Context Navigation

source: otr.c @ da44b08

Last change on this file since da44b08 was da44b08, checked in by unknown <pesco@…>, at 2011-09-30T04:32:32Z
don't put color code before leading /me when coloring otr messages
Property mode set to `100644`
File size: 49.8 KB

Line
1	/********************************************************************\
2	* BitlBee -- An IRC to other IM-networks gateway *
3	* *
4	* Copyright 2002-2010 Wilmer van der Gaast and others *
5	\********************************************************************/
6
7	/*
8	OTR support (cf. http://www.cypherpunks.ca/otr/)
9
10	(c) 2008-2011 Sven Moritz Hallberg <pesco@khjk.org>
11	(c) 2008 funded by stonedcoder.org
12
13	files used to store OTR data:
14	<configdir>/<nick>.otr_keys
15	<configdir>/<nick>.otr_fprints
16
17	top-level todos: (search for TODO for more ;-))
18	integrate otr_load/otr_save with existing storage backends
19	per-account policy settings
20	per-user policy settings
21	*/
22
23	/*
24	This program is free software; you can redistribute it and/or modify
25	it under the terms of the GNU General Public License as published by
26	the Free Software Foundation; either version 2 of the License, or
27	(at your option) any later version.
28
29	This program is distributed in the hope that it will be useful,
30	but WITHOUT ANY WARRANTY; without even the implied warranty of
31	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
32	GNU General Public License for more details.
33
34	You should have received a copy of the GNU General Public License with
35	the Debian GNU/Linux distribution in /usr/share/common-licenses/GPL;
36	if not, write to the Free Software Foundation, Inc., 59 Temple Place,
37	Suite 330, Boston, MA 02111-1307 USA
38	*/
39
40	#include "bitlbee.h"
41	#include "irc.h"
42	#include "otr.h"
43	#include <sys/types.h>
44	#include <sys/wait.h>
45	#include <unistd.h>
46	#include <assert.h>
47	#include <signal.h>
48
49
50	/ OTR interface routines for the OtrlMessageAppOps struct: /
51
52	OtrlPolicy op_policy(void opdata, ConnContext context);
53
54	void op_create_privkey(void opdata, const char accountname, const char *protocol);
55
56	int op_is_logged_in(void opdata, const char accountname, const char *protocol,
57	const char *recipient);
58
59	void op_inject_message(void opdata, const char accountname, const char *protocol,
60	const char recipient, const char message);
61
62	int op_display_otr_message(void opdata, const char accountname, const char *protocol,
63	const char username, const char msg);
64
65	void op_new_fingerprint(void opdata, OtrlUserState us, const char accountname,
66	const char protocol, const char username, unsigned char fingerprint[20]);
67
68	void op_write_fingerprints(void *opdata);
69
70	void op_gone_secure(void opdata, ConnContext context);
71
72	void op_gone_insecure(void opdata, ConnContext context);
73
74	void op_still_secure(void opdata, ConnContext context, int is_reply);
75
76	void op_log_message(void opdata, const char message);
77
78	int op_max_message_size(void opdata, ConnContext context);
79
80	const char op_account_name(void opdata, const char account, const char protocol);
81
82
83	/ otr sub-command handlers: /
84
85	static void cmd_otr(irc_t irc, char *args);
86	void cmd_otr_connect(irc_t irc, char *args);
87	void cmd_otr_disconnect(irc_t irc, char *args);
88	void cmd_otr_reconnect(irc_t irc, char *args);
89	void cmd_otr_smp(irc_t irc, char *args);
90	void cmd_otr_smpq(irc_t irc, char *args);
91	void cmd_otr_trust(irc_t irc, char *args);
92	void cmd_otr_info(irc_t irc, char *args);
93	void cmd_otr_keygen(irc_t irc, char *args);
94	void cmd_otr_forget(irc_t irc, char *args);
95
96	const command_t otr_commands[] = {
97	{ "connect", 1, &cmd_otr_connect, 0 },
98	{ "disconnect", 1, &cmd_otr_disconnect, 0 },
99	{ "reconnect", 1, &cmd_otr_reconnect, 0 },
100	{ "smp", 2, &cmd_otr_smp, 0 },
101	{ "smpq", 3, &cmd_otr_smpq, 0 },
102	{ "trust", 6, &cmd_otr_trust, 0 },
103	{ "info", 0, &cmd_otr_info, 0 },
104	{ "keygen", 1, &cmd_otr_keygen, 0 },
105	{ "forget", 2, &cmd_otr_forget, 0 },
106	{ NULL }
107	};
108
109	typedef struct {
110	void *fst;
111	void *snd;
112	} pair_t;
113
114	static OtrlMessageAppOps otr_ops; /* collects interface functions required by OTR */
115
116
117	/ misc. helpers/subroutines: /
118
119	/* check whether we are already generating a key for a given account */
120	int keygen_in_progress(irc_t irc, const char handle, const char *protocol);
121
122	/* start background process to generate a (new) key for a given account */
123	void otr_keygen(irc_t irc, const char handle, const char *protocol);
124
125	/* main function for the forked keygen slave */
126	void keygen_child_main(OtrlUserState us, int infd, int outfd);
127
128	/* mainloop handler for when a keygen finishes */
129	gboolean keygen_finish_handler(gpointer data, gint fd, b_input_condition cond);
130
131	/* copy the contents of file a to file b, overwriting it if it exists */
132	void copyfile(const char a, const char b);
133
134	/* read one line of input from a stream, excluding trailing newline */
135	void myfgets(char s, int size, FILE stream);
136
137	/* some yes/no handlers */
138	void yes_keygen(void *data);
139	void yes_forget_fingerprint(void *data);
140	void yes_forget_context(void *data);
141	void yes_forget_key(void *data);
142
143	/* helper to make sure accountname and protocol match the incoming "opdata" */
144	struct im_connection check_imc(void opdata, const char *accountname,
145	const char *protocol);
146
147	/* determine the nick for a given handle/protocol pair
148	returns "handle/protocol" if not found */
149	const char peernick(irc_t irc, const char handle, const char protocol);
150
151	/* turn a hexadecimal digit into its numerical value */
152	int hexval(char a);
153
154	/* determine the irc_user_t for a given handle/protocol pair
155	returns NULL if not found */
156	irc_user_t peeruser(irc_t irc, const char handle, const char protocol);
157
158	/* handle SMP TLVs from a received message */
159	void otr_handle_smp(struct im_connection ic, const char handle, OtrlTLV *tlvs);
160
161	/* combined handler for the 'otr smp' and 'otr smpq' commands */
162	void otr_smp_or_smpq(irc_t irc, const char nick, const char *question,
163	const char *secret);
164
165	/* update flags within the irc_user structure to reflect OTR status of context */
166	void otr_update_uflags(ConnContext context, irc_user_t u);
167
168	/* update op/voice flag of given user according to encryption state and settings
169	returns 0 if neither op_buddies nor voice_buddies is set to "encrypted",
170	i.e. msgstate should be announced seperately */
171	int otr_update_modeflags(irc_t irc, irc_user_t u);
172
173	/* show general info about the OTR subsystem; called by 'otr info' */
174	void show_general_otr_info(irc_t *irc);
175
176	/* show info about a given OTR context */
177	void show_otr_context_info(irc_t irc, ConnContext ctx);
178
179	/* show the list of fingerprints associated with a given context */
