Only in tf-4.0s1-ssl/: Build.log Only in tf-4.0s1-ssl/: debian diff -u -r tf-4.0s1.orig/src/command.c tf-4.0s1-ssl/src/command.c --- tf-4.0s1.orig/src/command.c Sat Mar 6 22:43:24 1999 +++ tf-4.0s1-ssl/src/command.c Sat Dec 29 22:13:24 2001 @@ -236,12 +236,13 @@ char *args; { char *port = NULL; - int autologin = login, quietlogin = quietflag, opt; + int autologin = login, quietlogin = quietflag, opt, issl = 0; - startopt(args, "lq"); + startopt(args, "slq"); while ((opt = nextopt(&args, NULL))) { switch (opt) { - case 'l': autologin = FALSE; break; + case 'l': issl = FALSE; break; + case 's': autologin = TRUE; break; case 'q': quietlogin = TRUE; break; default: return newint(0); } @@ -251,7 +252,7 @@ *port = '\0'; while (is_space(*++port)); } - return newint(openworld(args, *port ? port : NULL, autologin, quietlogin)); + return newint(openworld(args, *port ? port : NULL, autologin, quietlogin, issl)); } static struct Value *handle_localecho_command(args) diff -u -r tf-4.0s1.orig/src/expr.c tf-4.0s1-ssl/src/expr.c --- tf-4.0s1.orig/src/expr.c Sat Mar 6 22:43:24 1999 +++ tf-4.0s1-ssl/src/expr.c Sat Dec 29 22:15:59 2001 @@ -522,7 +522,7 @@ CONST char *parent; { int oldblock; - long i, j, len; + long i, j, len, issl = 0; char c; CONST char *str, *ptr; regexp *re; @@ -547,13 +547,18 @@ if (i < 0) return newint(0); } + if (n > 8) { + issl = enum2int(opdstr(n-8), enum_flag, "arg 9 (use_ssl)"); + if (issl < 0) return newint(0); + } + return newint(!!new_world(str, /* name */ n>4 ? opdstr(n-4) : "", /* char */ n>5 ? opdstr(n-5) : "", /* pass */ opdstr(n-2), opdstr(n-3), /* host, port */ n>6 ? opdstr(n-6) : "", /* mfile */ opdstr(n-1), /* type */ - i ? 0 : WORLD_NOPROXY)); /* flags */ + i ? 0 : WORLD_NOPROXY, issl)); /* flags */ case FN_COLUMNS: return newint(columns); diff -u -r tf-4.0s1.orig/src/main.c tf-4.0s1-ssl/src/main.c --- tf-4.0s1.orig/src/main.c Sat Mar 6 22:43:24 1999 +++ tf-4.0s1-ssl/src/main.c Sat Dec 29 19:30:32 2001 @@ -69,13 +69,16 @@ char *opt, *argv0 = argv[0]; char *configfile = NULL, *command = NULL, *libdir = NULL; int worldflag = TRUE; - int autologin = -1, quietlogin = -1, autovisual = TRUE; + int autologin = -1, quietlogin = -1, autovisual = TRUE, do_ssl = FALSE; Stringp scratch; while (--argc > 0 && (*++argv)[0] == '-') { if (!(*argv)[1]) { argc--; argv++; break; } for (opt = *argv + 1; *opt; ) switch (*opt++) { + case 's': + do_ssl = TRUE; + break; case 'l': autologin = FALSE; break; @@ -120,6 +123,7 @@ fputs(" hostname or IP address\n", stderr); fputs(" port number or name\n", stderr); fputs(" connect to defined by addworld()\n", stderr); + fputs(" -s Use SSL\n", stderr); exit(1); } @@ -152,6 +156,9 @@ init_util2(); /* util.c */ Stringinit(scratch); + + init_ssl(); + if (libdir) { set_var_by_name("TFLIBDIR", libdir, 0); } @@ -179,11 +186,11 @@ if (autologin < 0) autologin = login; if (quietlogin < 0) quietlogin = quietflag; if (argc == 0) - openworld(NULL, NULL, autologin, quietlogin); + openworld(NULL, NULL, autologin, quietlogin, do_ssl); else if (argc == 