Context Navigation

source: otr.c @ 3f81999

Last change on this file since 3f81999 was fc34fb5, checked in by Sven Moritz Hallberg <pesco@…>, at 2009-03-13T11:31:47Z
dont specify a background when coloring encrypted messages
Property mode set to `100644`
File size: 44.9 KB

Line
1	/********************************************************************\
2	* BitlBee -- An IRC to other IM-networks gateway *
3	* *
4	* Copyright 2002-2008 Wilmer van der Gaast and others *
5	\********************************************************************/
6
7	/*
8	OTR support (cf. http://www.cypherpunks.ca/otr/)
9
10	2008, Sven Moritz Hallberg <pesco@khjk.org>
11	(c) and funded by stonedcoder.org
12
13	files used to store OTR data:
14	<configdir>/<nick>.otr_keys
15	<configdir>/<nick>.otr_fprints
16
17	top-level todos: (search for TODO for more ;-))
18	integrate otr_load/otr_save with existing storage backends
19	per-account policy settings
20	per-user policy settings
21	*/
22
23	/*
24	This program is free software; you can redistribute it and/or modify
25	it under the terms of the GNU General Public License as published by
26	the Free Software Foundation; either version 2 of the License, or
27	(at your option) any later version.
28
29	This program is distributed in the hope that it will be useful,
30	but WITHOUT ANY WARRANTY; without even the implied warranty of
31	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
32	GNU General Public License for more details.
33
34	You should have received a copy of the GNU General Public License with
35	the Debian GNU/Linux distribution in /usr/share/common-licenses/GPL;
36	if not, write to the Free Software Foundation, Inc., 59 Temple Place,
37	Suite 330, Boston, MA 02111-1307 USA
38	*/
39
40	#include "bitlbee.h"
41	#ifdef WITH_OTR
42	#include "irc.h"
43	#include "otr.h"
44	#include <sys/types.h>
45	#include <sys/wait.h>
46	#include <unistd.h>
47	#include <assert.h>
48	#include <signal.h>
49
50
51	/ OTR interface routines for the OtrlMessageAppOps struct: /
52
53	OtrlPolicy op_policy(void opdata, ConnContext context);
54
55	void op_create_privkey(void opdata, const char accountname, const char *protocol);
56
57	int op_is_logged_in(void opdata, const char accountname, const char *protocol,
58	const char *recipient);
59
60	void op_inject_message(void opdata, const char accountname, const char *protocol,
61	const char recipient, const char message);
62
63	int op_display_otr_message(void opdata, const char accountname, const char *protocol,
64	const char username, const char msg);
65
66	void op_new_fingerprint(void opdata, OtrlUserState us, const char accountname,
67	const char protocol, const char username, unsigned char fingerprint[20]);
68
69	void op_write_fingerprints(void *opdata);
70
71	void op_gone_secure(void opdata, ConnContext context);
72
73	void op_gone_insecure(void opdata, ConnContext context);
74
75	void op_still_secure(void opdata, ConnContext context, int is_reply);
76
77	void op_log_message(void opdata, const char message);
78
79	int op_max_message_size(void opdata, ConnContext context);
80
81	const char op_account_name(void opdata, const char account, const char protocol);
82
83
84	/ otr sub-command handlers: /
85
86	void cmd_otr_connect(irc_t irc, char *args);
87	void cmd_otr_disconnect(irc_t irc, char *args);
88	void cmd_otr_smp(irc_t irc, char *args);
89	void cmd_otr_trust(irc_t irc, char *args);
90	void cmd_otr_info(irc_t irc, char *args);
91	void cmd_otr_keygen(irc_t irc, char *args);
92	void cmd_otr_forget(irc_t irc, char *args);
93
94	const command_t otr_commands[] = {
95	{ "connect", 1, &cmd_otr_connect, 0 },
96	{ "disconnect", 1, &cmd_otr_disconnect, 0 },
97	{ "smp", 2, &cmd_otr_smp, 0 },
98	{ "trust", 6, &cmd_otr_trust, 0 },
99	{ "info", 0, &cmd_otr_info, 0 },
100	{ "keygen", 1, &cmd_otr_keygen, 0 },
101	{ "forget", 2, &cmd_otr_forget, 0 },
102	{ NULL }
103	};
104
105	typedef struct {
106	void *fst;
107	void *snd;
108	} pair_t;
109
110
111	/ misc. helpers/subroutines: /
112
113	/* check whether we are already generating a key for a given account */
114	int keygen_in_progress(irc_t irc, const char handle, const char *protocol);
115
116	/* start background process to generate a (new) key for a given account */
117	void otr_keygen(irc_t irc, const char handle, const char *protocol);
118
119	/* main function for the forked keygen slave */
120	void keygen_child_main(OtrlUserState us, int infd, int outfd);
121
122	/* mainloop handler for when a keygen finishes */
123	gboolean keygen_finish_handler(gpointer data, gint fd, b_input_condition cond);
124
125	/* copy the contents of file a to file b, overwriting it if it exists */
126	void copyfile(const char a, const char b);
127
128	/* read one line of input from a stream, excluding trailing newline */
129	void myfgets(char s, int size, FILE stream);
130
131	/* some yes/no handlers */
132	void yes_keygen(void *data);
133	void yes_forget_fingerprint(void *data);
134	void yes_forget_context(void *data);
135	void yes_forget_key(void *data);
136
137	/* helper to make sure accountname and protocol match the incoming "opdata" */
138	struct im_connection check_imc(void opdata, const char *accountname,
139	const char *protocol);
140
141	/* determine the nick for a given handle/protocol pair
142	returns "handle/protocol" if not found */
143	const char peernick(irc_t irc, const char handle, const char protocol);
144
145	/* turn a hexadecimal digit into its numerical value */
146	int hexval(char a);
147
148	/* determine the user_t for a given handle/protocol pair
149	returns NULL if not found */
150	user_t peeruser(irc_t irc, const char handle, const char protocol);
151
152	/* handle SMP TLVs from a received message */
153	void otr_handle_smp(struct im_connection ic, const char handle, OtrlTLV *tlvs);
154
155	/* update op/voice flag of given user according to encryption state and settings
156	returns 0 if neither op_buddies nor voice_buddies is set to "encrypted",
157	i.e. msgstate should be announced seperately */
158	int otr_update_modeflags(irc_t irc, user_t u);
159
160	/* show general info about the OTR subsystem; called by 'otr info' */
161	void show_general_otr_info(irc_t *irc);
162
163	/* show info about a given OTR context */
164	void show_otr_context_info(irc_t irc, ConnContext ctx);
165
166	/* show the list of fingerprints associated with a given context */
167	void show_fingerprints(irc_t irc, ConnContext ctx);
168
169	/* find a fingerprint by prefix (given as any number of hex strings) */
170	Fingerprint match_fingerprint(irc_t irc, ConnContext ctx, const char *args);
171
172	/* find a private key by fingerprint prefix (given as any number of hex strings) */
173	OtrlPrivKey match_privkey(irc_t irc, const char **args);
174
175
176	/* routines declared in otr.h: */
177
178	void otr_init(void)
179	{
180	OTRL_INIT;
181
182	/* fill global OtrlMessageAppOps */
183	global.otr_ops.policy = &op_policy;
184	global.otr_ops.create_privkey = &op_create_privkey;
185	global.otr_ops.is_logged_in = &op_is_logged_in;
186	global.otr_ops.inject_message = &op_inject_message;
187	global.otr_ops.notify = NULL;
188	global.otr_ops.display_otr_message = &op_display_otr_message;
189	global.otr_ops.update_context_list = NULL;
190	global.otr_ops.protocol_name = NULL;
191	global.otr_ops.protocol_name_free = NULL;
192	global.otr_ops.new_fingerprint = &op_new_fingerprint;
193	global.otr_ops.write_fingerprints = &op_write_fingerprints;
194	global.otr_ops.gone_secure = &op_gone_secure;
195	global.otr_ops.gone_insecure = &op_gone_insecure;
196	global.otr_ops.still_secure = &op_still_secure;
197	global.otr_ops.log_message = &op_log_message;
198	global.otr_ops.max_message_size = &op_max_message_size;
199	global.otr_ops.account_name = &op_account_name;
200	global.otr_ops.account_name_free = NULL;
201	}
202
203	otr_t *otr_new(void)
204	{
205	otr_t *otr = g_new0(otr_t, 1);
206
207	otr->us = otrl_userstate_create();
208
209	return otr;
210	}
211
212	void otr_free(otr_t *otr)
213	{
214	otrl_userstate_free(otr->us);
215	if(otr->keygen) {
216	kill(otr->keygen, SIGTERM);
217	waitpid(otr->keygen, NULL, 0);
218	/* TODO: remove stale keygen tempfiles */
219	}
220	if(otr->to)
221	fclose(otr->to);
222	if(otr->from)
223	fclose(otr->from);
224	while(otr->todo) {
225	kg_t *p = otr->todo;
226	otr->todo = p->next;
227	g_free(p);
228	}
229	g_free(otr);
230	}
231
232	void otr_load(irc_t *irc)
233	{
234	char s[512];
235	account_t *a;
236	gcry_error_t e;
237	gcry_error_t enoent = gcry_error_from_errno(ENOENT);
238	int kg=0;
239
240	g_snprintf(s, 511, "%s%s.otr_keys", global.conf->configdir, irc->nick);
241	e = otrl_privkey_read(irc->otr->us, s);
242	if(e && e!=enoent) {
243	irc_usermsg(irc, "otr load: %s: %s", s, gcry_strerror(e));
244	}
245	g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, irc->nick);
246	e = otrl_privkey_read_fingerprints(irc->otr->us, s, NULL, NULL);
247	if(e && e!=enoent) {
248	irc_usermsg(irc, "otr load: %s: %s", s, gcry_strerror(e));
249	}
250
251	/* check for otr keys on all accounts */
252	for(a=irc->accounts; a; a=a->next) {
253	kg = otr_check_for_key(a) \|\| kg;
254	}
255	if(kg) {
256	irc_usermsg(irc, "Notice: "
257	"The accounts above do not have OTR encryption keys associated with them, yet. "
258	"These keys are now being generated in the background. "
259	"You will be notified as they are completed. "
260	"It is not necessary to wait; "
261	"BitlBee can be used normally during key generation. "
262	"You may safely ignore this message if you don't know what OTR is. ;)");
263	}
264	}
265
266	void otr_save(irc_t *irc)
267	{
268	char s[512];
269	gcry_error_t e;
270
271	g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, irc->nick);
272	e = otrl_privkey_write_fingerprints(irc->otr->us, s);
273	if(e) {
274	irc_usermsg(irc, "otr save: %s: %s", s, gcry_strerror(e));
275	}
276	chmod(s, 0600);
277	}
278
279	void otr_remove(const char *nick)
280	{
281	char s[512];
282
283	g_snprintf(s, 511, "%s%s.otr_keys", global.conf->configdir, nick);
284	unlink(s);
285	g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, nick);
286	unlink(s);
287	}
288
289	void otr_rename(const char onick, const char nnick)
290	{
291	char s[512], t[512];
292
293	g_snprintf(s, 511, "%s%s.otr_keys", global.conf->configdir, onick);
294	g_snprintf(t, 511, "%s%s.otr_keys", global.conf->configdir, nnick);
295	rename(s,t);
296	g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, onick);
297	g_snprintf(t, 511, "%s%s.otr_fprints", global.conf->configdir, nnick);
298	rename(s,t);
299	}
300
301	int otr_check_for_key(account_t *a)
302	{
303	irc_t *irc = a->irc;
304	OtrlPrivKey *k;
305
306	k = otrl_privkey_find(irc->otr->us, a->user, a->prpl->name);
307	if(k) {
308	irc_usermsg(irc, "otr: %s/%s ready", a->user, a->prpl->name);
309	return 0;
310	} if(keygen_in_progress(irc, a->user, a->prpl->name)) {
311	irc_usermsg(irc, "otr: keygen for %s/%s already in progress", a->user, a->prpl->name);
312	return 0;
313	} else {
314	irc_usermsg(irc, "otr: starting background keygen for %s/%s", a->user, a->prpl->name);
315	otr_keygen(irc, a->user, a->prpl->name);
316	return 1;
317	}
318	}
319
320	char otr_handle_message(struct im_connection ic, const char handle, const char msg)
321	{
322	int ignore_msg;
323	char *newmsg = NULL;
324	OtrlTLV *tlvs = NULL;
325	char *colormsg;
326
327	ignore_msg = otrl_message_receiving(ic->irc->otr->us, &global.otr_ops, ic,
328	ic->acc->user, ic->acc->prpl->name, handle, msg, &newmsg,
329	&tlvs, NULL, NULL);
330
331	otr_handle_smp(ic, handle, tlvs);
332
333	if(ignore_msg) {
334	/* this was an internal OTR protocol message */
335	return NULL;
336	} else if(!newmsg) {
337	/* this was a non-OTR message */
338	return g_strdup(msg);
339	} else {
340	/* OTR has processed this message */
341	ConnContext *context = otrl_context_find(ic->irc->otr->us, handle,
342	ic->acc->user, ic->acc->prpl->name, 0, NULL, NULL, NULL);
343	if(context && context->msgstate == OTRL_MSGSTATE_ENCRYPTED &&
344	set_getbool(&ic->irc->set, "color_encrypted")) {
345	/* color according to f'print trust */
346	int color;
347	const char *trust = context->active_fingerprint->trust;
348	if(trust && trust[0] != '\0')
349	color=3; /* green */
350	else
351	color=5; /* red */
352
353	if(newmsg[0] == ',') {
354	/* could be a problem with the color code */
355	/* insert a space between color spec and message */
356	colormsg = g_strdup_printf("\x03%.2d %s\x0F", color, newmsg);
357	} else {
358	colormsg = g_strdup_printf("\x03%.2d%s\x0F", color, newmsg);
359	}
360	} else {
361	colormsg = g_strdup(newmsg);
362	}
363	otrl_message_free(newmsg);
364	return colormsg;
365	}
366	}
367
368	int otr_send_message(struct im_connection ic, const char handle, const char *msg, int flags)
