Make FiSHLiM OpenSSL provider loading non-fatal

2026-06-08 16:00:18 +00:00 · 2026-05-25 02:13:24 -06:00
parent 15d647a0ec
commit 54b1703d67
2 changed files with 21 additions and 31 deletions
--- a/plugins/fishlim/fish.c
+++ b/plugins/fishlim/fish.c
@@ -91,27 +91,13 @@ static const signed char fish_unbase64[256] = {
 #include <openssl/provider.h>
 static OSSL_PROVIDER *legacy_provider;
 static OSSL_PROVIDER *default_provider;
-static OSSL_LIB_CTX *ossl_ctx;
 #endif

 int fish_init(void)
 {
 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
-    ossl_ctx = OSSL_LIB_CTX_new();
-    if (!ossl_ctx)
-        return 0;
-
-    legacy_provider = OSSL_PROVIDER_load(ossl_ctx, "legacy");
-    if (!legacy_provider) {
-        fish_deinit();
-        return 0;
-    }
-
-    default_provider = OSSL_PROVIDER_load(ossl_ctx, "default");
-    if (!default_provider) {
-        fish_deinit();
-        return 0;
-    }
+    legacy_provider = OSSL_PROVIDER_load(NULL, "legacy");
+    default_provider = OSSL_PROVIDER_load(NULL, "default");
 #endif
    return 1;
 }
@@ -129,10 +115,6 @@ void fish_deinit(void)
        default_provider = NULL;
    }

-    if (ossl_ctx) {
-        OSSL_LIB_CTX_free(ossl_ctx);
-        ossl_ctx = NULL;
-    }
 #endif
 }

@@ -278,7 +260,9 @@ char *fish_cipher(const char *plaintext, size_t plaintext_len, const char *key,
        }

 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
-        cipher = EVP_CIPHER_fetch(ossl_ctx, "BF-CBC", NULL);
+        cipher = EVP_CIPHER_fetch(NULL, "BF-CBC", NULL);
+        if (!cipher)
+            cipher = (EVP_CIPHER *) EVP_bf_cbc();
 #else
        cipher = (EVP_CIPHER *) EVP_bf_cbc();
 #endif
@@ -286,7 +270,9 @@ char *fish_cipher(const char *plaintext, size_t plaintext_len, const char *key,
    } else if (mode == EVP_CIPH_ECB_MODE) {

 #if OPENSSL_VERSION_NUMBER >= 0x30000000L
-        cipher = EVP_CIPHER_fetch(ossl_ctx, "BF-ECB", NULL);
+        cipher = EVP_CIPHER_fetch(NULL, "BF-ECB", NULL);
+        if (!cipher)
+            cipher = (EVP_CIPHER *) EVP_bf_ecb();
 #else
        cipher = (EVP_CIPHER *) EVP_bf_ecb();
 #endif
--- a/plugins/fishlim/plugin_zoitechat.c
+++ b/plugins/fishlim/plugin_zoitechat.c
@@ -421,7 +421,7 @@ static int handle_keyx_notice(char *word[], char *word_eol[], void *userdata) {
            zoitechat_commandf(ph, "quote NOTICE %s :DH1080_FINISH %s%s", sender, pub_key, (mode == FISH_CBC_MODE) ? " CBC" : "");
            g_free(pub_key);
        } else {
-            zoitechat_print(ph, "Failed to generate keys");
+            zoitechat_printf(ph, "Failed to generate keys");
            goto cleanup;
        }
    } else if (!strcmp (dh_message, "DH1080_FINISH")) {
@@ -446,7 +446,7 @@ static int handle_keyx_notice(char *word[], char *word_eol[], void *userdata) {
        zoitechat_printf(ph, "Stored new key for %s (%s)", sender, fish_modes[mode]);
        g_free(secret_key);
    } else {
-        zoitechat_print(ph, "Failed to create secret key!");
+        zoitechat_printf(ph, "Failed to create secret key!");
    }

 cleanup:
@@ -548,7 +548,7 @@ static int handle_keyx(char *word[], char *word_eol[], void *userdata) {
    }

    if ((query_ctx && ctx_type != 3) || (!query_ctx && !irc_is_query(target))) {
-        zoitechat_print(ph, "You can only exchange keys with individuals");
+        zoitechat_printf(ph, "You can only exchange keys with individuals");
        return ZOITECHAT_EAT_ALL;
    }

@@ -560,7 +560,7 @@ static int handle_keyx(char *word[], char *word_eol[], void *userdata) {

        g_free(pub_key);
    } else {
-        zoitechat_print(ph, "Failed to generate keys");
+        zoitechat_printf(ph, "Failed to generate keys");
    }

    return ZOITECHAT_EAT_ALL;
@@ -577,7 +577,7 @@ static int handle_crypt_topic(char *word[], char *word_eol[], void *userdata) {
    GSList *encrypted_list;

    if (!*topic) {
-        zoitechat_print(ph, usage_topic);
+        zoitechat_printf(ph, "%s", usage_topic);
        return ZOITECHAT_EAT_ALL;
    }

@@ -624,7 +624,7 @@ static int handle_crypt_notice(char *word[], char *word_eol[], void *userdata) {
    GSList *encrypted_list, *encrypted_item;

    if (!*target || !*notice) {
-        zoitechat_print(ph, usage_notice);
+        zoitechat_printf(ph, "%s", usage_notice);
        return ZOITECHAT_EAT_ALL;
    }

@@ -676,7 +676,7 @@ static int handle_crypt_msg(char *word[], char *word_eol[], void *userdata) {
    GSList *encrypted_list, *encrypted_item;

    if (!*target || !*message) {
-        zoitechat_print(ph, usage_msg);
+        zoitechat_printf(ph, "%s", usage_msg);
        return ZOITECHAT_EAT_ALL;
    }

@@ -805,11 +805,15 @@ int zoitechat_plugin_init(zoitechat_plugin *plugin_handle,
    zoitechat_hook_server_attrs(ph, "TOPIC", ZOITECHAT_PRI_NORM, handle_incoming, NULL);
    zoitechat_hook_server_attrs(ph, "332", ZOITECHAT_PRI_NORM, handle_incoming, NULL);

-    if (!fish_init())
+    if (!fish_init()) {
+        zoitechat_printf(ph, "FiSHLiM failed to initialize crypto backend");
        return 0;
+    }

-    if (!dh1080_init())
+    if (!dh1080_init()) {
+        zoitechat_printf(ph, "FiSHLiM failed to initialize DH1080");
        return 0;
+    }

    pending_exchanges = g_hash_table_new_full(g_str_hash, g_str_equal, g_free, g_free);