diff options
-rw-r--r-- | src/core/network-openssl.c | 23 | ||||
-rw-r--r-- | src/core/network.h | 2 | ||||
-rw-r--r-- | src/core/servers.c | 4 |
3 files changed, 17 insertions, 12 deletions
diff --git a/src/core/network-openssl.c b/src/core/network-openssl.c index f80083c8..35687473 100644 --- a/src/core/network-openssl.c +++ b/src/core/network-openssl.c @@ -21,6 +21,7 @@ #include "module.h" #include "network.h" #include "misc.h" +#include "servers.h" #ifdef HAVE_OPENSSL @@ -45,7 +46,7 @@ typedef struct SSL *ssl; SSL_CTX *ctx; unsigned int verify:1; - const char *hostname; + SERVER_REC *server; int port; } GIOSSLChannel; @@ -428,7 +429,7 @@ static gboolean irssi_ssl_init(void) } -static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostname, int port, const char *mycert, const char *mypkey, const char *cafile, const char *capath, gboolean verify) +static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, int port, SERVER_REC *server) { GIOSSLChannel *chan; GIOChannel *gchan; @@ -436,6 +437,12 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostn SSL *ssl; SSL_CTX *ctx = NULL; + const char *mycert = server->connrec->ssl_cert; + const char *mypkey = server->connrec->ssl_pkey; + const char *cafile = server->connrec->ssl_cafile; + const char *capath = server->connrec->ssl_capath; + gboolean verify = server->connrec->ssl_verify; + g_return_val_if_fail(handle != NULL, NULL); if(!ssl_inited && !irssi_ssl_init()) @@ -511,9 +518,9 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostn chan->giochan = handle; chan->ssl = ssl; chan->ctx = ctx; - chan->verify = verify; - chan->hostname = hostname; + chan->server = server; chan->port = port; + chan->verify = verify; gchan = (GIOChannel *)chan; gchan->funcs = &irssi_ssl_channel_funcs; @@ -524,14 +531,14 @@ static GIOChannel *irssi_ssl_get_iochannel(GIOChannel *handle, const char *hostn return gchan; } -GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, const char* hostname, IPADDR *my_ip, const char *cert, const char *pkey, const char *cafile, const char *capath, gboolean verify) +GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, IPADDR *my_ip, SERVER_REC *server) { GIOChannel *handle, *ssl_handle; handle = net_connect_ip(ip, port, my_ip); if (handle == NULL) return NULL; - ssl_handle = irssi_ssl_get_iochannel(handle, hostname, port, cert, pkey, cafile, capath, verify); + ssl_handle = irssi_ssl_get_iochannel(handle, port, server); if (ssl_handle == NULL) g_io_channel_unref(handle); return ssl_handle; @@ -573,14 +580,14 @@ int irssi_ssl_handshake(GIOChannel *handle) g_warning("SSL server supplied no certificate"); return -1; } - ret = !chan->verify || irssi_ssl_verify(chan->ssl, chan->ctx, chan->hostname, chan->port, cert); + ret = !chan->verify || irssi_ssl_verify(chan->ssl, chan->ctx, chan->server->connrec->address, chan->port, cert); X509_free(cert); return ret ? 0 : -1; } #else /* HAVE_OPENSSL */ -GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, const char* hostname, IPADDR *my_ip, const char *cert, const char *pkey, const char *cafile, const char *capath, gboolean verify) +GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, IPADDR *my_ip, SERVER_REC *server) { g_warning("Connection failed: SSL support not enabled in this build."); errno = ENOSYS; diff --git a/src/core/network.h b/src/core/network.h index 142a1793..fa7e9675 100644 --- a/src/core/network.h +++ b/src/core/network.h @@ -49,7 +49,7 @@ int net_ip_compare(IPADDR *ip1, IPADDR *ip2); /* Connect to socket */ GIOChannel *net_connect(const char *addr, int port, IPADDR *my_ip); /* Connect to socket with ip address and SSL*/ -GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, const char* hostname, IPADDR *my_ip, const char *cert, const char *pkey, const char *cafile, const char *capath, gboolean verify); +GIOChannel *net_connect_ip_ssl(IPADDR *ip, int port, IPADDR *my_ip, SERVER_REC *server); int irssi_ssl_handshake(GIOChannel *handle); /* Connect to socket with ip address */ GIOChannel *net_connect_ip(IPADDR *ip, int port, IPADDR *my_ip); diff --git a/src/core/servers.c b/src/core/servers.c index d4827b61..d0e6bb7e 100644 --- a/src/core/servers.c +++ b/src/core/servers.c @@ -224,9 +224,7 @@ static void server_real_connect(SERVER_REC *server, IPADDR *ip, port = server->connrec->proxy != NULL ? server->connrec->proxy_port : server->connrec->port; handle = server->connrec->use_ssl ? - net_connect_ip_ssl(ip, port, server->connrec->address, own_ip, server->connrec->ssl_cert, server->connrec->ssl_pkey, -server->connrec->ssl_cafile, server->connrec->ssl_capath, server->connrec->ssl_verify) : - net_connect_ip(ip, port, own_ip); + net_connect_ip_ssl(ip, port, own_ip, server) : net_connect_ip(ip, port, own_ip); } else { handle = net_connect_unix(unix_socket); } |