tomkiewicz

pidgin-libpurple-ssl-compat

Oct 15th, 2012
112
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. diff --git a/libpurple/plugins/ssl/ssl-gnutls.c b/libpurple/plugins/ssl/ssl-gnutls.c
  2. --- a/libpurple/plugins/ssl/ssl-gnutls.c
  3. +++ b/libpurple/plugins/ssl/ssl-gnutls.c
  4. @@ -392,6 +392,11 @@
  5.     gsc->private_data = gnutls_data;
  6.  
  7.     gnutls_init(&gnutls_data->session, GNUTLS_CLIENT);
  8. +
  9. +   if (purple_ssl_get_compatibility_level(gsc) >=
  10. +       PURPLE_SSL_COMPATIBILITY_MAXIMUM)
  11. +       gnutls_session_enable_compatibility_mode(gnutls_data->session);
  12. +
  13.  #ifdef HAVE_GNUTLS_PRIORITY_FUNCS
  14.     {
  15.         const char *prio_str = NULL;
  16. @@ -472,7 +477,11 @@
  17.     if(s == GNUTLS_E_AGAIN || s == GNUTLS_E_INTERRUPTED) {
  18.         s = -1;
  19.         errno = EAGAIN;
  20. -   } else if(s < 0) {
  21. +   } else if (s == GNUTLS_E_PREMATURE_TERMINATION &&
  22. +       purple_ssl_get_compatibility_level(gsc) >=
  23. +       PURPLE_SSL_COMPATIBILITY_SECURE) {
  24. +       s = 0;
  25. +   } else if (s < 0) {
  26.         purple_debug_error("gnutls", "receive failed: %s\n",
  27.                 gnutls_strerror(s));
  28.         s = -1;
  29. diff --git a/libpurple/sslconn.c b/libpurple/sslconn.c
  30. --- a/libpurple/sslconn.c
  31. +++ b/libpurple/sslconn.c
  32. @@ -287,6 +287,19 @@
  33.  }
  34.  
  35.  void
  36. +purple_ssl_set_compatibility_level(PurpleSslConnection *gsc,
  37. +   PurpleSslCompatibilityLevel level)
  38. +{
  39. +   gsc->compatibility_level = level;
  40. +}
  41. +
  42. +PurpleSslCompatibilityLevel
  43. +purple_ssl_get_compatibility_level(PurpleSslConnection *gsc)
  44. +{
  45. +   return gsc->compatibility_level;
  46. +}
  47. +
  48. +void
  49.  purple_ssl_set_ops(PurpleSslOps *ops)
  50.  {
  51.     _ssl_ops = ops;
  52. diff --git a/libpurple/sslconn.h b/libpurple/sslconn.h
  53. --- a/libpurple/sslconn.h
  54. +++ b/libpurple/sslconn.h
  55. @@ -34,6 +34,17 @@
  56.     PURPLE_SSL_CERTIFICATE_INVALID = 3
  57.  } PurpleSslErrorType;
  58.  
  59. +typedef enum
  60. +{
  61. +   PURPLE_SSL_COMPATIBILITY_DEFAULT = 0,
  62. +
  63. +   /** Without security tradeoffs. */
  64. +   PURPLE_SSL_COMPATIBILITY_SECURE = 1,
  65. +
  66. +   /** Maximum possible compatibility with some security tradeoffs. */
  67. +   PURPLE_SSL_COMPATIBILITY_MAXIMUM = 255
  68. +} PurpleSslCompatibilityLevel;
  69. +
  70.  #include "certificate.h"
  71.  #include "proxy.h"
  72.  
  73. @@ -77,6 +88,9 @@
  74.  
  75.     /** Verifier to use in authenticating the peer */
  76.     PurpleCertificateVerifier *verifier;
  77. +
  78. +   /** Current compatibility level. */
  79. +   PurpleSslCompatibilityLevel compatibility_level;
  80.  };
  81.  
  82.  /**
  83. @@ -276,6 +290,24 @@
  84.   */
  85.  GList * purple_ssl_get_peer_certificates(PurpleSslConnection *gsc);
  86.  
  87. +/**
  88. + * Sets compatibility level for SSL connection.
  89. + *
  90. + * @param gsc   The SSL connection handle.
  91. + * @param level The level to set.
  92. + */
  93. +void purple_ssl_set_compatibility_level(PurpleSslConnection *gsc,
  94. +   PurpleSslCompatibilityLevel level);
  95. +
  96. +/**
  97. + * Gets current compatibility level for SSL connection.
  98. + *
  99. + * @param gsc The SSL connection handle.
  100. + * @return    Current compatiblity level.
  101. + */
  102. +PurpleSslCompatibilityLevel purple_ssl_get_compatibility_level(
  103. +   PurpleSslConnection *gsc);
  104. +
  105.  /*@}*/
  106.  
  107.  /**************************************************************************/
RAW Paste Data