--- a/libpurple/protocols/jabber/jabber.c	Sat Aug 21 06:04:13 2010 +0000
+++ b/libpurple/protocols/jabber/jabber.c	Sun Nov 21 20:30:12 2010 +0000
@@ -51,7 +51,9 @@
 #include "chat.h"
 #include "data.h"
 #include "disco.h"
-#include "google.h"
+#include "google/google.h"
+#include "google/google_roster.h"
+#include "google/google_session.h"
 #include "ibb.h"
 #include "iq.h"
 #include "jutil.h"
@@ -218,11 +220,30 @@
 
 	account = purple_connection_get_account(js->gc);
 
+#if 0
+	/*
+	 * This code DOES NOT EXIST, will never be enabled by default, and
+	 * will never ever be supported (by me).
+	 * It's literally *only* for developer testing.
+	 */
+	{
+		const gchar *connection_security = purple_account_get_string(account, "connection_security", JABBER_DEFAULT_REQUIRE_TLS);
+		if (!g_str_equal(connection_security, "none") &&
+				purple_ssl_is_supported()) {
+			jabber_send_raw(js,
+					"<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>", -1);
+			return TRUE;
+		}
+	}
+#else
 	if(purple_ssl_is_supported()) {
 		jabber_send_raw(js,
 				"<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>", -1);
 		return TRUE;
+	} else { 
+		purple_debug_warning("jabber", "No libpurple TLS/SSL support found.");
 	}
+#endif
 
 	starttls = xmlnode_get_child(packet, "starttls");
 	if(xmlnode_get_child(starttls, "required")) {
@@ -232,7 +253,7 @@
 		return TRUE;
 	}
 
-	if(purple_account_get_bool(account, "require_tls", JABBER_DEFAULT_REQUIRE_TLS)) {
+	if (g_str_equal("require_tls", purple_account_get_string(account, "connection_security", JABBER_DEFAULT_REQUIRE_TLS))) {
 		purple_connection_error_reason(js->gc,
 				PURPLE_CONNECTION_ERROR_NO_SSL_SUPPORT,
 				_("You require encryption, but no TLS/SSL support was found."));
@@ -244,12 +265,16 @@
 
 void jabber_stream_features_parse(JabberStream *js, xmlnode *packet)
 {
-	if(xmlnode_get_child(packet, "starttls")) {
-		if(jabber_process_starttls(js, packet)) {
+	PurpleAccount *account = purple_connection_get_account(js->gc);
+	const char *connection_security =
+		purple_account_get_string(account, "connection_security", JABBER_DEFAULT_REQUIRE_TLS);
+
+	if (xmlnode_get_child(packet, "starttls")) {
+		if (jabber_process_starttls(js, packet)) {
 			jabber_stream_set_state(js, JABBER_STREAM_INITIALIZING_ENCRYPTION);
 			return;
 		}
-	} else if(purple_account_get_bool(js->gc->account, "require_tls", JABBER_DEFAULT_REQUIRE_TLS) && !jabber_stream_is_ssl(js)) {
+	} else if (g_str_equal(connection_security, "require_tls") && !jabber_stream_is_ssl(js)) {
 		purple_connection_error_reason(js->gc,
 			 PURPLE_CONNECTION_ERROR_ENCRYPTION_ERROR,
 			_("You require encryption, but it is not available on this server."));
@@ -737,18 +762,10 @@
 txt_resolved_cb(GList *responses, gpointer data)
 {
 	JabberStream *js = data;
+	gboolean found = FALSE;
 
 	js->srv_query_data = NULL;
 
-	if (responses == NULL) {
-		purple_debug_warning("jabber", "Unable to find alternative XMPP connection "
-				  "methods after failing to connect directly.\n");
-		purple_connection_error_reason(js->gc,
-				PURPLE_CONNECTION_ERROR_NETWORK_ERROR,
-				_("Unable to connect"));
-		return;
-	}
-
 	while (responses) {
 		PurpleTxtResponse *resp = responses->data;
 		gchar **token;
@@ -765,9 +782,17 @@
 	}
 
 	if (js->bosh) {
+		found = TRUE;
 		jabber_bosh_connection_connect(js->bosh);
-	} else {
-		purple_debug_info("jabber","Didn't find an alternative connection method.\n");
+	}
+
+	if (!found) {
+		purple_debug_warning("jabber", "Unable to find alternative XMPP connection "
+				  "methods after failing to connect directly.\n");
+		purple_connection_error_reason(js->gc,
+				PURPLE_CONNECTION_ERROR_NETWORK_ERROR,
+				_("Unable to connect"));
+		return;
 	}
 
 	if (responses) {
@@ -943,6 +968,11 @@
 	js->buddies = g_hash_table_new_full(g_str_hash, g_str_equal,
 			g_free, (GDestroyNotify)jabber_buddy_free);
 
+	/* This is overridden during binding, but we need it here
+	 * in case the server only does legacy non-sasl auth!.
+	 */
+	purple_connection_set_display_name(gc, user);
+
 	js->user_jb = jabber_buddy_find(js, user, TRUE);
 	g_free(user);
 	if (!js->user_jb) {
@@ -972,6 +1002,9 @@
 	js->stun_ip = NULL;
 	js->stun_port = 0;
 	js->stun_query = NULL;
+	js->google_relay_token = NULL;
+	js->google_relay_host = NULL;
+	js->google_relay_requests = NULL;
 
 	/* if we are idle, set idle-ness on the stream (this could happen if we get
 		disconnected and the reconnects while being idle. I don't think it makes
@@ -1014,7 +1047,7 @@
 	js->certificate_CN = g_strdup(connect_server[0] ? connect_server : js->user->domain);
 
 	/* if they've got old-ssl mode going, we probably want to ignore SRV lookups */
-	if(purple_account_get_bool(account, "old_ssl", FALSE)) {
+	if (g_str_equal("old_ssl", purple_account_get_string(account, "connection_security", JABBER_DEFAULT_REQUIRE_TLS))) {
 		if(purple_ssl_is_supported()) {
 			js->gsc = purple_ssl_connect(account, js->certificate_CN,
 					purple_account_get_int(account, "port", 5223),
@@ -1631,6 +1664,8 @@
 	if(js->sasl_mechs)
 		g_string_free(js->sasl_mechs, TRUE);
 	g_free(js->sasl_cb);
+	/* Note: _not_ g_free.  See auth_cyrus.c:jabber_sasl_cb_secret */
+	free(js->sasl_secret);
 #endif
 	g_free(js->serverFQDN);
 	while(js->commands) {
@@ -1673,6 +1708,21 @@
 		js->stun_query = NULL;
 	}
 
+	/* remove Google relay-related stuff */
+	g_free(js->google_relay_token);
+	g_free(js->google_relay_host);
+	if (js->google_relay_requests) {
+		while (js->google_relay_requests) {
+			PurpleUtilFetchUrlData *url_data =
+				(PurpleUtilFetchUrlData *) js->google_relay_requests->data;
+			purple_util_fetch_url_cancel(url_data);
+			g_free(url_data);
+			js->google_relay_requests = 
+				g_list_delete_link(js->google_relay_requests, 
+					js->google_relay_requests);
+		}
+	}
+
 	g_free(js);
 
 	gc->proto_data = NULL;
@@ -2615,13 +2665,19 @@
 	if(reason != NULL) { *reason = x; }
 
 	if((error = xmlnode_get_child(packet, "error"))) {
+		xmlnode *t = xmlnode_get_child_with_namespace(error, "text", NS_XMPP_STANZAS);
+		if (t)
+			cdata = xmlnode_get_data(t);
+#if 0
 		cdata = xmlnode_get_data(error);
+#endif
 		code = xmlnode_get_attrib(error, "code");
 
 		/* Stanza errors */
 		if(xmlnode_get_child(error, "bad-request")) {
 			text = _("Bad Request");
 		} else if(xmlnode_get_child(error, "conflict")) {
+			SET_REASON(PURPLE_CONNECTION_ERROR_NAME_IN_USE);
 			text = _("Conflict");
 		} else if(xmlnode_get_child(error, "feature-not-implemented")) {
 			text = _("Feature Not Implemented");
@@ -3229,9 +3285,9 @@
 		g_free(resource);
 
 		if (type & PURPLE_MEDIA_AUDIO &&
-				!jabber_resource_has_capability(jbr,
-				JINGLE_APP_RTP_SUPPORT_AUDIO) &&
-				jabber_resource_has_capability(jbr, NS_GOOGLE_VOICE))
+			!jabber_resource_has_capability(jbr,
+			JINGLE_APP_RTP_SUPPORT_AUDIO) &&
+			jabber_resource_has_capability(jbr, NS_GOOGLE_VOICE))
 			return jabber_google_session_initiate(js, who, type);
 		else
 			return jingle_rtp_initiate_media(js, who, type);