tag/* and * to ignore whole networks or everything.
+ /hilight got a -matchcase flag to hilight case sensitively (#421).
+ Always build irssi with TLS support.
+ + Rename SSL to TLS in the code and add -tls_* versions of the -ssl_*
+ options to /CONNECT and /SERVER, but make sure the -ssl_* options continue
+ to work.
- IP addresses are no longer stored when resolve_reverse_lookup is
used.
- /names and $[...] now uses utf8 string operations (#40, #411).
%9Parameters:%9
- -4: Connects using IPv4.
- -6: Connects using IPv6.
- -ssl: Connects using SSL encryption.
- -ssl_cert: The SSL client certificate file.
- -ssl_pkey: The SSL client private key, if not included in the
- certificate file.
- -ssl_pass: The password for the SSL client private key or certificate.
- -ssl_verify: Verifies the SSL certificate of the server.
- -ssl_cafile: The file with the list of CA certificates.
- -ssl_capath: The directory which contains the CA certificates.
- -ssl_ciphers: SSL cipher suite preference lists.
- -noproxy: Ignores the global proxy configuration.
- -network: The network this connection belongs to.
- -host: The hostname you would like to connect from.
- -rawlog: Immediately open rawlog after connecting.
- -!: Doesn't autojoin channels.
- -noautosendcmd: Doesn't execute autosendcmd.
+ -4: Connects using IPv4.
+ -6: Connects using IPv6.
+ -tls: Connects using TLS encryption.
+ -tls_cert: The TLS client certificate file.
+ -tls_pkey: The TLS client private key, if not included in the certificate file.
+ -tls_pass: The password for the TLS client private key or certificate.
+ -tls_verify: Verifies the TLS certificate of the server.
+ -tls_cafile: The file with the list of CA certificates.
+ -tls_capath: The directory which contains the CA certificates.
+ -tls_ciphers: TLS cipher suite preference lists.
+ -noproxy: Ignores the global proxy configuration.
+ -network: The network this connection belongs to.
+ -host: The hostname you would like to connect from.
+ -rawlog: Immediately open rawlog after connecting.
+ -!: Doesn't autojoin channels.
+ -noautosendcmd: Doesn't execute autosendcmd.
A network or server to connect to; you can optionally specify a custom port,
password and nickname.
%9Parameters:%9
- LIST: Displays the list of servers you are connected to.
- CONNECT: Connects to the given server.
- ADD: Adds a server to your configuration.
- MODIFY: Modifies a server in your configuration.
- REMOVE: Removes a server from your configuration.
- PURGE: Purges the commands queued to be sent to the server.
+ LIST: Displays the list of servers you are connected to.
+ CONNECT: Connects to the given server.
+ ADD: Adds a server to your configuration.
+ MODIFY: Modifies a server in your configuration.
+ REMOVE: Removes a server from your configuration.
+ PURGE: Purges the commands queued to be sent to the server.
- -!: Doesn't autojoin the channels.
- -4: Connects using IPv4.
- -6: Connects using IPv6.
- -ssl: Connects using SSL encryption.
- -ssl_cert: The SSL client certificate file.
- -ssl_pkey: The SSL client private key, if not included in the
- certificate file.
- -ssl_pass: The password for the SSL client private key or certificate.
- -ssl_verify: Verifies the SSL certificate of the server.
- -ssl_cafile: The file with the list of CA certificates.
- -ssl_capath: The directory which contains the CA certificates.
- -ssl_ciphers: SSL cipher suite preference lists.
- -auto: Automatically connects to the server on startup.
- -noauto: Doesn't connect to the server on startup.
- -network: The network the server belongs to.
- -host: The hostname you would like to connect from.
- -cmdspeed: Specifies the minimum amount of time, expressed in
- milliseconds, that the client must wait before sending
- additional commands to the server.
- -cmdmax: Specifies the maximum number of commands to perform
- before starting the internal flood protection.
- -port: Specifies the port to connect to the server.
- -noproxy: Ignores the global proxy configuration.
- -rawlog: Immediately open rawlog after connecting.
- -noautosendcmd: Doesn't execute autosendcmd.
+ -!: Doesn't autojoin the channels.
+ -4: Connects using IPv4.
+ -6: Connects using IPv6.
+ -tls: Connects using TLS encryption.
+ -tls_cert: The TLS client certificate file.
+ -tls_pkey: The TLS client private key, if not included in the
+ certificate file.
+ -tls_pass: The password for the TLS client private key or certificate.
+ -tls_verify: Verifies the TLS certificate of the server.
+ -tls_cafile: The file with the list of CA certificates.
+ -tls_capath: The directory which contains the CA certificates.
+ -tls_ciphers: TLS cipher suite preference lists.
+ -auto: Automatically connects to the server on startup.
+ -noauto: Doesn't connect to the server on startup.
+ -network: The network the server belongs to.
+ -host: The hostname you would like to connect from.
+ -cmdspeed: Specifies the minimum amount of time, expressed in
+ milliseconds, that the client must wait before sending
+ additional commands to the server.
+ -cmdmax: Specifies the maximum number of commands to perform
+ before starting the internal flood protection.
+ -port: Specifies the port to connect to the server.
+ -noproxy: Ignores the global proxy configuration.
+ -rawlog: Immediately open rawlog after connecting.
+ -noautosendcmd: Doesn't execute autosendcmd.
The server, port and network to add, modify or remove; if no argument is
given, the list of servers you are connected to will be returned.
%9Description:%9
- Displays, adds, modifies or removes the network configuration of IRC
+ Displays, adds, modifies or removes the network configuration of IRC
servers.
When using the ADD parameter on a server that already exists, the
else if (g_hash_table_lookup(optlist, "4") != NULL)
conn->family = AF_INET;
- if (g_hash_table_lookup(optlist, "ssl") != NULL)
- conn->use_ssl = TRUE;
- if ((tmp = g_hash_table_lookup(optlist, "ssl_cert")) != NULL)
- conn->ssl_cert = g_strdup(tmp);
- if ((tmp = g_hash_table_lookup(optlist, "ssl_pkey")) != NULL)
- conn->ssl_pkey = g_strdup(tmp);
- if ((tmp = g_hash_table_lookup(optlist, "ssl_pass")) != NULL)
- conn->ssl_pass = g_strdup(tmp);
- if (g_hash_table_lookup(optlist, "ssl_verify") != NULL)
- conn->ssl_verify = TRUE;
- if ((tmp = g_hash_table_lookup(optlist, "ssl_cafile")) != NULL)
- conn->ssl_cafile = g_strdup(tmp);
- if ((tmp = g_hash_table_lookup(optlist, "ssl_capath")) != NULL)
- conn->ssl_capath = g_strdup(tmp);
- if ((tmp = g_hash_table_lookup(optlist, "ssl_ciphers")) != NULL)
- conn->ssl_ciphers = g_strdup(tmp);
- if ((conn->ssl_capath != NULL && conn->ssl_capath[0] != '\0')
- || (conn->ssl_cafile != NULL && conn->ssl_cafile[0] != '\0'))
- conn->ssl_verify = TRUE;
- if ((conn->ssl_cert != NULL && conn->ssl_cert[0] != '\0') || conn->ssl_verify)
- conn->use_ssl = TRUE;
+ if (g_hash_table_lookup(optlist, "tls") != NULL || g_hash_table_lookup(optlist, "ssl") != NULL)
+ conn->use_tls = TRUE;
+ if ((tmp = g_hash_table_lookup(optlist, "tls_cert")) != NULL || (tmp = g_hash_table_lookup(optlist, "ssl_cert")) != NULL)
+ conn->tls_cert = g_strdup(tmp);
+ if ((tmp = g_hash_table_lookup(optlist, "tls_pkey")) != NULL || (tmp = g_hash_table_lookup(optlist, "ssl_pkey")) != NULL)
+ conn->tls_pkey = g_strdup(tmp);
+ if ((tmp = g_hash_table_lookup(optlist, "tls_pass")) != NULL || (tmp = g_hash_table_lookup(optlist, "ssl_pass")) != NULL)
+ conn->tls_pass = g_strdup(tmp);
+ if (g_hash_table_lookup(optlist, "tls_verify") != NULL || g_hash_table_lookup(optlist, "ssl_verify") != NULL)
+ conn->tls_verify = TRUE;
+ if ((tmp = g_hash_table_lookup(optlist, "tls_cafile")) != NULL || (tmp = g_hash_table_lookup(optlist, "ssl_cafile")) != NULL)
+ conn->tls_cafile = g_strdup(tmp);
+ if ((tmp = g_hash_table_lookup(optlist, "tls_capath")) != NULL || (tmp = g_hash_table_lookup(optlist, "ssl_capath")) != NULL)
+ conn->tls_capath = g_strdup(tmp);
+ if ((tmp = g_hash_table_lookup(optlist, "tls_ciphers")) != NULL || (tmp = g_hash_table_lookup(optlist, "ssl_ciphers")) != NULL)
+ conn->tls_ciphers = g_strdup(tmp);
+ if ((conn->tls_capath != NULL && conn->tls_capath[0] != '\0')
+ || (conn->tls_cafile != NULL && conn->tls_cafile[0] != '\0'))
+ conn->tls_verify = TRUE;
