Mercurial > pidgin
comparison libpurple/protocols/oscar/clientlogin.c @ 28509:17617d892bc4
oscar: Properly support TLS when using clientLogin.
author | Paul Aurich <paul@darkrain42.org> |
---|---|
date | Fri, 06 Nov 2009 03:58:26 +0000 |
parents | 79c14adf9669 |
children | 7963477c2019 |
comparison
equal
deleted
inserted
replaced
28508:281bd8a973d8 | 28509:17617d892bc4 |
---|---|
38 | 38 |
39 #include "cipher.h" | 39 #include "cipher.h" |
40 #include "core.h" | 40 #include "core.h" |
41 | 41 |
42 #include "oscar.h" | 42 #include "oscar.h" |
43 #include "oscarcommon.h" | |
43 | 44 |
44 #define URL_CLIENT_LOGIN "https://api.screenname.aol.com/auth/clientLogin" | 45 #define URL_CLIENT_LOGIN "https://api.screenname.aol.com/auth/clientLogin" |
45 #define URL_START_OSCAR_SESSION "http://api.oscar.aol.com/aim/startOSCARSession" | 46 #define URL_START_OSCAR_SESSION "http://api.oscar.aol.com/aim/startOSCARSession" |
46 | 47 |
47 /* | 48 /* |
100 g_free(signature_base_string); | 101 g_free(signature_base_string); |
101 | 102 |
102 return signature; | 103 return signature; |
103 } | 104 } |
104 | 105 |
105 static gboolean parse_start_oscar_session_response(PurpleConnection *gc, const gchar *response, gsize response_len, char **host, unsigned short *port, char **cookie) | 106 static gboolean parse_start_oscar_session_response(PurpleConnection *gc, const gchar *response, gsize response_len, char **host, unsigned short *port, char **cookie, char **tls_certname) |
106 { | 107 { |
107 xmlnode *response_node, *tmp_node, *data_node; | 108 xmlnode *response_node, *tmp_node, *data_node; |
108 xmlnode *host_node = NULL, *port_node = NULL, *cookie_node = NULL; | 109 xmlnode *host_node = NULL, *port_node = NULL, *cookie_node = NULL, *tls_node = NULL; |
110 gboolean use_tls; | |
109 char *tmp; | 111 char *tmp; |
112 | |
113 use_tls = purple_account_get_bool(purple_connection_get_account(gc), "use_ssl", OSCAR_DEFAULT_USE_SSL); | |
110 | 114 |
111 /* Parse the response as XML */ | 115 /* Parse the response as XML */ |
112 response_node = xmlnode_from_str(response, response_len); | 116 response_node = xmlnode_from_str(response, response_len); |
113 if (response_node == NULL) | 117 if (response_node == NULL) |
114 { | 118 { |
129 data_node = xmlnode_get_child(response_node, "data"); | 133 data_node = xmlnode_get_child(response_node, "data"); |
130 if (data_node != NULL) { | 134 if (data_node != NULL) { |
131 host_node = xmlnode_get_child(data_node, "host"); | 135 host_node = xmlnode_get_child(data_node, "host"); |
132 port_node = xmlnode_get_child(data_node, "port"); | 136 port_node = xmlnode_get_child(data_node, "port"); |
133 cookie_node = xmlnode_get_child(data_node, "cookie"); | 137 cookie_node = xmlnode_get_child(data_node, "cookie"); |
138 tls_node = xmlnode_get_child(data_node, "tlsCertName"); | |
134 } | 139 } |
135 | 140 |
136 /* Make sure we have a status code */ | 141 /* Make sure we have a status code */ |
137 if (tmp_node == NULL || (tmp = xmlnode_get_data_unescaped(tmp_node)) == NULL) { | 142 if (tmp_node == NULL || (tmp = xmlnode_get_data_unescaped(tmp_node)) == NULL) { |
138 char *msg; | 143 char *msg; |
175 } | 180 } |
176 g_free(tmp); | 181 g_free(tmp); |
177 | 182 |
178 /* Make sure we have everything else */ | 183 /* Make sure we have everything else */ |
179 if (data_node == NULL || host_node == NULL || | 184 if (data_node == NULL || host_node == NULL || |
180 port_node == NULL || cookie_node == NULL) | 185 port_node == NULL || cookie_node == NULL || |
186 (use_tls && tls_node == NULL)) | |
181 { | 187 { |
182 char *msg; | 188 char *msg; |
183 purple_debug_error("oscar", "startOSCARSession response was missing " | 189 purple_debug_error("oscar", "startOSCARSession response was missing " |
184 "something: %s\n", response); | 190 "something: %s\n", response); |
185 msg = g_strdup_printf(_("Received unexpected response from %s"), | 191 msg = g_strdup_printf(_("Received unexpected response from %s"), |
193 | 199 |
194 /* Extract data from the XML */ | 200 /* Extract data from the XML */ |
195 *host = xmlnode_get_data_unescaped(host_node); | 201 *host = xmlnode_get_data_unescaped(host_node); |
