# HG changeset patch # User Yoshiki Yazawa # Date 1233233000 0 # Node ID 717a356d022be23931a9c16a1e569b3a17f9a378 # Parent 93950851db8c712d8e5e32e26cffc6431b39937a# Parent c434094cf298cf660459c38a30b4e7b9675ba5a1 propagate from branch 'im.pidgin.pidgin' (head 6a51501ec3aff341c8cd763ffc2076a9bbc07d23) to branch 'im.pidgin.pidgin.yaz' (head 203919527296bc21d02b821197b4589e72746737) diff -r 93950851db8c -r 717a356d022b ChangeLog --- a/ChangeLog Wed Jan 28 04:09:41 2009 +0000 +++ b/ChangeLog Thu Jan 29 12:43:20 2009 +0000 @@ -2,10 +2,17 @@ version 2.5.5 (??/??/????): libpurple: - * Fix transfer of buddy icons, custom smileys and files from the - latest WLM 9 official client. (Thomas Gibson-Robinson) + * Fix transfer of buddy icons, custom smileys, and files from the + latest Windows Live Messenger 9 official client. (Thomas + Gibson-Robinson) * Fix a crash when removing an account with an unknown protocol id. * Large (multi-part) messages on MSN are now correctly re-combined. + * Beta support for SSL connections for AIM and ICQ accounts. To + enable, check the "Use SSL" option from the Advanced tab when + editing your AIM or ICQ account. (Paul Aurich) + * Fix retrieval of ICQ status messages from users of ICQ 6.x, Miranda, + and other libpurple clients (fixes with libpurple users only on + statuses other than Available). (Daniel Ljungborg) Finch: * Allow rebinding keys to change the focused widget (details in the diff -r 93950851db8c -r 717a356d022b finch/libgnt/gntcolors.c --- a/finch/libgnt/gntcolors.c Wed Jan 28 04:09:41 2009 +0000 +++ b/finch/libgnt/gntcolors.c Thu Jan 29 12:43:20 2009 +0000 @@ -208,7 +208,7 @@ key = g_ascii_strdown(key, -1); color = gnt_colors_get_color(key); g_free(key); - if (color == -1) + if (color == -EINVAL) continue; init_color(color, r, g, b); @@ -251,7 +251,7 @@ int bg = gnt_colors_get_color(bgc); g_free(fgc); g_free(bgc); - if (fg == -1 || bg == -1) + if (fg == -EINVAL || bg == -EINVAL) continue; key = g_ascii_strdown(key, -1); diff -r 93950851db8c -r 717a356d022b libpurple/protocols/msn/contact.c --- a/libpurple/protocols/msn/contact.c Wed Jan 28 04:09:41 2009 +0000 +++ b/libpurple/protocols/msn/contact.c Thu Jan 29 12:43:20 2009 +0000 @@ -1362,7 +1362,8 @@ xmlnode *changes; purple_debug_info("msn", "Update contact information with new %s: %s\n", - type==MSN_UPDATE_DISPLAY ? "display name" : "alias", value); + type == MSN_UPDATE_DISPLAY ? "display name" : "alias", + value ? value : "(null)"); purple_debug_info("msn", "passport=%s\n", passport); g_return_if_fail(passport != NULL); contact_info = xmlnode_new("contactInfo"); diff -r 93950851db8c -r 717a356d022b libpurple/protocols/oscar/family_chat.c --- a/libpurple/protocols/oscar/family_chat.c Wed Jan 28 04:09:41 2009 +0000 +++ b/libpurple/protocols/oscar/family_chat.c Thu Jan 29 12:43:20 2009 +0000 @@ -79,13 +79,15 @@ if (conn->type != SNAC_FAMILY_CHAT) continue; - if (!conn->internal) { - purple_debug_misc("oscar", "faim: chat: chat connection with no name! (fd = %d)\n", conn->fd); + if (!conn->internal) + { + purple_debug_misc("oscar", "%sfaim: chat: chat connection with no name! (fd = %d)\n", + conn->gsc ? "(ssl) " : "", conn->gsc ? conn->gsc->fd : conn->fd); continue; } if (strcmp(ccp->name, name) == 0) - return conn;; + return conn; } return NULL; diff -r 93950851db8c -r 717a356d022b libpurple/protocols/oscar/family_icq.c --- a/libpurple/protocols/oscar/family_icq.c Wed Jan 28 04:09:41 2009 +0000 +++ b/libpurple/protocols/oscar/family_icq.c Thu Jan 29 12:43:20 2009 +0000 @@ -456,64 +456,6 @@ return 0; } -/* - * getstatusnote may be a misleading name because the response - * contains a lot of different information but currently it's only - * used to get that. - */ -int aim_icq_getstatusnote(OscarData *od, const char *uin, guint8 *note_hash, guint16 note_hash_len) -{ - FlapConnection *conn; - ByteStream bs; - aim_snacid_t snacid; - int bslen; - - purple_debug_misc("oscar", "aim_icq_getstatusnote: requesting status note for %s.\n", uin); - - if (!od || !(conn = flap_connection_findbygroup(od, SNAC_FAMILY_ICQ))) - { - purple_debug_misc("oscar", "aim_icq_getstatusnote: no connection.