diff options
| author | Alexander Færøy <ahf@0x90.dk> | 2015-01-04 01:57:21 +0100 |
|---|---|---|
| committer | Alexander Færøy <ahf@irssi.org> | 2018-02-26 23:32:57 +0100 |
| commit | 016b42baea9d7dcd2a284f873246c06259c560dd (patch) | |
| tree | 8c5382398598851bd23b8ca3d439d580f224d684 /src | |
| parent | ad4324d24210f30646575b8bcbae8b50d2149224 (diff) | |
| download | irssi-016b42baea9d7dcd2a284f873246c06259c560dd.zip | |
Add OTR support.
This patch adds support for the OTR protocol to irssi. This is an import
of the external irssi-otr project that we are now taking over
maintership for.
Major thanks to the original authors of Irssi-OTR: Uli Meis and David
Goulet. Thanks to the OTR community in #OTR on OFTC, thanks to everyone
who have helped testing the patches and submitted UI suggestions.
Diffstat (limited to 'src')
| -rw-r--r-- | src/Makefile.am | 6 | ||||
| -rw-r--r-- | src/core/net-nonblock.c | 35 | ||||
| -rw-r--r-- | src/core/network.c | 33 | ||||
| -rw-r--r-- | src/core/network.h | 2 | ||||
| -rw-r--r-- | src/fe-text/Makefile.am | 5 | ||||
| -rw-r--r-- | src/fe-text/irssi.c | 17 | ||||
| -rw-r--r-- | src/otr/Makefile.am | 42 | ||||
| -rw-r--r-- | src/otr/irssi-otr.h | 39 | ||||
| -rw-r--r-- | src/otr/key.c | 402 | ||||
| -rw-r--r-- | src/otr/key.h | 35 | ||||
| -rw-r--r-- | src/otr/module.c | 261 | ||||
| -rw-r--r-- | src/otr/module.h | 29 | ||||
| -rw-r--r-- | src/otr/otr-fe.c | 344 | ||||
| -rw-r--r-- | src/otr/otr-fe.h | 28 | ||||
| -rw-r--r-- | src/otr/otr-formats.c | 108 | ||||
| -rw-r--r-- | src/otr/otr-formats.h | 112 | ||||
| -rw-r--r-- | src/otr/otr-ops.c | 362 | ||||
| -rw-r--r-- | src/otr/otr.c | 941 | ||||
| -rw-r--r-- | src/otr/otr.h | 170 |
19 files changed, 2932 insertions, 39 deletions
diff --git a/src/Makefile.am b/src/Makefile.am index a7fb2ee2..48cdc3eb 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -14,8 +14,12 @@ if HAVE_PERL PERLDIR=perl endif +if HAVE_OTR +OTRDIR=otr +endif + pkginc_srcdir=$(pkgincludedir)/src pkginc_src_HEADERS = \ common.h -SUBDIRS = lib-config core irc fe-common $(PERLDIR) $(TEXTUI) $(BOTUI) $(FUZZERUI) +SUBDIRS = lib-config core irc fe-common $(PERLDIR) $(OTRDIR) $(TEXTUI) $(BOTUI) $(FUZZERUI) diff --git a/src/core/net-nonblock.c b/src/core/net-nonblock.c index d6e767b6..94c53e74 100644 --- a/src/core/net-nonblock.c +++ b/src/core/net-nonblock.c @@ -35,41 +35,6 @@ typedef struct { int tag; } SIMPLE_THREAD_REC; -static int g_io_channel_write_block(GIOChannel *channel, void *data, int len) -{ - gsize ret; - int sent; - GIOStatus status; - - sent = 0; - do { - status = g_io_channel_write_chars(channel, (char *) data + sent, - len-sent, &ret, NULL); - sent += ret; - } while (sent < len && status != G_IO_STATUS_ERROR); - - return sent < len ? -1 : 0; -} - -static int g_io_channel_read_block(GIOChannel *channel, void *data, int len) -{ - time_t maxwait; - gsize ret; - int received; - GIOStatus status; - - maxwait = time(NULL)+2; - received = 0; - do { - status = g_io_channel_read_chars(channel, (char *) data + received, - len-received, &ret, NULL); - received += ret; - } while (received < len && time(NULL) < maxwait && - status != G_IO_STATUS_ERROR && status != G_IO_STATUS_EOF); - - return received < len ? -1 : 0; -} - /* nonblocking gethostbyname(), ip (IPADDR) + error (int, 0 = not error) is written to pipe when found PID of the resolver child is returned */ int net_gethostbyname_nonblock(const char *addr, GIOChannel *pipe, diff --git a/src/core/network.c b/src/core/network.c index d280b463..0e326e22 100644 --- a/src/core/network.c +++ b/src/core/network.c @@ -48,6 +48,39 @@ GIOChannel *g_io_channel_new(int handle) return chan; } +int g_io_channel_write_block(GIOChannel *channel, void *data, int len) +{ + gsize ret; + int sent; + GIOStatus status; + + sent = 0; + do { + status = g_io_channel_write_chars(channel, (char *) data + sent, len - sent, &ret, NULL); + sent += ret; + } while (sent < len && status != G_IO_STATUS_ERROR); + + return sent < len ? -1 : 0; +} + +int g_io_channel_read_block(GIOChannel *channel, void *data, int len) +{ + time_t maxwait; + gsize ret; + int received; + GIOStatus status; + + maxwait = time(NULL)+2; + received = 0; + do { + status = g_io_channel_read_chars(channel, (char *) data + received, len - received, &ret, NULL); + received += ret; + } while (received < len && time(NULL) < maxwait && + status != G_IO_STATUS_ERROR && status != G_IO_STATUS_EOF); + + return received < len ? -1 : 0; +} + IPADDR ip4_any = { AF_INET, #if defined(IN6ADDR_ANY_INIT) diff --git a/src/core/network.h b/src/core/network.h index e60f607f..30fd6aab 100644 --- a/src/core/network.h +++ b/src/core/network.h @@ -36,6 +36,8 @@ GIOChannel *g_io_channel_new(int handle); /* Returns 1 if IPADDRs are the same. */ /* Deprecated since it is unused. It will be deleted in a later release. */ int net_ip_compare(IPADDR *ip1, IPADDR *ip2) G_GNUC_DEPRECATED; +int g_io_channel_write_block(GIOChannel *channel, void *data, int len); +int g_io_channel_read_block(GIOChannel *channel, void *data, int len); int net_connect_ip_handle(const IPADDR *ip, int port, const IPADDR *my_ip); diff --git a/src/fe-text/Makefile.am b/src/fe-text/Makefile.am index bdd3df22..6ce8427c 100644 --- a/src/fe-text/Makefile.am +++ b/src/fe-text/Makefile.am @@ -9,7 +9,8 @@ AM_CPPFLAGS = \ irssi_DEPENDENCIES = \ @COMMON_LIBS@ \ @PERL_LINK_LIBS@ \ - @PERL_FE_LINK_LIBS@ + @PERL_FE_LINK_LIBS@ \ + @OTR_LINK_LIBS@ irssi_LDFLAGS = -export-dynamic @@ -17,6 +18,8 @@ irssi_LDADD = \ @COMMON_LIBS@ \ @PERL_LINK_LIBS@ \ @PERL_FE_LINK_LIBS@ \ + @OTR_LINK_LIBS@ \ + @OTR_LINK_FLAGS@ \ @PERL_LINK_FLAGS@ \ @PROG_LIBS@ \ @TEXTUI_LIBS@ diff --git a/src/fe-text/irssi.c b/src/fe-text/irssi.c index f30ce4b8..728f456e 100644 --- a/src/fe-text/irssi.c +++ b/src/fe-text/irssi.c @@ -54,6 +54,11 @@ void fe_perl_init(void); void fe_perl_deinit(void); #endif +#ifdef HAVE_STATIC_OTR +void otr_core_init(void); +void otr_core_deinit(void); +#endif + void irc_init(void); void irc_deinit(void); @@ -183,6 +188,10 @@ static void textui_finish_init(void) fe_perl_init(); #endif +#ifdef HAVE_STATIC_OTR + otr_core_init(); +#endif + dirty_check(); fe_common_core_finish_init(); @@ -221,8 +230,12 @@ static void textui_deinit(void) module_unload(modules->data); #ifdef HAVE_STATIC_PERL - perl_core_deinit(); - fe_perl_deinit(); + perl_core_deinit(); + fe_perl_deinit(); +#endif + +#ifdef HAVE_STATIC_OTR + otr_core_deinit(); #endif dirty_check(); /* one last time to print any quit messages */ diff --git a/src/otr/Makefile.am b/src/otr/Makefile.am new file mode 100644 index 00000000..3b991839 --- /dev/null +++ b/src/otr/Makefile.am @@ -0,0 +1,42 @@ +moduledir = $(libdir)/irssi/modules + +module_LTLIBRARIES = $(otr_module_lib) +noinst_LTLIBRARIES = $(otr_static_lib) + +EXTRA_LTLIBRARIES = \ + libotr_core.la \ + libotr_core_static.la + +AM_CPPFLAGS = \ + -I$(top_srcdir)/src \ + -I$(top_srcdir)/src/core/ \ + -I$(top_srcdir)/src/irc/core/ \ + -I$(top_srcdir)/src/fe-common/core/ \ + -I$(top_srcdir)/src/fe-text/ \ + $(GLIB_CFLAGS) \ + $(OTR_CFLAGS) + +libotr_core_la_LDFLAGS = -module -avoid-version -rpath $(moduledir) +libotr_core_la_LIBADD = $(OTR_LDFLAGS) + +otr_sources = \ + key.c \ + module.c \ + otr-formats.c \ + otr-ops.c \ + otr-fe.c \ + otr.c + +libotr_core_la_SOURCES = \ + $(otr_sources) + +libotr_core_static_la_SOURCES = \ + $(otr_sources) + +noinst_HEADERS = \ + irssi-otr.h \ + key.h \ + module.h \ + otr-formats.h \ + otr-fe.h \ + otr.h diff --git a/src/otr/irssi-otr.h b/src/otr/irssi-otr.h new file mode 100644 index 00000000..718e1e66 --- /dev/null +++ b/src/otr/irssi-otr.h @@ -0,0 +1,39 @@ +/* + * Off-the-Record Messaging (OTR) module for the irssi IRC client + * + * Copyright (C) 2008 - Uli Meis <a.sporto+bee@gmail.com> + * 2012 - David Goulet <dgoulet@ev0ke.net> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 51 + * Franklin Street, Fifth Floor, Boston, MA 02110-1301,USA + */ + +#ifndef IRSSI_IRSSI_OTR_H +#define IRSSI_IRSSI_OTR_H + +/* Ease our life a bit. */ +#define OTR_IRSSI_MSG_PREFIX "%9OTR%9: " + +/* + * Irssi macros for printing text to console. + */ +#define IRSSI_OTR_DEBUG(fmt, ...) \ + do { \ + if (otr_debug_get()) { \ + printtext(NULL, NULL, MSGLEVEL_MSGS, OTR_IRSSI_MSG_PREFIX fmt, \ + ## __VA_ARGS__); \ + } \ + } while (0) + +#endif /* IRSSI_IRSSI_OTR_H */ diff --git a/src/otr/key.c b/src/otr/key.c new file mode 100644 index 00000000..4032b0b2 --- /dev/null +++ b/src/otr/key.c @@ -0,0 +1,402 @@ +/* + * Off-the-Record Messaging (OTR) modules for IRC + * + * Copyright (C) 2008 - Uli Meis <a.sporto+bee@gmail.com> + * 2012 - David Goulet <dgoulet@ev0ke.net> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 51 + * Franklin Street, Fifth Floor, Boston, MA 02110-1301,USA + */ + +#define _GNU_SOURCE +#include <glib.h> +#include <libgen.h> +#include <sys/types.h> +#include <sys/wait.h> +#include <sys/poll.h> +#include <signal.h> +#include <unistd.h> + +#include "key.h" + +#include "levels.h" +#include "network.h" +#include "pidwait.h" +#include "printtext.h" + +#include "irssi-otr.h" +#include "otr-formats.h" + +/* + * Status of key generation. + */ +enum key_gen_status { + KEY_GEN_IDLE = 0, + KEY_GEN_RUNNING = 1, + KEY_GEN_FINISHED = 2, + KEY_GEN_ERROR = 3, +}; + +/* + * Data of the state of key generation. + */ +struct key_gen_data { + struct otr_user_state *ustate; + char *account_name; + char *key_file_path; + enum key_gen_status status; + gcry_error_t gcry_error; +}; + +/* + * Event from the key generation process. + */ +struct key_gen_event { + enum key_gen_status status; + gcry_error_t error; +}; + +/* + * Key generation process. + */ +struct key_gen_worker { + int tag; + GIOChannel *pipes[2]; +}; + +/* + * Key generation data for the thread in charge of creating the key. + */ +static struct key_gen_data key_gen_state = { + .status = KEY_GEN_IDLE, + .gcry_error = GPG_ERR_NO_ERROR, +}; + +/* + * Build file path concatenate to the irssi config dir. + */ +static char *file_path_build(const char *path) +{ + g_return_val_if_fail(path != NULL, NULL); + + /* Either NULL or the filename is returned here which is valid. */ + return g_strdup_printf("%s/%s", get_irssi_dir(), path); +} + +/* + * Emit a key generation status event. + */ +static void emit_event(GIOChannel *pipe, enum key_gen_status status, gcry_error_t error) +{ + struct key_gen_event event; + + g_return_if_fail(pipe != NULL); + + event.status = status; + event.error = error; + + g_io_channel_write_block(pipe, &event, sizeof(event)); +} + +/* + * Reset key