196 tmp = xmlnode_get_data_unescaped(port_node); | 202 tmp = xmlnode_get_data_unescaped(port_node); |
197 *cookie = xmlnode_get_data_unescaped(cookie_node); | 203 *cookie = xmlnode_get_data_unescaped(cookie_node); |
198 if (*host == NULL || **host == '\0' || tmp == NULL || *tmp == '\0' || cookie == NULL || *cookie == '\0') | 204 |
205 if (use_tls) | |
206 *tls_certname = xmlnode_get_data_unescaped(tls_node); | |
207 | |
208 if (*host == NULL || **host == '\0' || tmp == NULL || *tmp == '\0' || cookie == NULL || *cookie == '\0' || | |
209 (use_tls && (*tls_certname == NULL || **tls_certname == '\0'))) | |
199 { | 210 { |
200 char *msg; | 211 char *msg; |
201 purple_debug_error("oscar", "startOSCARSession response was missing " | 212 purple_debug_error("oscar", "startOSCARSession response was missing " |
202 "something: %s\n", response); | 213 "something: %s\n", response); |
203 msg = g_strdup_printf(_("Received unexpected response from %s"), | 214 msg = g_strdup_printf(_("Received unexpected response from %s"), |
221 static void start_oscar_session_cb(PurpleUtilFetchUrlData *url_data, gpointer user_data, const gchar *url_text, gsize len, const gchar *error_message) | 232 static void start_oscar_session_cb(PurpleUtilFetchUrlData *url_data, gpointer user_data, const gchar *url_text, gsize len, const gchar *error_message) |
222 { | 233 { |
223 OscarData *od; | 234 OscarData *od; |
224 PurpleConnection *gc; | 235 PurpleConnection *gc; |
225 char *host, *cookie; | 236 char *host, *cookie; |
237 char *tls_certname = NULL; | |
226 unsigned short port; | 238 unsigned short port; |
227 guint8 *cookiedata; | 239 guint8 *cookiedata; |
228 gsize cookiedata_len; | 240 gsize cookiedata_len; |
229 | 241 |
230 od = user_data; | 242 od = user_data; |
242 PURPLE_CONNECTION_ERROR_NETWORK_ERROR, tmp); | 254 PURPLE_CONNECTION_ERROR_NETWORK_ERROR, tmp); |
243 g_free(tmp); | 255 g_free(tmp); |
244 return; | 256 return; |
245 } | 257 } |
246 | 258 |
247 if (!parse_start_oscar_session_response(gc, url_text, len, &host, &port, &cookie)) | 259 if (!parse_start_oscar_session_response(gc, url_text, len, &host, &port, &cookie, &tls_certname)) |
248 return; | 260 return; |
249 | 261 |
250 cookiedata = purple_base64_decode(cookie, &cookiedata_len); | 262 cookiedata = purple_base64_decode(cookie, &cookiedata_len); |
251 oscar_connect_to_bos(gc, od, host, port, cookiedata, cookiedata_len); | 263 oscar_connect_to_bos(gc, od, host, port, cookiedata, cookiedata_len, tls_certname); |
252 g_free(cookiedata); | 264 g_free(cookiedata); |
253 | 265 |
254 g_free(host); | 266 g_free(host); |
255 g_free(cookie); | 267 g_free(cookie); |
268 g_free(tls_certname); | |
256 } | 269 } |
257 | 270 |
258 static void send_start_oscar_session(OscarData *od, const char *token, const char *session_key, time_t hosttime) | 271 static void send_start_oscar_session(OscarData *od, const char *token, const char *session_key, time_t hosttime) |
259 { | 272 { |
260 char *query_string, *signature, *url; | 273 char *query_string, *signature, *url; |
274 gboolean use_tls = purple_account_get_bool(purple_connection_get_account(od->gc), "use_ssl", OSCAR_DEFAULT_USE_SSL); | |
261 | 275 |
262 /* Construct the GET parameters */ | 276 /* Construct the GET parameters */ |
263 query_string = g_strdup_printf("a=%s" | 277 query_string = g_strdup_printf("a=%s" |
264 "&f=xml" | 278 "&f=xml" |
265 "&k=%s" | 279 "&k=%s" |
266 "&ts=%" PURPLE_TIME_T_MODIFIER | 280 "&ts=%" PURPLE_TIME_T_MODIFIER |
267 "&useTLS=0", | 281 "&useTLS=%d", |
268 purple_url_encode(token), get_client_key(od), hosttime); | 282 purple_url_encode(token), get_client_key(od), hosttime, use_tls); |
269 signature = generate_signature("GET", URL_START_OSCAR_SESSION, | 283 signature = generate_signature("GET", URL_START_OSCAR_SESSION, |
270 query_string, session_key); | 284 query_string, session_key); |
271 url = g_strdup_printf(URL_START_OSCAR_SESSION "?%s&sig_sha256=%s", | 285 url = g_strdup_printf(URL_START_OSCAR_SESSION "?%s&sig_sha256=%s", |
272 query_string, signature); | 286 query_string, signature); |
273 g_free(query_string); | 287 g_free(query_string); |