summaryrefslogtreecommitdiff
path: root/vchat-protocol.c
diff options
context:
space:
mode:
authorDirk Engling <erdgeist@erdgeist.org>2014-11-16 00:31:32 +0100
committerDirk Engling <erdgeist@erdgeist.org>2014-11-16 00:31:32 +0100
commit4c635b85709b33f5161674fcea273d5739d484fe (patch)
tree50d8d6b398cc91c10109d12f6c2638c94e6814e5 /vchat-protocol.c
parent279772cb4f3894f087b9e0389c6742c6ebb48062 (diff)
Keep pulling openssl's tentacles out of protocol code
Diffstat (limited to 'vchat-protocol.c')
-rwxr-xr-xvchat-protocol.c28
1 files changed, 12 insertions, 16 deletions
diff --git a/vchat-protocol.c b/vchat-protocol.c
index b077411..6532fbb 100755
--- a/vchat-protocol.c
+++ b/vchat-protocol.c
@@ -24,11 +24,12 @@
24#include <sys/socket.h> 24#include <sys/socket.h>
25#include <netinet/in.h> 25#include <netinet/in.h>
26#include <readline/readline.h> 26#include <readline/readline.h>
27#include <openssl/ssl.h>
28#include <openssl/err.h>
29#include <locale.h> 27#include <locale.h>
30#include <langinfo.h> 28#include <langinfo.h>
31 29
30// TO BE GONE
31#include <openssl/bio.h>
32
32/* local includes */ 33/* local includes */
33#include "vchat.h" 34#include "vchat.h"
34#include "vchat-user.h" 35#include "vchat-user.h"
@@ -108,7 +109,7 @@ vcconnect (char *server, char *port)
108 char *tildex = NULL; 109 char *tildex = NULL;
109 110
110 /* vchat connection x509 store */ 111 /* vchat connection x509 store */
111 vc_x509store_t vc_store; 112 vc_x509store_t *vc_store;
112 113
113 /* pointer to tilde-expanded certificate/keyfile-names */ 114 /* pointer to tilde-expanded certificate/keyfile-names */
114 char *certfile = NULL, *keyfile = NULL; 115 char *certfile = NULL, *keyfile = NULL;
@@ -126,14 +127,9 @@ vcconnect (char *server, char *port)
126 127
127 /* If SSL is requested, get our ssl-BIO running */ 128 /* If SSL is requested, get our ssl-BIO running */
128 if( server_conn && getintoption(CF_USESSL) ) { 129 if( server_conn && getintoption(CF_USESSL) ) {
129 static int sslinit; 130 vc_store = vc_init_x509store();
130 if( !sslinit++ ) { 131 // XXX TODO: Check error (with new API)
131 SSL_library_init (); 132 vc_x509store_setflags(vc_store, VC_X509S_SSL_VERIFY_PEER);
132 SSL_load_error_strings();
133 }
134
135 vc_init_x509store(&vc_store);
136 vc_x509store_setflags(&vc_store, VC_X509S_SSL_VERIFY_PEER);
137 133
138 /* get name of certificate file */ 134 /* get name of certificate file */
139 certfile = getstroption (CF_CERTFILE); 135 certfile = getstroption (CF_CERTFILE);
@@ -145,8 +141,8 @@ vcconnect (char *server, char *port)
145 else 141 else
146 tildex = certfile; 142 tildex = certfile;
147 143
148 vc_x509store_setflags(&vc_store, VC_X509S_USE_CERTIFICATE); 144 vc_x509store_setflags(vc_store, VC_X509S_USE_CERTIFICATE);
149 vc_x509store_setcertfile(&vc_store, tildex); 145 vc_x509store_setcertfile(vc_store, tildex);
150 146
151 /* get name of key file */ 147 /* get name of key file */
152 keyfile = getstroption (CF_KEYFILE); 148 keyfile = getstroption (CF_KEYFILE);
@@ -161,12 +157,12 @@ vcconnect (char *server, char *port)
161 else 157 else
162 tildex = keyfile; 158 tildex = keyfile;
163 159
164 vc_x509store_set_pkeycb(&vc_store, (vc_askpass_cb_t)passprompt); 160 vc_x509store_set_pkeycb(vc_store, (vc_askpass_cb_t)passprompt);
165 vc_x509store_setkeyfile(&vc_store, tildex); 161 vc_x509store_setkeyfile(vc_store, tildex);
166 } 162 }
167 163
168 /* upgrade our plain BIO to ssl */ 164 /* upgrade our plain BIO to ssl */
169 if( vc_connect_ssl( &server_conn, &vc_store ) ) { 165 if( vc_connect_ssl( &server_conn, vc_store ) ) {
170 BIO_free_all( server_conn ); 166 BIO_free_all( server_conn );
171 server_conn = NULL; 167 server_conn = NULL;
172 errno = EIO; 168 errno = EIO;