1 | /********************************************************************\ |
---|
2 | * BitlBee -- An IRC to other IM-networks gateway * |
---|
3 | * * |
---|
4 | * Copyright 2002-2012 Wilmer van der Gaast and others * |
---|
5 | \********************************************************************/ |
---|
6 | |
---|
7 | /* |
---|
8 | OTR support (cf. http://www.cypherpunks.ca/otr/) |
---|
9 | |
---|
10 | (c) 2008-2011,2013 Sven Moritz Hallberg <pesco@khjk.org> |
---|
11 | funded by stonedcoder.org |
---|
12 | |
---|
13 | files used to store OTR data: |
---|
14 | <configdir>/<nick>.otr_keys |
---|
15 | <configdir>/<nick>.otr_fprints |
---|
16 | |
---|
17 | top-level todos: (search for TODO for more ;-)) |
---|
18 | integrate otr_load/otr_save with existing storage backends |
---|
19 | per-account policy settings |
---|
20 | per-user policy settings |
---|
21 | */ |
---|
22 | |
---|
23 | /* |
---|
24 | This program is free software; you can redistribute it and/or modify |
---|
25 | it under the terms of the GNU General Public License as published by |
---|
26 | the Free Software Foundation; either version 2 of the License, or |
---|
27 | (at your option) any later version. |
---|
28 | |
---|
29 | This program is distributed in the hope that it will be useful, |
---|
30 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
31 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
32 | GNU General Public License for more details. |
---|
33 | |
---|
34 | You should have received a copy of the GNU General Public License with |
---|
35 | the Debian GNU/Linux distribution in /usr/share/common-licenses/GPL; |
---|
36 | if not, write to the Free Software Foundation, Inc., 59 Temple Place, |
---|
37 | Suite 330, Boston, MA 02111-1307 USA |
---|
38 | */ |
---|
39 | |
---|
40 | #include "bitlbee.h" |
---|
41 | #include "irc.h" |
---|
42 | #include "otr.h" |
---|
43 | #include <sys/types.h> |
---|
44 | #include <sys/wait.h> |
---|
45 | #include <unistd.h> |
---|
46 | #include <assert.h> |
---|
47 | #include <signal.h> |
---|
48 | |
---|
49 | |
---|
50 | /** OTR interface routines for the OtrlMessageAppOps struct: **/ |
---|
51 | |
---|
52 | OtrlPolicy op_policy(void *opdata, ConnContext *context); |
---|
53 | |
---|
54 | void op_create_privkey(void *opdata, const char *accountname, const char *protocol); |
---|
55 | |
---|
56 | int op_is_logged_in(void *opdata, const char *accountname, const char *protocol, |
---|
57 | const char *recipient); |
---|
58 | |
---|
59 | void op_inject_message(void *opdata, const char *accountname, const char *protocol, |
---|
60 | const char *recipient, const char *message); |
---|
61 | |
---|
62 | void op_new_fingerprint(void *opdata, OtrlUserState us, const char *accountname, |
---|
63 | const char *protocol, const char *username, unsigned char fingerprint[20]); |
---|
64 | |
---|
65 | void op_write_fingerprints(void *opdata); |
---|
66 | |
---|
67 | void op_gone_secure(void *opdata, ConnContext *context); |
---|
68 | |
---|
69 | void op_gone_insecure(void *opdata, ConnContext *context); |
---|
70 | |
---|
71 | void op_still_secure(void *opdata, ConnContext *context, int is_reply); |
---|
72 | |
---|
73 | void op_log_message(void *opdata, const char *message); |
---|
74 | |
---|
75 | int op_max_message_size(void *opdata, ConnContext *context); |
---|
76 | |
---|
77 | const char *op_account_name(void *opdata, const char *account, const char *protocol); |
---|
78 | |
---|
79 | void op_convert_msg(void *opdata, ConnContext *ctx, OtrlConvertType typ, |
---|
80 | char **dst, const char *src); |
---|
81 | void op_convert_free(void *opdata, ConnContext *ctx, char *msg); |
---|
82 | |
---|
83 | void op_handle_smp_event(void *opdata, OtrlSMPEvent ev, ConnContext *ctx, |
---|
84 | unsigned short percent, char *question); |
---|
85 | |
---|
86 | void op_handle_msg_event(void *opdata, OtrlMessageEvent ev, ConnContext *ctx, |
---|
87 | const char *message, gcry_error_t err); |
---|
88 | |
---|
89 | const char *op_otr_error_message(void *opdata, ConnContext *ctx, |
---|
90 | OtrlErrorCode err_code); |
---|
91 | |
---|
92 | /** otr sub-command handlers: **/ |
---|
93 | |
---|
94 | static void cmd_otr(irc_t *irc, char **args); |
---|
95 | void cmd_otr_connect(irc_t *irc, char **args); |
---|
96 | void cmd_otr_disconnect(irc_t *irc, char **args); |
---|
97 | void cmd_otr_reconnect(irc_t *irc, char **args); |
---|
98 | void cmd_otr_smp(irc_t *irc, char **args); |
---|
99 | void cmd_otr_smpq(irc_t *irc, char **args); |
---|
100 | void cmd_otr_trust(irc_t *irc, char **args); |
---|
101 | void cmd_otr_info(irc_t *irc, char **args); |
---|
102 | void cmd_otr_keygen(irc_t *irc, char **args); |
---|
103 | void cmd_otr_forget(irc_t *irc, char **args); |
---|
104 | |
---|
105 | const command_t otr_commands[] = { |
---|
106 | { "connect", 1, &cmd_otr_connect, 0 }, |
---|
107 | { "disconnect", 1, &cmd_otr_disconnect, 0 }, |
---|
108 | { "reconnect", 1, &cmd_otr_reconnect, 0 }, |
---|
109 | { "smp", 2, &cmd_otr_smp, 0 }, |
---|
110 | { "smpq", 3, &cmd_otr_smpq, 0 }, |
---|
111 | { "trust", 6, &cmd_otr_trust, 0 }, |
---|
112 | { "info", 0, &cmd_otr_info, 0 }, |
---|
113 | { "keygen", 1, &cmd_otr_keygen, 0 }, |
---|
114 | { "forget", 2, &cmd_otr_forget, 0 }, |
---|
115 | { NULL } |
---|
116 | }; |
---|
117 | |
---|
118 | typedef struct { |
---|
119 | void *fst; |
---|
120 | void *snd; |
---|
121 | } pair_t; |
---|
122 | |
---|
123 | static OtrlMessageAppOps otr_ops; /* collects interface functions required by OTR */ |
---|
124 | |
---|
125 | |
---|
126 | /** misc. helpers/subroutines: **/ |
---|
127 | |
---|
128 | /* check whether we are already generating a key for a given account */ |
---|
129 | int keygen_in_progress(irc_t *irc, const char *handle, const char *protocol); |
---|
130 | |
---|
131 | /* start background process to generate a (new) key for a given account */ |
---|
132 | void otr_keygen(irc_t *irc, const char *handle, const char *protocol); |
---|
133 | |
---|
134 | /* main function for the forked keygen slave */ |
---|
135 | void keygen_child_main(OtrlUserState us, int infd, int outfd); |
---|
136 | |
---|
137 | /* mainloop handler for when a keygen finishes */ |
---|
138 | gboolean keygen_finish_handler(gpointer data, gint fd, b_input_condition cond); |
---|
139 | |
---|
140 | /* copy the contents of file a to file b, overwriting it if it exists */ |
---|
141 | void copyfile(const char *a, const char *b); |
---|
142 | |
---|
143 | /* read one line of input from a stream, excluding trailing newline */ |
---|
144 | void myfgets(char *s, int size, FILE *stream); |
---|
145 | |
---|
146 | /* some yes/no handlers */ |
---|
147 | void yes_keygen(void *data); |
---|
148 | void yes_forget_fingerprint(void *data); |
---|
149 | void yes_forget_context(void *data); |
---|
150 | void yes_forget_key(void *data); |
---|
151 | |
---|
152 | /* timeout handler that calls otrl_message_poll */ |
---|
153 | gboolean ev_message_poll(gpointer data, gint fd, b_input_condition cond); |
---|
154 | |
---|
155 | /* helper to make sure accountname and protocol match the incoming "opdata" */ |
---|
156 | struct im_connection *check_imc(void *opdata, const char *accountname, |
---|
157 | const char *protocol); |
---|
158 | |
---|
159 | /* determine the nick for a given handle/protocol pair |
---|
160 | returns "handle/protocol" if not found */ |
---|
161 | const char *peernick(irc_t *irc, const char *handle, const char *protocol); |
---|
162 | |
---|
163 | /* turn a hexadecimal digit into its numerical value */ |
---|
164 | int hexval(char a); |
---|
165 | |
---|
166 | /* determine the irc_user_t for a given handle/protocol pair |
---|
167 | returns NULL if not found */ |
---|
168 | irc_user_t *peeruser(irc_t *irc, const char *handle, const char *protocol); |
---|
169 | |
---|
170 | /* show an otr-related message to the user */ |
---|
171 | void display_otr_message(void *opdata, ConnContext *ctx, const char *fmt, ...); |
---|
172 | |
---|
173 | /* write an otr-related message to the system log */ |
---|
174 | void log_otr_message(void *opdata, const char *fmt, ...); |
---|
175 | |
---|
176 | /* combined handler for the 'otr smp' and 'otr smpq' commands */ |
---|
177 | void otr_smp_or_smpq(irc_t *irc, const char *nick, const char *question, |
---|
178 | const char *secret); |
---|
179 | |
---|
180 | /* update flags within the irc_user structure to reflect OTR status of context */ |
---|
181 | void otr_update_uflags(ConnContext *context, irc_user_t *u); |
---|
182 | |
---|
183 | /* update op/voice flag of given user according to encryption state and settings |
---|
184 | returns 0 if neither op_buddies nor voice_buddies is set to "encrypted", |
---|
185 | i.e. msgstate should be announced seperately */ |
---|
186 | int otr_update_modeflags(irc_t *irc, irc_user_t *u); |
---|
187 | |
---|
188 | /* show general info about the OTR subsystem; called by 'otr info' */ |
---|
189 | void show_general_otr_info(irc_t *irc); |
---|
190 | |
---|
191 | /* show info about a given OTR context */ |
---|
192 | void show_otr_context_info(irc_t *irc, ConnContext *ctx); |
---|
193 | |
---|
194 | /* show the list of fingerprints associated with a given context */ |
---|
195 | void show_fingerprints(irc_t *irc, ConnContext *ctx); |
---|
196 | |
---|
197 | /* find a fingerprint by prefix (given as any number of hex strings) */ |
---|
198 | Fingerprint *match_fingerprint(irc_t *irc, ConnContext *ctx, const char **args); |
---|
199 | |
---|
200 | /* find a private key by fingerprint prefix (given as any number of hex strings) */ |
---|
201 | OtrlPrivKey *match_privkey(irc_t *irc, const char **args); |
---|
202 | |
---|
203 | /* check whether a string is safe to use in a path component */ |
---|
204 | int strsane(const char *s); |
---|
205 | |
---|
206 | /* functions to be called for certain events */ |
---|
207 | static const struct irc_plugin otr_plugin; |
---|
208 | |
---|
209 | |
---|
210 | /*** routines declared in otr.h: ***/ |
---|
211 | |
---|
212 | #ifdef OTR_BI |
---|
213 | #define init_plugin otr_init |
---|
214 | #endif |
---|
215 | |
---|
216 | void init_plugin(void) |
---|
217 | { |
---|
218 | OTRL_INIT; |
---|
219 | |
---|
220 | /* fill global OtrlMessageAppOps */ |
---|
221 | otr_ops.policy = &op_policy; |
---|
222 | otr_ops.create_privkey = &op_create_privkey; |
---|
223 | otr_ops.is_logged_in = &op_is_logged_in; |
---|
224 | otr_ops.inject_message = &op_inject_message; |
---|
225 | otr_ops.update_context_list = NULL; |
---|
226 | otr_ops.new_fingerprint = &op_new_fingerprint; |
---|
227 | otr_ops.write_fingerprints = &op_write_fingerprints; |
---|
228 | otr_ops.gone_secure = &op_gone_secure; |
---|
229 | otr_ops.gone_insecure = &op_gone_insecure; |
---|
230 | otr_ops.still_secure = &op_still_secure; |
---|
231 | otr_ops.max_message_size = &op_max_message_size; |
---|
232 | otr_ops.account_name = &op_account_name; |
---|
233 | otr_ops.account_name_free = NULL; |
---|
234 | |
---|
235 | /* stuff added with libotr 4.0.0 */ |
---|
236 | otr_ops.received_symkey = NULL; /* we don't use the extra key */ |
---|
237 | otr_ops.otr_error_message = &op_otr_error_message; |
---|
238 | otr_ops.otr_error_message_free = NULL; |
---|
239 | otr_ops.resent_msg_prefix = NULL; /* default: [resent] */ |
---|
240 | otr_ops.resent_msg_prefix_free = NULL; |
---|
241 | otr_ops.handle_smp_event = &op_handle_smp_event; |
---|
242 | otr_ops.handle_msg_event = &op_handle_msg_event; |
---|
243 | otr_ops.create_instag = NULL; // XXX |
---|
244 | otr_ops.convert_msg = &op_convert_msg; |
---|
245 | otr_ops.convert_free = &op_convert_free; |
---|
246 | otr_ops.timer_control = NULL; /* we just poll */ |
---|
247 | |
---|
248 | root_command_add( "otr", 1, cmd_otr, 0 ); |
---|
249 | register_irc_plugin( &otr_plugin ); |
---|
250 | } |
---|
251 | |
---|
252 | gboolean otr_irc_new(irc_t *irc) |
---|
253 | { |
---|
254 | set_t *s; |
---|
255 | GSList *l; |
---|
256 | |
---|
257 | irc->otr = g_new0(otr_t, 1); |
---|
258 | irc->otr->us = otrl_userstate_create(); |
---|
259 | |
---|
260 | s = set_add( &irc->b->set, "otr_color_encrypted", "true", set_eval_bool, irc ); |
---|
261 | |
---|
262 | s = set_add( &irc->b->set, "otr_policy", "opportunistic", set_eval_list, irc ); |
---|
263 | l = g_slist_prepend( NULL, "never" ); |
---|
264 | l = g_slist_prepend( l, "opportunistic" ); |
---|
265 | l = g_slist_prepend( l, "manual" ); |
---|
266 | l = g_slist_prepend( l, "always" ); |
---|
267 | s->eval_data = l; |
---|
268 | |
---|
269 | s = set_add( &irc->b->set, "otr_does_html", "true", set_eval_bool, irc ); |
---|
270 | |
---|
271 | /* regularly call otrl_message_poll */ |
---|
272 | gint definterval = otrl_message_poll_get_default_interval(irc->otr->us); |
---|
273 | irc->otr->timer = b_timeout_add(definterval, ev_message_poll, irc->otr); |
---|
274 | |
---|
275 | return TRUE; |
---|
276 | } |
---|
277 | |
---|
278 | void otr_irc_free(irc_t *irc) |
---|
279 | { |
---|
280 | otr_t *otr = irc->otr; |
---|
281 | b_event_remove(otr->timer); |
---|
282 | otrl_userstate_free(otr->us); |
---|
283 | if(otr->keygen) { |
---|
284 | kill(otr->keygen, SIGTERM); |
---|
285 | waitpid(otr->keygen, NULL, 0); |
---|
286 | /* TODO: remove stale keygen tempfiles */ |
---|
287 | } |
---|
288 | if(otr->to) |
---|
289 | fclose(otr->to); |
---|
290 | if(otr->from) |
---|
291 | fclose(otr->from); |
---|
292 | while(otr->todo) { |
---|
293 | kg_t *p = otr->todo; |
---|
294 | otr->todo = p->next; |
---|
295 | g_free(p); |
---|
296 | } |
---|
297 | g_free(otr); |
---|
298 | } |
---|
299 | |
---|
300 | void otr_load(irc_t *irc) |
---|
301 | { |
---|
302 | char s[512]; |
---|
303 | account_t *a; |
---|
304 | gcry_error_t e; |
---|
305 | gcry_error_t enoent = gcry_error_from_errno(ENOENT); |
---|
306 | int kg=0; |
---|
307 | |
---|
308 | if(strsane(irc->user->nick)) { |
---|
309 | g_snprintf(s, 511, "%s%s.otr_keys", global.conf->configdir, irc->user->nick); |
---|
310 | e = otrl_privkey_read(irc->otr->us, s); |
---|
311 | if(e && e!=enoent) { |
---|
312 | irc_rootmsg(irc, "otr load: %s: %s", s, gcry_strerror(e)); |
---|
313 | } |
---|
314 | g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, irc->user->nick); |
---|
315 | e = otrl_privkey_read_fingerprints(irc->otr->us, s, NULL, NULL); |
---|
316 | if(e && e!=enoent) { |
---|
317 | irc_rootmsg(irc, "otr load: %s: %s", s, gcry_strerror(e)); |
---|
318 | } |
---|
319 | } |
---|
320 | |
---|
321 | /* check for otr keys on all accounts */ |
---|
322 | for(a=irc->b->accounts; a; a=a->next) { |
---|
323 | kg = otr_check_for_key(a) || kg; |
---|
324 | } |
---|
325 | if(kg) { |
---|
326 | irc_rootmsg(irc, "Notice: " |
---|
327 | "The accounts above do not have OTR encryption keys associated with them, yet. " |
---|
328 | "These keys are now being generated in the background. " |
---|
329 | "You will be notified as they are completed. " |
---|
330 | "It is not necessary to wait; " |
---|
331 | "BitlBee can be used normally during key generation. " |
---|
332 | "You may safely ignore this message if you don't know what OTR is. ;)"); |
---|
333 | } |
---|
334 | } |
---|
335 | |
---|
336 | void otr_save(irc_t *irc) |
---|
337 | { |
---|
338 | char s[512]; |
---|
339 | gcry_error_t e; |
---|
340 | |
---|
341 | if(strsane(irc->user->nick)) { |
---|
342 | g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, irc->user->nick); |
---|
343 | e = otrl_privkey_write_fingerprints(irc->otr->us, s); |
---|
344 | if(e) { |
---|
345 | irc_rootmsg(irc, "otr save: %s: %s", s, gcry_strerror(e)); |
---|
346 | } |
---|
347 | chmod(s, 0600); |
---|
348 | } |
---|
349 | } |
---|
350 | |
---|
351 | void otr_remove(const char *nick) |
---|
352 | { |
---|
353 | char s[512]; |
---|
354 | |
---|
355 | if(strsane(nick)) { |
---|
356 | g_snprintf(s, 511, "%s%s.otr_keys", global.conf->configdir, nick); |
---|
357 | unlink(s); |
---|
358 | g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, nick); |
---|
359 | unlink(s); |
---|
360 | } |
---|
361 | } |
---|
362 | |
---|
363 | void otr_rename(const char *onick, const char *nnick) |
---|
364 | { |
---|
365 | char s[512], t[512]; |
---|
366 | |
---|
367 | if(strsane(nnick) && strsane(onick)) { |
---|
368 | g_snprintf(s, 511, "%s%s.otr_keys", global.conf->configdir, onick); |
---|
369 | g_snprintf(t, 511, "%s%s.otr_keys", global.conf->configdir, nnick); |
---|
370 | rename(s,t); |
---|
371 | g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, onick); |
---|
372 | g_snprintf(t, 511, "%s%s.otr_fprints", global.conf->configdir, nnick); |
---|
373 | rename(s,t); |
---|
374 | } |
---|
375 | } |
---|
376 | |
---|
377 | int otr_check_for_key(account_t *a) |
---|
378 | { |
---|
379 | irc_t *irc = a->bee->ui_data; |
---|
380 | OtrlPrivKey *k; |
---|
381 | |
---|
382 | /* don't do OTR on certain (not classic IM) protocols, e.g. twitter */ |
---|
383 | if(a->prpl->options & OPT_NOOTR) { |
---|
384 | return 0; |
---|
385 | } |
---|
386 | |
---|
387 | k = otrl_privkey_find(irc->otr->us, a->user, a->prpl->name); |
---|
388 | if(k) { |
---|
389 | irc_rootmsg(irc, "otr: %s/%s ready", a->user, a->prpl->name); |
---|
390 | return 0; |
---|
391 | } if(keygen_in_progress(irc, a->user, a->prpl->name)) { |
---|
392 | irc_rootmsg(irc, "otr: keygen for %s/%s already in progress", a->user, a->prpl->name); |
---|
393 | return 0; |
---|
394 | } else { |
---|
395 | irc_rootmsg(irc, "otr: starting background keygen for %s/%s", a->user, a->prpl->name); |
---|
396 | otr_keygen(irc, a->user, a->prpl->name); |
---|
397 | return 1; |
---|
398 | } |
---|
399 | } |
---|
400 | |
---|
401 | char *otr_filter_msg_in(irc_user_t *iu, char *msg, int flags) |
---|
402 | { |
---|
403 | int ignore_msg; |
---|
404 | char *newmsg = NULL; |
---|
405 | OtrlTLV *tlvs = NULL; |
---|
406 | irc_t *irc = iu->irc; |
---|
407 | struct im_connection *ic = iu->bu->ic; |
---|
408 | |
---|
409 | /* don't do OTR on certain (not classic IM) protocols, e.g. twitter */ |
---|
410 | if(ic->acc->prpl->options & OPT_NOOTR) { |
---|
411 | return msg; |
---|
412 | } |
---|
413 | |
---|
414 | ignore_msg = otrl_message_receiving(irc->otr->us, &otr_ops, ic, |
---|
415 | ic->acc->user, ic->acc->prpl->name, iu->bu->handle, msg, &newmsg, |
---|
416 | &tlvs, NULL, NULL, NULL); |
---|
417 | |
---|
418 | if(ignore_msg) { |
---|
419 | /* this was an internal OTR protocol message */ |
---|
420 | return NULL; |
---|
421 | } else if(!newmsg) { |
---|
422 | /* this was a non-OTR message */ |
---|
423 | return msg; |
---|
424 | } else { |
---|
425 | /* we're done with the original msg, which will be caller-freed. */ |
---|
426 | return newmsg; |
---|
427 | } |
---|
428 | } |
---|
429 | |
---|
430 | char *otr_filter_msg_out(irc_user_t *iu, char *msg, int flags) |
---|
431 | { |
---|
432 | int st; |
---|
433 | char *otrmsg = NULL; |
---|
434 | char *emsg = msg; /* the message as we hand it to libotr */ |
---|
435 | ConnContext *ctx = NULL; |
---|
436 | irc_t *irc = iu->irc; |
---|
437 | struct im_connection *ic = iu->bu->ic; |
---|
438 | otrl_instag_t instag = OTRL_INSTAG_RECENT; // XXX? |
---|
439 | |
---|
440 | /* don't do OTR on certain (not classic IM) protocols, e.g. twitter */ |
---|
441 | if(ic->acc->prpl->options & OPT_NOOTR) { |
---|
442 | return msg; |
---|
443 | } |
---|
444 | |
---|
