/pidgin/main: b29ee022017f: Require SSL/TLS support. ok'd by elb@

Michael McConville mmcco at mykolab.com
Sat Dec 19 14:29:17 EST 2015


Changeset: b29ee022017f56001eef96c64f24a94f368c27b8
Author:	 Michael McConville <mmcco at mykolab.com>
Date:	 2015-12-19 14:29 -0500
Branch:	 default
URL: https://hg.pidgin.im/pidgin/main/rev/b29ee022017f

Description:

Require SSL/TLS support. ok'd by elb@

diffstat:

 configure.ac                             |   8 ++------
 libpurple/http.c                         |   7 -------
 libpurple/plugins/perl/common/SSLConn.xs |   3 ---
 libpurple/protocols/facebook/facebook.c  |   7 -------
 libpurple/protocols/gg/tcpsocket.c       |   3 +--
 libpurple/protocols/irc/irc.c            |  13 +++----------
 libpurple/protocols/jabber/jabber.c      |  29 +++++++++--------------------
 libpurple/protocols/msn/msn.c            |   9 ---------
 libpurple/protocols/oscar/oscar.c        |   9 +--------
 libpurple/protocols/yahoo/ymsg.c         |   5 -----
 libpurple/purple-socket.c                |   6 ------
 libpurple/sslconn.c                      |  14 --------------
 libpurple/sslconn.h                      |   9 ---------
 pidgin/gtkdialogs.c                      |   4 ----
 14 files changed, 16 insertions(+), 110 deletions(-)

diffs (truncated from 313 to 300 lines):

diff --git a/configure.ac b/configure.ac
--- a/configure.ac
+++ b/configure.ac
@@ -2102,10 +2102,7 @@ if test "x$enable_gnutls" != "xno"; then
 	fi
 
 	if test "x$have_gnutls" = "xyes"; then
-
 		AC_DEFINE(HAVE_GNUTLS, 1, [Define if you have GnuTLS])
-		AC_DEFINE(HAVE_SSL, 1, [Define if you have SSL])
-
 		msg_gnutls="GnuTLS"
 	fi
 fi
@@ -2139,11 +2136,10 @@ if test "x$enable_nss" != "xno"; then
 	fi
 
 	if test "x$have_nss" = "xyes"; then
-
 		AC_DEFINE(HAVE_NSS, 1, [Define if you have Mozilla NSS])
-		AC_DEFINE(HAVE_SSL, 1, [Define if you have SSL])
-
 		msg_nss="Mozilla NSS"
+	else
+		AC_MSG_ERROR([No SSL/TLS library available])
 	fi
 fi
 
diff --git a/libpurple/http.c b/libpurple/http.c
--- a/libpurple/http.c
+++ b/libpurple/http.c
@@ -1474,13 +1474,6 @@ static gboolean _purple_http_reconnect(P
 		return FALSE;
 	}
 
-	if (is_ssl && !purple_ssl_is_supported()) {
-		_purple_http_error(hc, _("Unable to connect to %s: %s"),
-			url->host, _("Server requires TLS/SSL, "
-			"but no TLS/SSL support was found."));
-		return FALSE;
-	}
-
 	if (hc->request->keepalive_pool != NULL) {
 		hc->socket_request = purple_http_keepalive_pool_request(
 			hc->request->keepalive_pool, hc->gc, url->host,
diff --git a/libpurple/plugins/perl/common/SSLConn.xs b/libpurple/plugins/perl/common/SSLConn.xs
--- a/libpurple/plugins/perl/common/SSLConn.xs
+++ b/libpurple/plugins/perl/common/SSLConn.xs
@@ -28,9 +28,6 @@ purple_ssl_close(gsc)
 Purple::Ssl::Ops
 purple_ssl_get_ops()
 
