diff options
Diffstat (limited to 'src/plugins/irc')
-rw-r--r-- | src/plugins/irc/irc-config.c | 6 | ||||
-rw-r--r-- | src/plugins/irc/irc-protocol.c | 25 | ||||
-rw-r--r-- | src/plugins/irc/irc-sasl.c | 2 | ||||
-rw-r--r-- | src/plugins/irc/irc-sasl.h | 1 | ||||
-rw-r--r-- | src/plugins/irc/irc-server.c | 13 |
5 files changed, 33 insertions, 14 deletions
diff --git a/src/plugins/irc/irc-config.c b/src/plugins/irc/irc-config.c index 435b45691..b7f0a339a 100644 --- a/src/plugins/irc/irc-config.c +++ b/src/plugins/irc/irc-config.c @@ -1465,8 +1465,10 @@ irc_config_server_new_option (struct t_config_file *config_file, new_option = weechat_config_new_option ( config_file, section, option_name, "integer", - N_("mechanism for SASL authentication"), - "plain|dh-blowfish", 0, 0, + N_("mechanism for SASL authentication: \"plain\" for plain text " + "password, \"dh-blowfish\" for crypted password, \"external\" " + "for authentication using client side SSL cert"), + "plain|dh-blowfish|external", 0, 0, default_value, value, null_value_allowed, callback_check_value, callback_check_value_data, diff --git a/src/plugins/irc/irc-protocol.c b/src/plugins/irc/irc-protocol.c index 17aea6459..60762ad0f 100644 --- a/src/plugins/irc/irc-protocol.c +++ b/src/plugins/irc/irc-protocol.c @@ -139,6 +139,7 @@ irc_protocol_tags (const char *command, const char *tags, const char *nick) IRC_PROTOCOL_CALLBACK(authenticate) { + int sasl_mechanism; const char *sasl_username, *sasl_password; char *answer; @@ -150,21 +151,25 @@ IRC_PROTOCOL_CALLBACK(authenticate) IRC_PROTOCOL_MIN_ARGS(2); - sasl_username = IRC_SERVER_OPTION_STRING(server, - IRC_SERVER_OPTION_SASL_USERNAME); - sasl_password = IRC_SERVER_OPTION_STRING(server, - IRC_SERVER_OPTION_SASL_PASSWORD); - if (sasl_username && sasl_username[0] - && sasl_password && sasl_password[0]) + if (irc_server_sasl_enabled (server)) { - switch (IRC_SERVER_OPTION_INTEGER(server, - IRC_SERVER_OPTION_SASL_MECHANISM)) + sasl_mechanism = IRC_SERVER_OPTION_INTEGER(server, + IRC_SERVER_OPTION_SASL_MECHANISM); + sasl_username = IRC_SERVER_OPTION_STRING(server, + IRC_SERVER_OPTION_SASL_USERNAME); + sasl_password = IRC_SERVER_OPTION_STRING(server, + IRC_SERVER_OPTION_SASL_PASSWORD); + answer = NULL; + switch (sasl_mechanism) { case IRC_SASL_MECHANISM_DH_BLOWFISH: answer = irc_sasl_mechanism_dh_blowfish (argv_eol[1], sasl_username, sasl_password); break; + case IRC_SASL_MECHANISM_EXTERNAL: + answer = strdup ("++"); + break; case IRC_SASL_MECHANISM_PLAIN: default: answer = irc_sasl_mechanism_plain (sasl_username, @@ -340,6 +345,10 @@ IRC_PROTOCOL_CALLBACK(cap) irc_server_sendf (server, 0, NULL, "CAP END"); #endif break; + case IRC_SASL_MECHANISM_EXTERNAL: + irc_server_sendf (server, 0, NULL, + "AUTHENTICATE EXTERNAL"); + break; case IRC_SASL_MECHANISM_PLAIN: default: irc_server_sendf (server, 0, NULL, diff --git a/src/plugins/irc/irc-sasl.c b/src/plugins/irc/irc-sasl.c index 7519bce72..0231183a6 100644 --- a/src/plugins/irc/irc-sasl.c +++ b/src/plugins/irc/irc-sasl.c @@ -37,7 +37,7 @@ char *irc_sasl_mechanism_string[IRC_NUM_SASL_MECHANISMS] = -{ "plain", "dh-blowfish" }; +{ "plain", "dh-blowfish", "external" }; /* diff --git a/src/plugins/irc/irc-sasl.h b/src/plugins/irc/irc-sasl.h index 6ae1d1670..c4fea5785 100644 --- a/src/plugins/irc/irc-sasl.h +++ b/src/plugins/irc/irc-sasl.h @@ -26,6 +26,7 @@ enum t_irc_sasl_mechanism { IRC_SASL_MECHANISM_PLAIN = 0, IRC_SASL_MECHANISM_DH_BLOWFISH, + IRC_SASL_MECHANISM_EXTERNAL, /* number of SASL mechanisms */ IRC_NUM_SASL_MECHANISMS, }; diff --git a/src/plugins/irc/irc-server.c b/src/plugins/irc/irc-server.c index c492ab0c7..60f0c1b09 100644 --- a/src/plugins/irc/irc-server.c +++ b/src/plugins/irc/irc-server.c @@ -251,16 +251,23 @@ irc_server_strncasecmp (struct t_irc_server *server, int irc_server_sasl_enabled (struct t_irc_server *server) { + int sasl_mechanism; const char *sasl_username, *sasl_password; + sasl_mechanism = IRC_SERVER_OPTION_INTEGER(server, + IRC_SERVER_OPTION_SASL_MECHANISM); sasl_username = IRC_SERVER_OPTION_STRING(server, IRC_SERVER_OPTION_SASL_USERNAME); sasl_password = IRC_SERVER_OPTION_STRING(server, IRC_SERVER_OPTION_SASL_PASSWORD); - /* SASL is enabled if username AND password are set */ - return (sasl_username && sasl_username[0] - && sasl_password && sasl_password[0]) ? 1 : 0; + /* + * SASL is enabled if using mechanism "externel" + * or if both username AND password are set + */ + return ((sasl_mechanism == IRC_SASL_MECHANISM_EXTERNAL) + || (sasl_username && sasl_username[0] + && sasl_password && sasl_password[0])) ? 1 : 0; } /* |