369	{
370	int st;
371	char *otrmsg = NULL;
372	ConnContext *ctx = NULL;
373
374	st = otrl_message_sending(ic->irc->otr->us, &global.otr_ops, ic,
375	ic->acc->user, ic->acc->prpl->name, handle,
376	msg, NULL, &otrmsg, NULL, NULL);
377	if(st) {
378	return st;
379	}
380
381	ctx = otrl_context_find(ic->irc->otr->us,
382	handle, ic->acc->user, ic->acc->prpl->name,
383	1, NULL, NULL, NULL);
384
385	if(otrmsg) {
386	if(!ctx) {
387	otrl_message_free(otrmsg);
388	return 1;
389	}
390	st = otrl_message_fragment_and_send(&global.otr_ops, ic, ctx,
391	otrmsg, OTRL_FRAGMENT_SEND_ALL, NULL);
392	otrl_message_free(otrmsg);
393	} else {
394	/* note: otrl_message_sending handles policy, so that if REQUIRE_ENCRYPTION is set,
395	this case does not occur */
396	st = ic->acc->prpl->buddy_msg( ic, (char )handle, (char )msg, flags );
397	}
398
399	return st;
400	}
401
402	void cmd_otr(irc_t irc, char *args)
403	{
404	const command_t *cmd;
405
406	if(!args[0])
407	return;
408
409	if(!args[1])
410	return;
411
412	for(cmd=otr_commands; cmd->command; cmd++) {
413	if(strcmp(cmd->command, args[1]) == 0)
414	break;
415	}
416
417	if(!cmd->command) {
418	irc_usermsg(irc, "%s: unknown subcommand \"%s\", see \x02help otr\x02",
419	args[0], args[1]);
420	return;
421	}
422
423	if(!args[cmd->required_parameters+1]) {
424	irc_usermsg(irc, "%s %s: not enough arguments (%d req.)",
425	args[0], args[1], cmd->required_parameters);
426	return;
427	}
428
429	cmd->execute(irc, args+1);
430	}
431
432
433	/* OTR "MessageAppOps" callbacks for global.otr_ui: */
434
435	OtrlPolicy op_policy(void opdata, ConnContext context)
436	{
437	struct im_connection *ic = check_imc(opdata, context->accountname, context->protocol);
438	const char *p;
439
440	/* policy override during keygen: if we're missing the key for context but are currently
441	generating it, then that's as much as we can do. => temporarily return NEVER. */
442	if(keygen_in_progress(ic->irc, context->accountname, context->protocol) &&
443	!otrl_privkey_find(ic->irc->otr->us, context->accountname, context->protocol))
444	return OTRL_POLICY_NEVER;
445
446	p = set_getstr(&ic->irc->set, "otr_policy");
447	if(!strcmp(p, "never"))
448	return OTRL_POLICY_NEVER;
449	if(!strcmp(p, "opportunistic"))
450	return OTRL_POLICY_OPPORTUNISTIC;
451	if(!strcmp(p, "manual"))
452	return OTRL_POLICY_MANUAL;
453	if(!strcmp(p, "always"))
454	return OTRL_POLICY_ALWAYS;
455
456	return OTRL_POLICY_OPPORTUNISTIC;
457	}
458
459	void op_create_privkey(void opdata, const char accountname,
460	const char *protocol)
461	{
462	struct im_connection *ic = check_imc(opdata, accountname, protocol);
463
464	/* will fail silently if keygen already in progress */
465	otr_keygen(ic->irc, accountname, protocol);
466	}
467
468	int op_is_logged_in(void opdata, const char accountname,
469	const char protocol, const char recipient)
470	{
471	struct im_connection *ic = check_imc(opdata, accountname, protocol);
472	user_t *u;
473
474	/* lookup the user_t for the given recipient */
475	u = user_findhandle(ic, recipient);
476	if(u) {
477	if(u->online)
478	return 1;
479	else
480	return 0;
481	} else {
482	return -1;
483	}
484	}
485
486	void op_inject_message(void opdata, const char accountname,
487	const char protocol, const char recipient, const char *message)
488	{
489	struct im_connection *ic = check_imc(opdata, accountname, protocol);
490
491	if (strcmp(accountname, recipient) == 0) {
492	/* huh? injecting messages to myself? */
493	irc_usermsg(ic->irc, "note to self: %s", message);
494	} else {
495	/* need to drop some consts here :-( */
496	/* TODO: get flags into op_inject_message?! */
497	ic->acc->prpl->buddy_msg(ic, (char )recipient, (char )message, 0);
498	/* ignoring return value :-/ */
499	}
500	}
501
502	int op_display_otr_message(void opdata, const char accountname,
503	const char protocol, const char username, const char *message)
504	{
505	struct im_connection *ic = check_imc(opdata, accountname, protocol);
506	char *msg = g_strdup(message);
507
508	strip_html(msg);
509	irc_usermsg(ic->irc, "otr: %s", msg);
510
511	g_free(msg);
512	return 0;
513	}
514
515	void op_new_fingerprint(void *opdata, OtrlUserState us,
516	const char accountname, const char protocol,
517	const char *username, unsigned char fingerprint[20])
518	{
519	struct im_connection *ic = check_imc(opdata, accountname, protocol);
520	char hunam[45]; /* anybody looking? ;-) */
521
522	otrl_privkey_hash_to_human(hunam, fingerprint);
523	irc_usermsg(ic->irc, "new fingerprint for %s: %s",
524	peernick(ic->irc, username, protocol), hunam);
525	}
526
527	void op_write_fingerprints(void *opdata)
528	{
529	struct im_connection ic = (struct im_connection )opdata;
530
531	otr_save(ic->irc);
532	}
533
534	void op_gone_secure(void opdata, ConnContext context)
535	{
536	struct im_connection *ic =
537	check_imc(opdata, context->accountname, context->protocol);
538	user_t *u;
539	const char *trust;
540
541	u = peeruser(ic->irc, context->username, context->protocol);
542	if(!u) {
543	log_message(LOGLVL_ERROR,
544	"BUG: otr.c: op_gone_secure: user_t for %s/%s/%s not found!",
545	context->username, context->protocol, context->accountname);
546	return;
547	}
548
549	trust = context->active_fingerprint->trust;
550	if(trust && trust[0])
551	u->encrypted = 2;
552	else
553	u->encrypted = 1;
554	if(!otr_update_modeflags(ic->irc, u))
555	irc_usermsg(ic->irc, "conversation with %s is now off the record", u->nick);
556	}
557
558	void op_gone_insecure(void opdata, ConnContext context)
559	{
560	struct im_connection *ic =
561	check_imc(opdata, context->accountname, context->protocol);
562	user_t *u;
563
564	u = peeruser(ic->irc, context->username, context->protocol);
565	if(!u) {
566	log_message(LOGLVL_ERROR,
567	"BUG: otr.c: op_gone_insecure: user_t for %s/%s/%s not found!",
568	context->username, context->protocol, context->accountname);
569	return;
570	}
571	u->encrypted = 0;
572	if(!otr_update_modeflags(ic->irc, u))
573	irc_usermsg(ic->irc, "conversation with %s is now in the clear", u->nick);
574	}
575
576	void op_still_secure(void opdata, ConnContext context, int is_reply)
577	{
578	struct im_connection *ic =
579	check_imc(opdata, context->accountname, context->protocol);
580	user_t *u;
581
582	u = peeruser(ic->irc, context->username, context->protocol);
583	if(!u) {
584	log_message(LOGLVL_ERROR,
585	"BUG: otr.c: op_still_secure: user_t for %s/%s/%s not found!",
586	context->username, context->protocol, context->accountname);
587	return;
588	}
589	if(context->active_fingerprint->trust[0])
590	u->encrypted = 2;
591	else
592	u->encrypted = 1;
593	if(!otr_update_modeflags(ic->irc, u))
594	irc_usermsg(ic->irc, "otr connection with %s has been refreshed", u->nick);
595	}
596
597	void op_log_message(void opdata, const char message)
598	{
599	char *msg = g_strdup(message);
600
601	strip_html(msg);
602	log_message(LOGLVL_INFO, "otr: %s", msg);
603	g_free(msg);
604	}
605
606	int op_max_message_size(void opdata, ConnContext context)
607	{
608	struct im_connection *ic =
609	check_imc(opdata, context->accountname, context->protocol);
610
611	return ic->acc->prpl->mms;
612	}
613
614	const char op_account_name(void opdata, const char account, const char protocol)
615	{
616	struct im_connection ic = (struct im_connection )opdata;
617
618	return peernick(ic->irc, account, protocol);
619	}
620
621
622	/* OTR sub-command handlers */
623
624	void cmd_otr_disconnect(irc_t irc, char *args)
625	{
626	user_t *u;
627
628	u = user_find(irc, args[1]);
629	if(!u \|\| !u->ic) {
630	irc_usermsg(irc, "%s: unknown user", args[1]);
631	return;
632	}
633
634	otrl_message_disconnect(irc->otr->us, &global.otr_ops,
635	u->ic, u->ic->acc->user, u->ic->acc->prpl->name, u->handle);
636
637	/* for some reason, libotr (3.1.0) doesn't do this itself: */
638	if(u->encrypted) {
639	ConnContext *ctx;
640	ctx = otrl_context_find(irc->otr->us, u->handle, u->ic->acc->user,
641	u->ic->acc->prpl->name, 0, NULL, NULL, NULL);
642	if(ctx)
643	op_gone_insecure(u->ic, ctx);
644	else /* huh? */
645	u->encrypted = 0;
646	}
647	}
648
649	void cmd_otr_connect(irc_t irc, char *args)
650	{
651	user_t *u;
652
653	u = user_find(irc, args[1]);
654	if(!u \|\| !u->ic) {
655	irc_usermsg(irc, "%s: unknown user", args[1]);
656	return;
657	}
658	if(!u->online) {
659	irc_usermsg(irc, "%s is offline", args[1]);
660	return;
661	}
662
663	imc_buddy_msg(u->ic, u->handle, "?OTR?", 0);
664	}
665
666	void cmd_otr_smp(irc_t irc, char *args)
667	{
668	user_t *u;
669	ConnContext *ctx;
670
671	u = user_find(irc, args[1]);
672	if(!u \|\| !u->ic) {
673	irc_usermsg(irc, "%s: unknown user", args[1]);
674	return;
675	}
676	if(!u->online) {
677	irc_usermsg(irc, "%s is offline", args[1]);
678	return;
679	}
680
681	ctx = otrl_context_find(irc->otr->us, u->handle,
682	u->ic->acc->user, u->ic->acc->prpl->name, 1, NULL, NULL, NULL);
683	if(!ctx) {
684	/* huh? out of memory or what? */
685	return;
686	}
687
688	if(ctx->smstate->nextExpected != OTRL_SMP_EXPECT1) {
689	log_message(LOGLVL_INFO,
690	"SMP already in phase %d, sending abort before reinitiating",
691	ctx->smstate->nextExpected+1);
692	otrl_message_abort_smp(irc->otr->us, &global.otr_ops, u->ic, ctx);
693	otrl_sm_state_free(ctx->smstate);
694	}
695
696	/* warning: the following assumes that smstates are cleared whenever an SMP
697	is completed or aborted! */
698	if(ctx->smstate->secret == NULL) {
699	irc_usermsg(irc, "smp: initiating with %s...", u->nick);
700	otrl_message_initiate_smp(irc->otr->us, &global.otr_ops,
701	u->ic, ctx, (unsigned char *)args[2], strlen(args[2]));
702	/* smp is now in EXPECT2 */
703	} else {
704	/* if we're still in EXPECT1 but smstate is initialized, we must have
705	received the SMP1, so let's issue a response */
706	irc_usermsg(irc, "smp: responding to %s...", u->nick);
707	otrl_message_respond_smp(irc->otr->us, &global.otr_ops,
708	u->ic, ctx, (unsigned char *)args[2], strlen(args[2]));
709	/* smp is now in EXPECT3 */
710	}
711	}
712
713	void cmd_otr_trust(irc_t irc, char *args)
714	{
715	user_t *u;
716	ConnContext *ctx;
717	unsigned char raw[20];
718	Fingerprint *fp;
719	int i,j;
720
721	u = user_find(irc, args[1]);
722	if(!u \|\| !u->ic) {
723	irc_usermsg(irc, "%s: unknown user", args[1]);
724	return;
725	}
726
727	ctx = otrl_context_find(irc->otr->us, u->handle,
728	u->ic->acc->user, u->ic->acc->prpl->name, 0, NULL, NULL, NULL);
729	if(!ctx) {
730	irc_usermsg(irc, "%s: no otr context with user", args[1]);
731	return;
732	}
733
734	/* convert given fingerprint to raw representation */
735	for(i=0; i<5; i++) {
736	for(j=0; j<4; j++) {
737	char p = args[2+i]+(2j);
738	char *q = p+1;
739	int x, y;
740
741	if(!p \|\| !q) {
742	irc_usermsg(irc, "failed: truncated fingerprint block %d", i+1);
743	return;
744	}
745
746	x = hexval(*p);
747	y = hexval(*q);
748	if(x<0) {
749	irc_usermsg(irc, "failed: %d. hex digit of block %d out of range", 2*j+1, i+1);
750	return;
751	}
752	if(y<0) {
753	irc_usermsg(irc, "failed: %d. hex digit of block %d out of range", 2*j+2, i+1);
754	return;
755	}
756
757	raw[i4+j] = x16 + y;
758	}
759	}
760	fp = otrl_context_find_fingerprint(ctx, raw, 0, NULL);
761	if(!fp) {
762	irc_usermsg(irc, "failed: no such fingerprint for %s", args[1]);
763	} else {
764	char *trust = args[7] ? args[7] : "affirmed";
765	otrl_context_set_trust(fp, trust);
766	irc_usermsg(irc, "fingerprint match, trust set to \"%s\"", trust);
767	if(u->encrypted)
768	u->encrypted = 2;
769	otr_update_modeflags(irc, u);
770	}
771	}
772
773	void cmd_otr_info(irc_t irc, char *args)
774	{
775	if(!args[1]) {
776	show_general_otr_info(irc);
777	} else {
778	char *arg = g_strdup(args[1]);
779	char myhandle, handle=NULL, *protocol;
780	ConnContext *ctx;
781
782	/* interpret arg as 'user/protocol/account' if possible */
783	protocol = strchr(arg, '/');
784	myhandle = NULL;
785	if(protocol) {
786	*(protocol++) = '\0';
787	myhandle = strchr(protocol, '/');
788	}
789	if(protocol && myhandle) {
790	*(myhandle++) = '\0';
791	handle = arg;
792	ctx = otrl_context_find(irc->otr->us, handle, myhandle, protocol, 0, NULL, NULL, NULL);
793	if(!ctx) {
794	irc_usermsg(irc, "no such context");
795	g_free(arg);
796	return;
797	}
798	} else {
799	user_t *u = user_find(irc, args[1]);
800	if(!u \|\| !u->ic) {
801	irc_usermsg(irc, "%s: unknown user", args[1]);
802	g_free(arg);
803	return;
804	}
805	ctx = otrl_context_find(irc->otr->us, u->handle, u->ic->acc->user,
806	u->ic->acc->prpl->name, 0, NULL, NULL, NULL);
807	if(!ctx) {
808	irc_usermsg(irc, "no otr context with %s", args[1]);
809	g_free(arg);
810	return;
811	}
812	}
813
814	/* show how we resolved the (nick) argument, if we did */
815	if(handle!=arg) {
816	irc_usermsg(irc, "%s is %s/%s; we are %s/%s to them", args[1],
