From 6c30452b2849f57dbf621367e1fd5f92197965de Mon Sep 17 00:00:00 2001
From: Přemysl Janouch
Date: Tue, 9 Jan 2018 05:47:37 +0100
Subject: kike: thorough review, no functional changes
---
kike.c | 18 +++++++++++++++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/kike.c b/kike.c
index 4c97f0e..92fd482 100644
--- a/kike.c
+++ b/kike.c
@@ -226,6 +226,7 @@ irc_is_valid_hostaddr (const char *hostaddr)
return false;
}
+// TODO: we should actually use this, though what should we do on failure?
static bool
irc_is_valid_host (const char *host)
{
@@ -1563,7 +1564,7 @@ irc_handle_time (const struct irc_message *msg, struct client *c)
if (msg->params.len > 0 && !irc_is_this_me (c->ctx, msg->params.vector[0]))
RETURN_WITH_REPLY (c, IRC_ERR_NOSUCHSERVER, msg->params.vector[0]);
- char buf[32];
+ char buf[32] = "";
time_t now = time (NULL);
struct tm tm;
strftime (buf, sizeof buf, "%a %b %d %Y %T", localtime_r (&now, &tm));
@@ -1840,7 +1841,7 @@ mode_processor_do_list (struct mode_processor *self,
break;
bool found = i != list->len;
- if ((found ^ self->adding))
+ if (found != self->adding)
{
if (self->adding)
strv_append (list, mask);
@@ -2131,6 +2132,7 @@ irc_send_rpl_list (struct client *c, const struct channel *chan)
int visible = 0;
for (struct channel_user *user = chan->users;
user; user = user->next)
+ // XXX: maybe we should skip IRC_USER_MODE_INVISIBLE
visible++;
irc_send_reply (c, IRC_RPL_LIST, chan->name, visible, chan->topic);
@@ -3470,8 +3472,18 @@ irc_ssl_verify_callback (int verify_ok, X509_STORE_CTX *ctx)
(void) verify_ok;
(void) ctx;
+ // RFC 5246: "If the client has sent a certificate with signing ability,
+ // a digitally-signed CertificateVerify message is sent to explicitly
+ // verify possession of the private key in the certificate."
+ //
+ // The handshake will fail if the client doesn't have a matching private
+ // key, see OpenSSL's tls_process_cert_verify(), and the CertificateVerify
+ // message cannot be skipped (except for a case where it doesn't matter).
+ // Thus we're fine checking just the cryptographic hash of the certificate.
+
// We only want to provide additional privileges based on the client's
- // certificate, so let's not terminate the connection because of a failure.
+ // certificate, so let's not terminate the connection because of a failure
+ // (especially since self-signed certificates are likely to be used).
return 1;
}
--
cgit v1.2.3-70-g09d2