445 | st = otrl_message_sending(irc->otr->us, &otr_ops, ic, |
---|
446 | ic->acc->user, ic->acc->prpl->name, iu->bu->handle, instag, |
---|
447 | emsg, NULL, &otrmsg, OTRL_FRAGMENT_SEND_ALL, &ctx, NULL, NULL); |
---|
448 | /* in libotr 4.0.0 with OTRL_FRAGMENT_SEND_ALL, otrmsg must be passed |
---|
449 | * but the value it gets carries no meaning. it can be set even though |
---|
450 | * the message has been injected. */ |
---|
451 | |
---|
452 | if(emsg != msg) { |
---|
453 | g_free(emsg); /* we're done with this one */ |
---|
454 | } |
---|
455 | if(st) { |
---|
456 | /* TODO: Error reporting? */ |
---|
457 | } |
---|
458 | |
---|
459 | return NULL; |
---|
460 | } |
---|
461 | |
---|
462 | static const struct irc_plugin otr_plugin = |
---|
463 | { |
---|
464 | otr_irc_new, |
---|
465 | otr_irc_free, |
---|
466 | otr_filter_msg_out, |
---|
467 | otr_filter_msg_in, |
---|
468 | otr_load, |
---|
469 | otr_save, |
---|
470 | otr_remove, |
---|
471 | }; |
---|
472 | |
---|
473 | static void cmd_otr(irc_t *irc, char **args) |
---|
474 | { |
---|
475 | const command_t *cmd; |
---|
476 | |
---|
477 | if(!args[0]) |
---|
478 | return; |
---|
479 | |
---|
480 | if(!args[1]) |
---|
481 | return; |
---|
482 | |
---|
483 | for(cmd=otr_commands; cmd->command; cmd++) { |
---|
484 | if(strcmp(cmd->command, args[1]) == 0) |
---|
485 | break; |
---|
486 | } |
---|
487 | |
---|
488 | if(!cmd->command) { |
---|
489 | irc_rootmsg(irc, "%s: unknown subcommand \"%s\", see \x02help otr\x02", |
---|
490 | args[0], args[1]); |
---|
491 | return; |
---|
492 | } |
---|
493 | |
---|
494 | if(!args[cmd->required_parameters+1]) { |
---|
495 | irc_rootmsg(irc, "%s %s: not enough arguments (%d req.)", |
---|
496 | args[0], args[1], cmd->required_parameters); |
---|
497 | return; |
---|
498 | } |
---|
499 | |
---|
500 | cmd->execute(irc, args+1); |
---|
501 | } |
---|
502 | |
---|
503 | |
---|
504 | /*** OTR "MessageAppOps" callbacks for global.otr_ui: ***/ |
---|
505 | |
---|
506 | OtrlPolicy op_policy(void *opdata, ConnContext *context) |
---|
507 | { |
---|
508 | struct im_connection *ic = check_imc(opdata, context->accountname, context->protocol); |
---|
509 | irc_t *irc = ic->bee->ui_data; |
---|
510 | const char *p; |
---|
511 | |
---|
512 | /* policy override during keygen: if we're missing the key for context but are currently |
---|
513 | generating it, then that's as much as we can do. => temporarily return NEVER. */ |
---|
514 | if(keygen_in_progress(irc, context->accountname, context->protocol) && |
---|
515 | !otrl_privkey_find(irc->otr->us, context->accountname, context->protocol)) |
---|
516 | return OTRL_POLICY_NEVER; |
---|
517 | |
---|
518 | p = set_getstr(&ic->bee->set, "otr_policy"); |
---|
519 | if(!strcmp(p, "never")) |
---|
520 | return OTRL_POLICY_NEVER; |
---|
521 | if(!strcmp(p, "opportunistic")) |
---|
522 | return OTRL_POLICY_OPPORTUNISTIC; |
---|
523 | if(!strcmp(p, "manual")) |
---|
524 | return OTRL_POLICY_MANUAL; |
---|
525 | if(!strcmp(p, "always")) |
---|
526 | return OTRL_POLICY_ALWAYS; |
---|
527 | |
---|
528 | return OTRL_POLICY_OPPORTUNISTIC; |
---|
529 | } |
---|
530 | |
---|
531 | void op_create_privkey(void *opdata, const char *accountname, |
---|
532 | const char *protocol) |
---|
533 | { |
---|
534 | struct im_connection *ic = check_imc(opdata, accountname, protocol); |
---|
535 | irc_t *irc = ic->bee->ui_data; |
---|
536 | |
---|
537 | /* will fail silently if keygen already in progress */ |
---|
538 | otr_keygen(irc, accountname, protocol); |
---|
539 | } |
---|
540 | |
---|
541 | int op_is_logged_in(void *opdata, const char *accountname, |
---|
542 | const char *protocol, const char *recipient) |
---|
543 | { |
---|
544 | struct im_connection *ic = check_imc(opdata, accountname, protocol); |
---|
545 | bee_user_t *bu; |
---|
546 | |
---|
547 | /* lookup the irc_user_t for the given recipient */ |
---|
548 | bu = bee_user_by_handle(ic->bee, ic, recipient); |
---|
549 | if(bu) { |
---|
550 | if(bu->flags & BEE_USER_ONLINE) |
---|
551 | return 1; |
---|
552 | else |
---|
553 | return 0; |
---|
554 | } else { |
---|
555 | return -1; |
---|
556 | } |
---|
557 | } |
---|
558 | |
---|
559 | void op_inject_message(void *opdata, const char *accountname, |
---|
560 | const char *protocol, const char *recipient, const char *message) |
---|
561 | { |
---|
562 | struct im_connection *ic = check_imc(opdata, accountname, protocol); |
---|
563 | irc_t *irc = ic->bee->ui_data; |
---|
564 | |
---|
565 | if (strcmp(accountname, recipient) == 0) { |
---|
566 | /* huh? injecting messages to myself? */ |
---|
567 | irc_rootmsg(irc, "note to self: %s", message); |
---|
568 | } else { |
---|
569 | /* need to drop some consts here :-( */ |
---|
570 | /* TODO: get flags into op_inject_message?! */ |
---|
571 | ic->acc->prpl->buddy_msg(ic, (char *)recipient, (char *)message, 0); |
---|
572 | /* ignoring return value :-/ */ |
---|
573 | } |
---|
574 | } |
---|
575 | |
---|
576 | void op_new_fingerprint(void *opdata, OtrlUserState us, |
---|
577 | const char *accountname, const char *protocol, |
---|
578 | const char *username, unsigned char fingerprint[20]) |
---|
579 | { |
---|
580 | struct im_connection *ic = check_imc(opdata, accountname, protocol); |
---|
581 | irc_t *irc = ic->bee->ui_data; |
---|
582 | irc_user_t *u = peeruser(irc, username, protocol); |
---|
583 | char hunam[45]; /* anybody looking? ;-) */ |
---|
584 | |
---|
585 | otrl_privkey_hash_to_human(hunam, fingerprint); |
---|
586 | if(u) { |
---|
587 | irc_usernotice(u, "new fingerprint: %s", hunam); |
---|
588 | } else { |
---|
589 | /* this case shouldn't normally happen */ |
---|
590 | irc_rootmsg(irc, "new fingerprint for %s/%s: %s", |
---|
591 | username, protocol, hunam); |
---|
592 | } |
---|
593 | } |
---|
594 | |
---|
595 | void op_write_fingerprints(void *opdata) |
---|
596 | { |
---|
597 | struct im_connection *ic = (struct im_connection *)opdata; |
---|
598 | irc_t *irc = ic->bee->ui_data; |
---|
599 | |
---|
600 | otr_save(irc); |
---|
601 | } |
---|
602 | |
---|
603 | void op_gone_secure(void *opdata, ConnContext *context) |
---|
604 | { |
---|
605 | struct im_connection *ic = |
---|
606 | check_imc(opdata, context->accountname, context->protocol); |
---|
607 | irc_user_t *u; |
---|
608 | irc_t *irc = ic->bee->ui_data; |
---|
609 | |
---|
610 | u = peeruser(irc, context->username, context->protocol); |
---|
611 | if(!u) { |
---|
612 | log_message(LOGLVL_ERROR, |
---|
613 | "BUG: otr.c: op_gone_secure: irc_user_t for %s/%s/%s not found!", |
---|
614 | context->username, context->protocol, context->accountname); |
---|
615 | return; |
---|
616 | } |
---|
617 | |
---|
618 | otr_update_uflags(context, u); |
---|
619 | if(!otr_update_modeflags(irc, u)) { |
---|
620 | char *trust = u->flags & IRC_USER_OTR_TRUSTED ? "trusted" : "untrusted!"; |
---|
621 | irc_usernotice(u, "conversation is now off the record (%s)", trust); |
---|
622 | } |
---|
623 | } |
---|
624 | |
---|
625 | void op_gone_insecure(void *opdata, ConnContext *context) |
---|
626 | { |
---|
627 | struct im_connection *ic = |
---|
628 | check_imc(opdata, context->accountname, context->protocol); |
---|
629 | irc_t *irc = ic->bee->ui_data; |
---|
630 | irc_user_t *u; |
---|
631 | |
---|
632 | u = peeruser(irc, context->username, context->protocol); |
---|
633 | if(!u) { |
---|
634 | log_message(LOGLVL_ERROR, |
---|
635 | "BUG: otr.c: op_gone_insecure: irc_user_t for %s/%s/%s not found!", |
---|
636 | context->username, context->protocol, context->accountname); |
---|
637 | return; |
---|
638 | } |
---|
639 | otr_update_uflags(context, u); |
---|
640 | if(!otr_update_modeflags(irc, u)) |
---|
641 | irc_usernotice(u, "conversation is now in cleartext"); |
---|
642 | } |
---|
643 | |
---|
644 | void op_still_secure(void *opdata, ConnContext *context, int is_reply) |
---|
645 | { |
---|
646 | struct im_connection *ic = |
---|
647 | check_imc(opdata, context->accountname, context->protocol); |
---|
648 | irc_t *irc = ic->bee->ui_data; |
---|
649 | irc_user_t *u; |
---|
650 | |
---|
651 | u = peeruser(irc, context->username, context->protocol); |
---|
652 | if(!u) { |
---|
653 | log_message(LOGLVL_ERROR, |
---|
654 | "BUG: otr.c: op_still_secure: irc_user_t for %s/%s/%s not found!", |
---|
655 | context->username, context->protocol, context->accountname); |
---|
656 | return; |
---|
657 | } |
---|
658 | |
---|
659 | otr_update_uflags(context, u); |
---|
660 | if(!otr_update_modeflags(irc, u)) { |
---|
661 | char *trust = u->flags & IRC_USER_OTR_TRUSTED ? "trusted" : "untrusted!"; |
---|
662 | irc_usernotice(u, "otr connection has been refreshed (%s)", trust); |
---|
663 | } |
---|
664 | } |
---|
665 | |
---|
666 | int op_max_message_size(void *opdata, ConnContext *context) |
---|
667 | { |
---|
668 | struct im_connection *ic = |
---|
669 | check_imc(opdata, context->accountname, context->protocol); |
---|
670 | |
---|
671 | return ic->acc->prpl->mms; |
---|
672 | } |
---|
673 | |
---|
674 | const char *op_account_name(void *opdata, const char *account, const char *protocol) |
---|
675 | { |
---|
676 | struct im_connection *ic = (struct im_connection *)opdata; |
---|
677 | irc_t *irc = ic->bee->ui_data; |
---|
678 | |
---|
679 | return peernick(irc, account, protocol); |
---|
680 | } |
---|
681 | |
---|
682 | void op_convert_msg(void *opdata, ConnContext *ctx, OtrlConvertType typ, |
---|
683 | char **dst, const char *src) |
---|
684 | { |
---|
685 | struct im_connection *ic = |
---|
686 | check_imc(opdata, ctx->accountname, ctx->protocol); |
---|
687 | irc_t *irc = ic->bee->ui_data; |
---|
688 | irc_user_t *iu = peeruser(irc, ctx->username, ctx->protocol); |
---|
689 | |
---|
690 | if(typ == OTRL_CONVERT_RECEIVING) { |
---|
691 | char *msg = g_strdup(src); |
---|
692 | |
---|
693 | /* HTML decoding */ |
---|
694 | if(set_getbool(&ic->bee->set, "otr_does_html") && |
---|
695 | !(ic->flags & OPT_DOES_HTML) && |
---|
696 | set_getbool(&ic->bee->set, "strip_html")) { |
---|
697 | strip_html(msg); |
---|
698 | *dst = msg; |
---|
699 | } |
---|
700 | |
---|
701 | /* coloring */ |
---|
702 | if(set_getbool(&ic->bee->set, "otr_color_encrypted")) { |
---|
703 | int color; /* color according to f'print trust */ |
---|
704 | char *pre="", *sep=""; /* optional parts */ |
---|
705 | const char *trust = ctx->active_fingerprint->trust; |
---|
706 | |
---|
707 | if(trust && trust[0] != '\0') |
---|
708 | color=3; /* green */ |
---|
709 | else |
---|
710 | color=5; /* red */ |
---|
711 | |
---|
712 | /* in a query window, keep "/me " uncolored at the beginning */ |
---|
713 | if(g_strncasecmp(msg, "/me ", 4) == 0 |
---|
714 | && irc_user_msgdest(iu) == irc->user->nick) { |
---|
715 | msg += 4; /* skip */ |
---|
716 | pre = "/me "; |
---|
717 | } |
---|
718 | |
---|
719 | /* comma in first place could mess with the color code */ |
---|
720 | if(msg[0] == ',') { |
---|
721 | /* insert a space between color spec and message */ |
---|
722 | sep = " "; |
---|
723 | } |
---|
724 | |
---|
725 | *dst = g_strdup_printf("%s\x03%.2d%s%s\x0F", pre, |
---|
726 | color, sep, msg); |
---|
727 | g_free(msg); |
---|
728 | } |
---|
729 | } else { |
---|
730 | /* HTML encoding */ |
---|
731 | /* consider OTR plaintext to be HTML if otr_does_html is set */ |
---|
732 | if(ctx && ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED && |
---|
733 | set_getbool(&ic->bee->set, "otr_does_html") && |
---|
734 | (g_strncasecmp(src, "<html>", 6) != 0)) { |
---|
735 | *dst = escape_html(src); |
---|
736 | } |
---|
737 | } |
---|
738 | } |
---|
739 | |
---|
740 | void op_convert_free(void *opdata, ConnContext *ctx, char *msg) |
---|
741 | { |
---|
742 | g_free(msg); |
---|
743 | } |
---|
744 | |
---|
745 | /* Socialist Millionaires' Protocol */ |
---|
746 | void op_handle_smp_event(void *opdata, OtrlSMPEvent ev, ConnContext *ctx, |
---|
747 | unsigned short percent, char *question) |
---|
748 | { |
---|
749 | struct im_connection *ic = |
---|
750 | check_imc(opdata, ctx->accountname, ctx->protocol); |
---|
751 | irc_t *irc = ic->bee->ui_data; |
---|
752 | OtrlUserState us = irc->otr->us; |
---|
753 | irc_user_t *u = peeruser(irc, ctx->username, ctx->protocol); |
---|
754 | |
---|
755 | if(!u) return; |
---|
756 | |
---|
757 | switch(ev) { |
---|
758 | case OTRL_SMPEVENT_ASK_FOR_SECRET: |
---|
759 | irc_rootmsg(irc, "smp: initiated by %s" |
---|
760 | " - respond with \x02otr smp %s <secret>\x02", |
---|
761 | u->nick, u->nick); |
---|
762 | break; |
---|
763 | case OTRL_SMPEVENT_ASK_FOR_ANSWER: |
---|
764 | irc_rootmsg(irc, "smp: initiated by %s with question: \x02\"%s\"\x02", u->nick, |
---|
765 | question); |
---|
766 | irc_rootmsg(irc, "smp: respond with \x02otr smp %s <answer>\x02", |
---|
767 | u->nick); |
---|
768 | break; |
---|
769 | case OTRL_SMPEVENT_CHEATED: |
---|
770 | irc_rootmsg(irc, "smp %s: opponent violated protocol, aborting", |
---|
771 | u->nick); |
---|
772 | otrl_message_abort_smp(us, &otr_ops, u->bu->ic, ctx); |
---|
773 | otrl_sm_state_free(ctx->smstate); |
---|
774 | break; |
---|
775 | case OTRL_SMPEVENT_NONE: |
---|
776 | break; |
---|
777 | case OTRL_SMPEVENT_IN_PROGRESS: |
---|
778 | break; |
---|
779 | case OTRL_SMPEVENT_SUCCESS: |
---|
780 | if(ctx->smstate->received_question) { |
---|
781 | irc_rootmsg(irc, "smp %s: correct answer, you are trusted", |
---|
782 | u->nick); |
---|
783 | } else { |
---|
784 | irc_rootmsg(irc, "smp %s: secrets proved equal, fingerprint trusted", |
---|
785 | u->nick); |
---|
786 | } |
---|
787 | otrl_sm_state_free(ctx->smstate); |
---|
788 | break; |
---|
789 | case OTRL_SMPEVENT_FAILURE: |
---|
790 | if(ctx->smstate->received_question) { |
---|
791 | irc_rootmsg(irc, "smp %s: wrong answer, you are not trusted", |
---|
792 | u->nick); |
---|
793 | } else { |
---|
794 | irc_rootmsg(irc, "smp %s: secrets did not match, fingerprint not trusted", |
---|
795 | u->nick); |
---|
796 | } |
---|
797 | otrl_sm_state_free(ctx->smstate); |
---|
798 | break; |
---|
799 | case OTRL_SMPEVENT_ABORT: |
---|
800 | irc_rootmsg(irc, "smp: received abort from %s", u->nick); |
---|
801 | otrl_sm_state_free(ctx->smstate); |
---|
802 | break; |
---|
803 | case OTRL_SMPEVENT_ERROR: |
---|
804 | irc_rootmsg(irc, "smp %s: protocol error, aborting", |
---|
805 | u->nick); |
---|
806 | otrl_message_abort_smp(us, &otr_ops, u->bu->ic, ctx); |
---|
807 | otrl_sm_state_free(ctx->smstate); |
---|
808 | break; |
---|
809 | } |
---|
810 | } |
---|
811 | |
---|
812 | void op_handle_msg_event(void *opdata, OtrlMessageEvent ev, ConnContext *ctx, |
---|
813 | const char *message, gcry_error_t err) |
---|
814 | { |
---|
815 | switch(ev) { |
---|
816 | case OTRL_MSGEVENT_ENCRYPTION_REQUIRED: |
---|
817 | display_otr_message(opdata, ctx, |
---|
818 | "policy requires encryption - message not sent"); |
---|
819 | break; |
---|
820 | case OTRL_MSGEVENT_ENCRYPTION_ERROR: |
---|
821 | display_otr_message(opdata, ctx, |
---|
822 | "error during encryption - message not sent"); |
---|
823 | break; |
---|
824 | case OTRL_MSGEVENT_CONNECTION_ENDED: |
---|
825 | display_otr_message(opdata, ctx, |
---|
826 | "other end has disconnected OTR - " |
---|
827 | "close connection or reconnect!"); |
---|
828 | break; |
---|
829 | case OTRL_MSGEVENT_SETUP_ERROR: |
---|
830 | display_otr_message(opdata, ctx, |
---|
831 | "OTR connection failed: %s", gcry_strerror(err)); |
---|
832 | break; |
---|
833 | case OTRL_MSGEVENT_MSG_REFLECTED: |
---|
834 | display_otr_message(opdata, ctx, |
---|
835 | "received our own OTR message (!?)"); |
---|
836 | break; |
---|
837 | case OTRL_MSGEVENT_MSG_RESENT: |
---|
838 | display_otr_message(opdata, ctx, |
---|
839 | "the previous message was resent"); |
---|
840 | break; |
---|
841 | case OTRL_MSGEVENT_RCVDMSG_NOT_IN_PRIVATE: |
---|
842 | display_otr_message(opdata, ctx, |
---|
843 | "unexpected encrypted message received"); |
---|
844 | break; |
---|
845 | case OTRL_MSGEVENT_RCVDMSG_UNREADABLE: |
---|
846 | display_otr_message(opdata, ctx, |
---|
847 | "unreadable encrypted message received"); |
---|
848 | break; |
---|
849 | case OTRL_MSGEVENT_RCVDMSG_FOR_OTHER_INSTANCE: |
---|
850 | display_otr_message(opdata, ctx, |
---|
851 | "OTR message for a different instance received"); |
---|
852 | break; |
---|
853 | case OTRL_MSGEVENT_RCVDMSG_MALFORMED: |
---|
854 | display_otr_message(opdata, ctx, |
---|
855 | "malformed OTR message received"); |
---|
856 | break; |
---|
857 | case OTRL_MSGEVENT_RCVDMSG_GENERAL_ERR: |
---|
858 | display_otr_message(opdata, ctx, |
---|
859 | "OTR error message received: %s", message); |
---|
860 | break; |
---|
861 | case OTRL_MSGEVENT_RCVDMSG_UNENCRYPTED: |
---|
862 | display_otr_message(opdata, ctx, |
---|
863 | "unencrypted message received: %s", message); |
---|
864 | break; |
---|
865 | case OTRL_MSGEVENT_RCVDMSG_UNRECOGNIZED: |
---|
866 | display_otr_message(opdata, ctx, |
---|
867 | "unrecognized OTR message received"); |
---|
868 | break; |
---|
869 | default: |
---|
870 | /* ignore XXX log? */ |
---|
871 | break; |
---|
872 | } |
---|
873 | } |
---|
874 | |
---|
875 | const char *op_otr_error_message(void *opdata, ConnContext *ctx, |
---|
876 | OtrlErrorCode err_code) |
---|
877 | { |
---|
878 | switch(err_code) { |
---|
879 | case OTRL_ERRCODE_ENCRYPTION_ERROR: |
---|
880 | return "i failed to encrypt a message"; |
---|
881 | case OTRL_ERRCODE_MSG_NOT_IN_PRIVATE: |
---|
882 | return "you sent an encrypted message i didn't expect"; |
---|
883 | case OTRL_ERRCODE_MSG_UNREADABLE: |
---|
884 | return "could not read encrypted message"; |
---|
885 | case OTRL_ERRCODE_MSG_MALFORMED: |
---|
886 | return "you sent a malformed OTR message"; |
---|
887 | default: |
---|
888 | return "i suffered an unexpected OTR error"; |
---|
889 | } |
---|
890 | } |
---|
891 | |
---|
892 | |
---|
893 | |
---|
894 | /*** OTR sub-command handlers ***/ |
---|
895 | |
---|
896 | void cmd_otr_reconnect(irc_t *irc, char **args) |
---|
897 | { |
---|
898 | cmd_otr_disconnect(irc, args); |
---|
899 | cmd_otr_connect(irc, args); |
---|
900 | } |
---|
901 | |
---|
902 | void cmd_otr_disconnect(irc_t *irc, char **args) |
---|
903 | { |
---|
904 | irc_user_t *u; |
---|
905 | |
---|
906 | u = irc_user_by_name(irc, args[1]); |
---|
907 | if(!u || !u->bu || !u->bu->ic) { |
---|
908 | irc_rootmsg(irc, "%s: unknown user", args[1]); |
---|
909 | return; |
---|
910 | } |
---|
911 | |
---|
912 | /* XXX we disconnect all instances; is that what we want? */ |
---|
913 | otrl_message_disconnect_all_instances(irc->otr->us, &otr_ops, |
---|
914 | u->bu->ic, u->bu->ic->acc->user, u->bu->ic->acc->prpl->name, u->bu->handle); |
---|
915 | |
---|
916 | /* for some reason, libotr (4.0.0) doesn't do this itself: */ |
---|
917 | if(!(u->flags & IRC_USER_OTR_ENCRYPTED)) |
---|
918 | return; |
---|
919 | |
---|
920 | ConnContext *ctx, *p; |
---|
921 | ctx = otrl_context_find(irc->otr->us, u->bu->handle, u->bu->ic->acc->user, |
---|
922 | u->bu->ic->acc->prpl->name, OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL); |
---|
923 | if(!ctx) { /* huh? */ |
---|
924 | u->flags &= ( IRC_USER_OTR_ENCRYPTED | IRC_USER_OTR_TRUSTED ); |
---|
925 | return; |
---|
926 | } |
---|
927 | |
---|
928 | for(p=ctx; p && p->m_context == ctx->m_context; p=p->next) |
---|
929 | op_gone_insecure(u->bu->ic, p); |
---|
930 | } |
---|
931 | |
---|
932 | void cmd_otr_connect(irc_t *irc, char **args) |
---|
933 | { |
---|
934 | irc_user_t *u; |
---|
935 | |
---|
936 | u = irc_user_by_name(irc, args[1]); |
---|
937 | if(!u || !u->bu || !u->bu->ic) { |
---|
938 | irc_rootmsg(irc, "%s: unknown user", args[1]); |
---|
939 | return; |
---|
940 | } |
---|
941 | if(!(u->bu->flags & BEE_USER_ONLINE)) { |
---|
942 | irc_rootmsg(irc, "%s is offline", args[1]); |
---|
943 | return; |
---|
944 | } |
---|
945 | |
---|
946 | bee_user_msg(irc->b, u->bu, "?OTR?v2?", 0); |
---|
947 | } |
---|
948 | |
---|
949 | void cmd_otr_smp(irc_t *irc, char **args) |
---|
950 | { |
---|
951 | otr_smp_or_smpq(irc, args[1], NULL, args[2]); /* no question */ |
---|
952 | } |
---|
953 | |
---|
954 | void cmd_otr_smpq(irc_t *irc, char **args) |
---|
955 | { |
---|
956 | otr_smp_or_smpq(irc, args[1], args[2], args[3]); |
---|
957 | } |
---|
958 | |
---|
959 | void cmd_otr_trust(irc_t *irc, char **args) |
---|
960 | { |
---|
961 | irc_user_t *u; |
---|
962 | ConnContext *ctx; |
---|
963 | unsigned char raw[20]; |
---|
964 | Fingerprint *fp; |
---|
965 | int i,j; |
---|
966 | |
---|
967 | u = irc_user_by_name(irc, args[1]); |
---|
968 | if(!u || !u->bu || !u->bu->ic) { |
---|
969 | irc_rootmsg(irc, "%s: unknown user", args[1]); |
---|
970 | return; |
---|
971 | } |
---|
972 | |
---|
973 | ctx = otrl_context_find(irc->otr->us, u->bu->handle, |
---|
974 | u->bu->ic->acc->user, u->bu->ic->acc->prpl->name, OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL); |
---|
975 | if(!ctx) { |
---|
976 | irc_rootmsg(irc, "%s: no otr context with user", args[1]); |
---|
977 | return; |
---|
978 | } |
---|
979 | |
---|
980 | /* convert given fingerprint to raw representation */ |
---|
981 | for(i=0; i<5; i++) { |
---|
982 | for(j=0; j<4; j++) { |
---|
983 | char *p = args[2+i]+(2*j); |
---|
984 | char *q = p+1; |
---|
985 | int x, y; |
---|
986 | |
---|
987 | if(!*p || !*q) { |
---|
988 | irc_rootmsg(irc, "failed: truncated fingerprint block %d", i+1); |
---|
989 | return; |
---|
990 | } |
---|
991 | |
---|
992 | x = hexval(*p); |
---|
993 | y = hexval(*q); |
---|
994 | if(x<0) { |
---|
995 | irc_rootmsg(irc, "failed: %d. hex digit of block %d out of range", 2*j+1, i+1); |
---|
996 | return; |
---|
997 | } |
---|
998 | if(y<0) { |
---|
999 | irc_rootmsg(irc, "failed: %d. hex digit of block %d out of range", 2*j+2, i+1); |
---|
1000 | return; |
---|
1001 | } |
---|
1002 | |
---|
1003 | raw[i*4+j] = x*16 + y; |
---|
1004 | } |
---|
1005 | } |
---|
1006 | fp = otrl_context_find_fingerprint(ctx, raw, 0, NULL); |
---|
1007 | if(!fp) { |
---|
1008 | irc_rootmsg(irc, "failed: no such fingerprint for %s", args[1]); |
---|
1009 | } else { |
---|
1010 | char *trust = args[7] ? args[7] : "affirmed"; |
---|
1011 | otrl_context_set_trust(fp, trust); |
---|
1012 | irc_rootmsg(irc, "fingerprint match, trust set to \"%s\"", trust); |
---|
1013 | if(u->flags & IRC_USER_OTR_ENCRYPTED) |
---|
1014 | u->flags |= IRC_USER_OTR_TRUSTED; |
---|
1015 | otr_update_modeflags(irc, u); |
---|
1016 | } |
---|
1017 | } |
---|
1018 | |
---|
1019 | void cmd_otr_info(irc_t *irc, char **args) |
---|
1020 | { |
---|
1021 | if(!args[1]) { |
---|
1022 | show_general_otr_info(irc); |
---|
1023 | } else { |
---|
1024 | char *arg = g_strdup(args[1]); |
---|
1025 | char *myhandle, *handle=NULL, *protocol; |
---|
1026 | ConnContext *ctx; |
---|
1027 | |
---|
1028 | /* interpret arg as 'user/protocol/account' if possible */ |
---|
1029 | protocol = strchr(arg, '/'); |
---|
1030 | myhandle = NULL; |
---|
1031 | if(protocol) { |
---|
1032 | *(protocol++) = '\0'; |
---|
1033 | myhandle = strchr(protocol, '/'); |
---|
1034 | } |
---|
1035 | if(protocol && myhandle) { |
---|
1036 | *(myhandle++) = '\0'; |
---|
1037 | handle = arg; |
---|
1038 | ctx = otrl_context_find(irc->otr->us, handle, myhandle, protocol, OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL); |
---|
1039 | if(!ctx) { |
---|
1040 | irc_rootmsg(irc, "no such context"); |
---|
1041 | g_free(arg); |
---|
1042 | return; |
---|
1043 | } |
---|
1044 | } else { |
---|
1045 | irc_user_t *u = irc_user_by_name(irc, args[1]); |
---|
1046 | if(!u || !u->bu || !u->bu->ic) { |
---|
1047 | irc_rootmsg(irc, "%s: unknown user", args[1]); |
---|
1048 | g_free(arg); |
---|
1049 | return; |
---|
1050 | } |
---|
1051 | ctx = otrl_context_find(irc->otr->us, u->bu->handle, u->bu->ic->acc->user, |
---|
1052 | u->bu->ic->acc->prpl->name, OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL); |
---|
1053 | if(!ctx) { |
---|
1054 | irc_rootmsg(irc, "no otr context with %s", args[1]); |
---|
1055 | g_free(arg); |
---|
1056 | return; |
---|
1057 | } |
---|
1058 | } |
---|
1059 | |
---|
1060 | /* show how we resolved the (nick) argument, if we did */ |
---|
1061 | if(handle!=arg) { |
---|
1062 | irc_rootmsg(irc, "%s is %s/%s; we are %s/%s to them", args[1], |
---|
1063 | ctx->username, ctx->protocol, ctx->accountname, ctx->protocol); |
---|
1064 | } |
---|
1065 | show_otr_context_info(irc, ctx); |
---|
1066 | g_free(arg); |
---|
1067 | } |
---|
1068 | } |
---|
1069 | |
---|
1070 | void cmd_otr_keygen(irc_t *irc, char **args) |
---|
1071 | { |
---|
1072 | int i, n; |
---|
1073 | account_t *a; |
---|
1074 | |
---|
1075 | n = atoi(args[1]); |
---|
1076 | if(n<0 || (!n && strcmp(args[1], "0"))) { |
---|
1077 | irc_rootmsg(irc, "%s: invalid account number", args[1]); |
---|
1078 | return; |
---|
1079 | } |
---|
1080 | |
---|
1081 | a = irc->b->accounts; |
---|
1082 | for(i=0; i<n && a; i++, a=a->next); |
---|
1083 | if(!a) { |
---|
1084 | irc_rootmsg(irc, "%s: no such account", args[1]); |
---|
1085 | return; |
---|
1086 | } |
---|
1087 | |
---|
1088 | if(keygen_in_progress(irc, a->user, a->prpl->name)) { |
---|
1089 | irc_rootmsg(irc, "keygen for account %d already in progress", n); |
---|
1090 | return; |
---|
1091 | } |
---|
1092 | |
---|
1093 | if(otrl_privkey_find(irc->otr->us, a->user, a->prpl->name)) { |
---|
1094 | char *s = g_strdup_printf("account %d already has a key, replace it?", n); |
---|
1095 | query_add(irc, NULL, s, yes_keygen, NULL, NULL, a); |
---|
1096 | g_free(s); |
---|
1097 | } else { |
---|
1098 | otr_keygen(irc, a->user, a->prpl->name); |
---|
1099 | } |
---|
1100 | } |
---|
1101 | |
---|
1102 | void yes_forget_fingerprint(void *data) |
---|
1103 | { |
---|
1104 | pair_t *p = (pair_t *)data; |
---|
1105 | irc_t *irc = (irc_t *)p->fst; |
---|
1106 | Fingerprint *fp = (Fingerprint *)p->snd; |
---|
1107 | |
---|
1108 | g_free(p); |
---|
1109 | |
---|
1110 | if(fp == fp->context->active_fingerprint) { |
---|
1111 | irc_rootmsg(irc, "that fingerprint is active, terminate otr connection first"); |
---|
1112 | return; |
---|
1113 | } |
---|
1114 | |
---|
1115 | otrl_context_forget_fingerprint(fp, 0); |
---|
1116 | } |
---|
1117 | |
---|
1118 | void yes_forget_context(void *data) |
---|
1119 | { |
---|
1120 | pair_t *p = (pair_t *)data; |
---|
1121 | irc_t *irc = (irc_t *)p->fst; |
---|
1122 | ConnContext *ctx = (ConnContext *)p->snd; |
---|
1123 | |
---|
1124 | g_free(p); |
---|
1125 | |
---|
1126 | // XXX forget all contexts |
---|
1127 | |
---|
1128 | if(ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) { |
---|
1129 | irc_rootmsg(irc, "active otr connection with %s, terminate it first", |
---|
1130 | peernick(irc, ctx->username, ctx->protocol)); |
---|
1131 | return; |
---|
1132 | } |
---|
1133 | |
---|
1134 | if(ctx->msgstate == OTRL_MSGSTATE_FINISHED) |
---|
1135 | otrl_context_force_plaintext(ctx); |
---|
1136 | otrl_context_forget(ctx); |
---|
1137 | } |
---|
1138 | |
---|
1139 | void yes_forget_key(void *data) |
---|
1140 | { |
---|
1141 | OtrlPrivKey *key = (OtrlPrivKey *)data; |
---|
1142 | |
---|
1143 | otrl_privkey_forget(key); |
---|
1144 | /* Hm, libotr doesn't seem to offer a function for explicitly /writing/ |
---|
1145 | keyfiles. So the key will be back on the next load... */ |
---|
1146 | /* TODO: Actually erase forgotten keys from storage? */ |
---|
1147 | } |
---|
1148 | |
---|
1149 | void cmd_otr_forget(irc_t *irc, char **args) |
---|
1150 | { |
---|
1151 | if(!strcmp(args[1], "fingerprint")) |
---|
1152 | { |
---|
1153 | irc_user_t *u; |
---|
1154 | ConnContext *ctx; |
---|
1155 | Fingerprint *fp; |
---|
1156 | char human[54]; |
---|
1157 | char *s; |
---|
1158 | pair_t *p; |
---|
1159 | |
---|
1160 | if(!args[3]) { |
---|
1161 | irc_rootmsg(irc, "otr %s %s: not enough arguments (2 req.)", args[0], args[1]); |
---|
1162 | return; |
---|
1163 | } |
---|
1164 | |
---|
1165 | /* TODO: allow context specs ("user/proto/account") in 'otr forget fingerprint'? */ |
---|
1166 | u = irc_user_by_name(irc, args[2]); |
---|
1167 | if(!u || !u->bu || !u->bu->ic) { |
---|
1168 | irc_rootmsg(irc, "%s: unknown user", args[2]); |
---|
1169 | return; |
---|
1170 | } |
---|
1171 | |
---|
1172 | ctx = otrl_context_find(irc->otr->us, u->bu->handle, u->bu->ic->acc->user, |
---|
1173 | u->bu->ic->acc->prpl->name, OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL); |
---|
1174 | if(!ctx) { |
---|
1175 | irc_rootmsg(irc, "no otr context with %s", args[2]); |
---|
1176 | return; |
---|
1177 | } |
---|
1178 | |
---|
1179 | fp = match_fingerprint(irc, ctx, ((const char **)args)+3); |
---|
1180 | if(!fp) { |
---|
1181 | /* match_fingerprint does error messages */ |
---|
1182 | return; |
---|
1183 | } |
---|
1184 | |
---|
1185 | if(fp == ctx->active_fingerprint) { |
---|
1186 | irc_rootmsg(irc, "that fingerprint is active, terminate otr connection first"); |
---|
1187 | return; |
---|
1188 | } |
---|
1189 | |
---|
1190 | otrl_privkey_hash_to_human(human, fp->fingerprint); |
---|
1191 | s = g_strdup_printf("about to forget fingerprint %s, are you sure?", human); |
---|
1192 | p = g_malloc(sizeof(pair_t)); |
---|
1193 | if(!p) |
---|
1194 | return; |
---|
1195 | p->fst = irc; |
---|
1196 | p->snd = fp; |
---|
1197 | query_add(irc, NULL, s, yes_forget_fingerprint, NULL, NULL, p); |
---|
1198 | g_free(s); |
---|
1199 | } |
---|
1200 | |
---|
1201 | else if(!strcmp(args[1], "context")) |
---|
1202 | { |
---|
1203 | irc_user_t *u; |
---|
1204 | ConnContext *ctx; |
---|
1205 | char *s; |
---|
1206 | pair_t *p; |
---|
1207 | |
---|
1208 | /* TODO: allow context specs ("user/proto/account") in 'otr forget contex'? */ |
---|
1209 | u = irc_user_by_name(irc, args[2]); |
---|
1210 | if(!u || !u->bu || !u->bu->ic) { |
---|
1211 | irc_rootmsg(irc, "%s: unknown user", args[2]); |
---|
1212 | return; |
---|
1213 | } |
---|
1214 | |
---|
1215 | ctx = otrl_context_find(irc->otr->us, u->bu->handle, u->bu->ic->acc->user, |
---|
1216 | u->bu->ic->acc->prpl->name, OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL); |
---|
1217 | if(!ctx) { |
---|
1218 | irc_rootmsg(irc, "no otr context with %s", args[2]); |
---|
1219 | return; |
---|
1220 | } |
---|
1221 | |
---|
1222 | if(ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) { |
---|
1223 | irc_rootmsg(irc, "active otr connection with %s, terminate it first", args[2]); |
---|
1224 | return; |
---|
1225 | } |
---|
1226 | |
---|
1227 | s = g_strdup_printf("about to forget otr data about %s, are you sure?", args[2]); |
---|
1228 | p = g_malloc(sizeof(pair_t)); |
---|
1229 | if(!p) |
---|
1230 | return; |
---|
1231 | p->fst = irc; |
---|
1232 | p->snd = ctx; |
---|
1233 | query_add(irc, NULL, s, yes_forget_context, NULL, NULL, p); |
---|
1234 | g_free(s); |
---|
1235 | } |
---|
1236 | |
---|
1237 | else if(!strcmp(args[1], "key")) |
---|
1238 | { |
---|
1239 | OtrlPrivKey *key; |
---|
1240 | char *s; |
---|
1241 | |
---|
1242 | key = match_privkey(irc, ((const char **)args)+2); |
---|
1243 | if(!key) { |
---|
1244 | /* match_privkey does error messages */ |
---|
1245 | return; |
---|
1246 | } |
---|
1247 | |
---|
1248 | s = g_strdup_printf("about to forget the private key for %s/%s, are you sure?", |
---|
1249 | key->accountname, key->protocol); |
---|
1250 | query_add(irc, NULL, s, yes_forget_key, NULL, NULL, key); |
---|
1251 | g_free(s); |
---|
1252 | } |
---|
1253 | |
---|
1254 | else |
---|
1255 | { |
---|
1256 | irc_rootmsg(irc, "otr %s: unknown subcommand \"%s\", see \x02help otr forget\x02", |
---|
1257 | args[0], args[1]); |
---|
1258 | } |
---|
1259 | } |
---|
1260 | |
---|
1261 | |
---|
1262 | /*** local helpers / subroutines: ***/ |
---|
1263 | |
---|
1264 | void log_otr_message(void *opdata, const char *fmt, ...) |
---|
1265 | { |
---|
1266 | va_list va; |
---|
1267 | |
---|
1268 | va_start(va, fmt); |
---|
1269 | char *msg = g_strdup_vprintf(fmt, va); |
---|
1270 | va_end(va); |
---|
1271 | |
---|
1272 | log_message(LOGLVL_INFO, "otr: %s", msg); |
---|
1273 | } |
---|
1274 | |
---|
1275 | void display_otr_message(void *opdata, ConnContext *ctx, const char *fmt, ...) |
---|
1276 | { |
---|
1277 | struct im_connection *ic = |
---|
1278 | check_imc(opdata, ctx->accountname, ctx->protocol); |
---|
1279 | irc_t *irc = ic->bee->ui_data; |
---|
1280 | irc_user_t *u = peeruser(irc, ctx->username, ctx->protocol); |
---|
1281 | va_list va; |
---|
1282 | |
---|
1283 | va_start(va, fmt); |
---|
1284 | char *msg = g_strdup_vprintf(fmt, va); |
---|
1285 | va_end(va); |
---|
1286 | |
---|
1287 | if(u) { |
---|
1288 | /* display as a notice from this particular user */ |
---|
1289 | irc_usernotice(u, "%s", msg); |
---|
1290 | } else { |
---|
1291 | irc_rootmsg(irc, "[otr] %s", msg); |
---|
1292 | } |
---|
1293 | |
---|
1294 | g_free(msg); |
---|
1295 | } |
---|
1296 | |
---|
1297 | /* combined handler for the 'otr smp' and 'otr smpq' commands */ |
---|
1298 | void otr_smp_or_smpq(irc_t *irc, const char *nick, const char *question, |
---|
1299 | const char *secret) |
---|
1300 | { |
---|
1301 | irc_user_t *u; |
---|
1302 | ConnContext *ctx; |
---|
1303 | otrl_instag_t instag = OTRL_INSTAG_RECENT; // XXX |
---|
1304 | |
---|
1305 | u = irc_user_by_name(irc, nick); |
---|
1306 | if(!u || !u->bu || !u->bu->ic) { |
---|
1307 | irc_rootmsg(irc, "%s: unknown user", nick); |
---|
1308 | return; |
---|
1309 | } |
---|
1310 | if(!(u->bu->flags & BEE_USER_ONLINE)) { |
---|
1311 | irc_rootmsg(irc, "%s is offline", nick); |
---|
1312 | return; |
---|
1313 | } |
---|
1314 | |
---|
1315 | ctx = otrl_context_find(irc->otr->us, u->bu->handle, |
---|
1316 | u->bu->ic->acc->user, u->bu->ic->acc->prpl->name, instag, 0, NULL, NULL, NULL); |
---|
1317 | if(!ctx || ctx->msgstate != OTRL_MSGSTATE_ENCRYPTED) { |
---|
1318 | irc_rootmsg(irc, "smp: otr inactive with %s, try \x02otr connect" |
---|
1319 | " %s\x02", nick, nick); |
---|
1320 | return; |
---|
1321 | } |
---|
1322 | |
---|
1323 | if(ctx->smstate->nextExpected != OTRL_SMP_EXPECT1) { |
---|
1324 | log_message(LOGLVL_INFO, |
---|
1325 | "SMP already in phase %d, sending abort before reinitiating", |
---|
1326 | ctx->smstate->nextExpected+1); |
---|
1327 | otrl_message_abort_smp(irc->otr->us, &otr_ops, u->bu->ic, ctx); |
---|
1328 | otrl_sm_state_free(ctx->smstate); |
---|
1329 | } |
---|
1330 | |
---|
1331 | if(question) { |
---|
1332 | /* this was 'otr smpq', just initiate */ |
---|
1333 | irc_rootmsg(irc, "smp: initiating with %s...", u->nick); |
---|
1334 | otrl_message_initiate_smp_q(irc->otr->us, &otr_ops, u->bu->ic, ctx, |
---|
1335 | question, (unsigned char *)secret, strlen(secret)); |
---|
1336 | /* smp is now in EXPECT2 */ |
---|
1337 | } else { |
---|
1338 | /* this was 'otr smp', initiate or reply */ |
---|
1339 | /* warning: the following assumes that smstates are cleared whenever an SMP |
---|
1340 | is completed or aborted! */ |
---|
1341 | if(ctx->smstate->secret == NULL) { |
---|
1342 | irc_rootmsg(irc, "smp: initiating with %s...", u->nick); |
---|
1343 | otrl_message_initiate_smp(irc->otr->us, &otr_ops, |
---|
1344 | u->bu->ic, ctx, (unsigned char *)secret, strlen(secret)); |
---|
1345 | /* smp is now in EXPECT2 */ |
---|
1346 | } else { |
---|
1347 | /* if we're still in EXPECT1 but smstate is initialized, we must have |
---|
1348 | received the SMP1, so let's issue a response */ |
---|
1349 | irc_rootmsg(irc, "smp: responding to %s...", u->nick); |
---|
1350 | otrl_message_respond_smp(irc->otr->us, &otr_ops, |
---|
1351 | u->bu->ic, ctx, (unsigned char *)secret, strlen(secret)); |
---|
1352 | /* smp is now in EXPECT3 */ |
---|
1353 | } |
---|
1354 | } |
---|
1355 | } |
---|
1356 | |
---|
1357 | /* timeout handler that calls otrl_message_poll */ |
---|
1358 | gboolean ev_message_poll(gpointer data, gint fd, b_input_condition cond) |
---|
1359 | { |
---|
1360 | otr_t *otr = data; |
---|
1361 | |
---|
1362 | if(otr && otr->us) |
---|
1363 | otrl_message_poll(otr->us, &otr_ops, NULL); |
---|
1364 | |
---|
1365 | return TRUE; /* cycle timer */ |
---|
1366 | } |
---|
1367 | |
---|
1368 | /* helper to assert that account and protocol names given to ops below always |
---|
1369 | match the im_connection passed through as opdata */ |
---|
1370 | struct im_connection *check_imc(void *opdata, const char *accountname, |
---|
1371 | const char *protocol) |
---|
1372 | { |
---|
1373 | struct im_connection *ic = (struct im_connection *)opdata; |
---|
1374 | |
---|
1375 | /* libotr 4.0.0 has a bug where it doesn't set opdata, so we catch |
---|
1376 | * that and try to find the desired connection in the global list. */ |
---|
1377 | if(!ic) { |
---|
1378 | GSList *l; |
---|
1379 | for(l=get_connections(); l; l=l->next) { |
---|
1380 | ic = l->data; |
---|
1381 | if(strcmp(accountname, ic->acc->user) == 0 && |
---|
1382 | strcmp(protocol, ic->acc->prpl->name) == 0) |
---|
1383 | break; |
---|
1384 | } |
---|
1385 | assert(l != NULL); /* a match should always be found */ |
---|
1386 | if(!l) |
---|
1387 | return NULL; |
---|
1388 | } |
---|
1389 | |
---|
1390 | if (strcmp(accountname, ic->acc->user) != 0) { |
---|
1391 | log_message(LOGLVL_WARNING, |
---|
1392 | "otr: internal account name mismatch: '%s' vs '%s'", |
---|
1393 | accountname, ic->acc->user); |
---|
1394 | } |
---|
1395 | if (strcmp(protocol, ic->acc->prpl->name) != 0) { |
---|
1396 | log_message(LOGLVL_WARNING, |
---|
1397 | "otr: internal protocol name mismatch: '%s' vs '%s'", |
---|
1398 | protocol, ic->acc->prpl->name); |
---|
1399 | } |
---|
1400 | |
---|
1401 | return ic; |
---|
1402 | } |
---|
1403 | |
---|
1404 | irc_user_t *peeruser(irc_t *irc, const char *handle, const char *protocol) |
---|
1405 | { |
---|
1406 | GSList *l; |
---|
1407 | |
---|
1408 | for(l=irc->b->users; l; l = l->next) { |
---|
1409 | bee_user_t *bu = l->data; |
---|
1410 | struct prpl *prpl; |
---|
1411 | if(!bu->ui_data || !bu->ic || !bu->handle) |
---|
1412 | continue; |
---|
1413 | prpl = bu->ic->acc->prpl; |
---|
1414 | if(strcmp(prpl->name, protocol) == 0 |
---|
1415 | && prpl->handle_cmp(bu->handle, handle) == 0) { |
---|
1416 | return bu->ui_data; |
---|
1417 | } |
---|
1418 | } |
---|
1419 | |
---|
1420 | return NULL; |
---|
1421 | } |
---|
1422 | |
---|
1423 | int hexval(char a) |
---|
1424 | { |
---|
1425 | int x=tolower(a); |
---|
1426 | |
---|
1427 | if(x>='a' && x<='f') |
---|
1428 | x = x - 'a' + 10; |
---|
1429 | else if(x>='0' && x<='9') |
---|
1430 | x = x - '0'; |
---|
1431 | else |
---|
1432 | return -1; |
---|
1433 | |
---|
1434 | return x; |
---|
1435 | } |
---|
1436 | |
---|
1437 | const char *peernick(irc_t *irc, const char *handle, const char *protocol) |
---|
1438 | { |
---|
1439 | static char fallback[512]; |
---|
1440 | |
---|
1441 | irc_user_t *u = peeruser(irc, handle, protocol); |
---|
1442 | if(u) { |
---|
1443 | return u->nick; |
---|
1444 | } else { |
---|
1445 | g_snprintf(fallback, 511, "%s/%s", handle, protocol); |
---|
1446 | return fallback; |
---|
1447 | } |
---|
1448 | } |
---|
1449 | |
---|
1450 | void otr_update_uflags(ConnContext *context, irc_user_t *u) |
---|
1451 | { |
---|
1452 | const char *trust; |
---|
1453 | |
---|
1454 | if(context->active_fingerprint) { |
---|
1455 | u->flags |= IRC_USER_OTR_ENCRYPTED; |
---|
1456 | |
---|
1457 | trust = context->active_fingerprint->trust; |
---|
1458 | if(trust && trust[0]) |
---|
1459 | u->flags |= IRC_USER_OTR_TRUSTED; |
---|
1460 | else |
---|
1461 | u->flags &= ~IRC_USER_OTR_TRUSTED; |
---|
1462 | } else { |
---|
1463 | u->flags &= ~IRC_USER_OTR_ENCRYPTED; |
---|
1464 | } |
---|
1465 | } |
---|
1466 | |
---|
1467 | int otr_update_modeflags(irc_t *irc, irc_user_t *u) |
---|
1468 | { |
---|
1469 | return 0; |
---|
1470 | } |
---|
1471 | |
---|
1472 | void show_fingerprints(irc_t *irc, ConnContext *ctx) |
---|
1473 | { |
---|
1474 | char human[45]; |
---|
1475 | Fingerprint *fp; |
---|
1476 | const char *trust; |
---|
1477 | int count=0; |
---|
1478 | |
---|
1479 | for(fp=&ctx->fingerprint_root; fp; fp=fp->next) { |
---|
1480 | if(!fp->fingerprint) |
---|
1481 | continue; |
---|
1482 | count++; |
---|
1483 | otrl_privkey_hash_to_human(human, fp->fingerprint); |
---|
1484 | if(!fp->trust || fp->trust[0] == '\0') { |
---|
1485 | trust="untrusted"; |
---|
1486 | } else { |
---|
1487 | trust=fp->trust; |
---|
1488 | } |
---|
1489 | if(fp == ctx->active_fingerprint) { |
---|
1490 | irc_rootmsg(irc, " \x02%s (%s)\x02", human, trust); |
---|
1491 | } else { |
---|
1492 | irc_rootmsg(irc, " %s (%s)", human, trust); |
---|
1493 | } |
---|
1494 | } |
---|
1495 | if(count==0) |
---|
1496 | irc_rootmsg(irc, " (none)"); |
---|
1497 | } |
---|
1498 | |
---|
1499 | Fingerprint *match_fingerprint(irc_t *irc, ConnContext *ctx, const char **args) |
---|
1500 | { |
---|
1501 | Fingerprint *fp, *fp2; |
---|
1502 | char human[45]; |
---|
1503 | char prefix[45], *p; |
---|
1504 | int n; |
---|
1505 | int i,j; |
---|
1506 | |
---|
1507 | /* assemble the args into a prefix in standard "human" form */ |
---|
1508 | n=0; |
---|
1509 | p=prefix; |
---|
1510 | for(i=0; args[i]; i++) { |
---|
1511 | for(j=0; args[i][j]; j++) { |
---|
1512 | char c = toupper(args[i][j]); |
---|
1513 | |
---|
1514 | if(n>=40) { |
---|
1515 | irc_rootmsg(irc, "too many fingerprint digits given, expected at most 40"); |
---|
1516 | return NULL; |
---|
1517 | } |
---|
1518 | |
---|
1519 | if( (c>='A' && c<='F') || (c>='0' && c<='9') ) { |
---|
1520 | *(p++) = c; |
---|
1521 | } else { |
---|
1522 | irc_rootmsg(irc, "invalid hex digit '%c' in block %d", args[i][j], i+1); |
---|
1523 | return NULL; |
---|
1524 | } |
---|
1525 | |
---|
1526 | n++; |
---|
1527 | if(n%8 == 0) |
---|
1528 | *(p++) = ' '; |
---|
1529 | } |
---|
1530 | } |
---|
1531 | *p = '\0'; |
---|
1532 | |
---|
1533 | /* find first fingerprint with the given prefix */ |
---|
1534 | n = strlen(prefix); |
---|
1535 | for(fp=&ctx->fingerprint_root; fp; fp=fp->next) { |
---|
1536 | if(!fp->fingerprint) |
---|
1537 | continue; |
---|
1538 | otrl_privkey_hash_to_human(human, fp->fingerprint); |
---|
1539 | if(!strncmp(prefix, human, n)) |
---|
1540 | break; |
---|
1541 | } |
---|
1542 | if(!fp) { |
---|
1543 | irc_rootmsg(irc, "%s: no match", prefix); |
---|
1544 | return NULL; |
---|
1545 | } |
---|
1546 | |
---|
1547 | /* make sure the match, if any, is unique */ |
---|
1548 | for(fp2=fp->next; fp2; fp2=fp2->next) { |
---|
1549 | if(!fp2->fingerprint) |
---|
1550 | continue; |
---|
1551 | otrl_privkey_hash_to_human(human, fp2->fingerprint); |
---|
1552 | if(!strncmp(prefix, human, n)) |
---|
1553 | break; |
---|
1554 | } |
---|
1555 | if(fp2) { |
---|
1556 | irc_rootmsg(irc, "%s: multiple matches", prefix); |
---|
1557 | return NULL; |
---|
1558 | } |
---|
1559 | |
---|
1560 | return fp; |
---|
1561 | } |
---|
1562 | |
---|
1563 | OtrlPrivKey *match_privkey(irc_t *irc, const char **args) |
---|
1564 | { |
---|
1565 | OtrlPrivKey *k, *k2; |
---|
1566 | char human[45]; |
---|
1567 | char prefix[45], *p; |
---|
1568 | int n; |
---|
1569 | int i,j; |
---|
1570 | |
---|
1571 | /* assemble the args into a prefix in standard "human" form */ |
---|
1572 | n=0; |
---|
1573 | p=prefix; |
---|
1574 | for(i=0; args[i]; i++) { |
---|
1575 | for(j=0; args[i][j]; j++) { |
---|
1576 | char c = toupper(args[i][j]); |
---|
1577 | |
---|
1578 | if(n>=40) { |
---|
1579 | irc_rootmsg(irc, "too many fingerprint digits given, expected at most 40"); |
---|
1580 | return NULL; |
---|
1581 | } |
---|
1582 | |
---|
1583 | if( (c>='A' && c<='F') || (c>='0' && c<='9') ) { |
---|
1584 | *(p++) = c; |
---|
1585 | } else { |
---|
1586 | irc_rootmsg(irc, "invalid hex digit '%c' in block %d", args[i][j], i+1); |
---|
1587 | return NULL; |
---|
1588 | } |
---|
1589 | |
---|
1590 | n++; |
---|
1591 | if(n%8 == 0) |
---|
1592 | *(p++) = ' '; |
---|
1593 | } |
---|
1594 | } |
---|
1595 | *p = '\0'; |
---|
1596 | |
---|
1597 | /* find first key which matches the given prefix */ |
---|
1598 | n = strlen(prefix); |
---|
1599 | for(k=irc->otr->us->privkey_root; k; k=k->next) { |
---|
1600 | p = otrl_privkey_fingerprint(irc->otr->us, human, k->accountname, k->protocol); |
---|
1601 | if(!p) /* gah! :-P */ |
---|
1602 | continue; |
---|
1603 | if(!strncmp(prefix, human, n)) |
---|
1604 | break; |
---|
1605 | } |
---|
1606 | if(!k) { |
---|
1607 | irc_rootmsg(irc, "%s: no match", prefix); |
---|
1608 | return NULL; |
---|
1609 | } |
---|
1610 | |
---|
1611 | /* make sure the match, if any, is unique */ |
---|
1612 | for(k2=k->next; k2; k2=k2->next) { |
---|
1613 | p = otrl_privkey_fingerprint(irc->otr->us, human, k2->accountname, k2->protocol); |
---|
1614 | if(!p) /* gah! :-P */ |
---|
1615 | continue; |
---|
1616 | if(!strncmp(prefix, human, n)) |
---|
1617 | break; |
---|
1618 | } |
---|
1619 | if(k2) { |
---|
1620 | irc_rootmsg(irc, "%s: multiple matches", prefix); |
---|
1621 | return NULL; |
---|
1622 | } |
---|
1623 | |
---|
1624 | return k; |
---|
1625 | } |
---|
1626 | |
---|
1627 | void show_general_otr_info(irc_t *irc) |
---|
1628 | { |
---|
1629 | ConnContext *ctx; |
---|
1630 | OtrlPrivKey *key; |
---|
1631 | char human[45]; |
---|
1632 | kg_t *kg; |
---|
1633 | |
---|
1634 | /* list all privkeys (including ones being generated) */ |
---|
1635 | irc_rootmsg(irc, "\x1fprivate keys:\x1f"); |
---|
1636 | for(key=irc->otr->us->privkey_root; key; key=key->next) { |
---|
1637 | const char *hash; |
---|
1638 | |
---|
1639 | switch(key->pubkey_type) { |
---|
1640 | case OTRL_PUBKEY_TYPE_DSA: |
---|
1641 | irc_rootmsg(irc, " %s/%s - DSA", key->accountname, key->protocol); |
---|
1642 | break; |
---|
1643 | default: |
---|
1644 | irc_rootmsg(irc, " %s/%s - type %d", key->accountname, key->protocol, |
---|
1645 | key->pubkey_type); |
---|
1646 | } |
---|
1647 | |
---|
1648 | /* No, it doesn't make much sense to search for the privkey again by |
---|
1649 | account/protocol, but libotr currently doesn't provide a direct routine |
---|
1650 | for hashing a given 'OtrlPrivKey'... */ |
---|
1651 | hash = otrl_privkey_fingerprint(irc->otr->us, human, key->accountname, key->protocol); |
---|
1652 | if(hash) /* should always succeed */ |
---|
1653 | irc_rootmsg(irc, " %s", human); |
---|
1654 | } |
---|
1655 | if(irc->otr->sent_accountname) { |
---|
1656 | irc_rootmsg(irc, " %s/%s - DSA", irc->otr->sent_accountname, |
---|
1657 | irc->otr->sent_protocol); |
---|
1658 | irc_rootmsg(irc, " (being generated)"); |
---|
1659 | } |
---|
1660 | for(kg=irc->otr->todo; kg; kg=kg->next) { |
---|
1661 | irc_rootmsg(irc, " %s/%s - DSA", kg->accountname, kg->protocol); |
---|
1662 | irc_rootmsg(irc, " (queued)"); |
---|
1663 | } |
---|
1664 | if(key == irc->otr->us->privkey_root && |
---|
1665 | !irc->otr->sent_accountname && |
---|
1666 | kg == irc->otr->todo) |
---|
1667 | irc_rootmsg(irc, " (none)"); |
---|
1668 | |
---|
1669 | /* list all contexts */ |
---|
1670 | irc_rootmsg(irc, "%s", ""); |
---|
1671 | irc_rootmsg(irc, "\x1f" "connection contexts:\x1f (bold=currently encrypted)"); |
---|
1672 | for(ctx=irc->otr->us->context_root; ctx; ctx=ctx->next) {\ |
---|
1673 | irc_user_t *u; |
---|
1674 | char *userstring; |
---|
1675 | |
---|
1676 | u = peeruser(irc, ctx->username, ctx->protocol); |
---|
1677 | if(u) |
---|
1678 | userstring = g_strdup_printf("%s/%s/%s (%s)", |
---|
1679 | ctx->username, ctx->protocol, ctx->accountname, u->nick); |
---|
1680 | else |
---|
1681 | userstring = g_strdup_printf("%s/%s/%s", |
---|
1682 | ctx->username, ctx->protocol, ctx->accountname); |
---|
1683 | |
---|
1684 | if(ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) { |
---|
1685 | irc_rootmsg(irc, " \x02%s\x02", userstring); |
---|
1686 | } else { |
---|
1687 | irc_rootmsg(irc, " %s", userstring); |
---|
1688 | } |
---|
1689 | |
---|
1690 | g_free(userstring); |
---|
1691 | } |
---|
1692 | if(ctx == irc->otr->us->context_root) |
---|
1693 | irc_rootmsg(irc, " (none)"); |
---|
1694 | } |
---|
1695 | |
---|
1696 | void show_otr_context_info(irc_t *irc, ConnContext *ctx) |
---|
1697 | { |
---|
1698 | // XXX show all contexts |
---|
1699 | |
---|
1700 | switch(ctx->otr_offer) { |
---|
1701 | case OFFER_NOT: |
---|
1702 | irc_rootmsg(irc, " otr offer status: none sent"); |
---|
1703 | break; |
---|
1704 | case OFFER_SENT: |
---|
1705 | irc_rootmsg(irc, " otr offer status: awaiting reply"); |
---|
1706 | break; |
---|
1707 | case OFFER_ACCEPTED: |
---|
1708 | irc_rootmsg(irc, " otr offer status: accepted our offer"); |
---|
1709 | break; |
---|
1710 | case OFFER_REJECTED: |
---|
1711 | irc_rootmsg(irc, " otr offer status: ignored our offer"); |
---|
1712 | break; |
---|
1713 | default: |
---|
1714 | irc_rootmsg(irc, " otr offer status: %d", ctx->otr_offer); |
---|
1715 | } |
---|
1716 | |
---|
1717 | switch(ctx->msgstate) { |
---|
1718 | case OTRL_MSGSTATE_PLAINTEXT: |
---|
1719 | irc_rootmsg(irc, " connection state: cleartext"); |
---|
1720 | break; |
---|
1721 | case OTRL_MSGSTATE_ENCRYPTED: |
---|
1722 | irc_rootmsg(irc, " connection state: encrypted (v%d)", ctx->protocol_version); |
---|
1723 | break; |
---|
1724 | case OTRL_MSGSTATE_FINISHED: |
---|
1725 | irc_rootmsg(irc, " connection state: shut down"); |
---|
1726 | break; |
---|
1727 | default: |
---|
1728 | irc_rootmsg(irc, " connection state: %d", ctx->msgstate); |
---|
1729 | } |
---|
1730 | |
---|
1731 | irc_rootmsg(irc, " fingerprints: (bold=active)"); |
---|
1732 | show_fingerprints(irc, ctx); |
---|
1733 | } |
---|
1734 | |
---|
1735 | int keygen_in_progress(irc_t *irc, const char *handle, const char *protocol) |
---|
1736 | { |
---|
1737 | kg_t *kg; |
---|
1738 | |
---|
1739 | if(!irc->otr->sent_accountname || !irc->otr->sent_protocol) |
---|
1740 | return 0; |
---|
1741 | |
---|
1742 | /* are we currently working on this key? */ |
---|
1743 | if(!strcmp(handle, irc->otr->sent_accountname) && |
---|
1744 | !strcmp(protocol, irc->otr->sent_protocol)) |
---|
1745 | return 1; |
---|
1746 | |
---|
1747 | /* do we have it queued for later? */ |
---|
1748 | for(kg=irc->otr->todo; kg; kg=kg->next) { |
---|
1749 | if(!strcmp(handle, kg->accountname) && |
---|
1750 | !strcmp(protocol, kg->protocol)) |
---|
1751 | return 1; |
---|
1752 | } |
---|
1753 | |
---|
1754 | return 0; |
---|
1755 | } |
---|
1756 | |
---|
1757 | void otr_keygen(irc_t *irc, const char *handle, const char *protocol) |
---|
1758 | { |
---|
1759 | /* do nothing if a key for the requested account is already being generated */ |
---|
1760 | if(keygen_in_progress(irc, handle, protocol)) |
---|
1761 | return; |
---|
1762 | |
---|
1763 | /* see if we already have a keygen child running. if not, start one and put a |
---|
1764 | handler on its output. */ |
---|
1765 | if(!irc->otr->keygen || waitpid(irc->otr->keygen, NULL, WNOHANG)) { |
---|
1766 | pid_t p; |
---|
1767 | int to[2], from[2]; |
---|
1768 | FILE *tof, *fromf; |
---|
1769 | |
---|
1770 | if(pipe(to) < 0 || pipe(from) < 0) { |
---|
1771 | irc_rootmsg(irc, "otr keygen: couldn't create pipe: %s", strerror(errno)); |
---|
1772 | return; |
---|
1773 | } |
---|
1774 | |
---|
1775 | tof = fdopen(to[1], "w"); |
---|
1776 | fromf = fdopen(from[0], "r"); |
---|
1777 | if(!tof || !fromf) { |
---|
1778 | irc_rootmsg(irc, "otr keygen: couldn't streamify pipe: %s", strerror(errno)); |
---|
1779 | return; |
---|
1780 | } |
---|
1781 | |
---|
1782 | p = fork(); |
---|
1783 | if(p<0) { |
---|
1784 | irc_rootmsg(irc, "otr keygen: couldn't fork: %s", strerror(errno)); |
---|
1785 | return; |
---|
1786 | } |
---|
1787 | |
---|
1788 | if(!p) { |
---|
1789 | /* child process */ |
---|
1790 | signal(SIGTERM, exit); |
---|
1791 | keygen_child_main(irc->otr->us, to[0], from[1]); |
---|
1792 | exit(0); |
---|
1793 | } |
---|
1794 | |
---|
1795 | irc->otr->keygen = p; |
---|
1796 | irc->otr->to = tof; |
---|
1797 | irc->otr->from = fromf; |
---|
1798 | irc->otr->sent_accountname = NULL; |
---|
1799 | irc->otr->sent_protocol = NULL; |
---|
1800 | irc->otr->todo = NULL; |
---|
1801 | b_input_add(from[0], B_EV_IO_READ, keygen_finish_handler, irc); |
---|
1802 | } |
---|
1803 | |
---|
1804 | /* is the keygen slave currently working? */ |
---|
1805 | if(irc->otr->sent_accountname) { |
---|
1806 | /* enqueue our job for later transmission */ |
---|
1807 | kg_t **kg = &irc->otr->todo; |
---|
1808 | while(*kg) |
---|
1809 | kg=&((*kg)->next); |
---|
1810 | *kg = g_new0(kg_t, 1); |
---|
1811 | (*kg)->accountname = g_strdup(handle); |
---|
1812 | (*kg)->protocol = g_strdup(protocol); |
---|
1813 | } else { |
---|
1814 | /* send our job over and remember it */ |
---|
1815 | fprintf(irc->otr->to, "%s\n%s\n", handle, protocol); |
---|
1816 | fflush(irc->otr->to); |
---|
1817 | irc->otr->sent_accountname = g_strdup(handle); |
---|
1818 | irc->otr->sent_protocol = g_strdup(protocol); |
---|
1819 | } |
---|
1820 | } |
---|
1821 | |
---|
1822 | void keygen_child_main(OtrlUserState us, int infd, int outfd) |
---|
1823 | { |
---|
1824 | FILE *input, *output; |
---|
1825 | char filename[128], accountname[512], protocol[512]; |
---|
1826 | gcry_error_t e; |
---|
1827 | int tempfd; |
---|
1828 | |
---|
1829 | input = fdopen(infd, "r"); |
---|
1830 | output = fdopen(outfd, "w"); |
---|
1831 | |
---|
1832 | while(!feof(input) && !ferror(input) && !feof(output) && !ferror(output)) { |
---|
1833 | myfgets(accountname, 512, input); |
---|
1834 | myfgets(protocol, 512, input); |
---|
1835 | |
---|
1836 | strncpy(filename, "/tmp/bitlbee-XXXXXX", 128); |
---|
1837 | tempfd = mkstemp(filename); |
---|
1838 | close(tempfd); |
---|
1839 | |
---|
1840 | e = otrl_privkey_generate(us, filename, accountname, protocol); |
---|
1841 | if(e) { |
---|
1842 | fprintf(output, "\n"); /* this means failure */ |
---|
1843 | fprintf(output, "otr keygen: %s\n", gcry_strerror(e)); |
---|
1844 | unlink(filename); |
---|
1845 | } else { |
---|
1846 | fprintf(output, "%s\n", filename); |
---|
1847 | fprintf(output, "otr keygen for %s/%s complete\n", accountname, protocol); |
---|
1848 | } |
---|
1849 | fflush(output); |
---|
1850 | } |
---|
1851 | |
---|
1852 | fclose(input); |
---|
1853 | fclose(output); |
---|
1854 | } |
---|
1855 | |
---|
1856 | gboolean keygen_finish_handler(gpointer data, gint fd, b_input_condition cond) |
---|
1857 | { |
---|
1858 | irc_t *irc = (irc_t *)data; |
---|
1859 | char filename[512], msg[512]; |
---|
1860 | |
---|
1861 | myfgets(filename, 512, irc->otr->from); |
---|
1862 | myfgets(msg, 512, irc->otr->from); |
---|
1863 | |
---|
1864 | irc_rootmsg(irc, "%s", msg); |
---|
1865 | if(filename[0]) { |
---|
1866 | if(strsane(irc->user->nick)) { |
---|
1867 | char *kf = g_strdup_printf("%s%s.otr_keys", global.conf->configdir, irc->user->nick); |
---|
1868 | char *tmp = g_strdup_printf("%s.new", kf); |
---|
1869 | copyfile(filename, tmp); |
---|
1870 | unlink(filename); |
---|
1871 | rename(tmp,kf); |
---|
1872 | otrl_privkey_read(irc->otr->us, kf); |
---|
1873 | g_free(kf); |
---|
1874 | g_free(tmp); |
---|
1875 | } else { |
---|
1876 | otrl_privkey_read(irc->otr->us, filename); |
---|
1877 | unlink(filename); |
---|
1878 | } |
---|
1879 | } |
---|
1880 | |
---|
1881 | /* forget this job */ |
---|
1882 | g_free(irc->otr->sent_accountname); |
---|
1883 | g_free(irc->otr->sent_protocol); |
---|
1884 | irc->otr->sent_accountname = NULL; |
---|
1885 | irc->otr->sent_protocol = NULL; |
---|
1886 | |
---|
1887 | /* see if there are any more in the queue */ |
---|
1888 | if(irc->otr->todo) { |
---|
1889 | kg_t *p = irc->otr->todo; |
---|
1890 | /* send the next one over */ |
---|
1891 | fprintf(irc->otr->to, "%s\n%s\n", p->accountname, p->protocol); |
---|
1892 | fflush(irc->otr->to); |
---|
1893 | irc->otr->sent_accountname = p->accountname; |
---|
1894 | irc->otr->sent_protocol = p->protocol; |
---|
1895 | irc->otr->todo = p->next; |
---|
1896 | g_free(p); |
---|
1897 | return TRUE; /* keep watching */ |
---|
1898 | } else { |
---|
1899 | /* okay, the slave is idle now, so kill him */ |
---|
1900 | fclose(irc->otr->from); |
---|
1901 | fclose(irc->otr->to); |
---|
1902 | irc->otr->from = irc->otr->to = NULL; |
---|
1903 | kill(irc->otr->keygen, SIGTERM); |
---|
1904 | waitpid(irc->otr->keygen, NULL, 0); |
---|
1905 | irc->otr->keygen = 0; |
---|
1906 | return FALSE; /* unregister ourselves */ |
---|
1907 | } |
---|
1908 | } |
---|
1909 | |
---|
1910 | void copyfile(const char *a, const char *b) |
---|
1911 | { |
---|
1912 | int fda, fdb; |
---|
1913 | int n; |
---|
1914 | char buf[1024]; |
---|
1915 | |
---|
1916 | fda = open(a, O_RDONLY); |
---|
1917 | fdb = open(b, O_WRONLY | O_CREAT | O_TRUNC, 0600); |
---|
1918 | |
---|
1919 | while((n=read(fda, buf, 1024)) > 0) |
---|
1920 | write(fdb, buf, n); |
---|
1921 | |
---|
1922 | close(fda); |
---|
1923 | close(fdb); |
---|
1924 | } |
---|
1925 | |
---|
1926 | void myfgets(char *s, int size, FILE *stream) |
---|
1927 | { |
---|
1928 | if(!fgets(s, size, stream)) { |
---|
1929 | s[0] = '\0'; |
---|
1930 | } else { |
---|
1931 | int n = strlen(s); |
---|
1932 | if(n>0 && s[n-1] == '\n') |
---|
1933 | s[n-1] = '\0'; |
---|
1934 | } |
---|
1935 | } |
---|
1936 | |
---|
1937 | void yes_keygen(void *data) |
---|
1938 | { |
---|
1939 | account_t *acc = (account_t *)data; |
---|
1940 | irc_t *irc = acc->bee->ui_data; |
---|
1941 | |
---|
1942 | if(keygen_in_progress(irc, acc->user, acc->prpl->name)) { |
---|
1943 | irc_rootmsg(irc, "keygen for %s/%s already in progress", |
---|
1944 | acc->user, acc->prpl->name); |
---|
1945 | } else { |
---|
1946 | irc_rootmsg(irc, "starting background keygen for %s/%s", |
---|
1947 | acc->user, acc->prpl->name); |
---|
1948 | irc_rootmsg(irc, "you will be notified when it completes"); |
---|
1949 | otr_keygen(irc, acc->user, acc->prpl->name); |
---|
1950 | } |
---|
1951 | } |
---|
1952 | |
---|
1953 | /* check whether a string is safe to use in a path component */ |
---|
1954 | int strsane(const char *s) |
---|
1955 | { |
---|
1956 | return strpbrk(s, "/\\") == NULL; |
---|
1957 | } |
---|
1958 | |
---|
1959 | /* vim: set noet ts=4 sw=4: */ |
---|