817	ctx->username, ctx->protocol, ctx->accountname, ctx->protocol);
818	}
819	show_otr_context_info(irc, ctx);
820	g_free(arg);
821	}
822	}
823
824	void cmd_otr_keygen(irc_t irc, char *args)
825	{
826	int i, n;
827	account_t *a;
828
829	n = atoi(args[1]);
830	if(n<0 \|\| (!n && strcmp(args[1], "0"))) {
831	irc_usermsg(irc, "%s: invalid account number", args[1]);
832	return;
833	}
834
835	a = irc->accounts;
836	for(i=0; i<n && a; i++, a=a->next);
837	if(!a) {
838	irc_usermsg(irc, "%s: no such account", args[1]);
839	return;
840	}
841
842	if(keygen_in_progress(irc, a->user, a->prpl->name)) {
843	irc_usermsg(irc, "keygen for account %d already in progress", n);
844	return;
845	}
846
847	if(otrl_privkey_find(irc->otr->us, a->user, a->prpl->name)) {
848	char *s = g_strdup_printf("account %d already has a key, replace it?", n);
849	query_add(irc, NULL, s, yes_keygen, NULL, a);
850	g_free(s);
851	} else {
852	otr_keygen(irc, a->user, a->prpl->name);
853	}
854	}
855
856	void yes_forget_fingerprint(void *data)
857	{
858	pair_t p = (pair_t )data;
859	irc_t irc = (irc_t )p->fst;
860	Fingerprint fp = (Fingerprint )p->snd;
861
862	g_free(p);
863
864	if(fp == fp->context->active_fingerprint) {
865	irc_usermsg(irc, "that fingerprint is active, terminate otr connection first");
866	return;
867	}
868
869	otrl_context_forget_fingerprint(fp, 0);
870	}
871
872	void yes_forget_context(void *data)
873	{
874	pair_t p = (pair_t )data;
875	irc_t irc = (irc_t )p->fst;
876	ConnContext ctx = (ConnContext )p->snd;
877
878	g_free(p);
879
880	if(ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) {
881	irc_usermsg(irc, "active otr connection with %s, terminate it first",
882	peernick(irc, ctx->username, ctx->protocol));
883	return;
884	}
885
886	if(ctx->msgstate == OTRL_MSGSTATE_FINISHED)
887	otrl_context_force_plaintext(ctx);
888	otrl_context_forget(ctx);
889	}
890
891	void yes_forget_key(void *data)
892	{
893	OtrlPrivKey key = (OtrlPrivKey )data;
894
895	otrl_privkey_forget(key);
896	/* Hm, libotr doesn't seem to offer a function for explicitly /writing/
897	keyfiles. So the key will be back on the next load... */
898	/* TODO: Actually erase forgotten keys from storage? */
899	}
900
901	void cmd_otr_forget(irc_t irc, char *args)
902	{
903	if(!strcmp(args[1], "fingerprint"))
904	{
905	user_t *u;
906	ConnContext *ctx;
907	Fingerprint *fp;
908	char human[54];
909	char *s;
910	pair_t *p;
911
912	if(!args[3]) {
913	irc_usermsg(irc, "otr %s %s: not enough arguments (2 req.)", args[0], args[1]);
914	return;
915	}
916
917	/* TODO: allow context specs ("user/proto/account") in 'otr forget fingerprint'? */
918	u = user_find(irc, args[2]);
919	if(!u \|\| !u->ic) {
920	irc_usermsg(irc, "%s: unknown user", args[2]);
921	return;
922	}
923
924	ctx = otrl_context_find(irc->otr->us, u->handle, u->ic->acc->user,
925	u->ic->acc->prpl->name, 0, NULL, NULL, NULL);
926	if(!ctx) {
927	irc_usermsg(irc, "no otr context with %s", args[2]);
928	return;
929	}
930
931	fp = match_fingerprint(irc, ctx, ((const char **)args)+3);
932	if(!fp) {
933	/* match_fingerprint does error messages */
934	return;
935	}
936
937	if(fp == ctx->active_fingerprint) {
938	irc_usermsg(irc, "that fingerprint is active, terminate otr connection first");
939	return;
940	}
941
942	otrl_privkey_hash_to_human(human, fp->fingerprint);
943	s = g_strdup_printf("about to forget fingerprint %s, are you sure?", human);
944	p = g_malloc(sizeof(pair_t));
945	if(!p)
946	return;
947	p->fst = irc;
948	p->snd = fp;
949	query_add(irc, NULL, s, yes_forget_fingerprint, NULL, p);
950	g_free(s);
951	}
952
953	else if(!strcmp(args[1], "context"))
954	{
955	user_t *u;
956	ConnContext *ctx;
957	char *s;
958	pair_t *p;
959
960	/* TODO: allow context specs ("user/proto/account") in 'otr forget contex'? */
961	u = user_find(irc, args[2]);
962	if(!u \|\| !u->ic) {
963	irc_usermsg(irc, "%s: unknown user", args[2]);
964	return;
965	}
966
967	ctx = otrl_context_find(irc->otr->us, u->handle, u->ic->acc->user,
968	u->ic->acc->prpl->name, 0, NULL, NULL, NULL);
969	if(!ctx) {
970	irc_usermsg(irc, "no otr context with %s", args[2]);
971	return;
972	}
973
974	if(ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) {
975	irc_usermsg(irc, "active otr connection with %s, terminate it first", args[2]);
976	return;
977	}
978
979	s = g_strdup_printf("about to forget otr data about %s, are you sure?", args[2]);
980	p = g_malloc(sizeof(pair_t));
981	if(!p)
982	return;
983	p->fst = irc;
984	p->snd = ctx;
985	query_add(irc, NULL, s, yes_forget_context, NULL, p);
986	g_free(s);
987	}
988
989	else if(!strcmp(args[1], "key"))
990	{
991	OtrlPrivKey *key;
992	char *s;
993
994	key = match_privkey(irc, ((const char **)args)+2);
995	if(!key) {
996	/* match_privkey does error messages */
997	return;
998	}
999
1000	s = g_strdup_printf("about to forget the private key for %s/%s, are you sure?",
1001	key->accountname, key->protocol);
1002	query_add(irc, NULL, s, yes_forget_key, NULL, key);
1003	g_free(s);
1004	}
1005
1006	else
1007	{
1008	irc_usermsg(irc, "otr %s: unknown subcommand \"%s\", see \x02help otr forget\x02",
1009	args[0], args[1]);
1010	}
1011	}
1012
1013
1014	/* local helpers / subroutines: */
1015
1016	/* Socialist Millionaires' Protocol */
1017	void otr_handle_smp(struct im_connection ic, const char handle, OtrlTLV *tlvs)
1018	{
1019	irc_t *irc = ic->irc;
1020	OtrlUserState us = irc->otr->us;
1021	OtrlMessageAppOps *ops = &global.otr_ops;
1022	OtrlTLV *tlv = NULL;
1023	ConnContext *context;
1024	NextExpectedSMP nextMsg;
1025	user_t *u;
1026
1027	u = user_findhandle(ic, handle);
1028	if(!u) return;
1029	context = otrl_context_find(us, handle,
1030	ic->acc->user, ic->acc->prpl->name, 1, NULL, NULL, NULL);
1031	if(!context) {
1032	/* huh? out of memory or what? */
1033	return;
1034	}
1035	nextMsg = context->smstate->nextExpected;
1036
1037	tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP1);
1038	if (tlv) {
1039	if (nextMsg != OTRL_SMP_EXPECT1) {
1040	irc_usermsg(irc, "smp %s: spurious SMP1 received, aborting", u->nick);
1041	otrl_message_abort_smp(us, ops, u->ic, context);
1042	otrl_sm_state_free(context->smstate);
1043	} else {
1044	irc_usermsg(irc, "smp: initiated by %s"
1045	" - respond with \x02otr smp %s <secret>\x02",
1046	u->nick, u->nick);
1047	/* smp stays in EXPECT1 until user responds */
1048	}
1049	}
1050	tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP2);
