Avoid the PEM issue.
This commit is contained in:
Ben Wiederhake
parent
57e6a777d9
commit
7ab7f4126e
8 changed files with 114 additions and 19 deletions
|
|
@ -73,7 +73,7 @@ install: $(PRPL_LIBNAME)
|
|||
mkdir -m $(DIR_PERM) -p $(DESTDIR)$(PLUGIN_DIR_PURPLE)
|
||||
install -m $(FILE_PERM) $(PRPL_LIBNAME) $(DESTDIR)$(PLUGIN_DIR_PURPLE)/$(PRPL_NAME)
|
||||
mkdir -m $(DIR_PERM) -p $(DESTDIR)/etc/telegram-purple
|
||||
install -m $(FILE_PERM) tg-server.pub $(DESTDIR)/etc/telegram-purple/server.pub
|
||||
install -m $(FILE_PERM) tg-server.tglpub $(DESTDIR)/etc/telegram-purple/server.tglpub
|
||||
mkdir -m $(DIR_PERM) -p $(DESTDIR)$(DATA_ROOT_DIR_PURPLE)/pixmaps/pidgin/protocols/16
|
||||
install -m $(FILE_PERM) imgs/telegram16.png $(DESTDIR)$(DATA_ROOT_DIR_PURPLE)/pixmaps/pidgin/protocols/16/telegram.png
|
||||
mkdir -m $(DIR_PERM) -p $(DESTDIR)$(DATA_ROOT_DIR_PURPLE)/pixmaps/pidgin/protocols/22
|
||||
|
|
@ -88,7 +88,8 @@ local_install:
|
|||
.PHONY: uninstall
|
||||
uninstall:
|
||||
rm -f $(DESTDIR)$(PLUGIN_DIR_PURPLE)/$(PRPL_NAME)
|
||||
rm -f $(DESTDIR)/etc/telegram-purple/server.pub
|
||||
rm -f $(DESTDIR)/etc/telegram-purple/server.pub # TODO: Remove this in later versions
|
||||
rm -f $(DESTDIR)/etc/telegram-purple/server.tglpub
|
||||
rm -f $(DESTDIR)$(DATA_ROOT_DIR_PURPLE)/pixmaps/pidgin/protocols/16/telegram.png
|
||||
rm -f $(DESTDIR)$(DATA_ROOT_DIR_PURPLE)/pixmaps/pidgin/protocols/22/telegram.png
|
||||
rm -f $(DESTDIR)$(DATA_ROOT_DIR_PURPLE)/pixmaps/pidgin/protocols/48/telegram.png
|
||||
|
|
|
|||
21
README.md
21
README.md
|
|
@ -72,16 +72,19 @@ This repository has submodules, so you need to clone recursively.
|
|||
|
||||
sudo dnf install gcc openssl-devel glib2-devel libpurple-devel libwebp-devel
|
||||
|
||||
And the development files for gcrypt, probably `gcrypt-devel` or something.
|
||||
|
||||
|
||||
###### Debian / Ubuntu
|
||||
|
||||
sudo apt-get install libgcrypt20-dev libssl-dev libpurple-dev libwebp-dev
|
||||
|
||||
|
||||
###### OpenSUSE
|
||||
|
||||
sudo zypper install gcc glib glib-devel libpurple libpurple-devel zlib-devel openssl libopenssl-devel libwebp-devel
|
||||
|
||||
And the development files for gcrypt, probably `gcrypt-devel` or something.
|
||||
|
||||
|
||||
#### 3. Compile and install
|
||||
|
||||
|
|
@ -188,6 +191,22 @@ Compiling with XCode is a little bit problematic, since it requires you to compi
|
|||
Discussion / Help
|
||||
-----------------
|
||||
|
||||
#### Custom pubkeys
|
||||
|
||||
As we want to avoid OpenSSL, it has become necessary to replace the PEM file format. This means that if you use a custom pubkey (which you really REALLY shouldn't be doing), you have to adapt, sorry.
|
||||
|
||||
We no longer ship `tg-server.pub` (old format), but instead `tg-server.tlgpub` (new format). If you have a `.pub` and want to continue using telegram-purple, please use this (hopefully highly portable) tool: [pem2bignum](https://github.com/BenWiederhake/pem2bignum)
|
||||
|
||||
You can also write your own conversion tool if you prefer. The format is really simple:
|
||||
|
||||
1. `e`, the public exponent, encoded as big endian 32 bit fixed length (e.g. `0x00 01 00 01` for 65537)
|
||||
2. `n_len`, the length of `n` in bytes, encoded as big endian 32 bit fixed length (e.g. `0x00 00 01 00` for a 2048-bit = 256-byte key)
|
||||
3. `n_raw`, the raw modulus, encoded as big endian, using the previously indicated length (e.g. `0xC1 50 02 3E [248 bytes omitted] 21 79 25 1F` in the case of telegram's public RSA key.)
|
||||
|
||||
If you are interested in developing a non-OpenSSL-licensed converter, look into [insane-triangle-banana](https://github.com/BenWiederhake/insane-triangle-banana).
|
||||
|
||||
#### Group chat
|
||||
|
||||
Telegram group chat for telegram-purple or libtgl related discussions or questions:
|
||||
|
||||
- https://telegram.me/joinchat/01fb53f301b67d3c7a5532908dfa9a89
|
||||
|
|
|
|||
|
|
@ -51,6 +51,64 @@
|
|||
#define STATE_FILE_MAGIC 0x28949a93
|
||||
#define SECRET_CHAT_FILE_MAGIC 0x37a1988a
|
||||
|
||||
static gboolean read_ui32 (int fd, unsigned int *ret) {
|
||||
typedef char check_int_size[(sizeof (int) >= 4) ? 1 : -1];
|
||||
(void) sizeof (check_int_size);
|
||||
|
||||
unsigned char buf[4];
|
||||
if (4 != read (fd, buf, 4)) {
|
||||
return 0;
|
||||
}
|
||||
/* Ugly but works. */
|
||||
*ret = 0;
|
||||
*ret |= buf[0];
|
||||
*ret <<= 8;
|
||||
*ret |= buf[1];
|
||||
*ret <<= 8;
|
||||
*ret |= buf[2];
|
||||
*ret <<= 8;
|
||||
*ret |= buf[3];
|
||||
return 1;
|
||||
}
|
||||
|
||||
int read_pubkey_file (const char *name, struct rsa_pubkey *dst) {
|
||||
/* Just to make sure nobody reads garbage. */
|
||||
dst->e = 0;
|
||||
dst->n_len = 0;
|
||||
dst->n_raw = NULL;
|
||||
|
||||
int pubkey_fd = open (name, O_RDONLY);
|
||||
if (pubkey_fd < 0) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
unsigned int e;
|
||||
unsigned int n_len;
|
||||
if (!read_ui32 (pubkey_fd, &e) || !read_ui32 (pubkey_fd, &n_len) // Ensure successful reads
|
||||
|| n_len < 128 || n_len > 1024 || e < 5) { // Ensure (at least remotely) sane parameters.
|
||||
close (pubkey_fd);
|
||||
return 0;
|
||||
}
|
||||
|
||||
unsigned char *n_raw = malloc (n_len);
|
||||
if (!n_raw) {
|
||||
close (pubkey_fd);
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (n_len != read (pubkey_fd, n_raw, n_len)) {
|
||||
free (n_raw);
|
||||
close (pubkey_fd);
|
||||
return 0;
|
||||
}
|
||||
close (pubkey_fd);
|
||||
|
||||
dst->e = e;
|
||||
dst->n_len = n_len;
|
||||
dst->n_raw = n_raw;
|
||||
return 1;
|
||||
}
|
||||
|
||||
void read_state_file (struct tgl_state *TLS) {
|
||||
char *name = 0;
|
||||
if (asprintf (&name, "%s/%s", TLS->base_path, "state") < 0) {
|
||||
|
|
@ -406,13 +464,14 @@ gchar *get_download_dir (struct tgl_state *TLS) {
|
|||
return dir;
|
||||
}
|
||||
|
||||
void assert_file_exists (PurpleConnection *gc, const char *filepath, const char *format) {
|
||||
gboolean assert_file_exists (PurpleConnection *gc, const char *filepath, const char *format) {
|
||||
if (!g_file_test (filepath, G_FILE_TEST_EXISTS)) {
|
||||
gchar *msg = g_strdup_printf (format, filepath);
|
||||
purple_connection_error_reason (gc, PURPLE_CONNECTION_ERROR_CERT_OTHER_ERROR, msg);
|
||||
g_free (msg);
|
||||
return;
|
||||
return 0;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
||||
void export_auth_callback (struct tgl_state *TLS, void *extra, int success) {
|
||||
|
|
|
|||
|
|
@ -22,6 +22,14 @@
|
|||
|
||||
#include "telegram-purple.h"
|
||||
|
||||
struct rsa_pubkey {
|
||||
unsigned int e;
|
||||
unsigned int n_len;
|
||||
unsigned char *n_raw;
|
||||
};
|
||||
|
||||
gboolean read_pubkey_file (const char *name, struct rsa_pubkey *dst);
|
||||
|
||||
void read_state_file (struct tgl_state *TLS);
|
||||
void read_auth_file (struct tgl_state *TLS);
|
||||
void write_auth_file (struct tgl_state *TLS);
