From a903f16c68dbcdf812d2e47e2cc3caff34d99176 Mon Sep 17 00:00:00 2001
From: TingPing <tingping@tingping.se>
Date: Mon, 2 Sep 2013 14:24:37 -0400
Subject: Implement BLOWFISh, AES, and EXTERNAL SASL mechanisms Closes #657

---
 src/fe-gtk/servlistgui.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'src/fe-gtk')

diff --git a/src/fe-gtk/servlistgui.c b/src/fe-gtk/servlistgui.c
index 94cb209f..62049bd2 100644
--- a/src/fe-gtk/servlistgui.c
+++ b/src/fe-gtk/servlistgui.c
@@ -120,6 +120,7 @@ static int login_types_conf[] =
 {
 	LOGIN_DEFAULT,			/* default entry - we don't use this but it makes indexing consistent with login_types[] so it's nice */
 	LOGIN_SASL,
+	LOGIN_SASLEXTERNAL,
 	LOGIN_PASS,
 	LOGIN_MSG_NICKSERV,
 	LOGIN_NICKSERV,
@@ -136,6 +137,7 @@ static const char *login_types[]=
 {
 	"Default",
 	"SASL (username + password)",
+	"SASL EXTERNAL (cert)",
 	"Server Password (/PASS password)",
 	"NickServ (/MSG NickServ + password)",
 	"NickServ (/NICKSERV + password)",
@@ -1513,6 +1515,12 @@ servlist_logintypecombo_cb (GtkComboBox *cb, gpointer *userdata)
 	{
 		gtk_notebook_set_current_page (GTK_NOTEBOOK (userdata), 2);		/* FIXME avoid hardcoding? */
 	}
+	
+	/* EXTERNAL uses a cert, not a pass */
+	if (login_types_conf[index] == LOGIN_SASLEXTERNAL)
+		gtk_widget_set_sensitive (edit_entry_pass, FALSE);
+	else
+		gtk_widget_set_sensitive (edit_entry_pass, TRUE);
 }
 
 
@@ -1816,6 +1824,8 @@ servlist_open_edit (GtkWidget *parent, ircnet *net)
 
 	edit_entry_pass = servlist_create_entry (table3, _("Password:"), 11, net->pass, 0, _("Password used for login. If in doubt, leave blank."));
 	gtk_entry_set_visibility (GTK_ENTRY (edit_entry_pass), FALSE);
+	if (selected_net && selected_net->logintype == LOGIN_SASLEXTERNAL)
+		gtk_widget_set_sensitive (edit_entry_pass, FALSE);
 
 	label34 = gtk_label_new (_("Character set:"));
 	gtk_table_attach (GTK_TABLE (table3), label34, 0, 1, 12, 13, (GtkAttachOptions) (GTK_FILL), (GtkAttachOptions) (0), SERVLIST_X_PADDING, SERVLIST_Y_PADDING);
-- 
cgit 1.4.1


From bdb18828e36340c1800a0eec9f4b5edc6ffae2b2 Mon Sep 17 00:00:00 2001
From: TingPing <tingping@tingping.se>
Date: Wed, 4 Sep 2013 17:34:57 -0400
Subject: Disable challangeauth without openssl

---
 src/common/proto-irc.c   | 5 +++--
 src/common/util.c        | 2 ++
 src/fe-gtk/servlistgui.c | 8 ++++++++
 3 files changed, 13 insertions(+), 2 deletions(-)

(limited to 'src/fe-gtk')

diff --git a/src/common/proto-irc.c b/src/common/proto-irc.c
index a7260896..250a2937 100644
--- a/src/common/proto-irc.c
+++ b/src/common/proto-irc.c
@@ -1151,7 +1151,6 @@ process_named_msg (session *sess, char *type, char *word[], char *word_eol[],
 		case WORDL('N','O','T','I'):
 			{
 				int id = FALSE;								/* identified */
-				char *response;
 
 				text = word_eol[4];
 				if (*text == ':')
@@ -1159,9 +1158,10 @@ process_named_msg (session *sess, char *type, char *word[], char *word_eol[],
 					text++;
 				}
 
+#ifdef USE_OPENSSL
 				if (!strncmp (text, "CHALLENGE ", 10))		/* QuakeNet CHALLENGE upon our request */
 				{
-					response = challengeauth_response (((ircnet *)serv->network)->user ? ((ircnet *)serv->network)->user : prefs.hex_irc_user_name, serv->password, word[5]);
+					char *response = challengeauth_response (((ircnet *)serv->network)->user ? ((ircnet *)serv->network)->user : prefs.hex_irc_user_name, serv->password, word[5]);
 
 					tcp_sendf (serv, "PRIVMSG %s :CHALLENGEAUTH %s %s %s\r\n",
 						CHALLENGEAUTH_NICK,
@@ -1172,6 +1172,7 @@ process_named_msg (session *sess, char *type, char *word[], char *word_eol[],
 					g_free (response);
 					return;									/* omit the CHALLENGE <hash> ALGOS message */
 				}
+#endif
 
 				if (serv->have_idmsg)
 				{
diff --git a/src/common/util.c b/src/common/util.c
index 374da6e5..9771b1f6 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -2210,6 +2210,7 @@ find_font (const char *fontname)
 }
 #endif
 
+#ifdef USE_OPENSSL
 static char *
 str_sha256hash (char *string)
 {
@@ -2285,3 +2286,4 @@ challengeauth_response (char *username, char *password, char *challenge)
 
 	return (char *) digest;
 }
+#endif
diff --git a/src/fe-gtk/servlistgui.c b/src/fe-gtk/servlistgui.c
index 62049bd2..ef5b57cd 100644
--- a/src/fe-gtk/servlistgui.c
+++ b/src/fe-gtk/servlistgui.c
@@ -120,11 +120,15 @@ static int login_types_conf[] =
 {
 	LOGIN_DEFAULT,			/* default entry - we don't use this but it makes indexing consistent with login_types[] so it's nice */
 	LOGIN_SASL,
+#ifdef USE_OPENSSL
 	LOGIN_SASLEXTERNAL,
+#endif
 	LOGIN_PASS,
 	LOGIN_MSG_NICKSERV,
 	LOGIN_NICKSERV,
+#ifdef USE_OPENSSL
 	LOGIN_CHALLENGEAUTH,
+#endif
 	LOGIN_CUSTOM
 #if 0
 	LOGIN_NS,
@@ -137,11 +141,15 @@ static const char *login_types[]=
 {
 	"Default",
 	"SASL (username + password)",
+#ifdef USE_OPENSSL
 	"SASL EXTERNAL (cert)",
+#endif
 	"Server Password (/PASS password)",
 	"NickServ (/MSG NickServ + password)",
 	"NickServ (/NICKSERV + password)",
+#ifdef USE_OPENSSL
 	"Challenge Auth (username + password)",
+#endif
 	"Custom... (connect commands)",
 #if 0
 	"NickServ (/NS + password)",
-- 
cgit 1.4.1