3
0
mirror of https://github.com/pragma-/pbot.git synced 2024-11-25 13:29:29 +01:00

Rename SSL to TLS

This commit is contained in:
Pragmatic Software 2021-07-10 22:47:33 -07:00
parent c4874a43ff
commit 2c636bc8c1
9 changed files with 62 additions and 59 deletions

View File

@ -461,10 +461,10 @@ you're set.
=item *
SSL
TLS
If you wish to connect to an irc server which is using SSL, set this to a
true value. Ie: "C<SSL => 1>".
If you wish to connect to an irc server which is using TLS, set this to a
true value. Ie: "C<TLS => 1>".
=back

View File

@ -430,11 +430,14 @@ Revision history for Perl extension Net::IRC.
search preview.
PBot fork Jan 20, 2011
- Renamed Net::IRC packages throughout to PBot::IRC.
- Added support for PONG events in Connection.pm
PBot fork Feb 10, 2011
- Added support for freenode's whoisaccount
- Moved debug output from STDERR to STDOUT
PBot fork Jul 10, 2021
- I forgot this Changelog existed. There have been several modifications to
PBot::IRC in the past decade. I will not be updating this Changelog file
any longer, in favor of commit logs.

View File

@ -55,9 +55,9 @@ my %autoloaded = (
'pacing' => undef,
'utf8' => undef,
'pbot' => undef,
'ssl' => undef,
'ssl_ca_path' => undef,
'ssl_ca_file' => undef,
'tls' => undef,
'tls_ca_path' => undef,
'tls_ca_file' => undef,
);
# This hash will contain any global default handlers that the user specifies.
@ -85,9 +85,9 @@ sub new {
_maxlinelen => 510, # The RFC says we shouldn't exceed this.
_lastsl => 0,
_pacing => 0, # no pacing by default
_ssl => 0, # no ssl by default
_ssl_ca_path => undef,
_ssl_ca_file => undef,
_tls => 0, # no tls by default (TODO: perhaps this should be enabled by default)
_tls_ca_path => undef,
_tls_ca_file => undef,
_utf8 => 0,
_format => {'default' => "[%f:%t] %m <%d>",},
_pbot => undef,
@ -235,9 +235,9 @@ sub connect {
$self->debug($arg{'Debug'}) if exists $arg{'Debug'};
$self->utf8($arg{'UTF8'}) if exists $arg{'UTF8'};
$self->pbot($arg{'PBot'}) if exists $arg{'PBot'};
$self->ssl($arg{'SSL'}) if exists $arg{'SSL'};
$self->ssl_ca_path($arg{'SSL_ca_path'}) if exists $arg{'SSL_ca_path'};
$self->ssl_ca_file($arg{'SSL_ca_file'}) if exists $arg{'SSL_ca_file'};
$self->tls($arg{'TLS'}) if exists $arg{'TLS'};
$self->tls_ca_path($arg{'TLS_ca_path'}) if exists $arg{'TLS_ca_path'};
$self->tls_ca_file($arg{'TLS_ca_file'}) if exists $arg{'TLS_ca_file'};
}
# Lots of error-checking claptrap first...
@ -259,10 +259,10 @@ sub connect {
# Now for the socket stuff...
if ($self->connected) { $self->quit("Changing servers"); }
if ($self->ssl) {
if ($self->tls) {
use IO::Socket::SSL;
if ($self->ssl_ca_file) {
if ($self->tls_ca_file) {
$self->socket(
IO::Socket::SSL->new(
PeerAddr => $self->server,
@ -270,10 +270,10 @@ sub connect {
Proto => "tcp",
LocalAddr => $self->hostname,
SSL_verify_mode => IO::Socket::SSL->SSL_VERIFY_PEER,
SSL_ca_file => $self->ssl_ca_file,
SSL_ca_file => $self->tls_ca_file,
)
);
} elsif ($self->ssl_ca_path) {
} elsif ($self->tls_ca_path) {
$self->socket(
IO::Socket::SSL->new(
PeerAddr => $self->server,
@ -281,7 +281,7 @@ sub connect {
Proto => "tcp",
LocalAddr => $self->hostname,
SSL_verify_mode => IO::Socket::SSL->SSL_VERIFY_PEER,
SSL_ca_path => $self->ssl_ca_path,
SSL_ca_path => $self->tls_ca_path,
)
);
} else {
@ -306,7 +306,7 @@ sub connect {
}
if (!$self->socket) {
if ($self->ssl) {
if ($self->tls) {
carp(
sprintf "Can't connect to %s:%s: error=$! SSL_ERROR=$SSL_ERROR",
$self->server, $self->port
@ -321,7 +321,7 @@ sub connect {
return;
}
if ($self->ssl) {
if ($self->tls) {
$self->socket->blocking(0);
}
@ -842,7 +842,7 @@ sub parse {
my $n;
if ($self->ssl) {
if ($self->tls) {
$n = sysread($self->socket, $line, 32767);
if (not defined $n) {
@ -851,7 +851,7 @@ sub parse {
return;
}
print STDERR "SSL broke: $SSL_ERROR\n";
print STDERR "TLS broke: $SSL_ERROR\n";
}
}
@ -1436,7 +1436,7 @@ sub sl_real {
my $rv = eval {
# RFC compliance can be kinda nice...
my $rv = $self->ssl ? $self->socket->print("$line\015\012") : $self->socket->send("$line\015\012", 0);
my $rv = $self->tls ? $self->socket->print("$line\015\012") : $self->socket->send("$line\015\012", 0);
unless ($rv) {
$self->handler("sockerror");
return;