-gboolean
-purple_ssl_is_supported()
-
 size_t
 purple_ssl_read(gsc, buffer, len)
 	Purple::Ssl::Connection gsc
diff --git a/libpurple/protocols/facebook/facebook.c b/libpurple/protocols/facebook/facebook.c
--- a/libpurple/protocols/facebook/facebook.c
+++ b/libpurple/protocols/facebook/facebook.c
@@ -854,13 +854,6 @@ fb_login(PurpleAccount *acct)
 
 	gc = purple_account_get_connection(acct);
 
-	if (!purple_ssl_is_supported()) {
-		purple_connection_error(gc,
-			PURPLE_CONNECTION_ERROR_NO_SSL_SUPPORT,
-			_("SSL support unavailable"));
-		return;
-	}
-
 	fata = fb_data_new(gc);
 	api = fb_data_get_api(fata);
 	convh = purple_conversations_get_handle();
diff --git a/libpurple/protocols/gg/tcpsocket.c b/libpurple/protocols/gg/tcpsocket.c
--- a/libpurple/protocols/gg/tcpsocket.c
+++ b/libpurple/protocols/gg/tcpsocket.c
@@ -113,8 +113,7 @@ ggp_tcpsocket_write(void *_gc, void *_ps
 void
 ggp_tcpsocket_setup(PurpleConnection *gc, struct gg_login_params *glp)
 {
-	glp->socket_manager_type = purple_ssl_is_supported() ?
-		GG_SOCKET_MANAGER_TYPE_TLS : GG_SOCKET_MANAGER_TYPE_TCP;
+	glp->socket_manager_type = GG_SOCKET_MANAGER_TYPE_TLS;
 	glp->socket_manager.cb_data = gc;
 	glp->socket_manager.connect_cb = ggp_tcpsocket_connect;
 	glp->socket_manager.close_cb = ggp_tcpsocket_close;
diff --git a/libpurple/protocols/irc/irc.c b/libpurple/protocols/irc/irc.c
--- a/libpurple/protocols/irc/irc.c
+++ b/libpurple/protocols/irc/irc.c
@@ -370,16 +370,9 @@ static void irc_login(PurpleAccount *acc
 	purple_connection_update_progress(gc, _("Connecting"), 1, 2);
 
 	if (purple_account_get_bool(account, "ssl", FALSE)) {
-		if (purple_ssl_is_supported()) {
-			irc->gsc = purple_ssl_connect(account, irc->server,
-					purple_account_get_int(account, "port", IRC_DEFAULT_SSL_PORT),
-					irc_login_cb_ssl, irc_ssl_connect_failure, gc);
-		} else {
-			purple_connection_error (gc,
-				PURPLE_CONNECTION_ERROR_NO_SSL_SUPPORT,
-				_("SSL support unavailable"));
-			return;
-		}
+		irc->gsc = purple_ssl_connect(account, irc->server,
+				purple_account_get_int(account, "port", IRC_DEFAULT_SSL_PORT),
+				irc_login_cb_ssl, irc_ssl_connect_failure, gc);
 	}
 
 	if (!irc->gsc) {
diff --git a/libpurple/protocols/jabber/jabber.c b/libpurple/protocols/jabber/jabber.c
--- a/libpurple/protocols/jabber/jabber.c
+++ b/libpurple/protocols/jabber/jabber.c
@@ -237,21 +237,16 @@ jabber_process_starttls(JabberStream *js
 	 */
 	{
 		const gchar *connection_security = purple_account_get_string(account, "connection_security", JABBER_DEFAULT_REQUIRE_TLS);
-		if (!g_str_equal(connection_security, "none") &&
-				purple_ssl_is_supported()) {
+		if (!g_str_equal(connection_security, "none")) {
 			jabber_send_raw(js,
 					"<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>", -1);
 			return TRUE;
 		}
 	}
 #else
-	if(purple_ssl_is_supported()) {
-		jabber_send_raw(js,
-				"<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>", -1);
-		return TRUE;
-	} else {
-		purple_debug_warning("jabber", "No libpurple TLS/SSL support found.");
-	}
+	jabber_send_raw(js,
+			"<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>", -1);
+	return TRUE;
 #endif
 
 	starttls = purple_xmlnode_get_child(packet, "starttls");
@@ -1051,19 +1046,13 @@ jabber_stream_connect(JabberStream *js)
 