1051	if (tlv) {
1052	if (nextMsg != OTRL_SMP_EXPECT2) {
1053	irc_usermsg(irc, "smp %s: spurious SMP2 received, aborting", u->nick);
1054	otrl_message_abort_smp(us, ops, u->ic, context);
1055	otrl_sm_state_free(context->smstate);
1056	} else {
1057	/* SMP2 received, otrl_message_receiving will have sent SMP3 */
1058	context->smstate->nextExpected = OTRL_SMP_EXPECT4;
1059	}
1060	}
1061	tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP3);
1062	if (tlv) {
1063	if (nextMsg != OTRL_SMP_EXPECT3) {
1064	irc_usermsg(irc, "smp %s: spurious SMP3 received, aborting", u->nick);
1065	otrl_message_abort_smp(us, ops, u->ic, context);
1066	otrl_sm_state_free(context->smstate);
1067	} else {
1068	/* SMP3 received, otrl_message_receiving will have sent SMP4 and set fp trust */
1069	const char *trust = context->active_fingerprint->trust;
1070	if(!trust \|\| trust[0]=='\0') {
1071	irc_usermsg(irc, "smp %s: secrets did not match, fingerprint not trusted",
1072	u->nick);
1073	} else {
1074	irc_usermsg(irc, "smp %s: secrets proved equal, fingerprint trusted",
1075	u->nick);
1076	}
1077	otrl_sm_state_free(context->smstate);
1078	/* smp is in back in EXPECT1 */
1079	}
1080	}
1081	tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP4);
1082	if (tlv) {
1083	if (nextMsg != OTRL_SMP_EXPECT4) {
1084	irc_usermsg(irc, "smp %s: spurious SMP4 received, aborting", u->nick);
1085	otrl_message_abort_smp(us, ops, u->ic, context);
1086	otrl_sm_state_free(context->smstate);
1087	} else {
1088	/* SMP4 received, otrl_message_receiving will have set fp trust */
1089	const char *trust = context->active_fingerprint->trust;
1090	if(!trust \|\| trust[0]=='\0') {
1091	irc_usermsg(irc, "smp %s: secrets did not match, fingerprint not trusted",
1092	u->nick);
1093	} else {
1094	irc_usermsg(irc, "smp %s: secrets proved equal, fingerprint trusted",
1095	u->nick);
1096	}
1097	otrl_sm_state_free(context->smstate);
1098	/* smp is in back in EXPECT1 */
1099	}
1100	}
1101	tlv = otrl_tlv_find(tlvs, OTRL_TLV_SMP_ABORT);
1102	if (tlv) {
1103	irc_usermsg(irc, "smp: received abort from %s", u->nick);
1104	otrl_sm_state_free(context->smstate);
1105	/* smp is in back in EXPECT1 */
1106	}
1107	}
1108
1109	/* helper to assert that account and protocol names given to ops below always
1110	match the im_connection passed through as opdata */
1111	struct im_connection check_imc(void opdata, const char *accountname,
1112	const char *protocol)
1113	{
1114	struct im_connection ic = (struct im_connection )opdata;
1115
1116	if (strcmp(accountname, ic->acc->user) != 0) {
1117	log_message(LOGLVL_WARNING,
1118	"otr: internal account name mismatch: '%s' vs '%s'",
1119	accountname, ic->acc->user);
1120	}
1121	if (strcmp(protocol, ic->acc->prpl->name) != 0) {
1122	log_message(LOGLVL_WARNING,
1123	"otr: internal protocol name mismatch: '%s' vs '%s'",
1124	protocol, ic->acc->prpl->name);
1125	}
1126
1127	return ic;
1128	}
1129
1130	user_t peeruser(irc_t irc, const char handle, const char protocol)
1131	{
1132	user_t *u;
1133
1134	for(u=irc->users; u; u=u->next) {
1135	struct prpl *prpl;
1136	if(!u->ic \|\| !u->handle)
1137	continue;
1138	prpl = u->ic->acc->prpl;
1139	if(strcmp(prpl->name, protocol) == 0
1140	&& prpl->handle_cmp(u->handle, handle) == 0) {
1141	return u;
1142	}
1143	}
1144
1145	return NULL;
1146	}
1147
1148	int hexval(char a)
1149	{
1150	int x=tolower(a);
1151
1152	if(x>='a' && x<='f')
1153	x = x - 'a' + 10;
1154	else if(x>='0' && x<='9')
1155	x = x - '0';
1156	else
1157	return -1;
1158
1159	return x;
1160	}
1161
1162	const char peernick(irc_t irc, const char handle, const char protocol)
1163	{
1164	static char fallback[512];
1165
1166	user_t *u = peeruser(irc, handle, protocol);
1167	if(u) {
1168	return u->nick;
1169	} else {
1170	g_snprintf(fallback, 511, "%s/%s", handle, protocol);
1171	return fallback;
1172	}
1173	}
1174
1175	int otr_update_modeflags(irc_t irc, user_t u)
1176	{
1177	char *vb = set_getstr(&irc->set, "voice_buddies");
1178	char *hb = set_getstr(&irc->set, "halfop_buddies");
1179	char *ob = set_getstr(&irc->set, "op_buddies");
1180	int encrypted = u->encrypted;
1181	int trusted = u->encrypted > 1;
1182	char flags[7];
1183	int nflags=0;
1184	char *p = flags;
1185	char *from;
1186	int i;
1187
1188	if(!strcmp(vb, "encrypted")) {
1189	*(p++) = encrypted ? '+' : '-';
1190	*(p++) = 'v';
1191	nflags++;
1192	} else if(!strcmp(vb, "trusted")) {
1193	*(p++) = trusted ? '+' : '-';
1194	*(p++) = 'v';
1195	nflags++;
1196	}
1197	if(!strcmp(hb, "encrypted")) {
1198	*(p++) = encrypted ? '+' : '-';
1199	*(p++) = 'h';
1200	nflags++;
1201	} else if(!strcmp(hb, "trusted")) {
1202	*(p++) = trusted ? '+' : '-';
1203	*(p++) = 'h';
1204	nflags++;
1205	}
1206	if(!strcmp(ob, "encrypted")) {
1207	*(p++) = encrypted ? '+' : '-';
1208	*(p++) = 'o';
1209	nflags++;
1210	} else if(!strcmp(ob, "trusted")) {
1211	*(p++) = trusted ? '+' : '-';
1212	*(p++) = 'o';
1213	nflags++;
1214	}
1215	*p = '\0';
1216
1217	p = g_malloc(nflags * (strlen(u->nick)+1) + 1);
1218	*p = '\0';
1219	if(!p)
1220	return 0;
1221	for(i=0; i<nflags; i++) {
1222	strcat(p, " ");
1223	strcat(p, u->nick);
1224	}
1225	if(set_getbool(&irc->set, "simulate_netsplit"))
1226	from = g_strdup(irc->myhost);
1227	else
1228	from = g_strdup_printf("%s!%s@%s", irc->mynick, irc->mynick, irc->myhost);
1229	irc_write(irc, ":%s MODE %s %s%s", from, irc->channel, flags, p);
1230	g_free(from);
1231	g_free(p);
1232
1233	return 1;
1234	}
1235
1236	void show_fingerprints(irc_t irc, ConnContext ctx)
1237	{
1238	char human[45];
1239	Fingerprint *fp;
1240	const char *trust;
1241	int count=0;
1242
1243	for(fp=&ctx->fingerprint_root; fp; fp=fp->next) {
1244	if(!fp->fingerprint)
1245	continue;
1246	count++;
1247	otrl_privkey_hash_to_human(human, fp->fingerprint);
1248	if(!fp->trust \|\| fp->trust[0] == '\0') {
1249	trust="untrusted";
1250	} else {
1251	trust=fp->trust;
1252	}
1253	if(fp == ctx->active_fingerprint) {
1254	irc_usermsg(irc, " \x02%s (%s)\x02", human, trust);
1255	} else {
1256	irc_usermsg(irc, " %s (%s)", human, trust);
1257	}
1258	}
1259	if(count==0)
1260	irc_usermsg(irc, " (none)");
1261	}
1262
1263	Fingerprint match_fingerprint(irc_t irc, ConnContext ctx, const char *args)
1264	{
1265	Fingerprint fp, fp2;
1266	char human[45];
1267	char prefix[45], *p;
1268	int n;
1269	int i,j;
1270
1271	/* assemble the args into a prefix in standard "human" form */
1272	n=0;
