pidgin: 8e431d61: oscar: Properly support TLS when using c...
darkrain42 at pidgin.im
darkrain42 at pidgin.im
Thu Nov 5 23:05:35 EST 2009
-----------------------------------------------------------------
Revision: 8e431d6169e4faa419031cf710a10ed151f91751
Ancestor: bac9f29a456bba0e24fab91e6ea52c332dbe45d0
Author: darkrain42 at pidgin.im
Date: 2009-11-06T03:58:26
Branch: im.pidgin.pidgin
URL: http://d.pidgin.im/viewmtn/revision/info/8e431d6169e4faa419031cf710a10ed151f91751
Modified files:
ChangeLog libpurple/protocols/oscar/clientlogin.c
libpurple/protocols/oscar/oscar.c
libpurple/protocols/oscar/oscar.h
ChangeLog:
oscar: Properly support TLS when using clientLogin.
-------------- next part --------------
============================================================
--- ChangeLog 4626d9f792c55955f54b7b7293c74af9df8670a0
+++ ChangeLog 5c201a00c16b5f76f90972c63a184625b3653e7e
@@ -11,14 +11,14 @@ version 2.6.4 (??/??/20??):
* Fix building the GnuTLS plugin with older versions of GnuTLS.
* Fix DNS TXT query resolution.
* Always rejoin open chats after an account reconnects.
+
AIM and ICQ:
* Better rate limit calculations and other improvements. (Aman Gupta)
* More detailed error messages when messages fail to send. (Aman Gupta)
* The simultaneous login account option is respected when using
the clientLogin authentication method.
-
- AIM and ICQ:
* Fix offline message retrieval (broken in 2.6.3)
+ * Fix SSL when clientLogin is enabled.
MSN:
* Don't forget display names for buddies.
============================================================
--- libpurple/protocols/oscar/clientlogin.c c3567103867916918bb4cc478afc4ac96740b219
+++ libpurple/protocols/oscar/clientlogin.c a57e577e3685a75a0034e446d96b1810d3ff05aa
@@ -40,6 +40,7 @@
#include "core.h"
#include "oscar.h"
+#include "oscarcommon.h"
#define URL_CLIENT_LOGIN "https://api.screenname.aol.com/auth/clientLogin"
#define URL_START_OSCAR_SESSION "http://api.oscar.aol.com/aim/startOSCARSession"
@@ -102,12 +103,15 @@ static gchar *generate_signature(const c
return signature;
}
-static gboolean parse_start_oscar_session_response(PurpleConnection *gc, const gchar *response, gsize response_len, char **host, unsigned short *port, char **cookie)
+static gboolean parse_start_oscar_session_response(PurpleConnection *gc, const gchar *response, gsize response_len, char **host, unsigned short *port, char **cookie, char **tls_certname)
{
xmlnode *response_node, *tmp_node, *data_node;
- xmlnode *host_node = NULL, *port_node = NULL, *cookie_node = NULL;
+ xmlnode *host_node = NULL, *port_node = NULL, *cookie_node = NULL, *tls_node = NULL;
+ gboolean use_tls;
char *tmp;
+ use_tls = purple_account_get_bool(purple_connection_get_account(gc), "use_ssl", OSCAR_DEFAULT_USE_SSL);
+
/* Parse the response as XML */
response_node = xmlnode_from_str(response, response_len);
if (response_node == NULL)
@@ -131,6 +135,7 @@ static gboolean parse_start_oscar_sessio
host_node = xmlnode_get_child(data_node, "host");
port_node = xmlnode_get_child(data_node, "port");
cookie_node = xmlnode_get_child(data_node, "cookie");
+ tls_node = xmlnode_get_child(data_node, "tlsCertName");
}
/* Make sure we have a status code */
@@ -177,7 +182,8 @@ static gboolean parse_start_oscar_sessio
/* Make sure we have everything else */
if (data_node == NULL || host_node == NULL ||
- port_node == NULL || cookie_node == NULL)
+ port_node == NULL || cookie_node == NULL ||
+ (use_tls && tls_node == NULL))
{
char *msg;
purple_debug_error("oscar", "startOSCARSession response was missing "
@@ -195,7 +201,12 @@ static gboolean parse_start_oscar_sessio
*host = xmlnode_get_data_unescaped(host_node);
tmp = xmlnode_get_data_unescaped(port_node);
*cookie = xmlnode_get_data_unescaped(cookie_node);
- if (*host == NULL || **host == '\0' || tmp == NULL || *tmp == '\0' || cookie == NULL || *cookie == '\0')
+
+ if (use_tls)
+ *tls_certname = xmlnode_get_data_unescaped(tls_node);
