Changeset 486ddb5 for protocols/jabber
- Timestamp:
- 2011-12-19T14:50:58Z (13 years ago)
- Branches:
- master
- Children:
- 78b8401
- Parents:
- 5a48afd
- Location:
- protocols/jabber
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
protocols/jabber/io.c
r5a48afd r486ddb5 276 276 } 277 277 278 gboolean jabber_connected_ssl( gpointer data, void *source, b_input_condition cond )278 gboolean jabber_connected_ssl( gpointer data, int returncode, void *source, b_input_condition cond ) 279 279 { 280 280 struct im_connection *ic = data; … … 293 293 294 294 imcb_error( ic, "Could not connect to server" ); 295 if (returncode == OPENSSL_VERIFY_ERROR ) 296 { 297 imcb_error( ic, "This BitlBee server is built agains the OpenSSL library." ); 298 imcb_error( ic, "Unfortunately certificate verification is only supported when built against GnuTLS for now." ); 299 imc_logout( ic, FALSE ); 300 } 301 else if (returncode == NSS_VERIFY_ERROR ) 302 { 303 imcb_error( ic, "This BitlBee server is built agains the NSS library." ); 304 imcb_error( ic, "Unfortunately certificate verification is only supported when built against GnuTLS for now." ); 305 imc_logout( ic, FALSE ); 306 } 307 else if (returncode == VERIFY_CERT_ERROR ) 308 { 309 imcb_error( ic, "An error occured during the certificate verification." ); 310 imc_logout( ic, FALSE ); 311 } 312 else if (returncode & VERIFY_CERT_INVALID) 313 { 314 imcb_error( ic, "Unable to verify peer's certificate." ); 315 if (returncode & VERIFY_CERT_REVOKED) 316 imcb_error( ic, "The certificate has been revoked." ); 317 if (returncode & VERIFY_CERT_SIGNER_NOT_FOUND) 318 imcb_error( ic, "The certificate hasn't got a known issuer." ); 319 if (returncode & VERIFY_CERT_SIGNER_NOT_CA) 320 imcb_error( ic, "The certificate's issuer is not a CA." ); 321 if (returncode & VERIFY_CERT_INSECURE_ALGORITHM) 322 imcb_error( ic, "The certificate uses an insecure algorithm." ); 323 if (returncode & VERIFY_CERT_NOT_ACTIVATED) 324 imcb_error( ic, "The certificate has not been activated." ); 325 if (returncode & VERIFY_CERT_EXPIRED) 326 imcb_error( ic, "The certificate has expired." ); 327 if (returncode & VERIFY_CERT_WRONG_HOSTNAME) 328 imcb_error( ic, "The hostname specified in the certificate doesn't match the server name." ); 329 imc_logout( ic, FALSE ); 330 } 331 else 295 332 imc_logout( ic, TRUE ); 296 333 return FALSE; … … 397 434 struct im_connection *ic = data; 398 435 struct jabber_data *jd = ic->proto_data; 399 char *xmlns ;436 char *xmlns, *tlsname; 400 437 401 438 xmlns = xt_find_attr( node, "xmlns" ); … … 423 460 424 461 jd->flags |= JFLAG_STARTTLS_DONE; 425 jd->ssl = ssl_starttls( jd->fd, jabber_connected_ssl, ic ); 462 463 /* If the user specified a server for the account, use this server as the 464 * hostname in the certificate verification. Else we use the domain from 465 * the username. */ 466 if( ic->acc->server && *ic->acc->server ) 467 tlsname = ic->acc->server; 468 else 469 tlsname = jd->server; 470 471 jd->ssl = ssl_starttls( jd->fd, tlsname, set_getbool( &ic->acc->set, "tls_verify" ), 472 jabber_connected_ssl, ic ); 426 473 427 474 return XT_HANDLED; -
protocols/jabber/jabber.c
r5a48afd r486ddb5 80 80 81 81 s = set_add( &acc->set, "tls", "try", set_eval_tls, acc ); 82 s->flags |= ACC_SET_OFFLINE_ONLY; 83 84 s = set_add( &acc->set, "tls_verify", "true", set_eval_bool, acc ); 82 85 s->flags |= ACC_SET_OFFLINE_ONLY; 83 86 -
protocols/jabber/jabber.h
r5a48afd r486ddb5 307 307 int jabber_write( struct im_connection *ic, char *buf, int len ); 308 308 gboolean jabber_connected_plain( gpointer data, gint source, b_input_condition cond ); 309 gboolean jabber_connected_ssl( gpointer data, void *source, b_input_condition cond );309 gboolean jabber_connected_ssl( gpointer data, int returncode, void *source, b_input_condition cond ); 310 310 gboolean jabber_start_stream( struct im_connection *ic ); 311 311 void jabber_end_stream( struct im_connection *ic );
Note: See TracChangeset
for help on using the changeset viewer.