\n"); - return -EINVAL; - } - - bslen = 2 + 4 + 2 + 2 + 2 + 2 + 58 + strlen(uin); - byte_stream_new(&bs, 4 + bslen); - - snacid = aim_cachesnac(od, SNAC_FAMILY_ICQ, 0x0002, 0x0000, NULL, 0); - - byte_stream_put16(&bs, 0x0001); - byte_stream_put16(&bs, bslen); - - byte_stream_putle16(&bs, bslen - 2); - byte_stream_putuid(&bs, od); - byte_stream_putle16(&bs, 0x07d0); /* I command thee. */ - byte_stream_putle16(&bs, snacid); /* eh. */ - byte_stream_putle16(&bs, 0x0fa0); /* shrug. */ - byte_stream_putle16(&bs, 58 + strlen(uin)); - - byte_stream_put32(&bs, 0x05b90002); /* don't ask */ - byte_stream_put32(&bs, 0x80000000); - byte_stream_put32(&bs, 0x00000006); - byte_stream_put32(&bs, 0x00010002); - byte_stream_put32(&bs, 0x00020000); - byte_stream_put32(&bs, 0x04e30000); - byte_stream_put32(&bs, 0x00020002); - byte_stream_put32(&bs, 0x00000001); - - byte_stream_put16(&bs, 24 + strlen(uin)); - byte_stream_put32(&bs, 0x003c0010); - byte_stream_putraw(&bs, note_hash, 16); /* status note hash */ - byte_stream_put16(&bs, 0x0032); /* buddy uin */ - byte_stream_put16(&bs, strlen(uin)); - byte_stream_putstr(&bs, uin); - - flap_connection_send_snac_with_priority(od, conn, SNAC_FAMILY_ICQ, 0x0002, 0x000, snacid, &bs, FALSE); - - byte_stream_destroy(&bs); - - return 0; -} - static void aim_icq_freeinfo(struct aim_icq_info *info) { int i; diff -r 93950851db8c -r 717a356d022b libpurple/protocols/oscar/family_oservice.c --- a/libpurple/protocols/oscar/family_oservice.c Wed Jan 28 04:09:41 2009 +0000 +++ b/libpurple/protocols/oscar/family_oservice.c Thu Jan 29 12:43:20 2009 +0000 @@ -103,12 +103,29 @@ aim_srv_requestnew(OscarData *od, guint16 serviceid) { FlapConnection *conn; + ByteStream bs; + aim_snacid_t snacid; + GSList *tlvlist = NULL; conn = flap_connection_findbygroup(od, SNAC_FAMILY_BOS); if(!conn) return; - aim_genericreq_s(od, conn, SNAC_FAMILY_OSERVICE, 0x0004, &serviceid); + byte_stream_new(&bs, 6); + + byte_stream_put16(&bs, serviceid); + + if (od->use_ssl) + /* Request SSL Connection */ + aim_tlvlist_add_noval(&tlvlist, 0x008c); + + aim_tlvlist_write(&bs, &tlvlist); + aim_tlvlist_free(tlvlist); + + snacid = aim_cachesnac(od, SNAC_FAMILY_OSERVICE, 0x0004, 0x0000, NULL, 0); + flap_connection_send_snac(od, conn, SNAC_FAMILY_OSERVICE, 0x0004, 0x0000, snacid, &bs); + + byte_stream_destroy(&bs); } /* @@ -127,10 +144,10 @@ struct chatsnacinfo csi; conn = flap_connection_findbygroup(od, SNAC_FAMILY_BOS); - if (!conn || !roomname || !strlen(roomname)) + if (!conn || !roomname || roomname[0] == '\0') return -EINVAL; - byte_stream_new(&bs, 502); + byte_stream_new(&bs, 506); memset(&csi, 0, sizeof(csi)); csi.exchange = exchange; @@ -143,6 +160,11 @@ byte_stream_put16(&bs, 0x000e); aim_tlvlist_add_chatroom(&tlvlist, 0x0001, exchange, roomname, instance); + + if (od->use_ssl) + /* Request SSL Connection */ + aim_tlvlist_add_noval(&tlvlist, 0x008c); + aim_tlvlist_write(&bs, &tlvlist); aim_tlvlist_free(tlvlist); @@ -179,6 +201,8 @@ redir.ip = aim_tlv_getstr(tlvlist, 0x0005, 1); redir.cookielen = aim_tlv_gettlv(tlvlist, 0x0006, 1)->length; redir.cookie = (guchar *)aim_tlv_getstr(tlvlist, 0x0006, 1); + redir.ssl_cert_cn = aim_tlv_getstr(tlvlist, 0x008d, 1); + redir.use_ssl = aim_tlv_get8(tlvlist, 0x008e, 1); /* Fetch original SNAC so we can get csi if needed */ origsnac = aim_remsnac(od, snac->id); @@ -196,6 +220,7 @@ g_free((void *)redir.ip); g_free((void *)redir.cookie); + g_free((void *)redir.ssl_cert_cn); if (origsnac) g_free(origsnac->data); diff -r 93950851db8c -r 717a356d022b libpurple/protocols/oscar/flap_connection.c --- a/libpurple/protocols/oscar/flap_connection.c Wed Jan 28 04:09:41 2009 +0000 +++ b/libpurple/protocols/oscar/flap_connection.c Thu Jan 29 12:43:20 2009 +0000 @@ -364,6 +364,15 @@ conn->fd = -1; } + if (conn->gsc != NULL) + { + if (conn->type == SNAC_FAMILY_LOCATE) + flap_connection_send_close(od, conn); + + purple_ssl_close(conn->gsc); + conn->gsc = NULL; + } + if (conn->watcher_incoming != 0) { purple_input_remove(conn->watcher_incoming); @@ -467,6 +476,7 @@ g_free(conn->error_message); g_free(conn->cookie); + g_free(conn->ssl_cert_cn); /* * Free conn->internal, if necessary @@ -844,24 +854,31 @@ * All complete FLAPs handled immedate after they're received. * Incomplete FLAP data is stored locally and appended to the next * time this callback is triggered. + * + * This is called by flap_connection_recv_cb and + * flap_connection_recv_cb_ssl for unencrypted/encrypted connections. */ -void -flap_connection_recv_cb(gpointer data, gint source, PurpleInputCondition cond) +static void +flap_connection_recv(FlapConnection *conn) { - FlapConnection *conn; + gpointer buf; + gsize buflen; gssize read; - conn = data; - /* Read data until we run out of data and break out of the loop */ while (TRUE) { /* Start reading a new FLAP */ if (conn->buffer_incoming.data.data == NULL) { + buf = conn->header + conn->header_received; + buflen = 6 - conn->header_received; + /* Read the first 6 bytes (the FLAP header) */ - read = recv(conn->fd, conn->header + conn->header_received, - 6 - conn->header_received, 0); + if (conn->gsc) + read = purple_ssl_read(conn->gsc, buf, buflen); + else + read = recv(conn->fd, buf, buflen, 0); /* Check if the FLAP server