Add experimental Binkp/TLS option to [node:*] sections of sbbsecho.ini

(defaults to false) Set to BinkpTLS=true to use BinkP over TLS for a specified node.

Add experimental Binkp/TLS option to [node:*] sections of sbbsecho.ini
2382a93e · rswindell · eea679fa · 2382a93e · 2382a93e · 2382a93e
Commit 2382a93e authored 5 years ago by rswindell
--- a/exec/binkit.js
+++ b/exec/binkit.js
@@ -596,6 +596,7 @@ function callout(addr, scfg, locks, bicfg)
 	var bp = new BinkP(version_notice, undefined, rx_callback, tx_callback);
 	var port;
 	var host;
+	var tls = false;
 	var f;
 	var success = false;
 	var src_addr;
@@ -618,6 +619,7 @@ function callout(addr, scfg, locks, bicfg)
 		bp.cb_data.binkitpw = bp.cb_data.binkitcfg.node[addr].pass;
 		port = bp.cb_data.binkitcfg.node[addr].port;
 		host = bp.cb_data.binkitcfg.node[addr].host;
+		tls = bp.cb_data.binkitcfg.node[addr].tls;
 		if (bp.plain_auth_only) {
 			bp.require_md5 = false;
 			bp.require_crypt = false;
@@ -657,7 +659,7 @@ function callout(addr, scfg, locks, bicfg)
 	log(LOG_DEBUG, format("connecting to %s at %s", addr, host));
 	// We won't add files until the auth finishes...
-	success = bp.connect(addr, bp.cb_data.binkitpw, callout_auth_cb, port, host);
+	success = bp.connect(addr, bp.cb_data.binkitpw, callout_auth_cb, port, host, tls);
 	// Statistics
 	update_stats(stats.callout[success], addr, bp, host);
 	update_totals(stats.totals, addr, bp, true, success);

--- a/exec/load/binkp.js
+++ b/exec/load/binkp.js
@@ -402,7 +402,7 @@ BinkP.prototype.parseArgs = function(data)
 * parameter string send with the M_OK message... hopefully either "secure"
 * or "non-secure"
 */
-BinkP.prototype.connect = function(addr, password, auth_cb, port, inet_host)
+BinkP.prototype.connect = function(addr, password, auth_cb, port, inet_host, tls)
 {
 	var pkt;
 	var i;
@@ -455,6 +455,11 @@ BinkP.prototype.connect = function(addr, password, auth_cb, port, inet_host)
 	log(LOG_DEBUG, "Connection to "+inet_host+":"+port+" successful");
+	if(tls === true) {
+		log(LOG_INFO, "Negotiating TLS");
+		this.sock.ssl_session = true;
+	}
 	this.authenticated = undefined;
 	if (this.crypt_support && !this.plain_auth_only && password !== '-')
 		this.sendCmd(this.command.M_NUL, "OPT CRYPT");

--- a/exec/load/fidocfg.js
+++ b/exec/load/fidocfg.js
@@ -387,6 +387,7 @@ function BinkITCfg()
 			this.node[sec].host = f.iniGetValue(section, 'BinkpHost');
 			this.node[sec].inbox = f.iniGetValue(section, 'inbox');
 			this.node[sec].outbox = f.iniGetValue(section, 'outbox');
+			this.node[sec].tls = f.iniGetValue(section, 'BinkpTLS', false);
 		}, this);
 		f.close();
 	}