From 3612ac309895be690c8dc3080898dfb713b8a23e Mon Sep 17 00:00:00 2001 From: Luke Bratch Date: Sat, 30 Mar 2024 16:09:37 +0000 Subject: Implement changing client-side TLS certificate and key paths, and reloading certificate/key at runtime when doing a REHASH (BLABOUNCER command or SIGHUP). --- message.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'message.c') diff --git a/message.c b/message.c index c45f56b..f9e65a2 100644 --- a/message.c +++ b/message.c @@ -189,9 +189,9 @@ int processservermessage(SSL *server_ssl, char *str, struct client *clients, int if (strncmp(tokens[1], "JOIN", strlen(tokens[1])) == 0) { debugprint(DEBUG_FULL, "Server JOIN found and it is: %s with length %zd! Next token is '%s'. Adding to local channel list if it's us.\n", tokens[0], strlen(tokens[0]), tokens[2]); // Next token should be the channel name but it probably needs the leading ':' stripping - debugprint(DEBUG_FULL, "processircmessage(): Channel name was '%s'\n", tokens[2]); + debugprint(DEBUG_FULL, "processservermessage(): Channel name was '%s'\n", tokens[2]); stripprefix(tokens[2], 1); - debugprint(DEBUG_FULL, "processircmessage(): Channel name now '%s'\n", tokens[2]); + debugprint(DEBUG_FULL, "processservermessage(): Channel name now '%s'\n", tokens[2]); // If the user JOINing is us, then we must have joined a channel, so add to our local channel array. // Copy to a temporary string so we still have the original in case we need it @@ -850,7 +850,8 @@ int processservermessage(SSL *server_ssl, char *str, struct client *clients, int // Process an IRC message that came from a client. // Return 1 if we processed it, or 0 if we didn't. int processclientmessage(SSL *server_ssl, char *str, struct client *clients, int sourcefd, struct ircdstate *ircdstate, - struct channel *channels, struct settings *settings, char tokens[MAXTOKENS][MAXDATASIZE], int counter, struct clientcodes *clientcodes) { + struct channel *channels, struct settings *settings, char tokens[MAXTOKENS][MAXDATASIZE], int counter, + struct clientcodes *clientcodes, SSL_CTX *ctx) { // Index of client fd in clients array for use later int clientindex = arrindex(clients, sourcefd); if (clientindex < 0) { @@ -999,7 +1000,7 @@ int processclientmessage(SSL *server_ssl, char *str, struct client *clients, int sendtoclient(sourcefd, outgoingmsg, clients, settings, 0); snprintf(outgoingmsg, MAXDATASIZE, "NOTICE %s :\"BLABOUNCER REPLAY [[[days:]hours:]minutes]\" (To replay a given length of time of replay log.)", ircdstate->ircnick); sendtoclient(sourcefd, outgoingmsg, clients, settings, 0); - snprintf(outgoingmsg, MAXDATASIZE, "NOTICE %s :\"BLABOUNCER REHASH\" (To reload settings from the configuration file, see README for which settings can be reloaded.)", ircdstate->ircnick); + snprintf(outgoingmsg, MAXDATASIZE, "NOTICE %s :\"BLABOUNCER REHASH\" (To reload configuration file settings and the client-side TLS certificate/key - see README for details.)", ircdstate->ircnick); sendtoclient(sourcefd, outgoingmsg, clients, settings, 0); snprintf(outgoingmsg, MAXDATASIZE, "NOTICE %s :\"BLABOUNCER CLIENTCODE [clientcode]\" (To set an identifier for the current client for auto replaying just what this client has missed.)", ircdstate->ircnick); sendtoclient(sourcefd, outgoingmsg, clients, settings, 0); @@ -1422,7 +1423,7 @@ int processclientmessage(SSL *server_ssl, char *str, struct client *clients, int failuremsg[0] = '\0'; // Try to rehash... - if (!rehash(settings, failuremsg)) { + if (!rehash(settings, failuremsg, ctx)) { // ...or log and tell client if it failed debugprint(DEBUG_CRIT, "REHASH failed: %s.\n", failuremsg); if (!snprintf(outgoingmsg, MAXDATASIZE, "NOTICE %s :REHASH failed: %s.", ircdstate->ircnick, failuremsg)) { @@ -1545,7 +1546,7 @@ int processclientmessage(SSL *server_ssl, char *str, struct client *clients, int } snprintf(outgoingmsg, MAXDATASIZE, "NOTICE %s :\"BLABOUNCER REPLAY [[[days:]hours:]minutes]\" (To replay a given length of time of replay log.)", ircdstate->ircnick); sendtoclient(sourcefd, outgoingmsg, clients, settings, 0); - snprintf(outgoingmsg, MAXDATASIZE, "NOTICE %s :\"BLABOUNCER REHASH\" (To reload settings from the configuration file, see README for which settings can be reloaded.)", ircdstate->ircnick); + snprintf(outgoingmsg, MAXDATASIZE, "NOTICE %s :\"BLABOUNCER REHASH\" (To reload configuration file settings and the client-side TLS certificate/key - see README for details.)", ircdstate->ircnick); sendtoclient(sourcefd, outgoingmsg, clients, settings, 0); snprintf(outgoingmsg, MAXDATASIZE, "NOTICE %s :\"BLABOUNCER CLIENTCODE [clientcode]\" (To set an identifier for the current client for auto replaying just what this client has missed.)", ircdstate->ircnick); sendtoclient(sourcefd, outgoingmsg, clients, settings, 0); -- cgit v1.2.3