Mercurial > pidgin
diff libpurple/protocols/oscar/clientlogin.c @ 30903:f8f853ab3aba
A followup commit to d849dc2a852a4ffdd345a150f0b88ab37de36e36.
Daniel voiced discontent with how I silently fall back to
insecure connection, so I changed the old 'Use SSL' checkbox
to a XMPP-style dropdown (Require encryption/Use encryption if available/
Don't use encryption), as was discussed on devel@.
author | ivan.komarov@soc.pidgin.im |
---|---|
date | Thu, 04 Nov 2010 23:38:20 +0000 |
parents | 4f0d6ee5ffee |
children | 6f9a43a2b716 |
line wrap: on
line diff
--- a/libpurple/protocols/oscar/clientlogin.c Thu Nov 04 18:28:48 2010 +0000 +++ b/libpurple/protocols/oscar/clientlogin.c Thu Nov 04 23:38:20 2010 +0000 @@ -168,11 +168,9 @@ OscarData *od = purple_connection_get_protocol_data(gc); xmlnode *response_node, *tmp_node, *data_node; xmlnode *host_node = NULL, *port_node = NULL, *cookie_node = NULL, *tls_node = NULL; - gboolean use_tls; char *tmp; guint code; - - use_tls = purple_account_get_bool(purple_connection_get_account(gc), "use_ssl", OSCAR_DEFAULT_USE_SSL); + const gchar *encryption_type = purple_account_get_string(purple_connection_get_account(gc), "encryption", OSCAR_DEFAULT_ENCRYPTION); /* Parse the response as XML */ response_node = xmlnode_from_str(response, response_len); @@ -197,7 +195,6 @@ host_node = xmlnode_get_child(data_node, "host"); port_node = xmlnode_get_child(data_node, "port"); cookie_node = xmlnode_get_child(data_node, "cookie"); - tls_node = xmlnode_get_child(data_node, "tlsCertName"); } /* Make sure we have a status code */ @@ -271,19 +268,30 @@ return FALSE; } + if (strcmp(encryption_type, OSCAR_NO_ENCRYPTION) != 0) { + tls_node = xmlnode_get_child(data_node, "tlsCertName"); + if (tls_node != NULL) { + *tls_certname = xmlnode_get_data_unescaped(tls_node); + } else { + if (strcmp(encryption_type, OSCAR_OPPORTUNISTIC_ENCRYPTION) == 0) { + purple_debug_warning("oscar", "We haven't received a tlsCertName to use. We will not do SSL to BOS.\n"); + } else { + purple_debug_error("oscar", "startOSCARSession was missing tlsCertName: %s\n", response); + purple_connection_error_reason( + gc, + PURPLE_CONNECTION_ERROR_NO_SSL_SUPPORT, + _("You required encryption in your account settings, but one of the servers doesn't support it.")); + xmlnode_free(response_node); + return FALSE; + } + } + } + /* Extract data from the XML */ *host = xmlnode_get_data_unescaped(host_node); tmp = xmlnode_get_data_unescaped(port_node); *cookie = xmlnode_get_data_unescaped(cookie_node); - if (use_tls) { - if (tls_node != NULL) { - *tls_certname = xmlnode_get_data_unescaped(tls_node); - } else { - purple_debug_warning("oscar", "useTls was 1, but we haven't received a tlsCertName to use. We will not do SSL to BOS.\n"); - } - } - if (*host == NULL || **host == '\0' || tmp == NULL || *tmp == '\0' || *cookie == NULL || **cookie == '\0') { char *msg; @@ -349,11 +357,8 @@ static void send_start_oscar_session(OscarData *od, const char *token, const char *session_key, time_t hosttime) { char *query_string, *signature, *url; - PurpleAccount *account; - gboolean use_tls; - - account = purple_connection_get_account(od->gc); - use_tls = purple_account_get_bool(account, "use_ssl", OSCAR_DEFAULT_USE_SSL); + PurpleAccount *account = purple_connection_get_account(od->gc); + const gchar *encryption_type = purple_account_get_string(account, "encryption", OSCAR_DEFAULT_ENCRYPTION); /* * Construct the GET parameters. 0x00000611 is the distid given to @@ -366,9 +371,10 @@ "&ts=%" PURPLE_TIME_T_MODIFIER "&useTLS=%d", purple_url_encode(token), - oscar_get_ui_info_int(od->icq ? "prpl-icq-distid" - : "prpl-aim-distid", 0x00000611), - get_client_key(od), hosttime, use_tls); + oscar_get_ui_info_int(od->icq ? "prpl-icq-distid" : "prpl-aim-distid", 0x00000611), + get_client_key(od), + hosttime, + strcmp(encryption_type, OSCAR_NO_ENCRYPTION) != 0 ? 1 : 0); signature = generate_signature("GET", get_start_oscar_session_url(od), query_string, session_key); url = g_strdup_printf("%s?%s&sig_sha256=%s", get_start_oscar_session_url(od),