+
+ if (*host == NULL || **host == '\0' || tmp == NULL || *tmp == '\0' || cookie == NULL || *cookie == '\0' ||
+ (use_tls && (*tls_certname == NULL || **tls_certname == '\0')))
{
char *msg;
purple_debug_error("oscar", "startOSCARSession response was missing "
@@ -223,6 +234,7 @@ static void start_oscar_session_cb(Purpl
OscarData *od;
PurpleConnection *gc;
char *host, *cookie;
+ char *tls_certname = NULL;
unsigned short port;
guint8 *cookiedata;
gsize cookiedata_len;
@@ -244,28 +256,30 @@ static void start_oscar_session_cb(Purpl
return;
}
- if (!parse_start_oscar_session_response(gc, url_text, len, &host, &port, &cookie))
+ if (!parse_start_oscar_session_response(gc, url_text, len, &host, &port, &cookie, &tls_certname))
return;
cookiedata = purple_base64_decode(cookie, &cookiedata_len);
- oscar_connect_to_bos(gc, od, host, port, cookiedata, cookiedata_len);
+ oscar_connect_to_bos(gc, od, host, port, cookiedata, cookiedata_len, tls_certname);
g_free(cookiedata);
g_free(host);
g_free(cookie);
+ g_free(tls_certname);
}
static void send_start_oscar_session(OscarData *od, const char *token, const char *session_key, time_t hosttime)
{
char *query_string, *signature, *url;
+ gboolean use_tls = purple_account_get_bool(purple_connection_get_account(od->gc), "use_ssl", OSCAR_DEFAULT_USE_SSL);
/* Construct the GET parameters */
query_string = g_strdup_printf("a=%s"
"&f=xml"
"&k=%s"
"&ts=%" PURPLE_TIME_T_MODIFIER
- "&useTLS=0",
- purple_url_encode(token), get_client_key(od), hosttime);
+ "&useTLS=%d",
+ purple_url_encode(token), get_client_key(od), hosttime, use_tls);
signature = generate_signature("GET", URL_START_OSCAR_SESSION,
query_string, session_key);
url = g_strdup_printf(URL_START_OSCAR_SESSION "?%s&sig_sha256=%s",
============================================================
--- libpurple/protocols/oscar/oscar.c cb2283aeac72d003c2cd43140f27b6d9df118867
+++ libpurple/protocols/oscar/oscar.c f41ef1f0f7cd829184d74dd5cf3232bfda3867a1
@@ -1827,18 +1827,36 @@ static int purple_memrequest(OscarData *
return 1;
}
-int oscar_connect_to_bos(PurpleConnection *gc, OscarData *od, const char *host, guint16 port, guint8 *cookie, guint16 cookielen)
+int oscar_connect_to_bos(PurpleConnection *gc, OscarData *od, const char *host, guint16 port, guint8 *cookie, guint16 cookielen, const char *tls_certname)
{
+ PurpleAccount *account;
FlapConnection *conn;
+ account = purple_connection_get_account(gc);
+
conn = flap_connection_new(od, SNAC_FAMILY_LOCATE);
conn->cookielen = cookielen;
conn->cookie = g_memdup(cookie, cookielen);
- conn->connect_data = purple_proxy_connect(NULL,
- purple_connection_get_account(gc), host, port,
- connection_established_cb, conn);
- if (conn->connect_data == NULL)
+
+ /*
+ * tls_certname is only set (and must be set if we get this far) if
+ * SSL is enabled.
+ */
+ if (tls_certname)
{
+ conn->gsc = purple_ssl_connect_with_ssl_cn(account, host, port,
+ ssl_connection_established_cb, ssl_connection_error_cb,
+ tls_certname, conn);
+ }
+ else
+ {
+ conn->connect_data = purple_proxy_connect(NULL,
+ account, host, port,
+ connection_established_cb, conn);
+ }
+
+ if (conn->gsc == NULL && conn->connect_data == NULL)
+ {
purple_connection_error_reason(gc, PURPLE_CONNECTION_ERROR_NETWORK_ERROR, _("Unable to connect"));
return 0;
}
============================================================
--- libpurple/protocols/oscar/oscar.h 2b4285381bda76591a103336f703d7dce40b43ec
+++ libpurple/protocols/oscar/oscar.h 436f317ca818fbb919ade253926d6f75607cfbde
@@ -623,7 +623,7 @@ struct aim_redirect_data
} chat;
};
-int oscar_connect_to_bos(PurpleConnection *gc, OscarData *od, const char *host, guint16 port, guint8 *cookie, guint16 cookielen);
+int oscar_connect_to_bos(PurpleConnection *gc, OscarData *od, const char *host, guint16 port, guint8 *cookie, guint16 cookielen, const char *tls_certname);
/* family_auth.c */
More information about the Commits
mailing list