cpw.darkrain42.oscar.ssl: 13076221: Use purple_proxy_connect + purple_ssl_co...

Wed Jan 14 01:56:20 EST 2009

-----------------------------------------------------------------
Revision: 13076221d4e3473ae33144b2ce44c77daca484b7
Ancestor: eb596ee076e75db65b184556fede70fb3b02530d
Author: paul at darkrain42.org
Date: 2008-12-11T08:06:23
Branch: im.pidgin.cpw.darkrain42.oscar.ssl
URL: http://d.pidgin.im/viewmtn/revision/info/13076221d4e3473ae33144b2ce44c77daca484b7

Modified files:
        libpurple/protocols/oscar/flap_connection.c
        libpurple/protocols/oscar/oscar.c
        libpurple/protocols/oscar/oscar.h

ChangeLog: 

Use purple_proxy_connect + purple_ssl_connect_with_host_fd() to hopefully
silence warnings (I get more warnings because I don't have the certificate
in a trusted store)

-------------- next part --------------
============================================================

--- libpurple/protocols/oscar/flap_connection.c	5d38f70256e58416a2a5a2ac3af23bbb5a4bc876
+++ libpurple/protocols/oscar/flap_connection.c	697d0bbf8a5ee6dbdea8580d29371b530781fe52
@@ -476,6 +476,7 @@ flap_connection_destroy_cb(gpointer data
 
 	g_free(conn->error_message);
 	g_free(conn->cookie);
+	g_free(conn->ssl_cert_cn);
 
 	/*
 	 * Free conn->internal, if necessary
============================================================
--- libpurple/protocols/oscar/oscar.c	12c8d37264fc3fa3b4824ca89b1c8d56a1c50c0f
+++ libpurple/protocols/oscar/oscar.c	9c347d93d9d27ff7acb3ec010f3df34c78388012
@@ -1227,6 +1227,32 @@ static void
 }
 
 static void
+ssl_proxy_conn_established_cb(gpointer data, gint source, const gchar *error_message)
+{
+	OscarData *od;
+	PurpleConnection *gc;
+	PurpleAccount *account;
+	FlapConnection *conn;
+
+	conn = data;
+	od = conn->od;
+	gc = od->gc;
+	account = purple_connection_get_account(gc);
+
+	conn->connect_data = NULL;
+
+	if (source < 0)
+	{
+		connection_common_error_cb(conn, error_message);
+		return;
+	}
+
+	conn->gsc = purple_ssl_connect_with_host_fd(account, source,
+			ssl_connection_established_cb, ssl_connection_error_cb,
+			conn->ssl_cert_cn, conn);
+}
+
+static void
 flap_connection_established_bos(OscarData *od, FlapConnection *conn)
 {
 	PurpleConnection *gc = od->gc;
@@ -1992,9 +2018,13 @@ purple_handle_redirect(OscarData *od, Fl
 
 	if (redir->use_ssl)
 	{
-		newconn->gsc = purple_ssl_connect(account, host, port,
-				ssl_connection_established_cb, ssl_connection_error_cb,
-				newconn);
+		/* FIXME: It should be possible to specify a certificate common name
+		 * distinct from the host we're passing to purple_ssl_connect. The
+		 * way to work around that is to use purple_proxy_connect +
+		 * purple_ssl_connect_with_host_fd */
+		newconn->ssl_cert_cn = g_strdup(redir->ssl_cert_cn);
+		newconn->connect_data = purple_proxy_connect(NULL, account, host, port,
+				ssl_proxy_conn_established_cb, newconn);
 	}
 	else
 	{
============================================================
--- libpurple/protocols/oscar/oscar.h	5a4f908ea3d62011c26fc9fa1d9650f6d395397e
+++ libpurple/protocols/oscar/oscar.h	aed54db3194bd38c02757d66e8fbb135163c5d8b
@@ -417,6 +417,7 @@ struct _FlapConnection
 	guint16 cookielen;
 	guint8 *cookie;
 	gpointer new_conn_data;
+	gchar *ssl_cert_cn;
 
 	int fd;
 	PurpleSslConnection *gsc;