generation state and status is IDLE. + */ +static void reset_key_gen_state(void) +{ + /* Safety. */ + g_free(key_gen_state.key_file_path); + g_free(key_gen_state.account_name); + + /* Nullify everything. */ + memset(&key_gen_state, 0, sizeof(key_gen_state)); + key_gen_state.status = KEY_GEN_IDLE; + key_gen_state.gcry_error = GPG_ERR_NO_ERROR; +} + +/* + * Read status event from key generation worker. + */ +static void read_key_gen_status(struct key_gen_worker *worker, GIOChannel *pipe) +{ + struct key_gen_event event; + gcry_error_t err; + + g_return_if_fail(worker != NULL); + + fcntl(g_io_channel_unix_get_fd(pipe), F_SETFL, O_NONBLOCK); + + if (g_io_channel_read_block(pipe, &event, sizeof(event)) == -1) { + printformat(NULL, NULL, MSGLEVEL_CLIENTERROR, + TXT_OTR_KEYGEN_FAILED, + key_gen_state.account_name, + g_strerror(errno)); + return; + } + + key_gen_state.status = event.status; + key_gen_state.gcry_error = event.error; + + if (event.status == KEY_GEN_FINISHED || event.status == KEY_GEN_ERROR) { + /* Worker is done. */ + g_source_remove(worker->tag); + + g_io_channel_shutdown(worker->pipes[0], TRUE, NULL); + g_io_channel_unref(worker->pipes[0]); + + g_io_channel_shutdown(worker->pipes[1], TRUE, NULL); + g_io_channel_unref(worker->pipes[1]); + + g_free(worker); + + if (event.status == KEY_GEN_ERROR) { + printformat(NULL, NULL, MSGLEVEL_CLIENTERROR, + TXT_OTR_KEYGEN_FAILED, + key_gen_state.account_name, + gcry_strerror(key_gen_state.gcry_error)); + reset_key_gen_state(); + return; + } + + err = otrl_privkey_read(key_gen_state.ustate->otr_state, key_gen_state.key_file_path); + + if (err != GPG_ERR_NO_ERROR) { + printformat(NULL, NULL, MSGLEVEL_CLIENTERROR, + TXT_OTR_KEYGEN_FAILED, + key_gen_state.account_name, + gcry_strerror(key_gen_state.gcry_error)); + } else { + printformat(NULL, NULL, MSGLEVEL_CLIENTNOTICE, + TXT_OTR_KEYGEN_COMPLETED, + key_gen_state.account_name); + } + + reset_key_gen_state(); + } +} + +/* + * Run key generation in a seperate process (takes ages). The other process + * will rewrite the key file, we shouldn't change anything till it's done and + * we've reloaded the keys. + */ +void key_gen_run(struct otr_user_state *ustate, const char *account_name) +{ + struct key_gen_worker *worker; + int fd[2]; + gcry_error_t err; + pid_t pid; + + g_return_if_fail(ustate != NULL); + g_return_if_fail(account_name != NULL); + + if (key_gen_state.status != KEY_GEN_IDLE) { + printformat(NULL, NULL, MSGLEVEL_CLIENTNOTICE, TXT_OTR_KEYGEN_RUNNING, key_gen_state.account_name); + return; + } + + /* Make sure the pointer does not go away during the proess. */ + key_gen_state.account_name = strdup(account_name); + key_gen_state.ustate = ustate; + + /* Creating key file path. */ + key_gen_state.key_file_path = file_path_build(OTR_KEYFILE); + if (key_gen_state.key_file_path == NULL) { + printformat(NULL, NULL, MSGLEVEL_CLIENTERROR, + TXT_OTR_KEYGEN_FAILED, + key_gen_state.account_name, + g_strerror(errno)); + reset_key_gen_state(); + return; + } + + printformat(NULL, NULL, MSGLEVEL_CLIENTNOTICE, TXT_OTR_KEYGEN_STARTED, key_gen_state.account_name); + + if (pipe(fd) != 0) { + printformat(NULL, NULL, MSGLEVEL_CLIENTERROR, + TXT_OTR_KEYGEN_FAILED, + key_gen_state.account_name, + g_strerror(errno)); + reset_key_gen_state(); + return; + } + + worker = g_new0(struct key_gen_worker, 1); + + if (worker == NULL) { + printformat(NULL, NULL, MSGLEVEL_CLIENTERROR, + TXT_OTR_KEYGEN_FAILED, + key_gen_state.account_name, + g_strerror(errno)); + reset_key_gen_state(); + return; + } + + worker->pipes[0] = g_io_channel_new(fd[0]); + worker->pipes[1] = g_io_channel_new(fd[1]); + + pid = fork(); + + if (pid > 0) { + /* Parent process */ + pidwait_add(pid); + worker->tag = g_input_add(worker->pipes[0], G_INPUT_READ, (GInputFunction)read_key_gen_status, worker); + return; + } + + if (pid != 0) { + /* error */ + g_warning("Key generation failed: %s", g_strerror(errno)); + + g_source_remove(worker->tag); + + g_io_channel_shutdown(worker->pipes[0], TRUE, NULL); + g_io_channel_unref(worker->pipes[0]); + + g_io_channel_shutdown(worker->pipes[1], TRUE, NULL); + g_io_channel_unref(worker->pipes[1]); + + g_free(worker); + + return; + } + + /* Child process */ + key_gen_state.status = KEY_GEN_RUNNING; + emit_event(worker->pipes[1], KEY_GEN_RUNNING, GPG_ERR_NO_ERROR); + + err = otrl_privkey_generate(key_gen_state.ustate->otr_state, key_gen_state.key_file_path, key_gen_state.account_name, OTR_PROTOCOL_ID); + + if (err != GPG_ERR_NO_ERROR) { + emit_event(worker->pipes[1], KEY_GEN_ERROR, err); + _exit(99); + return; + } + + emit_event(worker->pipes[1], KEY_GEN_FINISHED, GPG_ERR_NO_ERROR); + + _exit(99); +} + +/* + * Write fingerprints to file. + */ +void key_write_fingerprints(struct otr_user_state *ustate) +{ + gcry_error_t err; + char *filename; + + g_return_if_fail(ustate != NULL); + + filename = file_path_build(OTR_FINGERPRINTS_FILE); + g_return_if_fail(filename != NULL); + + err = otrl_privkey_write_fingerprints(ustate->otr_state, filename); + if (err == GPG_ERR_NO_ERROR) { + IRSSI_OTR_DEBUG("Fingerprints saved to %9%s%9", filename); + } else { + IRSSI_OTR_DEBUG("Error writing fingerprints: %d (%d)", + gcry_strerror(err), gcry_strsource(err)); + } + + g_free(filename); +} + +/* + * Write instance tags to file. + */ +void key_write_instags(struct otr_user_state *ustate) +{ + gcry_error_t err; + char *filename; + + g_return_if_fail(ustate != NULL); + + filename = file_path_build(OTR_INSTAG_FILE); + g_return_if_fail(filename != NULL); + + err = otrl_instag_write(ustate->otr_state, filename); + if (err == GPG_ERR_NO_ERROR) { + IRSSI_OTR_DEBUG("Instance tags saved in %9%s%9", filename); + } else { + IRSSI_OTR_DEBUG("Error saving instance tags: %d (%d)", + gcry_strerror(err), gcry_strsource(err)); + } + + g_free(filename); +} + +/* + * Load private keys. + */ +void key_load(struct otr_user_state *ustate) +{ + int ret; + gcry_error_t err; + char *filename; + + g_return_if_fail(ustate != NULL); + + filename = file_path_build(OTR_KEYFILE); + g_return_if_fail(filename != NULL); + + ret = access(filename, F_OK); + if (ret < 0) { + IRSSI_OTR_DEBUG("No private keys found in %9%s%9", filename); + g_free(filename); + return; + } + + err = otrl_privkey_read(ustate->otr_state, filename); + if (err == GPG_ERR_NO_ERROR) { + IRSSI_OTR_DEBUG("Private keys loaded from %9%s%9", filename); + } else { + IRSSI_OTR_DEBUG("Error loading private keys: %d (%d)", + gcry_strerror(err), gcry_strsource(err)); + } + + g_free(filename); +} + +/* + * Load fingerprints. + */ +void key_load_fingerprints(struct otr_user_state *ustate) +{ + int ret; + gcry_error_t err; + char *filename; + + g_return_if_fail(ustate != NULL); + + filename = file_path_build(OTR_FINGERPRINTS_FILE); + g_return_if_fail(filename != NULL); + + ret = access(filename, F_OK); + if (ret < 0) { + IRSSI_OTR_DEBUG("No fingerprints found in %9%s%9", filename); + g_free(filename); + return; + } + + err = otrl_privkey_read_fingerprints(ustate->otr_state, filename, NULL, + NULL); + if (err == GPG_ERR_NO_ERROR) { + IRSSI_OTR_DEBUG("Fingerprints loaded from %9%s%9", filename); + } else { + IRSSI_OTR_DEBUG("Error loading fingerprints: %d (%d)", + gcry_strerror(err), gcry_strsource(err)); + } + + g_free(filename); +} diff --git a/src/otr/key.h b/src/otr/key.h new file mode 100644 index 00000000..259a8e67 --- /dev/null +++ b/src/otr/key.h @@ -0,0 +1,35 @@ +/* + * Off-the-Record Messaging (OTR) modules for IRC + * + * Copyright (C) 2012 - David Goulet <dgoulet@ev0ke.net> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 51 + * Franklin Street, Fifth Floor, Boston, MA 02110-1301,USA + */ + +#ifndef IRSSI_OTR_KEY_H +#define IRSSI_OTR_KEY_H + +#include "common.h" +#include "servers.h" + +#include "otr.h" + +void key_gen_run(struct otr_user_state *ustate, const char *account_name); +void key_load(struct otr_user_state *ustate); +void key_load_fingerprints(struct otr_user_state *ustate); +void key_write_fingerprints(struct otr_user_state *ustate); +void key_write_instags(struct otr_user_state *ustate); + +#endif /* IRSSI_OTR_KEY_H */ diff --git a/src/otr/module.c b/src/otr/module.c new file mode 100644 index 00000000..ca3107b1 --- /dev/null +++ b/src/otr/module.c @@ -0,0 +1,261 @@ +/* + * Off-the-Record Messaging (OTR) module for the irssi IRC client + * + * Copyright (C) 2008 Uli Meis <a.sporto+bee@gmail.com> + * 2012 David Goulet <dgoulet@ev0ke.net> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 51 + * Franklin Street, Fifth Floor, Boston, MA 02110-1301,USA + */ + +#define _GNU_SOURCE +#include <glib.h> + +#include "module.h" + +#include "signals.h" +#include "queries.h" +#include "commands.h" + +#include "irc.h" +#include "irc-servers.h" +#include "irc-queries.h" +#include "irc-commands.h" + +#include "key.h" +#include "otr.h" +#include "otr-formats.h" +#include "otr-fe.h" +#include "misc.h" + +/* + * Global state for the user. Init when the module loads. + */ +struct otr_user_state *user_state_global; + +/* + * Pipes all outgoing private messages through OTR + */ +static void sig_server_sendmsg(SERVER_REC *server, const char *target, + const char *msg, void *target_type_p) +{ + char *otrmsg = NULL; + + if (GPOINTER_TO_INT(target_type_p) != SEND_TARGET_NICK) { + otrl_message_free(otrmsg); + return; + } + + /* Critical section. On error, message MUST NOT be sent */ + if (otr_send(server, msg, target, &otrmsg)) { + signal_stop(); + otrl_message_free(otrmsg); + return; + } + + if (otrmsg == NULL) { + /* Send original message */ + signal_continue(4, server, target, msg, target_type_p); + } else { + /* Send encrypted message */ + signal_continue(4, server, target, otrmsg, target_type_p); + } + + otrl_message_free(otrmsg); +} + +/* + * Pipes all incoming private messages through OTR + */ +void sig_message_private(SERVER_REC *server, const char *msg, const char *nick, const char *address) +{ + char *new_msg = NULL; + + if (otr_receive(server, msg, nick, &new_msg)) { + signal_stop(); + otrl_message_free(new_msg); + return; + } + + if (new_msg == NULL) { + /* This message was not OTR */ + signal_continue(4, server, msg, nick, address); + } else { + /* + * Check for /me IRC marker and if so, handle it so the user does not + * receive a message beginning with /me but rather let irssi handle it + * as a IRC action. + */ + if (strncmp(new_msg, OTR_IRC_MARKER_ME, OTR_IRC_MARKER_ME_LEN) == 0) { + signal_stop(); + signal_emit("message irc action", 5, server, new_msg + OTR_IRC_MARKER_ME_LEN, nick, address, nick); + } else { + /* OTR received message */ + signal_continue(4, server, new_msg, nick, address); + } + } + + otrl_message_free(new_msg); +} + +/* + * Finish an OTR conversation when its query is closed. + */ +static void sig_query_destroyed(QUERY_REC *query) +{ + if (query && query->server && query->server->connrec) { + otr_finish(query->server, query->name); + } +} + +/* + * Handle /me IRC command. + */ +static void cmd_me(const char *data, IRC_SERVER_REC *server, + WI_ITEM_REC *item) +{ + const char *target; + char *msg, *otrmsg = NULL; + QUERY_REC *query; + + query = QUERY(item); + + if (query == NULL || query->server == NULL) { + return; + } + + CMD_IRC_SERVER(server); + if (!IS_IRC_QUERY(query)) { + return; + } + + if (server == NULL || !server->connected) { + cmd_return_error(CMDERR_NOT_CONNECTED); + } + + target = window_item_get_target(item); + + msg = g_strdup_printf(OTR_IRC_MARKER_ME "%s", data); + g_return_if_fail(msg != NULL); + + /* Critical section. On error, message MUST NOT be sent */ + otr_send(query->server, msg, target, &otrmsg); + g_free(msg); + + if (otrmsg == NULL) { + return; + } + + signal_stop(); + + if (otrmsg) { + /* Send encrypted message */ + otr_send_message(SERVER(server), target, otrmsg); + otrl_message_free(otrmsg); + } + + signal_emit("message irc own_action", 3, server, data, item->visible_name); +} + +/* + * Optionally finish conversations on /quit. We're already doing this on unload + * but the quit handler terminates irc connections before unloading. + */ +static void cmd_quit(const char *data, void *server, WI_ITEM_REC *item) +{ + otr_finishall(user_state_global); +} + +/* + * Create otr module directory if none exists. + */ +static void create_module_dir(void) +{ + char *dir_path = NULL; + struct stat statbuf; + + /* Create ~/.irssi/otr directory. */ + dir_path = g_strdup_printf("%s/%s", get_irssi_dir(), OTR_DIR); + g_return_if_fail(dir_path != NULL); + + if (stat(dir_path, &statbuf) != 0) { + if (g_mkdir_with_parents(dir_path, 0700) != 0) + g_warning("Unable to create OTR directory path."); + } else if (!S_ISDIR(statbuf.st_mode)) { + g_warning("%s is not a directory.", dir_path); + g_warning("You should remove it with command: rm %s", dir_path); + } + + g_free(dir_path); +} + +void otr_send_message(SERVER_REC *server, const char *recipient, const char *msg) +{ + /* + * Apparently, there are cases where the server record is NULL which has + * been reported with the irssi xmpp plugin. In that case, just return an + * do nothing. + */ + g_return_if_fail(server != NULL); + + server->send_message(server, recipient, msg, GPOINTER_TO_INT(SEND_TARGET_NICK)); +} + +/* + * irssi init() + */ +void otr_core_init(void) +{ + module_register("otr", "core"); + + create_module_dir(); + + otr_lib_init(); + + user_state_global = otr_init_user_state(); + g_return_if_fail(user_state_global != NULL); + + signal_add_first("server sendmsg", (SIGNAL_FUNC) sig_server_sendmsg); + signal_add_first("message private", (SIGNAL_FUNC) sig_message_private); + signal_add("query destroyed", (SIGNAL_FUNC) sig_query_destroyed); + + command_bind_first("quit", NULL, (SIGNAL_FUNC) cmd_quit); + command_bind_irc_first("me", NULL, (SIGNAL_FUNC) cmd_me); + + otr_fe_init(); +} + +/* + * irssi deinit() + */ +void otr_core_deinit(void) +{ + signal_remove("server sendmsg", (SIGNAL_FUNC) sig_server_sendmsg); + signal_remove("message private", (SIGNAL_FUNC) sig_message_private); + signal_remove("query destroyed", (SIGNAL_FUNC) sig_query_destroyed); + + otr_fe_deinit(); + + command_unbind("quit", (SIGNAL_FUNC) cmd_quit); + command_unbind("me", (SIGNAL_FUNC) cmd_me); + + otr_finishall(user_state_global); + + /* Remove glib timer if any. */ + otr_control_timer(0, NULL); + + otr_free_user_state(user_state_global); + + otr_lib_uninit(); +} diff --git a/src/otr/module.h b/src/otr/module.h new file mode 100644 index 00000000..fdfc77bd --- /dev/null +++ b/src/otr/module.h @@ -0,0 +1,29 @@ +/* + * Off-the-Record Messaging (OTR) module for the irssi IRC client + * + * Copyright (C) 2012 - David Goulet <dgoulet@ev0ke.net> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 51 + * Franklin Street, Fifth Floor, Boston, MA 02110-1301,USA + */ + +#ifndef IRSSI_OTR_MODULE +#define IRSSI_OTR_MODULE + +#include "common.h" +#include "servers.h" + +void sig_message_private(SERVER_REC *server, const char *msg, const char *nick, const char *address); + +#endif /* IRSSI_OTR_MODULE */ diff --git a/src/otr/otr-fe.c b/src/otr/otr-fe.c new file mode 100644 index 00000000..13e37576 --- /dev/null +++ b/src/otr/otr-fe.c @@ -0,0 +1,344 @@ +/* + * Off-the-Record Messaging (OTR) module for the irssi IRC client + * + * Copyright (C) 2008 Uli Meis <a.sporto+bee@gmail.com> + * 2012 David Goulet <dgoulet@ev0ke.net> + * 2014 Alexander Færøy <ahf@0x90.dk> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 51 + * Franklin Street, Fifth Floor, Boston, MA 02110-1301,USA + */ + +#include "common.h" +#include "levels.h" +#include "printtext.h" +#include "commands.h" +#include "irc.h" +#include "irc-servers.h" +#include "irc-queries.h" +#include "statusbar-item.h" + +#include "otr.h" +#include "otr-formats.h" +#include "key.h" + +static void cmd_otr(const char *data, SERVER_REC *server, void *item) +{ + if (*data == '\0') + data = "info"; // FIXME(ahf): Is this really what we want as default? + + command_runsub("otr", data, server, item); + + // We always redraw the OTR statusbar, just in case. + statusbar_items_redraw("otr"); +} + +static void cmd_otr_debug(const char *data) +{ + otr_debug_toggle(); + + if (otr_debug_get()) + printtext(NULL, NULL, MSGLEVEL_CRAP, "OTR debugging enabled"); + else + printtext(NULL, NULL, MSGLEVEL_CRAP, "OTR debugging disabled"); +} + +static void cmd_otr_init(const char *data, SERVER_REC *server, WI_ITEM_REC *item) +{ + QUERY_REC *query; + char *target; + ConnContext *ctx; + + g_return_if_fail(server != NULL); + + if (!server->connected) + cmd_return_error(CMDERR_NOT_CONNECTED); + + if (!IS_QUERY(item)) + cmd_return_error(CMDERR_NOT_ENOUGH_PARAMS); + + query = QUERY(item); + target = query->name; + + ctx = otr_find_context(server, target, FALSE); + if (ctx && ctx->msgstate == OTRL_MSGSTATE_ENCRYPTED) { + printformat(server, target, MSGLEVEL_CRAP, TXT_OTR_SESSION_ALREADY_SECURED, ctx->accountname); + return; + } + + printformat(server, target, MSGLEVEL_CRAP, TXT_OTR_SESSION_INITIATING); + + /* + * Irssi does not handle well the HTML tag in the default OTR query message + * so just send the OTR tag instead. Contact me for a better fix! :) + */ + otr_send_message(server, target, "?OTRv23?"); +} + +static void cmd_otr_finish(const char *data, SERVER_REC *server, WI_ITEM_REC *item) +{ + QUERY_REC *query; + char *target; + + g_return_if_fail(server != NULL); + + if (!server->connected) + cmd_return_error(CMDERR_NOT_CONNECTED); + + if (!IS_QUERY(item)) + cmd_return_error(CMDERR_NOT_ENOUGH_PARAMS); + + query = QUERY(item); + target = query->name; + + otr_finish(server, target); +} + +static void cmd_otr_trust(const char *data, SERVER_REC *server, WI_ITEM_REC *item) +{ + QUERY_REC *query; + char *target; + + char *fingerprint, *human_fingerprint; + void *free_arg; + + g_return_if_fail(server != NULL); + + query = QUERY(item); + target = query ? query->name : NULL; + + if (!cmd_get_params(data, &free_arg, 1 | PARAM_FLAG_GETREST, &fingerprint)) + return; + + // We fallback to target if fingerprint isn't specified. + if (*fingerprint == '\0' && target == NULL) + cmd_param_error(CMDERR_NOT_ENOUGH_PARAMS); + + human_fingerprint = g_ascii_strup(fingerprint, -1); + otr_trust(server, target, human_fingerprint, user_state_global); + g_free(human_fingerprint); + + cmd_params_free(free_arg); +} + +static void cmd_otr_distrust(const char *data, SERVER_REC *server, WI_ITEM_REC *item) +{ + QUERY_REC *query; + char *target; + + char *fingerprint, *human_fingerprint; + void *free_arg; + + g_return_if_fail(server != NULL); + + query = QUERY(item); + target = query ? query->name : NULL; + + if (!cmd_get_params(data, &free_arg, 1 | PARAM_FLAG_GETREST, &fingerprint)) + return; + + // We fallback to target if fingerprint isn't specified. + if (*fingerprint == '\0' && target == NULL) + cmd_param_error(CMDERR_NOT_ENOUGH_PARAMS); + + human_fingerprint = g_ascii_strup(fingerprint, -1); + otr_distrust(server, target, human_fingerprint, user_state_global); + g_free(human_fingerprint); + + cmd_params_free(free_arg); +} + +static void cmd_otr_forget(const char *data, SERVER_REC *server, WI_ITEM_REC *item) +{ + QUERY_REC *query; + char *target; + + char *fingerprint, *human_fingerprint; + void *free_arg; + + g_return_if_fail(server != NULL); + + if (!cmd_get_params(data, &free_arg, 1 | PARAM_FLAG_GETREST, &fingerprint)) + return; + + query = QUERY(item); + target = query ? query->name : NULL; + + // We fallback to target if fingerprint isn't specified. + if (*fingerprint == '\0' && target == NULL) + cmd_param_error(CMDERR_NOT_ENOUGH_PARAMS); + + human_fingerprint = g_ascii_strup(fingerprint, -1); + otr_forget(server, target, human_fingerprint, user_state_global); + g_free(human_fingerprint); + + cmd_params_free(free_arg); +} + +static void cmd_otr_authabort(const char *data, SERVER_REC *server, WI_ITEM_REC *item) +{ + QUERY_REC *query; + char *target; + + query = QUERY(item); + target = query ? query->name : NULL; + + if (server == NULL || target == NULL) + cmd_return_error(CMDERR_NOT_ENOUGH_PARAMS); + + otr_auth_abort(server, target); +} + +static void cmd_otr_auth(const char *data, SERVER_REC *server, WI_ITEM_REC *item) +{ + QUERY_REC *query; + char *target; + + char *secret; + void *free_arg; + + if (!cmd_get_params(data, &free_arg, 1, &secret)) + return; + + query = QUERY(item); + target = query ? query->name : NULL; + + if (server == NULL || target == NULL || *secret == '\0') + cmd_param_error(CMDERR_NOT_ENOUGH_PARAMS); + + if (*secret == '\0') + cmd_param_error(CMDERR_NOT_ENOUGH_PARAMS); + + otr_auth(server, target, NULL, secret); + + cmd_params_free(free_arg); +} + +static void cmd_otr_authq(const char *data, SERVER_REC *server, WI_ITEM_REC *item) +{ + QUERY_REC *query; + char *target; + + char *question, *secret; + void *free_arg; + + if (!cmd_get_params(data, &free_arg, 2, &question, &secret)) + return; + + query = QUERY(item); + target = query ? query->name : NULL; + + if (server == NULL || target == NULL || *question == '\0' || *secret == '\0') + cmd_param_error(CMDERR_NOT_ENOUGH_PARAMS); + + otr_auth(server, target, question, secret); + + cmd_params_free(free_arg); +} + +static void cmd_otr_genkey(const char *data) +{ + char *account_name; + void *free_arg; + + if (!cmd_get_params(data, &free_arg, 1, &account_name)) + return; + + if (*account_name == '\0') + cmd_param_error(CMDERR_NOT_ENOUGH_PARAMS); + + key_gen_run(user_state_global, account_name); + + cmd_params_free(free_arg); +} + +static void cmd_otr_contexts(const char *data) +{ + otr_contexts(user_state_global); +} + +static void cmd_otr_info(const char *data) +{ + gboolean empty = TRUE; + char ownfp[OTRL_PRIVKEY_FPRINT_HUMAN_LEN]; + OtrlPrivKey *key; + + for (key = user_state_global->otr_state->privkey_root; key != NULL; key = key->next) { + otrl_privkey_fingerprint(user_state_global->otr_state, ownfp, key->accountname, OTR_PROTOCOL_ID); + + printformat(NULL, NULL, MSGLEVEL_CLIENTNOTICE, TXT_OTR_FP_NICK, key->accountname, ownfp); + + empty = FALSE; + } + + if (empty) + printformat(NULL, NULL, MSGLEVEL_CLIENTERROR, TXT_OTR_KEYS_UNAVAILABLE); +} + +static void statusbar_otr(struct SBAR_ITEM_REC *item, int get_size_only) +{ + WI_ITEM_REC *wi_item = active_win->active; + QUERY_REC *query = QUERY(wi_item); + enum otr_status_format format = TXT_OTR_MODULE_NAME; + + if (query && query->server && query->server->connrec) { + format = otr_get_status_format(query->server, query->name); + } + + statusbar_item_default_handler(item, get_size_only, + format ? fe_otr_formats[format].def : "", " ", FALSE); +} + +void otr_fe_init(void) +{ + theme_register(fe_otr_formats); + + command_bind("otr", NULL, (SIGNAL_FUNC) cmd_otr); + command_bind("otr debug", NULL, (SIGNAL_FUNC) cmd_otr_debug); + command_bind("otr init", NULL, (SIGNAL_FUNC) cmd_otr_init); + command_bind("otr finish", NULL, (SIGNAL_FUNC) cmd_otr_finish); + command_bind("otr trust", NULL, (SIGNAL_FUNC) cmd_otr_trust); + command_bind("otr distrust", NULL, (SIGNAL_FUNC) cmd_otr_distrust); + command_bind("otr forget", NULL, (SIGNAL_FUNC) cmd_otr_forget); + command_bind("otr authabort", NULL, (SIGNAL_FUNC) cmd_otr_authabort); + command_bind("otr auth", NULL, (SIGNAL_FUNC) cmd_otr_auth); + command_bind("otr authq", NULL, (SIGNAL_FUNC) cmd_otr_authq); + command_bind("otr genkey", NULL, (SIGNAL_FUNC) cmd_otr_genkey); + command_bind("otr contexts", NULL, (SIGNAL_FUNC) cmd_otr_contexts); + command_bind("otr info", NULL, (SIGNAL_FUNC) cmd_otr_info); + + statusbar_item_register("otr", NULL, statusbar_otr); + statusbar_items_redraw("window"); +} + +void otr_fe_deinit(void) +{ + theme_unregister(); + + command_unbind("otr", (SIGNAL_FUNC) cmd_otr); + command_unbind("otr debug", (SIGNAL_FUNC) cmd_otr_debug); + command_unbind("otr init", (SIGNAL_FUNC) cmd_otr_init); + command_unbind("otr finish", (SIGNAL_FUNC) cmd_otr_finish); + command_unbind("otr trust", (SIGNAL_FUNC) cmd_otr_trust); + command_unbind("otr distrust", (SIGNAL_FUNC) cmd_otr_distrust); + command_unbind("otr forget", (SIGNAL_FUNC) cmd_otr_forget); + command_unbind("otr authabort", (SIGNAL_FUNC) cmd_otr_authabort); + command_unbind("otr auth", (SIGNAL_FUNC) cmd_otr_auth); + command_unbind("otr authq", (SIGNAL_FUNC) cmd_otr_authq); + command_unbind("otr genkey", (SIGNAL_FUNC) cmd_otr_genkey); + command_unbind("otr contexts", (SIGNAL_FUNC) cmd_otr_contexts); + command_unbind("otr info", (SIGNAL_FUNC) cmd_otr_info); + + statusbar_item_unregister("otr"); +} diff --git a/src/otr/otr-fe.h b/src/otr/otr-fe.h new file mode 100644 index 00000000..c9aaebb3 --- /dev/null +++ b/src/otr/otr-fe.h @@ -0,0 +1,28 @@ +/* + * Off-the-Record Messaging (OTR) module for the irssi IRC client + * + * Copyright (C) 2008 Uli Meis <a.sporto+bee@gmail.com> + * 2012 David Goulet <dgoulet@ev0ke.net> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 51 + * Franklin Street, Fifth Floor, Boston, MA 02110-1301,USA + */ + +#ifndef IRSSI_OTR_FE_H +#define IRSSI_OTR_FE_H + +void otr_fe_init(void); +void otr_fe_deinit(void); + +#endif diff --git a/src/otr/otr-formats.c b/src/otr/otr-formats.c new file mode 100644 index 00000000..e430b6b5 --- /dev/null +++ b/src/otr/otr-formats.c @@ -0,0 +1,108 @@ +/* + * Off-the-Record Messaging (OTR) modules for IRC + * + * Copyright (C) - 2012 David Goulet <dgoulet@ev0ke.net> + * 2014 Alexander Færøy <ahf@0x90.dk> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 51 + * Franklin Street, Fifth Floor, Boston, MA 02110-1301,USA + */ + +#include "otr.h" +#include "otr-formats.h" + +FORMAT_REC fe_otr_formats[] = { + { MODULE_NAME, "Core", 0 }, + + /* Status bar format. */ + { NULL, "OTR Statusbar", 0 }, + + { "otr_stb_plaintext", "{sb plaintext}", 0}, + { "otr_stb_finished", "{sb %yfinished%n}", 0}, + { "otr_stb_unknown", "{sb {hilight state unknown (BUG!)}}", 0}, + { "otr_stb_untrusted", "{sb %GOTR%n (%runverified%n)}", 0}, + { "otr_stb_trust", "{sb %GOTR%n}", 0}, + + /* OTR format. */ + { NULL, "OTR", 0 }, + + { "otr_auth_aborted", "Authentication aborted", 0}, + { "otr_auth_initiated", "Initiated authentication", 0}, + { "otr_auth_ongoing_aborted", "Ongoing authentication aborted", 0}, + { "otr_auth_response", "Responding to authentication", 0}, + + { "otr_ctx_list_header", "{hilight Contexts}", 0}, + { "otr_ctx_list_encrypted_line", "{hilight $0} - {hilight $1} (Encrypted)", 2, { 0, 0 }}, + { "otr_ctx_list_finished_line", "{hilight $0} - {hilight $1} (Finished)", 2, { 0, 0 }}, + { "otr_ctx_list_manual_line", " {hilight $0} (Manual)", 1, { 0, 0 }}, + { "otr_ctx_list_plaintext_line", "{hilight $0} - {hilight $1} (Plaintext)", 2, { 0, 0 }}, + { "otr_ctx_list_smp_line", " {hilight $0} (SMP)", 1, { 0, 0 }}, + { "otr_ctx_list_unknown_line", "{hilight $0} - {hilight $1} (Unknown)", 2, { 0, 0 }}, + { "otr_ctx_list_unused_line", "{hilight $0} - {hilight $1} (Unused)", 2, { 0, 0 }}, + { "otr_ctx_list_unverified_line", " {hilight $0} (Unverified)", 1, { 0, 0 }}, + { "otr_ctx_list_footer", "", 0}, + { "otr_ctx_missing", "{error No active OTR contexts found}", 0}, + { "otr_ctx_nick_missing", "{error Context for {hilight $0} not found}", 1, { 1 }}, + + { "otr_fp_already_distrusted", "{error Already distrusting: {hilight $0}", 1, { 0 }}, + { "otr_fp_already_trusted", "{error Already trusting: {hilight $0}", 1, { 0 }}, + { "otr_fp_ctx_encrypted", "Fingerprint context is still encrypted. Finish the OTR session before forgetting a fingerprint", 0}, + { "otr_fp_distrusted", "Distrusting {hilight $0}", 1, { 0 }}, + { "otr_fp_forgotten", "Fingerprint {hilight $0} forgotten", 1, { 0 }}, + { "otr_fp_info", "OTR key fingerprint: {hilight $1} for {hilight $0}", 2, { 0, 0 }}, + { "otr_fp_missing", "{error Fingerprint {hilight $0} not found", 1, { 0 }}, + { "otr_fp_nick", "Fingerprint for {hilight $0}: {hilight $1}", 2, { 0, 0 }}, + { "otr_fp_trusted", "Trusting {hilight $0}", 1, { 0 }}, + + { "otr_keygen_completed", "OTR key generation for {hilight $0} completed", 1, { 0 }}, + { "otr_keygen_failed", "OTR key generation for {hilight $0} failed: {error $1}", 2, { 0, 0 }}, + { "otr_keygen_running", "OTR key generation for {hilight $0} is still in progress", 1, { 0 }}, + { "otr_keygen_started", "OTR key generation for {hilight $0} started", 1, { 0 }}, + + { "otr_keys_unavailable", "{error No OTR keys available}", 0}, + + { "otr_msg_encryption_ended", "{hilight $0} has closed the connection to you", 1, { 0 }}, + { "otr_msg_encryption_error", "{error An error occured when encrypting your message}", 0}, + { "otr_msg_encryption_required", "Encryptioned is required", 0}, + { "otr_msg_error", "Error in private conversation: {error $0}", 1, { 0 }}, + { "otr_msg_general_error", "General Error: {error $0}", 1, { 0 }}, + { "otr_msg_malformed", "Malformed message from {hilight $0}", 1, { 0 }}, + { "otr_msg_not_in_private", "The encrypted message from {hilight $0} was is unreadable because you're not communicating privately", 1, { 0 }}, + { "otr_msg_reflected", "Received reflected message from {hilight $0}", 0, { 0 }}, + { "otr_msg_resent", "The last message to {hilight $0} was resent: $1", 2, { 0, 0 }}, + { "otr_msg_unencrypted", "The following message from {hilight $0} was {error not} encrypted", 1, { 0 }}, + { "otr_msg_unreadable", "Unreadable encrypted message from {hilight $0}", 1, { 0 }}, + { "otr_msg_unrecognized", "Unrecognized OTR message from {hilight $0}", 1, { 0 }}, + + { "otr_session_already_finished", "Nothing to do", 0}, + { "otr_session_already_secured", "Secure session with {hilight $0} already established", 1, { 0 }}, + { "otr_session_finished", "{hilight $0} has finished the OTR session. Use /otr init to restart or /otr finish to finish.", 1, { 0 }}, + { "otr_session_finishing", "Finished conversation with {hilight $0}", 1, { 0 }}, + { "otr_session_initiating", "Initiating OTR session ...", 0}, + { "otr_session_insecure", "Session insecured", 0}, + { "otr_session_missing", "{error No OTR session available}", 0}, + { "otr_session_secure", "Session secured", 0}, + { "otr_session_unauthenticated_warning", "Your peer is not authenticated", 0}, + + { "otr_smp_answer_footer", "Use /otr auth <answer> to complete", 0}, + { "otr_smp_answer_header", "{hilight $0} wants to authenticate and asked:", 1, { 0 }}, + { "otr_smp_answer_question", "Question: {hilight $0}", 1, { 0 }}, + { "otr_smp_failure", "Authentication with {hilight $0} failed", 1, { 0 }}, + { "otr_smp_in_progress", "{hilight $0} replied to your auth request", 1, { 0 }}, + { "otr_smp_secret_question", "{hilight $0} wants to authenticate. Use /otr auth <secret> to complete", 1, { 0 }}, + { "otr_smp_success", "Authentication with {hilight $0} succesful", 1, { 0 }}, + + /* Last element. */ + { NULL, NULL, 0 } +}; diff --git a/src/otr/otr-formats.h b/src/otr/otr-formats.h new file mode 100644 index 00000000..454b2f6c --- /dev/null +++ b/src/otr/otr-formats.h @@ -0,0 +1,112 @@ +/* + * Off-the-Record Messaging (OTR) modules for IRC + * + * Copyright (C) - 2012 David Goulet <dgoulet@ev0ke.net> + * 2014 Alexander Færøy <ahf@0x90.dk> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 51 + * Franklin Street, Fifth Floor, Boston, MA 02110-1301,USA + */ + +#ifndef IRSSI_OTR_FORMATS_H +#define IRSSI_OTR_FORMATS_H + +#include "formats.h" + +/* + * Must be in sync with the fe_otr_formats array. + */ +enum otr_status_format { + TXT_OTR_MODULE_NAME, + + /* Status bar format. */ + TXT_OTR_FILL_1, + TXT_OTR_STB_PLAINTEXT, + TXT_OTR_STB_FINISHED, + TXT_OTR_STB_UNKNOWN, + TXT_OTR_STB_UNTRUSTED, + TXT_OTR_STB_TRUST, + + /* OTR format. */ + TXT_OTR_FILL_2, + TXT_OTR_AUTH_ABORTED, + TXT_OTR_AUTH_INITIATED, + TXT_OTR_AUTH_ONGOING_ABORTED, + TXT_OTR_AUTH_RESPONSE, + + TXT_OTR_CTX_LIST_HEADER, + TXT_OTR_CTX_LIST_ENCRYPTED_LINE, + TXT_OTR_CTX_LIST_FINISHED_LINE, + TXT_OTR_CTX_LIST_MANUAL_LINE, + TXT_OTR_CTX_LIST_PLAINTEXT_LINE, + TXT_OTR_CTX_LIST_SMP_LINE, + TXT_OTR_CTX_LIST_UNKNOWN_LINE, + TXT_OTR_CTX_LIST_UNUSED_LINE, + TXT_OTR_CTX_LIST_UNVERIFIED_LINE, + TXT_OTR_CTX_LIST_FOOTER, + TXT_OTR_CTX_MISSING, + TXT_OTR_CTX_NICK_MISSING, + + TXT_OTR_FP_ALREADY_DISTRUSED, + TXT_OTR_FP_ALREADY_TRUSTED, + TXT_OTR_FP_CTX_ENCRYPTED, + TXT_OTR_FP_DISTRUSTED, + TXT_OTR_FP_FORGOTTEN, + TXT_OTR_FP_INFO, + TXT_OTR_FP_MISSING, + TXT_OTR_FP_NICK, + TXT_OTR_FP_TRUSTED, + + TXT_OTR_KEYGEN_COMPLETED, + TXT_OTR_KEYGEN_FAILED, + TXT_OTR_KEYGEN_RUNNING, + TXT_OTR_KEYGEN_STARTED, + + TXT_OTR_KEYS_UNAVAILABLE, + + TXT_OTR_MSG_ENCRYPTION_ENDED, + TXT_OTR_MSG_ENCRYPTION_ERROR, + TXT_OTR_MSG_ENCRYPTION_REQUIRED, + TXT_OTR_MSG_ERROR, + TXT_OTR_MSG_GENERAL_ERROR, + TXT_OTR_MSG_MALFORMED, + TXT_OTR_MSG_NOT_IN_PRIVATE, + TXT_OTR_MSG_REFLECTED, + TXT_OTR_MSG_RESENT, + TXT_OTR_MSG_UNENCRYPTED, + TXT_OTR_MSG_UNREADABLE, + TXT_OTR_MSG_UNRECOGNIZED, + + TXT_OTR_SESSION_ALREADY_FINISHED, + TXT_OTR_SESSION_ALREADY_SECURED, + TXT_OTR_SESSION_FINISHED, + TXT_OTR_SESSION_FINISHING, + TXT_OTR_SESSION_INITIATING, + TXT_OTR_SESSION_INSECURE, + TXT_OTR_SESSION_MISSING, + TXT_OTR_SESSION_SECURE, + TXT_OTR_SESSION_UNAUTHENTICATED_WARNING, + + TXT_OTR_SMP_ANSWER_FOOTER, + TXT_OTR_SMP_ANSWER_HEADER, + TXT_OTR_SMP_ANSWER_QUESTION, + TXT_OTR_SMP_FAILURE, + TXT_OTR_SMP_IN_PROGRESS, + TXT_OTR_SMP_SECRET_QUESTION, + TXT_OTR_SMP_SUCCESS +}; + +extern FORMAT_REC fe_otr_formats[]; + +#endif /* IRSSI_OTR_FORMATS_H */ diff --git a/src/otr/otr-ops.c b/src/otr/otr-ops.c new file mode 100644 index 00000000..9359e63e --- /dev/null +++ b/src/otr/otr-ops.c @@ -0,0 +1,362 @@ +/* + * Off-the-Record Messaging (OTR) modules for IRC + * Copyright (C) 2008 Uli Meis <a.sporto+bee@gmail.com> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,USA + */ + +#include "common.h" + +#include "signals.h" +#include "levels.h" +#include "printtext.h" +#include "fe-windows.h" + +#include "key.h" +#include "module.h" +#include "otr-formats.h" +#include "irssi-otr.h" + +static OtrlPolicy OTR_DEFAULT_POLICY = OTRL_POLICY_MANUAL | OTRL_POLICY_WHITESPACE_START_AKE; + +/* + * Return default policy for now. + */ +static OtrlPolicy ops_policy(void *opdata, ConnContext *context) +{ + return OTR_DEFAULT_POLICY; +} + +/* + * Request for key generation. + * + * The lib actually expects us to be finished before the call returns. Since + * this can take more than an hour on some systems there isn't even a point in + * trying... + */ +static void ops_create_privkey(void *opdata, const char *accountname, + const char *protocol) +{ + key_gen_run(user_state_global, accountname); +} + +/* + * Inject OTR message. + */ +static void ops_inject_msg(void *opdata, const char *accountname, + const char *protocol, const char *recipient, const char *message) +{ + SERVER_REC *server = opdata; + + IRSSI_OTR_DEBUG("Inject msg:\n[%s]", message); + otr_send_message(server, recipient, message); +} + +/* + * Gone secure. + */ +static void ops_secure(void *opdata, ConnContext *context) +{ + char ownfp[OTRL_PRIVKEY_FPRINT_HUMAN_LEN]; + char peerfp[OTRL_PRIVKEY_FPRINT_HUMAN_LEN]; + SERVER_REC *server = opdata; + struct otr_peer_context *opc; + + g_return_if_fail(context != NULL); + /* This should *really* not happened */ + g_return_if_fail(context->msgstate == OTRL_MSGSTATE_ENCRYPTED); + + printformat(server, context->username, MSGLEVEL_CLIENTCRAP, TXT_OTR_SESSION_SECURE); + otr_status_change(server, context->username, OTR_STATUS_GONE_SECURE); + + opc = context->app_data; + opc->active_fingerprint = context->active_fingerprint; + + if (otrl_context_is_fingerprint_trusted(context->active_fingerprint)) { + /* Secure and trusted */ + return; + } + + /* Not authenticated. Let's print out the fingerprints for comparison. */ + otrl_privkey_hash_to_human(peerfp, context->active_fingerprint->fingerprint); + otrl_privkey_fingerprint(user_state_global->otr_state, ownfp, context->accountname, OTR_PROTOCOL_ID); + + printformat(server, context->username, MSGLEVEL_CLIENTCRAP, TXT_OTR_SESSION_UNAUTHENTICATED_WARNING); + printformat(server, context->username, MSGLEVEL_CLIENTCRAP, TXT_OTR_FP_INFO, server->nick, ownfp); + printformat(server, context->username, MSGLEVEL_CLIENTCRAP, TXT_OTR_FP_INFO, context->username, peerfp); +} + +/* + * Gone insecure. + */ +static void ops_insecure(void *opdata, ConnContext *context) +{ + SERVER_REC *server = opdata; + + printformat(server, context->username, MSGLEVEL_CLIENTCRAP, TXT_OTR_SESSION_INSECURE); + otr_status_change(server, context->username, OTR_STATUS_GONE_INSECURE); +} + +/* + * Really critical with IRC. Unfortunately, we can't tell our peer which size + * to use. + */ +static int ops_max_msg(void *opdata, ConnContext *context) +{ + return OTR_MAX_MSG_SIZE; +} + +static void ops_handle_msg_event(void *opdata, OtrlMessageEvent msg_event, ConnContext *context, const char *message, gcry_error_t err) +{ + SERVER_REC *server = opdata; + char *username = context->username; + + switch (msg_event) { + case OTRL_MSGEVENT_NONE: + break; + case OTRL_MSGEVENT_ENCRYPTION_REQUIRED: + printformat(server, username, MSGLEVEL_CLIENTERROR, TXT_OTR_MSG_ENCRYPTION_REQUIRED); + break; + case OTRL_MSGEVENT_ENCRYPTION_ERROR: + printformat(server, username, MSGLEVEL_CLIENTERROR, TXT_OTR_MSG_ENCRYPTION_ERROR); + break; + case OTRL_MSGEVENT_CONNECTION_ENDED: + printformat(server, username, MSGLEVEL_CLIENTERROR, TXT_OTR_MSG_ENCRYPTION_ENDED, username); + break; + case OTRL_MSGEVENT_SETUP_ERROR: + if (!err) { + err = GPG_ERR_INV_VALUE; + } + switch (err) { + case GPG_ERR_INV_VALUE: + printformat(server, username, MSGLEVEL_CLIENTERROR, TXT_OTR_MSG_MALFORMED, username); + break; + default: + printformat(server, username, MSGLEVEL_CLIENTERROR, TXT_OTR_MSG_ERROR, gcry_strerror(err)); + break; + } + break; + case OTRL_MSGEVENT_MSG_REFLECTED: + printformat(server, username, MSGLEVEL_CLIENTERROR, TXT_OTR_MSG_REFLECTED, username); + break; + case OTRL_MSGEVENT_MSG_RESENT: + printformat(server, username, MSGLEVEL_CLIENTERROR, TXT_OTR_MSG_RESENT, username, message); + break; + case OTRL_MSGEVENT_RCVDMSG_NOT_IN_PRIVATE: + printformat(server, username, MSGLEVEL_CLIENTERROR, TXT_OTR_MSG_NOT_IN_PRIVATE, username); + break; + case OTRL_MSGEVENT_RCVDMSG_UNREADABLE: + printformat(server, username, MSGLEVEL_CLIENTERROR, TXT_OTR_MSG_UNREADABLE, username); + break; + case OTRL_MSGEVENT_RCVDMSG_MALFORMED: + printformat(server, username, MSGLEVEL_CLIENTERROR, TXT_OTR_MSG_MALFORMED, username); + break; + case OTRL_MSGEVENT_LOG_HEARTBEAT_RCVD: + IRSSI_OTR_DEBUG("Heartbeat received from %s.", username); + break; + case OTRL_MSGEVENT_LOG_HEARTBEAT_SENT: + IRSSI_OTR_DEBUG("Heartbeat sent to %s.", username); + break; + case OTRL_MSGEVENT_RCVDMSG_GENERAL_ERR: + printformat(server, username, MSGLEVEL_CLIENTERROR, TXT_OTR_MSG_ERROR, message); + break; + case OTRL_MSGEVENT_RCVDMSG_UNENCRYPTED: + printformat(server, username, MSGLEVEL_CLIENTERROR, TXT_OTR_MSG_UNENCRYPTED, username); + + /* + * This is a hack I found to send the message in a private window of + * the username without creating an infinite loop since the 'message + * private' signal is hijacked in this module. If someone is able to + * clean this up with a more elegant solution, by all means PLEASE + * submit a patch or email me a better way. + */ + signal_remove("message private", (SIGNAL_FUNC) sig_message_private); + signal_emit("message private", 4, server, message, username, server->connrec->address); + signal_add_first("message private", (SIGNAL_FUNC) sig_message_private); + break; + case OTRL_MSGEVENT_RCVDMSG_UNRECOGNIZED: + printformat(server, username, MSGLEVEL_CLIENTERROR, TXT_OTR_MSG_UNRECOGNIZED, username); + break; + case OTRL_MSGEVENT_RCVDMSG_FOR_OTHER_INSTANCE: + IRSSI_OTR_DEBUG("%s has sent a message for a different instance.", username); + break; + } +} + +/* + * A context changed. + */ +static void ops_up_ctx_list(void *opdata) +{ + otr_status_change(opdata, NULL, OTR_STATUS_CTX_UPDATE); +} + +/* + * Save fingerprint changes. + */ +static void ops_write_fingerprints(void *data) +{ + key_write_fingerprints(user_state_global); +} + +static int ops_is_logged_in(void *opdata, const char *accountname, const char *protocol, const char *recipient) +{ + int ret; + SERVER_REC *server = opdata; + + /* Logged in? */ + ret = server != NULL; + + IRSSI_OTR_DEBUG("User %s %s logged in", accountname, ret ? "" : "not"); + + return ret; +} + +static void ops_create_instag(void *opdata, const char *accountname, + const char *protocol) +{ + otrl_instag_generate(user_state_global->otr_state, "/dev/null", accountname, protocol); + key_write_instags(user_state_global); +} + +static void ops_smp_event(void *opdata, OtrlSMPEvent smp_event, + ConnContext *context, unsigned short progress_percent, char *question) +{ + SERVER_REC *server = opdata; + const char *from = context->username; + struct otr_peer_context *opc = context->app_data; + + /* + * Without a peer context, we can't update the status bar. Code flow error + * if none is found. This context is created automatically by an otrl_* + * call or if non existent when returned from + * otrl_message_sending/receiving. + */ + g_return_if_fail(opc != NULL); + + opc->smp_event = smp_event; + + switch (smp_event) { + case OTRL_SMPEVENT_ASK_FOR_SECRET: + printformat(server, from, MSGLEVEL_CLIENTCRAP, TXT_OTR_SMP_SECRET_QUESTION, from); + opc->ask_secret = 1; + otr_status_change(server, from, OTR_STATUS_SMP_INCOMING); + break; + case OTRL_SMPEVENT_ASK_FOR_ANSWER: + printformat(server, from, MSGLEVEL_CLIENTCRAP, TXT_OTR_SMP_ANSWER_HEADER, from); + printformat(server, from, MSGLEVEL_CLIENTCRAP, TXT_OTR_SMP_ANSWER_QUESTION, question); + printformat(server, from, MSGLEVEL_CLIENTCRAP, TXT_OTR_SMP_ANSWER_FOOTER); + opc->ask_secret = 1; + otr_status_change(server, from, OTR_STATUS_SMP_INCOMING); + break; + case OTRL_SMPEVENT_IN_PROGRESS: + printformat(server, from, MSGLEVEL_CLIENTCRAP, TXT_OTR_SMP_IN_PROGRESS, from); + otr_status_change(server, from, OTR_STATUS_SMP_FINALIZE); + break; + case OTRL_SMPEVENT_SUCCESS: + printformat(server, from, MSGLEVEL_CLIENTCRAP, TXT_OTR_SMP_SUCCESS, from); + otr_status_change(server, from, OTR_STATUS_SMP_SUCCESS); + break; + case OTRL_SMPEVENT_ABORT: + otr_auth_abort(server, context->username); + otr_status_change(server, from, OTR_STATUS_SMP_ABORTED); + break; + case OTRL_SMPEVENT_FAILURE: + case OTRL_SMPEVENT_CHEATED: + case OTRL_SMPEVENT_ERROR: + printformat(server, from, MSGLEVEL_CLIENTERROR, TXT_OTR_SMP_FAILURE, from); + otr_status_change(server, from, OTR_STATUS_SMP_FAILED); + break; + default: + g_warning("Received unknown SMP event: %d", smp_event); + break; + } +} + +/* + * timer_control callback. + */ +static void ops_timer_control(void *opdata, unsigned int interval) +{ + otr_control_timer(interval, opdata); +} + +/* + * Handle otr error message. + */ +static const char *ops_otr_error_message(void *opdata, ConnContext *context, + OtrlErrorCode code) +{ + char *msg = NULL; + + switch (code) { + case OTRL_ERRCODE_NONE: + break; + case OTRL_ERRCODE_ENCRYPTION_ERROR: + msg = strdup("Error occurred encrypting message."); + break; + case OTRL_ERRCODE_MSG_NOT_IN_PRIVATE: + if (context) { + msg = strdup("You sent encrypted data which was unexpected"); + } + break; + case OTRL_ERRCODE_MSG_UNREADABLE: + msg = strdup("You transmitted an unreadable encrypted message"); + break; + case OTRL_ERRCODE_MSG_MALFORMED: + msg = strdup("You transmitted a malformed data message."); + break; + } + + return msg; +} + +/* + * Free otr error message callback. + */ +static void ops_otr_error_message_free(void *opdata, const char *err_msg) +{ + g_free_not_null((char *)err_msg); +} + +/* + * Assign OTR message operations. + */ +OtrlMessageAppOps otr_ops = { + ops_policy, + ops_create_privkey, + ops_is_logged_in, + ops_inject_msg, + ops_up_ctx_list, + NULL, /* new_fingerprint */ + ops_write_fingerprints, + ops_secure, + ops_insecure, + NULL, /* still_secure */ + ops_max_msg, + NULL, /* account_name */ + NULL, /* account_name_free */ + NULL, /* received_symkey */ + ops_otr_error_message, + ops_otr_error_message_free, + NULL, /* resent_msg_prefix */ + NULL, /* resent_msg_prefix_free */ + ops_smp_event, + ops_handle_msg_event, + ops_create_instag, + NULL, /* convert_msg */ + NULL, /* convert_free */ + ops_timer_control, +}; diff --git a/src/otr/otr.c b/src/otr/otr.c new file mode 100644 index 00000000..765bc048 --- /dev/null +++ b/src/otr/otr.c @@ -0,0 +1,941 @@ +/* + * Off-the-Record Messaging (OTR) modules for IRC + * + * Copyright (C) 2008 - Uli Meis <a.sporto+bee@gmail.com> + * 2012 - David Goulet <dgoulet@ev0ke.net> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 51 + * Franklin Street, Fifth Floor, Boston, MA 02110-1301,USA + */ + +#define _GNU_SOURCE +#include <glib.h> +#include <gcrypt.h> +#include <unistd.h> + +#include "common.h" +#include "levels.h" +#include "signals.h" +#include "printtext.h" +#include "statusbar-item.h" + +#include "irssi-otr.h" +#include "otr-formats.h" +#include "key.h" + +static int otr_debug = 0; + +static const char *statusbar_txt[] = { + "FINISHED", + "TRUST_MANUAL", + "TRUST_SMP", + "SMP_ABORT", + "SMP_STARTED", + "SMP_RESPONDED", + "SMP_INCOMING", + "SMP_FINALIZE", + "SMP_ABORTED", + "PEER_FINISHED", + "SMP_FAILED", + "SMP_SUCCESS", + "GONE_SECURE", + "GONE_INSECURE", + "CTX_UPDATE" +}; + +/* Glib timer for otr. */ +static guint otr_timerid; + +/* + * Load instance tags. + */ +static void instag_load(struct otr_user_state *ustate) +{ + int ret; + char *filename; + gcry_error_t err; + + g_return_if_fail(ustate != NULL); + + /* Getting the otr instance filename path */ + filename = g_strdup_printf("%s%s", get_irssi_dir(), OTR_INSTAG_FILE); + g_return_if_fail(filename != NULL); + + ret = access(filename, F_OK); + if (ret < 0) { + IRSSI_OTR_DEBUG("no instance tags found at %9%s%9", filename); + g_free(filename); + return; + } + + err = otrl_instag_read(ustate->otr_state, filename); + if (err == GPG_ERR_NO_ERROR) + IRSSI_OTR_DEBUG("Instance tags loaded from %9%s%9", filename); + else + IRSSI_OTR_DEBUG("Error loading instance tags: %d (%d)", gcry_strerror(err), gcry_strsource(err)); + + g_free(filename); +} + +/* + * Free otr peer context. Callback passed to libotr. + */ +static void free_peer_context_cb(void *data) +{ + g_free_not_null(data); +} + +/* + * Allocate otr peer context. Callback passed to libotr. + */ +static void add_peer_context_cb(void *data, ConnContext *context) +{ + struct otr_peer_context *opc; + + opc = otr_create_peer_context(); + if (opc == NULL) { + return; + } + + opc->active_fingerprint = context->active_fingerprint; + + context->app_data = opc; + context->app_data_free = free_peer_context_cb; + + IRSSI_OTR_DEBUG("Peer context created for %s", context->username); +} + +/* + * Find Irssi server record by network name. + */ +static SERVER_REC *find_server_by_network(const char *network) +{ + GSList *tmp; + SERVER_REC *server; + + g_return_val_if_fail(network != NULL, NULL); + + for (tmp = servers; tmp; tmp = tmp->next) { + server = tmp->data; + + if (g_ascii_strncasecmp(server->tag, network, strlen(server->tag))) + return server; + } + + return NULL; +} + +/* + * Check if fingerprint is in an encrypted context. + * + * Return 1 if it does, else 0. + */ +static int check_fp_encrypted_msgstate(Fingerprint *fp) +{ + ConnContext *context; + + g_return_val_if_fail(fp != NULL, 0); + + /* Loop on all fingerprint's context(es). */ + for (context = fp->context; + context != NULL && context->m_context == fp->context; + context = context->next) { + if (context->msgstate == OTRL_MSGSTATE_ENCRYPTED && + context->active_fingerprint == fp) { + return 1; + } + } + + /* No state is encrypted. */ + return 0; +} + +/* + * Timer called from the glib main loop and set up by the timer_control + * callback of libotr. + */ +static gboolean timer_fired_cb(gpointer data) +{ + otrl_message_poll(user_state_global->otr_state, &otr_ops, NULL); + return TRUE; +} + +void otr_control_timer(unsigned int interval, void *opdata) +{ + if (otr_timerid) { + g_source_remove(otr_timerid); + otr_timerid = 0; + } + + if (interval > 0) { + otr_timerid = g_timeout_add_seconds(interval, timer_fired_cb, opdata); + } +} + +/* + * Is OTR debugging enabled or disabled? + */ +int otr_debug_get(void) +{ + return otr_debug; +} + +/* + * Toggle OTR debugging. + */ +void otr_debug_toggle(void) +{ + otr_debug = !otr_debug; +} + +/* + * Find context from nickname and irssi server record. + */ +ConnContext *otr_find_context(SERVER_REC *server, const char *nick, int create) +{ + ConnContext *ctx = NULL; + + g_return_val_if_fail(server != NULL, NULL); + g_return_val_if_fail(server->tag != NULL, NULL); + g_return_val_if_fail(nick != NULL, NULL); + + ctx = otrl_context_find(user_state_global->otr_state, nick, server->tag, + OTR_PROTOCOL_ID, OTRL_INSTAG_BEST, create, NULL, + add_peer_context_cb, server); + + return ctx; +} + +/* + * Create otr peer context. + */ +struct otr_peer_context *otr_create_peer_context(void) +{ + return g_new0(struct otr_peer_context, 1); +} + +/* + * Return a newly allocated OTR user state. + */ +struct otr_user_state *otr_init_user_state(void) +{ + struct otr_user_state *ous = NULL; + + ous = g_new0(struct otr_user_state, 1); + if (ous == NULL) { + return ous; + } + + ous->otr_state = otrl_userstate_create(); + + instag_load(ous); + + /* Load keys and fingerprints. */ + key_load(ous); + key_load_fingerprints(ous); + + return ous; +} + +/* + * Destroy otr user state. + */ +void otr_free_user_state(struct otr_user_state *ustate) +{ + if (ustate->otr_state) { + otrl_userstate_free(ustate->otr_state); + ustate->otr_state = NULL; + } + + g_free(ustate); +} + +/* + * init otr lib. + */ +void otr_lib_init() +{ + OTRL_INIT; +} + +/* + * deinit otr lib. + */ +void otr_lib_uninit() +{ +} + +/* + * Hand the given message to OTR. + * + * Return 0 if the message was successfully handled or else a negative value. + */ +int otr_send(SERVER_REC *server, const char *msg, const char *to, char **otr_msg) +{ + gcry_error_t err; + ConnContext *ctx = NULL; + + g_return_val_if_fail(server != NULL, -1); + g_return_val_if_fail(server->tag != NULL, -1); + + IRSSI_OTR_DEBUG("OTR: Sending message: %s", msg); + + err = otrl_message_sending(user_state_global->otr_state, &otr_ops, + server, server->tag, OTR_PROTOCOL_ID, to, OTRL_INSTAG_BEST, msg, NULL, otr_msg, + OTRL_FRAGMENT_SEND_ALL_BUT_LAST, &ctx, add_peer_context_cb, server); + if (err) { + g_warning("OTR: Send failed: %s", gcry_strerror(err)); + return -1; + } + + /* Add peer context to OTR context if none exists. */ + if (ctx && !ctx->app_data) { + add_peer_context_cb(server, ctx); + } + + return 0; +} + +/* + * List otr contexts to the main Irssi windows. + */ +void otr_contexts(struct otr_user_state *ustate) +{ + char human_fp[OTRL_PRIVKEY_FPRINT_HUMAN_LEN], *trust; + ConnContext *ctx, *c_iter; + Fingerprint *fp; + + g_return_if_fail(ustate != NULL); + + if (ustate->otr_state->context_root == NULL) { + printformat(NULL, NULL, MSGLEVEL_CLIENTERROR, TXT_OTR_CTX_MISSING); + return; + } + + printformat(NULL, NULL, MSGLEVEL_CLIENTCRAP, TXT_OTR_CTX_LIST_HEADER); + + /* Iterate over all contextes of the user state. */ + for (ctx = ustate->otr_state->context_root; ctx != NULL; ctx = ctx->next) { + OtrlMessageState best_mstate = OTRL_MSGSTATE_PLAINTEXT; + + /* Skip master context. */ + if (ctx != ctx->m_context) + continue; + + for (fp = ctx->fingerprint_root.next; fp != NULL; fp = fp->next) { + int used = 0; + char *username, *accountname; + + username = ctx->username; + accountname = ctx->accountname; + + for (c_iter = ctx->m_context; c_iter && c_iter->m_context == ctx->m_context; c_iter = c_iter->next) { + /* Print account name, username and msgstate. */ + if (c_iter->active_fingerprint == fp) { + used = 1; + + if (c_iter->msgstate == OTRL_MSGSTATE_ENCRYPTED) + best_mstate = OTRL_MSGSTATE_ENCRYPTED; + else if (c_iter->msgstate == OTRL_MSGSTATE_FINISHED && best_mstate == OTRL_MSGSTATE_PLAINTEXT) + best_mstate = OTRL_MSGSTATE_FINISHED; + } + } + + if (used) { + switch (best_mstate) { + case OTRL_MSGSTATE_ENCRYPTED: + printformat(NULL, NULL, MSGLEVEL_CLIENTCRAP, TXT_OTR_CTX_LIST_ENCRYPTED_LINE, accountname, username); + break; + case OTRL_MSGSTATE_PLAINTEXT: + printformat(NULL, NULL, MSGLEVEL_CLIENTCRAP, TXT_OTR_CTX_LIST_PLAINTEXT_LINE, accountname, username); + break; + case OTRL_MSGSTATE_FINISHED: + printformat(NULL, NULL, MSGLEVEL_CLIENTCRAP, TXT_OTR_CTX_LIST_FINISHED_LINE, accountname, username); + break; + default: + printformat(NULL, NULL, MSGLEVEL_CLIENTCRAP, TXT_OTR_CTX_LIST_UNKNOWN_LINE, accountname, username); + break; + }; + } else + printformat(NULL, NULL, MSGLEVEL_CLIENTCRAP, TXT_OTR_CTX_LIST_UNUSED_LINE, accountname, username); + + /* Hash fingerprint to human. */ + otrl_privkey_hash_to_human(human_fp, fp->fingerprint); + + trust = fp->trust; + if (trust && trust[0] != '\0') { + if (strncmp(trust, "smp", 3) == 0) + printformat(NULL, NULL, MSGLEVEL_CLIENTCRAP, TXT_OTR_CTX_LIST_SMP_LINE, human_fp); + else + printformat(NULL, NULL, MSGLEVEL_CLIENTCRAP, TXT_OTR_CTX_LIST_MANUAL_LINE, human_fp); + } else + printformat(NULL, NULL, MSGLEVEL_CLIENTCRAP, TXT_OTR_CTX_LIST_UNVERIFIED_LINE, human_fp); + } + } + + printformat(NULL, NULL, MSGLEVEL_CLIENTCRAP, TXT_OTR_CTX_LIST_FOOTER); +} + +/* + * Finish the conversation. + */ +void otr_finish(SERVER_REC *server, const char *nick) +{ + ConnContext *ctx; + + g_return_if_fail(server != NULL); + g_return_if_fail(nick != NULL); + + ctx = otr_find_context(server, nick, FALSE); + if (ctx == NULL) { + printformat(server, nick, MSGLEVEL_CRAP, TXT_OTR_SESSION_ALREADY_FINISHED); + return; + } + + otrl_message_disconnect(user_state_global->otr_state, &otr_ops, server, + ctx->accountname, OTR_PROTOCOL_ID, nick, ctx->their_instance); + + otr_status_change(server, nick, OTR_STATUS_FINISHED); + + printformat(server, nick, MSGLEVEL_CRAP, TXT_OTR_SESSION_FINISHING, nick); +} + +/* + * Finish all otr contexts. + */ +void otr_finishall(struct otr_user_state *ustate) +{ + ConnContext *context; + SERVER_REC *server; + + g_return_if_fail(ustate != NULL); + + for (context = ustate->otr_state->context_root; context; + context = context->next) { + /* Only finish encrypted session. */ + if (context->msgstate != OTRL_MSGSTATE_ENCRYPTED) { + continue; + } + + server = find_server_by_network(context->accountname); + if (server == NULL) { + IRSSI_OTR_DEBUG("Unable to find server window for account %s", context->accountname); + continue; + } + + otr_finish(server, context->username); + } +} + +/* + * Trust our peer. + */ +void otr_trust(SERVER_REC *server, const char *nick, char *str_fp, + struct otr_user_state *ustate) +{ + char peerfp[OTRL_PRIVKEY_FPRINT_HUMAN_LEN]; + struct otr_peer_context *opc; + ConnContext *ctx; + Fingerprint *fp_trust; + + g_return_if_fail(ustate != NULL); + + /* No human string fingerprint given. */ + if (*str_fp == '\0') { + ctx = otr_find_context(server, nick, FALSE); + if (ctx == NULL) { + return; + } + + opc = ctx->app_data; + /* Always NEED a peer context or else code error. */ + g_return_if_fail(opc != NULL); + + fp_trust = ctx->active_fingerprint; + } else { + fp_trust = otr_find_hash_fingerprint_from_human(str_fp, ustate); + } + + if (fp_trust != NULL) { + otrl_privkey_hash_to_human(peerfp, fp_trust->fingerprint); + + if (otrl_context_is_fingerprint_trusted(fp_trust)) { + printformat(server, nick, MSGLEVEL_CLIENTERROR, TXT_OTR_FP_ALREADY_TRUSTED, peerfp); + return; + } + + /* Trust level is manual at this point. */ + otrl_context_set_trust(fp_trust, "manual"); + key_write_fingerprints(ustate); + + otr_status_change(server, nick, OTR_STATUS_TRUST_MANUAL); + + printformat(server, nick, MSGLEVEL_CLIENTCRAP, TXT_OTR_FP_TRUSTED, peerfp); + } else + printformat(server, nick, MSGLEVEL_CLIENTERROR, TXT_OTR_FP_MISSING, str_fp); +} + +/* + * implements /otr authabort + */ +void otr_auth_abort(SERVER_REC *server, const char *nick) +{ + ConnContext *ctx; + + g_return_if_fail(server != NULL); + g_return_if_fail(nick != NULL); + + ctx = otr_find_context(server, nick, FALSE); + if (ctx == NULL) { + printformat(server, nick, MSGLEVEL_CLIENTERROR, TXT_OTR_CTX_NICK_MISSING, nick); + return; + } + + otrl_message_abort_smp(user_state_global->otr_state, &otr_ops, server, ctx); + otr_status_change(server, nick, OTR_STATUS_SMP_ABORT); + + if (ctx->smstate->nextExpected != OTRL_SMP_EXPECT1) + printformat(server, nick, MSGLEVEL_CLIENTCRAP, TXT_OTR_AUTH_ONGOING_ABORTED); + else + printformat(server, nick, MSGLEVEL_CLIENTCRAP, TXT_OTR_AUTH_ABORTED); +} + +/* + * Initiate or respond to SMP authentication. + */ +void otr_auth(SERVER_REC *server, const char *nick, const char *question, + const char *secret) +{ + int ret; + size_t secret_len = 0; + ConnContext *ctx; + struct otr_peer_context *opc; + + g_return_if_fail(server != NULL); + g_return_if_fail(nick != NULL); + + ctx = otr_find_context(server, nick, 0); + if (ctx == NULL) { + printformat(server, nick, MSGLEVEL_CLIENTERROR, TXT_OTR_CTX_NICK_MISSING, nick); + return; + } + + opc = ctx->app_data; + /* Again, code flow error. */ + g_return_if_fail(opc != NULL); + + if (ctx->msgstate != OTRL_MSGSTATE_ENCRYPTED) { + printformat(server, nick, MSGLEVEL_CLIENTERROR, TXT_OTR_SESSION_MISSING); + return; + } + + /* Aborting an ongoing auth */ + if (ctx->smstate->nextExpected != OTRL_SMP_EXPECT1) { + otr_auth_abort(server, nick); + } + + /* reset trust level */ + if (ctx->active_fingerprint) { + ret = otrl_context_is_fingerprint_trusted(ctx->active_fingerprint); + if (!ret) { + otrl_context_set_trust(ctx->active_fingerprint, ""); + key_write_fingerprints(user_state_global); + } + } + + /* Libotr allows empty secret. */ + if (secret) { + secret_len = strlen(secret); + } + + if (opc->ask_secret) { + otrl_message_respond_smp(user_state_global->otr_state, &otr_ops, + server, ctx, (unsigned char *) secret, secret_len); + otr_status_change(server, nick, OTR_STATUS_SMP_RESPONDED); + printformat(server, nick, MSGLEVEL_CLIENTCRAP, TXT_OTR_AUTH_RESPONSE); + } else { + if (question != NULL) + otrl_message_initiate_smp_q(user_state_global->otr_state, &otr_ops, server, ctx, question, (unsigned char *) secret, secret_len); + else + otrl_message_initiate_smp(user_state_global->otr_state, &otr_ops, server, ctx, (unsigned char *) secret, secret_len); + + otr_status_change(server, nick, OTR_STATUS_SMP_STARTED); + printformat(server, nick, MSGLEVEL_CLIENTCRAP, TXT_OTR_AUTH_INITIATED); + } + + opc->ask_secret = 0; +} + +/* + * For the given message we received through irssi, check if we need to queue + * it for the case where that message is part of a bigger OTR full message. + * This can happen with bitlbee for instance where OTR message are split in + * different PRIVMSG. + * + * This uses a "queue" in the peer context so it's it very important to have + * the peer context associated with the message (nickname + irssi object). + * + * Return an otr_msg_status code indicating the caller what to do with the msg. + * OTR_MSG_ERROR indicates an error probably memory related. OTR_MSG_WAIT_MORE + * tells the caller to NOT send out the message since we are waiting for more + * to complete the OTR original message. OTR_MSG_ORIGINAL tell the caller to + * simply use the original message. OTR_MSG_USE_QUEUE indicates that full_msg + * can be used containing the reconstructed message. The caller SHOULD free(3) + * this pointer after use. + */ +static enum otr_msg_status enqueue_otr_fragment(const char *msg, struct otr_peer_context *opc, char **full_msg) +{ + enum otr_msg_status ret; + size_t msg_len; + + g_return_val_if_fail(msg != NULL, OTR_MSG_ERROR); + g_return_val_if_fail(opc != NULL, OTR_MSG_ERROR); + + /* We are going to use it quite a bit so ease our life a bit. */ + msg_len = strlen(msg); + + if (opc->full_msg) { + if (msg_len > (opc->msg_size - opc->msg_len)) { + char *tmp_ptr; + + /* Realloc memory if there is not enough space. */ + tmp_ptr = realloc(opc->full_msg, opc->msg_size + msg_len + 1); + if (tmp_ptr == NULL) { + free(opc->full_msg); + opc->full_msg = NULL; + ret = OTR_MSG_ERROR; + return ret; + } + opc->full_msg = tmp_ptr; + opc->msg_size += msg_len + 1; + } + + /* Copy msg to full message since we already have a part pending. */ + strncpy(opc->full_msg + opc->msg_len, msg, msg_len); + opc->msg_len += msg_len; + opc->full_msg[opc->msg_len] = '\0'; + + IRSSI_OTR_DEBUG("Partial OTR message added to queue: %s", msg); + + /* + * Are we waiting for more? If the message ends with a ".", the + * transmission has ended else we have to wait for more. + */ + if (msg[msg_len - 1] != OTR_MSG_END_TAG) { + ret = OTR_MSG_WAIT_MORE; + return ret; + } + + /* + * Dup the string with enough space for the NULL byte since we are + * about to free it before passing it to the caller. + */ + *full_msg = strndup(opc->full_msg, opc->msg_len + 1); + /* Reset everything. */ + free(opc->full_msg); + opc->full_msg = NULL; + opc->msg_size = opc->msg_len = 0; + ret = OTR_MSG_USE_QUEUE; + return ret; + } else { + char *pos; + + /* + * Try to find the OTR message tag at the _beginning_of the packet and + * check if this packet is not the end with the end tag of OTR "." + */ + pos = strstr(msg, OTR_MSG_BEGIN_TAG); + if (pos && (pos == msg) && msg[msg_len - 1] != OTR_MSG_END_TAG) { + /* Allocate full message buffer with an extra for NULL byte. */ + opc->full_msg = g_new0(char, (msg_len * 2) + 1); + if (!opc->full_msg) { + ret = OTR_MSG_ERROR; + return ret; + } + /* Copy full message with NULL terminated byte. */ + strncpy(opc->full_msg, msg, msg_len); + opc->msg_len += msg_len; + opc->msg_size += ((msg_len * 2) + 1); + opc->full_msg[opc->msg_len] = '\0'; + ret = OTR_MSG_WAIT_MORE; + IRSSI_OTR_DEBUG("Partial OTR message begins the queue: %s", msg); + return ret; + } + + /* Use original message. */ + ret = OTR_MSG_ORIGINAL; + } + + return ret; +} + +/* + * Hand the given message to OTR. + * + * Returns 0 if its an OTR protocol message or else negative value. + */ +int otr_receive(SERVER_REC *server, const char *msg, const char *from, char **new_msg) +{ + int ret = -1; + char *full_msg = NULL; + const char *recv_msg = NULL; + OtrlTLV *tlvs; + ConnContext *ctx; + struct otr_peer_context *opc; + OtrlTLV *tlv = NULL; + + g_return_val_if_fail(server != NULL, -1); + g_return_val_if_fail(server->tag != NULL, -1); + + IRSSI_OTR_DEBUG("Receiving message: %s", msg); + + ctx = otr_find_context(server, from, 1); + if (ctx == NULL) { + return ret; + } + + /* Add peer context to OTR context if none exists */ + if (ctx->app_data == NULL) + add_peer_context_cb(server, ctx); + + opc = ctx->app_data; + g_return_val_if_fail(opc != NULL, -1); + + ret = enqueue_otr_fragment(msg, opc, &full_msg); + switch (ret) { + case OTR_MSG_ORIGINAL: + recv_msg = msg; + break; + case OTR_MSG_USE_QUEUE: + recv_msg = full_msg; + break; + case OTR_MSG_WAIT_MORE: + ret = 1; + g_free_not_null(full_msg); + return ret; + case OTR_MSG_ERROR: + ret = -1; + g_free_not_null(full_msg); + return ret; + } + + ret = otrl_message_receiving(user_state_global->otr_state, + &otr_ops, server, server->tag, OTR_PROTOCOL_ID, from, recv_msg, new_msg, + &tlvs, &ctx, add_peer_context_cb, server); + if (ret) { + IRSSI_OTR_DEBUG("Ignoring message of length %d from %s to %s.\n%s", strlen(msg), from, server->tag, msg); + } else { + if (*new_msg) { + IRSSI_OTR_DEBUG("Converted received message."); + } + } + + /* Check for disconnected message */ + tlv = otrl_tlv_find(tlvs, OTRL_TLV_DISCONNECTED); + if (tlv != NULL) { + otr_status_change(server, from, OTR_STATUS_PEER_FINISHED); + printformat(server, from, MSGLEVEL_CLIENTCRAP, TXT_OTR_SESSION_FINISHED, from); + } + + otrl_tlv_free(tlvs); + + IRSSI_OTR_DEBUG("Message received."); + + g_free_not_null(full_msg); + + return ret; +} + +/* + * Get the OTR status of this conversation. + */ +enum otr_status_format otr_get_status_format(SERVER_REC *server, const char *nick) +{ + int ret; + enum otr_status_format code; + ConnContext *ctx = NULL; + + g_return_val_if_fail(server != NULL, TXT_OTR_STB_UNKNOWN); + + ctx = otr_find_context(server, nick, FALSE); + if (ctx == NULL) { + code = TXT_OTR_STB_PLAINTEXT; + return code; + } + + switch (ctx->msgstate) { + case OTRL_MSGSTATE_PLAINTEXT: + code = TXT_OTR_STB_PLAINTEXT; + break; + case OTRL_MSGSTATE_ENCRYPTED: + /* Begin by checking trust. */ + ret = otrl_context_is_fingerprint_trusted(ctx->active_fingerprint); + if (ret) { + code = TXT_OTR_STB_TRUST; + } else { + code = TXT_OTR_STB_UNTRUSTED; + } + break; + case OTRL_MSGSTATE_FINISHED: + code = TXT_OTR_STB_FINISHED; + break; + default: + g_warning("BUG! Invalid msgstate: %d", ctx->msgstate); + code = TXT_OTR_STB_UNKNOWN; + break; + } + + if (ctx) { + IRSSI_OTR_DEBUG("Code: %d, state: %d, sm_prog_state: %d, auth state: %d", + code, ctx->msgstate, ctx->smstate->sm_prog_state, + ctx->auth.authstate); + } + return code; +} + +/* + * Change status bar text for a given nickname. + */ +void otr_status_change(SERVER_REC *server, const char *nick, + enum otr_status_event event) +{ + statusbar_items_redraw("otr"); + signal_emit("otr event", 3, server, nick, statusbar_txt[event]); +} + +/* + * Search for a OTR Fingerprint object from the given human readable string and + * return a pointer to the object if found else NULL. + */ +Fingerprint *otr_find_hash_fingerprint_from_human(const char *human_fp, struct otr_user_state *ustate) +{ + char str_fp[OTRL_PRIVKEY_FPRINT_HUMAN_LEN]; + Fingerprint *fp = NULL, *fp_iter = NULL; + ConnContext *context; + + /* Loop on all context of the user state */ + for (context = ustate->otr_state->context_root; context != NULL; + context = context->next) { + /* Loop on all fingerprint of the context */ + for (fp_iter = context->fingerprint_root.next; fp_iter; + fp_iter = fp_iter->next) { + otrl_privkey_hash_to_human(str_fp, fp_iter->fingerprint); + /* Compare human fingerprint given in argument to the current. */ + if (strncmp(str_fp, human_fp, sizeof(str_fp)) == 0) { + fp = otrl_context_find_fingerprint(context, + fp_iter->fingerprint, 0, NULL); + return fp; + } + } + } + + return fp; +} + +/* + * Forget a fingerprint. + * + * If str_fp is not NULL, it must be on the OTR human format like this: + * "487FFADA 5073FEDD C5AB5C14 5BB6C1FF 6D40D48A". If str_fp is NULL, get the + * context of the target nickname, check for the OTR peer context active + * fingerprint and forget this one if possible. + */ +void otr_forget(SERVER_REC *server, const char *nick, char *str_fp, struct otr_user_state *ustate) +{ + char fp[OTRL_PRIVKEY_FPRINT_HUMAN_LEN]; + Fingerprint *fp_forget; + ConnContext *ctx = NULL; + struct otr_peer_context *opc; + + /* No human string fingerprint given. */ + if (*str_fp == '\0') { + ctx = otr_find_context(server, nick, FALSE); + if (ctx == NULL) { + return; + } + + opc = ctx->app_data; + /* Always NEED a peer context or else code error. */ + g_return_if_fail(opc != NULL); + + fp_forget = opc->active_fingerprint; + } else { + fp_forget = otr_find_hash_fingerprint_from_human(str_fp, ustate); + } + + if (fp_forget) { + /* Don't do anything if context is in encrypted state. */ + if (check_fp_encrypted_msgstate(fp_forget)) { + printformat(server, nick, MSGLEVEL_CLIENTCRAP, TXT_OTR_FP_CTX_ENCRYPTED); + return; + } + + otrl_privkey_hash_to_human(fp, fp_forget->fingerprint); + /* Forget fp and context if it's the only one remaining. */ + otrl_context_forget_fingerprint(fp_forget, 1); + /* Update fingerprints file. */ + key_write_fingerprints(ustate); + printformat(server, nick, MSGLEVEL_CLIENTCRAP, TXT_OTR_FP_FORGOTTEN, fp); + } else + printformat(server, nick, MSGLEVEL_CLIENTERROR, TXT_OTR_FP_MISSING, str_fp); +} + +/* + * Distrust a fingerprint. + * + * If str_fp is not NULL, it must be on the OTR human format like this: + * "487FFADA 5073FEDD C5AB5C14 5BB6C1FF 6D40D48A". If str_fp is NULL, get the + * context of the target nickname, check for the OTR peer context active + * fingerprint and distrust it. + */ +void otr_distrust(SERVER_REC *server, const char *nick, char *str_fp, + struct otr_user_state *ustate) +{ + char fp[OTRL_PRIVKEY_FPRINT_HUMAN_LEN]; + Fingerprint *fp_distrust; + ConnContext *ctx; + struct otr_peer_context *opc; + + /* No human string fingerprint given. */ + if (*str_fp == '\0') { + ctx = otr_find_context(server, nick, FALSE); + if (ctx == NULL) { + return; + } + + opc = ctx->app_data; + /* Always NEED a peer context or else code error. */ + g_return_if_fail(opc != NULL); + + fp_distrust = opc->active_fingerprint; + } else + fp_distrust = otr_find_hash_fingerprint_from_human(str_fp, ustate); + + if (fp_distrust != NULL) { + otrl_privkey_hash_to_human(fp, fp_distrust->fingerprint); + + if (!otrl_context_is_fingerprint_trusted(fp_distrust)) { + /* Fingerprint already not trusted. Do nothing. */ + printformat(server, nick, MSGLEVEL_CLIENTERROR, TXT_OTR_FP_ALREADY_DISTRUSED, fp); + return; + } + + otrl_context_set_trust(fp_distrust, ""); + + /* Update fingerprints file. */ + key_write_fingerprints(ustate); + printformat(server, nick, MSGLEVEL_CLIENTCRAP, TXT_OTR_FP_DISTRUSTED, fp); + } else + printformat(server, nick, MSGLEVEL_CLIENTERROR, TXT_OTR_FP_MISSING, str_fp); +} diff --git a/src/otr/otr.h b/src/otr/otr.h new file mode 100644 index 00000000..60a08184 --- /dev/null +++ b/src/otr/otr.h @@ -0,0 +1,170 @@ +/* + * Off-the-Record Messaging (OTR) modules for IRC + * + * Copyright (C) 2008 - Uli Meis <a.sporto+bee@gmail.com> + * 2012 - David Goulet <dgoulet@ev0ke.net> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 2 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., 51 + * Franklin Street, Fifth Floor, Boston, MA 02110-1301,USA + */ + +#ifndef IRSSI_OTR_OTR_H +#define IRSSI_OTR_OTR_H + +/* Libotr */ +#include <libotr/proto.h> +#include <libotr/message.h> +#include <libotr/context.h> +#include <libotr/privkey.h> + +#include "common.h" +#include "servers.h" + +/* irssi module name */ +#define MODULE_NAME "otr/core" + +/* + * XXX: Maybe this should be configurable? + */ +#define OTR_MAX_MSG_SIZE 400 + +/* OTR protocol id */ +#define OTR_PROTOCOL_ID "IRC" + +#define OTR_DIR "otr" +#define OTR_KEYFILE OTR_DIR "/otr.key" +#define OTR_FINGERPRINTS_FILE OTR_DIR "/otr.fp" +#define OTR_INSTAG_FILE OTR_DIR "/otr.instag" + +/* + * Specified in OTR protocol version 3. See: + * http://www.cypherpunks.ca/otr/Protocol-v3-4.0.0.html + */ +#define OTR_MSG_BEGIN_TAG "?OTR:" +#define OTR_MSG_END_TAG '.' + +/* IRC /me command marker and len. */ +#define OTR_IRC_MARKER_ME "/me " +#define OTR_IRC_MARKER_ME_LEN sizeof(OTR_IRC_MARKER_ME) - 1 + +/* Irssi otr user state */ +struct otr_user_state { + OtrlUserState otr_state; +}; + +/* + * Peer OTR internal context. + */ +struct otr_peer_context { + /* The SMP event status. Used for the Irssi status bar. */ + OtrlSMPEvent smp_event; + /* Did the SMP secret was asked so are we in a responder state? */ + unsigned int ask_secret; + /* + * The fingerprint of the private message OTR session. This is useful for + * the forget command for which we can recover the fingerprint + * automatically. + */ + Fingerprint *active_fingerprint; + /* + * If needed, used to reconstruct the full message from fragmentation. + * Bitlbee for instance does that where we receive a *long* OTR message + * split in multiple PRIVMSG so we need to reconstruct it. + */ + char *full_msg; + /* Size of full_msg. Note this is the allocated memory size. */ + size_t msg_size; + /* Len of the actual string in full_msg NOT counting the NULL byte. */ + size_t msg_len; +}; + +/* given to otr_status_change */ +enum otr_status_event { + OTR_STATUS_FINISHED, + OTR_STATUS_TRUST_MANUAL, + OTR_STATUS_TRUST_SMP, + OTR_STATUS_SMP_ABORT, + OTR_STATUS_SMP_STARTED, + OTR_STATUS_SMP_RESPONDED, + OTR_STATUS_SMP_INCOMING, + OTR_STATUS_SMP_FINALIZE, + OTR_STATUS_SMP_ABORTED, + OTR_STATUS_PEER_FINISHED, + OTR_STATUS_SMP_FAILED, + OTR_STATUS_SMP_SUCCESS, + OTR_STATUS_GONE_SECURE, + OTR_STATUS_GONE_INSECURE, + OTR_STATUS_CTX_UPDATE +}; + +enum otr_msg_status { + OTR_MSG_ORIGINAL = 1, + OTR_MSG_WAIT_MORE = 2, + OTR_MSG_USE_QUEUE = 3, + OTR_MSG_ERROR = 4, +}; + +/* there can be only one */ +extern struct otr_user_state *user_state_global; + +/* Libotr ops functions */ +extern OtrlMessageAppOps otr_ops; + +int otr_debug_get(void); +void otr_debug_toggle(void); + +void otr_send_message(SERVER_REC *irssi, const char *recipient, + const char *message); +void otr_status_change(SERVER_REC *irssi, const char *nick, + enum otr_status_event event); + +/* init stuff */ + +struct otr_user_state *otr_init_user_state(void); +void otr_free_user_state(struct otr_user_state *ustate); + +void otr_lib_init(); +void otr_lib_uninit(); + +void otr_control_timer(unsigned int interval, void *opdata); + +/* Message transport. */ +int otr_send(SERVER_REC *irssi, const char *msg, const char *to, + char **otr_msg); +int otr_receive(SERVER_REC *irssi, const char *msg, + const char *from, char **new_msg); + +/* User interaction */ +void otr_finish(SERVER_REC *irssi, const char *nick); +void otr_auth(SERVER_REC *irssi, const char *nick, const char *question, + const char *secret); +void otr_auth_abort(SERVER_REC *irssi, const char *nick); +void otr_contexts(struct otr_user_state *ustate); +void otr_finishall(struct otr_user_state *ustate); +void otr_forget(SERVER_REC *irssi, const char *nick, char *str_fp, + struct otr_user_state *ustate); +void otr_distrust(SERVER_REC *irssi, const char *nick, char *str_fp, + struct otr_user_state *ustate); +void otr_trust(SERVER_REC *irssi, const char *nick, char *str_fp, + struct otr_user_state *ustate); + +enum otr_status_format otr_get_status_format(SERVER_REC *irssi, + const char *nick); + +struct otr_peer_context *otr_create_peer_context(void); +ConnContext *otr_find_context(SERVER_REC *irssi, const char *nick, int create); +Fingerprint *otr_find_hash_fingerprint_from_human(const char *human_fp, + struct otr_user_state *ustate); + +#endif /* IRSSI_OTR_OTR_H */ |