From 3ff11bc9ec47ea24e578444ffc9985884f32038b Mon Sep 17 00:00:00 2001 From: Dirk Engling Date: Fri, 15 Apr 2016 13:50:58 +0200 Subject: add chomp --- vchat-ssl.c | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/vchat-ssl.c b/vchat-ssl.c index e584f6c..ef5b96e 100755 --- a/vchat-ssl.c +++ b/vchat-ssl.c @@ -221,7 +221,7 @@ int vc_connect_ssl( BIO **conn, vc_x509store_t *vc_store ) assert ( ( fingerprint_len > 1 ) && (fingerprint_len * 3 < TMPSTRSIZE )); char * nf = new_fingerprint; for (j=0; j<(int)fingerprint_len; j++) - nf += snprintf(nf, 3, "%02X:", fingerprint_bin[j]); + nf += snprintf(nf, 4, "%02X:", fingerprint_bin[j]); assert ( nf > new_fingerprint ); nf[-1] = 0; snprintf(tmpstr, TMPSTRSIZE, "[SSL FINGERPRINT ] from server: %s", new_fingerprint); @@ -236,15 +236,20 @@ int vc_connect_ssl( BIO **conn, vc_x509store_t *vc_store ) char * r = fgets(old_fingerprint, TMPSTRSIZE, fingerprint_file); fclose(fingerprint_file); - /* verify fingerprint matches stored version */ - if ( r &&!strncmp(new_fingerprint, old_fingerprint, TMPSTRSIZE)) - return 0; - else { - snprintf(tmpstr, TMPSTRSIZE, "[SSL FINGERPRINT ] from %s: %s", getstroption(CF_FINGERPRINT), r ? old_fingerprint : "" ); - writecf(FS_ERR, tmpstr); - writecf(FS_ERR, "[SSL CONNECT ERROR] Fingerprint mismatch! Server cert updated?"); - return 1; + if (r) { + // chomp + char *nl = strchr(r, '\n'); + if (nl) *nl = 0; + + /* verify fingerprint matches stored version */ + if (!strcmp(new_fingerprint, old_fingerprint)) + return 0; } + + snprintf(tmpstr, TMPSTRSIZE, "[SSL FINGERPRINT ] from %s: %s", getstroption(CF_FINGERPRINT), r ? old_fingerprint : "" ); + writecf(FS_ERR, tmpstr); + writecf(FS_ERR, "[SSL CONNECT ERROR] Fingerprint mismatch! Server cert updated?"); + return 1; } else { /* FIXME: there might be other errors than missing file */ fingerprint_file = fopen(tilde_expand(getstroption(CF_FINGERPRINT)), "w"); -- cgit v1.2.3