1) - openworld(argv[0], NULL, autologin, quietlogin); + openworld(argv[0], NULL, autologin, quietlogin, do_ssl); else /* if (argc == 2) */ - openworld(argv[0], argv[1], autologin, quietlogin); + openworld(argv[0], argv[1], autologin, quietlogin, do_ssl); } else { do_hook(H_WORLD, "---- No world ----", ""); } Only in tf-4.0s1-ssl/src: makehelp diff -u -r tf-4.0s1.orig/src/socket.c tf-4.0s1-ssl/src/socket.c --- tf-4.0s1.orig/src/socket.c Sat Mar 6 22:43:25 1999 +++ tf-4.0s1-ssl/src/socket.c Sat Dec 29 19:35:44 2001 @@ -71,6 +71,13 @@ # include #endif +#include "openssl/bio.h" +#include "openssl/err.h" +#include "openssl/ssl.h" + +SSL_CTX *hSSLContext = NULL; +static BIO *hError = NULL; + #define in_connect(s,addr) connect(s, (struct sockaddr*)(addr), sizeof(*(addr))) #ifndef NO_NETDB @@ -191,6 +198,8 @@ typedef struct Sock { /* an open connection to a server */ int fd; /* socket to server, or pipe to name resolver */ + SSL *hSSL; /* SSL Context */ + int is_ssl; CONST char *host, *port; /* server address, human readable */ struct sockaddr_in addr; /* server address, internal */ telnet_opts tn_do, tn_will; /* telnet DO and WILL options */ @@ -745,9 +754,9 @@ * the initial automatic connection, an empty name should be used for any * other unspecified connection. */ -int openworld(name, port, autologin, quietlogin) +int openworld(name, port, autologin, quietlogin, do_ssl) CONST char *name, *port; - int autologin, quietlogin; + int autologin, quietlogin, do_ssl; { World *world = NULL; @@ -755,16 +764,20 @@ if (!port) { world = find_world(name); if (!world) + { if (name) + { do_hook(H_CONFAIL, "%% Connection to %s failed: %s", "%s %s", *name ? name : "default world", "no such world"); - else + } else { do_hook(H_WORLD, "---- No world ----", ""); + } + } } else { if (restriction >= RESTRICT_WORLD) eprintf("arbitrary connections restricted"); else { - world = new_world(NULL, "", "", name, port, "", "", WORLD_TEMP); + world = new_world(NULL, "", "", name, port, "", "", WORLD_TEMP, do_ssl); } } @@ -898,7 +911,7 @@ if (xsock->flags & SOCKRESOLVING) { xsock->flags &= ~SOCKRESOLVING; FD_CLR(xsock->fd, &readers); - if (read(xsock->fd, &err, sizeof(err)) < 0 || err != 0) { + if (zozo_read(xsock->fd, &err, sizeof(err)) < 0 || err != 0) { if (!err) CONFAIL(xsock->world->name, "read", strerror(errno)); else @@ -914,7 +927,7 @@ killsock(xsock); return 0; } - read(xsock->fd, (char*)&xsock->addr.sin_addr, sizeof(struct in_addr)); + zozo_read(xsock->fd, (char*)&xsock->addr.sin_addr, sizeof(struct in_addr)); close(xsock->fd); # ifdef PLATFORM_UNIX if (xsock->pid >= 0) @@ -953,8 +966,9 @@ } xsock->flags |= SOCKPENDING; - if (in_connect(xsock->fd, &xsock->addr) == 0) { - /* The connection completed successfully. */ + if (in_connect(xsock->fd, &xsock->addr) == 0) + { + xsock->flags &= ~SOCKPENDING; return establish(xsock); @@ -1066,11 +1080,11 @@ if ((host = gethostbyname(name))) { err = 0; - write(fd, &err, sizeof(err)); + zozo_write(fd, &err, sizeof(err)); write(fd, (GENERIC *)host->h_addr, sizeof(struct in_addr)); } else { err = h_errno; - write(fd, &err, sizeof(err)); + zozo_write(fd, &err, sizeof(err)); } close(fd); } @@ -1203,13 +1217,13 @@ #else { char ch; - if (read(xsock->fd, &ch, 0) < 0) { + if (zozo_read(xsock->fd, &ch, 0) < 0) { err = errno; errmsg = "nonblocking connect/read"; } else if ((in_connect(xsock->fd, &xsock->addr) < 0) && errno != EISCONN) { - read(xsock->fd, &ch, 1); /* must fail */ + zozo_read(xsock->fd, &ch, 1); /* must fail */ err = errno; errmsg = "nonblocking connect 2/read"; } @@ -1223,12 +1237,31 @@ /* connect() worked. Clear the pending stuff, and get on with it. */ xsock->flags &= ~SOCKPENDING; + + FD_CLR(xsock->fd, &writers); /* Turn off nonblocking (this should help on buggy systems). */ /* note: 3rd arg to fcntl() is optional on Unix, but required by OS/2 */ if ((flags = fcntl(xsock->fd, F_GETFL, 0)) >= 0) fcntl(xsock->fd, F_SETFL, flags & ~TF_NONBLOCK); + + + /* The connection completed successfully, lets fire up SSL */ + + if (xsock->world->do_ssl) + { + xsock->hSSL = SSL_new(hSSLContext); + xsock->is_ssl = 1; + if (xsock->hSSL == NULL) + return 0; + + // todo ADD check + if (SSL_set_fd(xsock->hSSL, xsock->fd) == 0) + return 0; + + SSL_connect(xsock->hSSL); + } } #endif /* TF_NONBLOCK */ @@ -1475,6 +1508,31 @@ } +int zozo_send(int fd, CONST char * str, int len, int crap) +{ + int ret; + if (xsock->is_ssl) + { + ret = SSL_write(xsock->hSSL, str, len); + return ret; + } + + return send(xsock->fd, str, len, 0); +} + +int zozo_write(int fd, CONST char * str, int len) +{ + int ret; + if (xsock->is_ssl) + { + ret = SSL_write(xsock->hSSL, str, len); + return ret; + } + + return send(xsock->fd, str, len, 0); +} + + /* tramsmit text to current socket */ static int transmit(str, numtowrite) CONST char *str; @@ -1484,7 +1542,7 @@ if (!xsock || xsock->flags & (SOCKDEAD | SOCKPENDING)) return 0; while (numtowrite) { - numwritten = send(xsock->fd, str, numtowrite, 0); + numwritten = zozo_send(xsock->fd, str, numtowrite, 0); if (numwritten < 0) { err = errno; if (err == EAGAIN @@ -1709,6 +1767,21 @@ } } +int zozo_read(int fd, char * buffer, int len, int crap) +{ + int ret; + + if (xsock->is_ssl == 1) + { + ret = SSL_read(xsock->hSSL, buffer, len); + return ret; + } + + return recv(xsock->fd, buffer, sizeof(buffer), 0); +} + + + /* handle input from current socket */ static int handle_socket_input() { @@ -1728,7 +1801,7 @@ } do { /* while (n > 0 && !interrupted() && (received += count) < SPAM) */ - do count = recv(xsock->fd, buffer, sizeof(buffer), 0); + do count = zozo_read(xsock->fd, buffer, sizeof(buffer), 0); while (count < 0 && errno == EINTR); if (count <= 0) { int err = errno; @@ -2024,9 +2097,9 @@ if (bamf == BAMF_UNTER && xsock) { world = new_world(buffer->s, xsock->world->character, xsock->world->pass, host, port, xsock->world->mfile, - xsock->world->type, WORLD_TEMP); + xsock->world->type, WORLD_TEMP, 0); } else { - world = new_world(buffer->s,"","",host,port,"","",WORLD_TEMP); + world = new_world(buffer->s,"","",host,port,"","",WORLD_TEMP, 0); } } @@ -2185,3 +2258,46 @@ return w->sock->activity; } +int init_ssl(void) +{ + SSL_library_init(); + SSL_load_error_strings(); + + hError = BIO_new_fp(stderr, BIO_NOCLOSE); + + if (!hError) + return 0; + + /* Set up the global SSL context */ + hSSLContext = SSL_CTX_new(SSLv23_method()); + + if (NULL == hSSLContext) + { + ERR_print_errors(hError); + return 0; + } + +/* + if (SSL_CTX_use_certificate_file(hSSLContext, CERTF, SSL_FILETYPE_PEM) <= 0) + { + ERR_print_errors(hError); + return 0; + } + + if (SSL_CTX_use_PrivateKey_file(hSSLContext, KEYF, SSL_FILETYPE_PEM) <= 0) + { + ERR_print_errors(hError); + return 0; + } + if (!SSL_CTX_check_private_key(hSSLContext)) + { + return 0; + } + +*/ + /* give it some options */ + SSL_CTX_set_options(hSSLContext, SSL_OP_ALL); + SSL_CTX_set_cipher_list(hSSLContext, "RC4-MD5:EXP-RC4-MD5"); + SSL_CTX_set_verify(hSSLContext, SSL_VERIFY_NONE, NULL); + return 1; +} diff -u -r tf-4.0s1.orig/src/socket.h tf-4.0s1-ssl/src/socket.h --- tf-4.0s1.orig/src/socket.h Sat Mar 6 22:43:25 1999 +++ tf-4.0s1-ssl/src/socket.h Sat Dec 29 19:28:50 2001 @@ -27,7 +27,7 @@ extern TIME_T FDECL(sockidle,(CONST char *name, int dir)); extern int NDECL(tog_bg); extern int FDECL(openworld,(CONST char *name, CONST char *port, - int autologin, int quietlogin)); + int autologin, int quietlogin, int do_ssl)); extern int FDECL(opensock,(struct World *w, int autologin, int quietlogin)); extern void FDECL(world_output,(struct World *world, Aline *aline)); extern int FDECL(send_line,(CONST char *s, unsigned int len, int eol_flag)); diff -u -r tf-4.0s1.orig/src/varlist.h tf-4.0s1-ssl/src/varlist.h --- tf-4.0s1.orig/src/varlist.h Sat Mar 6 22:43:25 1999 +++ tf-4.0s1-ssl/src/varlist.h Sat Dec 29 19:33:38 2001 @@ -38,6 +38,7 @@ varcode(VAR_cleardone , "cleardone" , NULL , VARENUM, enum_flag , FALSE , NULL), varcode(VAR_clearfull , "clearfull" , NULL , VARENUM, enum_flag , FALSE , NULL), varcode(VAR_async_conn , "connect" , NULL , VARENUM, enum_block, TRUE , NULL), +varcode(VAR_ssl , "dossl" , NULL , VARENUM, enum_flag , FALSE , NULL), varcode(VAR_emulation , "emulation" , NULL , VARENUM, enum_emul , EMUL_ANSI_ATTR, NULL), varcode(VAR_gag , "gag" , NULL , VARENUM, enum_flag , TRUE , NULL), #ifdef PLATFORM_OS2 diff -u -r tf-4.0s1.orig/src/world.c tf-4.0s1-ssl/src/world.c --- tf-4.0s1.orig/src/world.c Sat Mar 6 22:43:25 1999 +++ tf-4.0s1-ssl/src/world.c Sat Dec 29 19:36:26 2001 @@ -88,13 +88,14 @@ #ifndef NO_HISTORY result->history = NULL; #endif + result->do_ssl = 0; return result; } /* A NULL name means unnamed; world will be given a temp name. */ -World *new_world(name, character, pass, host, port, mfile, type, flags) +World *new_world(name, character, pass, host, port, mfile, type, flags, ssl) CONST char *name, *character, *pass, *host, *port, *mfile, *type; - int flags; + int flags, ssl; { World *result; static int unnamed = 1; @@ -155,6 +156,7 @@ setfield(mfile); setfield(type); result->flags |= flags; + result->do_ssl = ssl; #ifdef PLATFORM_UNIX # ifndef __CYGWIN32__ diff -u -r tf-4.0s1.orig/src/world.h tf-4.0s1-ssl/src/world.h --- tf-4.0s1.orig/src/world.h Sat Mar 6 22:43:25 1999 +++ tf-4.0s1-ssl/src/world.h Sat Dec 29 19:34:50 2001 @@ -15,6 +15,7 @@ typedef struct World { /* World structure */ int flags; + int do_ssl; /* If this is SSL of not... */ struct World *next; char *name; /* name of world */ char *character; /* login name */ @@ -44,7 +45,7 @@ extern World *FDECL(new_world,(CONST char *name, CONST char *character, CONST char *pass, CONST char *host, CONST char *port, - CONST char *mfile, CONST char *type, int flags)); + CONST char *mfile, CONST char *type, int flags, int do_ssl)); extern int FDECL(nuke_world,(World *w)); extern World *FDECL(find_world,(CONST char *name)); extern void FDECL(mapworld,(void FDECL((*func),(struct World *world)))); diff -u -r tf-4.0s1.orig/tf-lib/spell.tf tf-4.0s1-ssl/tf-lib/spell.tf --- tf-4.0s1.orig/tf-lib/spell.tf Sat Mar 6 22:43:27 1999 +++ tf-4.0s1-ssl/tf-lib/spell.tf Sat Dec 29 13:25:41 2001 @@ -7,7 +7,7 @@ /def -i spell_line = \ /setenv ARGS=$(/recall -i 1)%; \ - /let _errs=$(/quote -S -decho !echo $$ARGS | spell)%; \ + /let _errs=$(/quote -S -decho !echo $$ARGS | ispell -l)%; \ /if ( _errs !~ "" ) \ /echo MISSPELLINGS: %_errs%; \ /else \ diff -u -r tf-4.0s1.orig/unix/Config tf-4.0s1-ssl/unix/Config --- tf-4.0s1.orig/unix/Config Sat Mar 6 22:43:28 1999 +++ tf-4.0s1-ssl/unix/Config Sat Dec 29 22:17:36 2001 @@ -33,8 +33,8 @@ # even if an old version is currently in use. You can remove # the old version manually later when it is no longer in use. -# TF="/usr/local/bin/tf-${TFVER}" -# LIBDIR="/usr/local/lib/tf-${TFVER}-lib" +TF="/usr/games/tf" +LIBDIR="/usr/share/games/tf" # SYMLINK="/usr/local/bin/tf" @@ -44,8 +44,8 @@ # uses nroff format; set MANTYPE=cat if your man uses pre-formatted # vt100 "catman" pages. Default is "cat". -# MANTYPE="nroff" -# MANPAGE="/usr/local/man/man1/tf.1" +MANTYPE="nroff" +MANPAGE="/usr/man/man6/tf.6" ### Flags. @@ -110,7 +110,7 @@ # by removing the leading "#". # CC=cc -# CCFLAGS="-g" +CCFLAGS="-O2 -g -Wall" ### Stripping. @@ -124,7 +124,7 @@ # This is the place to add extra libraries as described in unix/README # if your linker can't resolve an external reference. -LIBS='' +LIBS='-lssl -lcrypto' ### Make Program. diff -u -r tf-4.0s1.orig/unix/tfconfig tf-4.0s1-ssl/unix/tfconfig --- tf-4.0s1.orig/unix/tfconfig Sat Mar 6 22:43:28 1999 +++ tf-4.0s1-ssl/unix/tfconfig Sat Dec 29 13:25:41 2001 @@ -168,18 +168,18 @@ # The cd;pwd is needed to normalize the directory name in case of links, etc. DIR1=`echo $TF | sed 's;/[^/]*$;;'` -DIR1=`cd $DIR1 && pwd` +#DIR1=`cd $DIR1 && pwd` DIR2=`echo $LIBDIR | sed 's;/[^/]*$;;'` -DIR2=`cd $DIR2 && pwd` +#DIR2=`cd $DIR2 && pwd` DIR3=`echo $SYMLINK | sed 's;/[^/]*$;;'` -DIR3=`cd $DIR3 && pwd` +#DIR3=`cd $DIR3 && pwd` -if [ -z "$DIR1" ] || [ -z "$DIR2" ] || [ -z "$DIR3" ]; then +if [ -z "$DIR1" ] || [ -z "$DIR2" ]; then echo "Error in directory." exit 1; fi -DIR1=`cd $DIR1 && pwd || { echo "Error in directory $DIR1."; false; }` +#DIR1=`cd $DIR1 && pwd || { echo "Error in directory $DIR1."; false; }` BUILDTREE=`cd .. && pwd` if echo "${DIR1}/" | egrep "^${BUILDTREE}/" >/dev/null 2>&1 ||