+ if ((conn->tls_cert != NULL && conn->tls_cert[0] != '\0') || conn->tls_verify)
+ conn->use_tls = TRUE;
if (g_hash_table_lookup(optlist, "!") != NULL)
conn->no_autojoin_channels = TRUE;
signal_add("default command server", (SIGNAL_FUNC) sig_default_command_server);
signal_add("server sendmsg", (SIGNAL_FUNC) sig_server_sendmsg);
- command_set_options("connect", "4 6 !! -network ssl +ssl_cert +ssl_pkey +ssl_pass ssl_verify +ssl_cafile +ssl_capath +ssl_ciphers +host noproxy -rawlog noautosendcmd");
+ command_set_options("connect", "4 6 !! -network ssl +ssl_cert +ssl_pkey +ssl_pass ssl_verify +ssl_cafile +ssl_capath +ssl_ciphers tls +tls_cert +tls_pkey +tls_pass tls_verify +tls_cafile +tls_capath +tls_ciphers +host noproxy -rawlog noautosendcmd");
command_set_options("msg", "channel nick");
}
SSL *ssl;
SSL_CTX *ctx = NULL;
- const char *mycert = server->connrec->ssl_cert;
- const char *mypkey = server->connrec->ssl_pkey;
- const char *mypass = server->connrec->ssl_pass;
- const char *cafile = server->connrec->ssl_cafile;
- const char *capath = server->connrec->ssl_capath;
- const char *ciphers = server->connrec->ssl_ciphers;
- gboolean verify = server->connrec->ssl_verify;
+ const char *mycert = server->connrec->tls_cert;
+ const char *mypkey = server->connrec->tls_pkey;
+ const char *mypass = server->connrec->tls_pass;
+ const char *cafile = server->connrec->tls_cafile;
+ const char *capath = server->connrec->tls_capath;
+ const char *ciphers = server->connrec->tls_ciphers;
+ gboolean verify = server->connrec->tls_verify;
g_return_val_if_fail(handle != NULL, NULL);
SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
SSL_CTX_set_default_passwd_cb(ctx, get_pem_password_callback);
SSL_CTX_set_default_passwd_cb_userdata(ctx, (void *)mypass);
- if (ciphers && *ciphers) {
+
+ if (ciphers != NULL && ciphers[0] != '\0') {
if (SSL_CTX_set_cipher_list(ctx, ciphers) != 1)
g_warning("No valid SSL cipher suite could be selected");
}
char *username;
char *realname;
-char *ssl_cert;
-char *ssl_pkey;
-char *ssl_pass;
-char *ssl_cafile;
-char *ssl_capath;
-char *ssl_ciphers;
+char *tls_cert;
+char *tls_pkey;
+char *tls_pass;
+char *tls_cafile;
+char *tls_capath;
+char *tls_ciphers;
GIOChannel *connect_handle; /* connect using this handle */
unsigned int no_autojoin_channels:1; /* don't autojoin any channels */
unsigned int no_autosendcmd:1; /* don't execute autosendcmd */
unsigned int unix_socket:1; /* Connect using named unix socket */
-unsigned int use_ssl:1; /* this connection uses SSL */
-unsigned int ssl_verify:1;
+unsigned int use_tls:1; /* this connection uses TLS */
+unsigned int tls_verify:1;
unsigned int no_connect:1; /* don't connect() at all, it's done by plugin */
char *channels;
char *away_reason;
int sasl_mechanism;
char *sasl_password;
-char *ssl_cert;
-char *ssl_pkey;
-char *ssl_pass;
-char *ssl_cafile;
-char *ssl_capath;
-char *ssl_ciphers;
+char *tls_cert;
+char *tls_pkey;
+char *tls_pass;
+char *tls_cafile;
+char *tls_capath;
+char *tls_ciphers;
char *own_host; /* address to use when connecting this server */
IPADDR *own_ip4, *own_ip6; /* resolved own_address if not NULL */
unsigned int last_failed:1; /* if last connection attempt failed */
unsigned int banned:1; /* if we're banned from this server */
unsigned int dns_error:1; /* DNS said the host doesn't exist */
-unsigned int use_ssl:1; /* this connection uses SSL */
-unsigned int ssl_verify:1;
+unsigned int use_tls:1; /* this connection uses TLS */
+unsigned int tls_verify:1;
GHashTable *module_data;
dest->no_autosendcmd = src->no_autosendcmd;
dest->unix_socket = src->unix_socket;
- dest->use_ssl = src->use_ssl;
- dest->ssl_cert = g_strdup(src->ssl_cert);
