From: Ben Laurie <ben@openssl.org>
Date: Tue, 14 Oct 2008 19:11:26 +0000 (+0000)
Subject: Add XMPP STARTTLS support.
X-Git-Tag: OpenSSL_0_9_8k^2~230
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=d5bbead4491a731231b9a397b21ae3982745d9f6;p=oweals%2Fopenssl.git

Add XMPP STARTTLS support.
---

diff --git a/CHANGES b/CHANGES
index 509f1a0e7f..198c7a8553 100644
--- a/CHANGES
+++ b/CHANGES
@@ -722,6 +722,9 @@
 
  Changes between 0.9.8i and 0.9.8j  [xx XXX xxxx]
 
+  *) Add support for XMPP STARTTLS in s_client.
+     [Philip Paeps <philip@freebsd.org>]
+
   *) Change the server-side SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG behavior
      to ensure that even with this option, only ciphersuites in the
      server's preference list will be accepted.  (Note that the option
diff --git a/apps/s_client.c b/apps/s_client.c
index 12e5c40b7d..edeeb8ef2c 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -325,7 +325,8 @@ static void sc_usage(void)
 	BIO_printf(bio_err," -starttls prot - use the STARTTLS command before starting TLS\n");
 	BIO_printf(bio_err,"                 for those protocols that support it, where\n");
 	BIO_printf(bio_err,"                 'prot' defines which one to assume.  Currently,\n");
-	BIO_printf(bio_err,"                 only \"smtp\", \"pop3\", \"imap\", and \"ftp\" are supported.\n");
+	BIO_printf(bio_err,"                 only \"smtp\", \"pop3\", \"imap\", \"ftp\" and \"xmpp\"\n");
+	BIO_printf(bio_err,"                 are supported.\n");
 #ifndef OPENSSL_NO_ENGINE
 	BIO_printf(bio_err," -engine id    - Initialise and use the specified engine\n");
 #endif
@@ -368,7 +369,8 @@ enum
 	PROTO_SMTP,
 	PROTO_POP3,
 	PROTO_IMAP,
-	PROTO_FTP
+	PROTO_FTP,
+	PROTO_XMPP,
 };
 
 int MAIN(int, char **);
@@ -664,6 +666,8 @@ int MAIN(int argc, char **argv)
 				starttls_proto = PROTO_IMAP;
 			else if (strcmp(*argv,"ftp") == 0)
 				starttls_proto = PROTO_FTP;
+			else if (strcmp(*argv, "xmpp") == 0)
+				starttls_proto = PROTO_XMPP;
 			else
 				goto bad;
 			}
@@ -1118,6 +1122,28 @@ SSL_set_tlsext_status_ids(con, ids);
 		BIO_printf(sbio,"AUTH TLS\r\n");
 		BIO_read(sbio,sbuf,BUFSIZZ);
 		}
+	if (starttls_proto == PROTO_XMPP)
+		{
+		int seen = 0;
+		BIO_printf(sbio,"<stream:stream "
+		    "xmlns:stream='http://etherx.jabber.org/streams' "
+		    "xmlns='jabber:client' to='%s' version='1.0'>", host);
+		seen = BIO_read(sbio,mbuf,BUFSIZZ);
+		mbuf[seen] = 0;
+		while (!strstr(mbuf, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'"))
+			{
+			if (strstr(mbuf, "/stream:features>"))
+				goto shut;
+			seen = BIO_read(sbio,mbuf,BUFSIZZ);
+			mbuf[seen] = 0;
+			}
+		BIO_printf(sbio, "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>");
+		seen = BIO_read(sbio,sbuf,BUFSIZZ);
+		sbuf[seen] = 0;
+		if (!strstr(sbuf, "<proceed"))
+			goto shut;
+		mbuf[0] = 0;
+		}
 
 	for (;;)
 		{