1273	p=prefix;
1274	for(i=0; args[i]; i++) {
1275	for(j=0; args[i][j]; j++) {
1276	char c = toupper(args[i][j]);
1277
1278	if(n>=40) {
1279	irc_usermsg(irc, "too many fingerprint digits given, expected at most 40");
1280	return NULL;
1281	}
1282
1283	if( (c>='A' && c<='F') \|\| (c>='0' && c<='9') ) {
1284	*(p++) = c;
1285	} else {
1286	irc_usermsg(irc, "invalid hex digit '%c' in block %d", args[i][j], i+1);
1287	return NULL;
1288	}
1289
1290	n++;
1291	if(n%8 == 0)
1292	*(p++) = ' ';
1293	}
1294	}
1295	*p = '\0';
1296
1297	/* find first fingerprint with the given prefix */
1298	n = strlen(prefix);
1299	for(fp=&ctx->fingerprint_root; fp; fp=fp->next) {
1300	if(!fp->fingerprint)
1301	continue;
1302	otrl_privkey_hash_to_human(human, fp->fingerprint);
1303	if(!strncmp(prefix, human, n))
1304	break;
1305	}
1306	if(!fp) {
1307	irc_usermsg(irc, "%s: no match", prefix);
1308	return NULL;
1309	}
1310
1311	/* make sure the match, if any, is unique */
1312	for(fp2=fp->next; fp2; fp2=fp2->next) {
1313	if(!fp2->fingerprint)
1314	continue;
1315	otrl_privkey_hash_to_human(human, fp2->fingerprint);
1316	if(!strncmp(prefix, human, n))
1317	break;
1318	}
1319	if(fp2) {
1320	irc_usermsg(irc, "%s: multiple matches", prefix);
1321	return NULL;
1322	}
1323
1324	return fp;
1325	}
1326
1327	OtrlPrivKey match_privkey(irc_t irc, const char **args)
1328	{
1329	OtrlPrivKey k, k2;
1330	char human[45];
1331	char prefix[45], *p;
1332	int n;
1333	int i,j;
1334
1335	/* assemble the args into a prefix in standard "human" form */
1336	n=0;
1337	p=prefix;
1338	for(i=0; args[i]; i++) {
1339	for(j=0; args[i][j]; j++) {
1340	char c = toupper(args[i][j]);
1341
1342	if(n>=40) {
1343	irc_usermsg(irc, "too many fingerprint digits given, expected at most 40");
1344	return NULL;
1345	}
1346
1347	if( (c>='A' && c<='F') \|\| (c>='0' && c<='9') ) {
1348	*(p++) = c;
1349	} else {
1350	irc_usermsg(irc, "invalid hex digit '%c' in block %d", args[i][j], i+1);
1351	return NULL;
1352	}
1353
1354	n++;
1355	if(n%8 == 0)
1356	*(p++) = ' ';
1357	}
1358	}
1359	*p = '\0';
1360
1361	/* find first key which matches the given prefix */
1362	n = strlen(prefix);
1363	for(k=irc->otr->us->privkey_root; k; k=k->next) {
1364	p = otrl_privkey_fingerprint(irc->otr->us, human, k->accountname, k->protocol);
1365	if(!p) /* gah! :-P */
1366	continue;
1367	if(!strncmp(prefix, human, n))
1368	break;
1369	}
1370	if(!k) {
1371	irc_usermsg(irc, "%s: no match", prefix);
1372	return NULL;
1373	}
1374
1375	/* make sure the match, if any, is unique */
1376	for(k2=k->next; k2; k2=k2->next) {
1377	p = otrl_privkey_fingerprint(irc->otr->us, human, k2->accountname, k2->protocol);
1378	if(!p) /* gah! :-P */
1379	continue;
1380	if(!strncmp(prefix, human, n))
1381	break;
1382	}
1383	if(k2) {
1384	irc_usermsg(irc, "%s: multiple matches", prefix);
1385	return NULL;
1386	}
1387
1388	return k;
1389	}
1390
1391	void show_general_otr_info(irc_t *irc)
1392	{
1393	ConnContext *ctx;
1394	OtrlPrivKey *key;
1395	char human[45];
1396	kg_t *kg;
1397
1398	/* list all privkeys (including ones being generated) */
1399	irc_usermsg(irc, "\x1fprivate keys:\x1f");
1400	for(key=irc->otr->us->privkey_root; key; key=key->next) {
1401	const char *hash;
1402
1403	switch(key->pubkey_type) {
1404	case OTRL_PUBKEY_TYPE_DSA:
1405	irc_usermsg(irc, " %s/%s - DSA", key->accountname, key->protocol);
1406	break;
1407	default:
1408	irc_usermsg(irc, " %s/%s - type %d", key->accountname, key->protocol,
1409	key->pubkey_type);
1410	}
1411
1412	/* No, it doesn't make much sense to search for the privkey again by
1413	account/protocol, but libotr currently doesn't provide a direct routine
1414	for hashing a given 'OtrlPrivKey'... */
1415	hash = otrl_privkey_fingerprint(irc->otr->us, human, key->accountname, key->protocol);
1416	if(hash) /* should always succeed */
1417	irc_usermsg(irc, " %s", human);
1418	}
1419	if(irc->otr->sent_accountname) {
1420	irc_usermsg(irc, " %s/%s - DSA", irc->otr->sent_accountname,
1421	irc->otr->sent_protocol);
1422	irc_usermsg(irc, " (being generated)");
1423	}
1424	for(kg=irc->otr->todo; kg; kg=kg->next) {
1425	irc_usermsg(irc, " %s/%s - DSA", kg->accountname, kg->protocol);
1426	irc_usermsg(irc, " (queued)");
1427	}
1428	if(key == irc->otr->us->privkey_root &&
1429	!irc->otr->sent_accountname &&
1430	kg == irc->otr->todo)
1431	irc_usermsg(irc, " (none)");
1432
1433	/* list all contexts */
1434	irc_usermsg(irc, "%s", "");
1435	irc_usermsg(irc, "\x1f" "connection contexts:\x1f (bold=currently encrypted)");
1436	for(ctx=irc->otr->us->context_root; ctx; ctx=ctx->next) {\
1437	user_t *u;
1438	char *userstring;
1439
1440	u = peeruser(irc, ctx->username, ctx->protocol);
1441	if(u)
1442	userstring = g_strdup_printf("%s/%s/%s (%s)",
1443	ctx->username, ctx->protocol, ctx->accountname, u->nick);
1444	else
1445	userstring = g_strdup_printf("%s/%s/%s",
1446	ctx->username, ctx->protocol, ctx->accountname);
1447
1448	if(ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) {
1449	irc_usermsg(irc, " \x02%s\x02", userstring);
1450	} else {
1451	irc_usermsg(irc, " %s", userstring);
1452	}
1453
1454	g_free(userstring);
1455	}
1456	if(ctx == irc->otr->us->context_root)
1457	irc_usermsg(irc, " (none)");
1458	}
1459
1460	void show_otr_context_info(irc_t irc, ConnContext ctx)
1461	{
1462	switch(ctx->otr_offer) {
1463	case OFFER_NOT:
1464	irc_usermsg(irc, " otr offer status: none sent");
1465	break;
1466	case OFFER_SENT:
1467	irc_usermsg(irc, " otr offer status: awaiting reply");
1468	break;
1469	case OFFER_ACCEPTED:
1470	irc_usermsg(irc, " otr offer status: accepted our offer");
1471	break;
1472	case OFFER_REJECTED:
1473	irc_usermsg(irc, " otr offer status: ignored our offer");
1474	break;
1475	default:
1476	irc_usermsg(irc, " otr offer status: %d", ctx->otr_offer);
1477	}
1478
1479	switch(ctx->msgstate) {
1480	case OTRL_MSGSTATE_PLAINTEXT:
1481	irc_usermsg(irc, " connection state: cleartext");
1482	break;
1483	case OTRL_MSGSTATE_ENCRYPTED:
1484	irc_usermsg(irc, " connection state: encrypted (v%d)", ctx->protocol_version);
1485	break;
1486	case OTRL_MSGSTATE_FINISHED:
1487	irc_usermsg(irc, " connection state: shut down");
1488	break;
1489	default:
1490	irc_usermsg(irc, " connection state: %d", ctx->msgstate);
1491	}
1492
1493	irc_usermsg(irc, " fingerprints: (bold=active)");
1494	show_fingerprints(irc, ctx);
1495	}
1496
1497	int keygen_in_progress(irc_t irc, const char handle, const char *protocol)
1498	{
1499	kg_t *kg;
1500
1501	if(!irc->otr->sent_accountname \|\| !irc->otr->sent_protocol)
1502	return 0;
1503
1504	/* are we currently working on this key? */
1505	if(!strcmp(handle, irc->otr->sent_accountname) &&
1506	!strcmp(protocol, irc->otr->sent_protocol))
1507	return 1;
1508
1509	/* do we have it queued for later? */
1510	for(kg=irc->otr->todo; kg; kg=kg->next) {
1511	if(!strcmp(handle, kg->accountname) &&
1512	!strcmp(protocol, kg->protocol))
1513	return 1;
1514	}
1515
1516	return 0;
1517	}
1518
1519	void otr_keygen(irc_t irc, const char handle, const char *protocol)
1520	{
1521	/* do nothing if a key for the requested account is already being generated */
1522	if(keygen_in_progress(irc, handle, protocol))
1523	return;
1524
1525	/* see if we already have a keygen child running. if not, start one and put a
1526	handler on its output. */
1527	if(!irc->otr->keygen \|\| waitpid(irc->otr->keygen, NULL, WNOHANG)) {
1528	pid_t p;
1529	int to[2], from[2];
1530	FILE tof, fromf;
1531
1532	if(pipe(to) < 0 \|\| pipe(from) < 0) {
1533	irc_usermsg(irc, "otr keygen: couldn't create pipe: %s", strerror(errno));
1534	return;
1535	}
1536
1537	tof = fdopen(to[1], "w");
1538	fromf = fdopen(from[0], "r");
1539	if(!tof \|\| !fromf) {
1540	irc_usermsg(irc, "otr keygen: couldn't streamify pipe: %s", strerror(errno));
1541	return;
1542	}
1543
1544	p = fork();
1545	if(p<0) {
1546	irc_usermsg(irc, "otr keygen: couldn't fork: %s", strerror(errno));
1547	return;
1548	}
1549
1550	if(!p) {
1551	/* child process */
1552	signal(SIGTERM, exit);
1553	keygen_child_main(irc->otr->us, to[0], from[1]);
1554	exit(0);
1555	}
1556
1557	irc->otr->keygen = p;
1558	irc->otr->to = tof;
1559	irc->otr->from = fromf;
1560	irc->otr->sent_accountname = NULL;
1561	irc->otr->sent_protocol = NULL;
1562	irc->otr->todo = NULL;
1563	b_input_add(from[0], GAIM_INPUT_READ, keygen_finish_handler, irc);
1564	}
1565
1566	/* is the keygen slave currently working? */
1567	if(irc->otr->sent_accountname) {
1568	/* enqueue our job for later transmission */
1569	kg_t **kg = &irc->otr->todo;
1570	while(*kg)
1571	kg=&((*kg)->next);
1572	*kg = g_new0(kg_t, 1);
1573	(*kg)->accountname = g_strdup(handle);
1574	(*kg)->protocol = g_strdup(protocol);
1575	} else {
1576	/* send our job over and remember it */
1577	fprintf(irc->otr->to, "%s\n%s\n", handle, protocol);
1578	fflush(irc->otr->to);
1579	irc->otr->sent_accountname = g_strdup(handle);
1580	irc->otr->sent_protocol = g_strdup(protocol);
1581	}
1582	}
1583
1584	void keygen_child_main(OtrlUserState us, int infd, int outfd)
1585	{
1586	FILE input, output;
1587	char filename[128], accountname[512], protocol[512];
1588	gcry_error_t e;
1589	int tempfd;
1590
1591	input = fdopen(infd, "r");
1592	output = fdopen(outfd, "w");
1593
1594	while(!feof(input) && !ferror(input) && !feof(output) && !ferror(output)) {
1595	myfgets(accountname, 512, input);
1596	myfgets(protocol, 512, input);
1597
1598	strncpy(filename, "/tmp/bitlbee-XXXXXX", 128);
1599	tempfd = mkstemp(filename);
1600	close(tempfd);
1601
1602	e = otrl_privkey_generate(us, filename, accountname, protocol);
1603	if(e) {
1604	fprintf(output, "\n"); /* this means failure */
1605	fprintf(output, "otr keygen: %s\n", gcry_strerror(e));
1606	unlink(filename);
1607	} else {
1608	fprintf(output, "%s\n", filename);
1609	fprintf(output, "otr keygen for %s/%s complete\n", accountname, protocol);
1610	}
1611	fflush(output);
1612	}
1613
1614	fclose(input);
1615	fclose(output);
1616	}
1617
1618	gboolean keygen_finish_handler(gpointer data, gint fd, b_input_condition cond)
1619	{
1620	irc_t irc = (irc_t )data;
1621	char filename[512], msg[512];
1622
1623	myfgets(filename, 512, irc->otr->from);
1624	myfgets(msg, 512, irc->otr->from);
1625
1626	irc_usermsg(irc, "%s", msg);
1627	if(filename[0]) {
1628	char *kf = g_strdup_printf("%s%s.otr_keys", global.conf->configdir, irc->nick);
1629	char *tmp = g_strdup_printf("%s.new", kf);
1630	copyfile(filename, tmp);
1631	unlink(filename);
1632	rename(tmp,kf);
1633	otrl_privkey_read(irc->otr->us, kf);
1634	g_free(kf);
1635	g_free(tmp);
1636	}
1637
1638	/* forget this job */
1639	g_free(irc->otr->sent_accountname);
1640	g_free(irc->otr->sent_protocol);
1641	irc->otr->sent_accountname = NULL;
1642	irc->otr->sent_protocol = NULL;
1643
1644	/* see if there are any more in the queue */
1645	if(irc->otr->todo) {
1646	kg_t *p = irc->otr->todo;
1647	/* send the next one over */
1648	fprintf(irc->otr->to, "%s\n%s\n", p->accountname, p->protocol);
1649	fflush(irc->otr->to);
1650	irc->otr->sent_accountname = p->accountname;
1651	irc->otr->sent_protocol = p->protocol;
1652	irc->otr->todo = p->next;
1653	g_free(p);
1654	return TRUE; /* keep watching */
1655	} else {
1656	/* okay, the slave is idle now, so kill him */
1657	fclose(irc->otr->from);
1658	fclose(irc->otr->to);
1659	kill(irc->otr->keygen, SIGTERM);
1660	waitpid(irc->otr->keygen, NULL, 0);
1661	irc->otr->keygen = 0;
1662	return FALSE; /* unregister ourselves */
1663	}
1664	}
1665
1666	void copyfile(const char a, const char b)
1667	{
1668	int fda, fdb;
1669	int n;
1670	char buf[1024];
1671
1672	fda = open(a, O_RDONLY);
1673	fdb = open(b, O_WRONLY \| O_CREAT \| O_TRUNC, 0600);
1674
1675	while((n=read(fda, buf, 1024)) > 0)
1676	write(fdb, buf, n);
1677
1678	close(fda);
1679	close(fdb);
1680	}
1681
1682	void myfgets(char s, int size, FILE stream)
1683	{
1684	if(!fgets(s, size, stream)) {
1685	s[0] = '\0';
1686	} else {
1687	int n = strlen(s);
1688	if(n>0 && s[n-1] == '\n')
1689	s[n-1] = '\0';
1690	}
1691	}
1692
1693	void yes_keygen(void *data)
1694	{
1695	account_t acc = (account_t )data;
1696
1697	if(keygen_in_progress(acc->irc, acc->user, acc->prpl->name)) {
1698	irc_usermsg(acc->irc, "keygen for %s/%s already in progress",
1699	acc->user, acc->prpl->name);
1700	} else {
1701	irc_usermsg(acc->irc, "starting background keygen for %s/%s",
1702	acc->user, acc->prpl->name);
1703	irc_usermsg(acc->irc, "you will be notified when it completes");
1704	otr_keygen(acc->irc, acc->user, acc->prpl->name);
1705	}
1706	}
1707
1708
1709	#else /* WITH_OTR undefined */
1710
1711	void cmd_otr(irc_t irc, char *args)
1712	{
1713	irc_usermsg(irc, "otr: n/a, compiled without OTR support");
1714	}
1715
1716	#endif

Note: See TracBrowser for help on using the repository browser.

Download in other formats: