summaryrefslogtreecommitdiff
path: root/vchat-ssl.c
diff options
context:
space:
mode:
authorDirk Engling <erdgeist@erdgeist.org>2016-04-15 13:50:58 +0200
committerDirk Engling <erdgeist@erdgeist.org>2016-04-15 13:50:58 +0200
commit3ff11bc9ec47ea24e578444ffc9985884f32038b (patch)
tree039846a8280dcb8e6377b2caa9fa1f741e865d12 /vchat-ssl.c
parentfa05d4cd2867e856311330f5e647819e7a1312a3 (diff)
add chomp
Diffstat (limited to 'vchat-ssl.c')
-rwxr-xr-xvchat-ssl.c23
1 files changed, 14 insertions, 9 deletions
diff --git a/vchat-ssl.c b/vchat-ssl.c
index e584f6c..ef5b96e 100755
--- a/vchat-ssl.c
+++ b/vchat-ssl.c
@@ -221,7 +221,7 @@ int vc_connect_ssl( BIO **conn, vc_x509store_t *vc_store )
221 assert ( ( fingerprint_len > 1 ) && (fingerprint_len * 3 < TMPSTRSIZE )); 221 assert ( ( fingerprint_len > 1 ) && (fingerprint_len * 3 < TMPSTRSIZE ));
222 char * nf = new_fingerprint; 222 char * nf = new_fingerprint;
223 for (j=0; j<(int)fingerprint_len; j++) 223 for (j=0; j<(int)fingerprint_len; j++)
224 nf += snprintf(nf, 3, "%02X:", fingerprint_bin[j]); 224 nf += snprintf(nf, 4, "%02X:", fingerprint_bin[j]);
225 assert ( nf > new_fingerprint ); 225 assert ( nf > new_fingerprint );
226 nf[-1] = 0; 226 nf[-1] = 0;
227 snprintf(tmpstr, TMPSTRSIZE, "[SSL FINGERPRINT ] from server: %s", new_fingerprint); 227 snprintf(tmpstr, TMPSTRSIZE, "[SSL FINGERPRINT ] from server: %s", new_fingerprint);
@@ -236,15 +236,20 @@ int vc_connect_ssl( BIO **conn, vc_x509store_t *vc_store )
236 char * r = fgets(old_fingerprint, TMPSTRSIZE, fingerprint_file); 236 char * r = fgets(old_fingerprint, TMPSTRSIZE, fingerprint_file);
237 fclose(fingerprint_file); 237 fclose(fingerprint_file);
238 238
239 /* verify fingerprint matches stored version */ 239 if (r) {
240 if ( r &&!strncmp(new_fingerprint, old_fingerprint, TMPSTRSIZE)) 240 // chomp
241 return 0; 241 char *nl = strchr(r, '\n');
242 else { 242 if (nl) *nl = 0;
243 snprintf(tmpstr, TMPSTRSIZE, "[SSL FINGERPRINT ] from %s: %s", getstroption(CF_FINGERPRINT), r ? old_fingerprint : "<FILE READ ERROR>" ); 243
244 writecf(FS_ERR, tmpstr); 244 /* verify fingerprint matches stored version */
245 writecf(FS_ERR, "[SSL CONNECT ERROR] Fingerprint mismatch! Server cert updated?"); 245 if (!strcmp(new_fingerprint, old_fingerprint))
246 return 1; 246 return 0;
247 } 247 }
248
249 snprintf(tmpstr, TMPSTRSIZE, "[SSL FINGERPRINT ] from %s: %s", getstroption(CF_FINGERPRINT), r ? old_fingerprint : "<FILE READ ERROR>" );
250 writecf(FS_ERR, tmpstr);
251 writecf(FS_ERR, "[SSL CONNECT ERROR] Fingerprint mismatch! Server cert updated?");
252 return 1;
248 } else { 253 } else {
249 /* FIXME: there might be other errors than missing file */ 254 /* FIXME: there might be other errors than missing file */
250 fingerprint_file = fopen(tilde_expand(getstroption(CF_FINGERPRINT)), "w"); 255 fingerprint_file = fopen(tilde_expand(getstroption(CF_FINGERPRINT)), "w");