |
---|
| 1237 | if(!fp->fingerprint) |
---|
| 1238 | continue; |
---|
| 1239 | count++; |
---|
| 1240 | otrl_privkey_hash_to_human(human, fp->fingerprint); |
---|
| 1241 | if(!fp->trust || fp->trust[0] == '\0') { |
---|
| 1242 | trust="untrusted"; |
---|
| 1243 | } else { |
---|
| 1244 | trust=fp->trust; |
---|
| 1245 | } |
---|
| 1246 | if(fp == ctx->active_fingerprint) { |
---|
[8521b02] | 1247 | irc_usermsg(irc, " \x02%s (%s)\x02", human, trust); |
---|
[764c7d1] | 1248 | } else { |
---|
[8521b02] | 1249 | irc_usermsg(irc, " %s (%s)", human, trust); |
---|
[764c7d1] | 1250 | } |
---|
| 1251 | } |
---|
| 1252 | if(count==0) |
---|
[8521b02] | 1253 | irc_usermsg(irc, " no fingerprints"); |
---|
| 1254 | } |
---|
| 1255 | |
---|
[c595308] | 1256 | Fingerprint *match_fingerprint(irc_t *irc, ConnContext *ctx, const char **args) |
---|
| 1257 | { |
---|
| 1258 | Fingerprint *fp, *fp2; |
---|
| 1259 | char human[45]; |
---|
| 1260 | char prefix[45], *p; |
---|
| 1261 | int n; |
---|
| 1262 | int i,j; |
---|
| 1263 | |
---|
| 1264 | /* assemble the args into a prefix in standard "human" form */ |
---|
| 1265 | n=0; |
---|
| 1266 | p=prefix; |
---|
| 1267 | for(i=0; args[i]; i++) { |
---|
| 1268 | for(j=0; args[i][j]; j++) { |
---|
| 1269 | char c = toupper(args[i][j]); |
---|
| 1270 | |
---|
| 1271 | if(n>=40) { |
---|
| 1272 | irc_usermsg(irc, "too many fingerprint digits given, expected at most 40"); |
---|
| 1273 | return NULL; |
---|
| 1274 | } |
---|
| 1275 | |
---|
| 1276 | if( (c>='A' && c<='F') || (c>='0' && c<='9') ) { |
---|
| 1277 | *(p++) = c; |
---|
| 1278 | } else { |
---|
| 1279 | irc_usermsg(irc, "invalid hex digit '%c' in block %d", args[i][j], i+1); |
---|
| 1280 | return NULL; |
---|
| 1281 | } |
---|
| 1282 | |
---|
| 1283 | n++; |
---|
| 1284 | if(n%8 == 0) |
---|
| 1285 | *(p++) = ' '; |
---|
| 1286 | } |
---|
| 1287 | } |
---|
| 1288 | *p = '\0'; |
---|
| 1289 | log_message(LOGLVL_DEBUG, "match_fingerprint '%s'", prefix); |
---|
| 1290 | log_message(LOGLVL_DEBUG, "n=%d strlen(prefix)=%d", n, strlen(prefix)); |
---|
| 1291 | |
---|
| 1292 | /* find first fingerprint with the given prefix */ |
---|
| 1293 | n = strlen(prefix); |
---|
| 1294 | for(fp=&ctx->fingerprint_root; fp; fp=fp->next) { |
---|
| 1295 | if(!fp->fingerprint) |
---|
| 1296 | continue; |
---|
| 1297 | otrl_privkey_hash_to_human(human, fp->fingerprint); |
---|
| 1298 | if(!strncmp(prefix, human, n)) |
---|
| 1299 | break; |
---|
| 1300 | } |
---|
| 1301 | if(!fp) { |
---|
| 1302 | irc_usermsg(irc, "%s: no match", prefix); |
---|
| 1303 | return NULL; |
---|
| 1304 | } |
---|
| 1305 | |
---|
| 1306 | /* make sure the match, if any, is unique */ |
---|
| 1307 | for(fp2=fp->next; fp2; fp2=fp2->next) { |
---|
| 1308 | if(!fp2->fingerprint) |
---|
| 1309 | continue; |
---|
