diff options
author | Sadie Powell <sadie@witchery.services> | 2022-09-24 15:33:20 +0100 |
---|---|---|
committer | Patrick <tingping@tingping.se> | 2022-10-16 15:35:43 -0500 |
commit | 8fb0d2311fc249b6b4f6beae7ccd135f913f0e47 (patch) | |
tree | 9dbb79d3f3be6a9d79a86b7777e455e3c6c8e6ab /src | |
parent | 2dbc6adbc23701653e5a32fad42390f461881d7e (diff) |
Default /SERVER and friends to use SSL when built with OpenSSL.
Since commit 747a52aae8806a9072a23ea68212767f352ac431 users have to opt-out of using SSL when creating a new server. This commit makes it so /SERVER also uses SSL by default. In order to connect insecurely users must now use one of these methods: /SERVER -insecure irc.example.com /SERVER irc.example.com -6667 The `-ssl` flag and the `+port` syntax have been retained for compat reasons.
Diffstat (limited to 'src')
-rw-r--r-- | src/common/outbound.c | 29 |
1 files changed, 24 insertions, 5 deletions
diff --git a/src/common/outbound.c b/src/common/outbound.c index 6f0241be..5c4e01b0 100644 --- a/src/common/outbound.c +++ b/src/common/outbound.c @@ -3249,7 +3249,7 @@ cmd_reconnect (struct session *sess, char *tbuf, char *word[], char *word_eol[]) int offset = 0; #ifdef USE_OPENSSL - int use_ssl = FALSE; + int use_ssl = TRUE; int use_ssl_noverify = FALSE; if (g_strcmp0 (word[2], "-ssl") == 0) { @@ -3261,6 +3261,11 @@ cmd_reconnect (struct session *sess, char *tbuf, char *word[], char *word_eol[]) use_ssl = TRUE; use_ssl_noverify = TRUE; offset++; /* args move up by 1 word */ + } else if (g_strcmp0 (word[2], "-insecure") == 0) + { + use_ssl = FALSE; + use_ssl_noverify = FALSE; + offset++; /* args move up by 1 word */ } serv->use_ssl = use_ssl; serv->accept_invalid_cert = use_ssl_noverify; @@ -3450,8 +3455,10 @@ cmd_server (struct session *sess, char *tbuf, char *word[], char *word_eol[]) char *pass = NULL; char *channel = NULL; char *key = NULL; - int use_ssl = FALSE; +#ifdef USE_OPENSSL + int use_ssl = TRUE; int use_ssl_noverify = FALSE; +#endif int is_url = TRUE; server *serv = sess->server; ircnet *net = NULL; @@ -3469,6 +3476,11 @@ cmd_server (struct session *sess, char *tbuf, char *word[], char *word_eol[]) use_ssl_noverify = TRUE; offset++; /* args move up by 1 word */ } + else if (g_strcmp0 (word[2], "-insecure") == 0) + { + use_ssl = FALSE; + offset++; /* args move up by 1 word */ + } #endif if (!parse_irc_url (word[2 + offset], &server_name, &port, &channel, &key, &use_ssl)) @@ -3509,6 +3521,13 @@ cmd_server (struct session *sess, char *tbuf, char *word[], char *word_eol[]) use_ssl = TRUE; #endif } + else if (port[0] == '-') + { + port++; +#ifdef USE_OPENSSL + use_ssl = FALSE; +#endif + } if (*pass) { @@ -3564,7 +3583,7 @@ cmd_servchan (struct session *sess, char *tbuf, char *word[], int offset = 0; #ifdef USE_OPENSSL - if (g_strcmp0 (word[2], "-ssl") == 0 || g_strcmp0 (word[2], "-ssl-noverify") == 0) + if (g_strcmp0 (word[2], "-ssl") == 0 || g_strcmp0 (word[2], "-ssl-noverify") == 0 || g_strcmp0 (word[2], "-insecure") == 0) offset++; #endif @@ -4098,14 +4117,14 @@ const struct commands xc_cmds[] = { {"SEND", cmd_send, 0, 0, 1, N_("SEND <nick> [<file>]")}, #ifdef USE_OPENSSL {"SERVCHAN", cmd_servchan, 0, 0, 1, - N_("SERVCHAN [-ssl|-ssl-noverify] <host> <port> <channel>, connects and joins a channel")}, + N_("SERVCHAN [-insecure|-ssl|-ssl-noverify] <host> <port> <channel>, connects and joins a channel")}, #else {"SERVCHAN", cmd_servchan, 0, 0, 1, N_("SERVCHAN <host> <port> <channel>, connects and joins a channel")}, #endif #ifdef USE_OPENSSL {"SERVER", cmd_server, 0, 0, 1, - N_("SERVER [-ssl|-ssl-noverify] <host> [<port>] [<password>], connects to a server, the default port is 6667 for normal connections, and 6697 for ssl connections")}, + N_("SERVER [-insecure|-ssl|-ssl-noverify] <host> [<port>] [<password>], connects to a server, the default port is 6667 for insecure connections, and 6697 for ssl connections")}, #else {"SERVER", cmd_server, 0, 0, 1, N_("SERVER <host> [<port>] [<password>], connects to a server, the default port is 6667")}, |