cpw.darkrain42.xmpp.bosh: 25026f5a: Also, stop leaking a file descriptor in ...

paul at darkrain42.org paul at darkrain42.org
Sun Mar 22 23:10:36 EDT 2009 

-----------------------------------------------------------------
Revision: 25026f5a4434830bb15c2235e8a35f13d2de3157
Ancestor: df23b1934db9088e250f7509f4bfabb43e601dbf
Author: paul at darkrain42.org
Date: 2009-03-23T00:38:20
Branch: im.pidgin.cpw.darkrain42.xmpp.bosh
URL: http://d.pidgin.im/viewmtn/revision/info/25026f5a4434830bb15c2235e8a35f13d2de3157

Modified files:
        libpurple/protocols/jabber/auth.c
        libpurple/protocols/jabber/bosh.c
        libpurple/protocols/jabber/bosh.h
        libpurple/protocols/jabber/jabber.c
        libpurple/protocols/jabber/jabber.h

ChangeLog: 

Also, stop leaking a file descriptor in http_connection_disconnected
ChangeLog: 

BOSH: For authentication purposes, HTTPS is equivalent to a secured JabberStream.

Since we always require the connection from CM to server to be secure, allow
BOSH+HTTPS to pass 'Require SSL/TLS'.

-------------- next part --------------
============================================================
--- libpurple/protocols/jabber/auth.c	a7b6afb6a1dad1308124d7caf95a6d6765e866ec
+++ libpurple/protocols/jabber/auth.c	fd5a5a696e80d6fca46287b090d6c20597c8384e
@@ -281,7 +281,7 @@ static void jabber_auth_start_cyrus(Jabb
 	secprops.min_ssf = 0;
 	secprops.security_flags = SASL_SEC_NOANONYMOUS;
 
-	if (!js->gsc) {
+	if (!jabber_stream_is_ssl(js)) {
 		secprops.max_ssf = -1;
 		secprops.maxbufsize = 4096;
 		plaintext = purple_account_get_bool(js->gc->account, "auth_plain_in_clear", FALSE);
@@ -544,7 +544,7 @@ jabber_auth_start(JabberStream *js, xmln
 	} else if(plain) {
 		js->auth_type = JABBER_AUTH_PLAIN;
 
-		if(js->gsc == NULL && !purple_account_get_bool(js->gc->account, "auth_plain_in_clear", FALSE)) {
+		if(!jabber_stream_is_ssl(js) && !purple_account_get_bool(js->gc->account, "auth_plain_in_clear", FALSE)) {
 			char *msg = g_strdup_printf(_("%s requires plaintext authentication over an unencrypted connection.  Allow this and continue authentication?"),
 					js->gc->account->username);
 			purple_request_yes_no(js->gc, _("Plaintext Authentication"),
@@ -662,7 +662,7 @@ static void auth_old_cb(JabberStream *js
 			jabber_iq_send(iq);
 
 		} else if(xmlnode_get_child(query, "password")) {
-			if(js->gsc == NULL && !purple_account_get_bool(js->gc->account,
+			if(!jabber_stream_is_ssl(js) && !purple_account_get_bool(js->gc->account,
 						"auth_plain_in_clear", FALSE)) {
 				char *msg = g_strdup_printf(_("%s requires plaintext authentication over an unencrypted connection.  Allow this and continue authentication?"),
 											js->gc->account->username);
============================================================
--- libpurple/protocols/jabber/bosh.c	968dccfed92fdf0f5e3f677ffee2f58616ef1b6d
+++ libpurple/protocols/jabber/bosh.c	2cf283725fc1ed33c357c869d9bb0ec05a830255
@@ -216,6 +216,11 @@ jabber_bosh_connection_destroy(PurpleBOS
 	g_free(conn);
 }
 
+gboolean jabber_bosh_connection_is_ssl(PurpleBOSHConnection *conn)
+{
+	return conn->ssl;
+}
+
 void jabber_bosh_connection_close(PurpleBOSHConnection *conn)
 {
 	jabber_bosh_connection_send_native(conn, PACKET_TERMINATE, NULL);
@@ -580,10 +585,19 @@ static void http_connection_disconnected
 	 * with AIM!
 	 */
 	conn->ready = FALSE;
-	conn->fd = -1;
-	purple_input_remove(conn->ie_handle);
-	conn->ie_handle = 0;
+	if (conn->psc) {
+		purple_ssl_close(conn->psc);
+		conn->psc = NULL;
+	} else if (conn->fd >= 0) {
+		close(conn->fd);
+		conn->fd = -1;
+	}
 