180	void show_fingerprints(irc_t irc, ConnContext ctx);
181
182	/* find a fingerprint by prefix (given as any number of hex strings) */
183	Fingerprint match_fingerprint(irc_t irc, ConnContext ctx, const char *args);
184
185	/* find a private key by fingerprint prefix (given as any number of hex strings) */
186	OtrlPrivKey match_privkey(irc_t irc, const char **args);
187
188	/* functions to be called for certain events */
189	static const struct irc_plugin otr_plugin;
190
191
192	/* routines declared in otr.h: */
193
194	#ifdef OTR_BI
195	#define init_plugin otr_init
196	#endif
197
198	void init_plugin(void)
199	{
200	OTRL_INIT;
201
202	/* fill global OtrlMessageAppOps */
203	otr_ops.policy = &op_policy;
204	otr_ops.create_privkey = &op_create_privkey;
205	otr_ops.is_logged_in = &op_is_logged_in;
206	otr_ops.inject_message = &op_inject_message;
207	otr_ops.notify = NULL;
208	otr_ops.display_otr_message = &op_display_otr_message;
209	otr_ops.update_context_list = NULL;
210	otr_ops.protocol_name = NULL;
211	otr_ops.protocol_name_free = NULL;
212	otr_ops.new_fingerprint = &op_new_fingerprint;
213	otr_ops.write_fingerprints = &op_write_fingerprints;
214	otr_ops.gone_secure = &op_gone_secure;
215	otr_ops.gone_insecure = &op_gone_insecure;
216	otr_ops.still_secure = &op_still_secure;
217	otr_ops.log_message = &op_log_message;
218	otr_ops.max_message_size = &op_max_message_size;
219	otr_ops.account_name = &op_account_name;
220	otr_ops.account_name_free = NULL;
221
222	root_command_add( "otr", 1, cmd_otr, 0 );
223	register_irc_plugin( &otr_plugin );
224	}
225
226	gboolean otr_irc_new(irc_t *irc)
227	{
228	set_t *s;
229	GSList *l;
230
231	irc->otr = g_new0(otr_t, 1);
232	irc->otr->us = otrl_userstate_create();
233
234	s = set_add( &irc->b->set, "otr_color_encrypted", "true", set_eval_bool, irc );
235
236	s = set_add( &irc->b->set, "otr_policy", "oppurtunistic", set_eval_list, irc );
237	l = g_slist_prepend( NULL, "never" );
238	l = g_slist_prepend( l, "opportunistic" );
239	l = g_slist_prepend( l, "manual" );
240	l = g_slist_prepend( l, "always" );
241	s->eval_data = l;
242
243	s = set_add( &irc->b->set, "otr_does_html", "true", set_eval_bool, irc );
244
245	return TRUE;
246	}
247
248	void otr_irc_free(irc_t *irc)
249	{
250	otr_t *otr = irc->otr;
251	otrl_userstate_free(otr->us);
252	if(otr->keygen) {
253	kill(otr->keygen, SIGTERM);
254	waitpid(otr->keygen, NULL, 0);
255	/* TODO: remove stale keygen tempfiles */
256	}
257	if(otr->to)
258	fclose(otr->to);
259	if(otr->from)
260	fclose(otr->from);
261	while(otr->todo) {
262	kg_t *p = otr->todo;
263	otr->todo = p->next;
264	g_free(p);
265	}
266	g_free(otr);
267	}
268
269	void otr_load(irc_t *irc)
270	{
271	char s[512];
272	account_t *a;
273	gcry_error_t e;
274	gcry_error_t enoent = gcry_error_from_errno(ENOENT);
275	int kg=0;
276
277	g_snprintf(s, 511, "%s%s.otr_keys", global.conf->configdir, irc->user->nick);
278	e = otrl_privkey_read(irc->otr->us, s);
279	if(e && e!=enoent) {
280	irc_usermsg(irc, "otr load: %s: %s", s, gcry_strerror(e));
281	}
282	g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, irc->user->nick);
283	e = otrl_privkey_read_fingerprints(irc->otr->us, s, NULL, NULL);
284	if(e && e!=enoent) {
285	irc_usermsg(irc, "otr load: %s: %s", s, gcry_strerror(e));
286	}
287
288	/* check for otr keys on all accounts */
289	for(a=irc->b->accounts; a; a=a->next) {
290	kg = otr_check_for_key(a) \|\| kg;
291	}
292	if(kg) {
293	irc_usermsg(irc, "Notice: "
294	"The accounts above do not have OTR encryption keys associated with them, yet. "
295	"These keys are now being generated in the background. "
296	"You will be notified as they are completed. "
297	"It is not necessary to wait; "
298	"BitlBee can be used normally during key generation. "
299	"You may safely ignore this message if you don't know what OTR is. ;)");
300	}
301	}
302
303	void otr_save(irc_t *irc)
304	{
305	char s[512];
306	gcry_error_t e;
307
308	g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, irc->user->nick);
309	e = otrl_privkey_write_fingerprints(irc->otr->us, s);
310	if(e) {
311	irc_usermsg(irc, "otr save: %s: %s", s, gcry_strerror(e));
312	}
313	chmod(s, 0600);
314	}
315
316	void otr_remove(const char *nick)
317	{
318	char s[512];
319
320	g_snprintf(s, 511, "%s%s.otr_keys", global.conf->configdir, nick);
321	unlink(s);
322	g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, nick);
323	unlink(s);
324	}
325
326	void otr_rename(const char onick, const char nnick)
327	{
328	char s[512], t[512];
329
330	g_snprintf(s, 511, "%s%s.otr_keys", global.conf->configdir, onick);
331	g_snprintf(t, 511, "%s%s.otr_keys", global.conf->configdir, nnick);
332	rename(s,t);
333	g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, onick);
334	g_snprintf(t, 511, "%s%s.otr_fprints", global.conf->configdir, nnick);
335	rename(s,t);
336	}
337
338	int otr_check_for_key(account_t *a)
339	{
340	irc_t *irc = a->bee->ui_data;
341	OtrlPrivKey *k;
342
343	/* don't do OTR on certain (not classic IM) protocols, e.g. twitter */
344	if(a->prpl->options & OPT_NOOTR) {
345	return 0;
346	}
347
348	k = otrl_privkey_find(irc->otr->us, a->user, a->prpl->name);
349	if(k) {
350	irc_usermsg(irc, "otr: %s/%s ready", a->user, a->prpl->name);
351	return 0;
352	} if(keygen_in_progress(irc, a->user, a->prpl->name)) {
353	irc_usermsg(irc, "otr: keygen for %s/%s already in progress", a->user, a->prpl->name);
354	return 0;
355	} else {
356	irc_usermsg(irc, "otr: starting background keygen for %s/%s", a->user, a->prpl->name);
357	otr_keygen(irc, a->user, a->prpl->name);
358	return 1;
359	}
360	}
361
362	char otr_filter_msg_in(irc_user_t iu, char *msg, int flags)
363	{
364	int ignore_msg;
365	char *newmsg = NULL;
366	OtrlTLV *tlvs = NULL;
367	irc_t *irc = iu->irc;
368	struct im_connection *ic = iu->bu->ic;
369
370	/* don't do OTR on certain (not classic IM) protocols, e.g. twitter */
371	if(ic->acc->prpl->options & OPT_NOOTR) {
372	return msg;
373	}
374
375	ignore_msg = otrl_message_receiving(irc->otr->us, &otr_ops, ic,
376	ic->acc->user, ic->acc->prpl->name, iu->bu->handle, msg, &newmsg,
377	&tlvs, NULL, NULL);
378
379	otr_handle_smp(ic, iu->bu->handle, tlvs);
380
381	if(ignore_msg) {
382	/* this was an internal OTR protocol message */
383	return NULL;
384	} else if(!newmsg) {
385	/* this was a non-OTR message */
386	return msg;
387	} else {
388	/* OTR has processed this message */
389	ConnContext *context = otrl_context_find(irc->otr->us, iu->bu->handle,
390	ic->acc->user, ic->acc->prpl->name, 0, NULL, NULL, NULL);
391
392	/* we're done with the original msg, which will be caller-freed. */
393	/* NB: must not change the newmsg pointer, since we free it. */
394	msg = newmsg;
395
396	if(context && context->msgstate == OTRL_MSGSTATE_ENCRYPTED) {
397	/* HTML decoding */
398	/* perform any necessary stripping that the top level would miss */
399	if(set_getbool(&ic->bee->set, "otr_does_html") &&
400	!(ic->flags & OPT_DOES_HTML) &&
401	set_getbool(&ic->bee->set, "strip_html")) {
402	strip_html(msg);
403	}
404
405	/* coloring */
