diff options
Diffstat (limited to 'vchat-protocol.c')
| -rwxr-xr-x | vchat-protocol.c | 28 |
1 files changed, 12 insertions, 16 deletions
diff --git a/vchat-protocol.c b/vchat-protocol.c index b077411..6532fbb 100755 --- a/vchat-protocol.c +++ b/vchat-protocol.c | |||
| @@ -24,11 +24,12 @@ | |||
| 24 | #include <sys/socket.h> | 24 | #include <sys/socket.h> |
| 25 | #include <netinet/in.h> | 25 | #include <netinet/in.h> |
| 26 | #include <readline/readline.h> | 26 | #include <readline/readline.h> |
| 27 | #include <openssl/ssl.h> | ||
| 28 | #include <openssl/err.h> | ||
| 29 | #include <locale.h> | 27 | #include <locale.h> |
| 30 | #include <langinfo.h> | 28 | #include <langinfo.h> |
| 31 | 29 | ||
| 30 | // TO BE GONE | ||
| 31 | #include <openssl/bio.h> | ||
| 32 | |||
| 32 | /* local includes */ | 33 | /* local includes */ |
| 33 | #include "vchat.h" | 34 | #include "vchat.h" |
| 34 | #include "vchat-user.h" | 35 | #include "vchat-user.h" |
| @@ -108,7 +109,7 @@ vcconnect (char *server, char *port) | |||
| 108 | char *tildex = NULL; | 109 | char *tildex = NULL; |
| 109 | 110 | ||
| 110 | /* vchat connection x509 store */ | 111 | /* vchat connection x509 store */ |
| 111 | vc_x509store_t vc_store; | 112 | vc_x509store_t *vc_store; |
| 112 | 113 | ||
| 113 | /* pointer to tilde-expanded certificate/keyfile-names */ | 114 | /* pointer to tilde-expanded certificate/keyfile-names */ |
| 114 | char *certfile = NULL, *keyfile = NULL; | 115 | char *certfile = NULL, *keyfile = NULL; |
| @@ -126,14 +127,9 @@ vcconnect (char *server, char *port) | |||
| 126 | 127 | ||
| 127 | /* If SSL is requested, get our ssl-BIO running */ | 128 | /* If SSL is requested, get our ssl-BIO running */ |
| 128 | if( server_conn && getintoption(CF_USESSL) ) { | 129 | if( server_conn && getintoption(CF_USESSL) ) { |
| 129 | static int sslinit; | 130 | vc_store = vc_init_x509store(); |
| 130 | if( !sslinit++ ) { | 131 | // XXX TODO: Check error (with new API) |
| 131 | SSL_library_init (); | 132 | vc_x509store_setflags(vc_store, VC_X509S_SSL_VERIFY_PEER); |
| 132 | SSL_load_error_strings(); | ||
| 133 | } | ||
| 134 | |||
| 135 | vc_init_x509store(&vc_store); | ||
| 136 | vc_x509store_setflags(&vc_store, VC_X509S_SSL_VERIFY_PEER); | ||
| 137 | 133 | ||
| 138 | /* get name of certificate file */ | 134 | /* get name of certificate file */ |
| 139 | certfile = getstroption (CF_CERTFILE); | 135 | certfile = getstroption (CF_CERTFILE); |
| @@ -145,8 +141,8 @@ vcconnect (char *server, char *port) | |||
| 145 | else | 141 | else |
| 146 | tildex = certfile; | 142 | tildex = certfile; |
| 147 | 143 | ||
| 148 | vc_x509store_setflags(&vc_store, VC_X509S_USE_CERTIFICATE); | 144 | vc_x509store_setflags(vc_store, VC_X509S_USE_CERTIFICATE); |
| 149 | vc_x509store_setcertfile(&vc_store, tildex); | 145 | vc_x509store_setcertfile(vc_store, tildex); |
| 150 | 146 | ||
| 151 | /* get name of key file */ | 147 | /* get name of key file */ |
| 152 | keyfile = getstroption (CF_KEYFILE); | 148 | keyfile = getstroption (CF_KEYFILE); |
| @@ -161,12 +157,12 @@ vcconnect (char *server, char *port) | |||
| 161 | else | 157 | else |
| 162 | tildex = keyfile; | 158 | tildex = keyfile; |
| 163 | 159 | ||
| 164 | vc_x509store_set_pkeycb(&vc_store, (vc_askpass_cb_t)passprompt); | 160 | vc_x509store_set_pkeycb(vc_store, (vc_askpass_cb_t)passprompt); |
| 165 | vc_x509store_setkeyfile(&vc_store, tildex); | 161 | vc_x509store_setkeyfile(vc_store, tildex); |
| 166 | } | 162 | } |
| 167 | 163 | ||
| 168 | /* upgrade our plain BIO to ssl */ | 164 | /* upgrade our plain BIO to ssl */ |
| 169 | if( vc_connect_ssl( &server_conn, &vc_store ) ) { | 165 | if( vc_connect_ssl( &server_conn, vc_store ) ) { |
| 170 | BIO_free_all( server_conn ); | 166 | BIO_free_all( server_conn ); |
| 171 | server_conn = NULL; | 167 | server_conn = NULL; |
| 172 | errno = EIO; | 168 | errno = EIO; |