From 6c30452b2849f57dbf621367e1fd5f92197965de Mon Sep 17 00:00:00 2001 From: Přemysl Janouch Date: Tue, 9 Jan 2018 05:47:37 +0100 Subject: kike: thorough review, no functional changes --- kike.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/kike.c b/kike.c index 4c97f0e..92fd482 100644 --- a/kike.c +++ b/kike.c @@ -226,6 +226,7 @@ irc_is_valid_hostaddr (const char *hostaddr) return false; } +// TODO: we should actually use this, though what should we do on failure? static bool irc_is_valid_host (const char *host) { @@ -1563,7 +1564,7 @@ irc_handle_time (const struct irc_message *msg, struct client *c) if (msg->params.len > 0 && !irc_is_this_me (c->ctx, msg->params.vector[0])) RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHSERVER, msg->params.vector[0]); - char buf[32]; + char buf[32] = ""; time_t now = time (NULL); struct tm tm; strftime (buf, sizeof buf, "%a %b %d %Y %T", localtime_r (&now, &tm)); @@ -1840,7 +1841,7 @@ mode_processor_do_list (struct mode_processor *self, break; bool found = i != list->len; - if ((found ^ self->adding)) + if (found != self->adding) { if (self->adding) strv_append (list, mask); @@ -2131,6 +2132,7 @@ irc_send_rpl_list (struct client *c, const struct channel *chan) int visible = 0; for (struct channel_user *user = chan->users; user; user = user->next) + // XXX: maybe we should skip IRC_USER_MODE_INVISIBLE visible++; irc_send_reply (c, IRC_RPL_LIST, chan->name, visible, chan->topic); @@ -3470,8 +3472,18 @@ irc_ssl_verify_callback (int verify_ok, X509_STORE_CTX *ctx) (void) verify_ok; (void) ctx; + // RFC 5246: "If the client has sent a certificate with signing ability, + // a digitally-signed CertificateVerify message is sent to explicitly + // verify possession of the private key in the certificate." + // + // The handshake will fail if the client doesn't have a matching private + // key, see OpenSSL's tls_process_cert_verify(), and the CertificateVerify + // message cannot be skipped (except for a case where it doesn't matter). + // Thus we're fine checking just the cryptographic hash of the certificate. + // We only want to provide additional privileges based on the client's - // certificate, so let's not terminate the connection because of a failure. + // certificate, so let's not terminate the connection because of a failure + // (especially since self-signed certificates are likely to be used). return 1; } -- cgit v1.2.3-70-g09d2