Mercurial > pidgin
comparison libpurple/protocols/oscar/clientlogin.c @ 30903:f8f853ab3aba
A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
Daniel voiced discontent with how I silently fall back to
insecure connection, so I changed the old 'Use SSL' checkbox
to a XMPP-style dropdown (Require encryption/Use encryption if available/
Don't use encryption), as was discussed on devel@.
| author | ivan.komarov@soc.pidgin.im |
|---|---|
| date | Thu, 04 Nov 2010 23:38:20 +0000 |
| parents | 4f0d6ee5ffee |
| children | 6f9a43a2b716 |
comparison
equal
deleted
inserted
replaced
| 30902:4f0d6ee5ffee | 30903:f8f853ab3aba |
|---|---|
| 166 static gboolean parse_start_oscar_session_response(PurpleConnection *gc, const gchar *response, gsize response_len, char **host, unsigned short *port, char **cookie, char **tls_certname) | 166 static gboolean parse_start_oscar_session_response(PurpleConnection *gc, const gchar *response, gsize response_len, char **host, unsigned short *port, char **cookie, char **tls_certname) |
| 167 { | 167 { |
| 168 OscarData *od = purple_connection_get_protocol_data(gc); | 168 OscarData *od = purple_connection_get_protocol_data(gc); |
| 169 xmlnode *response_node, *tmp_node, *data_node; | 169 xmlnode *response_node, *tmp_node, *data_node; |
| 170 xmlnode *host_node = NULL, *port_node = NULL, *cookie_node = NULL, *tls_node = NULL; | 170 xmlnode *host_node = NULL, *port_node = NULL, *cookie_node = NULL, *tls_node = NULL; |
| 171 gboolean use_tls; | |
| 172 char *tmp; | 171 char *tmp; |
| 173 guint code; | 172 guint code; |
| 174 | 173 const gchar *encryption_type = purple_account_get_string(purple_connection_get_account(gc), "encryption", OSCAR_DEFAULT_ENCRYPTION); |
| 175 use_tls = purple_account_get_bool(purple_connection_get_account(gc), "use_ssl", OSCAR_DEFAULT_USE_SSL); | |
| 176 | 174 |
| 177 /* Parse the response as XML */ | 175 /* Parse the response as XML */ |
| 178 response_node = xmlnode_from_str(response, response_len); | 176 response_node = xmlnode_from_str(response, response_len); |
| 179 if (response_node == NULL) | 177 if (response_node == NULL) |
| 180 { | 178 { |
| 195 data_node = xmlnode_get_child(response_node, "data"); | 193 data_node = xmlnode_get_child(response_node, "data"); |
| 196 if (data_node != NULL) { | 194 if (data_node != NULL) { |
| 197 host_node = xmlnode_get_child(data_node, "host"); | 195 host_node = xmlnode_get_child(data_node, "host"); |
| 198 port_node = xmlnode_get_child(data_node, "port"); | 196 port_node = xmlnode_get_child(data_node, "port"); |
| 199 cookie_node = xmlnode_get_child(data_node, "cookie"); | 197 cookie_node = xmlnode_get_child(data_node, "cookie"); |
| 200 tls_node = xmlnode_get_child(data_node, "tlsCertName"); | |
| 201 } | 198 } |
| 202 | 199 |
| 203 /* Make sure we have a status code */ | 200 /* Make sure we have a status code */ |
| 204 if (tmp_node == NULL || (tmp = xmlnode_get_data_unescaped(tmp_node)) == NULL) { | 201 if (tmp_node == NULL || (tmp = xmlnode_get_data_unescaped(tmp_node)) == NULL) { |
| 205 char *msg; | 202 char *msg; |
| 269 g_free(msg); | 266 g_free(msg); |
| 270 xmlnode_free(response_node); | 267 xmlnode_free(response_node); |
| 271 return FALSE; | 268 return FALSE; |
| 272 } | 269 } |
| 273 | 270 |
| 271 if (strcmp(encryption_type, OSCAR_NO_ENCRYPTION) != 0) { | |
| 272 tls_node = xmlnode_get_child(data_node, "tlsCertName"); | |
| 273 if (tls_node != NULL) { | |
| 274 *tls_certname = xmlnode_get_data_unescaped(tls_node); | |
| 275 } else { | |
| 276 if (strcmp(encryption_type, OSCAR_OPPORTUNISTIC_ENCRYPTION) == 0) { | |
| 277 purple_debug_warning("oscar", "We haven't received a tlsCertName to use. We will not do SSL to BOS.\n"); | |
| 278 } else { | |
| 279 purple_debug_error("oscar", "startOSCARSession was missing tlsCertName: %s\n", response); | |
| 280 purple_connection_error_reason( | |
| 281 gc, | |
| 282 PURPLE_CONNECTION_ERROR_NO_SSL_SUPPORT, | |
| 283 _("You required encryption in your account settings, but one of the servers doesn't support it.")); | |
| 284 xmlnode_free(response_node); | |
| 285 return FALSE; | |
| 286 } | |
| 287 } | |
| 288 } | |
| 289 | |
| 274 /* Extract data from the XML */ | 290 /* Extract data from the XML */ |
| 275 *host = xmlnode_get_data_unescaped(host_node); | 291 *host = xmlnode_get_data_unescaped(host_node); |
| 276 tmp = xmlnode_get_data_unescaped(port_node); | 292 tmp = xmlnode_get_data_unescaped(port_node); |
| 277 *cookie = xmlnode_get_data_unescaped(cookie_node); | 293 *cookie = xmlnode_get_data_unescaped(cookie_node); |
| 278 | |
| 279 if (use_tls) { | |
| 280 if (tls_node != NULL) { | |
| 281 *tls_certname = xmlnode_get_data_unescaped(tls_node); | |
| 282 } else { | |
| 283 purple_debug_warning("oscar", "useTls was 1, but we haven't received a tlsCertName to use. We will not do SSL to BOS.\n"); | |
| 284 } | |
| 285 } | |
| 286 | 294 |
| 287 if (*host == NULL || **host == '\0' || tmp == NULL || *tmp == '\0' || *cookie == NULL || **cookie == '\0') | 295 if (*host == NULL || **host == '\0' || tmp == NULL || *tmp == '\0' || *cookie == NULL || **cookie == '\0') |
| 288 { | 296 { |
| 289 char *msg; | 297 char *msg; |
| 290 purple_debug_error("oscar", "startOSCARSession response was missing " | 298 purple_debug_error("oscar", "startOSCARSession response was missing " |
| 347 } | 355 } |
| 348 | 356 |
| 349 static void send_start_oscar_session(OscarData *od, const char *token, const char *session_key, time_t hosttime) | 357 static void send_start_oscar_session(OscarData *od, const char *token, const char *session_key, time_t hosttime) |
| 350 { | 358 { |
| 351 char *query_string, *signature, *url; | 359 char *query_string, *signature, *url; |
| 352 PurpleAccount *account; | 360 PurpleAccount *account = purple_connection_get_account(od->gc); |
| 353 gboolean use_tls; | 361 const gchar *encryption_type = purple_account_get_string(account, "encryption", OSCAR_DEFAULT_ENCRYPTION); |
| 354 | |
| 355 account = purple_connection_get_account(od->gc); | |
| 356 use_tls = purple_account_get_bool(account, "use_ssl", OSCAR_DEFAULT_USE_SSL); | |
| 357 | 362 |
| 358 /* | 363 /* |
| 359 * Construct the GET parameters. 0x00000611 is the distid given to | 364 * Construct the GET parameters. 0x00000611 is the distid given to |
| 360 * us by AOL for use as the default libpurple distid. | 365 * us by AOL for use as the default libpurple distid. |
| 361 */ | 366 */ |
| 364 "&f=xml" | 369 "&f=xml" |
| 365 "&k=%s" | 370 "&k=%s" |
| 366 "&ts=%" PURPLE_TIME_T_MODIFIER | 371 "&ts=%" PURPLE_TIME_T_MODIFIER |
| 367 "&useTLS=%d", | 372 "&useTLS=%d", |
| 368 purple_url_encode(token), | 373 purple_url_encode(token), |
| 369 oscar_get_ui_info_int(od->icq ? "prpl-icq-distid" | 374 oscar_get_ui_info_int(od->icq ? "prpl-icq-distid" : "prpl-aim-distid", 0x00000611), |
| 370 : "prpl-aim-distid", 0x00000611), | 375 get_client_key(od), |
| 371 get_client_key(od), hosttime, use_tls); | 376 hosttime, |
| 377 strcmp(encryption_type, OSCAR_NO_ENCRYPTION) != 0 ? 1 : 0); | |
| 372 signature = generate_signature("GET", get_start_oscar_session_url(od), | 378 signature = generate_signature("GET", get_start_oscar_session_url(od), |
| 373 query_string, session_key); | 379 query_string, session_key); |
| 374 url = g_strdup_printf("%s?%s&sig_sha256=%s", get_start_oscar_session_url(od), | 380 url = g_strdup_printf("%s?%s&sig_sha256=%s", get_start_oscar_session_url(od), |
| 375 query_string, signature); | 381 query_string, signature); |
| 376 g_free(query_string); | 382 g_free(query_string); |