# HG changeset patch
# User Andreas Monitzer <pidgin@monitzer.com>
# Date 1181056710 0
# Node ID 988102692e390d8272ed58821dc6d17da913b708
# Parent  4c454d1a6f85ebe1f8caabadc4b1ef97c34a8083
Fixed one of the issues in the ssl stuff, allowing CN cert checks for starttls-connections in XMPP.

diff -r 4c454d1a6f85 -r 988102692e39 libpurple/protocols/jabber/jabber.c
--- a/libpurple/protocols/jabber/jabber.c	Sun Jun 03 23:28:04 2007 +0000
+++ b/libpurple/protocols/jabber/jabber.c	Tue Jun 05 15:18:30 2007 +0000
@@ -504,15 +504,13 @@
 {
 	purple_input_remove(js->gc->inpa);
 	js->gc->inpa = 0;
-	js->gsc = purple_ssl_connect_fd(js->gc->account, js->fd,
-			jabber_login_callback_ssl, jabber_ssl_connect_failure, js->gc);
+	js->gsc = purple_ssl_connect_with_host_fd(js->gc->account, js->fd,
+			jabber_login_callback_ssl, jabber_ssl_connect_failure, js->serverFQDN, js->gc);
 }
 
 static void jabber_login_connect(JabberStream *js, const char *fqdn, const char *host, int port)
 {
-#ifdef HAVE_CYRUS_SASL
 	js->serverFQDN = g_strdup(fqdn);
-#endif
 
 	if (purple_proxy_connect(js->gc, js->gc->account, host,
 			port, jabber_login_callback, js->gc) == NULL)
@@ -1021,9 +1019,9 @@
 		g_string_free(js->sasl_mechs, TRUE);
 	if(js->sasl_cb)
 		g_free(js->sasl_cb);
+#endif
 	if(js->serverFQDN)
 		g_free(js->serverFQDN);
-#endif
 	g_free(js->server_name);
 	g_free(js->gmail_last_time);
 	g_free(js->gmail_last_tid);
diff -r 4c454d1a6f85 -r 988102692e39 libpurple/protocols/jabber/jabber.h
--- a/libpurple/protocols/jabber/jabber.h	Sun Jun 03 23:28:04 2007 +0000
+++ b/libpurple/protocols/jabber/jabber.h	Tue Jun 05 15:18:30 2007 +0000
@@ -136,6 +136,8 @@
 	char *gmail_last_time;
 	char *gmail_last_tid;
 
+    char *serverFQDN;
+
 	/* OK, this stays at the end of the struct, so plugins can depend
 	 * on the rest of the stuff being in the right place
 	 */
@@ -145,7 +147,6 @@
 	int sasl_state;
 	int sasl_maxbuf;
 	GString *sasl_mechs;
-	char *serverFQDN;
 #endif
 
 } JabberStream;
diff -r 4c454d1a6f85 -r 988102692e39 libpurple/sslconn.c
--- a/libpurple/sslconn.c	Sun Jun 03 23:28:04 2007 +0000
+++ b/libpurple/sslconn.c	Tue Jun 05 15:18:30 2007 +0000
@@ -154,7 +154,18 @@
 PurpleSslConnection *
 purple_ssl_connect_fd(PurpleAccount *account, int fd,
 					PurpleSslInputFunction func,
-					PurpleSslErrorFunction error_func, void *data)
+					PurpleSslErrorFunction error_func,
+                    void *data)
+{
+    return purple_ssl_connect_with_host_fd(account, fd, func, error_func, NULL, data);
+}
+
+PurpleSslConnection *
+purple_ssl_connect_with_host_fd(PurpleAccount *account, int fd,
+                      PurpleSslInputFunction func,
+                      PurpleSslErrorFunction error_func,
+                      const char *host,
+                      void *data)
 {
 	PurpleSslConnection *gsc;
 	PurpleSslOps *ops;
@@ -175,6 +186,8 @@
 	gsc->connect_cb      = func;
 	gsc->error_cb        = error_func;
 	gsc->fd              = fd;
+    if(host)
+        gsc->host            = g_strdup(host);
 
 	ops = purple_ssl_get_ops();
 	ops->connectfunc(gsc);
diff -r 4c454d1a6f85 -r 988102692e39 libpurple/sslconn.h
--- a/libpurple/sslconn.h	Sun Jun 03 23:28:04 2007 +0000
+++ b/libpurple/sslconn.h	Tue Jun 05 15:18:30 2007 +0000
@@ -154,6 +154,7 @@
 
 /**
  * Makes a SSL connection using an already open file descriptor.
+ * DEPRECATED. Use purple_ssl_connect_with_host_fd instead.
  *
  * @param account    The account making the connection.
  * @param fd         The file descriptor.
@@ -166,7 +167,25 @@
 PurpleSslConnection *purple_ssl_connect_fd(PurpleAccount *account, int fd,
 									   PurpleSslInputFunction func,
 									   PurpleSslErrorFunction error_func,
-									   void *data);
+ 									   void *data);
+
+/**
+  * Makes a SSL connection using an already open file descriptor.
+  *
+  * @param account    The account making the connection.
+  * @param fd         The file descriptor.
+  * @param func       The SSL input handler function.
+  * @param error_func The SSL error handler function.
+  * @param host       The hostname of the other peer (to verify the CN)
+  * @param data       User-defined data.
+  *
+  * @return The SSL connection handle.
+  */
+PurpleSslConnection *purple_ssl_connect_with_host_fd(PurpleAccount *account, int fd,
+                                           PurpleSslInputFunction func,
+                                           PurpleSslErrorFunction error_func,
+                                           const char *host,
+                                           void *data);
 
 /**
  * Adds an input watcher for the specified SSL connection.