Context Navigation

← Previous Change
Next Change →

Changeset 792a93b for protocols/jabber

Timestamp:

2011-12-23T12:44:08Z (13 years ago)

Author:

Wilmer van der Gaast <wilmer@…>

Branches:

master

Children:

200e151

Parents:

2d93a51e (diff), 41658da (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.

Message:

Merging SSL certificate verification for GnuTLS, with help from AopicieR.

Location:

protocols/jabber

Files:

: 3 edited

io.c (modified) (4 diffs)
jabber.c (modified) (2 diffs)
jabber.h (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

protocols/jabber/io.c

-                      r2d93a51e
+                      r792a93b
+}
 gboolean jabber_connected_ssl( gpointer data, void *source, b_input_condition cond )
+gboolean jabber_connected_ssl( gpointer data, int returncode, void *source, b_input_condition cond )
+{
         struct im_connection *ic = data;
 …
                 jd->ssl = NULL;
+                imcb_error( ic, "Could not connect to server" );
+                imc_logout( ic, TRUE );
+                if( returncode != 0 )
+                {
+                        char *err = ssl_verify_strerror( returncode );
+                        imcb_error( ic, "Certificate verification problem 0x%x: %s",
+                                    returncode, err ? err : "Unknown" );
+                        g_free( err );
+                        imc_logout( ic, FALSE );
+                }
+                else
+                {
+                        imcb_error( ic, "Could not connect to server" );
+                        imc_logout( ic, TRUE );
+                }
                 return FALSE;
+        }
 …
         struct im_connection *ic = data;
         struct jabber_data *jd = ic->proto_data;
         char *xmlns;
+        char *xmlns, *tlsname;
         xmlns = xt_find_attr( node, "xmlns" );
 …
         jd->flags |= JFLAG_STARTTLS_DONE;
+        jd->ssl = ssl_starttls( jd->fd, jabber_connected_ssl, ic );
+        /* If the user specified a server for the account, use this server as the
+         * hostname in the certificate verification. Else we use the domain from
+         * the username. */
+        if( ic->acc->server && *ic->acc->server )
+                tlsname = ic->acc->server;
+        else
+                tlsname = jd->server;
+        jd->ssl = ssl_starttls( jd->fd, tlsname, set_getbool( &ic->acc->set, "tls_verify" ),
+                                jabber_connected_ssl, ic );
         return XT_HANDLED;

protocols/jabber/jabber.c

-                      r2d93a51e
+                      r792a93b
         s = set_add( &acc->set, "tls", "try", set_eval_tls, acc );
+        s->flags |= ACC_SET_OFFLINE_ONLY;
+        s = set_add( &acc->set, "tls_verify", "true", set_eval_bool, acc );
         s->flags |= ACC_SET_OFFLINE_ONLY;
 …
         if( set_getbool( &acc->set, "ssl" ) )
+        {
                 jd->ssl = ssl_connect( connect_to, set_getint( &acc->set, "port" ), jabber_connected_ssl, ic );
+                jd->ssl = ssl_connect( connect_to, set_getint( &acc->set, "port" ), FALSE, jabber_connected_ssl, ic );
                 jd->fd = jd->ssl ? ssl_getfd( jd->ssl ) : -1;
+        }

protocols/jabber/jabber.h

r2d93a51e	r792a93b
309	309	int jabber_write( struct im_connection ic, char buf, int len );
310	310	gboolean jabber_connected_plain( gpointer data, gint source, b_input_condition cond );
311		gboolean jabber_connected_ssl( gpointer data, void *source, b_input_condition cond );
	311	gboolean jabber_connected_ssl( gpointer data, int returncode, void *source, b_input_condition cond );
312	312	gboolean jabber_start_stream( struct im_connection *ic );
313	313	void jabber_end_stream( struct im_connection *ic );

Note: See TracChangeset for help on using the changeset viewer.