2 files changed, 25 insertions, 7 deletions

diff --git a/skype/README b/skype/README
index 60aa4081..bf6d98bf 100644
--- a/skype/README
+++ b/skype/README
@@ -34,6 +34,7 @@ not..)
 * Python >= 2.5. Skype4Py does not work with 2.4.
 * PyGObject >= 2.8.0. Older versions are part of PyGTK. (And you don't want to
   install GTK for nothing, right?)
+* pyopenssl or python-gnutls.
 
 `bitlbee-skype` has been tested under Linux and Mac OS X. Skype and Skype4py is
 available under Windows, too, so it probably works, but this has not been tested.
@@ -112,6 +113,13 @@ if you used the `--sysconfdir` switch when running bitlbee-skype's `configure`.
 NOTE: Maybe you want to adjust the permissions in the `/usr/local/etc/skyped`
 dir. For example make it readable by just your user.
 
+- If both pyopenssl and python-gnutls are available, then python-gnutls
+  will be used. This behaviour can be overwritten by:
+
+----
+$ export SKYPED_NO_GNUTLS=1
+----
+
 - Start `skyped` (the tcp server):
 
 ----
diff --git a/skype/skyped.py b/skype/skyped.py
index c9375596..ece745f1 100644
--- a/skype/skyped.py
+++ b/skype/skyped.py
@@ -73,13 +73,21 @@ def idle_handler(skype):
 
 def server(host, port):
 	global options
-
-	from OpenSSL import SSL
-	ctx = SSL.Context(SSL.TLSv1_METHOD)
-	ctx.use_privatekey_file(options.config.sslkey)
-	ctx.use_certificate_file(options.config.sslcert)
-	sock = SSL.Connection(ctx, socket.socket())
-
+	try:
+		if "SKYPED_NO_GNUTLS" in os.environ.keys():
+			dprint("Warning, using OpenSSL instead of gnutls as requested (not recommended).")
+			raise ImportError
+		from gnutls import crypto, connection
+		cert = crypto.X509Certificate(open(options.config.sslcert).read())
+		key = crypto.X509PrivateKey(open(options.config.sslkey).read())
+		cred = connection.X509Credentials(cert, key)
+		sock = connection.ServerSessionFactory(socket.socket(), cred)
+	except ImportError:
+		from OpenSSL import SSL
+		ctx = SSL.Context(SSL.TLSv1_METHOD)
+		ctx.use_privatekey_file(options.config.sslkey)
+		ctx.use_certificate_file(options.config.sslcert)
+		sock = SSL.Connection(ctx, socket.socket())
 	sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
 	sock.bind((host, port))
 	sock.listen(1)
@@ -88,6 +96,8 @@ def server(host, port):
 def listener(sock, *args):
 	global options
 	options.conn, addr = sock.accept()
+	if hasattr(options.conn, 'handshake'):
+		options.conn.handshake()
 	ret = 0
 	line = options.conn.recv(1024)
 	if line.startswith("USERNAME") and line.split(' ')[1].strip() == options.config.username: