From 7b3e0e0cf3eddd3537455a3605b04a48ee663f47 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?louiz=E2=80=99?= <louiz@louiz.org>
Date: Sun, 30 Apr 2017 15:04:40 +0200
Subject: =?UTF-8?q?Make=20botan=E2=80=99s=20policy=20configurable=20from?=
 =?UTF-8?q?=20a=20file?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

fix #3244
---
 src/network/tcp_socket_handler.cpp | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

(limited to 'src/network/tcp_socket_handler.cpp')

diff --git a/src/network/tcp_socket_handler.cpp b/src/network/tcp_socket_handler.cpp
index 02265ec..1bd5315 100644
--- a/src/network/tcp_socket_handler.cpp
+++ b/src/network/tcp_socket_handler.cpp
@@ -14,6 +14,8 @@
 #ifdef BOTAN_FOUND
 # include <botan/hex.h>
 # include <botan/tls_exceptn.h>
+# include <config/config.hpp>
+# include <utils/dirname.hpp>
 
 namespace
 {
@@ -22,11 +24,6 @@ namespace
       static Botan::AutoSeeded_RNG rng{};
       return rng;
     }
-    BiboumiTLSPolicy& get_policy()
-    {
-      static BiboumiTLSPolicy policy{};
-      return policy;
-    }
     Botan::TLS::Session_Manager_In_Memory& get_session_manager()
     {
       static Botan::TLS::Session_Manager_In_Memory session_manager{get_rng()};
@@ -233,6 +230,11 @@ void TCPSocketHandler::consume_in_buffer(const std::size_t size)
 void TCPSocketHandler::start_tls(const std::string& address, const std::string& port)
 {
   Botan::TLS::Server_Information server_info(address, "irc", std::stoul(port));
+  auto policy_directory = Config::get("policy_directory", utils::dirname(Config::get_filename()));
+  if (!policy_directory.empty() && policy_directory[policy_directory.size()-1] != '/')
+    policy_directory += '/';
+  this->policy.load(policy_directory + "policy.txt");
+  this->policy.load(policy_directory + address + ".policy.txt");
   this->tls = std::make_unique<Botan::TLS::Client>(
 # if BOTAN_VERSION_CODE >= BOTAN_VERSION_CODE_FOR(1,11,32)
       *this,
@@ -242,7 +244,7 @@ void TCPSocketHandler::start_tls(const std::string& address, const std::string&
       [this](Botan::TLS::Alert alert, const Botan::byte*, size_t) { this->tls_alert(alert); },
       [this](const Botan::TLS::Session& session) { return this->tls_session_established(session); },
 # endif
-      get_session_manager(), this->credential_manager, get_policy(),
+      get_session_manager(), this->credential_manager, this->policy,
       get_rng(), server_info, Botan::TLS::Protocol_Version::latest_tls_version());
 }
 
-- 
cgit v1.2.3