- dest->ssl_pkey = g_strdup(src->ssl_pkey);
- dest->ssl_verify = src->ssl_verify;
- dest->ssl_cafile = g_strdup(src->ssl_cafile);
- dest->ssl_capath = g_strdup(src->ssl_capath);
- dest->ssl_ciphers = g_strdup(src->ssl_ciphers);
+ dest->use_tls = src->use_tls;
+ dest->tls_cert = g_strdup(src->tls_cert);
+ dest->tls_pkey = g_strdup(src->tls_pkey);
+ dest->tls_verify = src->tls_verify;
+ dest->tls_cafile = g_strdup(src->tls_cafile);
+ dest->tls_capath = g_strdup(src->tls_capath);
+ dest->tls_ciphers = g_strdup(src->tls_ciphers);
return dest;
}
if (sserver->port > 0 && conn->port <= 0)
conn->port = sserver->port;
- conn->use_ssl = sserver->use_ssl;
- if (conn->ssl_cert == NULL && sserver->ssl_cert != NULL && sserver->ssl_cert[0] != '\0')
- conn->ssl_cert = g_strdup(sserver->ssl_cert);
- if (conn->ssl_pkey == NULL && sserver->ssl_pkey != NULL && sserver->ssl_pkey[0] != '\0')
- conn->ssl_pkey = g_strdup(sserver->ssl_pkey);
- if (conn->ssl_pass == NULL && sserver->ssl_pass != NULL && sserver->ssl_pass[0] != '\0')
- conn->ssl_pass = g_strdup(sserver->ssl_pass);
- conn->ssl_verify = sserver->ssl_verify;
- if (conn->ssl_cafile == NULL && sserver->ssl_cafile != NULL && sserver->ssl_cafile[0] != '\0')
- conn->ssl_cafile = g_strdup(sserver->ssl_cafile);
- if (conn->ssl_capath == NULL && sserver->ssl_capath != NULL && sserver->ssl_capath[0] != '\0')
- conn->ssl_capath = g_strdup(sserver->ssl_capath);
- if (conn->ssl_ciphers == NULL && sserver->ssl_ciphers != NULL && sserver->ssl_ciphers[0] != '\0')
- conn->ssl_ciphers = g_strdup(sserver->ssl_ciphers);
+ conn->use_tls = sserver->use_tls;
+ if (conn->tls_cert == NULL && sserver->tls_cert != NULL && sserver->tls_cert[0] != '\0')
+ conn->tls_cert = g_strdup(sserver->tls_cert);
+ if (conn->tls_pkey == NULL && sserver->tls_pkey != NULL && sserver->tls_pkey[0] != '\0')
+ conn->tls_pkey = g_strdup(sserver->tls_pkey);
+ if (conn->tls_pass == NULL && sserver->tls_pass != NULL && sserver->tls_pass[0] != '\0')
+ conn->tls_pass = g_strdup(sserver->tls_pass);
+ conn->tls_verify = sserver->tls_verify;
+ if (conn->tls_cafile == NULL && sserver->tls_cafile != NULL && sserver->tls_cafile[0] != '\0')
+ conn->tls_cafile = g_strdup(sserver->tls_cafile);
+ if (conn->tls_capath == NULL && sserver->tls_capath != NULL && sserver->tls_capath[0] != '\0')
+ conn->tls_capath = g_strdup(sserver->tls_capath);
+ if (conn->tls_ciphers == NULL && sserver->tls_ciphers != NULL && sserver->tls_ciphers[0] != '\0')
+ conn->tls_ciphers = g_strdup(sserver->tls_ciphers);
server_setup_fill_reconn(conn, sserver);
static SERVER_SETUP_REC *server_setup_read(CONFIG_NODE *node)
{
SERVER_SETUP_REC *rec;
- CHATNET_REC *chatnetrec;
+ CHATNET_REC *chatnetrec;
char *server, *chatnet, *family;
int port;
+ char *value = NULL;
g_return_val_if_fail(node != NULL, NULL);
chatnet_create(chatnetrec);
}
- family = config_node_get_str(node, "family", "");
+ family = config_node_get_str(node, "family", "");
rec = CHAT_PROTOCOL(chatnetrec)->create_server_setup();
rec->type = module_get_uniq_id("SERVER SETUP", 0);
(g_ascii_strcasecmp(family, "inet") == 0 ? AF_INET : 0);
rec->address = g_strdup(server);
rec->password = g_strdup(config_node_get_str(node, "password", NULL));
- rec->use_ssl = config_node_get_bool(node, "use_ssl", FALSE);
- rec->ssl_cert = g_strdup(config_node_get_str(node, "ssl_cert", NULL));
- rec->ssl_pkey = g_strdup(config_node_get_str(node, "ssl_pkey", NULL));
- rec->ssl_pass = g_strdup(config_node_get_str(node, "ssl_pass", NULL));
- rec->ssl_verify = config_node_get_bool(node, "ssl_verify", FALSE);
- rec->ssl_cafile = g_strdup(config_node_get_str(node, "ssl_cafile", NULL));
