sites

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs

commit 369bd631d513a609e4ee99cf5df0cd6d8d7bccbe
parent 419487f8e9ecac001370ff015860953b90a9e086
Author: Hunter Haugen (Hunner) <h.haugen@gmail.com>
Date:   Thu, 26 May 2011 21:31:46 -0700

Updating ssl ii patch for 1.6 from 1.4
Diffstat:
Dtools.suckless.org/ii/patches/ii-1.4-ssl.diff | 234-------------------------------------------------------------------------------
Atools.suckless.org/ii/patches/ii-1.6-ssl.diff | 225+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Mtools.suckless.org/ii/patches/ssl.md | 4++--
3 files changed, 227 insertions(+), 236 deletions(-)

diff --git a/tools.suckless.org/ii/patches/ii-1.4-ssl.diff b/tools.suckless.org/ii/patches/ii-1.4-ssl.diff @@ -1,234 +0,0 @@ -diff -r d93eaacde742 config.mk ---- a/config.mk Fri Jun 25 10:55:05 2010 +0200 -+++ b/config.mk Sat Jul 31 11:32:04 2010 -0700 -@@ -16,7 +16,7 @@ - - # includes and libs - INCLUDES = -I. -I${INCDIR} -I/usr/include --LIBS = -L${LIBDIR} -L/usr/lib -lc -+LIBS = -L${LIBDIR} -L/usr/lib -lc -lssl - # uncomment and comment other variables for compiling on Solaris - #LIBS = -L${LIBDIR} -L/usr/lib -lc -lsocket -lnsl - #CFLAGS = -g ${INCLUDES} -DVERSION=\"${VERSION}\" -diff -r d93eaacde742 ii.1 ---- a/ii.1 Fri Jun 25 10:55:05 2010 +0200 -+++ b/ii.1 Sat Jul 31 11:32:04 2010 -0700 -@@ -25,6 +25,8 @@ - .IR servername ] - .RB [ \-p - .IR port ] -+.RB [ \-e -+.IR encryption ] - .RB [ \-k - .IR password ] - .RB [ \-i -@@ -42,6 +44,10 @@ - .BI \-p " port" - lets you override the default port (6667) - .TP -+.BI \-e " encryption" -+lets you enable ssl encryption. Currently only "ssl" is enabled. The -+default ssl port is 6697 -+.TP - .BI \-k " password" - lets you use a password to authenticate your nick on the server - (be aware of the problem that this is visible in the process list, if you -diff -r d93eaacde742 ii.c ---- a/ii.c Fri Jun 25 10:55:05 2010 +0200 -+++ b/ii.c Sat Jul 31 11:32:04 2010 -0700 -@@ -19,6 +19,9 @@ - #include <ctype.h> - #include <time.h> - #include <unistd.h> -+#include <openssl/rand.h> -+#include <openssl/ssl.h> -+#include <openssl/err.h> - - #ifndef PIPE_BUF /* FreeBSD don't know PIPE_BUF */ - #define PIPE_BUF 4096 -@@ -35,7 +38,17 @@ - - #define PING_TIMEOUT 300 - #define SERVER_PORT 6667 --static int irc; -+#define SSL_SERVER_PORT 6697 -+#define WRITE(con, mes) (use_ssl ? sslwrite(mes, strlen(mes)) : write(con->irc, mes, strlen(mes))) -+#define READ(fd, buf) (from_server && use_ssl ? SSL_read(irc->sslHandle, buf, sizeof(char)) : read(fd, buf, sizeof(char))) -+ -+typedef struct { -+ int irc; -+ SSL *sslHandle; -+ SSL_CTX *sslContext; -+} conn; -+conn *irc; -+static int use_ssl; - static time_t last_response; - static Channel *channels = NULL; - static char *host = "irc.freenode.net"; -@@ -48,7 +61,7 @@ - "ii - irc it - " VERSION "\n" - "(C)opyright MMV-MMVI Anselm R. Garbe\n" - "(C)opyright MMV-MMVII Nico Golde\n" -- "usage: ii [-i <irc dir>] [-s <host>] [-p <port>]\n" -+ "usage: ii [-i <irc dir>] [-s <host>] [-p <port>] [-e <encryption>]\n" - " [-n <nick>] [-k <password>] [-f <fullname>]\n"); - exit(EXIT_SUCCESS); - } -@@ -144,6 +157,10 @@ - free(c); - } - -+void sslwrite(char * text, size_t len) { -+ SSL_write(irc->sslHandle, text, len); -+} -+ - static void login(char *key, char *fullname) { - if(key) snprintf(message, PIPE_BUF, - "PASS %s\r\nNICK %s\r\nUSER %s localhost %s :%s\r\n", key, -@@ -151,11 +168,12 @@ - else snprintf(message, PIPE_BUF, "NICK %s\r\nUSER %s localhost %s :%s\r\n", - nick, nick, host, fullname ? fullname : nick); - -- write(irc, message, strlen(message)); /* login */ -+ WRITE(irc, message); /* login */ - } - --static int tcpopen(unsigned short port) { -+conn *tcpopen(unsigned short port) { - int fd; -+ conn *c; - struct sockaddr_in sin; - struct hostent *hp = gethostbyname(host); - -@@ -175,7 +193,22 @@ - perror("ii: cannot connect to host"); - exit(EXIT_FAILURE); - } -- return fd; -+ c = malloc(sizeof(conn)); -+ c->irc = fd; -+ if(use_ssl) { -+ c->sslHandle = NULL; -+ c->sslContext = NULL; -+ SSL_load_error_strings(); -+ SSL_library_init(); -+ c->sslContext = SSL_CTX_new(SSLv23_client_method()); -+ if(c->sslContext == NULL) -+ ERR_print_errors_fp(stderr); -+ c->sslHandle = SSL_new(c->sslContext); -+ if(!SSL_set_fd(c->sslHandle, c->irc) -+ || (SSL_connect(c->sslHandle) != 1)) -+ ERR_print_errors_fp(stderr); -+ } -+ return c; - } - - static size_t tokenize(char **result, size_t reslen, char *str, char delim) { -@@ -221,7 +254,7 @@ - snprintf(message, PIPE_BUF, "<%s> %s", nick, buf); - print_out(channel, message); - snprintf(message, PIPE_BUF, "PRIVMSG %s :%s\r\n", channel, buf); -- write(irc, message, strlen(message)); -+ WRITE(irc, message); - } - - static void proc_channels_input(Channel *c, char *buf) { -@@ -277,7 +310,7 @@ - else - snprintf(message, PIPE_BUF, - "PART %s :ii - 500 SLOC are too much\r\n", c->name); -- write(irc, message, strlen(message)); -+ WRITE(irc, message); - close(c->fd); - create_filepath(infile, sizeof(infile), c->name, "in"); - unlink(infile); -@@ -289,7 +322,7 @@ - break; - } - if (message[0] != '\0') -- write(irc, message, strlen(message)); -+ WRITE(irc, message); - } - - static void proc_server_cmd(char *buf) { -@@ -340,7 +373,7 @@ - return; - } else if(!strncmp("PING", argv[TOK_CMD], 5)) { - snprintf(message, PIPE_BUF, "PONG %s\r\n", argv[TOK_TEXT]); -- write(irc, message, strlen(message)); -+ WRITE(irc, message); - return; - } else if(!argv[TOK_NICKSRV] || !argv[TOK_USER]) { /* server command */ - snprintf(message, PIPE_BUF, "%s%s", argv[TOK_ARG] ? argv[TOK_ARG] : "", argv[TOK_TEXT] ? argv[TOK_TEXT] : ""); -@@ -378,11 +411,11 @@ - print_out(argv[TOK_CHAN], message); - } - --static int read_line(int fd, size_t res_len, char *buf) { -+static int read_line(int fd, size_t res_len, char *buf, int from_server) { - size_t i = 0; - char c = 0; - do { -- if(read(fd, &c, sizeof(char)) != sizeof(char)) -+ if(READ(fd, &c) != sizeof(char)) - return -1; - buf[i++] = c; - } -@@ -393,7 +426,7 @@ - - static void handle_channels_input(Channel *c) { - static char buf[PIPE_BUF]; -- if(read_line(c->fd, PIPE_BUF, buf) == -1) { -+ if(read_line(c->fd, PIPE_BUF, buf, 0) == -1) { - close(c->fd); - int fd = open_channel(c->name); - if(fd != -1) -@@ -407,7 +440,7 @@ - - static void handle_server_output() { - static char buf[PIPE_BUF]; -- if(read_line(irc, PIPE_BUF, buf) == -1) { -+ if(read_line(irc->irc, PIPE_BUF, buf, 1) == -1) { - perror("ii: remote host closed connection"); - exit(EXIT_FAILURE); - } -@@ -424,8 +457,8 @@ - snprintf(ping_msg, sizeof(ping_msg), "PING %s\r\n", host); - for(;;) { - FD_ZERO(&rd); -- maxfd = irc; -- FD_SET(irc, &rd); -+ maxfd = irc->irc; -+ FD_SET(irc->irc, &rd); - for(c = channels; c; c = c->next) { - if(maxfd < c->fd) - maxfd = c->fd; -@@ -445,10 +478,10 @@ - print_out(NULL, "-!- ii shutting down: ping timeout"); - exit(EXIT_FAILURE); - } -- write(irc, ping_msg, strlen(ping_msg)); -+ WRITE(irc, ping_msg); - continue; - } -- if(FD_ISSET(irc, &rd)) { -+ if(FD_ISSET(irc->irc, &rd)) { - handle_server_output(); - last_response = time(NULL); - } -@@ -478,12 +511,15 @@ - case 'i': snprintf(prefix,sizeof(prefix),"%s", argv[++i]); break; - case 's': host = argv[++i]; break; - case 'p': port = strtol(argv[++i], NULL, 10); break; -+ case 'e': use_ssl = 1; ++i; break; - case 'n': snprintf(nick,sizeof(nick),"%s", argv[++i]); break; - case 'k': key = argv[++i]; break; - case 'f': fullname = argv[++i]; break; - default: usage(); break; - } - } -+ if(use_ssl) -+ port = port == SERVER_PORT ? SSL_SERVER_PORT : port; - irc = tcpopen(port); - if(!snprintf(path, sizeof(path), "%s/%s", prefix, host)) { - fprintf(stderr, "%s", "ii: path to irc directory too long\n"); diff --git a/tools.suckless.org/ii/patches/ii-1.6-ssl.diff b/tools.suckless.org/ii/patches/ii-1.6-ssl.diff @@ -0,0 +1,225 @@ +diff -r 1b2227123889 config.mk +--- a/config.mk Mon Jan 31 21:47:02 2011 +0100 ++++ b/config.mk Thu May 26 21:27:18 2011 -0700 +@@ -16,7 +16,7 @@ + + # includes and libs + INCLUDES = -I. -I${INCDIR} -I/usr/include +-LIBS = -L${LIBDIR} -L/usr/lib -lc ++LIBS = -L${LIBDIR} -L/usr/lib -lc -lssl -lcrypto + # uncomment and comment other variables for compiling on Solaris + #LIBS = -L${LIBDIR} -L/usr/lib -lc -lsocket -lnsl + #CFLAGS = -g ${INCLUDES} -DVERSION=\"${VERSION}\" +diff -r 1b2227123889 ii.1 +--- a/ii.1 Mon Jan 31 21:47:02 2011 +0100 ++++ b/ii.1 Thu May 26 21:27:18 2011 -0700 +@@ -25,6 +25,8 @@ + .IR servername ] + .RB [ \-p + .IR port ] ++.RB [ \-e ++.IR ssl ] + .RB [ \-k + .IR password ] + .RB [ \-i +@@ -42,6 +44,9 @@ + .BI \-p " port" + lets you override the default port (6667) + .TP ++.BI \-e " ssl" ++lets you connect using ssl encryption. The default ssl port is 6697. ++.TP + .BI \-k " password" + lets you use a password to authenticate your nick on the server + (be aware of the problem that this is visible in the process list, if you +diff -r 1b2227123889 ii.c +--- a/ii.c Mon Jan 31 21:47:02 2011 +0100 ++++ b/ii.c Thu May 26 21:27:18 2011 -0700 +@@ -17,12 +17,23 @@ + #include <ctype.h> + #include <time.h> + #include <unistd.h> ++#include <openssl/rand.h> ++#include <openssl/ssl.h> ++#include <openssl/err.h> + + #ifndef PIPE_BUF /* FreeBSD don't know PIPE_BUF */ + #define PIPE_BUF 4096 + #endif + #define PING_TIMEOUT 300 + #define SERVER_PORT 6667 ++#define SSL_SERVER_PORT 6697 ++#define WRITE(con, mes, len) (use_ssl ? SSL_write(irc->sslHandle, mes, len) : write(con->irc, mes, len)) ++#define READ(fd, buf, size) (from_server && use_ssl ? SSL_read(irc->sslHandle, buf, size) : read(fd, buf, size)) ++typedef struct { ++ int irc; ++ SSL *sslHandle; ++ SSL_CTX *sslContext; ++} conn; + enum { TOK_NICKSRV = 0, TOK_USER, TOK_CMD, TOK_CHAN, TOK_ARG, TOK_TEXT, TOK_LAST }; + + typedef struct Channel Channel; +@@ -32,7 +43,8 @@ + Channel *next; + }; + +-static int irc; ++conn *irc; ++static int use_ssl; + static time_t last_response; + static Channel *channels = NULL; + static char *host = "irc.freenode.net"; +@@ -45,7 +57,7 @@ + "ii - irc it - " VERSION "\n" + "(C)opyright MMV-MMVI Anselm R. Garbe\n" + "(C)opyright MMV-MMXI Nico Golde\n" +- "usage: ii [-i <irc dir>] [-s <host>] [-p <port>]\n" ++ "usage: ii [-i <irc dir>] [-s <host>] [-p <port>] [-e ssl]\n" + " [-n <nick>] [-k <password>] [-f <fullname>]\n"); + exit(EXIT_SUCCESS); + } +@@ -148,11 +160,12 @@ + nick, nick, host, fullname ? fullname : nick); + else snprintf(message, PIPE_BUF, "NICK %s\r\nUSER %s localhost %s :%s\r\n", + nick, nick, host, fullname ? fullname : nick); +- write(irc, message, strlen(message)); /* login */ ++ WRITE(irc, message, strlen(message)); /* login */ + } + +-static int tcpopen(unsigned short port) { ++conn *tcpopen(unsigned short port) { + int fd; ++ conn *c; + struct sockaddr_in sin; + struct hostent *hp = gethostbyname(host); + +@@ -172,7 +185,22 @@ + perror("ii: cannot connect to host"); + exit(EXIT_FAILURE); + } +- return fd; ++ c = malloc(sizeof(conn)); ++ c->irc = fd; ++ if(use_ssl) { ++ c->sslHandle = NULL; ++ c->sslContext = NULL; ++ SSL_load_error_strings(); ++ SSL_library_init(); ++ c->sslContext = SSL_CTX_new(SSLv23_client_method()); ++ if(c->sslContext == NULL) ++ ERR_print_errors_fp(stderr); ++ c->sslHandle = SSL_new(c->sslContext); ++ if(!SSL_set_fd(c->sslHandle, c->irc) ++ || (SSL_connect(c->sslHandle) != 1)) ++ ERR_print_errors_fp(stderr); ++ } ++ return c; + } + + static size_t tokenize(char **result, size_t reslen, char *str, char delim) { +@@ -219,7 +247,7 @@ + snprintf(message, PIPE_BUF, "<%s> %s", nick, buf); + print_out(channel, message); + snprintf(message, PIPE_BUF, "PRIVMSG %s :%s\r\n", channel, buf); +- write(irc, message, strlen(message)); ++ WRITE(irc, message, strlen(message)); + } + + static void proc_channels_input(Channel *c, char *buf) { +@@ -275,7 +303,7 @@ + else + snprintf(message, PIPE_BUF, + "PART %s :ii - 500 SLOC are too much\r\n", c->name); +- write(irc, message, strlen(message)); ++ WRITE(irc, message, strlen(message)); + close(c->fd); + /*create_filepath(infile, sizeof(infile), c->name, "in"); + unlink(infile); */ +@@ -290,7 +318,7 @@ + snprintf(message, PIPE_BUF, "%s\r\n", &buf[1]); + + if (message[0] != '\0') +- write(irc, message, strlen(message)); ++ WRITE(irc, message, strlen(message)); + } + + static void proc_server_cmd(char *buf) { +@@ -341,7 +369,7 @@ + return; + } else if(!strncmp("PING", argv[TOK_CMD], 5)) { + snprintf(message, PIPE_BUF, "PONG %s\r\n", argv[TOK_TEXT]); +- write(irc, message, strlen(message)); ++ WRITE(irc, message, strlen(message)); + return; + } else if(!argv[TOK_NICKSRV] || !argv[TOK_USER]) { /* server command */ + snprintf(message, PIPE_BUF, "%s%s", argv[TOK_ARG] ? argv[TOK_ARG] : "", argv[TOK_TEXT] ? argv[TOK_TEXT] : ""); +@@ -379,11 +407,11 @@ + print_out(argv[TOK_CHAN], message); + } + +-static int read_line(int fd, size_t res_len, char *buf) { ++static int read_line(int fd, size_t res_len, char *buf, int from_server) { + size_t i = 0; + char c = 0; + do { +- if(read(fd, &c, sizeof(char)) != sizeof(char)) ++ if(READ(fd, &c, sizeof(char)) != sizeof(char)) + return -1; + buf[i++] = c; + } +@@ -394,7 +422,7 @@ + + static void handle_channels_input(Channel *c) { + static char buf[PIPE_BUF]; +- if(read_line(c->fd, PIPE_BUF, buf) == -1) { ++ if(read_line(c->fd, PIPE_BUF, buf, 0) == -1) { + close(c->fd); + int fd = open_channel(c->name); + if(fd != -1) +@@ -408,7 +436,7 @@ + + static void handle_server_output() { + static char buf[PIPE_BUF]; +- if(read_line(irc, PIPE_BUF, buf) == -1) { ++ if(read_line(irc->irc, PIPE_BUF, buf, 1) == -1) { + perror("ii: remote host closed connection"); + exit(EXIT_FAILURE); + } +@@ -425,8 +453,8 @@ + snprintf(ping_msg, sizeof(ping_msg), "PING %s\r\n", host); + for(;;) { + FD_ZERO(&rd); +- maxfd = irc; +- FD_SET(irc, &rd); ++ maxfd = irc->irc; ++ FD_SET(irc->irc, &rd); + for(c = channels; c; c = c->next) { + if(maxfd < c->fd) + maxfd = c->fd; +@@ -446,10 +474,10 @@ + print_out(NULL, "-!- ii shutting down: ping timeout"); + exit(EXIT_FAILURE); + } +- write(irc, ping_msg, strlen(ping_msg)); ++ WRITE(irc, ping_msg, strlen(ping_msg)); + continue; + } +- if(FD_ISSET(irc, &rd)) { ++ if(FD_ISSET(irc->irc, &rd)) { + handle_server_output(); + last_response = time(NULL); + } +@@ -481,10 +509,13 @@ + case 'p': port = strtol(argv[++i], NULL, 10); break; + case 'n': snprintf(nick,sizeof(nick),"%s", argv[++i]); break; + case 'k': key = argv[++i]; break; ++ case 'e': use_ssl = 1; ++i; break; + case 'f': fullname = argv[++i]; break; + default: usage(); break; + } + } ++ if(use_ssl) ++ port = port == SERVER_PORT ? SSL_SERVER_PORT : port; + irc = tcpopen(port); + if(!snprintf(path, sizeof(path), "%s/%s", prefix, host)) { + fprintf(stderr, "%s", "ii: path to irc directory too long\n"); diff --git a/tools.suckless.org/ii/patches/ssl.md b/tools.suckless.org/ii/patches/ssl.md @@ -5,12 +5,12 @@ Description ----------- Adds ssl encryption support via the `-e ssl` argument. It will use the default port of 6697 unless -a port is been specified with the -p flag. +an alternative port is specified with the -p flag. Download -------- -* [ii-1.4-ssl.diff](ii-1.4-ssl.diff) +* [ii-1.6-ssl.diff](ii-1.6-ssl.diff) Author ------