View File

@ -257,22 +257,22 @@ sub connect {
Port => $port,
Pacing => 1,
UTF8 => 1,
SSL => $self->{registry}->get_value('irc', 'ssl'),
TLS => $self->{registry}->get_value('irc', 'tls'),
Debug => $self->{registry}->get_value('irc', 'debug'),
PBot => $self,
);
# set SSL stuff
my $ssl_ca_file = $self->{registry}->get_value('irc', 'ssl_ca_file');
# set TLS stuff
my $tls_ca_file = $self->{registry}->get_value('irc', 'tls_ca_file');
if (length $ssl_ca_file and $ssl_ca_file ne 'none') {
$config{SSL_ca_file} = $ssl_ca_file;
if (length $tls_ca_file and $tls_ca_file ne 'none') {
$config{TLS_ca_file} = $tls_ca_file;
}
my $ssl_ca_path = $self->{registry}->get_value('irc', 'ssl_ca_path');
my $tls_ca_path = $self->{registry}->get_value('irc', 'tls_ca_path');
if (length $ssl_ca_file and $ssl_ca_file ne 'none') {
$config{SSL_ca_file} = $ssl_ca_file;
if (length $tls_ca_file and $tls_ca_file ne 'none') {
$config{TLS_ca_file} = $tls_ca_file;
}
# attempt to connect

View File

@ -55,9 +55,9 @@ sub initialize {
$self->add_default('text', 'irc', 'server', $conf{server} // "irc.libera.chat");
$self->add_default('text', 'irc', 'port', $conf{port} // 6667);
$self->add_default('text', 'irc', 'sasl', $conf{SASL} // 0);
$self->add_default('text', 'irc', 'ssl', $conf{SSL} // 0);
$self->add_default('text', 'irc', 'ssl_ca_file', $conf{SSL_ca_file} // '');
$self->add_default('text', 'irc', 'ssl_ca_path', $conf{SSL_ca_path} // '');
$self->add_default('text', 'irc', 'tls', $conf{TLS} // 0);
$self->add_default('text', 'irc', 'tls_ca_file', $conf{TLS_ca_file} // '');
$self->add_default('text', 'irc', 'tls_ca_path', $conf{TLS_ca_path} // '');
$self->add_default('text', 'irc', 'botnick', $conf{botnick} // "");
$self->add_default('text', 'irc', 'username', $conf{username} // "pbot3");
$self->add_default('text', 'irc', 'realname', $conf{realname} // "https://github.com/pragma-/pbot");
@ -68,8 +68,8 @@ sub initialize {
$self->add_default('text', 'interpreter', 'max_embed', 3);
# make sensitive entries private
$self->set_default('irc', 'ssl_ca_file', 'private', 1);
$self->set_default('irc', 'ssl_ca_path', 'private', 1);
$self->set_default('irc', 'tls_ca_file', 'private', 1);
$self->set_default('irc', 'tls_ca_path', 'private', 1);
$self->set_default('irc', 'identify_password', 'private', 1);
# customizable regular expressions

2
data/last_update vendored
View File

@ -1 +1 @@
3998
4149

12
data/registry vendored
View File

@ -2,7 +2,7 @@
"$metadata$" : {
"$metadata$" : {
"name" : "Registry",
"update_version" : "3536"
"update_version" : "4171"
}
},
"antiaway" : {
@ -310,19 +310,19 @@
"type" : "text",
"value" : "1"
},
"ssl" : {
"tls" : {
"type" : "text",
"value" : "0"
},
"ssl_ca_file" : {
"tls_ca_file" : {
"private" : "1",
"type" : "text",
"value" : "none"
"value" : ""
},
"ssl_ca_path" : {
"tls_ca_path" : {
"private" : "1",
"type" : "text",
"value" : "none"
"value" : ""
},
"username" : {
"type" : "text",

View File

@ -138,8 +138,8 @@ irc.realname | IRC gecos/realname. This is the `general information` or `real-na
irc.server | IRC server address to connect. | irc.libera.chat
irc.port | IRC server port. | 6667 (secure port: 6697)
irc.identify_password | Password to authenticate with services or bots. | _undefined_
irc.sasl | Whether to use the IRCv3 SASL authentication mechanism. | 0
irc.ssl | Whether to use SSL/TLS encryption. | 0 (1 to enable)
irc.sasl | Whether to use the IRCv3 SASL authentication mechanism. | 0 (1 to enable)
irc.tls | Whether to use TLS encryption. | 0 (1 to enable)
general.trigger | Bot trigger. Can be a character class containing multiple trigger characters. Can be overridden per-channel. | [!]
For a list of other available settings see [this table](Registry.md#list-of-known-registry-items) in the [Registry documentation](Registry.md).
@ -148,8 +148,8 @@ For a list of other available settings see [this table](Registry.md#list-of-know
##### Libera.Chat
The default settings are tailored for an insecure connection to the Libera.Chat IRC network.
To make the connection secure, set `irc.ssl` to `1`. This will enable SSL/TLS encryption.
You may optionally set `irc.ssl_ca_path` or `irc.ssl_ca_file` if necessary. Be sure to
To make the connection secure, set `irc.tls` to `1`. This will enable TLS encryption.
You may optionally set `irc.tls_ca_path` or `irc.tls_ca_file` if necessary. Be sure to
set `irc.port` to `6697` for the secure port.
It is strongly recommended that you register an account with NickServ and to enable SASL authentication.

View File

@ -209,9 +209,9 @@ irc.max_msg_len | The maximum length messages can be on this IRC server. | 425
irc.port | The IRC server network port to connect to. | 6667
irc.realname || https://github.com/pragma-/pbot
irc.show_motd | If set to a true value, the IRC server MOTD will be shown when connecting. | 1
irc.SSL_ca_file | Path to a specific SSL certificate authority file. |
irc.SSL_ca_path | Path to the SSL certificate authority directory containing certificate files. |
irc.SSL | If set to a true value, SSL will be enabled when connecting to the IRC server. | 0
irc.tls_ca_file | Path to a specific TLS certificate authority file. |
irc.tls_ca_path | Path to the TLS certificate authority directory containing certificate files. |
irc.tls | If set to a true value, TLS encryption will be enabled when connecting to the IRC server. | 0
irc.username || PBot
interpreter.max_recursion | Maximum recursion depth for bot command aliasing. | 10
lagchecker.lag_history_interval | How often, in seconds, to send a `PING` to the IRC server. | 10