closed the connection */ if (read == 0) @@ -918,13 +935,15 @@ conn->buffer_incoming.data.offset = 0; } - if (conn->buffer_incoming.data.len - conn->buffer_incoming.data.offset) + buflen = conn->buffer_incoming.data.len - conn->buffer_incoming.data.offset; + if (buflen) { + buf = &conn->buffer_incoming.data.data[conn->buffer_incoming.data.offset]; /* Read data into the temporary FlapFrame until it is complete */ - read = recv(conn->fd, - &conn->buffer_incoming.data.data[conn->buffer_incoming.data.offset], - conn->buffer_incoming.data.len - conn->buffer_incoming.data.offset, - 0); + if (conn->gsc) + read = purple_ssl_read(conn->gsc, buf, buflen); + else + read = recv(conn->fd, buf, buflen, 0); /* Check if the FLAP server closed the connection */ if (read == 0) @@ -964,6 +983,29 @@ } } +void +flap_connection_recv_cb(gpointer data, gint source, PurpleInputCondition cond) +{ + FlapConnection *conn = data; + + flap_connection_recv(conn); +} + +void +flap_connection_recv_cb_ssl(gpointer data, PurpleSslConnection *gsc, PurpleInputCondition cond) +{ + FlapConnection *conn = data; + + flap_connection_recv(conn); +} + +/** + * @param source When this function is called as a callback source is + * set to the fd that triggered the callback. But this function + * is also called directly from flap_connection_send_byte_stream(), + * in which case source will be -1. So don't use source--use + * conn->gsc or conn->fd instead. + */ static void send_cb(gpointer data, gint source, PurpleInputCondition cond) { @@ -980,7 +1022,11 @@ return; } - ret = send(conn->fd, conn->buffer_outgoing->outptr, writelen, 0); + if (conn->gsc) + ret = purple_ssl_write(conn->gsc, conn->buffer_outgoing->outptr, + writelen); + else + ret = send(conn->fd, conn->buffer_outgoing->outptr, writelen, 0); if (ret <= 0) { if (ret < 0 && ((errno == EAGAIN) || (errno == EWOULDBLOCK))) @@ -990,8 +1036,13 @@ /* Error! */ purple_input_remove(conn->watcher_outgoing); conn->watcher_outgoing = 0; - close(conn->fd); - conn->fd = -1; + if (conn->gsc) { + purple_ssl_close(conn->gsc); + conn->gsc = NULL; + } else { + close(conn->fd); + conn->fd = -1; + } flap_connection_schedule_destroy(conn, OSCAR_DISCONNECT_LOST_CONNECTION, g_strerror(errno)); return; @@ -1017,11 +1068,17 @@ purple_circ_buffer_append(conn->buffer_outgoing, bs->data, count); /* If we haven't already started writing stuff, then start the cycle */ - if ((conn->watcher_outgoing == 0) && (conn->fd >= 0)) + if (conn->watcher_outgoing == 0) { - conn->watcher_outgoing = purple_input_add(conn->fd, - PURPLE_INPUT_WRITE, send_cb, conn); - send_cb(conn, conn->fd, 0); + if (conn->gsc) { + conn->watcher_outgoing = purple_input_add(conn->gsc->fd, + PURPLE_INPUT_WRITE, send_cb, conn); + send_cb(conn, -1, 0); + } else if (conn->fd >= 0) { + conn->watcher_outgoing = purple_input_add(conn->fd, + PURPLE_INPUT_WRITE, send_cb, conn); + send_cb(conn, -1, 0); + } } } diff -r 93950851db8c -r 717a356d022b libpurple/protocols/oscar/oscar.c --- a/libpurple/protocols/oscar/oscar.c Wed Jan 28 04:09:41 2009 +0000 +++ b/libpurple/protocols/oscar/oscar.c Thu Jan 29 12:43:20 2009 +0000 @@ -1116,59 +1116,64 @@ } /** - * This is the callback function anytime purple_proxy_connect() - * establishes a new TCP connection with an oscar host. Depending - * on the type of host, we do a few different things here. + * This is called from the callback functions for establishing + * a TCP connection with an oscar host if an error occurred. */ static void -connection_established_cb(gpointer data, gint source, const gchar *error_message) +connection_common_error_cb(FlapConnection *conn, const gchar *error_message) { - PurpleConnection *gc; OscarData *od; + PurpleConnection *gc; + + od = conn->od; + gc = od->gc; + + purple_debug_error("oscar", "unable to connect to FLAP " + "server of type 0x%04hx\n", conn->type); + + if (conn->type == SNAC_FAMILY_AUTH) + { + gchar *msg; + msg = g_strdup_printf(_("Could not connect to authentication server:\n%s"), + error_message); + purple_connection_error_reason(gc, PURPLE_CONNECTION_ERROR_NETWORK_ERROR, msg); + g_free(msg); + } + else if (conn->type == SNAC_FAMILY_LOCATE) + { + gchar *msg; + msg = g_strdup_printf(_("Could not connect to BOS server:\n%s"), + error_message); + purple_connection_error_reason(gc, PURPLE_CONNECTION_ERROR_NETWORK_ERROR, msg); + g_free(msg); + } + else + { + /* Maybe we should call this for BOS connections, too? */ + flap_connection_schedule_destroy(conn, + OSCAR_DISCONNECT_COULD_NOT_CONNECT, error_message); + } +} + +/** + * This is called from the callback functions for establishing + * a TCP connection with an oscar host. Depending on the type + * of host, we do a few