Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- diff --git a/libpurple/plugins/ssl/ssl-gnutls.c b/libpurple/plugins/ssl/ssl-gnutls.c
- --- a/libpurple/plugins/ssl/ssl-gnutls.c
- +++ b/libpurple/plugins/ssl/ssl-gnutls.c
- @@ -392,6 +392,11 @@
- gsc->private_data = gnutls_data;
- gnutls_init(&gnutls_data->session, GNUTLS_CLIENT);
- +
- + if (purple_ssl_get_compatibility_level(gsc) >=
- + PURPLE_SSL_COMPATIBILITY_MAXIMUM)
- + gnutls_session_enable_compatibility_mode(gnutls_data->session);
- +
- #ifdef HAVE_GNUTLS_PRIORITY_FUNCS
- {
- const char *prio_str = NULL;
- @@ -472,7 +477,11 @@
- if(s == GNUTLS_E_AGAIN || s == GNUTLS_E_INTERRUPTED) {
- s = -1;
- errno = EAGAIN;
- - } else if(s < 0) {
- + } else if (s == GNUTLS_E_PREMATURE_TERMINATION &&
- + purple_ssl_get_compatibility_level(gsc) >=
- + PURPLE_SSL_COMPATIBILITY_SECURE) {
- + s = 0;
- + } else if (s < 0) {
- purple_debug_error("gnutls", "receive failed: %s\n",
- gnutls_strerror(s));
- s = -1;
- diff --git a/libpurple/sslconn.c b/libpurple/sslconn.c
- --- a/libpurple/sslconn.c
- +++ b/libpurple/sslconn.c
- @@ -287,6 +287,19 @@
- }
- void
- +purple_ssl_set_compatibility_level(PurpleSslConnection *gsc,
- + PurpleSslCompatibilityLevel level)
- +{
- + gsc->compatibility_level = level;
- +}
- +
- +PurpleSslCompatibilityLevel
- +purple_ssl_get_compatibility_level(PurpleSslConnection *gsc)
- +{
- + return gsc->compatibility_level;
- +}
- +
- +void
- purple_ssl_set_ops(PurpleSslOps *ops)
- {
- _ssl_ops = ops;
- diff --git a/libpurple/sslconn.h b/libpurple/sslconn.h
- --- a/libpurple/sslconn.h
- +++ b/libpurple/sslconn.h
- @@ -34,6 +34,17 @@
- PURPLE_SSL_CERTIFICATE_INVALID = 3
- } PurpleSslErrorType;
- +typedef enum
- +{
- + PURPLE_SSL_COMPATIBILITY_DEFAULT = 0,
- +
- + /** Without security tradeoffs. */
- + PURPLE_SSL_COMPATIBILITY_SECURE = 1,
- +
- + /** Maximum possible compatibility with some security tradeoffs. */
- + PURPLE_SSL_COMPATIBILITY_MAXIMUM = 255
- +} PurpleSslCompatibilityLevel;
- +
- #include "certificate.h"
- #include "proxy.h"
- @@ -77,6 +88,9 @@
- /** Verifier to use in authenticating the peer */
- PurpleCertificateVerifier *verifier;
- +
- + /** Current compatibility level. */
- + PurpleSslCompatibilityLevel compatibility_level;
- };
- /**
- @@ -276,6 +290,24 @@
- */
- GList * purple_ssl_get_peer_certificates(PurpleSslConnection *gsc);
- +/**
- + * Sets compatibility level for SSL connection.
- + *
- + * @param gsc The SSL connection handle.
- + * @param level The level to set.
- + */
- +void purple_ssl_set_compatibility_level(PurpleSslConnection *gsc,
- + PurpleSslCompatibilityLevel level);
- +
- +/**
- + * Gets current compatibility level for SSL connection.
- + *
- + * @param gsc The SSL connection handle.
- + * @return Current compatiblity level.
- + */
- +PurpleSslCompatibilityLevel purple_ssl_get_compatibility_level(
- + PurpleSslConnection *gsc);
- +
- /*@}*/
- /**************************************************************************/
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement