about summary refs log tree commit diff stats
path: root/src/event/server_events.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/event/server_events.c')
-rw-r--r--src/event/server_events.c57
1 files changed, 6 insertions, 51 deletions
diff --git a/src/event/server_events.c b/src/event/server_events.c
index 2663eb09..58add417 100644
--- a/src/event/server_events.c
+++ b/src/event/server_events.c
@@ -716,56 +716,22 @@ sv_ev_muc_occupant_online(const char *const room, const char *const nick, const
 }
 
 int
-sv_ev_certfail(const char *const errormsg, const char *const certname, const char *const certfp,
-    const char *const notbefore, const char *const notafter)
+sv_ev_certfail(const char *const errormsg, TLSCertificate *cert)
 {
     // check profanity trusted certs
-    if (tlscerts_exists(certfp)) {
+    if (tlscerts_exists(cert->fingerprint)) {
         return 1;
     }
 
     // check current cert
     char *current_fp = tlscerts_get_current();
-    if (current_fp && g_strcmp0(current_fp, certfp) == 0) {
+    if (current_fp && g_strcmp0(current_fp, cert->fingerprint) == 0) {
         return 1;
     }
 
-    char *domain = NULL;
-    char *org = NULL;
-    char *email = NULL;
-    gchar** fields = g_strsplit(certname, "/", 0);
-    int i = 0;
-    for (i = 0; i < g_strv_length(fields); i++) {
-        gchar** keyval = g_strsplit(fields[i], "=", 2);
-        if (g_strv_length(keyval) == 2) {
-            if (g_strcmp0(keyval[0], "CN") == 0) {
-                domain = strdup(keyval[1]);
-            }
-            if (g_strcmp0(keyval[0], "O") == 0) {
-                org = strdup(keyval[1]);
-            }
-            if (g_strcmp0(keyval[0], "emailAddress") == 0) {
-                email = strdup(keyval[1]);
-            }
-        }
-        g_strfreev(keyval);
-    }
-    g_strfreev(fields);
-
     cons_show("");
     cons_show_error("TLS certificate verification failed: %s", errormsg);
-    if (domain) {
-        cons_show("  Domain       : %s", domain);
-    }
-    if (org) {
-        cons_show("  Organisation : %s", org);
-    }
-    if (email) {
-        cons_show("  Email        : %s", email);
-    }
-    cons_show("  Fingerprint  : %s", certfp);
-    cons_show("  Start        : %s", notbefore);
-    cons_show("  End          : %s", notafter);
+    cons_show_tlscert(cert);
     cons_show("");
     cons_show("Use '/tls allow' to accept this certificate");
     cons_show("Use '/tls always' to accept this certificate permanently");
@@ -788,28 +754,17 @@ sv_ev_certfail(const char *const errormsg, const char *const certname, const cha
     }
 
     if (g_strcmp0(cmd, "/tls allow") == 0) {
-        tlscerts_set_current(certfp);
+        tlscerts_set_current(cert->fingerprint);
         free(cmd);
-        free(domain);
-        free(org);
-        free(email);
         return 1;
     } else if (g_strcmp0(cmd, "/tls always") == 0) {
-        if (!tlscerts_exists(certfp)) {
-            TLSCertificate *cert = tlscerts_new(certfp, domain, org, email, notbefore, notafter);
+        if (!tlscerts_exists(cert->fingerprint)) {
             tlscerts_add(cert);
-            tlscerts_free(cert);
         }
         free(cmd);
-        free(domain);
-        free(org);
-        free(email);
         return 1;
     } else {
         free(cmd);
-        free(domain);
-        free(org);
-        free(email);
         return 0;
     }
 }
generated by cgit-pink 1.4.1-2-gfad0 (git 2.36.2.497.gbbea4dcf42) at 2024-08-18 02:03:38 +0000