diff options
| author | Sebastien Helleu <flashcode@flashtux.org> | 2009-03-27 16:48:58 +0100 |
|---|---|---|
| committer | Sebastien Helleu <flashcode@flashtux.org> | 2009-03-27 16:48:58 +0100 |
| commit | 540756bf5446f30b66b716027b4f8550a462f4fc (patch) | |
| tree | 4ab8124a532d498eaba1985ba9642d77542ba87c /src/core | |
| parent | 6e7b62be9723205cb4f7dc69966ed80ed7119dd6 (diff) | |
| download | weechat-540756bf5446f30b66b716027b4f8550a462f4fc.zip | |
Fix SSL connection to some IRC servers using Diffie Hellman and small exchange keys (bug #25996)
Diffstat (limited to 'src/core')
| -rw-r--r-- | src/core/wee-config.c | 56 | ||||
| -rw-r--r-- | src/core/wee-config.h | 2 | ||||
| -rw-r--r-- | src/core/wee-hook.h | 1 | ||||
| -rw-r--r-- | src/core/wee-network.c | 11 |
4 files changed, 63 insertions, 7 deletions
diff --git a/src/core/wee-config.c b/src/core/wee-config.c index 7d6b727bd..b5fd829e4 100644 --- a/src/core/wee-config.c +++ b/src/core/wee-config.c @@ -159,6 +159,10 @@ struct t_config_option *config_history_max_lines; struct t_config_option *config_history_max_commands; struct t_config_option *config_history_display_default; +/* config, network section */ + +struct t_config_option *config_network_gnutls_dh_prime_bits; + /* config, plugin section */ struct t_config_option *config_plugin_autoload; @@ -978,12 +982,12 @@ config_weechat_key_write_cb (void *data, struct t_config_file *config_file, } /* - * config_weechat_init: init WeeChat config structure - * return: 1 if ok, 0 if error + * config_weechat_init_options: init WeeChat config structure (all core options) + * return: 1 if ok, 0 if error */ int -config_weechat_init () +config_weechat_init_options () { struct t_config_section *ptr_section; @@ -1680,6 +1684,24 @@ config_weechat_init () } weechat_config_section_proxy = ptr_section; + + /* network */ + ptr_section = config_file_new_section (weechat_config_file, "network", + 0, 0, + NULL, NULL, NULL, NULL, NULL, NULL, + NULL, NULL, NULL, NULL); + if (!ptr_section) + { + config_file_free (weechat_config_file); + return 0; + } + + config_network_gnutls_dh_prime_bits = config_file_new_option ( + weechat_config_file, ptr_section, + "gnutls_dh_prime_bitsmax_lines", "integer", + N_("minimum size in bits for handshake using Diffie Hellman key " + "exchange"), + NULL, 0, INT_MAX, "512", NULL, 0, NULL, NULL, NULL, NULL, NULL, NULL); /* plugin */ ptr_section = config_file_new_section (weechat_config_file, "plugin", @@ -1786,6 +1808,27 @@ config_weechat_init () } /* + * config_weechat_init: init WeeChat config structure + * return: 1 if ok, 0 if error + */ + +int +config_weechat_init () +{ + int rc; + + rc = config_weechat_init_options (); + + if (!rc) + { + gui_chat_printf (NULL, + _("FATAL: error initializing configuration options")); + } + + return rc; +} + +/* * config_weechat_read: read WeeChat configuration file * return one of these values: * WEECHAT_CONFIG_READ_OK @@ -1806,6 +1849,13 @@ config_weechat_read () gui_bar_use_temp_bars (); gui_bar_create_default (); } + + if (rc != WEECHAT_CONFIG_READ_OK) + { + gui_chat_printf (NULL, + _("%sError reading configuration"), + gui_chat_prefix[GUI_CHAT_PREFIX_ERROR]); + } return rc; } diff --git a/src/core/wee-config.h b/src/core/wee-config.h index 17314d806..bcefc2143 100644 --- a/src/core/wee-config.h +++ b/src/core/wee-config.h @@ -159,6 +159,8 @@ extern struct t_config_option *config_history_max_lines; extern struct t_config_option *config_history_max_commands; extern struct t_config_option *config_history_display_default; +extern struct t_config_option *config_network_gnutls_dh_prime_bits; + extern struct t_config_option *config_plugin_autoload; extern struct t_config_option *config_plugin_debug; extern struct t_config_option *config_plugin_extension; diff --git a/src/core/wee-hook.h b/src/core/wee-hook.h index 68f6d8800..fb6aa0010 100644 --- a/src/core/wee-hook.h +++ b/src/core/wee-hook.h @@ -167,6 +167,7 @@ struct t_hook_process /* hook connect */ typedef int (t_hook_callback_connect)(void *data, int status, + const char *error, const char *ip_address); struct t_hook_connect diff --git a/src/core/wee-network.c b/src/core/wee-network.c index d3468ab49..15d7bbb8c 100644 --- a/src/core/wee-network.c +++ b/src/core/wee-network.c @@ -804,6 +804,8 @@ network_connect_child_read_cb (void *arg_hook_connect, int fd) { gnutls_transport_set_ptr (*HOOK_CONNECT(hook_connect, gnutls_sess), (gnutls_transport_ptr) ((unsigned long) HOOK_CONNECT(hook_connect, sock))); + gnutls_dh_set_prime_bits (*HOOK_CONNECT(hook_connect, gnutls_sess), + CONFIG_INTEGER(config_network_gnutls_dh_prime_bits)); while (1) { rc = gnutls_handshake (*HOOK_CONNECT(hook_connect, gnutls_sess)); @@ -817,6 +819,7 @@ network_connect_child_read_cb (void *arg_hook_connect, int fd) (void) (HOOK_CONNECT(hook_connect, callback)) (hook_connect->callback_data, WEECHAT_HOOK_CONNECT_GNUTLS_HANDSHAKE_ERROR, + gnutls_strerror (rc), ip_address); unhook (hook_connect); if (ip_address) @@ -827,7 +830,7 @@ network_connect_child_read_cb (void *arg_hook_connect, int fd) #endif } (void) (HOOK_CONNECT(hook_connect, callback)) - (hook_connect->callback_data, buffer[0] - '0', ip_address); + (hook_connect->callback_data, buffer[0] - '0', NULL, ip_address); unhook (hook_connect); } @@ -858,7 +861,7 @@ network_connect_with_fork (struct t_hook *hook_connect) (void) (HOOK_CONNECT(hook_connect, callback)) (hook_connect->callback_data, '0' + WEECHAT_HOOK_CONNECT_GNUTLS_INIT_ERROR, - NULL); + NULL, NULL); unhook (hook_connect); return; } @@ -881,7 +884,7 @@ network_connect_with_fork (struct t_hook *hook_connect) (void) (HOOK_CONNECT(hook_connect, callback)) (hook_connect->callback_data, '0' + WEECHAT_HOOK_CONNECT_MEMORY_ERROR, - NULL); + NULL, NULL); unhook (hook_connect); return; } @@ -903,7 +906,7 @@ network_connect_with_fork (struct t_hook *hook_connect) (void) (HOOK_CONNECT(hook_connect, callback)) (hook_connect->callback_data, '0' + WEECHAT_HOOK_CONNECT_MEMORY_ERROR, - NULL); + NULL, NULL); unhook (hook_connect); return; /* child process */ |