- rec->ssl_capath = g_strdup(config_node_get_str(node, "ssl_capath", NULL));
- rec->ssl_ciphers = g_strdup(config_node_get_str(node, "ssl_ciphers", NULL));
- if (rec->ssl_cafile || rec->ssl_capath)
- rec->ssl_verify = TRUE;
- if (rec->ssl_cert != NULL || rec->ssl_verify)
- rec->use_ssl = TRUE;
+
+ rec->use_tls = config_node_get_bool(node, "use_tls", FALSE) || config_node_get_bool(node, "use_ssl", FALSE);
+ rec->tls_verify = config_node_get_bool(node, "tls_verify", FALSE) || config_node_get_bool(node, "ssl_verify", FALSE);
+
+ value = config_node_get_str(node, "tls_cert", NULL);
+ if (value == NULL)
+ value = config_node_get_str(node, "ssl_cert", NULL);
+ rec->tls_cert = g_strdup(value);
+
+ value = config_node_get_str(node, "tls_pkey", NULL);
+ if (value == NULL)
+ value = config_node_get_str(node, "ssl_pkey", NULL);
+ rec->tls_pkey = g_strdup(value);
+
+ value = config_node_get_str(node, "tls_pass", NULL);
+ if (value == NULL)
+ value = config_node_get_str(node, "ssl_pass", NULL);
+ rec->tls_pass = g_strdup(value);
+
+ value = config_node_get_str(node, "tls_cafile", NULL);
+ if (value == NULL)
+ value = config_node_get_str(node, "ssl_cafile", NULL);
+ rec->tls_cafile = g_strdup(value);
+
+ value = config_node_get_str(node, "tls_capath", NULL);
+ if (value == NULL)
+ value = config_node_get_str(node, "ssl_capath", NULL);
+ rec->tls_capath = g_strdup(value);
+
+ value = config_node_get_str(node, "tls_ciphers", NULL);
+ if (value == NULL)
+ value = config_node_get_str(node, "ssl_ciphers", NULL);
+ rec->tls_ciphers = g_strdup(value);
+
+ if (rec->tls_cafile || rec->tls_capath)
+ rec->tls_verify = TRUE;
+ if (rec->tls_cert != NULL || rec->tls_verify)
+ rec->use_tls = TRUE;
+
rec->port = port;
rec->autoconnect = config_node_get_bool(node, "autoconnect", FALSE);
rec->no_proxy = config_node_get_bool(node, "no_proxy", FALSE);
iconfig_node_set_int(node, "port", rec->port);
iconfig_node_set_str(node, "password", rec->password);
- iconfig_node_set_bool(node, "use_ssl", rec->use_ssl);
- iconfig_node_set_str(node, "ssl_cert", rec->ssl_cert);
- iconfig_node_set_str(node, "ssl_pkey", rec->ssl_pkey);
- iconfig_node_set_str(node, "ssl_pass", rec->ssl_pass);
- iconfig_node_set_bool(node, "ssl_verify", rec->ssl_verify);
- iconfig_node_set_str(node, "ssl_cafile", rec->ssl_cafile);
- iconfig_node_set_str(node, "ssl_capath", rec->ssl_capath);
- iconfig_node_set_str(node, "ssl_ciphers", rec->ssl_ciphers);
+
+ iconfig_node_set_bool(node, "use_tls", rec->use_tls);
+ iconfig_node_set_str(node, "tls_cert", rec->tls_cert);
+ iconfig_node_set_str(node, "tls_pkey", rec->tls_pkey);
+ iconfig_node_set_str(node, "tls_pass", rec->tls_pass);
+ iconfig_node_set_bool(node, "tls_verify", rec->tls_verify);
+ iconfig_node_set_str(node, "tls_cafile", rec->tls_cafile);
+ iconfig_node_set_str(node, "tls_capath", rec->tls_capath);
+ iconfig_node_set_str(node, "tls_ciphers", rec->tls_ciphers);
+
iconfig_node_set_str(node, "own_host", rec->own_host);
iconfig_node_set_str(node, "family",
g_free_not_null(rec->own_ip6);
g_free_not_null(rec->chatnet);
g_free_not_null(rec->password);
- g_free_not_null(rec->ssl_cert);
- g_free_not_null(rec->ssl_pkey);
- g_free_not_null(rec->ssl_pass);
- g_free_not_null(rec->ssl_cafile);
- g_free_not_null(rec->ssl_capath);
- g_free_not_null(rec->ssl_ciphers);
+ g_free_not_null(rec->tls_cert);
+ g_free_not_null(rec->tls_pkey);
+ g_free_not_null(rec->tls_pass);
+ g_free_not_null(rec->tls_cafile);
+ g_free_not_null(rec->tls_capath);
+ g_free_not_null(rec->tls_ciphers);
g_free(rec->address);
g_free(rec);
}
own_ip = IPADDR_IS_V6(ip) ? server->connrec->own_ip6 : server->connrec->own_ip4;
port = server->connrec->proxy != NULL ?