different things here. + */ +static void +connection_common_established_cb(FlapConnection *conn) +{ + OscarData *od; + PurpleConnection *gc; PurpleAccount *account; - FlapConnection *conn; - - conn = data; + od = conn->od; gc = od->gc; account = purple_connection_get_account(gc); - conn->connect_data = NULL; - conn->fd = source; - - if (source < 0) - { - purple_debug_error("oscar", "unable to connect to FLAP " - "server of type 0x%04hx\n", conn->type); - if (conn->type == SNAC_FAMILY_AUTH) - { - gchar *msg; - msg = g_strdup_printf(_("Could not connect to authentication server:\n%s"), - error_message); - purple_connection_error_reason(gc, PURPLE_CONNECTION_ERROR_NETWORK_ERROR, msg); - g_free(msg); - } - else if (conn->type == SNAC_FAMILY_LOCATE) - { - gchar *msg; - msg = g_strdup_printf(_("Could not connect to BOS server:\n%s"), - error_message); - purple_connection_error_reason(gc, PURPLE_CONNECTION_ERROR_NETWORK_ERROR, msg); - g_free(msg); - } - else - { - /* Maybe we should call this for BOS connections, too? */ - flap_connection_schedule_destroy(conn, - OSCAR_DISCONNECT_COULD_NOT_CONNECT, error_message); - } - return; - } - purple_debug_info("oscar", "connected to FLAP server of type 0x%04hx\n", conn->type); - conn->watcher_incoming = purple_input_add(conn->fd, - PURPLE_INPUT_READ, flap_connection_recv_cb, conn); + if (conn->cookie == NULL) flap_connection_send_version(od, conn); else @@ -1199,6 +1204,85 @@ } static void +connection_established_cb(gpointer data, gint source, const gchar *error_message) +{ + FlapConnection *conn; + + conn = data; + + conn->connect_data = NULL; + conn->fd = source; + + if (source < 0) + { + connection_common_error_cb(conn, error_message); + return; + } + + conn->watcher_incoming = purple_input_add(conn->fd, + PURPLE_INPUT_READ, flap_connection_recv_cb, conn); + connection_common_established_cb(conn); +} + +static void +ssl_connection_established_cb(gpointer data, PurpleSslConnection *gsc, + PurpleInputCondition cond) +{ + FlapConnection *conn; + + conn = data; + + purple_ssl_input_add(gsc, flap_connection_recv_cb_ssl, conn); + connection_common_established_cb(conn); +} + +static void +ssl_connection_error_cb(PurpleSslConnection *gsc, PurpleSslErrorType error, + gpointer data) +{ + FlapConnection *conn; + + conn = data; + + if (conn->watcher_outgoing) + { + purple_input_remove(conn->watcher_outgoing); + conn->watcher_outgoing = 0; + } + + /* sslconn frees the connection on error */ + conn->gsc = NULL; + + connection_common_error_cb(conn, purple_ssl_strerror(error)); +} + +static void +ssl_proxy_conn_established_cb(gpointer data, gint source, const gchar *error_message) +{ + OscarData *od; + PurpleConnection *gc; + PurpleAccount *account; + FlapConnection *conn; + + conn = data; + od = conn->od; + gc = od->gc; + account = purple_connection_get_account(gc); + + conn->connect_data = NULL; + + if (source < 0) + { + connection_common_error_cb(conn, error_message); + return; + } + + conn->gsc = purple_ssl_connect_with_host_fd(account, source, + ssl_connection_established_cb, ssl_connection_error_cb, + conn->ssl_cert_cn, conn); +} + +static void flap_connection_established_bos(OscarData *od, FlapConnection *conn) { PurpleConnection *gc = od->gc; @@ -1458,17 +1542,56 @@ gc->flags |= PURPLE_CONNECTION_AUTO_RESP; } + od->use_ssl = purple_account_get_bool(account, "use_ssl", OSCAR_DEFAULT_USE_SSL); + /* Connect to core Purple signals */ purple_prefs_connect_callback(gc, "/purple/away/idle_reporting", idle_reporting_pref_cb, gc); purple_prefs_connect_callback(gc, "/plugins/prpl/oscar/recent_buddies", recent_buddies_pref_cb, gc); newconn = flap_connection_new(od, SNAC_FAMILY_AUTH); - newconn->connect_data = purple_proxy_connect(NULL, account, - purple_account_get_string(account, "server", OSCAR_DEFAULT_LOGIN_SERVER), - purple_account_get_int(account, "port", OSCAR_DEFAULT_LOGIN_PORT), - connection_established_cb, newconn); - if (newconn->connect_data == NULL) - { + if (od->use_ssl) { + if (purple_ssl_is_supported()) { + const char *server = purple_account_get_string(account, "server", OSCAR_DEFAULT_SSL_LOGIN_SERVER); + /* + * If the account's server is what the oscar prpl has offered as + * the default login server through the vast eons (all two of + * said default options, AFAIK) and the user wants SSL, we'll + * do what we know is best for them and change the setting out + * from under them to the SSL login server. + */ + if (!strcmp(server, OSCAR_DEFAULT_LOGIN_SERVER) || !strcmp(server, OSCAR_OLD_LOGIN_SERVER)) { + purple_debug_info("oscar", "Account uses SSL, so changing server to default SSL server\n"); + purple_account_set_string(account, "server", OSCAR_DEFAULT_SSL_LOGIN_SERVER); + server = OSCAR_DEFAULT_SSL_LOGIN_SERVER; + } + + newconn->gsc = purple_ssl_connect(account, server, + purple_account_get_int(account, "port", OSCAR_DEFAULT_LOGIN_PORT), + ssl_connection_established_cb, ssl_connection_error_cb, newconn); + } else { + purple_connection_error_reason(gc, PURPLE_CONNECTION_ERROR_NO_SSL_SUPPORT, + _("SSL support unavailable")); + } + } else { + const char *server = purple_account_get_string(account, "server", OSCAR_DEFAULT_LOGIN_SERVER); + + /* + * See the comment above. We do the reverse here. If they don't want + * SSL but their server is set to OSCAR_DEFAULT_SSL_LOGIN_SERVER, + * set it back to the default. + */ + if (!strcmp(server, OSCAR_DEFAULT_SSL_LOGIN_SERVER)) { + purple_debug_info("oscar", "Account does not use SSL, so changing server back to non-SSL\n"); + purple_account_set_string(account, "server", OSCAR_DEFAULT_LOGIN_SERVER); + server = OSCAR_DEFAULT_LOGIN_SERVER; + } + + newconn->connect_data = purple_proxy_connect(NULL, account, server, + purple_account_get_int(account, "port", OSCAR_DEFAULT_LOGIN_PORT), + connection_established_cb, newconn); + } + + if (newconn->gsc == NULL && newconn->connect_data == NULL) { purple_connection_error_reason(gc, PURPLE_CONNECTION_ERROR_NETWORK_ERROR, _("Couldn't connect to host")); return; @@ -1593,8 +1716,23 @@ newconn = flap_connection_new(od, SNAC_FAMILY_LOCATE); newconn->cookielen = info->cookielen; newconn->cookie = g_memdup(info->cookie, info->cookielen); - newconn->connect_data = purple_proxy_connect(NULL, account, host, port, - connection_established_cb, newconn); + + if (od->use_ssl) + { + /* + * This shouldn't be hardcoded except that the server isn't sending + * us a name to use for comparing the certificate common name. + */ + newconn->ssl_cert_cn = g_strdup("bos.oscar.aol.com"); + newconn->connect_data = purple_proxy_connect(NULL, account, host, port, + ssl_proxy_conn_established_cb, newconn); + } + else + { + newconn->connect_data = purple_proxy_connect(NULL, account, host, port, + connection_established_cb, newconn); + } + g_free(host); if (newconn->connect_data == NULL) { @@ -1899,8 +2037,22 @@ else host = g_strdup(redir->ip); - purple_debug_info("oscar", "Connecting to FLAP server %s:%d of type 0x%04hx\n", - host, port, redir->group); + /* + * These FLAP servers advertise SSL (type "0x02"), but SSL connections to these hosts + * die a painful death. iChat and Miranda, when using SSL, still do these in plaintext. + */ + if (redir->use_ssl && (redir->group == SNAC_FAMILY_ADMIN || + redir->group == SNAC_FAMILY_BART)) + { + purple_debug_info("oscar", "Ignoring broken SSL for FLAP type 0x%04hx.\n", + redir->group); + redir->use_ssl = 0; + } + + purple_debug_info("oscar", "Connecting to FLAP server %s:%d of type 0x%04hx%s\n", + host, port, redir->group, + od->use_ssl && !redir->use_ssl ? " without SSL, despite main stream encryption" : ""); + newconn = flap_connection_new(od, redir->group); newconn->cookielen = redir->cookielen; newconn->cookie = g_memdup(redir->cookie, redir->cookielen); @@ -1918,9 +2070,26 @@ purple_debug_info("oscar", "Connecting to chat room %s exchange %hu\n", cc->name, cc->exchange); } - newconn->connect_data = purple_proxy_connect(NULL, account, host, port, - connection_established_cb, newconn); - if (newconn->connect_data == NULL) + + if (redir->use_ssl) + { + /* + * TODO: It should be possible to specify a certificate common name + * distinct from the host we're passing to purple_ssl_connect. The + * way to work around that is to use purple_proxy_connect + + * purple_ssl_connect_with_host_fd + */ + newconn->ssl_cert_cn = g_strdup(redir->ssl_cert_cn); + newconn->connect_data = purple_proxy_connect(NULL, account, host, port, + ssl_proxy_conn_established_cb, newconn); + } + else + { + newconn->connect_data = purple_proxy_connect(NULL, account, host, port, + connection_established_cb, newconn); + } + + if (newconn->gsc == NULL && newconn->connect_data == NULL) { flap_connection_schedule_destroy(newconn, OSCAR_DISCONNECT_COULD_NOT_CONNECT, @@ -1933,37 +2102,6 @@ return 1; } -static gboolean purple_requesticqstatusnote(gpointer data) -{ - PurpleConnection *gc = data; - OscarData *od = gc->proto_data; - - while (od->statusnotes_queue != NULL) - { - char *sn; - struct aim_ssi_item *ssi_item; - aim_tlv_t *note_hash; - - sn = od->statusnotes_queue->data; - - ssi_item = aim_ssi_itemlist_finditem(od->ssi.local, - NULL, sn, AIM_SSI_TYPE_BUDDY); - if (ssi_item != NULL) - { - note_hash = aim_tlv_gettlv(ssi_item->data, 0x015c, 1); - if (note_hash != NULL) { - aim_icq_getstatusnote(od, sn, note_hash->value, note_hash->length); - } - } - - od->statusnotes_queue = g_slist_remove(od->statusnotes_queue, sn); - g_free(sn); - } - - od->statusnotes_queue_timer = 0; - return FALSE; -} - static int purple_parse_oncoming(OscarData *od, FlapConnection *conn, FlapFrame *fr, ...) { @@ -1976,6 +2114,10 @@ const char *status_id; va_list ap; aim_userinfo_t *info; + char *message = NULL; + char *itmsurl = NULL; + char *tmp; + const char *tmp2; gc = od->gc; account = purple_connection_get_account(gc); @@ -2030,49 +2172,36 @@ purple_prpl_got_user_status_deactive(account, info->sn, OSCAR_STATUS_ID_MOBILE); } - if (strcmp(status_id, OSCAR_STATUS_ID_AVAILABLE) == 0) - { - char *message = NULL; - char *itmsurl = NULL; - char *tmp; - const char *tmp2; - - if (info->status != NULL && info->status[0] != '\0') - /* Grab the available message */ - message = oscar_encoding_to_utf8(account, info->status_encoding, - info->status, info->status_len); - + if (info->status != NULL && info->status[0] != '\0') + /* Grab the available message */ + message = oscar_encoding_to_utf8(account, info->status_encoding, + info->status, info->status_len); + + tmp2 = tmp = (message ? g_markup_escape_text(message, -1) : NULL); + + if (strcmp(status_id, OSCAR_STATUS_ID_AVAILABLE) == 0) { if (info->itmsurl_encoding && info->itmsurl && info->itmsurl_len) /* Grab the iTunes Music Store URL */ itmsurl = oscar_encoding_to_utf8(account, info->itmsurl_encoding, - info->itmsurl, info->itmsurl_len); - - tmp2 = tmp = (message ? g_markup_escape_text(message, -1) : NULL); + info->itmsurl, info->itmsurl_len); if (tmp2 == NULL && itmsurl != NULL) + /* + * The message can't be NULL because NULL means it was the + * last attribute, so the itmsurl would get ignored below. + */ tmp2 = ""; purple_prpl_got_user_status(account, info->sn, status_id, - "message", tmp2, "itmsurl", itmsurl, NULL); - g_free(tmp); - - g_free(message); - g_free(itmsurl); + "message", tmp2, "itmsurl", itmsurl, NULL); } else - { - PurpleBuddy *b = purple_find_buddy(account, info->sn); - PurplePresence *presence = purple_buddy_get_presence(b); - PurpleStatus *old_status = purple_presence_get_active_status(presence); - PurpleStatus *new_status = purple_presence_get_status(presence, status_id); - - /* If our status_id would change with this update, pass it to the core. - * However, if our status_id would not change, do nothing, as we would clear out any existing - * attributes on the status prematurely. purple_got_infoblock() will update the message as needed. - */ - if (old_status != new_status) - purple_prpl_got_user_status(account, info->sn, status_id, NULL); - } + purple_prpl_got_user_status(account, info->sn, status_id, "message", tmp2, NULL); + + g_free(tmp); + + g_free(message); + g_free(itmsurl); /* Login time stuff */ if (info->present & AIM_USERINFO_PRESENT_ONLINESINCE) @@ -2127,51 +2256,6 @@ g_free(b16); } - /* - * If we didn't receive a status message with the status change, - * or if the message is empty, and we have a note hash, then - * query the ICQ6 status note. - * - * TODO: We should probably always query the status note regardless - * of whether they have a status message set, and we should - * figure out a way to display both the status note and the - * status message at the same time. - */ - if (info->status == NULL || info->status[0] == '\0') - { - struct aim_ssi_item *ssi_item; - aim_tlv_t *note_hash; - - ssi_item = aim_ssi_itemlist_finditem(od->ssi.local, - NULL, info->sn, AIM_SSI_TYPE_BUDDY); - if (ssi_item != NULL) - { - note_hash = aim_tlv_gettlv(ssi_item->data, 0x015c, 1); - if (note_hash != NULL) { - /* We do automatic rate limiting at the FLAP level, so - * a flood of requests won't disconnect us. However, - * it WOULD mean that we would have to wait a - * potentially long time to be able to message in real - * time again. Also, since we're requesting with every - * purple_parse_oncoming() call, which often come in - * groups, we should coalesce to do only one lookup per - * buddy. - */ - if (od->statusnotes_queue == NULL || - g_slist_find_custom(od->statusnotes_queue, info->sn, (GCompareFunc)strcmp) == NULL) - { - od->statusnotes_queue = g_slist_prepend(od->statusnotes_queue, - g_strdup(info->sn)); - - if (od->statusnotes_queue_timer > 0) - purple_timeout_remove(od->statusnotes_queue_timer); - od->statusnotes_queue_timer = purple_timeout_add_seconds(3, - purple_requesticqstatusnote, gc); - } - } - } - } - return 1; } @@ -5337,7 +5421,6 @@ PurpleBuddy *b; PurpleGroup *g; struct aim_ssi_item *ssi_item; - aim_tlv_t *note_hash; va_list ap; guint16 snac_subtype, type; const char *name; @@ -5407,13 +5490,7 @@ ssi_item = aim_ssi_itemlist_finditem(od->ssi.local, gname, name, AIM_SSI_TYPE_BUDDY); - if (ssi_item != NULL) - { - note_hash = aim_tlv_gettlv(ssi_item->data, 