|
||||
|
|
@ -37,7 +45,7 @@ void telegram_export_authorization (struct tgl_state *TLS);
|
|||
gchar *get_config_dir (struct tgl_state *TLS, char const *username);
|
||||
gchar *get_download_dir (struct tgl_state *TLS);
|
||||
|
||||
void assert_file_exists (PurpleConnection *gc, const char *filepath, const char *format);
|
||||
gboolean assert_file_exists (PurpleConnection *gc, const char *filepath, const char *format);
|
||||
|
||||
int tgp_visualize_key (struct tgl_state *TLS, unsigned char* sha1_key);
|
||||
void tgp_create_group_chat_by_usernames (struct tgl_state *TLS, const char *title,
|
||||
|
|
|
|||
|
|
@ -89,7 +89,7 @@ void on_user_get_info (struct tgl_state *TLS, void *info_data, int success, stru
|
|||
|
||||
PurpleGroup *tggroup;
|
||||
const char *config_dir = "telegram-purple";
|
||||
const char *pk_path = "/etc/telegram-purple/server.pub";
|
||||
const char *pk_path = "/etc/telegram-purple/server.tglpub";
|
||||
|
||||
struct tgl_update_callback tgp_callback = {
|
||||
.logprintf = debug,
|
||||
|
|
@ -575,12 +575,28 @@ static void tgprpl_login (PurpleAccount * acct) {
|
|||
|
||||
TLS->base_path = get_config_dir(TLS, purple_account_get_username (acct));
|
||||
tgl_set_download_directory (TLS, get_download_dir(TLS));
|
||||
assert_file_exists (gc, pk_path, "Error, server public key not found at %s."
|
||||
" Make sure that Telegram-Purple is installed properly.");
|
||||
if (!assert_file_exists (gc, pk_path, "Error, server public key not found at %s."
|
||||
" Make sure that Telegram-Purple is installed properly.")) {
|
||||
/* Already reported. */
|
||||
return;
|
||||
}
|
||||
|
||||
debug ("base configuration path: '%s'", TLS->base_path);
|
||||
|
||||
struct rsa_pubkey the_pubkey;
|
||||
if (!read_pubkey_file (pk_path, &the_pubkey)) {
|
||||
char *cause = g_strdup_printf ("Unable to sign on as %s: Missing file %s.",
|
||||
purple_account_get_username (acct), pk_path);
|
||||
purple_connection_error_reason (gc, PURPLE_CONNECTION_ERROR_INVALID_SETTINGS, cause);
|
||||
purple_notify_message (_telegram_protocol, PURPLE_NOTIFY_MSG_ERROR, cause,
|
||||
"Make sure telegram-purple is installed properly,\n"
|
||||
"including the .tglpub file.", NULL, NULL, NULL);
|
||||
g_free (cause);
|
||||
return;
|
||||
}
|
||||
|
||||
tgl_set_verbosity (TLS, 4);
|
||||
tgl_set_rsa_key (TLS, pk_path);
|
||||
tgl_set_rsa_key_direct (TLS, the_pubkey.e, the_pubkey.n_len, the_pubkey.n_raw);
|
||||
|
||||
tgl_set_ev_base (TLS, conn);
|
||||
tgl_set_net_methods (TLS, &tgp_conn_methods);
|
||||
|
|
|
|||
|
|
@ -1,8 +0,0 @@
|
|||
-----BEGIN RSA PUBLIC KEY-----
|
||||
MIIBCgKCAQEAwVACPi9w23mF3tBkdZz+zwrzKOaaQdr01vAbU4E1pvkfj4sqDsm6
|
||||
lyDONS789sVoD/xCS9Y0hkkC3gtL1tSfTlgCMOOul9lcixlEKzwKENj1Yz/s7daS
|
||||
an9tqw3bfUV/nqgbhGX81v/+7RFAEd+RwFnK7a+XYl9sluzHRyVVaTTveB2GazTw
|
||||
Efzk2DWgkBluml8OREmvfraX3bkHZJTKX4EQSjBbbdJ2ZXIsRrYOXfaA+xayEGB+
|
||||
8hdlLmAjbCVfaigxX0CDqWeR1yFL9kwd9P0NsZRPsmoqVwMbMu7mStFai6aIhc3n
|
||||
Slv8kg9qv1m6XHVQY3PnEw+QQtqSIXklHwIDAQAB
|
||||
-----END RSA PUBLIC KEY-----
|
||||
BIN
tg-server.tglpub
Normal file
BIN
tg-server.tglpub
Normal file
Binary file not shown.
2
tgl
2
tgl
|
|
@ -1 +1 @@
|
|||
Subproject commit ed4e304be425afecdf954e3d88fae98b80e6ff50
|
||||
Subproject commit 391806c60e36f60352abfccf05392f31fa0ba184
|
||||
Loading…
Add table
Reference in a new issue