diff options
Diffstat (limited to 'protocols')
| -rw-r--r-- | protocols/jabber/io.c | 32 | ||||
| -rw-r--r-- | protocols/jabber/jabber.c | 5 | ||||
| -rw-r--r-- | protocols/jabber/jabber.h | 2 | ||||
| -rw-r--r-- | protocols/msn/soap.c | 10 | ||||
| -rw-r--r-- | protocols/skype/skype.c | 4 |
5 files changed, 42 insertions, 11 deletions
diff --git a/protocols/jabber/io.c b/protocols/jabber/io.c index d3383375..385c45c4 100644 --- a/protocols/jabber/io.c +++ b/protocols/jabber/io.c @@ -278,7 +278,7 @@ gboolean jabber_connected_plain( gpointer data, gint source, b_input_condition c return jabber_start_stream( ic ); } -gboolean jabber_connected_ssl( gpointer data, void *source, b_input_condition cond ) +gboolean jabber_connected_ssl( gpointer data, int returncode, void *source, b_input_condition cond ) { struct im_connection *ic = data; struct jabber_data *jd; @@ -294,8 +294,20 @@ gboolean jabber_connected_ssl( gpointer data, void *source, b_input_condition co already, set it to NULL here to prevent a double cleanup: */ jd->ssl = NULL; - imcb_error( ic, "Could not connect to server" ); - imc_logout( ic, TRUE ); + if( returncode != 0 ) + { + char *err = ssl_verify_strerror( returncode ); + imcb_error( ic, "Certificate verification problem 0x%x: %s", + returncode, err ? err : "Unknown" ); + g_free( err ); + imc_logout( ic, FALSE ); + } + else + { + imcb_error( ic, "Could not connect to server" ); + imc_logout( ic, TRUE ); + } + return FALSE; } @@ -399,7 +411,7 @@ static xt_status jabber_pkt_proceed_tls( struct xt_node *node, gpointer data ) { struct im_connection *ic = data; struct jabber_data *jd = ic->proto_data; - char *xmlns; + char *xmlns, *tlsname; xmlns = xt_find_attr( node, "xmlns" ); @@ -425,7 +437,17 @@ static xt_status jabber_pkt_proceed_tls( struct xt_node *node, gpointer data ) imcb_log( ic, "Converting stream to TLS" ); jd->flags |= JFLAG_STARTTLS_DONE; - jd->ssl = ssl_starttls( jd->fd, jabber_connected_ssl, ic ); + + /* If the user specified a server for the account, use this server as the + * hostname in the certificate verification. Else we use the domain from + * the username. */ + if( ic->acc->server && *ic->acc->server ) + tlsname = ic->acc->server; + else + tlsname = jd->server; + + jd->ssl = ssl_starttls( jd->fd, tlsname, set_getbool( &ic->acc->set, "tls_verify" ), + jabber_connected_ssl, ic ); return XT_HANDLED; } diff --git a/protocols/jabber/jabber.c b/protocols/jabber/jabber.c index fae55ffe..2856f1b6 100644 --- a/protocols/jabber/jabber.c +++ b/protocols/jabber/jabber.c @@ -81,6 +81,9 @@ static void jabber_init( account_t *acc ) s = set_add( &acc->set, "tls", "try", set_eval_tls, acc ); s->flags |= ACC_SET_OFFLINE_ONLY; + s = set_add( &acc->set, "tls_verify", "true", set_eval_bool, acc ); + s->flags |= ACC_SET_OFFLINE_ONLY; + s = set_add( &acc->set, "sasl", "true", set_eval_bool, acc ); s->flags |= ACC_SET_OFFLINE_ONLY | SET_HIDDEN_DEFAULT; @@ -232,7 +235,7 @@ static void jabber_login( account_t *acc ) non-standard ports... */ if( set_getbool( &acc->set, "ssl" ) ) { - jd->ssl = ssl_connect( connect_to, set_getint( &acc->set, "port" ), jabber_connected_ssl, ic ); + jd->ssl = ssl_connect( connect_to, set_getint( &acc->set, "port" ), FALSE, jabber_connected_ssl, ic ); jd->fd = jd->ssl ? ssl_getfd( jd->ssl ) : -1; } else diff --git a/protocols/jabber/jabber.h b/protocols/jabber/jabber.h index 364d561c..aa552558 100644 --- a/protocols/jabber/jabber.h +++ b/protocols/jabber/jabber.h @@ -308,7 +308,7 @@ extern const struct jabber_away_state jabber_away_state_list[]; int jabber_write_packet( struct im_connection *ic, struct xt_node *node ); int jabber_write( struct im_connection *ic, char *buf, int len ); gboolean jabber_connected_plain( gpointer data, gint source, b_input_condition cond ); -gboolean jabber_connected_ssl( gpointer data, void *source, b_input_condition cond ); +gboolean jabber_connected_ssl( gpointer data, int returncode, void *source, b_input_condition cond ); gboolean jabber_start_stream( struct im_connection *ic ); void jabber_end_stream( struct im_connection *ic ); diff --git a/protocols/msn/soap.c b/protocols/msn/soap.c index 7d9f3791..d9804f49 100644 --- a/protocols/msn/soap.c +++ b/protocols/msn/soap.c @@ -59,6 +59,7 @@ struct msn_soap_req_data void *data; struct im_connection *ic; int ttl; + char *error; char *url, *action, *payload; struct http_request *http_req; @@ -157,13 +158,17 @@ static void msn_soap_handle_response( struct http_request *http_req ) xt_free( parser ); } + if( http_req->status_code != 200 ) + soap_req->error = g_strdup( http_req->status_string ); + st = soap_req->handle_response( soap_req ); fail: g_free( soap_req->url ); g_free( soap_req->action ); g_free( soap_req->payload ); - soap_req->url = soap_req->action = soap_req->payload = NULL; + g_free( soap_req->error ); + soap_req->url = soap_req->action = soap_req->payload = soap_req->error = NULL; if( st == MSN_SOAP_RETRY && --soap_req->ttl ) { @@ -252,6 +257,7 @@ static void msn_soap_free( struct msn_soap_req_data *soap_req ) g_free( soap_req->url ); g_free( soap_req->action ); g_free( soap_req->payload ); + g_free( soap_req->error ); g_free( soap_req ); } @@ -409,7 +415,7 @@ static int msn_soap_passport_sso_handle_response( struct msn_soap_req_data *soap if( sd->secret == NULL ) { - msn_auth_got_passport_token( ic, NULL, sd->error ); + msn_auth_got_passport_token( ic, NULL, sd->error ? sd->error : soap_req->error ); return MSN_SOAP_OK; } diff --git a/protocols/skype/skype.c b/protocols/skype/skype.c index 5b1a6c30..760aeb3d 100644 --- a/protocols/skype/skype.c +++ b/protocols/skype/skype.c @@ -1156,7 +1156,7 @@ gboolean skype_start_stream(struct im_connection *ic) return st; } -gboolean skype_connected(gpointer data, void *source, b_input_condition cond) +gboolean skype_connected(gpointer data, int returncode, void *source, b_input_condition cond) { struct im_connection *ic = data; struct skype_data *sd = ic->proto_data; @@ -1184,7 +1184,7 @@ static void skype_login(account_t *acc) imcb_log(ic, "Connecting"); sd->ssl = ssl_connect(set_getstr(&acc->set, "server"), - set_getint(&acc->set, "port"), skype_connected, ic); + set_getint(&acc->set, "port"), FALSE, skype_connected, ic); sd->fd = sd->ssl ? ssl_getfd(sd->ssl) : -1; sd->username = g_strdup(acc->user); |