Add XMPP STARTTLS support.
authorBen Laurie <ben@openssl.org>
Tue, 14 Oct 2008 19:11:26 +0000 (19:11 +0000)
committerBen Laurie <ben@openssl.org>
Tue, 14 Oct 2008 19:11:26 +0000 (19:11 +0000)
CHANGES
apps/s_client.c

diff --git a/CHANGES b/CHANGES
index 509f1a0e7f09e6f2ad64371f35e80a4c1b39bdf6..198c7a8553c2a69a06c1ee33e552b3e0384bfccd 100644 (file)
--- a/CHANGES
+++ b/CHANGES
 
  Changes between 0.9.8i and 0.9.8j  [xx XXX xxxx]
 
+  *) Add support for XMPP STARTTLS in s_client.
+     [Philip Paeps <philip@freebsd.org>]
+
   *) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior
      to ensure that even with this option, only ciphersuites in the
      server's preference list will be accepted.  (Note that the option
index 12e5c40b7d2deef53d4a5b0f3f357a69e9d73cc9..edeeb8ef2cf89bef2387635da7a51a3b7ec317e6 100644 (file)
@@ -325,7 +325,8 @@ static void sc_usage(void)
        BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
        BIO_printf(bio_err,"                 for those protocols that support it, where\n");
        BIO_printf(bio_err,"                 'prot' defines which one to assume.  Currently,\n");
-       BIO_printf(bio_err,"                 only \"smtp\", \"pop3\", \"imap\", and \"ftp\" are supported.\n");
+       BIO_printf(bio_err,"                 only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n");
+       BIO_printf(bio_err,"                 are supported.\n");
 #ifndef OPENSSL_NO_ENGINE
        BIO_printf(bio_err," -engine id    - Initialise and use the specified engine\n");
 #endif
@@ -368,7 +369,8 @@ enum
        PROTO_SMTP,
        PROTO_POP3,
        PROTO_IMAP,
-       PROTO_FTP
+       PROTO_FTP,
+       PROTO_XMPP,
 };
 
 int MAIN(int, char **);
@@ -664,6 +666,8 @@ int MAIN(int argc, char **argv)
                                starttls_proto = PROTO_IMAP;
                        else if (strcmp(*argv,"ftp") == 0)
                                starttls_proto = PROTO_FTP;
+                       else if (strcmp(*argv, "xmpp") == 0)
+                               starttls_proto = PROTO_XMPP;
                        else
                                goto bad;
                        }
@@ -1118,6 +1122,28 @@ SSL_set_tlsext_status_ids(con, ids);
                BIO_printf(sbio,"AUTH TLS\r\n");
                BIO_read(sbio,sbuf,BUFSIZZ);
                }
+       if (starttls_proto == PROTO_XMPP)
+               {
+               int seen = 0;
+               BIO_printf(sbio,"<stream:stream "
+                   "xmlns:stream='http://etherx.jabber.org/streams' "
+                   "xmlns='jabber:client' to='%s' version='1.0'>", host);
+               seen = BIO_read(sbio,mbuf,BUFSIZZ);
+               mbuf[seen] = 0;
+               while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'"))
+                       {
+                       if (strstr(mbuf, "/stream:features>"))
+                               goto shut;
+                       seen = BIO_read(sbio,mbuf,BUFSIZZ);
+                       mbuf[seen] = 0;
+                       }
+               BIO_printf(sbio, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
+               seen = BIO_read(sbio,sbuf,BUFSIZZ);
+               sbuf[seen] = 0;
+               if (!strstr(sbuf, "<proceed"))
+                       goto shut;
+               mbuf[0] = 0;
+               }
 
        for (;;)
                {