Context Navigation

source: otr.c @ c347a12

Last change on this file since c347a12 was c347a12, checked in by unknown <pesco@…>, at 2013-08-02T20:55:16Z
timer cleanup and "other instance" error message
Property mode set to `100644`
File size: 52.6 KB

Line
1	/********************************************************************\
2	* BitlBee -- An IRC to other IM-networks gateway *
3	* *
4	* Copyright 2002-2012 Wilmer van der Gaast and others *
5	\********************************************************************/
6
7	/*
8	OTR support (cf. http://www.cypherpunks.ca/otr/)
9
10	(c) 2008-2011,2013 Sven Moritz Hallberg <pesco@khjk.org>
11	funded by stonedcoder.org
12
13	files used to store OTR data:
14	<configdir>/<nick>.otr_keys
15	<configdir>/<nick>.otr_fprints
16
17	top-level todos: (search for TODO for more ;-))
18	integrate otr_load/otr_save with existing storage backends
19	per-account policy settings
20	per-user policy settings
21	*/
22
23	/*
24	This program is free software; you can redistribute it and/or modify
25	it under the terms of the GNU General Public License as published by
26	the Free Software Foundation; either version 2 of the License, or
27	(at your option) any later version.
28
29	This program is distributed in the hope that it will be useful,
30	but WITHOUT ANY WARRANTY; without even the implied warranty of
31	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
32	GNU General Public License for more details.
33
34	You should have received a copy of the GNU General Public License with
35	the Debian GNU/Linux distribution in /usr/share/common-licenses/GPL;
36	if not, write to the Free Software Foundation, Inc., 59 Temple Place,
37	Suite 330, Boston, MA 02111-1307 USA
38	*/
39
40	#include "bitlbee.h"
41	#include "irc.h"
42	#include "otr.h"
43	#include <sys/types.h>
44	#include <sys/wait.h>
45	#include <unistd.h>
46	#include <assert.h>
47	#include <signal.h>
48
49
50	/ OTR interface routines for the OtrlMessageAppOps struct: /
51
52	OtrlPolicy op_policy(void opdata, ConnContext context);
53
54	void op_create_privkey(void opdata, const char accountname, const char *protocol);
55
56	int op_is_logged_in(void opdata, const char accountname, const char *protocol,
57	const char *recipient);
58
59	void op_inject_message(void opdata, const char accountname, const char *protocol,
60	const char recipient, const char message);
61
62	void op_new_fingerprint(void opdata, OtrlUserState us, const char accountname,
63	const char protocol, const char username, unsigned char fingerprint[20]);
64
65	void op_write_fingerprints(void *opdata);
66
67	void op_gone_secure(void opdata, ConnContext context);
68
69	void op_gone_insecure(void opdata, ConnContext context);
70
71	void op_still_secure(void opdata, ConnContext context, int is_reply);
72
73	void op_log_message(void opdata, const char message);
74
75	int op_max_message_size(void opdata, ConnContext context);
76
77	const char op_account_name(void opdata, const char account, const char protocol);
78
79	void op_convert_msg(void opdata, ConnContext ctx, OtrlConvertType typ,
80	char *dst, const char src);
81	void op_convert_free(void opdata, ConnContext ctx, char *msg);
82
83	void op_handle_smp_event(void opdata, OtrlSMPEvent ev, ConnContext ctx,
84	unsigned short percent, char *question);
85
86	void op_handle_msg_event(void opdata, OtrlMessageEvent ev, ConnContext ctx,
87	const char *message, gcry_error_t err);
88
89	const char op_otr_error_message(void opdata, ConnContext *ctx,
90	OtrlErrorCode err_code);
91
92	/ otr sub-command handlers: /
93
94	static void cmd_otr(irc_t irc, char *args);
95	void cmd_otr_connect(irc_t irc, char *args);
96	void cmd_otr_disconnect(irc_t irc, char *args);
97	void cmd_otr_reconnect(irc_t irc, char *args);
98	void cmd_otr_smp(irc_t irc, char *args);
99	void cmd_otr_smpq(irc_t irc, char *args);
100	void cmd_otr_trust(irc_t irc, char *args);
101	void cmd_otr_info(irc_t irc, char *args);
102	void cmd_otr_keygen(irc_t irc, char *args);
103	void cmd_otr_forget(irc_t irc, char *args);
104
105	const command_t otr_commands[] = {
106	{ "connect", 1, &cmd_otr_connect, 0 },
107	{ "disconnect", 1, &cmd_otr_disconnect, 0 },
108	{ "reconnect", 1, &cmd_otr_reconnect, 0 },
109	{ "smp", 2, &cmd_otr_smp, 0 },
110	{ "smpq", 3, &cmd_otr_smpq, 0 },
111	{ "trust", 6, &cmd_otr_trust, 0 },
112	{ "info", 0, &cmd_otr_info, 0 },
113	{ "keygen", 1, &cmd_otr_keygen, 0 },
114	{ "forget", 2, &cmd_otr_forget, 0 },
115	{ NULL }
116	};
117
118	typedef struct {
119	void *fst;
120	void *snd;
121	} pair_t;
122
123	static OtrlMessageAppOps otr_ops; /* collects interface functions required by OTR */
124
125
126	/ misc. helpers/subroutines: /
127
128	/* check whether we are already generating a key for a given account */
129	int keygen_in_progress(irc_t irc, const char handle, const char *protocol);
130
131	/* start background process to generate a (new) key for a given account */
132	void otr_keygen(irc_t irc, const char handle, const char *protocol);
133
134	/* main function for the forked keygen slave */
135	void keygen_child_main(OtrlUserState us, int infd, int outfd);
136
137	/* mainloop handler for when a keygen finishes */
138	gboolean keygen_finish_handler(gpointer data, gint fd, b_input_condition cond);
139
140	/* copy the contents of file a to file b, overwriting it if it exists */
141	void copyfile(const char a, const char b);
142
143	/* read one line of input from a stream, excluding trailing newline */
144	void myfgets(char s, int size, FILE stream);
145
146	/* some yes/no handlers */
147	void yes_keygen(void *data);
148	void yes_forget_fingerprint(void *data);
149	void yes_forget_context(void *data);
150	void yes_forget_key(void *data);
151
152	/* timeout handler that calls otrl_message_poll */
153	gboolean ev_message_poll(gpointer data, gint fd, b_input_condition cond);
154
155	/* helper to make sure accountname and protocol match the incoming "opdata" */
156	struct im_connection check_imc(void opdata, const char *accountname,
157	const char *protocol);
158
159	/* determine the nick for a given handle/protocol pair
160	returns "handle/protocol" if not found */
161	const char peernick(irc_t irc, const char handle, const char protocol);
162
163	/* turn a hexadecimal digit into its numerical value */
164	int hexval(char a);
165
166	/* determine the irc_user_t for a given handle/protocol pair
167	returns NULL if not found */
168	irc_user_t peeruser(irc_t irc, const char handle, const char protocol);
169
170	/* show an otr-related message to the user */
171	void display_otr_message(void opdata, ConnContext ctx, const char *fmt, ...);
172
173	/* write an otr-related message to the system log */
174	void log_otr_message(void opdata, const char fmt, ...);
175
176	/* combined handler for the 'otr smp' and 'otr smpq' commands */
177	void otr_smp_or_smpq(irc_t irc, const char nick, const char *question,
178	const char *secret);
179
180	/* update flags within the irc_user structure to reflect OTR status of context */
181	void otr_update_uflags(ConnContext context, irc_user_t u);
182
183	/* update op/voice flag of given user according to encryption state and settings
184	returns 0 if neither op_buddies nor voice_buddies is set to "encrypted",
185	i.e. msgstate should be announced seperately */
186	int otr_update_modeflags(irc_t irc, irc_user_t u);
187
188	/* show general info about the OTR subsystem; called by 'otr info' */
189	void show_general_otr_info(irc_t *irc);
190
191	/* show info about a given OTR context */
192	void show_otr_context_info(irc_t irc, ConnContext ctx);
193
194	/* show the list of fingerprints associated with a given context */
195	void show_fingerprints(irc_t irc, ConnContext ctx);
196
197	/* find a fingerprint by prefix (given as any number of hex strings) */
198	Fingerprint match_fingerprint(irc_t irc, ConnContext ctx, const char *args);
199
200	/* find a private key by fingerprint prefix (given as any number of hex strings) */
201	OtrlPrivKey match_privkey(irc_t irc, const char **args);
202
203	/* check whether a string is safe to use in a path component */
204	int strsane(const char *s);
205
206	/* functions to be called for certain events */
207	static const struct irc_plugin otr_plugin;
208
209
210	/* routines declared in otr.h: */
211
212	#ifdef OTR_BI
213	#define init_plugin otr_init
214	#endif
215
216	void init_plugin(void)
217	{
218	OTRL_INIT;
219
220	/* fill global OtrlMessageAppOps */
221	otr_ops.policy = &op_policy;
222	otr_ops.create_privkey = &op_create_privkey;
223	otr_ops.is_logged_in = &op_is_logged_in;
224	otr_ops.inject_message = &op_inject_message;
225	otr_ops.update_context_list = NULL;
226	otr_ops.new_fingerprint = &op_new_fingerprint;
227	otr_ops.write_fingerprints = &op_write_fingerprints;
228	otr_ops.gone_secure = &op_gone_secure;
229	otr_ops.gone_insecure = &op_gone_insecure;
230	otr_ops.still_secure = &op_still_secure;
231	otr_ops.max_message_size = &op_max_message_size;
232	otr_ops.account_name = &op_account_name;
233	otr_ops.account_name_free = NULL;
234
235	/* stuff added with libotr 4.0.0 */
236	otr_ops.received_symkey = NULL; /* we don't use the extra key */
237	otr_ops.otr_error_message = &op_otr_error_message;
238	otr_ops.otr_error_message_free = NULL;
239	otr_ops.resent_msg_prefix = NULL; /* default: [resent] */
240	otr_ops.resent_msg_prefix_free = NULL;
241	otr_ops.handle_smp_event = &op_handle_smp_event;
242	otr_ops.handle_msg_event = &op_handle_msg_event;
243	otr_ops.create_instag = NULL; // XXX
244	otr_ops.convert_msg = &op_convert_msg;
245	otr_ops.convert_free = &op_convert_free;
246	otr_ops.timer_control = NULL; /* we just poll */
247
248	root_command_add( "otr", 1, cmd_otr, 0 );
249	register_irc_plugin( &otr_plugin );
250	}
251
252	gboolean otr_irc_new(irc_t *irc)
253	{
254	set_t *s;
255	GSList *l;
256
257	irc->otr = g_new0(otr_t, 1);
258	irc->otr->us = otrl_userstate_create();
259
260	s = set_add( &irc->b->set, "otr_color_encrypted", "true", set_eval_bool, irc );
261
262	s = set_add( &irc->b->set, "otr_policy", "opportunistic", set_eval_list, irc );
263	l = g_slist_prepend( NULL, "never" );
264	l = g_slist_prepend( l, "opportunistic" );
265	l = g_slist_prepend( l, "manual" );
266	l = g_slist_prepend( l, "always" );
267	s->eval_data = l;
268
269	s = set_add( &irc->b->set, "otr_does_html", "true", set_eval_bool, irc );
270
271	/* regularly call otrl_message_poll */
272	gint definterval = otrl_message_poll_get_default_interval(irc->otr->us);
273	irc->otr->timer = b_timeout_add(definterval, ev_message_poll, irc->otr);
274
275	return TRUE;
276	}
277
278	void otr_irc_free(irc_t *irc)
279	{
280	otr_t *otr = irc->otr;
281	b_event_remove(otr->timer);
282	otrl_userstate_free(otr->us);
283	if(otr->keygen) {
284	kill(otr->keygen, SIGTERM);
285	waitpid(otr->keygen, NULL, 0);
286	/* TODO: remove stale keygen tempfiles */
287	}
288	if(otr->to)
289	fclose(otr->to);
290	if(otr->from)
291	fclose(otr->from);
292	while(otr->todo) {
293	kg_t *p = otr->todo;
294	otr->todo = p->next;
295	g_free(p);
296	}
297	g_free(otr);
298	}
299
300	void otr_load(irc_t *irc)
301	{
302	char s[512];
303	account_t *a;
304	gcry_error_t e;
305	gcry_error_t enoent = gcry_error_from_errno(ENOENT);
306	int kg=0;
307
308	if(strsane(irc->user->nick)) {
309	g_snprintf(s, 511, "%s%s.otr_keys", global.conf->configdir, irc->user->nick);
310	e = otrl_privkey_read(irc->otr->us, s);
311	if(e && e!=enoent) {
312	irc_rootmsg(irc, "otr load: %s: %s", s, gcry_strerror(e));
313	}
314	g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, irc->user->nick);
315	e = otrl_privkey_read_fingerprints(irc->otr->us, s, NULL, NULL);
316	if(e && e!=enoent) {
317	irc_rootmsg(irc, "otr load: %s: %s", s, gcry_strerror(e));
318	}
319	}
320
321	/* check for otr keys on all accounts */
322	for(a=irc->b->accounts; a; a=a->next) {
323	kg = otr_check_for_key(a) \|\| kg;
324	}
325	if(kg) {
326	irc_rootmsg(irc, "Notice: "
327	"The accounts above do not have OTR encryption keys associated with them, yet. "
328	"These keys are now being generated in the background. "
329	"You will be notified as they are completed. "
330	"It is not necessary to wait; "
331	"BitlBee can be used normally during key generation. "
332	"You may safely ignore this message if you don't know what OTR is. ;)");
333	}
334	}
335
336	void otr_save(irc_t *irc)
337	{
338	char s[512];
339	gcry_error_t e;
340
341	if(strsane(irc->user->nick)) {
342	g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, irc->user->nick);
343	e = otrl_privkey_write_fingerprints(irc->otr->us, s);
344	if(e) {
345	irc_rootmsg(irc, "otr save: %s: %s", s, gcry_strerror(e));
346	}
347	chmod(s, 0600);
348	}
349	}
350
351	void otr_remove(const char *nick)
352	{
353	char s[512];
354
355	if(strsane(nick)) {
356	g_snprintf(s, 511, "%s%s.otr_keys", global.conf->configdir, nick);
357	unlink(s);
358	g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, nick);
359	unlink(s);
360	}
361	}
362
363	void otr_rename(const char onick, const char nnick)
364	{
365	char s[512], t[512];
366
367	if(strsane(nnick) && strsane(onick)) {
368	g_snprintf(s, 511, "%s%s.otr_keys", global.conf->configdir, onick);
369	g_snprintf(t, 511, "%s%s.otr_keys", global.conf->configdir, nnick);
370	rename(s,t);
371	g_snprintf(s, 511, "%s%s.otr_fprints", global.conf->configdir, onick);
372	g_snprintf(t, 511, "%s%s.otr_fprints", global.conf->configdir, nnick);
373	rename(s,t);
374	}
375	}
376
377	int otr_check_for_key(account_t *a)
378	{
379	irc_t *irc = a->bee->ui_data;
380	OtrlPrivKey *k;
381
382	/* don't do OTR on certain (not classic IM) protocols, e.g. twitter */
383	if(a->prpl->options & OPT_NOOTR) {
384	return 0;
385	}
386
387	k = otrl_privkey_find(irc->otr->us, a->user, a->prpl->name);
388	if(k) {
389	irc_rootmsg(irc, "otr: %s/%s ready", a->user, a->prpl->name);
390	return 0;
391	} if(keygen_in_progress(irc, a->user, a->prpl->name)) {
392	irc_rootmsg(irc, "otr: keygen for %s/%s already in progress", a->user, a->prpl->name);
393	return 0;
394	} else {
395	irc_rootmsg(irc, "otr: starting background keygen for %s/%s", a->user, a->prpl->name);
396	otr_keygen(irc, a->user, a->prpl->name);
397	return 1;
398	}
399	}
400
401	char otr_filter_msg_in(irc_user_t iu, char *msg, int flags)
402	{
403	int ignore_msg;
404	char *newmsg = NULL;
405	OtrlTLV *tlvs = NULL;
406	irc_t *irc = iu->irc;
407	struct im_connection *ic = iu->bu->ic;
408
409	/* don't do OTR on certain (not classic IM) protocols, e.g. twitter */
410	if(ic->acc->prpl->options & OPT_NOOTR) {
411	return msg;
412	}
413
414	ignore_msg = otrl_message_receiving(irc->otr->us, &otr_ops, ic,
415	ic->acc->user, ic->acc->prpl->name, iu->bu->handle, msg, &newmsg,
416	&tlvs, NULL, NULL, NULL);
417
418	if(ignore_msg) {
419	/* this was an internal OTR protocol message */
420	return NULL;
421	} else if(!newmsg) {
422	/* this was a non-OTR message */
423	return msg;
424	} else {
425	/* we're done with the original msg, which will be caller-freed. */
426	return newmsg;
427	}
428	}
429
430	char otr_filter_msg_out(irc_user_t iu, char *msg, int flags)
431	{
432	int st;
433	char *otrmsg = NULL;
434	char emsg = msg; / the message as we hand it to libotr */
435	ConnContext *ctx = NULL;
436	irc_t *irc = iu->irc;
437	struct im_connection *ic = iu->bu->ic;
438	otrl_instag_t instag = OTRL_INSTAG_RECENT; // XXX?
439
440	/* don't do OTR on certain (not classic IM) protocols, e.g. twitter */
441	if(ic->acc->prpl->options & OPT_NOOTR) {
442	return msg;
443	}
444
445	st = otrl_message_sending(irc->otr->us, &otr_ops, ic,
446	ic->acc->user, ic->acc->prpl->name, iu->bu->handle, instag,
447	emsg, NULL, &otrmsg, OTRL_FRAGMENT_SEND_ALL, &ctx, NULL, NULL);
448	/* in libotr 4.0.0 with OTRL_FRAGMENT_SEND_ALL, otrmsg must be passed
449	* but the value it gets carries no meaning. it can be set even though
450	* the message has been injected. */
451
452	if(emsg != msg) {
453	g_free(emsg); /* we're done with this one */
454	}
455	if(st) {
456	/* TODO: Error reporting? */
457	}
458
459	return NULL;
460	}
461
462	static const struct irc_plugin otr_plugin =
463	{
464	otr_irc_new,
465	otr_irc_free,
466	otr_filter_msg_out,
467	otr_filter_msg_in,
468	otr_load,
469	otr_save,
470	otr_remove,
471	};
472
473	static void cmd_otr(irc_t irc, char *args)
474	{
475	const command_t *cmd;
476
477	if(!args[0])
478	return;
479
480	if(!args[1])
481	return;
482
483	for(cmd=otr_commands; cmd->command; cmd++) {
484	if(strcmp(cmd->command, args[1]) == 0)
485	break;
486	}
487
488	if(!cmd->command) {
489	irc_rootmsg(irc, "%s: unknown subcommand \"%s\", see \x02help otr\x02",
490	args[0], args[1]);
491	return;
492	}
493
494	if(!args[cmd->required_parameters+1]) {
495	irc_rootmsg(irc, "%s %s: not enough arguments (%d req.)",
496	args[0], args[1], cmd->required_parameters);
497	return;
498	}
499
500	cmd->execute(irc, args+1);
501	}
502
503
504	/* OTR "MessageAppOps" callbacks for global.otr_ui: */
505
506	OtrlPolicy op_policy(void opdata, ConnContext context)
507	{
508	struct im_connection *ic = check_imc(opdata, context->accountname, context->protocol);
509	irc_t *irc = ic->bee->ui_data;
510	const char *p;
511
512	/* policy override during keygen: if we're missing the key for context but are currently
513	generating it, then that's as much as we can do. => temporarily return NEVER. */
514	if(keygen_in_progress(irc, context->accountname, context->protocol) &&
515	!otrl_privkey_find(irc->otr->us, context->accountname, context->protocol))
516	return OTRL_POLICY_NEVER;
517
518	p = set_getstr(&ic->bee->set, "otr_policy");
519	if(!strcmp(p, "never"))
520	return OTRL_POLICY_NEVER;
521	if(!strcmp(p, "opportunistic"))
522	return OTRL_POLICY_OPPORTUNISTIC;
523	if(!strcmp(p, "manual"))
524	return OTRL_POLICY_MANUAL;
525	if(!strcmp(p, "always"))
526	return OTRL_POLICY_ALWAYS;
527
528	return OTRL_POLICY_OPPORTUNISTIC;
529	}
530
531	void op_create_privkey(void opdata, const char accountname,
532	const char *protocol)
533	{
534	struct im_connection *ic = check_imc(opdata, accountname, protocol);
535	irc_t *irc = ic->bee->ui_data;
536
537	/* will fail silently if keygen already in progress */
538	otr_keygen(irc, accountname, protocol);
539	}
540
541	int op_is_logged_in(void opdata, const char accountname,
542	const char protocol, const char recipient)
543	{
544	struct im_connection *ic = check_imc(opdata, accountname, protocol);
545	bee_user_t *bu;
546
547	/* lookup the irc_user_t for the given recipient */
548	bu = bee_user_by_handle(ic->bee, ic, recipient);
549	if(bu) {
550	if(bu->flags & BEE_USER_ONLINE)
551	return 1;
552	else
553	return 0;
554	} else {
555	return -1;
556	}
557	}
558
559	void op_inject_message(void opdata, const char accountname,
560	const char protocol, const char recipient, const char *message)
561	{
562	struct im_connection *ic = check_imc(opdata, accountname, protocol);
563	irc_t *irc = ic->bee->ui_data;
564
565	if (strcmp(accountname, recipient) == 0) {
566	/* huh? injecting messages to myself? */
567	irc_rootmsg(irc, "note to self: %s", message);
568	} else {
569	/* need to drop some consts here :-( */
570	/* TODO: get flags into op_inject_message?! */
571	ic->acc->prpl->buddy_msg(ic, (char )recipient, (char )message, 0);
572	/* ignoring return value :-/ */
573	}
574	}
575
576	void op_new_fingerprint(void *opdata, OtrlUserState us,
577	const char accountname, const char protocol,
578	const char *username, unsigned char fingerprint[20])
579	{
580	struct im_connection *ic = check_imc(opdata, accountname, protocol);
581	irc_t *irc = ic->bee->ui_data;
582	irc_user_t *u = peeruser(irc, username, protocol);
583	char hunam[45]; /* anybody looking? ;-) */
584
585	otrl_privkey_hash_to_human(hunam, fingerprint);
586	if(u) {
587	irc_usernotice(u, "new fingerprint: %s", hunam);
588	} else {
589	/* this case shouldn't normally happen */
590	irc_rootmsg(irc, "new fingerprint for %s/%s: %s",
591	username, protocol, hunam);
592	}
593	}
594
595	void op_write_fingerprints(void *opdata)
596	{
597	struct im_connection ic = (struct im_connection )opdata;
598	irc_t *irc = ic->bee->ui_data;
599
600	otr_save(irc);
601	}
602
603	void op_gone_secure(void opdata, ConnContext context)
604	{
605	struct im_connection *ic =
606	check_imc(opdata, context->accountname, context->protocol);
607	irc_user_t *u;
608	irc_t *irc = ic->bee->ui_data;
609
610	u = peeruser(irc, context->username, context->protocol);
611	if(!u) {
612	log_message(LOGLVL_ERROR,
613	"BUG: otr.c: op_gone_secure: irc_user_t for %s/%s/%s not found!",
614	context->username, context->protocol, context->accountname);
615	return;
616	}
617
618	otr_update_uflags(context, u);
619	if(!otr_update_modeflags(irc, u)) {
620	char *trust = u->flags & IRC_USER_OTR_TRUSTED ? "trusted" : "untrusted!";
621	irc_usernotice(u, "conversation is now off the record (%s)", trust);
622	}
623	}
624
625	void op_gone_insecure(void opdata, ConnContext context)
626	{
627	struct im_connection *ic =
628	check_imc(opdata, context->accountname, context->protocol);
629	irc_t *irc = ic->bee->ui_data;
630	irc_user_t *u;
631
632	u = peeruser(irc, context->username, context->protocol);
633	if(!u) {
634	log_message(LOGLVL_ERROR,
635	"BUG: otr.c: op_gone_insecure: irc_user_t for %s/%s/%s not found!",
636	context->username, context->protocol, context->accountname);
637	return;
638	}
639	otr_update_uflags(context, u);
640	if(!otr_update_modeflags(irc, u))
641	irc_usernotice(u, "conversation is now in cleartext");
642	}
643
644	void op_still_secure(void opdata, ConnContext context, int is_reply)
645	{
646	struct im_connection *ic =
647	check_imc(opdata, context->accountname, context->protocol);
648	irc_t *irc = ic->bee->ui_data;
649	irc_user_t *u;
650
651	u = peeruser(irc, context->username, context->protocol);
652	if(!u) {
653	log_message(LOGLVL_ERROR,
654	"BUG: otr.c: op_still_secure: irc_user_t for %s/%s/%s not found!",
655	context->username, context->protocol, context->accountname);
656	return;
657	}
658
659	otr_update_uflags(context, u);
660	if(!otr_update_modeflags(irc, u)) {
661	char *trust = u->flags & IRC_USER_OTR_TRUSTED ? "trusted" : "untrusted!";
662	irc_usernotice(u, "otr connection has been refreshed (%s)", trust);
663	}
664	}
665
666	int op_max_message_size(void opdata, ConnContext context)
667	{
668	struct im_connection *ic =
669	check_imc(opdata, context->accountname, context->protocol);
670
671	return ic->acc->prpl->mms;
672	}
673
674	const char op_account_name(void opdata, const char account, const char protocol)
675	{
676	struct im_connection ic = (struct im_connection )opdata;
677	irc_t *irc = ic->bee->ui_data;
678
679	return peernick(irc, account, protocol);
680	}
681
682	void op_convert_msg(void opdata, ConnContext ctx, OtrlConvertType typ,
683	char *dst, const char src)
684	{
685	struct im_connection *ic =
686	check_imc(opdata, ctx->accountname, ctx->protocol);
687	irc_t *irc = ic->bee->ui_data;
688	irc_user_t *iu = peeruser(irc, ctx->username, ctx->protocol);
689
690	if(typ == OTRL_CONVERT_RECEIVING) {
691	char *msg = g_strdup(src);
692
693	/* HTML decoding */
694	if(set_getbool(&ic->bee->set, "otr_does_html") &&
695	!(ic->flags & OPT_DOES_HTML) &&
696	set_getbool(&ic->bee->set, "strip_html")) {
697	strip_html(msg);
698	*dst = msg;
699	}
700
701	/* coloring */
702	if(set_getbool(&ic->bee->set, "otr_color_encrypted")) {
703	int color; /* color according to f'print trust */
704	char pre="", sep=""; /* optional parts */
705	const char *trust = ctx->active_fingerprint->trust;
706
707	if(trust && trust[0] != '\0')
708	color=3; /* green */
709	else
710	color=5; /* red */
711
712	/* in a query window, keep "/me " uncolored at the beginning */
713	if(g_strncasecmp(msg, "/me ", 4) == 0
714	&& irc_user_msgdest(iu) == irc->user->nick) {
715	msg += 4; /* skip */
716	pre = "/me ";
717	}
718
719	/* comma in first place could mess with the color code */
720	if(msg[0] == ',') {
721	/* insert a space between color spec and message */
722	sep = " ";
723	}
724
725	*dst = g_strdup_printf("%s\x03%.2d%s%s\x0F", pre,
726	color, sep, msg);
727	g_free(msg);
728	}
729	} else {
730	/* HTML encoding */
731	/* consider OTR plaintext to be HTML if otr_does_html is set */
732	if(ctx && ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED &&
733	set_getbool(&ic->bee->set, "otr_does_html") &&
734	(g_strncasecmp(src, "<html>", 6) != 0)) {
735	*dst = escape_html(src);
736	}
737	}
738	}
739
740	void op_convert_free(void opdata, ConnContext ctx, char *msg)
741	{
742	g_free(msg);
743	}
744
745	/* Socialist Millionaires' Protocol */
746	void op_handle_smp_event(void opdata, OtrlSMPEvent ev, ConnContext ctx,
747	unsigned short percent, char *question)
748	{
749	struct im_connection *ic =
750	check_imc(opdata, ctx->accountname, ctx->protocol);
751	irc_t *irc = ic->bee->ui_data;
752	OtrlUserState us = irc->otr->us;
753	irc_user_t *u = peeruser(irc, ctx->username, ctx->protocol);
754
755	if(!u) return;
756
757	switch(ev) {
758	case OTRL_SMPEVENT_ASK_FOR_SECRET:
759	irc_rootmsg(irc, "smp: initiated by %s"
760	" - respond with \x02otr smp %s <secret>\x02",
761	u->nick, u->nick);
762	break;
763	case OTRL_SMPEVENT_ASK_FOR_ANSWER:
764	irc_rootmsg(irc, "smp: initiated by %s with question: \x02\"%s\"\x02", u->nick,
765	question);
766	irc_rootmsg(irc, "smp: respond with \x02otr smp %s <answer>\x02",
767	u->nick);
768	break;
769	case OTRL_SMPEVENT_CHEATED:
770	irc_rootmsg(irc, "smp %s: opponent violated protocol, aborting",
771	u->nick);
772	otrl_message_abort_smp(us, &otr_ops, u->bu->ic, ctx);
773	otrl_sm_state_free(ctx->smstate);
774	break;
775	case OTRL_SMPEVENT_NONE:
776	break;
777	case OTRL_SMPEVENT_IN_PROGRESS:
778	break;
779	case OTRL_SMPEVENT_SUCCESS:
780	if(ctx->smstate->received_question) {
781	irc_rootmsg(irc, "smp %s: correct answer, you are trusted",
782	u->nick);
783	} else {
784	irc_rootmsg(irc, "smp %s: secrets proved equal, fingerprint trusted",
785	u->nick);
786	}
787	otrl_sm_state_free(ctx->smstate);
788	break;
789	case OTRL_SMPEVENT_FAILURE:
790	if(ctx->smstate->received_question) {
791	irc_rootmsg(irc, "smp %s: wrong answer, you are not trusted",
792	u->nick);
793	} else {
794	irc_rootmsg(irc, "smp %s: secrets did not match, fingerprint not trusted",
795	u->nick);
796	}
797	otrl_sm_state_free(ctx->smstate);
798	break;
799	case OTRL_SMPEVENT_ABORT:
800	irc_rootmsg(irc, "smp: received abort from %s", u->nick);
801	otrl_sm_state_free(ctx->smstate);
802	break;
803	case OTRL_SMPEVENT_ERROR:
804	irc_rootmsg(irc, "smp %s: protocol error, aborting",
805	u->nick);
806	otrl_message_abort_smp(us, &otr_ops, u->bu->ic, ctx);
807	otrl_sm_state_free(ctx->smstate);
808	break;
809	}
810	}
811
812	void op_handle_msg_event(void opdata, OtrlMessageEvent ev, ConnContext ctx,
813	const char *message, gcry_error_t err)
814	{
815	switch(ev) {
816	case OTRL_MSGEVENT_ENCRYPTION_REQUIRED:
817	display_otr_message(opdata, ctx,
818	"policy requires encryption - message not sent");
819	break;
820	case OTRL_MSGEVENT_ENCRYPTION_ERROR:
821	display_otr_message(opdata, ctx,
822	"error during encryption - message not sent");
823	break;
824	case OTRL_MSGEVENT_CONNECTION_ENDED:
825	display_otr_message(opdata, ctx,
826	"other end has disconnected OTR - "
827	"close connection or reconnect!");
828	break;
829	case OTRL_MSGEVENT_SETUP_ERROR:
830	display_otr_message(opdata, ctx,
831	"OTR connection failed: %s", gcry_strerror(err));
832	break;
833	case OTRL_MSGEVENT_MSG_REFLECTED:
834	display_otr_message(opdata, ctx,
835	"received our own OTR message (!?)");
836	break;
837	case OTRL_MSGEVENT_MSG_RESENT:
838	display_otr_message(opdata, ctx,
839	"the previous message was resent");
840	break;
841	case OTRL_MSGEVENT_RCVDMSG_NOT_IN_PRIVATE:
842	display_otr_message(opdata, ctx,
843	"unexpected encrypted message received");
844	break;
845	case OTRL_MSGEVENT_RCVDMSG_UNREADABLE:
846	display_otr_message(opdata, ctx,
847	"unreadable encrypted message received");
848	break;
849	case OTRL_MSGEVENT_RCVDMSG_FOR_OTHER_INSTANCE:
850	display_otr_message(opdata, ctx,
851	"OTR message for a different instance received");
852	break;
853	case OTRL_MSGEVENT_RCVDMSG_MALFORMED:
854	display_otr_message(opdata, ctx,
855	"malformed OTR message received");
856	break;
857	case OTRL_MSGEVENT_RCVDMSG_GENERAL_ERR:
858	display_otr_message(opdata, ctx,
859	"OTR error message received: %s", message);
860	break;
861	case OTRL_MSGEVENT_RCVDMSG_UNENCRYPTED:
862	display_otr_message(opdata, ctx,
863	"unencrypted message received: %s", message);
864	break;
865	case OTRL_MSGEVENT_RCVDMSG_UNRECOGNIZED:
866	display_otr_message(opdata, ctx,
867	"unrecognized OTR message received");
868	break;
869	default:
870	/* ignore XXX log? */
871	break;
872	}
873	}
874
875	const char op_otr_error_message(void opdata, ConnContext *ctx,
876	OtrlErrorCode err_code)
877	{
878	switch(err_code) {
879	case OTRL_ERRCODE_ENCRYPTION_ERROR:
880	return "i failed to encrypt a message";
881	case OTRL_ERRCODE_MSG_NOT_IN_PRIVATE:
882	return "you sent an encrypted message i didn't expect";
883	case OTRL_ERRCODE_MSG_UNREADABLE:
884	return "could not read encrypted message";
885	case OTRL_ERRCODE_MSG_MALFORMED:
886	return "you sent a malformed OTR message";
887	default:
888	return "i suffered an unexpected OTR error";
889	}
890	}
891
892
893
894	/* OTR sub-command handlers */
895
896	void cmd_otr_reconnect(irc_t irc, char *args)
897	{
898	cmd_otr_disconnect(irc, args);
899	cmd_otr_connect(irc, args);
900	}
901
902	void cmd_otr_disconnect(irc_t irc, char *args)
903	{
904	irc_user_t *u;
905
906	u = irc_user_by_name(irc, args[1]);
907	if(!u \|\| !u->bu \|\| !u->bu->ic) {
908	irc_rootmsg(irc, "%s: unknown user", args[1]);
909	return;
910	}
911
912	/* XXX we disconnect all instances; is that what we want? */
913	otrl_message_disconnect_all_instances(irc->otr->us, &otr_ops,
914	u->bu->ic, u->bu->ic->acc->user, u->bu->ic->acc->prpl->name, u->bu->handle);
915
916	/* for some reason, libotr (4.0.0) doesn't do this itself: */
917	if(!(u->flags & IRC_USER_OTR_ENCRYPTED))
918	return;
919
920	ConnContext ctx, p;
921	ctx = otrl_context_find(irc->otr->us, u->bu->handle, u->bu->ic->acc->user,
922	u->bu->ic->acc->prpl->name, OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL);
923	if(!ctx) { /* huh? */
924	u->flags &= ( IRC_USER_OTR_ENCRYPTED \| IRC_USER_OTR_TRUSTED );
925	return;
926	}
927
928	for(p=ctx; p && p->m_context == ctx->m_context; p=p->next)
929	op_gone_insecure(u->bu->ic, p);
930	}
931
932	void cmd_otr_connect(irc_t irc, char *args)
933	{
934	irc_user_t *u;
935
936	u = irc_user_by_name(irc, args[1]);
937	if(!u \|\| !u->bu \|\| !u->bu->ic) {
938	irc_rootmsg(irc, "%s: unknown user", args[1]);
939	return;
940	}
941	if(!(u->bu->flags & BEE_USER_ONLINE)) {
942	irc_rootmsg(irc, "%s is offline", args[1]);
943	return;
944	}
945
946	bee_user_msg(irc->b, u->bu, "?OTR?v2?", 0);
947	}
948
949	void cmd_otr_smp(irc_t irc, char *args)
950	{
951	otr_smp_or_smpq(irc, args[1], NULL, args[2]); /* no question */
952	}
953
954	void cmd_otr_smpq(irc_t irc, char *args)
955	{
956	otr_smp_or_smpq(irc, args[1], args[2], args[3]);
957	}
958
959	void cmd_otr_trust(irc_t irc, char *args)
960	{
961	irc_user_t *u;
962	ConnContext *ctx;
963	unsigned char raw[20];
964	Fingerprint *fp;
965	int i,j;
966
967	u = irc_user_by_name(irc, args[1]);
968	if(!u \|\| !u->bu \|\| !u->bu->ic) {
969	irc_rootmsg(irc, "%s: unknown user", args[1]);
970	return;
971	}
972
973	ctx = otrl_context_find(irc->otr->us, u->bu->handle,
974	u->bu->ic->acc->user, u->bu->ic->acc->prpl->name, OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL);
975	if(!ctx) {
976	irc_rootmsg(irc, "%s: no otr context with user", args[1]);
977	return;
978	}
979
980	/* convert given fingerprint to raw representation */
981	for(i=0; i<5; i++) {
982	for(j=0; j<4; j++) {
983	char p = args[2+i]+(2j);
984	char *q = p+1;
985	int x, y;
986
987	if(!p \|\| !q) {
988	irc_rootmsg(irc, "failed: truncated fingerprint block %d", i+1);
989	return;
990	}
991
992	x = hexval(*p);
993	y = hexval(*q);
994	if(x<0) {
995	irc_rootmsg(irc, "failed: %d. hex digit of block %d out of range", 2*j+1, i+1);
996	return;
997	}
998	if(y<0) {
999	irc_rootmsg(irc, "failed: %d. hex digit of block %d out of range", 2*j+2, i+1);
1000	return;
1001	}
1002
1003	raw[i4+j] = x16 + y;
1004	}
1005	}
1006	fp = otrl_context_find_fingerprint(ctx, raw, 0, NULL);
1007	if(!fp) {
1008	irc_rootmsg(irc, "failed: no such fingerprint for %s", args[1]);
1009	} else {
1010	char *trust = args[7] ? args[7] : "affirmed";
1011	otrl_context_set_trust(fp, trust);
1012	irc_rootmsg(irc, "fingerprint match, trust set to \"%s\"", trust);
1013	if(u->flags & IRC_USER_OTR_ENCRYPTED)
1014	u->flags \|= IRC_USER_OTR_TRUSTED;
1015	otr_update_modeflags(irc, u);
1016	}
1017	}
1018
1019	void cmd_otr_info(irc_t irc, char *args)
1020	{
1021	if(!args[1]) {
1022	show_general_otr_info(irc);
1023	} else {
1024	char *arg = g_strdup(args[1]);
1025	char myhandle, handle=NULL, *protocol;
1026	ConnContext *ctx;
1027
1028	/* interpret arg as 'user/protocol/account' if possible */
1029	protocol = strchr(arg, '/');
1030	myhandle = NULL;
1031	if(protocol) {
1032	*(protocol++) = '\0';
1033	myhandle = strchr(protocol, '/');
1034	}
1035	if(protocol && myhandle) {
1036	*(myhandle++) = '\0';
1037	handle = arg;
1038	ctx = otrl_context_find(irc->otr->us, handle, myhandle, protocol, OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL);
1039	if(!ctx) {
1040	irc_rootmsg(irc, "no such context");
1041	g_free(arg);
1042	return;
1043	}
1044	} else {
1045	irc_user_t *u = irc_user_by_name(irc, args[1]);
1046	if(!u \|\| !u->bu \|\| !u->bu->ic) {
1047	irc_rootmsg(irc, "%s: unknown user", args[1]);
1048	g_free(arg);
1049	return;
1050	}
1051	ctx = otrl_context_find(irc->otr->us, u->bu->handle, u->bu->ic->acc->user,
1052	u->bu->ic->acc->prpl->name, OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL);
1053	if(!ctx) {
1054	irc_rootmsg(irc, "no otr context with %s", args[1]);
1055	g_free(arg);
1056	return;
1057	}
1058	}
1059
1060	/* show how we resolved the (nick) argument, if we did */
1061	if(handle!=arg) {
1062	irc_rootmsg(irc, "%s is %s/%s; we are %s/%s to them", args[1],
1063	ctx->username, ctx->protocol, ctx->accountname, ctx->protocol);
1064	}
1065	show_otr_context_info(irc, ctx);
1066	g_free(arg);
1067	}
1068	}
1069
1070	void cmd_otr_keygen(irc_t irc, char *args)
1071	{
1072	int i, n;
1073	account_t *a;
1074
1075	n = atoi(args[1]);
1076	if(n<0 \|\| (!n && strcmp(args[1], "0"))) {
1077	irc_rootmsg(irc, "%s: invalid account number", args[1]);
1078	return;
1079	}
1080
1081	a = irc->b->accounts;
1082	for(i=0; i<n && a; i++, a=a->next);
1083	if(!a) {
1084	irc_rootmsg(irc, "%s: no such account", args[1]);
1085	return;
1086	}
1087
1088	if(keygen_in_progress(irc, a->user, a->prpl->name)) {
1089	irc_rootmsg(irc, "keygen for account %d already in progress", n);
1090	return;
1091	}
1092
1093	if(otrl_privkey_find(irc->otr->us, a->user, a->prpl->name)) {
1094	char *s = g_strdup_printf("account %d already has a key, replace it?", n);
1095	query_add(irc, NULL, s, yes_keygen, NULL, NULL, a);
1096	g_free(s);
1097	} else {
1098	otr_keygen(irc, a->user, a->prpl->name);
1099	}
1100	}
1101
1102	void yes_forget_fingerprint(void *data)
1103	{
1104	pair_t p = (pair_t )data;
1105	irc_t irc = (irc_t )p->fst;
1106	Fingerprint fp = (Fingerprint )p->snd;
1107
1108	g_free(p);
1109
1110	if(fp == fp->context->active_fingerprint) {
1111	irc_rootmsg(irc, "that fingerprint is active, terminate otr connection first");
1112	return;
1113	}
1114
1115	otrl_context_forget_fingerprint(fp, 0);
1116	}
1117
1118	void yes_forget_context(void *data)
1119	{
1120	pair_t p = (pair_t )data;
1121	irc_t irc = (irc_t )p->fst;
1122	ConnContext ctx = (ConnContext )p->snd;
1123
1124	g_free(p);
1125
1126	// XXX forget all contexts
1127
1128	if(ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) {
1129	irc_rootmsg(irc, "active otr connection with %s, terminate it first",
1130	peernick(irc, ctx->username, ctx->protocol));
1131	return;
1132	}
1133
1134	if(ctx->msgstate == OTRL_MSGSTATE_FINISHED)
1135	otrl_context_force_plaintext(ctx);
1136	otrl_context_forget(ctx);
1137	}
1138
1139	void yes_forget_key(void *data)
1140	{
1141	OtrlPrivKey key = (OtrlPrivKey )data;
1142
1143	otrl_privkey_forget(key);
1144	/* Hm, libotr doesn't seem to offer a function for explicitly /writing/
1145	keyfiles. So the key will be back on the next load... */
1146	/* TODO: Actually erase forgotten keys from storage? */
1147	}
1148
1149	void cmd_otr_forget(irc_t irc, char *args)
1150	{
1151	if(!strcmp(args[1], "fingerprint"))
1152	{
1153	irc_user_t *u;
1154	ConnContext *ctx;
1155	Fingerprint *fp;
1156	char human[54];
1157	char *s;
1158	pair_t *p;
1159
1160	if(!args[3]) {
1161	irc_rootmsg(irc, "otr %s %s: not enough arguments (2 req.)", args[0], args[1]);
1162	return;
1163	}
1164
1165	/* TODO: allow context specs ("user/proto/account") in 'otr forget fingerprint'? */
1166	u = irc_user_by_name(irc, args[2]);
1167	if(!u \|\| !u->bu \|\| !u->bu->ic) {
1168	irc_rootmsg(irc, "%s: unknown user", args[2]);
1169	return;
1170	}
1171
1172	ctx = otrl_context_find(irc->otr->us, u->bu->handle, u->bu->ic->acc->user,
1173	u->bu->ic->acc->prpl->name, OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL);
1174	if(!ctx) {
1175	irc_rootmsg(irc, "no otr context with %s", args[2]);
1176	return;
1177	}
1178
1179	fp = match_fingerprint(irc, ctx, ((const char **)args)+3);
1180	if(!fp) {
1181	/* match_fingerprint does error messages */
1182	return;
1183	}
1184
1185	if(fp == ctx->active_fingerprint) {
1186	irc_rootmsg(irc, "that fingerprint is active, terminate otr connection first");
1187	return;
1188	}
1189
1190	otrl_privkey_hash_to_human(human, fp->fingerprint);
1191	s = g_strdup_printf("about to forget fingerprint %s, are you sure?", human);
1192	p = g_malloc(sizeof(pair_t));
1193	if(!p)
1194	return;
1195	p->fst = irc;
1196	p->snd = fp;
1197	query_add(irc, NULL, s, yes_forget_fingerprint, NULL, NULL, p);
1198	g_free(s);
1199	}
1200
1201	else if(!strcmp(args[1], "context"))
1202	{
1203	irc_user_t *u;
1204	ConnContext *ctx;
1205	char *s;
1206	pair_t *p;
1207
1208	/* TODO: allow context specs ("user/proto/account") in 'otr forget contex'? */
1209	u = irc_user_by_name(irc, args[2]);
1210	if(!u \|\| !u->bu \|\| !u->bu->ic) {
1211	irc_rootmsg(irc, "%s: unknown user", args[2]);
1212	return;
1213	}
1214
1215	ctx = otrl_context_find(irc->otr->us, u->bu->handle, u->bu->ic->acc->user,
1216	u->bu->ic->acc->prpl->name, OTRL_INSTAG_MASTER, 0, NULL, NULL, NULL);
1217	if(!ctx) {
1218	irc_rootmsg(irc, "no otr context with %s", args[2]);
1219	return;
1220	}
1221
1222	if(ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) {
1223	irc_rootmsg(irc, "active otr connection with %s, terminate it first", args[2]);
1224	return;
1225	}
1226
1227	s = g_strdup_printf("about to forget otr data about %s, are you sure?", args[2]);
1228	p = g_malloc(sizeof(pair_t));
1229	if(!p)
1230	return;
1231	p->fst = irc;
1232	p->snd = ctx;
1233	query_add(irc, NULL, s, yes_forget_context, NULL, NULL, p);
1234	g_free(s);
1235	}
1236
1237	else if(!strcmp(args[1], "key"))
1238	{
1239	OtrlPrivKey *key;
1240	char *s;
1241
1242	key = match_privkey(irc, ((const char **)args)+2);
1243	if(!key) {
1244	/* match_privkey does error messages */
1245	return;
1246	}
1247
1248	s = g_strdup_printf("about to forget the private key for %s/%s, are you sure?",
1249	key->accountname, key->protocol);
1250	query_add(irc, NULL, s, yes_forget_key, NULL, NULL, key);
1251	g_free(s);
1252	}
1253
1254	else
1255	{
1256	irc_rootmsg(irc, "otr %s: unknown subcommand \"%s\", see \x02help otr forget\x02",
1257	args[0], args[1]);
1258	}
1259	}
1260
1261
1262	/* local helpers / subroutines: */
1263
1264	void log_otr_message(void opdata, const char fmt, ...)
1265	{
1266	va_list va;
1267
1268	va_start(va, fmt);
1269	char *msg = g_strdup_vprintf(fmt, va);
1270	va_end(va);
1271
1272	log_message(LOGLVL_INFO, "otr: %s", msg);
1273	}
1274
1275	void display_otr_message(void opdata, ConnContext ctx, const char *fmt, ...)
1276	{
1277	struct im_connection *ic =
1278	check_imc(opdata, ctx->accountname, ctx->protocol);
1279	irc_t *irc = ic->bee->ui_data;
1280	irc_user_t *u = peeruser(irc, ctx->username, ctx->protocol);
1281	va_list va;
1282
1283	va_start(va, fmt);
1284	char *msg = g_strdup_vprintf(fmt, va);
1285	va_end(va);
1286
1287	if(u) {
1288	/* display as a notice from this particular user */
1289	irc_usernotice(u, "%s", msg);
1290	} else {
1291	irc_rootmsg(irc, "[otr] %s", msg);
1292	}
1293
1294	g_free(msg);
1295	}
1296
1297	/* combined handler for the 'otr smp' and 'otr smpq' commands */
1298	void otr_smp_or_smpq(irc_t irc, const char nick, const char *question,
1299	const char *secret)
1300	{
1301	irc_user_t *u;
1302	ConnContext *ctx;
1303	otrl_instag_t instag = OTRL_INSTAG_RECENT; // XXX
1304
1305	u = irc_user_by_name(irc, nick);
1306	if(!u \|\| !u->bu \|\| !u->bu->ic) {
1307	irc_rootmsg(irc, "%s: unknown user", nick);
1308	return;
1309	}
1310	if(!(u->bu->flags & BEE_USER_ONLINE)) {
1311	irc_rootmsg(irc, "%s is offline", nick);
1312	return;
1313	}
1314
1315	ctx = otrl_context_find(irc->otr->us, u->bu->handle,
1316	u->bu->ic->acc->user, u->bu->ic->acc->prpl->name, instag, 0, NULL, NULL, NULL);
1317	if(!ctx \|\| ctx->msgstate != OTRL_MSGSTATE_ENCRYPTED) {
1318	irc_rootmsg(irc, "smp: otr inactive with %s, try \x02otr connect"
1319	" %s\x02", nick, nick);
1320	return;
1321	}
1322
1323	if(ctx->smstate->nextExpected != OTRL_SMP_EXPECT1) {
1324	log_message(LOGLVL_INFO,
1325	"SMP already in phase %d, sending abort before reinitiating",
1326	ctx->smstate->nextExpected+1);
1327	otrl_message_abort_smp(irc->otr->us, &otr_ops, u->bu->ic, ctx);
1328	otrl_sm_state_free(ctx->smstate);
1329	}
1330
1331	if(question) {
1332	/* this was 'otr smpq', just initiate */
1333	irc_rootmsg(irc, "smp: initiating with %s...", u->nick);
1334	otrl_message_initiate_smp_q(irc->otr->us, &otr_ops, u->bu->ic, ctx,
1335	question, (unsigned char *)secret, strlen(secret));
1336	/* smp is now in EXPECT2 */
1337	} else {
1338	/* this was 'otr smp', initiate or reply */
1339	/* warning: the following assumes that smstates are cleared whenever an SMP
1340	is completed or aborted! */
1341	if(ctx->smstate->secret == NULL) {
1342	irc_rootmsg(irc, "smp: initiating with %s...", u->nick);
1343	otrl_message_initiate_smp(irc->otr->us, &otr_ops,
1344	u->bu->ic, ctx, (unsigned char *)secret, strlen(secret));
1345	/* smp is now in EXPECT2 */
1346	} else {
1347	/* if we're still in EXPECT1 but smstate is initialized, we must have
1348	received the SMP1, so let's issue a response */
1349	irc_rootmsg(irc, "smp: responding to %s...", u->nick);
1350	otrl_message_respond_smp(irc->otr->us, &otr_ops,
1351	u->bu->ic, ctx, (unsigned char *)secret, strlen(secret));
1352	/* smp is now in EXPECT3 */
1353	}
1354	}
1355	}
1356
1357	/* timeout handler that calls otrl_message_poll */
1358	gboolean ev_message_poll(gpointer data, gint fd, b_input_condition cond)
1359	{
1360	otr_t *otr = data;
1361
1362	if(otr && otr->us)
1363	otrl_message_poll(otr->us, &otr_ops, NULL);
1364
1365	return TRUE; /* cycle timer */
1366	}
1367
1368	/* helper to assert that account and protocol names given to ops below always
1369	match the im_connection passed through as opdata */
1370	struct im_connection check_imc(void opdata, const char *accountname,
1371	const char *protocol)
1372	{
1373	struct im_connection ic = (struct im_connection )opdata;
1374
1375	/* libotr 4.0.0 has a bug where it doesn't set opdata, so we catch
1376	* that and try to find the desired connection in the global list. */
1377	if(!ic) {
1378	GSList *l;
1379	for(l=get_connections(); l; l=l->next) {
1380	ic = l->data;
1381	if(strcmp(accountname, ic->acc->user) == 0 &&
1382	strcmp(protocol, ic->acc->prpl->name) == 0)
1383	break;
1384	}
1385	assert(l != NULL); /* a match should always be found */
1386	if(!l)
1387	return NULL;
1388	}
1389
1390	if (strcmp(accountname, ic->acc->user) != 0) {
1391	log_message(LOGLVL_WARNING,
1392	"otr: internal account name mismatch: '%s' vs '%s'",
1393	accountname, ic->acc->user);
1394	}
1395	if (strcmp(protocol, ic->acc->prpl->name) != 0) {
1396	log_message(LOGLVL_WARNING,
1397	"otr: internal protocol name mismatch: '%s' vs '%s'",
1398	protocol, ic->acc->prpl->name);
1399	}
1400
1401	return ic;
1402	}
1403
1404	irc_user_t peeruser(irc_t irc, const char handle, const char protocol)
1405	{
1406	GSList *l;
1407
1408	for(l=irc->b->users; l; l = l->next) {
1409	bee_user_t *bu = l->data;
1410	struct prpl *prpl;
1411	if(!bu->ui_data \|\| !bu->ic \|\| !bu->handle)
1412	continue;
1413	prpl = bu->ic->acc->prpl;
1414	if(strcmp(prpl->name, protocol) == 0
1415	&& prpl->handle_cmp(bu->handle, handle) == 0) {
1416	return bu->ui_data;
1417	}
1418	}
1419
1420	return NULL;
1421	}
1422
1423	int hexval(char a)
1424	{
1425	int x=tolower(a);
1426
1427	if(x>='a' && x<='f')
1428	x = x - 'a' + 10;
1429	else if(x>='0' && x<='9')
1430	x = x - '0';
1431	else
1432	return -1;
1433
1434	return x;
1435	}
1436
1437	const char peernick(irc_t irc, const char handle, const char protocol)
1438	{
1439	static char fallback[512];
1440
1441	irc_user_t *u = peeruser(irc, handle, protocol);
1442	if(u) {
1443	return u->nick;
1444	} else {
1445	g_snprintf(fallback, 511, "%s/%s", handle, protocol);
1446	return fallback;
1447	}
1448	}
1449
1450	void otr_update_uflags(ConnContext context, irc_user_t u)
1451	{
1452	const char *trust;
1453
1454	if(context->active_fingerprint) {
1455	u->flags \|= IRC_USER_OTR_ENCRYPTED;
1456
1457	trust = context->active_fingerprint->trust;
1458	if(trust && trust[0])
1459	u->flags \|= IRC_USER_OTR_TRUSTED;
1460	else
1461	u->flags &= ~IRC_USER_OTR_TRUSTED;
1462	} else {
1463	u->flags &= ~IRC_USER_OTR_ENCRYPTED;
1464	}
1465	}
1466
1467	int otr_update_modeflags(irc_t irc, irc_user_t u)
1468	{
1469	return 0;
1470	}
1471
1472	void show_fingerprints(irc_t irc, ConnContext ctx)
1473	{
1474	char human[45];
1475	Fingerprint *fp;
1476	const char *trust;
1477	int count=0;
1478
1479	for(fp=&ctx->fingerprint_root; fp; fp=fp->next) {
1480	if(!fp->fingerprint)
1481	continue;
1482	count++;
1483	otrl_privkey_hash_to_human(human, fp->fingerprint);
1484	if(!fp->trust \|\| fp->trust[0] == '\0') {
1485	trust="untrusted";
1486	} else {
1487	trust=fp->trust;
1488	}
1489	if(fp == ctx->active_fingerprint) {
1490	irc_rootmsg(irc, " \x02%s (%s)\x02", human, trust);
1491	} else {
1492	irc_rootmsg(irc, " %s (%s)", human, trust);
1493	}
1494	}
1495	if(count==0)
1496	irc_rootmsg(irc, " (none)");
1497	}
1498
1499	Fingerprint match_fingerprint(irc_t irc, ConnContext ctx, const char *args)
1500	{
1501	Fingerprint fp, fp2;
1502	char human[45];
1503	char prefix[45], *p;
1504	int n;
1505	int i,j;
1506
1507	/* assemble the args into a prefix in standard "human" form */
1508	n=0;
1509	p=prefix;
1510	for(i=0; args[i]; i++) {
1511	for(j=0; args[i][j]; j++) {
1512	char c = toupper(args[i][j]);
1513
1514	if(n>=40) {
1515	irc_rootmsg(irc, "too many fingerprint digits given, expected at most 40");
1516	return NULL;
1517	}
1518
1519	if( (c>='A' && c<='F') \|\| (c>='0' && c<='9') ) {
1520	*(p++) = c;
1521	} else {
1522	irc_rootmsg(irc, "invalid hex digit '%c' in block %d", args[i][j], i+1);
1523	return NULL;
1524	}
1525
1526	n++;
1527	if(n%8 == 0)
1528	*(p++) = ' ';
1529	}
1530	}
1531	*p = '\0';
1532
1533	/* find first fingerprint with the given prefix */
1534	n = strlen(prefix);
1535	for(fp=&ctx->fingerprint_root; fp; fp=fp->next) {
1536	if(!fp->fingerprint)
1537	continue;
1538	otrl_privkey_hash_to_human(human, fp->fingerprint);
1539	if(!strncmp(prefix, human, n))
1540	break;
1541	}
1542	if(!fp) {
1543	irc_rootmsg(irc, "%s: no match", prefix);
1544	return NULL;
1545	}
1546
1547	/* make sure the match, if any, is unique */
1548	for(fp2=fp->next; fp2; fp2=fp2->next) {
1549	if(!fp2->fingerprint)
1550	continue;
1551	otrl_privkey_hash_to_human(human, fp2->fingerprint);
1552	if(!strncmp(prefix, human, n))
1553	break;
1554	}
1555	if(fp2) {
1556	irc_rootmsg(irc, "%s: multiple matches", prefix);
1557	return NULL;
1558	}
1559
1560	return fp;
1561	}
1562
1563	OtrlPrivKey match_privkey(irc_t irc, const char **args)
1564	{
1565	OtrlPrivKey k, k2;
1566	char human[45];
1567	char prefix[45], *p;
1568	int n;
1569	int i,j;
1570
1571	/* assemble the args into a prefix in standard "human" form */
1572	n=0;
1573	p=prefix;
1574	for(i=0; args[i]; i++) {
1575	for(j=0; args[i][j]; j++) {
1576	char c = toupper(args[i][j]);
1577
1578	if(n>=40) {
1579	irc_rootmsg(irc, "too many fingerprint digits given, expected at most 40");
1580	return NULL;
1581	}
1582
1583	if( (c>='A' && c<='F') \|\| (c>='0' && c<='9') ) {
1584	*(p++) = c;
1585	} else {
1586	irc_rootmsg(irc, "invalid hex digit '%c' in block %d", args[i][j], i+1);
1587	return NULL;
1588	}
1589
1590	n++;
1591	if(n%8 == 0)
1592	*(p++) = ' ';
1593	}
1594	}
1595	*p = '\0';
1596
1597	/* find first key which matches the given prefix */
1598	n = strlen(prefix);
1599	for(k=irc->otr->us->privkey_root; k; k=k->next) {
1600	p = otrl_privkey_fingerprint(irc->otr->us, human, k->accountname, k->protocol);
1601	if(!p) /* gah! :-P */
1602	continue;
1603	if(!strncmp(prefix, human, n))
1604	break;
1605	}
1606	if(!k) {
1607	irc_rootmsg(irc, "%s: no match", prefix);
1608	return NULL;
1609	}
1610
1611	/* make sure the match, if any, is unique */
1612	for(k2=k->next; k2; k2=k2->next) {
1613	p = otrl_privkey_fingerprint(irc->otr->us, human, k2->accountname, k2->protocol);
1614	if(!p) /* gah! :-P */
1615	continue;
1616	if(!strncmp(prefix, human, n))
1617	break;
1618	}
1619	if(k2) {
1620	irc_rootmsg(irc, "%s: multiple matches", prefix);
1621	return NULL;
1622	}
1623
1624	return k;
1625	}
1626
1627	void show_general_otr_info(irc_t *irc)
1628	{
1629	ConnContext *ctx;
1630	OtrlPrivKey *key;
1631	char human[45];
1632	kg_t *kg;
1633
1634	/* list all privkeys (including ones being generated) */
1635	irc_rootmsg(irc, "\x1fprivate keys:\x1f");
1636	for(key=irc->otr->us->privkey_root; key; key=key->next) {
1637	const char *hash;
1638
1639	switch(key->pubkey_type) {
1640	case OTRL_PUBKEY_TYPE_DSA:
1641	irc_rootmsg(irc, " %s/%s - DSA", key->accountname, key->protocol);
1642	break;
1643	default:
1644	irc_rootmsg(irc, " %s/%s - type %d", key->accountname, key->protocol,
1645	key->pubkey_type);
1646	}
1647
1648	/* No, it doesn't make much sense to search for the privkey again by
1649	account/protocol, but libotr currently doesn't provide a direct routine
1650	for hashing a given 'OtrlPrivKey'... */
1651	hash = otrl_privkey_fingerprint(irc->otr->us, human, key->accountname, key->protocol);
1652	if(hash) /* should always succeed */
1653	irc_rootmsg(irc, " %s", human);
1654	}
1655	if(irc->otr->sent_accountname) {
1656	irc_rootmsg(irc, " %s/%s - DSA", irc->otr->sent_accountname,
1657	irc->otr->sent_protocol);
1658	irc_rootmsg(irc, " (being generated)");
1659	}
1660	for(kg=irc->otr->todo; kg; kg=kg->next) {
1661	irc_rootmsg(irc, " %s/%s - DSA", kg->accountname, kg->protocol);
1662	irc_rootmsg(irc, " (queued)");
1663	}
1664	if(key == irc->otr->us->privkey_root &&
1665	!irc->otr->sent_accountname &&
1666	kg == irc->otr->todo)
1667	irc_rootmsg(irc, " (none)");
1668
1669	/* list all contexts */
1670	irc_rootmsg(irc, "%s", "");
1671	irc_rootmsg(irc, "\x1f" "connection contexts:\x1f (bold=currently encrypted)");
1672	for(ctx=irc->otr->us->context_root; ctx; ctx=ctx->next) {\
1673	irc_user_t *u;
1674	char *userstring;
1675
1676	u = peeruser(irc, ctx->username, ctx->protocol);
1677	if(u)
1678	userstring = g_strdup_printf("%s/%s/%s (%s)",
1679	ctx->username, ctx->protocol, ctx->accountname, u->nick);
1680	else
1681	userstring = g_strdup_printf("%s/%s/%s",
1682	ctx->username, ctx->protocol, ctx->accountname);
1683
1684	if(ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) {
1685	irc_rootmsg(irc, " \x02%s\x02", userstring);
1686	} else {
1687	irc_rootmsg(irc, " %s", userstring);
1688	}
1689
1690	g_free(userstring);
1691	}
1692	if(ctx == irc->otr->us->context_root)
1693	irc_rootmsg(irc, " (none)");
1694	}
1695
1696	void show_otr_context_info(irc_t irc, ConnContext ctx)
1697	{
1698	// XXX show all contexts
1699
1700	switch(ctx->otr_offer) {
1701	case OFFER_NOT:
1702	irc_rootmsg(irc, " otr offer status: none sent");
1703	break;
1704	case OFFER_SENT:
1705	irc_rootmsg(irc, " otr offer status: awaiting reply");
1706	break;
1707	case OFFER_ACCEPTED:
1708	irc_rootmsg(irc, " otr offer status: accepted our offer");
1709	break;
1710	case OFFER_REJECTED:
1711	irc_rootmsg(irc, " otr offer status: ignored our offer");
1712	break;
1713	default:
1714	irc_rootmsg(irc, " otr offer status: %d", ctx->otr_offer);
1715	}
1716
1717	switch(ctx->msgstate) {
1718	case OTRL_MSGSTATE_PLAINTEXT:
1719	irc_rootmsg(irc, " connection state: cleartext");
1720	break;
1721	case OTRL_MSGSTATE_ENCRYPTED:
1722	irc_rootmsg(irc, " connection state: encrypted (v%d)", ctx->protocol_version);
1723	break;
1724	case OTRL_MSGSTATE_FINISHED:
1725	irc_rootmsg(irc, " connection state: shut down");
1726	break;
1727	default:
1728	irc_rootmsg(irc, " connection state: %d", ctx->msgstate);
1729	}
1730
1731	irc_rootmsg(irc, " fingerprints: (bold=active)");
1732	show_fingerprints(irc, ctx);
1733	}
1734
1735	int keygen_in_progress(irc_t irc, const char handle, const char *protocol)
1736	{
1737	kg_t *kg;
1738
1739	if(!irc->otr->sent_accountname \|\| !irc->otr->sent_protocol)
1740	return 0;
1741
1742	/* are we currently working on this key? */
1743	if(!strcmp(handle, irc->otr->sent_accountname) &&
1744	!strcmp(protocol, irc->otr->sent_protocol))
1745	return 1;
1746
1747	/* do we have it queued for later? */
1748	for(kg=irc->otr->todo; kg; kg=kg->next) {
1749	if(!strcmp(handle, kg->accountname) &&
1750	!strcmp(protocol, kg->protocol))
1751	return 1;
1752	}
1753
1754	return 0;
1755	}
1756
1757	void otr_keygen(irc_t irc, const char handle, const char *protocol)
1758	{
1759	/* do nothing if a key for the requested account is already being generated */
1760	if(keygen_in_progress(irc, handle, protocol))
1761	return;
1762
1763	/* see if we already have a keygen child running. if not, start one and put a
1764	handler on its output. */
1765	if(!irc->otr->keygen \|\| waitpid(irc->otr->keygen, NULL, WNOHANG)) {
1766	pid_t p;
1767	int to[2], from[2];
1768	FILE tof, fromf;
1769
1770	if(pipe(to) < 0 \|\| pipe(from) < 0) {
1771	irc_rootmsg(irc, "otr keygen: couldn't create pipe: %s", strerror(errno));
1772	return;
1773	}
1774
1775	tof = fdopen(to[1], "w");
1776	fromf = fdopen(from[0], "r");
1777	if(!tof \|\| !fromf) {
1778	irc_rootmsg(irc, "otr keygen: couldn't streamify pipe: %s", strerror(errno));
1779	return;
1780	}
1781
1782	p = fork();
1783	if(p<0) {
1784	irc_rootmsg(irc, "otr keygen: couldn't fork: %s", strerror(errno));
1785	return;
1786	}
1787
1788	if(!p) {
1789	/* child process */
1790	signal(SIGTERM, exit);
1791	keygen_child_main(irc->otr->us, to[0], from[1]);
1792	exit(0);
1793	}
1794
1795	irc->otr->keygen = p;
1796	irc->otr->to = tof;
1797	irc->otr->from = fromf;
1798	irc->otr->sent_accountname = NULL;
1799	irc->otr->sent_protocol = NULL;
1800	irc->otr->todo = NULL;
1801	b_input_add(from[0], B_EV_IO_READ, keygen_finish_handler, irc);
1802	}
1803
1804	/* is the keygen slave currently working? */
1805	if(irc->otr->sent_accountname) {
1806	/* enqueue our job for later transmission */
1807	kg_t **kg = &irc->otr->todo;
1808	while(*kg)
1809	kg=&((*kg)->next);
1810	*kg = g_new0(kg_t, 1);
1811	(*kg)->accountname = g_strdup(handle);
1812	(*kg)->protocol = g_strdup(protocol);
1813	} else {
1814	/* send our job over and remember it */
1815	fprintf(irc->otr->to, "%s\n%s\n", handle, protocol);
1816	fflush(irc->otr->to);
1817	irc->otr->sent_accountname = g_strdup(handle);
1818	irc->otr->sent_protocol = g_strdup(protocol);
1819	}
1820	}
1821
1822	void keygen_child_main(OtrlUserState us, int infd, int outfd)
1823	{
1824	FILE input, output;
1825	char filename[128], accountname[512], protocol[512];
1826	gcry_error_t e;
1827	int tempfd;
1828
1829	input = fdopen(infd, "r");
1830	output = fdopen(outfd, "w");
1831
1832	while(!feof(input) && !ferror(input) && !feof(output) && !ferror(output)) {
1833	myfgets(accountname, 512, input);
1834	myfgets(protocol, 512, input);
1835
1836	strncpy(filename, "/tmp/bitlbee-XXXXXX", 128);
1837	tempfd = mkstemp(filename);
1838	close(tempfd);
1839
1840	e = otrl_privkey_generate(us, filename, accountname, protocol);
1841	if(e) {
1842	fprintf(output, "\n"); /* this means failure */
1843	fprintf(output, "otr keygen: %s\n", gcry_strerror(e));
1844	unlink(filename);
1845	} else {
1846	fprintf(output, "%s\n", filename);
1847	fprintf(output, "otr keygen for %s/%s complete\n", accountname, protocol);
1848	}
1849	fflush(output);
1850	}
1851
1852	fclose(input);
1853	fclose(output);
1854	}
1855
1856	gboolean keygen_finish_handler(gpointer data, gint fd, b_input_condition cond)
1857	{
1858	irc_t irc = (irc_t )data;
1859	char filename[512], msg[512];
1860
1861	myfgets(filename, 512, irc->otr->from);
1862	myfgets(msg, 512, irc->otr->from);
1863
1864	irc_rootmsg(irc, "%s", msg);
1865	if(filename[0]) {
1866	if(strsane(irc->user->nick)) {
1867	char *kf = g_strdup_printf("%s%s.otr_keys", global.conf->configdir, irc->user->nick);
1868	char *tmp = g_strdup_printf("%s.new", kf);
1869	copyfile(filename, tmp);
1870	unlink(filename);
1871	rename(tmp,kf);
1872	otrl_privkey_read(irc->otr->us, kf);
1873	g_free(kf);
1874	g_free(tmp);
1875	} else {
1876	otrl_privkey_read(irc->otr->us, filename);
1877	unlink(filename);
1878	}
1879	}
1880
1881	/* forget this job */
1882	g_free(irc->otr->sent_accountname);
1883	g_free(irc->otr->sent_protocol);
1884	irc->otr->sent_accountname = NULL;
1885	irc->otr->sent_protocol = NULL;
1886
1887	/* see if there are any more in the queue */
1888	if(irc->otr->todo) {
1889	kg_t *p = irc->otr->todo;
1890	/* send the next one over */
1891	fprintf(irc->otr->to, "%s\n%s\n", p->accountname, p->protocol);
1892	fflush(irc->otr->to);
1893	irc->otr->sent_accountname = p->accountname;
1894	irc->otr->sent_protocol = p->protocol;
1895	irc->otr->todo = p->next;
1896	g_free(p);
1897	return TRUE; /* keep watching */
1898	} else {
1899	/* okay, the slave is idle now, so kill him */
1900	fclose(irc->otr->from);
1901	fclose(irc->otr->to);
1902	irc->otr->from = irc->otr->to = NULL;
1903	kill(irc->otr->keygen, SIGTERM);
1904	waitpid(irc->otr->keygen, NULL, 0);
1905	irc->otr->keygen = 0;
1906	return FALSE; /* unregister ourselves */
1907	}
1908	}
1909
1910	void copyfile(const char a, const char b)
1911	{
1912	int fda, fdb;
1913	int n;
1914	char buf[1024];
1915
1916	fda = open(a, O_RDONLY);
1917	fdb = open(b, O_WRONLY \| O_CREAT \| O_TRUNC, 0600);
1918
1919	while((n=read(fda, buf, 1024)) > 0)
1920	write(fdb, buf, n);
1921
1922	close(fda);
1923	close(fdb);
1924	}
1925
1926	void myfgets(char s, int size, FILE stream)
1927	{
1928	if(!fgets(s, size, stream)) {
1929	s[0] = '\0';
1930	} else {
1931	int n = strlen(s);
1932	if(n>0 && s[n-1] == '\n')
1933	s[n-1] = '\0';
1934	}
1935	}
1936
1937	void yes_keygen(void *data)
1938	{
1939	account_t acc = (account_t )data;
1940	irc_t *irc = acc->bee->ui_data;
1941
1942	if(keygen_in_progress(irc, acc->user, acc->prpl->name)) {
1943	irc_rootmsg(irc, "keygen for %s/%s already in progress",
1944	acc->user, acc->prpl->name);
1945	} else {
1946	irc_rootmsg(irc, "starting background keygen for %s/%s",
1947	acc->user, acc->prpl->name);
1948	irc_rootmsg(irc, "you will be notified when it completes");
1949	otr_keygen(irc, acc->user, acc->prpl->name);
1950	}
1951	}
1952
1953	/* check whether a string is safe to use in a path component */
1954	int strsane(const char *s)
1955	{
1956	return strpbrk(s, "/\\") == NULL;
1957	}
1958
1959	/* vim: set noet ts=4 sw=4: */

Note: See TracBrowser for help on using the repository browser.

Download in other formats: