Fix crash with SSL connection to IRC server if option ssl_cert is set (bug #28752)

author: Sebastien Helleu <flashcode@flashtux.org> 2010-01-29 12:41:05 +0100
committer: Sebastien Helleu <flashcode@flashtux.org> 2010-01-29 12:41:05 +0100
commit: 930285e4895ea0793e5152c8c40691a671c1e2fb (patch)
tree: 7ab9558c9f770f60948b6ee894fe4f0a45b1e471 /src/plugins
parent: e23aed51a17f8c5bf0c7167013e8c7a6ad7c938a (diff)
download: weechat-930285e4895ea0793e5152c8c40691a671c1e2fb.zip
2 files changed, 20 insertions, 12 deletions
diff --git a/src/plugins/irc/irc-server.c b/src/plugins/irc/irc-server.c
index 06f6ddf99..1ea4dabf1 100644
--- a/src/plugins/irc/irc-server.c
+++ b/src/plugins/irc/irc-server.c
@@ -2222,8 +2222,6 @@ irc_server_gnutls_callback (void *data, gnutls_session_t tls_session,
 {
     struct t_irc_server *server;
     gnutls_retr_st tls_struct;
-    gnutls_x509_crt_t tls_cert;
-    gnutls_x509_privkey_t tls_cert_key;
     gnutls_x509_crt_t cert_temp;
     const gnutls_datum_t *cert_list;
     gnutls_datum_t filedatum;
@@ -2363,7 +2361,8 @@ irc_server_gnutls_callback (void *data, gnutls_session_t tls_session,
     }
     
     /* using client certificate if it exists */
-    cert_path0 = (char *) IRC_SERVER_OPTION_STRING(server, IRC_SERVER_OPTION_SSL_CERT);
+    cert_path0 = (char *) IRC_SERVER_OPTION_STRING(server,
+                                                   IRC_SERVER_OPTION_SSL_CERT);
     if (cert_path0 && cert_path0[0])
     {
         weechat_dir = weechat_info_get ("weechat_dir", "");
@@ -2383,29 +2382,36 @@ irc_server_gnutls_callback (void *data, gnutls_session_t tls_session,
                 filedatum.size = strlen (cert_str);
                 
                 /* certificate */
-                gnutls_x509_crt_init (&tls_cert);
-                gnutls_x509_crt_import (tls_cert, &filedatum, GNUTLS_X509_FMT_PEM);
+                gnutls_x509_crt_init (&server->tls_cert);
+                gnutls_x509_crt_import (server->tls_cert, &filedatum,
+                                        GNUTLS_X509_FMT_PEM);
                 
                 /* key */
-                gnutls_x509_privkey_init (&tls_cert_key);
-                gnutls_x509_privkey_import (tls_cert_key, &filedatum, GNUTLS_X509_FMT_PEM);
+                gnutls_x509_privkey_init (&server->tls_cert_key);
+                gnutls_x509_privkey_import (server->tls_cert_key, &filedatum,
+                                            GNUTLS_X509_FMT_PEM);
                 
                 tls_struct.type = GNUTLS_CRT_X509;
                 tls_struct.ncerts = 1;
                 tls_struct.deinit_all = 0;
-                tls_struct.cert.x509 = &tls_cert;
-                tls_struct.key.x509 = tls_cert_key;
+                tls_struct.cert.x509 = &server->tls_cert;
+                tls_struct.key.x509 = server->tls_cert_key;
 #if LIBGNUTLS_VERSION_NUMBER >= 0x010706
                 /* client certificate info */
 #if LIBGNUTLS_VERSION_NUMBER < 0x020400
-                rinfo = gnutls_x509_crt_print (cert_temp, GNUTLS_X509_CRT_ONELINE, &cinfo);
+                rinfo = gnutls_x509_crt_print (cert_temp,
+                                               GNUTLS_X509_CRT_ONELINE,
+                                               &cinfo);
 #else
-                rinfo = gnutls_x509_crt_print (cert_temp, GNUTLS_CRT_PRINT_ONELINE, &cinfo);
+                rinfo = gnutls_x509_crt_print (cert_temp,
+                                               GNUTLS_CRT_PRINT_ONELINE,
+                                               &cinfo);
 #endif
                 if (rinfo == 0)
                 {
                     weechat_printf (server->buffer,
-                                    _(" - client certificate info (%s):"), cert_path2);
+                                    _(" - client certificate info (%s):"),
+                                    cert_path2);
                     weechat_printf (server->buffer, "  - %s", cinfo.data);
                     gnutls_free (cinfo.data);
                 }
diff --git a/src/plugins/irc/irc-server.h b/src/plugins/irc/irc-server.h
index bc3a129f9..385f596e2 100644
--- a/src/plugins/irc/irc-server.h
+++ b/src/plugins/irc/irc-server.h
@@ -121,6 +121,8 @@ struct t_irc_server
     int ssl_connected;              /* = 1 if connected with SSL             */
 #ifdef HAVE_GNUTLS
     gnutls_session_t gnutls_sess;   /* gnutls session (only if SSL is used)  */
+    gnutls_x509_crt_t tls_cert;     /* certificate used if ssl_cert is set   */
+    gnutls_x509_privkey_t tls_cert_key; /* key used if ssl_cert is set       */
 #endif
     char *unterminated_message;     /* beginning of a message in input buf   */
     int nicks_count;                /* number of nicknames                   */
author	Sebastien Helleu <flashcode@flashtux.org>	2010-01-29 12:41:05 +0100
committer	Sebastien Helleu <flashcode@flashtux.org>	2010-01-29 12:41:05 +0100
commit	930285e4895ea0793e5152c8c40691a671c1e2fb (patch)
tree	7ab9558c9f770f60948b6ee894fe4f0a45b1e471 /src/plugins
parent	e23aed51a17f8c5bf0c7167013e8c7a6ad7c938a (diff)
download	weechat-930285e4895ea0793e5152c8c40691a671c1e2fb.zip