 	/* if they've got old-ssl mode going, we probably want to ignore SRV lookups */
 	if (g_str_equal("old_ssl", purple_account_get_string(account, "connection_security", JABBER_DEFAULT_REQUIRE_TLS))) {
-		if(purple_ssl_is_supported()) {
-			js->gsc = purple_ssl_connect(account, js->certificate_CN,
-					purple_account_get_int(account, "port", 5223),
-					jabber_login_callback_ssl, jabber_ssl_connect_failure, gc);
-			if (!js->gsc) {
-				purple_connection_error(gc,
-					PURPLE_CONNECTION_ERROR_NO_SSL_SUPPORT,
-					_("Unable to establish SSL connection"));
-			}
-		} else {
+		js->gsc = purple_ssl_connect(account, js->certificate_CN,
+				purple_account_get_int(account, "port", 5223),
+				jabber_login_callback_ssl, jabber_ssl_connect_failure, gc);
+		if (!js->gsc) {
 			purple_connection_error(gc,
 				PURPLE_CONNECTION_ERROR_NO_SSL_SUPPORT,
-				_("SSL support unavailable"));
+				_("Unable to establish SSL connection"));
 		}
 
 		return;
diff --git a/libpurple/protocols/msn/msn.c b/libpurple/protocols/msn/msn.c
--- a/libpurple/protocols/msn/msn.c
+++ b/libpurple/protocols/msn/msn.c
@@ -1341,15 +1341,6 @@ msn_login(PurpleAccount *account)
 
 	gc = purple_account_get_connection(account);
 
-	if (!purple_ssl_is_supported())
-	{
-		purple_connection_error(gc,
-			PURPLE_CONNECTION_ERROR_NO_SSL_SUPPORT,
-			_("SSL support is needed for MSN. Please install a supported "
-			  "SSL library."));
-		return;
-	}
-
 	http_method = purple_account_get_bool(account, "http_method", FALSE);
 
 	if (http_method)
diff --git a/libpurple/protocols/oscar/oscar.c b/libpurple/protocols/oscar/oscar.c
--- a/libpurple/protocols/oscar/oscar.c
+++ b/libpurple/protocols/oscar/oscar.c
@@ -741,14 +741,7 @@ oscar_login(PurpleAccount *account)
 	od->default_port = purple_account_get_int(account, "port", OSCAR_DEFAULT_LOGIN_PORT);
 
 	encryption_type = purple_account_get_string(account, "encryption", OSCAR_DEFAULT_ENCRYPTION);
-	if (!purple_ssl_is_supported() && strcmp(encryption_type, OSCAR_REQUIRE_ENCRYPTION) == 0) {
-		purple_connection_error(
-			gc,
-			PURPLE_CONNECTION_ERROR_NO_SSL_SUPPORT,
-			_("You required encryption in your account settings, but encryption is not supported by your system."));
-		return;
-	}
-	od->use_ssl = purple_ssl_is_supported() && strcmp(encryption_type, OSCAR_NO_ENCRYPTION) != 0;
+	od->use_ssl = strcmp(encryption_type, OSCAR_NO_ENCRYPTION) != 0;
 
 	/* Connect to core Purple signals */
 	purple_prefs_connect_callback(purple_connection_get_protocol(gc), "/purple/away/idle_reporting", idle_reporting_pref_cb, gc);
diff --git a/libpurple/protocols/yahoo/ymsg.c b/libpurple/protocols/yahoo/ymsg.c
--- a/libpurple/protocols/yahoo/ymsg.c
+++ b/libpurple/protocols/yahoo/ymsg.c
@@ -1906,11 +1906,6 @@ static void yahoo_auth16_stage1(PurpleCo
 
 	purple_debug_info("yahoo", "Authentication: In yahoo_auth16_stage1\n");
 
-	if(!purple_ssl_is_supported()) {
-		purple_connection_error(gc, PURPLE_CONNECTION_ERROR_NO_SSL_SUPPORT, _("SSL support unavailable"));
-		return;
-	}
-
 	auth_data = g_new0(struct yahoo_auth_data, 1);
 	auth_data->gc = gc;
 	auth_data->seed = g_strdup(seed);
diff --git a/libpurple/purple-socket.c b/libpurple/purple-socket.c
--- a/libpurple/purple-socket.c
+++ b/libpurple/purple-socket.c
@@ -259,12 +259,6 @@ purple_socket_connect(PurpleSocket *ps, 
 	ps->cb_data = user_data;
 
 	if (ps->is_tls) {
-		if (!purple_ssl_is_supported()) {
-			purple_debug_error("socket", "TLS is not supported");
-			ps->state = PURPLE_SOCKET_STATE_ERROR;
-			return FALSE;
-		}
-
 		ps->tls_connection = purple_ssl_connect(account, ps->host,
 			ps->port, _purple_socket_connected_tls,
 			_purple_socket_connected_tls_error, ps);
diff --git a/libpurple/sslconn.c b/libpurple/sslconn.c
--- a/libpurple/sslconn.c
+++ b/libpurple/sslconn.c
@@ -56,17 +56,6 @@ ssl_init(void)
 	return (_ssl_initialized = ops->init());
 }
 
-gboolean
-purple_ssl_is_supported(void)
-{
-#ifdef HAVE_SSL
-	ssl_init();
-	return (purple_ssl_get_ops() != NULL);
-#else
-	return FALSE;
-#endif
-}
-
 static void
 purple_ssl_connect_cb(gpointer data, gint source, const gchar *error_message)
 {
@@ -110,7 +99,6 @@ purple_ssl_connect_with_ssl_cn(PurpleAcc
 	g_return_val_if_fail(host != NULL,            NULL);
 	g_return_val_if_fail(port != 0 && port != -1, NULL);
 	g_return_val_if_fail(func != NULL,            NULL);
-	g_return_val_if_fail(purple_ssl_is_supported(), NULL);
 
 	if (!_ssl_initialized)
 	{
@@ -156,7 +144,6 @@ purple_ssl_input_add(PurpleSslConnection
 				   void *data)
 {
 	g_return_if_fail(func != NULL);
-	g_return_if_fail(purple_ssl_is_supported());
 
 	purple_ssl_input_remove(gsc);
 
@@ -203,7 +190,6 @@ purple_ssl_connect_with_host_fd(PurpleAc
 
 	g_return_val_if_fail(fd != -1,                NULL);
 	g_return_val_if_fail(func != NULL,            NULL);
-	g_return_val_if_fail(purple_ssl_is_supported(), NULL);
 
 	if (!_ssl_initialized)
 	{
diff --git a/libpurple/sslconn.h b/libpurple/sslconn.h
--- a/libpurple/sslconn.h
+++ b/libpurple/sslconn.h
@@ -152,15 +152,6 @@ G_BEGIN_DECLS
 /**************************************************************************/
 
 /**
- * purple_ssl_is_supported:
- *
- * Returns whether or not SSL is currently supported.
- *
- * Returns: %TRUE if SSL is supported, or %FALSE otherwise.
- */
-gboolean purple_ssl_is_supported(void);
-
-/**
  * purple_ssl_strerror:
  * @error:      Error code
  *
diff --git a/pidgin/gtkdialogs.c b/pidgin/gtkdialogs.c
--- a/pidgin/gtkdialogs.c



More information about the Commits mailing list