0x015c, 1); - if (note_hash != NULL) - aim_icq_getstatusnote(od, name, note_hash->value, note_hash->length); - } - else + if (ssi_item == NULL) { purple_debug_error("oscar", "purple_ssi_parseaddmod: " "Could not find ssi item for oncoming buddy %s, " @@ -5851,19 +5928,8 @@ else ret = g_strdup(_("Offline")); } - else if (purple_status_is_available(status) && !strcmp(id, OSCAR_STATUS_ID_AVAILABLE)) + else { - /* Available */ - message = purple_status_get_attr_string(status, "message"); - if (message != NULL) - { - ret = g_strdup(message); - purple_util_chrreplace(ret, '\n', ' '); - } - } - else if (!purple_status_is_available(status) && !strcmp(id, OSCAR_STATUS_ID_AWAY)) - { - /* Away */ message = purple_status_get_attr_string(status, "message"); if (message != NULL) { @@ -5875,13 +5941,15 @@ g_free(tmp1); g_free(tmp2); } + else if (purple_status_is_available(status)) + { + /* Don't show "Available" as status message in case buddy doesn't have a status message */ + } else { - ret = g_strdup(_("Away")); + ret = g_strdup(purple_status_get_name(status)); } } - else - ret = g_strdup(purple_status_get_name(status)); return ret; } @@ -6887,6 +6955,10 @@ option = purple_account_option_int_new(_("Port"), "port", OSCAR_DEFAULT_LOGIN_PORT); prpl_info->protocol_options = g_list_append(prpl_info->protocol_options, option); + option = purple_account_option_bool_new(_("Use SSL"), "use_ssl", + OSCAR_DEFAULT_USE_SSL); + prpl_info->protocol_options = g_list_append(prpl_info->protocol_options, option); + option = purple_account_option_bool_new( _("Always use AIM/ICQ proxy server for\nfile transfers and direct IM (slower,\nbut does not reveal your IP address)"), "always_use_rv_proxy", OSCAR_DEFAULT_ALWAYS_USE_RV_PROXY); diff -r 93950851db8c -r 717a356d022b libpurple/protocols/oscar/oscar.h --- a/libpurple/protocols/oscar/oscar.h Wed Jan 28 04:09:41 2009 +0000 +++ b/libpurple/protocols/oscar/oscar.h Thu Jan 29 12:43:20 2009 +0000 @@ -34,6 +34,7 @@ #include "eventloop.h" #include "internal.h" #include "proxy.h" +#include "sslconn.h" #include #include @@ -417,8 +418,10 @@ guint16 cookielen; guint8 *cookie; gpointer new_conn_data; + gchar *ssl_cert_cn; int fd; + PurpleSslConnection *gsc; guint8 header[6]; gssize header_received; FlapFrame buffer_incoming; @@ -476,6 +479,7 @@ GHashTable *buddyinfo; GSList *requesticon; + gboolean use_ssl; gboolean icq; guint getblisttimer; @@ -537,10 +541,6 @@ /** A linked list containing PeerConnections. */ GSList *peer_connections; - - /** Queue of ICQ Status Notes to request. */ - GSList *statusnotes_queue; - guint statusnotes_queue_timer; }; /* Valid for calling aim_icq_setstatus() and for aim_userinfo_t->icqinfo.status */ @@ -593,6 +593,8 @@ const char *ip; guint16 cookielen; const guint8 *cookie; + const char *ssl_cert_cn; + guint8 use_ssl; struct { /* group == SNAC_FAMILY_CHAT */ guint16 exchange; const char *room; @@ -616,6 +618,8 @@ FlapConnection *flap_connection_getbytype(OscarData *, int type); FlapConnection *flap_connection_getbytype_all(OscarData *, int type); void flap_connection_recv_cb(gpointer data, gint source, PurpleInputCondition cond); +void flap_connection_recv_cb_ssl(gpointer data, PurpleSslConnection *gsc, PurpleInputCondition cond); + void flap_connection_send(FlapConnection *conn, FlapFrame *frame); void flap_connection_send_version(OscarData *od, FlapConnection *conn); void flap_connection_send_version_with_cookie(OscarData *od, FlapConnection *conn, guint16 length, const guint8 *chipsahoy); @@ -1353,7 +1357,6 @@ int aim_icq_getalias(OscarData *od, const char *uin); int aim_icq_getallinfo(OscarData *od, const char *uin); int aim_icq_sendsms(OscarData *od, const char *name, const char *msg, const char *alias); -int aim_icq_getstatusnote(OscarData *od, const char *uin, guint8 *note_hash, guint16 note_hash_len); /* 0x0017 - family_auth.c */ diff -r 93950851db8c -r 717a356d022b libpurple/protocols/oscar/oscar_data.c --- a/libpurple/protocols/oscar/oscar_data.c Wed Jan 28 04:09:41 2009 +0000 +++ b/libpurple/protocols/oscar/oscar_data.c Thu Jan 29 12:43:20 2009 +0000 @@ -91,14 +91,6 @@ g_free(od->requesticon->data); od->requesticon = g_slist_delete_link(od->requesticon, od->requesticon); } - while (od->statusnotes_queue) - { - g_free(od->statusnotes_queue->data); - od->statusnotes_queue = g_slist_delete_link(od->statusnotes_queue, - od->statusnotes_queue); - } - if (od->statusnotes_queue_timer > 0) - purple_timeout_remove(od->statusnotes_queue_timer); g_free(od->email); g_free(od->newp); g_free(od->oldp); diff -r 93950851db8c -r 717a356d022b libpurple/protocols/oscar/oscarcommon.h --- a/libpurple/protocols/oscar/oscarcommon.h Wed Jan 28 04:09:41 2009 +0000 +++ b/libpurple/protocols/oscar/oscarcommon.h Thu Jan 29 12:43:20 2009 +0000 @@ -32,6 +32,8 @@ #define OSCAR_DEFAULT_LOGIN_SERVER "login.messaging.aol.com" #define OSCAR_DEFAULT_LOGIN_PORT 5190 +#define OSCAR_DEFAULT_SSL_LOGIN_SERVER "slogin.oscar.aol.com" +#define OSCAR_OLD_LOGIN_SERVER "login.oscar.aol.com" #ifndef _WIN32 #define OSCAR_DEFAULT_CUSTOM_ENCODING "ISO-8859-1" #else @@ -42,6 +44,7 @@ #define OSCAR_DEFAULT_WEB_AWARE FALSE #define OSCAR_DEFAULT_ALWAYS_USE_RV_PROXY FALSE #define OSCAR_DEFAULT_ALLOW_MULTIPLE_LOGINS TRUE +#define OSCAR_DEFAULT_USE_SSL FALSE #ifdef _WIN32 const char *oscar_get_locale_charset(void); diff -r 93950851db8c -r 717a356d022b libpurple/protocols/oscar/peer.c --- a/libpurple/protocols/oscar/peer.c Wed Jan 28 04:09:41 2009 +0000 +++ b/libpurple/protocols/oscar/peer.c Thu Jan 29 12:43:20 2009 +0000 @@ -690,7 +690,10 @@ return; } - listener_ip = purple_network_get_my_ip(bos_conn->fd); + if (bos_conn->gsc) + listener_ip = purple_network_get_my_ip(bos_conn->gsc->fd); + else + listener_ip = purple_network_get_my_ip(bos_conn->fd); listener_port = purple_network_get_port_from_fd(conn->listenerfd); if (conn->type == OSCAR_CAPABILITY_DIRECTIM) { diff -r 93950851db8c -r 717a356d022b pidgin/gtkaccount.c --- a/pidgin/gtkaccount.c Wed Jan 28 04:09:41 2009 +0000 +++ b/pidgin/gtkaccount.c Thu Jan 29 12:43:20 2009 +0000 @@ -1990,9 +1990,13 @@ if (purple_account_get_bool(account, "use-global-buddyicon", TRUE)) { if (global_buddyicon != NULL) buddyicon = g_object_ref(G_OBJECT(global_buddyicon)); - /* This is for when set_account() is called for a single account */ - else - img = purple_buddy_icons_find_account_icon(account); + else { + /* This is for when set_account() is called for a single account */ + const char *path; + path = purple_prefs_get_path(PIDGIN_PREFS_ROOT "/accounts/buddyicon"); + if (path != NULL) + img = purple_imgstore_new_from_file(path); + } } else { img = purple_buddy_icons_find_account_icon(account); } diff -r 93950851db8c -r 717a356d022b pidgin/win32/nsis/pidgin-installer.nsi --- a/pidgin/win32/nsis/pidgin-installer.nsi Wed Jan 28 04:09:41 2009 +0000 +++ b/pidgin/win32/nsis/pidgin-installer.nsi Thu Jan 29 12:43:20 2009 +0000 @@ -718,6 +718,7 @@ Delete "$INSTDIR\ca-certs\StartCom_Free_SSL_CA.pem" Delete "$INSTDIR\ca-certs\Verisign_Class3_Primary_CA.pem" Delete "$INSTDIR\ca-certs\VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem" + Delete "$INSTDIR\ca-certs\VeriSign_International_Server_Class_3_CA.pem" Delete "$INSTDIR\ca-certs\Verisign_RSA_Secure_Server_CA.pem" RMDir "$INSTDIR\ca-certs" RMDir /r "$INSTDIR\locale" diff -r 93950851db8c -r 717a356d022b share/ca-certs/Makefile.am --- a/share/ca-certs/Makefile.am Wed Jan 28 04:09:41 2009 +0000 +++ b/share/ca-certs/Makefile.am Thu Jan 29 12:43:20 2009 +0000 @@ -10,7 +10,8 @@ EXTRA_CERTS = \ Microsoft_Internet_Authority.pem \ - Microsoft_Secure_Server_Authority.pem + Microsoft_Secure_Server_Authority.pem \ + VeriSign_International_Server_Class_3_CA.pem cacertsdir = $(datadir)/purple/ca-certs diff -r 93950851db8c -r 717a356d022b share/ca-certs/VeriSign_International_Server_Class_3_CA.pem --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/share/ca-certs/VeriSign_International_Server_Class_3_CA.pem Thu Jan 29 12:43:20 2009 +0000 @@ -0,0 +1,21 @@ +-----BEGIN CERTIFICATE----- +MIIDgzCCAuygAwIBAgIQRvzrurTQLw+SYJgjP5MHjzANBgkqhkiG9w0BAQUFADBf +MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT +LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw +HhcNOTcwNDE3MDAwMDAwWhcNMTYxMDI0MjM1OTU5WjCBujEfMB0GA1UEChMWVmVy +aVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVyaVNpZ24sIEluYy4xMzAx +BgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gQ2xhc3Mg +MzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMgSW5jb3JwLmJ5IFJlZi4g +TElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjCBnzANBgkqhkiG9w0BAQEFAAOB +jQAwgYkCgYEA2IKA6NYZAn0fhRg5JaJlK+G/1AXTvOY2O6rwTGxbtueqPHNFVbLx +veqXQu2aNAoV1Klc9UAl3dkHwTKydWzEyruj/lYncUOqY/UwPpMo5frxCTvzt01O +OfdcSVq4wR3Tsor+cDCVQsv+K1GLWjw6+SJPkLICp1OcTzTnqwSye28CAwEAAaOB +4zCB4DAPBgNVHRMECDAGAQH/AgEAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQEw +KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQUzA0BgNV +HSUELTArBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEAQYKYIZIAYb4RQEI +ATALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgEGMDEGA1UdHwQqMCgwJqAk +oCKGIGh0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA0GCSqGSIb3DQEB +BQUAA4GBAECOSZeWinPdjk3vPmG3yqBirfQOCrt1PeJu2CzHv/S5jDabyqLQnHJG +OfamggNlEcS8vy2m9dk7CrWY+rN4uR7yK0xi1f2yeh3fM/1z+aXYLYwq6tH8sCi2 +6UlIE0uDihtIeyT3ON5vQVS4q1drBt/HotSp9vE2YoCI8ot11oBx +-----END CERTIFICATE-----