406	if(set_getbool(&ic->bee->set, "otr_color_encrypted")) {
407	int color; /* color according to f'print trust */
408	char pre="", sep=""; /* optional parts */
409	const char *trust = context->active_fingerprint->trust;
410
411	if(trust && trust[0] != '\0')
412	color=3; /* green */
413	else
414	color=5; /* red */
415
416	/* keep "/me " uncolored at the beginning */
417	if (g_strncasecmp(msg, "/me ", 4) == 0) {
418	msg += 4; /* skip */
419	pre = "/me ";
420	}
421
422	/* comma in first place could mess with the color code */
423	if (msg[0] == ',') {
424	/* insert a space between color spec and message */
425	sep = " ";
426	}
427
428	msg = g_strdup_printf("%s\x03%.2d%s%s\x0F", pre,
429	color, sep, msg);
430	}
431	}
432
433	if(msg == newmsg) {
434	msg = g_strdup(newmsg);
435	}
436	otrl_message_free(newmsg);
437	return msg;
438	}
439	}
440
441	char otr_filter_msg_out(irc_user_t iu, char *msg, int flags)
442	{
443	int st;
444	char *otrmsg = NULL;
445	char emsg = msg; / the message as we hand it to libotr */
446	ConnContext *ctx = NULL;
447	irc_t *irc = iu->irc;
448	struct im_connection *ic = iu->bu->ic;
449
450	/* don't do OTR on certain (not classic IM) protocols, e.g. twitter */
451	if(ic->acc->prpl->options & OPT_NOOTR) {
452	return msg;
453	}
454
455	ctx = otrl_context_find(irc->otr->us,
456	iu->bu->handle, ic->acc->user, ic->acc->prpl->name,
457	1, NULL, NULL, NULL);
458
459	/* HTML encoding */
460	/* consider OTR plaintext to be HTML if otr_does_html is set */
461	if(ctx && ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED &&
462	set_getbool(&ic->bee->set, "otr_does_html") &&
463	(g_strncasecmp(msg, "<html>", 6) != 0)) {
464	emsg = escape_html(msg);
465	}
466
467	st = otrl_message_sending(irc->otr->us, &otr_ops, ic,
468	ic->acc->user, ic->acc->prpl->name, iu->bu->handle,
469	emsg, NULL, &otrmsg, NULL, NULL);
470	if(emsg != msg) {
471	g_free(emsg); /* we're done with this one */
472	}
473	if(st) {
474	return NULL;
475	}
476
477	if(otrmsg) {
478	if(!ctx) {
479	otrl_message_free(otrmsg);
480	return NULL;
481	}
482	st = otrl_message_fragment_and_send(&otr_ops, ic, ctx,
483	otrmsg, OTRL_FRAGMENT_SEND_ALL, NULL);
484	otrl_message_free(otrmsg);
485	} else {
486	/* note: otrl_message_sending handles policy, so that if REQUIRE_ENCRYPTION is set,
487	this case does not occur */
488	return msg;
489	}
490
491	/* TODO: Error reporting should be done here now (if st!=0), probably. */
492
493	return NULL;
494	}
495
496	static const struct irc_plugin otr_plugin =
497	{
498	otr_irc_new,
499	otr_irc_free,
500	otr_filter_msg_out,
501	otr_filter_msg_in,
502	otr_load,
503	otr_save,
504	otr_remove,
505	};
506
507	static void cmd_otr(irc_t irc, char *args)
508	{
509	const command_t *cmd;
510
511	if(!args[0])
512	return;
513
514	if(!args[1])
515	return;
516
517	for(cmd=otr_commands; cmd->command; cmd++) {
518	if(strcmp(cmd->command, args[1]) == 0)
519	break;
520	}
521
522	if(!cmd->command) {
523	irc_usermsg(irc, "%s: unknown subcommand \"%s\", see \x02help otr\x02",
524	args[0], args[1]);
525	return;
526	}
527
528	if(!args[cmd->required_parameters+1]) {
529	irc_usermsg(irc, "%s %s: not enough arguments (%d req.)",
530	args[0], args[1], cmd->required_parameters);
531	return;
532	}
533
534	cmd->execute(irc, args+1);
535	}
536
537
538	/* OTR "MessageAppOps" callbacks for global.otr_ui: */
539
540	OtrlPolicy op_policy(void opdata, ConnContext context)
541	{
542	struct im_connection *ic = check_imc(opdata, context->accountname, context->protocol);
543	irc_t *irc = ic->bee->ui_data;
544	const char *p;
545
546	/* policy override during keygen: if we're missing the key for context but are currently
547	generating it, then that's as much as we can do. => temporarily return NEVER. */
548	if(keygen_in_progress(irc, context->accountname, context->protocol) &&
549	!otrl_privkey_find(irc->otr->us, context->accountname, context->protocol))
550	return OTRL_POLICY_NEVER;
551
552	p = set_getstr(&ic->bee->set, "otr_policy");
553	if(!strcmp(p, "never"))
554	return OTRL_POLICY_NEVER;
555	if(!strcmp(p, "opportunistic"))
556	return OTRL_POLICY_OPPORTUNISTIC;
557	if(!strcmp(p, "manual"))
558	return OTRL_POLICY_MANUAL;
559	if(!strcmp(p, "always"))
560	return OTRL_POLICY_ALWAYS;
561
562	return OTRL_POLICY_OPPORTUNISTIC;
563	}
564
565	void op_create_privkey(void opdata, const char accountname,
566	const char *protocol)
567	{
568	struct im_connection *ic = check_imc(opdata, accountname, protocol);
569	irc_t *irc = ic->bee->ui_data;
570
571	/* will fail silently if keygen already in progress */
572	otr_keygen(irc, accountname, protocol);
573	}
574
575	int op_is_logged_in(void opdata, const char accountname,
576	const char protocol, const char recipient)
577	{
578	struct im_connection *ic = check_imc(opdata, accountname, protocol);
579	bee_user_t *bu;
580
581	/* lookup the irc_user_t for the given recipient */
582	bu = bee_user_by_handle(ic->bee, ic, recipient);
583	if(bu) {
584	if(bu->flags & BEE_USER_ONLINE)
585	return 1;
586	else
587	return 0;
588	} else {
589	return -1;
590	}
591	}
592
593	void op_inject_message(void opdata, const char accountname,
594	const char protocol, const char recipient, const char *message)
595	{
596	struct im_connection *ic = check_imc(opdata, accountname, protocol);
597	irc_t *irc = ic->bee->ui_data;
598
599	if (strcmp(accountname, recipient) == 0) {
600	/* huh? injecting messages to myself? */
601	irc_usermsg(irc, "note to self: %s", message);
602	} else {
603	/* need to drop some consts here :-( */
604	/* TODO: get flags into op_inject_message?! */
605	ic->acc->prpl->buddy_msg(ic, (char )recipient, (char )message, 0);
606	/* ignoring return value :-/ */
607	}
608	}
609
610	int op_display_otr_message(void opdata, const char accountname,
611	const char protocol, const char username, const char *message)
612	{
613	struct im_connection *ic = check_imc(opdata, accountname, protocol);
614	char *msg = g_strdup(message);
615	irc_t *irc = ic->bee->ui_data;
616
617	strip_html(msg);
618	irc_usermsg(irc, "otr: %s", msg);
619
620	g_free(msg);
621	return 0;
622	}
623
624	void op_new_fingerprint(void *opdata, OtrlUserState us,
625	const char accountname, const char protocol,
626	const char *username, unsigned char fingerprint[20])
627	{
628	struct im_connection *ic = check_imc(opdata, accountname, protocol);
629	irc_t *irc = ic->bee->ui_data;
630	char hunam[45]; /* anybody looking? ;-) */
631
632	otrl_privkey_hash_to_human(hunam, fingerprint);
633	irc_usermsg(irc, "new fingerprint for %s: %s",
634	peernick(irc, username, protocol), hunam);
635	}
636
637	void op_write_fingerprints(void *opdata)
638	{
639	struct im_connection ic = (struct im_connection )opdata;
640	irc_t *irc = ic->bee->ui_data;
641
642	otr_save(irc);
643	}
644
645	void op_gone_secure(void opdata, ConnContext context)
646	{
647	struct im_connection *ic =
648	check_imc(opdata, context->accountname, context->protocol);
649	irc_user_t *u;
650	irc_t *irc = ic->bee->ui_data;
651
652	u = peeruser(irc, context->username, context->protocol);
653	if(!u) {
654	log_message(LOGLVL_ERROR,
655	"BUG: otr.c: op_gone_secure: irc_user_t for %s/%s/%s not found!",
656	context->username, context->protocol, context->accountname);
657	return;
658	}
659
660	otr_update_uflags(context, u);
661	if(!otr_update_modeflags(irc, u)) {
662	char *trust = u->flags & IRC_USER_OTR_TRUSTED ? "trusted" : "untrusted!";
663	irc_usermsg(irc, "conversation with %s is now off the record (%s)", u->nick, trust);
664	}
665	}
666
667	void op_gone_insecure(void opdata, ConnContext context)
668	{
669	struct im_connection *ic =
670	check_imc(opdata, context->accountname, context->protocol);
671	irc_t *irc = ic->bee->ui_data;
672	irc_user_t *u;
673
674	u = peeruser(irc, context->username, context->protocol);
675	if(!u) {
676	log_message(LOGLVL_ERROR,
677	"BUG: otr.c: op_gone_insecure: irc_user_t for %s/%s/%s not found!",
678	context->username, context->protocol, context->accountname);
679	return;
680	}
681	otr_update_uflags(context, u);
682	if(!otr_update_modeflags(irc, u))
683	irc_usermsg(irc, "conversation with %s is now in the clear", u->nick);
684	}
685
686	void op_still_secure(void opdata, ConnContext context, int is_reply)
687	{
688	struct im_connection *ic =
689	check_imc(opdata, context->accountname, context->protocol);
690	irc_t *irc = ic->bee->ui_data;
691	irc_user_t *u;
692
693	u = peeruser(irc, context->username, context->protocol);
694	if(!u) {
695	log_message(LOGLVL_ERROR,
696	"BUG: otr.c: op_still_secure: irc_user_t for %s/%s/%s not found!",
697	context->username, context->protocol, context->accountname);
698	return;
699	}
700
701	otr_update_uflags(context, u);
702	if(!otr_update_modeflags(irc, u)) {
703	char *trust = u->flags & IRC_USER_OTR_TRUSTED ? "trusted" : "untrusted!";
704	irc_usermsg(irc, "otr connection with %s has been refreshed (%s)", u->nick, trust);
705	}
706	}
707
708	void op_log_message(void opdata, const char message)
709	{
710	char *msg = g_strdup(message);
711
712	strip_html(msg);
713	log_message(LOGLVL_INFO, "otr: %s", msg);
714	g_free(msg);
715	}
716
717	int op_max_message_size(void opdata, ConnContext context)
718	{
719	struct im_connection *ic =
720	check_imc(opdata, context->accountname, context->protocol);
721
722	return ic->acc->prpl->mms;
723	}
724
725	const char op_account_name(void opdata, const char account, const char protocol)
726	{
727	struct im_connection ic = (struct im_connection )opdata;
728	irc_t *irc = ic->bee->ui_data;
729
730	return peernick(irc, account, protocol);
731	}
732
733
734	/* OTR sub-command handlers */
735
736	void cmd_otr_reconnect(irc_t irc, char *args)
737	{
738	cmd_otr_disconnect(irc, args);
739	cmd_otr_connect(irc, args);
740	}
741
742	void cmd_otr_disconnect(irc_t irc, char *args)
743	{
744	irc_user_t *u;
745
746	u = irc_user_by_name(irc, args[1]);
747	if(!u \|\| !u->bu \|\| !u->bu->ic) {
748	irc_usermsg(irc, "%s: unknown user", args[1]);
749	return;
750	}
751
752	otrl_message_disconnect(irc->otr->us, &otr_ops,
753	u->bu->ic, u->bu->ic->acc->user, u->bu->ic->acc->prpl->name, u->bu->handle);
754
755	/* for some reason, libotr (3.1.0) doesn't do this itself: */
756	if(u->flags & IRC_USER_OTR_ENCRYPTED) {
757	ConnContext *ctx;
758	ctx = otrl_context_find(irc->otr->us, u->bu->handle, u->bu->ic->acc->user,
759	u->bu->ic->acc->prpl->name, 0, NULL, NULL, NULL);
760	if(ctx)
761	op_gone_insecure(u->bu->ic, ctx);
762	else /* huh? */
763	u->flags &= ( IRC_USER_OTR_ENCRYPTED \| IRC_USER_OTR_TRUSTED );
764	}
765	}
766
767	void cmd_otr_connect(irc_t irc, char *args)
768	{
769	irc_user_t *u;
770
771	u = irc_user_by_name(irc, args[1]);
772	if(!u \|\| !u->bu \|\| !u->bu->ic) {
773	irc_usermsg(irc, "%s: unknown user", args[1]);
774	return;
775	}
776	if(!(u->bu->flags & BEE_USER_ONLINE)) {
777	irc_usermsg(irc, "%s is offline", args[1]);
778	return;
779	}
780
781	bee_user_msg(irc->b, u->bu, "?OTR?v2?", 0);
782	}
783
784	void cmd_otr_smp(irc_t irc, char *args)
785	{
786	otr_smp_or_smpq(irc, args[1], NULL, args[2]); /* no question */
787	}
788
789	void cmd_otr_smpq(irc_t irc, char *args)
790	{
791	otr_smp_or_smpq(irc, args[1], args[2], args[3]);
792	}
793
794	void cmd_otr_trust(irc_t irc, char *args)
795	{
796	irc_user_t *u;
797	ConnContext *ctx;
798	unsigned char raw[20];
799	Fingerprint *fp;
800	int i,j;
801
802	u = irc_user_by_name(irc, args[1]);
803	if(!u \|\| !u->bu \|\| !u->bu->ic) {
804	irc_usermsg(irc, "%s: unknown user", args[1]);
805	return;
806	}
807
808	ctx = otrl_context_find(irc->otr->us, u->bu->handle,
809	u->bu->ic->acc->user, u->bu->ic->acc->prpl->name, 0, NULL, NULL, NULL);
810	if(!ctx) {
811	irc_usermsg(irc, "%s: no otr context with user", args[1]);
812	return;
813	}
814
815	/* convert given fingerprint to raw representation */
816	for(i=0; i<5; i++) {
817	for(j=0; j<4; j++) {
818	char p = args[2+i]+(2j);
819	char *q = p+1;
820	int x, y;
821
822	if(!p \|\| !q) {
823	irc_usermsg(irc, "failed: truncated fingerprint block %d", i+1);
824	return;
825	}
826
827	x = hexval(*p);
828	y = hexval(*q);
829	if(x<0) {
830	irc_usermsg(irc, "failed: %d. hex digit of block %d out of range", 2*j+1, i+1);
831	return;
832	}
833	if(y<0) {
834	irc_usermsg(irc, "failed: %d. hex digit of block %d out of range", 2*j+2, i+1);
835	return;
836	}
837
838	raw[i4+j] = x16 + y;
839	}
840	}
841	fp = otrl_context_find_fingerprint(ctx, raw, 0, NULL);
842	if(!fp) {
843	irc_usermsg(irc, "failed: no such fingerprint for %s", args[1]);
844	} else {
845	char *trust = args[7] ? args[7] : "affirmed";
846	otrl_context_set_trust(fp, trust);
847	irc_usermsg(irc, "fingerprint match, trust set to \"%s\"", trust);
848	if(u->flags & IRC_USER_OTR_ENCRYPTED)
849	u->flags \|= IRC_USER_OTR_TRUSTED;
850	otr_update_modeflags(irc, u);
851	}
852	}
853
854	void cmd_otr_info(irc_t irc, char *args)
855	{
856	if(!args[1]) {
857	show_general_otr_info(irc);
858	} else {
859	char *arg = g_strdup(args[1]);
860	char myhandle, handle=NULL, *protocol;
861	ConnContext *ctx;
862
863	/* interpret arg as 'user/protocol/account' if possible */
864	protocol = strchr(arg, '/');
865	myhandle = NULL;
866	if(protocol) {
867	*(protocol++) = '\0';
868	myhandle = strchr(protocol, '/');
869	}
870	if(protocol && myhandle) {
871	*(myhandle++) = '\0';
872	handle = arg;
873	ctx = otrl_context_find(irc->otr->us, handle, myhandle, protocol, 0, NULL, NULL, NULL);
874	if(!ctx) {
875	irc_usermsg(irc, "no such context");
876	g_free(arg);
877	return;
878	}
879	} else {
880	irc_user_t *u = irc_user_by_name(irc, args[1]);
881	if(!u \|\| !u->bu \|\| !u->bu->ic) {
882	irc_usermsg(irc, "%s: unknown user", args[1]);
883	g_free(arg);
884	return;
885	}
886	ctx = otrl_context_find(irc->otr->us, u->bu->handle, u->bu->ic->acc->user,
887	u->bu->ic->acc->prpl->name, 0, NULL, NULL, NULL);
888	if(!ctx) {
889	irc_usermsg(irc, "no otr context with %s", args[1]);
890	g_free(arg);
891	return;
892	}
893	}
894
895	/* show how we resolved the (nick) argument, if we did */
896	if(handle!=arg) {
897	irc_usermsg(irc, "%s is %s/%s; we are %s/%s to them", args[1],
898	ctx->username, ctx->protocol, ctx->accountname, ctx->protocol);
899	}
900	show_otr_context_info(irc, ctx);
901	g_free(arg);
902	}
903	}
904
905	void cmd_otr_keygen(irc_t irc, char *args)
906	{
907	int i, n;
908	account_t *a;
909
910	n = atoi(args[1]);
911	if(n<0 \|\| (!n && strcmp(args[1], "0"))) {
912	irc_usermsg(irc, "%s: invalid account number", args[1]);
913	return;
914	}
915
916	a = irc->b->accounts;
917	for(i=0; i<n && a; i++, a=a->next);
918	if(!a) {
919	irc_usermsg(irc, "%s: no such account", args[1]);
920	return;
921	}
922
923	if(keygen_in_progress(irc, a->user, a->prpl->name)) {
924	irc_usermsg(irc, "keygen for account %d already in progress", n);
925	return;
926	}
927
928	if(otrl_privkey_find(irc->otr->us, a->user, a->prpl->name)) {
929	char *s = g_strdup_printf("account %d already has a key, replace it?", n);
930	query_add(irc, NULL, s, yes_keygen, NULL, NULL, a);
931	g_free(s);
932	} else {
933	otr_keygen(irc, a->user, a->prpl->name);
934	}
935	}
936
937	void yes_forget_fingerprint(void *data)
938	{
939	pair_t p = (pair_t )data;
940	irc_t irc = (irc_t )p->fst;
941	Fingerprint fp = (Fingerprint )p->snd;
942
943	g_free(p);
944
945	if(fp == fp->context->active_fingerprint) {
946	irc_usermsg(irc, "that fingerprint is active, terminate otr connection first");
947	return;
948	}
949
950	otrl_context_forget_fingerprint(fp, 0);
951	}
952
953	void yes_forget_context(void *data)
954	{
955	pair_t p = (pair_t )data;
956	irc_t irc = (irc_t )p->fst;
957	ConnContext ctx = (ConnContext )p->snd;
958
959	g_free(p);
960
961	if(ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) {
962	irc_usermsg(irc, "active otr connection with %s, terminate it first",
963	peernick(irc, ctx->username, ctx->protocol));
964	return;
965	}
966
967	if(ctx->msgstate == OTRL_MSGSTATE_FINISHED)
968	otrl_context_force_plaintext(ctx);
969	otrl_context_forget(ctx);
970	}
971
972	void yes_forget_key(void *data)
973	{
974	OtrlPrivKey key = (OtrlPrivKey )data;
975
976	otrl_privkey_forget(key);
977	/* Hm, libotr doesn't seem to offer a function for explicitly /writing/
978	keyfiles. So the key will be back on the next load... */
979	/* TODO: Actually erase forgotten keys from storage? */
980	}
981
982	void cmd_otr_forget(irc_t irc, char *args)
983	{
984	if(!strcmp(args[1], "fingerprint"))
985	{
986	irc_user_t *u;
987	ConnContext *ctx;
988	Fingerprint *fp;
989	char human[54];
990	char *s;
991	pair_t *p;
992
993	if(!args[3]) {
994	irc_usermsg(irc, "otr %s %s: not enough arguments (2 req.)", args[0], args[1]);
995	return;
996	}
997
998	/* TODO: allow context specs ("user/proto/account") in 'otr forget fingerprint'? */
999	u = irc_user_by_name(irc, args[2]);
1000	if(!u \|\| !u->bu \|\| !u->bu->ic) {
1001	irc_usermsg(irc, "%s: unknown user", args[2]);
1002	return;
1003	}
1004
1005	ctx = otrl_context_find(irc->otr->us, u->bu->handle, u->bu->ic->acc->user,
1006	u->bu->ic->acc->prpl->name, 0, NULL, NULL, NULL);
1007	if(!ctx) {
1008	irc_usermsg(irc, "no otr context with %s", args[2]);
1009	return;
1010	}
1011
1012	fp = match_fingerprint(irc, ctx, ((const char **)args)+3);
1013	if(!fp) {
1014	/* match_fingerprint does error messages */
1015	return;
1016	}
1017
1018	if(fp == ctx->active_fingerprint) {
1019	irc_usermsg(irc, "that fingerprint is active, terminate otr connection first");
1020	return;
1021	}
1022
1023	otrl_privkey_hash_to_human(human, fp->fingerprint);
1024	s = g_strdup_printf("about to forget fingerprint %s, are you sure?", human);
1025	p = g_malloc(sizeof(pair_t));
1026	if(!p)
1027	return;
1028	p->fst = irc;
1029	p->snd = fp;
1030	query_add(irc, NULL, s, yes_forget_fingerprint, NULL, NULL, p);
1031	g_free(s);
1032	}
1033
1034	else if(!strcmp(args[1], "context"))
1035	{
1036	irc_user_t *u;
1037	ConnContext *ctx;
1038	char *s;
1039	pair_t *p;
1040
1041	/* TODO: allow context specs ("user/proto/account") in 'otr forget contex'? */
1042	u = irc_user_by_name(irc, args[2]);
1043	if(!u \|\| !u->bu \|\| !u->bu->ic) {
1044	irc_usermsg(irc, "%s: unknown user", args[2]);
1045	return;
1046	}
1047
1048	ctx = otrl_context_find(irc->otr->us, u->bu->handle, u->bu->ic->acc->user,
1049	u->bu->ic->acc->prpl->name, 0, NULL, NULL, NULL);
1050	if(!ctx) {
1051	irc_usermsg(irc, "no otr context with %s", args[2]);
1052	return;
1053	}
1054
1055	if(ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) {
1056	irc_usermsg(irc, "active otr connection with %s, terminate it first", args[2]);
1057	return;
1058	}
1059
1060	s = g_strdup_printf("about to forget otr data about %s, are you sure?", args[2]);
1061	p = g_malloc(sizeof(pair_t));
1062	if(!p)
1063	return;
1064	p->fst = irc;
1065	p->snd = ctx;
1066	query_add(irc, NULL, s, yes_forget_context, NULL, NULL, p);
1067	g_free(s);
1068	}
1069
1070	else if(!strcmp(args[1], "key"))
1071	{
1072	OtrlPrivKey *key;
1073	char *s;
1074
1075	key = match_privkey(irc, ((const char **)args)+2);
1076	if(!key) {
1077	/* match_privkey does error messages */
1078	return;
1079	}
1080
1081	s = g_strdup_printf("about to forget the private key for %s/%s, are you sure?",
1082	key->accountname, key->protocol);
1083	query_add(irc, NULL, s, yes_forget_key, NULL, NULL, key);
1084	g_free(s);
1085	}
1086
1087	else
1088	{
1089	irc_usermsg(irc, "otr %s: unknown subcommand \"%s\", see \x02help otr forget\x02",
1090	args[0], args[1]);
1091	}
1092	}
1093
1094
1095	/* local helpers / subroutines: */
1096
1097	/* Socialist Millionaires' Protocol */
1098	void otr_handle_smp(struct im_connection ic, const char handle, OtrlTLV *tlvs)
1099	{
1100	irc_t *irc = ic->bee->ui_data;
1101	OtrlUserState us = irc->otr->us;
1102	OtrlMessageAppOps *ops = &otr_ops;
1103	OtrlTLV *tlv = NULL;
1104	ConnContext *context;
1105	NextExpectedSMP nextMsg;
1106	irc_user_t *u;
1107	bee_user_t *bu;
1108
1109	bu = bee_user_by_handle(ic->bee, ic, handle);
1110	if(!bu \|\| !(u = bu->ui_data)) return;
1111	context = otrl_context_find(us, handle,
1112	ic->acc->user, ic->acc->prpl->name, 1, NULL, NULL, NULL);
1113	if(!context) {
1114	/* huh? out of memory or what? */
1115	irc_usermsg(irc, "smp: failed to get otr context for %s", u->nick);
1116	otrl_message_abort_smp(us, ops, u->bu->ic, context);
1117	otrl_sm_state_free(context->smstate);
1118	return;
1119	}
1120	nextMsg = context->smstate->nextExpected;
1121
1122	if (context->smstate->sm_prog_state == OTRL_SMP_PROG_CHEATED) {
1123	irc_usermsg(irc, "smp %s: opponent violated protocol, aborting",
1124	u->nick);
1125	otrl_message_abort_smp(us, ops, u->bu->ic, context);
1126	otrl_sm_state_free(context->smstate);
1127	return;
1128	}
1129
1130	tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP1Q);
1131	if (tlv) {
1132	if (nextMsg != OTRL_SMP_EXPECT1) {
1133	irc_usermsg(irc, "smp %s: spurious SMP1Q received, aborting", u->nick);
1134	otrl_message_abort_smp(us, ops, u->bu->ic, context);
1135	otrl_sm_state_free(context->smstate);
1136	} else {
1137	char question = g_strndup((char )tlv->data, tlv->len);
1138	irc_usermsg(irc, "smp: initiated by %s with question: \x02\"%s\"\x02", u->nick,
1139	question);
1140	irc_usermsg(irc, "smp: respond with \x02otr smp %s <answer>\x02",
