diff options
| author | Florent Le Coz <louiz@louiz.org> | 2015-12-30 21:34:11 +0100 |
|---|---|---|
| committer | Florent Le Coz <louiz@louiz.org> | 2016-01-04 13:47:27 +0100 |
| commit | 1f8333f23f060750673d0b7c573f2e2d12142adf (patch) | |
| tree | c6c92608402af2c5d89f39547bbeb4b9f76acd16 /src | |
| parent | a38b17692e0297cbd5d719f059bd0a1b6ef39fe4 (diff) | |
| download | biboumi-1f8333f23f060750673d0b7c573f2e2d12142adf.tar.gz biboumi-1f8333f23f060750673d0b7c573f2e2d12142adf.tar.bz2 biboumi-1f8333f23f060750673d0b7c573f2e2d12142adf.tar.xz biboumi-1f8333f23f060750673d0b7c573f2e2d12142adf.zip | |
Support a trusted SHA1 fingerprint to be configured for each IRC server
Diffstat (limited to 'src')
| -rw-r--r-- | src/irc/irc_client.cpp | 7 | ||||
| -rw-r--r-- | src/xmpp/biboumi_adhoc_commands.cpp | 22 |
2 files changed, 28 insertions, 1 deletions
diff --git a/src/irc/irc_client.cpp b/src/irc/irc_client.cpp index e71d38c..1a83446 100644 --- a/src/irc/irc_client.cpp +++ b/src/irc/irc_client.cpp @@ -89,6 +89,13 @@ void IrcClient::start() this->bind_addr = Config::get("outgoing_bind", ""); +#ifdef BOTAN_FOUND +# ifdef USE_DATABASE + auto options = Database::get_irc_server_options(this->bridge.get_bare_jid(), + this->get_hostname()); + this->credential_manager.set_trusted_fingerprint(options.trustedFingerprint); +# endif +#endif this->connect(this->hostname, port, tls); } diff --git a/src/xmpp/biboumi_adhoc_commands.cpp b/src/xmpp/biboumi_adhoc_commands.cpp index be755e9..7c157cb 100644 --- a/src/xmpp/biboumi_adhoc_commands.cpp +++ b/src/xmpp/biboumi_adhoc_commands.cpp @@ -175,6 +175,19 @@ void ConfigureIrcServerStep1(XmppComponent&, AdhocSession& session, XmlNode& com verify_cert_value.set_inner("false"); verify_cert.add_child(std::move(verify_cert_value)); x.add_child(std::move(verify_cert)); + + XmlNode fingerprint("field"); + fingerprint["var"] = "fingerprint"; + fingerprint["type"] = "text-single"; + fingerprint["label"] = "SHA-1 fingerprint of the TLS certificate to trust."; + if (!options.trustedFingerprint.value().empty()) + { + XmlNode fingerprint_value("value"); + fingerprint_value.set_inner(options.trustedFingerprint.value()); + fingerprint.add_child(std::move(fingerprint_value)); + } + fingerprint.add_child(required); + x.add_child(std::move(fingerprint)); #endif XmlNode pass("field"); @@ -295,12 +308,19 @@ void ConfigureIrcServerStep2(XmppComponent&, AdhocSession& session, XmlNode& com options.tlsPorts = ports; } - else if (field->get_tag("var") == "verify_cert" && value + else if (field->get_tag("var") == "verify_cert" && value && !value->get_inner().empty()) { auto val = to_bool(value->get_inner()); options.verifyCert = val; } + + else if (field->get_tag("var") == "fingerprint" && value && + !value->get_inner().empty()) + { + options.trustedFingerprint = value->get_inner(); + } + #endif // BOTAN_FOUND else if (field->get_tag("var") == "pass" && |