+	if (conn->ie_handle) {
+		purple_input_remove(conn->ie_handle);
+		conn->ie_handle = 0;
+	}
+
 	if (conn->bosh->pipelining)
 		/* Hmmmm, fall back to multiple connections */
 		conn->bosh->pipelining = FALSE;
@@ -686,7 +700,7 @@ http_connection_read(PurpleHTTPConnectio
 		if (cnt < 0)
 			purple_debug_info("jabber", "bosh read=%d, errno=%d\n", cnt, errno);
 		else
-			purple_debug_info("jabber", "bosh server closed connection\n");
+			purple_debug_info("jabber", "bosh server closed the connection\n");
 
 		/*
 		 * If the socket is closed, the processing really needs to know about
============================================================
--- libpurple/protocols/jabber/bosh.h	489c839ef35996d7c07df375f78f771639aea64f
+++ libpurple/protocols/jabber/bosh.h	a2e951257d8f86e3ababc2586a09eb9139241624
@@ -32,6 +32,8 @@ void jabber_bosh_connection_destroy(Purp
 PurpleBOSHConnection* jabber_bosh_connection_init(JabberStream *js, const char *url);
 void jabber_bosh_connection_destroy(PurpleBOSHConnection *conn);
 
+gboolean jabber_bosh_connection_is_ssl(PurpleBOSHConnection *conn);
+
 void jabber_bosh_connection_connect(PurpleBOSHConnection *conn);
 void jabber_bosh_connection_close(PurpleBOSHConnection *conn);
 void jabber_bosh_connection_send(PurpleBOSHConnection *conn, xmlnode *node);
============================================================
--- libpurple/protocols/jabber/jabber.c	593dbd3e5f8901eaa292becd68d2bd915975432c
+++ libpurple/protocols/jabber/jabber.c	d3bcbba3bd5e59a275cd0343f41d3eadeeb3d362
@@ -188,7 +188,7 @@ void jabber_stream_features_parse(Jabber
 		if(jabber_process_starttls(js, packet))
 
 			return;
-	} else if(purple_account_get_bool(js->gc->account, "require_tls", FALSE) && !js->gsc) {
+	} else if(purple_account_get_bool(js->gc->account, "require_tls", FALSE) && !jabber_stream_is_ssl(js)) {
 		purple_connection_error_reason (js->gc,
 			 PURPLE_CONNECTION_ERROR_ENCRYPTION_ERROR,
 			_("You require encryption, but it is not available on this server."));
@@ -1745,6 +1745,12 @@ static void jabber_identities_destroy(vo
 	}
 }
 
+gboolean jabber_stream_is_ssl(JabberStream *js)
+{
+	return (js->bosh && jabber_bosh_connection_is_ssl(js->bosh)) ||
+	       (!js->bosh && js->gsc);
+}
+
 const char *jabber_list_icon(PurpleAccount *a, PurpleBuddy *b)
 {
 	return "jabber";
============================================================
--- libpurple/protocols/jabber/jabber.h	cdc958ff0665aded810c97a868da1ffca7aa450b
+++ libpurple/protocols/jabber/jabber.h	0836340275a92d36870d7d6eaf47b91bcc99ab63
@@ -313,6 +313,13 @@ void jabber_add_identity(const gchar *ca
  */
 void jabber_add_identity(const gchar *category, const gchar *type, const gchar *lang, const gchar *name);
 
+/**
+ * Returns true if this connection is over a secure (SSL) stream. Use this
+ * instead of checking js->gsc because BOSH stores its PurpleSslConnection
+ * members in its own data structure.
+ */
+gboolean jabber_stream_is_ssl(JabberStream *js);
+
 /** PRPL functions */
 const char *jabber_list_icon(PurpleAccount *a, PurpleBuddy *b);
 const char* jabber_list_emblem(PurpleBuddy *b);

More information about the Commits mailing list