Mercurial > ~mikael > mcabber > hg
comparison mcabber/src/main.c @ 1530:29c505d43b3e
Use random resource suffix by default
By default a random suffix is appended to the resource name,
as recommended in rfc3920bis ("For the sake of proper security, a resource
identifier SHOULD be random").
This behaviour can be altered with the new option "disable_random_resource".
author | Mikael Berthe <mikael@lilotux.net> |
---|---|
date | Sat, 04 Oct 2008 14:13:49 +0200 |
parents | 0803c0bd8b76 |
children | 31472d421267 |
comparison
equal
deleted
inserted
replaced
1529:890a703197cf | 1530:29c505d43b3e |
---|---|
68 | 68 |
69 void mcabber_connect(void) | 69 void mcabber_connect(void) |
70 { | 70 { |
71 const char *username, *password, *resource, *servername; | 71 const char *username, *password, *resource, *servername; |
72 const char *proxy_host; | 72 const char *proxy_host; |
73 const char *resource_prefix = PACKAGE_NAME; | |
73 char *dynresource = NULL; | 74 char *dynresource = NULL; |
74 char *fjid; | 75 char *fjid; |
75 int ssl; | 76 int ssl; |
76 int sslverify = -1; | 77 int sslverify = -1; |
77 const char *sslvopt = NULL, *cafile = NULL, *capath = NULL, *ciphers = NULL; | 78 const char *sslvopt = NULL, *cafile = NULL, *capath = NULL, *ciphers = NULL; |
136 capath_xp = expand_filename(capath); | 137 capath_xp = expand_filename(capath); |
137 cw_set_ssl_options(sslverify, cafile_xp, capath_xp, ciphers, servername); | 138 cw_set_ssl_options(sslverify, cafile_xp, capath_xp, ciphers, servername); |
138 // We can't free the ca*_xp variables now, because they're not duplicated | 139 // We can't free the ca*_xp variables now, because they're not duplicated |
139 // in cw_set_ssl_options(). | 140 // in cw_set_ssl_options(). |
140 | 141 |
141 if (!resource) { | 142 if (!resource) |
143 resource = resource_prefix; | |
144 | |
145 if (!settings_opt_get("disable_random_resource")) { | |
142 #if HAVE_ARC4RANDOM | 146 #if HAVE_ARC4RANDOM |
143 dynresource = g_strdup_printf("%s.%08x", PACKAGE_NAME, arc4random()); | 147 dynresource = g_strdup_printf("%s.%08x", resource, arc4random()); |
144 #else | 148 #else |
145 unsigned int tab[2]; | 149 unsigned int tab[2]; |
146 srand(time(NULL)); | 150 srand(time(NULL)); |
147 tab[0] = (unsigned int) (0xffff * (rand() / (RAND_MAX + 1.0))); | 151 tab[0] = (unsigned int) (0xffff * (rand() / (RAND_MAX + 1.0))); |
148 tab[1] = (unsigned int) (0xffff * (rand() / (RAND_MAX + 1.0))); | 152 tab[1] = (unsigned int) (0xffff * (rand() / (RAND_MAX + 1.0))); |
149 dynresource = g_strdup_printf("%s.%04x%04x", PACKAGE_NAME, | 153 dynresource = g_strdup_printf("%s.%04x%04x", resource, tab[0], tab[1]); |
150 tab[0], tab[1]); | |
151 #endif | 154 #endif |
152 resource = dynresource; | 155 resource = dynresource; |
153 } | 156 } |
154 | 157 |
155 /* Connect to server */ | 158 /* Connect to server */ |