1141	u->nick);
1142	g_free(question);
1143	/* smp stays in EXPECT1 until user responds */
1144	}
1145	}
1146	tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP1);
1147	if (tlv) {
1148	if (nextMsg != OTRL_SMP_EXPECT1) {
1149	irc_usermsg(irc, "smp %s: spurious SMP1 received, aborting", u->nick);
1150	otrl_message_abort_smp(us, ops, u->bu->ic, context);
1151	otrl_sm_state_free(context->smstate);
1152	} else {
1153	irc_usermsg(irc, "smp: initiated by %s"
1154	" - respond with \x02otr smp %s <secret>\x02",
1155	u->nick, u->nick);
1156	/* smp stays in EXPECT1 until user responds */
1157	}
1158	}
1159	tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP2);
1160	if (tlv) {
1161	if (nextMsg != OTRL_SMP_EXPECT2) {
1162	irc_usermsg(irc, "smp %s: spurious SMP2 received, aborting", u->nick);
1163	otrl_message_abort_smp(us, ops, u->bu->ic, context);
1164	otrl_sm_state_free(context->smstate);
1165	} else {
1166	/* SMP2 received, otrl_message_receiving will have sent SMP3 */
1167	context->smstate->nextExpected = OTRL_SMP_EXPECT4;
1168	}
1169	}
1170	tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP3);
1171	if (tlv) {
1172	if (nextMsg != OTRL_SMP_EXPECT3) {
1173	irc_usermsg(irc, "smp %s: spurious SMP3 received, aborting", u->nick);
1174	otrl_message_abort_smp(us, ops, u->bu->ic, context);
1175	otrl_sm_state_free(context->smstate);
1176	} else {
1177	/* SMP3 received, otrl_message_receiving will have sent SMP4 */
1178	if(context->smstate->sm_prog_state == OTRL_SMP_PROG_SUCCEEDED) {
1179	if(context->smstate->received_question) {
1180	irc_usermsg(irc, "smp %s: correct answer, you are trusted",
1181	u->nick);
1182	} else {
1183	irc_usermsg(irc, "smp %s: secrets proved equal, fingerprint trusted",
1184	u->nick);
1185	}
1186	} else {
1187	if(context->smstate->received_question) {
1188	irc_usermsg(irc, "smp %s: wrong answer, you are not trusted",
1189	u->nick);
1190	} else {
1191	irc_usermsg(irc, "smp %s: secrets did not match, fingerprint not trusted",
1192	u->nick);
1193	}
1194	}
1195	otrl_sm_state_free(context->smstate);
1196	/* smp is in back in EXPECT1 */
1197	}
1198	}
1199	tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP4);
1200	if (tlv) {
1201	if (nextMsg != OTRL_SMP_EXPECT4) {
1202	irc_usermsg(irc, "smp %s: spurious SMP4 received, aborting", u->nick);
1203	otrl_message_abort_smp(us, ops, u->bu->ic, context);
1204	otrl_sm_state_free(context->smstate);
1205	} else {
1206	/* SMP4 received, otrl_message_receiving will have set fp trust */
1207	if(context->smstate->sm_prog_state == OTRL_SMP_PROG_SUCCEEDED) {
1208	irc_usermsg(irc, "smp %s: secrets proved equal, fingerprint trusted",
1209	u->nick);
1210	} else {
1211	irc_usermsg(irc, "smp %s: secrets did not match, fingerprint not trusted",
1212	u->nick);
1213	}
1214	otrl_sm_state_free(context->smstate);
1215	/* smp is in back in EXPECT1 */
1216	}
1217	}
1218	tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP_ABORT);
1219	if (tlv) {
1220	irc_usermsg(irc, "smp: received abort from %s", u->nick);
1221	otrl_sm_state_free(context->smstate);
1222	/* smp is in back in EXPECT1 */
1223	}
1224	}
1225
1226	/* combined handler for the 'otr smp' and 'otr smpq' commands */
1227	void otr_smp_or_smpq(irc_t irc, const char nick, const char *question,
1228	const char *secret)
1229	{
1230	irc_user_t *u;
1231	ConnContext *ctx;
1232
1233	u = irc_user_by_name(irc, nick);
1234	if(!u \|\| !u->bu \|\| !u->bu->ic) {
1235	irc_usermsg(irc, "%s: unknown user", nick);
1236	return;
1237	}
1238	if(!(u->bu->flags & BEE_USER_ONLINE)) {
1239	irc_usermsg(irc, "%s is offline", nick);
1240	return;
1241	}
1242
1243	ctx = otrl_context_find(irc->otr->us, u->bu->handle,
1244	u->bu->ic->acc->user, u->bu->ic->acc->prpl->name, 0, NULL, NULL, NULL);
1245	if(!ctx \|\| ctx->msgstate != OTRL_MSGSTATE_ENCRYPTED) {
1246	irc_usermsg(irc, "smp: otr inactive with %s, try \x02otr connect"
1247	" %s\x02", nick, nick);
1248	return;
1249	}
1250
1251	if(ctx->smstate->nextExpected != OTRL_SMP_EXPECT1) {
1252	log_message(LOGLVL_INFO,
1253	"SMP already in phase %d, sending abort before reinitiating",
1254	ctx->smstate->nextExpected+1);
1255	otrl_message_abort_smp(irc->otr->us, &otr_ops, u->bu->ic, ctx);
1256	otrl_sm_state_free(ctx->smstate);
1257	}
1258
1259	if(question) {
1260	/* this was 'otr smpq', just initiate */
1261	irc_usermsg(irc, "smp: initiating with %s...", u->nick);
1262	otrl_message_initiate_smp_q(irc->otr->us, &otr_ops, u->bu->ic, ctx,
1263	question, (unsigned char *)secret, strlen(secret));
1264	/* smp is now in EXPECT2 */
1265	} else {
1266	/* this was 'otr smp', initiate or reply */
1267	/* warning: the following assumes that smstates are cleared whenever an SMP
1268	is completed or aborted! */
1269	if(ctx->smstate->secret == NULL) {
1270	irc_usermsg(irc, "smp: initiating with %s...", u->nick);
1271	otrl_message_initiate_smp(irc->otr->us, &otr_ops,
1272	u->bu->ic, ctx, (unsigned char *)secret, strlen(secret));
1273	/* smp is now in EXPECT2 */
1274	} else {
1275	/* if we're still in EXPECT1 but smstate is initialized, we must have
1276	received the SMP1, so let's issue a response */
1277	irc_usermsg(irc, "smp: responding to %s...", u->nick);
1278	otrl_message_respond_smp(irc->otr->us, &otr_ops,
1279	u->bu->ic, ctx, (unsigned char *)secret, strlen(secret));
1280	/* smp is now in EXPECT3 */
1281	}
1282	}
1283	}
1284
1285	/* helper to assert that account and protocol names given to ops below always
1286	match the im_connection passed through as opdata */
1287	struct im_connection check_imc(void opdata, const char *accountname,
1288	const char *protocol)
1289	{
1290	struct im_connection ic = (struct im_connection )opdata;
1291
1292	if (strcmp(accountname, ic->acc->user) != 0) {
1293	log_message(LOGLVL_WARNING,
1294	"otr: internal account name mismatch: '%s' vs '%s'",
1295	accountname, ic->acc->user);
1296	}
1297	if (strcmp(protocol, ic->acc->prpl->name) != 0) {
1298	log_message(LOGLVL_WARNING,
1299	"otr: internal protocol name mismatch: '%s' vs '%s'",
1300	protocol, ic->acc->prpl->name);
1301	}
1302
1303	return ic;
1304	}
1305
1306	irc_user_t peeruser(irc_t irc, const char handle, const char protocol)
1307	{
1308	GSList *l;
1309
1310	for(l=irc->b->users; l; l = l->next) {
1311	bee_user_t *bu = l->data;
1312	struct prpl *prpl;
1313	if(!bu->ui_data \|\| !bu->ic \|\| !bu->handle)
1314	continue;
1315	prpl = bu->ic->acc->prpl;
1316	if(strcmp(prpl->name, protocol) == 0
1317	&& prpl->handle_cmp(bu->handle, handle) == 0) {
1318	return bu->ui_data;
1319	}
1320	}
1321
1322	return NULL;
1323	}
1324
1325	int hexval(char a)
1326	{
1327	int x=tolower(a);
1328
1329	if(x>='a' && x<='f')
1330	x = x - 'a' + 10;
1331	else if(x>='0' && x<='9')
1332	x = x - '0';
1333	else
1334	return -1;
1335
1336	return x;
1337	}
1338
1339	const char peernick(irc_t irc, const char handle, const char protocol)
1340	{
1341	static char fallback[512];
1342
1343	irc_user_t *u = peeruser(irc, handle, protocol);
1344	if(u) {
1345	return u->nick;
1346	} else {
1347	g_snprintf(fallback, 511, "%s/%s", handle, protocol);