| 1310 | otrl_privkey_hash_to_human(human, fp2->fingerprint); |
---|
| 1311 | if(!strncmp(prefix, human, n)) |
---|
| 1312 | break; |
---|
| 1313 | } |
---|
| 1314 | if(fp2) { |
---|
| 1315 | irc_usermsg(irc, "%s: multiple matches", prefix); |
---|
| 1316 | return NULL; |
---|
| 1317 | } |
---|
| 1318 | |
---|
| 1319 | return fp; |
---|
| 1320 | } |
---|
| 1321 | |
---|
[5f4eede] | 1322 | OtrlPrivKey *match_privkey(irc_t *irc, const char **args) |
---|
| 1323 | { |
---|
| 1324 | OtrlPrivKey *k, *k2; |
---|
| 1325 | char human[45]; |
---|
| 1326 | char prefix[45], *p; |
---|
| 1327 | int n; |
---|
| 1328 | int i,j; |
---|
| 1329 | |
---|
| 1330 | /* assemble the args into a prefix in standard "human" form */ |
---|
| 1331 | n=0; |
---|
| 1332 | p=prefix; |
---|
| 1333 | for(i=0; args[i]; i++) { |
---|
| 1334 | for(j=0; args[i][j]; j++) { |
---|
| 1335 | char c = toupper(args[i][j]); |
---|
| 1336 | |
---|
| 1337 | if(n>=40) { |
---|
| 1338 | irc_usermsg(irc, "too many fingerprint digits given, expected at most 40"); |
---|
| 1339 | return NULL; |
---|
| 1340 | } |
---|
| 1341 | |
---|
| 1342 | if( (c>='A' && c<='F') || (c>='0' && c<='9') ) { |
---|
| 1343 | *(p++) = c; |
---|
| 1344 | } else { |
---|
| 1345 | irc_usermsg(irc, "invalid hex digit '%c' in block %d", args[i][j], i+1); |
---|
| 1346 | return NULL; |
---|
| 1347 | } |
---|
| 1348 | |
---|
| 1349 | n++; |
---|
| 1350 | if(n%8 == 0) |
---|
| 1351 | *(p++) = ' '; |
---|
| 1352 | } |
---|
| 1353 | } |
---|
| 1354 | *p = '\0'; |
---|
| 1355 | log_message(LOGLVL_DEBUG, "match_privkey '%s'", prefix); |
---|
| 1356 | log_message(LOGLVL_DEBUG, "n=%d strlen(prefix)=%d", n, strlen(prefix)); |
---|
| 1357 | |
---|
| 1358 | /* find first key which matches the given prefix */ |
---|
| 1359 | n = strlen(prefix); |
---|
| 1360 | for(k=irc->otr_us->privkey_root; k; k=k->next) { |
---|
| 1361 | p = otrl_privkey_fingerprint(irc->otr_us, human, k->accountname, k->protocol); |
---|
| 1362 | if(!p) /* gah! :-P */ |
---|
| 1363 | continue; |
---|
| 1364 | if(!strncmp(prefix, human, n)) |
---|
| 1365 | break; |
---|
| 1366 | } |
---|
| 1367 | if(!k) { |
---|
| 1368 | irc_usermsg(irc, "%s: no match", prefix); |
---|
| 1369 | return NULL; |
---|
| 1370 | } |
---|
| 1371 | |
---|
| 1372 | /* make sure the match, if any, is unique */ |
---|
| 1373 | for(k2=k->next; k2; k2=k2->next) { |
---|
| 1374 | p = otrl_privkey_fingerprint(irc->otr_us, human, k2->accountname, k2->protocol); |
---|
| 1375 | if(!p) /* gah! :-P */ |
---|
| 1376 | continue; |
---|
| 1377 | if(!strncmp(prefix, human, n)) |
---|
| 1378 | break; |
---|
| 1379 | } |
---|
| 1380 | if(k2) { |
---|
| 1381 | irc_usermsg(irc, "%s: multiple matches", prefix); |
---|
| 1382 | return NULL; |
---|
| 1383 | } |
---|
| 1384 | |
---|
| 1385 | return k; |
---|
| 1386 | } |
---|
| 1387 | |
---|
[8521b02] | 1388 | void show_general_otr_info(irc_t *irc) |
---|
| 1389 | { |
---|
| 1390 | ConnContext *ctx; |
---|
| 1391 | OtrlPrivKey *key; |
---|
| 1392 | char human[45]; |
---|
| 1393 | |
---|
| 1394 | /* list all privkeys */ |
---|
| 1395 | irc_usermsg(irc, "\x1fprivate keys:\x1f"); |
---|
| 1396 | for(key=irc->otr_us->privkey_root; key; key=key->next) { |
---|
| 1397 | const char *hash; |
---|
| 1398 | |
---|
| 1399 | switch(key->pubkey_type) { |
---|
| 1400 | case OTRL_PUBKEY_TYPE_DSA: |
---|
| 1401 | irc_usermsg(irc, " %s/%s - DSA", key->accountname, key->protocol); |
---|
| 1402 | break; |
---|
| 1403 | default: |
---|
| 1404 | irc_usermsg(irc, " %s/%s - type %d", key->accountname, key->protocol, |
---|
| 1405 | key->pubkey_type); |
---|
| 1406 | } |
---|
| 1407 | |
---|
| 1408 | /* No, it doesn't make much sense to search for the privkey again by |
---|
| 1409 | account/protocol, but libotr currently doesn't provide a direct routine |
---|
| 1410 | for hashing a given 'OtrlPrivKey'... */ |
---|
| 1411 | hash = otrl_privkey_fingerprint(irc->otr_us, human, key->accountname, key->protocol); |
---|
| 1412 | if(hash) /* should always succeed */ |
---|
| 1413 | irc_usermsg(irc, " %s", human); |
---|
| 1414 | } |
---|
| 1415 | |
---|
| 1416 | /* list all contexts */ |
---|
| 1417 | irc_usermsg(irc, "%s", ""); |
---|
| 1418 | irc_usermsg(irc, "\x1f" "connection contexts:\x1f (bold=currently encrypted)"); |
---|
| 1419 | for(ctx=irc->otr_us->context_root; ctx; ctx=ctx->next) {\ |
---|
| 1420 | user_t *u; |
---|
| 1421 | char *userstring; |
---|
| 1422 | |
---|
| 1423 | u = peeruser(irc, ctx->username, ctx->protocol); |
---|
| 1424 | if(u) |
---|
| 1425 | userstring = g_strdup_printf("%s/%s/%s (%s)", |
---|
| 1426 | ctx->username, ctx->protocol, ctx->accountname, u->nick); |
---|
| 1427 | else |
---|
| 1428 | userstring = g_strdup_printf("%s/%s/%s", |
---|
| 1429 | ctx->username, ctx->protocol, ctx->accountname); |
---|
| 1430 | |
---|
| 1431 | if(ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) { |
---|
| 1432 | irc_usermsg(irc, " \x02%s\x02", userstring); |
---|
| 1433 | } else { |
---|
| 1434 | irc_usermsg(irc, " %s", userstring); |
---|
| 1435 | } |
---|
| 1436 | |
---|
| 1437 | g_free(userstring); |
---|
| 1438 | } |
---|
| 1439 | } |
---|
| 1440 | |
---|
| 1441 | void show_otr_context_info(irc_t *irc, ConnContext *ctx) |
---|
| 1442 | { |
---|
| 1443 | switch(ctx->otr_offer) { |
---|
| 1444 | case OFFER_NOT: |
---|
| 1445 | irc_usermsg(irc, " otr offer status: none sent"); |
---|
| 1446 | break; |
---|
| 1447 | case OFFER_SENT: |
---|
| 1448 | irc_usermsg(irc, " otr offer status: awaiting reply"); |
---|
| 1449 | break; |
---|
| 1450 | case OFFER_ACCEPTED: |
---|
| 1451 | irc_usermsg(irc, " otr offer status: accepted our offer"); |
---|
| 1452 | break; |
---|
| 1453 | case OFFER_REJECTED: |
---|
| 1454 | irc_usermsg(irc, " otr offer status: ignored our offer"); |
---|
| 1455 | break; |
---|
| 1456 | default: |
---|
| 1457 | irc_usermsg(irc, " otr offer status: %d", ctx->otr_offer); |
---|
| 1458 | } |
---|
| 1459 | |
---|
| 1460 | switch(ctx->msgstate) { |
---|
| 1461 | case OTRL_MSGSTATE_PLAINTEXT: |
---|
| 1462 | irc_usermsg(irc, " connection state: cleartext"); |
---|
| 1463 | break; |
---|
| 1464 | case OTRL_MSGSTATE_ENCRYPTED: |
---|
| 1465 | irc_usermsg(irc, " connection state: encrypted (v%d)", ctx->protocol_version); |
---|
| 1466 | break; |
---|
| 1467 | case OTRL_MSGSTATE_FINISHED: |
---|
| 1468 | irc_usermsg(irc, " connection state: shut down"); |
---|
| 1469 | break; |
---|
| 1470 | default: |
---|
| 1471 | irc_usermsg(irc, " connection state: %d", ctx->msgstate); |
---|
| 1472 | } |
---|
| 1473 | |
---|
[c595308] | 1474 | irc_usermsg(irc, " fingerprints: (bold=active)"); |
---|
[8521b02] | 1475 | show_fingerprints(irc, ctx); |
---|
[764c7d1] | 1476 | } |
---|
| 1477 | |
---|
| 1478 | void otr_keygen(irc_t *irc, const char *handle, const char *protocol) |
---|
| 1479 | { |
---|
| 1480 | GError *err; |
---|
| 1481 | GThread *thr; |
---|
| 1482 | struct kgdata *kg; |
---|
| 1483 | gint ev; |
---|
| 1484 | |
---|
[f3597a1] | 1485 | irc_usermsg(irc, "generating new private key for %s/%s...", handle, protocol); |
---|
| 1486 | |
---|
[764c7d1] | 1487 | kg = g_new0(struct kgdata, 1); |
---|
| 1488 | if(!kg) { |
---|
| 1489 | irc_usermsg(irc, "otr keygen failed: out of memory"); |
---|
| 1490 | return; |
---|
| 1491 | } |
---|
| 1492 | |
---|
| 1493 | /* Assemble the job description to be passed to thread and handler */ |
---|
| 1494 | kg->irc = irc; |
---|
| 1495 | kg->keyfile = g_strdup_printf("%s%s.otr_keys", global.conf->configdir, kg->irc->nick); |
---|
| 1496 | if(!kg->keyfile) { |
---|
| 1497 | irc_usermsg(irc, "otr keygen failed: out of memory"); |
---|
| 1498 | g_free(kg); |
---|
| 1499 | return; |
---|
| 1500 | } |
---|
| 1501 | kg->handle = handle; |
---|
| 1502 | kg->protocol = protocol; |
---|
| 1503 | kg->mutex = g_mutex_new(); |
---|
| 1504 | if(!kg->mutex) { |
---|
| 1505 | irc_usermsg(irc, "otr keygen failed: couldn't create mutex"); |
---|
| 1506 | g_free(kg->keyfile); |
---|
| 1507 | g_free(kg); |
---|
| 1508 | return; |
---|
| 1509 | } |
---|
[c595308] | 1510 | kg->done = 0; |
---|
[764c7d1] | 1511 | |
---|
| 1512 | /* Poll for completion of the thread periodically. I would have preferred |
---|
| 1513 | to just wait on a pipe but this way it's portable to Windows. *sigh* |
---|
| 1514 | */ |
---|
| 1515 | ev = b_timeout_add(1000, &keygen_finish_handler, kg); |
---|
| 1516 | if(!ev) { |
---|
| 1517 | irc_usermsg(irc, "otr keygen failed: couldn't register timeout"); |
---|
| 1518 | g_free(kg->keyfile); |
---|
| 1519 | g_mutex_free(kg->mutex); |
---|
| 1520 | g_free(kg); |
---|
| 1521 | return; |
---|
| 1522 | } |
---|
| 1523 | |
---|
| 1524 | thr = g_thread_create(&otr_keygen_thread_func, kg, FALSE, &err); |
---|
| 1525 | if(!thr) { |
---|
| 1526 | irc_usermsg(irc, "otr keygen failed: %s", err->message); |
---|
| 1527 | g_free(kg->keyfile); |
---|
| 1528 | g_mutex_free(kg->mutex); |
---|
| 1529 | g_free(kg); |
---|
| 1530 | b_event_remove(ev); |
---|
| 1531 | } |
---|
| 1532 | } |
---|
| 1533 | |
---|
| 1534 | gpointer otr_keygen_thread_func(gpointer data) |
---|
| 1535 | { |
---|
| 1536 | struct kgdata *kg = (struct kgdata *)data; |
---|
| 1537 | |
---|
| 1538 | /* lock OTR subsystem and do the work */ |
---|
[c595308] | 1539 | g_static_rec_mutex_lock(&kg->irc->otr_mutex); |
---|
[764c7d1] | 1540 | kg->result = otrl_privkey_generate(kg->irc->otr_us, kg->keyfile, kg->handle, |
---|
| 1541 | kg->protocol); |
---|
[ef93a2f] | 1542 | chmod(kg->keyfile, 0600); |
---|
[c595308] | 1543 | g_static_rec_mutex_unlock(&kg->irc->otr_mutex); |
---|
[764c7d1] | 1544 | /* OTR enabled again */ |
---|
| 1545 | |
---|
| 1546 | /* notify mainloop */ |
---|
| 1547 | g_mutex_lock(kg->mutex); |
---|
[c595308] | 1548 | kg->done = 1; |
---|
[764c7d1] | 1549 | g_mutex_unlock(kg->mutex); |
---|
| 1550 | |
---|
| 1551 | return NULL; |
---|
| 1552 | } |
---|
| 1553 | |
---|
| 1554 | gboolean keygen_finish_handler(gpointer data, gint fd, b_input_condition cond) |
---|
| 1555 | { |
---|
| 1556 | struct kgdata *kg = (struct kgdata *)data; |
---|
| 1557 | int done; |
---|
| 1558 | |
---|
| 1559 | g_mutex_lock(kg->mutex); |
---|
| 1560 | done = kg->done; |
---|
| 1561 | g_mutex_unlock(kg->mutex); |
---|
| 1562 | if(kg->done) { |
---|
| 1563 | if(kg->result) { |
---|
[3c80a9d] | 1564 | irc_usermsg(kg->irc, "otr keygen: %s", strerror(kg->result)); |
---|
[764c7d1] | 1565 | } else { |
---|
| 1566 | irc_usermsg(kg->irc, "otr keygen for %s/%s complete", kg->handle, kg->protocol); |
---|
| 1567 | } |
---|
| 1568 | g_free(kg->keyfile); |
---|
| 1569 | g_mutex_free(kg->mutex); |
---|
| 1570 | g_free(kg); |
---|
| 1571 | return FALSE; /* unregister timeout */ |
---|
| 1572 | } |
---|
| 1573 | |
---|
| 1574 | return TRUE; /* still working, continue checking */ |
---|
| 1575 | } |
---|
| 1576 | |
---|
| 1577 | void yes_keygen(gpointer w, void *data) |
---|
| 1578 | { |
---|
| 1579 | account_t *acc = (account_t *)data; |
---|
| 1580 | |
---|
| 1581 | otr_keygen(acc->irc, acc->user, acc->prpl->name); |
---|
| 1582 | } |
---|
| 1583 | |
---|
| 1584 | |
---|
| 1585 | #else /* WITH_OTR undefined */ |
---|
| 1586 | |
---|
| 1587 | void cmd_otr(irc_t *irc, char **args) |
---|
| 1588 | { |
---|
| 1589 | irc_usermsg(irc, "otr: n/a, compiled without OTR support"); |
---|
| 1590 | } |
---|
| 1591 | |
---|
| 1592 | #endif |
---|