server->connrec->proxy_port : server->connrec->port;
- handle = server->connrec->use_ssl ?
+ handle = server->connrec->use_tls ?
net_connect_ip_ssl(ip, port, own_ip, server) : net_connect_ip(ip, port, own_ip);
} else {
handle = net_connect_unix(unix_socket);
}
server->no_reconnect = TRUE;
}
- if (server->connrec->use_ssl && errno == ENOSYS)
+ if (server->connrec->use_tls && errno == ENOSYS)
server->no_reconnect = TRUE;
server->connection_lost = TRUE;
g_free(errmsg2);
} else {
server->handle = net_sendbuffer_create(handle, 0);
- if (server->connrec->use_ssl)
+ if (server->connrec->use_tls)
server_connect_callback_init_ssl(server, handle);
else
server->connect_tag =
g_free_not_null(conn->own_ip4);
g_free_not_null(conn->own_ip6);
- g_free_not_null(conn->password);
- g_free_not_null(conn->nick);
- g_free_not_null(conn->username);
+ g_free_not_null(conn->password);
+ g_free_not_null(conn->nick);
+ g_free_not_null(conn->username);
g_free_not_null(conn->realname);
- g_free_not_null(conn->ssl_cert);
- g_free_not_null(conn->ssl_pkey);
- g_free_not_null(conn->ssl_pass);
- g_free_not_null(conn->ssl_cafile);
- g_free_not_null(conn->ssl_capath);
- g_free_not_null(conn->ssl_ciphers);
+ g_free_not_null(conn->tls_cert);
+ g_free_not_null(conn->tls_pkey);
+ g_free_not_null(conn->tls_pass);
+ g_free_not_null(conn->tls_cafile);
+ g_free_not_null(conn->tls_capath);
+ g_free_not_null(conn->tls_ciphers);
g_free_not_null(conn->channels);
- g_free_not_null(conn->away_reason);
+ g_free_not_null(conn->away_reason);
- conn->type = 0;
+ conn->type = 0;
g_free(conn);
}
node = config_node_section(config, node, NULL, NODE_TYPE_BLOCK);
- config_node_set_str(config, node, "chat_type",
- chat_protocol_find_id(server->chat_type)->name);
+ config_node_set_str(config, node, "chat_type", chat_protocol_find_id(server->chat_type)->name);
config_node_set_str(config, node, "address", server->connrec->address);
config_node_set_int(config, node, "port", server->connrec->port);
config_node_set_str(config, node, "chatnet", server->connrec->chatnet);
config_node_set_str(config, node, "nick", server->nick);
config_node_set_str(config, node, "version", server->version);
- config_node_set_bool(config, node, "use_ssl", server->connrec->use_ssl);
- config_node_set_str(config, node, "ssl_cert", server->connrec->ssl_cert);
- config_node_set_str(config, node, "ssl_pkey", server->connrec->ssl_pkey);
- config_node_set_bool(config, node, "ssl_verify", server->connrec->ssl_verify);
- config_node_set_str(config, node, "ssl_cafile", server->connrec->ssl_cafile);
- config_node_set_str(config, node, "ssl_capath", server->connrec->ssl_capath);
- config_node_set_str(config, node, "ssl_ciphers", server->connrec->ssl_ciphers);
+ config_node_set_bool(config, node, "use_tls", server->connrec->use_tls);
+ config_node_set_str(config, node, "tls_cert", server->connrec->tls_cert);
+ config_node_set_str(config, node, "tls_pkey", server->connrec->tls_pkey);
+ config_node_set_bool(config, node, "tls_verify", server->connrec->tls_verify);
+ config_node_set_str(config, node, "tls_cafile", server->connrec->tls_cafile);
+ config_node_set_str(config, node, "tls_capath", server->connrec->tls_capath);
+ config_node_set_str(config, node, "tls_ciphers", server->connrec->tls_ciphers);
handle = g_io_channel_unix_get_fd(net_sendbuffer_handle(server->handle));
config_node_set_int(config, node, "handle", handle);
else if (g_hash_table_lookup(optlist, "4"))
rec->family = AF_INET;
- if (g_hash_table_lookup(optlist, "ssl"))
- rec->use_ssl = TRUE;
+ if (g_hash_table_lookup(optlist, "tls") || g_hash_table_lookup(optlist, "ssl"))
+ rec->use_tls = TRUE;
- value = g_hash_table_lookup(optlist, "ssl_cert");
+ value = g_hash_table_lookup(optlist, "tls_cert");
+ if (value == NULL)
+ value = g_hash_table_lookup(optlist, "ssl_cert");
if (value != NULL && *value != '\0')
- rec->ssl_cert = g_strdup(value);
+ rec->tls_cert = g_strdup(value);
- value = g_hash_table_lookup(optlist, "ssl_pkey");
+ value = g_hash_table_lookup(optlist, "tls_pkey");
+ if (value == NULL)
+ value = g_hash_table_lookup(optlist, "ssl_pkey");
if (value != NULL && *value != '\0')
- rec->ssl_pkey = g_strdup(value);
+ rec->tls_pkey = g_strdup(value);
- value = g_hash_table_lookup(optlist, "ssl_pass");
+ value = g_hash_table_lookup(optlist, "tls_pass");
+ if (value == NULL)
+ value = g_hash_table_lookup(optlist, "ssl_pass");
if (value != NULL && *value != '\0')
- rec->ssl_pass = g_strdup(value);
+ rec->tls_pass = g_strdup(value);
- if (g_hash_table_lookup(optlist, "ssl_verify"))
- rec->ssl_verify = TRUE;
+ if (g_hash_table_lookup(optlist, "tls_verify") || g_hash_table_lookup(optlist, "ssl_verify"))
+ rec->tls_verify = TRUE;
- value = g_hash_table_lookup(optlist, "ssl_cafile");
+ value = g_hash_table_lookup(optlist, "tls_cafile");
+ if (value == NULL)
+ value = g_hash_table_lookup(optlist, "ssl_cafile");
if (value != NULL && *value != '\0')
- rec->ssl_cafile = g_strdup(value);
+ rec->tls_cafile = g_strdup(value);
- value = g_hash_table_lookup(optlist, "ssl_capath");
+ value = g_hash_table_lookup(optlist, "tls_capath");
+ if (value == NULL)
+ value = g_hash_table_lookup(optlist, "ssl_capath");
if (value != NULL && *value != '\0')
- rec->ssl_capath = g_strdup(value);
+ rec->tls_capath = g_strdup(value);
- value = g_hash_table_lookup(optlist, "ssl_ciphers");
+ value = g_hash_table_lookup(optlist, "tls_ciphers");
+ if (value == NULL)
+ value = g_hash_table_lookup(optlist, "ssl_ciphers");
if (value != NULL && *value != '\0')
- rec->ssl_ciphers = g_strdup(value);
+ rec->tls_ciphers = g_strdup(value);
- if ((rec->ssl_cafile != NULL && rec->ssl_cafile[0] != '\0')
- || (rec->ssl_capath != NULL && rec->ssl_capath[0] != '\0'))
- rec->ssl_verify = TRUE;
- if ((rec->ssl_cert != NULL && rec->ssl_cert[0] != '\0') || rec->ssl_verify == TRUE)
- rec->use_ssl = TRUE;
+ if ((rec->tls_cafile != NULL && rec->tls_cafile[0] != '\0')
+ || (rec->tls_capath != NULL && rec->tls_capath[0] != '\0'))
+ rec->tls_verify = TRUE;
+
+ if ((rec->tls_cert != NULL && rec->tls_cert[0] != '\0') || rec->tls_verify == TRUE)
+ rec->use_tls = TRUE;
if (g_hash_table_lookup(optlist, "auto")) rec->autoconnect = TRUE;
if (g_hash_table_lookup(optlist, "noauto")) rec->autoconnect = FALSE;
command_bind("server remove", NULL, (SIGNAL_FUNC) cmd_server_remove);
command_bind_first("server", NULL, (SIGNAL_FUNC) server_command);
command_bind_first("disconnect", NULL, (SIGNAL_FUNC) server_command);
- command_set_options("server add", "4 6 !! ssl +ssl_cert +ssl_pkey +ssl_pass ssl_verify +ssl_cafile +ssl_capath +ssl_ciphers auto noauto proxy noproxy -host -port noautosendcmd");
- command_set_options("server modify", "4 6 !! ssl +ssl_cert +ssl_pkey +ssl_pass ssl_verify +ssl_cafile +ssl_capath +ssl_ciphers auto noauto proxy noproxy -host -port noautosendcmd");
+
+ command_set_options("server add", "4 6 !! ssl +ssl_cert +ssl_pkey +ssl_pass ssl_verify +ssl_cafile +ssl_capath +ssl_ciphers +ssl_fingerprint tls +tls_cert +tls_pkey +tls_pass tls_verify +tls_cafile +tls_capath +tls_ciphers auto noauto proxy noproxy -host -port noautosendcmd");
+ command_set_options("server modify", "4 6 !! ssl +ssl_cert +ssl_pkey +ssl_pass ssl_verify +ssl_cafile +ssl_capath +ssl_ciphers +ssl_fingerprint tls +tls_cert +tls_pkey +tls_pass tls_verify +tls_cafile +tls_capath +tls_ciphers auto noauto proxy noproxy -host -port noautosendcmd");
signal_add("server looking", (SIGNAL_FUNC) sig_server_looking);
signal_add("server connecting", (SIGNAL_FUNC) sig_server_connecting);
g_string_append(str, "autoconnect, ");
if (rec->no_proxy)
g_string_append(str, "noproxy, ");
- if (rec->use_ssl) {
- g_string_append(str, "ssl, ");
- if (rec->ssl_cert) {
- g_string_append_printf(str, "ssl_cert: %s, ", rec->ssl_cert);
- if (rec->ssl_pkey)
- g_string_append_printf(str, "ssl_pkey: %s, ", rec->ssl_pkey);
- if (rec->ssl_pass)
+ if (rec->use_tls) {
+ g_string_append(str, "tls, ");
+ if (rec->tls_cert) {
+ g_string_append_printf(str, "tls_cert: %s, ", rec->tls_cert);
+ if (rec->tls_pkey)
+ g_string_append_printf(str, "tls_pkey: %s, ", rec->tls_pkey);
+ if (rec->tls_pass)
g_string_append_printf(str, "(pass), ");
}
- if (rec->ssl_verify)
- g_string_append(str, "ssl_verify, ");
- if (rec->ssl_cafile)
- g_string_append_printf(str, "ssl_cafile: %s, ", rec->ssl_cafile);
- if (rec->ssl_capath)
- g_string_append_printf(str, "ssl_capath: %s, ", rec->ssl_capath);
- if (rec->ssl_ciphers)
- g_string_append_printf(str, "ssl_ciphers: %s, ", rec->ssl_ciphers);
+ if (rec->tls_verify)
+ g_string_append(str, "tls_verify, ");
+ if (rec->tls_cafile)
+ g_string_append_printf(str, "tls_cafile: %s, ", rec->tls_cafile);
+ if (rec->tls_capath)
+ g_string_append_printf(str, "tls_capath: %s, ", rec->tls_capath);
+ if (rec->tls_ciphers)
+ g_string_append_printf(str, "tls_ciphers: %s, ", rec->tls_ciphers);
}
if (rec->max_cmds_at_once > 0)
if (server->connrec->port <= 0) {
server->connrec->port =
- server->connrec->use_ssl ? 6697 : 6667;
+ server->connrec->use_tls ? 6697 : 6667;
}
server->cmd_queue_speed = ircconn->cmd_queue_speed > 0 ?
ircconn->max_whois : DEFAULT_MAX_WHOIS;
server->max_msgs_in_cmd = ircconn->max_msgs > 0 ?
ircconn->max_msgs : DEFAULT_MAX_MSGS;
- server->connrec->use_ssl = conn->use_ssl;
+ server->connrec->use_tls = conn->use_tls;
modes_server_init(server);
(void) hv_store(hv, "no_autojoin_channels", 20, newSViv(conn->no_autojoin_channels), 0);
(void) hv_store(hv, "no_autosendcmd", 14, newSViv(conn->no_autosendcmd), 0);
(void) hv_store(hv, "unix_socket", 11, newSViv(conn->unix_socket), 0);
- (void) hv_store(hv, "use_ssl", 7, newSViv(conn->use_ssl), 0);
+ (void) hv_store(hv, "use_ssl", 7, newSViv(conn->use_tls), 0);
+ (void) hv_store(hv, "use_tls", 7, newSViv(conn->use_tls), 0);
(void) hv_store(hv, "no_connect", 10, newSViv(conn->no_connect), 0);
}
projects / irc / irssi / irssi.git / commitdiff
