diff options
author | Dirk Engling <erdgeist@erdgeist.org> | 2016-04-15 13:50:58 +0200 |
---|---|---|
committer | Dirk Engling <erdgeist@erdgeist.org> | 2016-04-15 13:50:58 +0200 |
commit | 3ff11bc9ec47ea24e578444ffc9985884f32038b (patch) | |
tree | 039846a8280dcb8e6377b2caa9fa1f741e865d12 /vchat-ssl.c | |
parent | fa05d4cd2867e856311330f5e647819e7a1312a3 (diff) |
add chomp
Diffstat (limited to 'vchat-ssl.c')
-rwxr-xr-x | vchat-ssl.c | 23 |
1 files changed, 14 insertions, 9 deletions
diff --git a/vchat-ssl.c b/vchat-ssl.c index e584f6c..ef5b96e 100755 --- a/vchat-ssl.c +++ b/vchat-ssl.c | |||
@@ -221,7 +221,7 @@ int vc_connect_ssl( BIO **conn, vc_x509store_t *vc_store ) | |||
221 | assert ( ( fingerprint_len > 1 ) && (fingerprint_len * 3 < TMPSTRSIZE )); | 221 | assert ( ( fingerprint_len > 1 ) && (fingerprint_len * 3 < TMPSTRSIZE )); |
222 | char * nf = new_fingerprint; | 222 | char * nf = new_fingerprint; |
223 | for (j=0; j<(int)fingerprint_len; j++) | 223 | for (j=0; j<(int)fingerprint_len; j++) |
224 | nf += snprintf(nf, 3, "%02X:", fingerprint_bin[j]); | 224 | nf += snprintf(nf, 4, "%02X:", fingerprint_bin[j]); |
225 | assert ( nf > new_fingerprint ); | 225 | assert ( nf > new_fingerprint ); |
226 | nf[-1] = 0; | 226 | nf[-1] = 0; |
227 | snprintf(tmpstr, TMPSTRSIZE, "[SSL FINGERPRINT ] from server: %s", new_fingerprint); | 227 | snprintf(tmpstr, TMPSTRSIZE, "[SSL FINGERPRINT ] from server: %s", new_fingerprint); |
@@ -236,15 +236,20 @@ int vc_connect_ssl( BIO **conn, vc_x509store_t *vc_store ) | |||
236 | char * r = fgets(old_fingerprint, TMPSTRSIZE, fingerprint_file); | 236 | char * r = fgets(old_fingerprint, TMPSTRSIZE, fingerprint_file); |
237 | fclose(fingerprint_file); | 237 | fclose(fingerprint_file); |
238 | 238 | ||
239 | /* verify fingerprint matches stored version */ | 239 | if (r) { |
240 | if ( r &&!strncmp(new_fingerprint, old_fingerprint, TMPSTRSIZE)) | 240 | // chomp |
241 | return 0; | 241 | char *nl = strchr(r, '\n'); |
242 | else { | 242 | if (nl) *nl = 0; |
243 | snprintf(tmpstr, TMPSTRSIZE, "[SSL FINGERPRINT ] from %s: %s", getstroption(CF_FINGERPRINT), r ? old_fingerprint : "<FILE READ ERROR>" ); | 243 | |
244 | writecf(FS_ERR, tmpstr); | 244 | /* verify fingerprint matches stored version */ |
245 | writecf(FS_ERR, "[SSL CONNECT ERROR] Fingerprint mismatch! Server cert updated?"); | 245 | if (!strcmp(new_fingerprint, old_fingerprint)) |
246 | return 1; | 246 | return 0; |
247 | } | 247 | } |
248 | |||
249 | snprintf(tmpstr, TMPSTRSIZE, "[SSL FINGERPRINT ] from %s: %s", getstroption(CF_FINGERPRINT), r ? old_fingerprint : "<FILE READ ERROR>" ); | ||
250 | writecf(FS_ERR, tmpstr); | ||
251 | writecf(FS_ERR, "[SSL CONNECT ERROR] Fingerprint mismatch! Server cert updated?"); | ||
252 | return 1; | ||
248 | } else { | 253 | } else { |
249 | /* FIXME: there might be other errors than missing file */ | 254 | /* FIXME: there might be other errors than missing file */ |
250 | fingerprint_file = fopen(tilde_expand(getstroption(CF_FINGERPRINT)), "w"); | 255 | fingerprint_file = fopen(tilde_expand(getstroption(CF_FINGERPRINT)), "w"); |