1348	return fallback;
1349	}
1350	}
1351
1352	void otr_update_uflags(ConnContext context, irc_user_t u)
1353	{
1354	const char *trust;
1355
1356	if(context->active_fingerprint) {
1357	u->flags \|= IRC_USER_OTR_ENCRYPTED;
1358
1359	trust = context->active_fingerprint->trust;
1360	if(trust && trust[0])
1361	u->flags \|= IRC_USER_OTR_TRUSTED;
1362	else
1363	u->flags &= ~IRC_USER_OTR_TRUSTED;
1364	} else {
1365	u->flags &= ~IRC_USER_OTR_ENCRYPTED;
1366	}
1367	}
1368
1369	int otr_update_modeflags(irc_t irc, irc_user_t u)
1370	{
1371	return 0;
1372	}
1373
1374	void show_fingerprints(irc_t irc, ConnContext ctx)
1375	{
1376	char human[45];
1377	Fingerprint *fp;
1378	const char *trust;
1379	int count=0;
1380
1381	for(fp=&ctx->fingerprint_root; fp; fp=fp->next) {
1382	if(!fp->fingerprint)
1383	continue;
1384	count++;
1385	otrl_privkey_hash_to_human(human, fp->fingerprint);
1386	if(!fp->trust \|\| fp->trust[0] == '\0') {
1387	trust="untrusted";
1388	} else {
1389	trust=fp->trust;
1390	}
1391	if(fp == ctx->active_fingerprint) {
1392	irc_usermsg(irc, " \x02%s (%s)\x02", human, trust);
1393	} else {
1394	irc_usermsg(irc, " %s (%s)", human, trust);
1395	}
1396	}
1397	if(count==0)
1398	irc_usermsg(irc, " (none)");
1399	}
1400
1401	Fingerprint match_fingerprint(irc_t irc, ConnContext ctx, const char *args)
1402	{
1403	Fingerprint fp, fp2;
1404	char human[45];
1405	char prefix[45], *p;
1406	int n;
1407	int i,j;
1408
1409	/* assemble the args into a prefix in standard "human" form */
1410	n=0;
1411	p=prefix;
1412	for(i=0; args[i]; i++) {
1413	for(j=0; args[i][j]; j++) {
1414	char c = toupper(args[i][j]);
1415
1416	if(n>=40) {
1417	irc_usermsg(irc, "too many fingerprint digits given, expected at most 40");
1418	return NULL;
1419	}
1420
1421	if( (c>='A' && c<='F') \|\| (c>='0' && c<='9') ) {
1422	*(p++) = c;
1423	} else {
1424	irc_usermsg(irc, "invalid hex digit '%c' in block %d", args[i][j], i+1);
1425	return NULL;
1426	}
1427
1428	n++;
1429	if(n%8 == 0)
1430	*(p++) = ' ';
1431	}
1432	}
1433	*p = '\0';
1434
1435	/* find first fingerprint with the given prefix */
1436	n = strlen(prefix);
1437	for(fp=&ctx->fingerprint_root; fp; fp=fp->next) {
1438	if(!fp->fingerprint)
1439	continue;
1440	otrl_privkey_hash_to_human(human, fp->fingerprint);
1441	if(!strncmp(prefix, human, n))
1442	break;
1443	}
1444	if(!fp) {
1445	irc_usermsg(irc, "%s: no match", prefix);
1446	return NULL;
1447	}
1448
1449	/* make sure the match, if any, is unique */
1450	for(fp2=fp->next; fp2; fp2=fp2->next) {
1451	if(!fp2->fingerprint)
1452	continue;
1453	otrl_privkey_hash_to_human(human, fp2->fingerprint);
1454	if(!strncmp(prefix, human, n))
1455	break;
1456	}
1457	if(fp2) {
1458	irc_usermsg(irc, "%s: multiple matches", prefix);
1459	return NULL;
1460	}
1461
1462	return fp;
1463	}
1464
1465	OtrlPrivKey match_privkey(irc_t irc, const char **args)
1466	{
1467	OtrlPrivKey k, k2;
1468	char human[45];
1469	char prefix[45], *p;
1470	int n;
1471	int i,j;
1472
1473	/* assemble the args into a prefix in standard "human" form */
1474	n=0;
1475	p=prefix;
1476	for(i=0; args[i]; i++) {
1477	for(j=0; args[i][j]; j++) {
1478	char c = toupper(args[i][j]);
1479
1480	if(n>=40) {
1481	irc_usermsg(irc, "too many fingerprint digits given, expected at most 40");
1482	return NULL;
1483	}
1484
1485	if( (c>='A' && c<='F') \|\| (c>='0' && c<='9') ) {
1486	*(p++) = c;
1487	} else {
1488	irc_usermsg(irc, "invalid hex digit '%c' in block %d", args[i][j], i+1);
1489	return NULL;
1490	}
1491
1492	n++;
1493	if(n%8 == 0)
1494	*(p++) = ' ';
1495	}
1496	}
1497	*p = '\0';
1498
1499	/* find first key which matches the given prefix */
1500	n = strlen(prefix);
1501	for(k=irc->otr->us->privkey_root; k; k=k->next) {
1502	p = otrl_privkey_fingerprint(irc->otr->us, human, k->accountname, k->protocol);
1503	if(!p) /* gah! :-P */
1504	continue;
1505	if(!strncmp(prefix, human, n))
1506	break;
1507	}
1508	if(!k) {
1509	irc_usermsg(irc, "%s: no match", prefix);
1510	return NULL;
1511	}
1512
1513	/* make sure the match, if any, is unique */
1514	for(k2=k->next; k2; k2=k2->next) {
1515	p = otrl_privkey_fingerprint(irc->otr->us, human, k2->accountname, k2->protocol);
1516	if(!p) /* gah! :-P */
1517	continue;
1518	if(!strncmp(prefix, human, n))
1519	break;
1520	}
1521	if(k2) {
1522	irc_usermsg(irc, "%s: multiple matches", prefix);
1523	return NULL;
1524	}
1525
1526	return k;
1527	}
1528
1529	void show_general_otr_info(irc_t *irc)
1530	{
1531	ConnContext *ctx;
1532	OtrlPrivKey *key;
1533	char human[45];
1534	kg_t *kg;
1535
1536	/* list all privkeys (including ones being generated) */
1537	irc_usermsg(irc, "\x1fprivate keys:\x1f");
1538	for(key=irc->otr->us->privkey_root; key; key=key->next) {
1539	const char *hash;
1540
1541	switch(key->pubkey_type) {
1542	case OTRL_PUBKEY_TYPE_DSA:
1543	irc_usermsg(irc, " %s/%s - DSA", key->accountname, key->protocol);
1544	break;
1545	default:
1546	irc_usermsg(irc, " %s/%s - type %d", key->accountname, key->protocol,
1547	key->pubkey_type);
1548	}
1549
1550	/* No, it doesn't make much sense to search for the privkey again by
1551	account/protocol, but libotr currently doesn't provide a direct routine
1552	for hashing a given 'OtrlPrivKey'... */
1553	hash = otrl_privkey_fingerprint(irc->otr->us, human, key->accountname, key->protocol);
1554	if(hash) /* should always succeed */
1555	irc_usermsg(irc, " %s", human);
1556	}
1557	if(irc->otr->sent_accountname) {
1558	irc_usermsg(irc, " %s/%s - DSA", irc->otr->sent_accountname,
1559	irc->otr->sent_protocol);
1560	irc_usermsg(irc, " (being generated)");
1561	}
1562	for(kg=irc->otr->todo; kg; kg=kg->next) {
1563	irc_usermsg(irc, " %s/%s - DSA", kg->accountname, kg->protocol);
1564	irc_usermsg(irc, " (queued)");
1565	}
1566	if(key == irc->otr->us->privkey_root &&
1567	!irc->otr->sent_accountname &&
1568	kg == irc->otr->todo)
1569	irc_usermsg(irc, " (none)");
1570
1571	/* list all contexts */
1572	irc_usermsg(irc, "%s", "");
1573	irc_usermsg(irc, "\x1f" "connection contexts:\x1f (bold=currently encrypted)");
1574	for(ctx=irc->otr->us->context_root; ctx; ctx=ctx->next) {\
1575	irc_user_t *u;
1576	char *userstring;
1577
1578	u = peeruser(irc, ctx->username, ctx->protocol);
1579	if(u)
1580	userstring = g_strdup_printf("%s/%s/%s (%s)",
1581	ctx->username, ctx->protocol, ctx->accountname, u->nick);
1582	else
1583	userstring = g_strdup_printf("%s/%s/%s",
1584	ctx->username, ctx->protocol, ctx->accountname);
1585
1586	if(ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) {
1587	irc_usermsg(irc, " \x02%s\x02", userstring);
1588	} else {
1589	irc_usermsg(irc, " %s", userstring);
1590	}
1591
1592	g_free(userstring);
1593	}
1594	if(ctx == irc->otr->us->context_root)
1595	irc_usermsg(irc, " (none)");
1596	}
1597
1598	void show_otr_context_info(irc_t irc, ConnContext ctx)
1599	{
1600	switch(ctx->otr_offer) {
1601	case OFFER_NOT:
1602	irc_usermsg(irc, " otr offer status: none sent");
1603	break;
1604	case OFFER_SENT:
1605	irc_usermsg(irc, " otr offer status: awaiting reply");
1606	break;
1607	case OFFER_ACCEPTED:
1608	irc_usermsg(irc, " otr offer status: accepted our offer");
1609	break;
1610	case OFFER_REJECTED:
1611	irc_usermsg(irc, " otr offer status: ignored our offer");
1612	break;
1613	default:
1614	irc_usermsg(irc, " otr offer status: %d", ctx->otr_offer);
1615	}
1616
1617	switch(ctx->msgstate) {
1618	case OTRL_MSGSTATE_PLAINTEXT:
1619	irc_usermsg(irc, " connection state: cleartext");
1620	break;
1621	case OTRL_MSGSTATE_ENCRYPTED:
1622	irc_usermsg(irc, " connection state: encrypted (v%d)", ctx->protocol_version);
1623	break;
1624	case OTRL_MSGSTATE_FINISHED:
1625	irc_usermsg(irc, " connection state: shut down");
1626	break;
1627	default:
1628	irc_usermsg(irc, " connection state: %d", ctx->msgstate);
1629	}
1630
1631	irc_usermsg(irc, " fingerprints: (bold=active)");
1632	show_fingerprints(irc, ctx);
1633	}
1634
1635	int keygen_in_progress(irc_t irc, const char handle, const char *protocol)
1636	{
1637	kg_t *kg;
1638
1639	if(!irc->otr->sent_accountname \|\| !irc->otr->sent_protocol)
1640	return 0;
1641
1642	/* are we currently working on this key? */
1643	if(!strcmp(handle, irc->otr->sent_accountname) &&
1644	!strcmp(protocol, irc->otr->sent_protocol))
1645	return 1;
1646
1647	/* do we have it queued for later? */
1648	for(kg=irc->otr->todo; kg; kg=kg->next) {
1649	if(!strcmp(handle, kg->accountname) &&
1650	!strcmp(protocol, kg->protocol))
1651	return 1;
1652	}
1653
1654	return 0;
1655	}
1656
1657	void otr_keygen(irc_t irc, const char handle, const char *protocol)
1658	{
1659	/* do nothing if a key for the requested account is already being generated */
1660	if(keygen_in_progress(irc, handle, protocol))
1661	return;
1662
1663	/* see if we already have a keygen child running. if not, start one and put a
1664	handler on its output. */
1665	if(!irc->otr->keygen \|\| waitpid(irc->otr->keygen, NULL, WNOHANG)) {
1666	pid_t p;
1667	int to[2], from[2];
1668	FILE tof, fromf;
1669
1670	if(pipe(to) < 0 \|\| pipe(from) < 0) {
1671	irc_usermsg(irc, "otr keygen: couldn't create pipe: %s", strerror(errno));
1672	return;
1673	}
1674
1675	tof = fdopen(to[1], "w");
1676	fromf = fdopen(from[0], "r");
1677	if(!tof \|\| !fromf) {
1678	irc_usermsg(irc, "otr keygen: couldn't streamify pipe: %s", strerror(errno));
1679	return;
1680	}
1681
1682	p = fork();
1683	if(p<0) {
1684	irc_usermsg(irc, "otr keygen: couldn't fork: %s", strerror(errno));
1685	return;
1686	}
1687
1688	if(!p) {
1689	/* child process */
1690	signal(SIGTERM, exit);
1691	keygen_child_main(irc->otr->us, to[0], from[1]);
1692	exit(0);
1693	}
1694
1695	irc->otr->keygen = p;
1696	irc->otr->to = tof;
1697	irc->otr->from = fromf;
1698	irc->otr->sent_accountname = NULL;
1699	irc->otr->sent_protocol = NULL;
1700	irc->otr->todo = NULL;
1701	b_input_add(from[0], B_EV_IO_READ, keygen_finish_handler, irc);
1702	}
1703
1704	/* is the keygen slave currently working? */
1705	if(irc->otr->sent_accountname) {
1706	/* enqueue our job for later transmission */
1707	kg_t **kg = &irc->otr->todo;
1708	while(*kg)
1709	kg=&((*kg)->next);
1710	*kg = g_new0(kg_t, 1);
1711	(*kg)->accountname = g_strdup(handle);
1712	(*kg)->protocol = g_strdup(protocol);
1713	} else {
1714	/* send our job over and remember it */
1715	fprintf(irc->otr->to, "%s\n%s\n", handle, protocol);
1716	fflush(irc->otr->to);
1717	irc->otr->sent_accountname = g_strdup(handle);
1718	irc->otr->sent_protocol = g_strdup(protocol);
1719	}
1720	}
1721
1722	void keygen_child_main(OtrlUserState us, int infd, int outfd)
1723	{
1724	FILE input, output;
1725	char filename[128], accountname[512], protocol[512];
1726	gcry_error_t e;
1727	int tempfd;
1728
1729	input = fdopen(infd, "r");
1730	output = fdopen(outfd, "w");
1731
1732	while(!feof(input) && !ferror(input) && !feof(output) && !ferror(output)) {
1733	myfgets(accountname, 512, input);
1734	myfgets(protocol, 512, input);
1735
1736	strncpy(filename, "/tmp/bitlbee-XXXXXX", 128);
1737	tempfd = mkstemp(filename);
1738	close(tempfd);
1739
1740	e = otrl_privkey_generate(us, filename, accountname, protocol);
1741	if(e) {
1742	fprintf(output, "\n"); /* this means failure */
1743	fprintf(output, "otr keygen: %s\n", gcry_strerror(e));
1744	unlink(filename);
1745	} else {
1746	fprintf(output, "%s\n", filename);
1747	fprintf(output, "otr keygen for %s/%s complete\n", accountname, protocol);
1748	}
1749	fflush(output);
1750	}
1751
1752	fclose(input);
1753	fclose(output);
1754	}
1755
1756	gboolean keygen_finish_handler(gpointer data, gint fd, b_input_condition cond)
1757	{
1758	irc_t irc = (irc_t )data;
1759	char filename[512], msg[512];
1760
1761	myfgets(filename, 512, irc->otr->from);
1762	myfgets(msg, 512, irc->otr->from);
1763
1764	irc_usermsg(irc, "%s", msg);
1765	if(filename[0]) {
1766	char *kf = g_strdup_printf("%s%s.otr_keys", global.conf->configdir, irc->user->nick);
1767	char *tmp = g_strdup_printf("%s.new", kf);
1768	copyfile(filename, tmp);
1769	unlink(filename);
1770	rename(tmp,kf);
1771	otrl_privkey_read(irc->otr->us, kf);
1772	g_free(kf);
1773	g_free(tmp);
1774	}
1775
1776	/* forget this job */
1777	g_free(irc->otr->sent_accountname);
1778	g_free(irc->otr->sent_protocol);
1779	irc->otr->sent_accountname = NULL;
1780	irc->otr->sent_protocol = NULL;
1781
1782	/* see if there are any more in the queue */
1783	if(irc->otr->todo) {
1784	kg_t *p = irc->otr->todo;
1785	/* send the next one over */
1786	fprintf(irc->otr->to, "%s\n%s\n", p->accountname, p->protocol);
1787	fflush(irc->otr->to);
1788	irc->otr->sent_accountname = p->accountname;
1789	irc->otr->sent_protocol = p->protocol;
1790	irc->otr->todo = p->next;
1791	g_free(p);
1792	return TRUE; /* keep watching */
1793	} else {
1794	/* okay, the slave is idle now, so kill him */
1795	fclose(irc->otr->from);
1796	fclose(irc->otr->to);
1797	irc->otr->from = irc->otr->to = NULL;
1798	kill(irc->otr->keygen, SIGTERM);
1799	waitpid(irc->otr->keygen, NULL, 0);
1800	irc->otr->keygen = 0;
1801	return FALSE; /* unregister ourselves */
1802	}
1803	}
1804
1805	void copyfile(const char a, const char b)
1806	{
1807	int fda, fdb;
1808	int n;
1809	char buf[1024];
1810
1811	fda = open(a, O_RDONLY);
1812	fdb = open(b, O_WRONLY \| O_CREAT \| O_TRUNC, 0600);
1813
1814	while((n=read(fda, buf, 1024)) > 0)
1815	write(fdb, buf, n);
1816
1817	close(fda);
1818	close(fdb);
1819	}
1820
1821	void myfgets(char s, int size, FILE stream)
1822	{
1823	if(!fgets(s, size, stream)) {
1824	s[0] = '\0';
1825	} else {
1826	int n = strlen(s);
1827	if(n>0 && s[n-1] == '\n')
1828	s[n-1] = '\0';
1829	}
1830	}
1831
1832	void yes_keygen(void *data)
1833	{
1834	account_t acc = (account_t )data;
1835	irc_t *irc = acc->bee->ui_data;
1836
1837	if(keygen_in_progress(irc, acc->user, acc->prpl->name)) {
1838	irc_usermsg(irc, "keygen for %s/%s already in progress",
1839	acc->user, acc->prpl->name);
1840	} else {
1841	irc_usermsg(irc, "starting background keygen for %s/%s",
1842	acc->user, acc->prpl->name);
1843	irc_usermsg(irc, "you will be notified when it completes");
1844	otr_keygen(irc, acc->user, acc->prpl->name);
1845	}
1846	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: