summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/core/network-openssl.c23
-rw-r--r--src/core/network.h2
-rw-r--r--src/core/servers.c4
3 files changed, 17 insertions, 12 deletions
diff --git a/src/core/network-openssl.c b/src/core/network-openssl.c
index f80083c8..35687473 100644
--- a/src/core/network-openssl.c
+++ b/src/core/network-openssl.c
@@ -21,6 +21,7 @@
#include "module.h"
#include "network.h"
#include "misc.h"
+#include "servers.h"
#ifdef HAVE_OPENSSL
@@ -45,7 +46,7 @@ typedef struct
SSL *ssl;
SSL_CTX *ctx;
unsigned int verify:1;
- const char *hostname;
+ SERVER_REC *server;
int port;
} GIOSSLChannel;
@@ -428,7 +429,7 @@ static gboolean irssi_ssl_init(void)
}
-static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostname, int port, const char *mycert, const char *mypkey, const char *cafile, const char *capath, gboolean verify)
+static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, int port, SERVER_REC *server)
{
GIOSSLChannel *chan;
GIOChannel *gchan;
@@ -436,6 +437,12 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostn
SSL *ssl;
SSL_CTX *ctx = NULL;
+ const char *mycert = server->connrec->ssl_cert;
+ const char *mypkey = server->connrec->ssl_pkey;
+ const char *cafile = server->connrec->ssl_cafile;
+ const char *capath = server->connrec->ssl_capath;
+ gboolean verify = server->connrec->ssl_verify;
+
g_return_val_if_fail(handle != NULL, NULL);
if(!ssl_inited && !irssi_ssl_init())
@@ -511,9 +518,9 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostn
chan->giochan = handle;
chan->ssl = ssl;
chan->ctx = ctx;
- chan->verify = verify;
- chan->hostname = hostname;
+ chan->server = server;
chan->port = port;
+ chan->verify = verify;
gchan = (GIOChannel *)chan;
gchan->funcs = &irssi_ssl_channel_funcs;
@@ -524,14 +531,14 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostn
return gchan;
}
-GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, const char* hostname, IPADDR *my_ip, const char *cert, const char *pkey, const char *cafile, const char *capath, gboolean verify)
+GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, IPADDR *my_ip, SERVER_REC *server)
{
GIOChannel *handle, *ssl_handle;
handle = net_connect_ip(ip, port, my_ip);
if (handle == NULL)
return NULL;
- ssl_handle = irssi_ssl_get_iochannel(handle, hostname, port, cert, pkey, cafile, capath, verify);
+ ssl_handle = irssi_ssl_get_iochannel(handle, port, server);
if (ssl_handle == NULL)
g_io_channel_unref(handle);
return ssl_handle;
@@ -573,14 +580,14 @@ int irssi_ssl_handshake(GIOChannel *handle)
g_warning("SSL server supplied no certificate");
return -1;
}
- ret = !chan->verify || irssi_ssl_verify(chan->ssl, chan->ctx, chan->hostname, chan->port, cert);
+ ret = !chan->verify || irssi_ssl_verify(chan->ssl, chan->ctx, chan->server->connrec->address, chan->port, cert);
X509_free(cert);
return ret ? 0 : -1;
}
#else /* HAVE_OPENSSL */
-GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, const char* hostname, IPADDR *my_ip, const char *cert, const char *pkey, const char *cafile, const char *capath, gboolean verify)
+GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, IPADDR *my_ip, SERVER_REC *server)
{
g_warning("Connection failed: SSL support not enabled in this build.");
errno = ENOSYS;
diff --git a/src/core/network.h b/src/core/network.h
index 142a1793..fa7e9675 100644
--- a/src/core/network.h
+++ b/src/core/network.h
@@ -49,7 +49,7 @@ int net_ip_compare(IPADDR *ip1, IPADDR *ip2);
/* Connect to socket */
GIOChannel *net_connect(const char *addr, int port, IPADDR *my_ip);
/* Connect to socket with ip address and SSL*/
-GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, const char* hostname, IPADDR *my_ip, const char *cert, const char *pkey, const char *cafile, const char *capath, gboolean verify);
+GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, IPADDR *my_ip, SERVER_REC *server);
int irssi_ssl_handshake(GIOChannel *handle);
/* Connect to socket with ip address */
GIOChannel *net_connect_ip(IPADDR *ip, int port, IPADDR *my_ip);
diff --git a/src/core/servers.c b/src/core/servers.c
index d4827b61..d0e6bb7e 100644
--- a/src/core/servers.c
+++ b/src/core/servers.c
@@ -224,9 +224,7 @@ static void server_real_connect(SERVER_REC *server, IPADDR *ip,
port = server->connrec->proxy != NULL ?
server->connrec->proxy_port : server->connrec->port;
handle = server->connrec->use_ssl ?
- net_connect_ip_ssl(ip, port, server->connrec->address, own_ip, server->connrec->ssl_cert, server->connrec->ssl_pkey,
-server->connrec->ssl_cafile, server->connrec->ssl_capath, server->connrec->ssl_verify) :
- net_connect_ip(ip, port, own_ip);
+ net_connect_ip_ssl(ip, port, own_ip, server) : net_connect_ip(ip, port, own_ip);
} else {
handle = net_connect_unix(unix_socket);
}