diff options
| author | George Hazan <ghazan@miranda.im> | 2022-08-07 15:00:15 +0300 |
|---|---|---|
| committer | George Hazan <ghazan@miranda.im> | 2022-08-07 15:00:15 +0300 |
| commit | 8b8313f8ddf570c5e79fef25e3dbba76698d28ea (patch) | |
| tree | 788e22a561f27d936de6862c28484f3db9ce6ed3 | |
| parent | a015501245b4393d7bcc98b8751616db7688b91d (diff) | |
Jabber: fix for TLS 1.3 bindings
| -rw-r--r-- | protocols/JabberG/src/jabber_opt.cpp | 1 | ||||
| -rw-r--r-- | protocols/JabberG/src/jabber_proto.cpp | 1 | ||||
| -rw-r--r-- | protocols/JabberG/src/jabber_proto.h | 1 | ||||
| -rw-r--r-- | protocols/JabberG/src/jabber_secur.cpp | 2 | ||||
| -rw-r--r-- | src/mir_app/src/netlib_ssl.cpp | 2 |
5 files changed, 5 insertions, 2 deletions
diff --git a/protocols/JabberG/src/jabber_opt.cpp b/protocols/JabberG/src/jabber_opt.cpp index 97a9251693..97f27a7db4 100644 --- a/protocols/JabberG/src/jabber_opt.cpp +++ b/protocols/JabberG/src/jabber_opt.cpp @@ -711,6 +711,7 @@ public: m_options.AddOption(LPGENW("Server options"), LPGENW("Use Stream Management (XEP-0198) if possible (experimental)"), m_proto->m_bEnableStreamMgmt);
m_options.AddOption(LPGENW("Server options"), LPGENW("Disable SASL authentication (for old servers)"), m_proto->m_bDisable3920auth);
m_options.AddOption(LPGENW("Server options"), LPGENW("Enable stream compression (if possible)"), m_proto->m_bEnableZlib);
+ m_options.AddOption(LPGENW("Server options"), LPGENW("Use TLS 1.3 bindings (if possible)"), m_proto->m_bUseTlsExport);
m_options.AddOption(LPGENW("Other"), LPGENW("Enable remote controlling (from another resource of same JID only)"), m_proto->m_bEnableRemoteControl);
m_options.AddOption(LPGENW("Other"), LPGENW("Show transport agents on contact list"), m_proto->m_bShowTransport);
diff --git a/protocols/JabberG/src/jabber_proto.cpp b/protocols/JabberG/src/jabber_proto.cpp index cdae4a4df3..ce1dcca454 100644 --- a/protocols/JabberG/src/jabber_proto.cpp +++ b/protocols/JabberG/src/jabber_proto.cpp @@ -134,6 +134,7 @@ CJabberProto::CJabberProto(const char *aProtoName, const wchar_t *aUserName) : m_bUsePopups(this, "UsePopups", true),
m_bUseSSL(this, "UseSSL", false),
m_bUseTLS(this, "UseTLS", true),
+ m_bUseTlsExport(this, "UseTlsExport", false),
m_iMamMode(this, "MamMode", 0),
m_iConnectionKeepAliveInterval(this, "ConnectionKeepAliveInterval", 60000),
diff --git a/protocols/JabberG/src/jabber_proto.h b/protocols/JabberG/src/jabber_proto.h index e13cd79e3e..c7b736a13f 100644 --- a/protocols/JabberG/src/jabber_proto.h +++ b/protocols/JabberG/src/jabber_proto.h @@ -236,6 +236,7 @@ struct CJabberProto : public PROTO<CJabberProto>, public IJabberInterface CMOption<bool> m_bUsePopups;
CMOption<bool> m_bUseSSL;
CMOption<bool> m_bUseTLS;
+ CMOption<bool> m_bUseTlsExport;
CMOption<int> m_iMamMode;
CMOption<uint32_t> m_iConnectionKeepAliveInterval;
diff --git a/protocols/JabberG/src/jabber_secur.cpp b/protocols/JabberG/src/jabber_secur.cpp index e3a6dbdc34..a1cf3faccc 100644 --- a/protocols/JabberG/src/jabber_secur.cpp +++ b/protocols/JabberG/src/jabber_secur.cpp @@ -211,7 +211,7 @@ TScramAuth::TScramAuth(ThreadData *info, const char *pszMech, const EVP_MD *pMet priority = iPriority;
if ((iPriority % 10) == 1) {
- int cbLen, tlsVer;
+ int cbLen, tlsVer = info->proto->m_bUseTlsExport;
void *pData = Netlib_GetTlsUnique(info->s, cbLen, tlsVer);
if (pData == nullptr)
bIsValid = false;
diff --git a/src/mir_app/src/netlib_ssl.cpp b/src/mir_app/src/netlib_ssl.cpp index 3bf4c2afa3..d2ab355ec6 100644 --- a/src/mir_app/src/netlib_ssl.cpp +++ b/src/mir_app/src/netlib_ssl.cpp @@ -389,7 +389,7 @@ MIR_APP_DLL(void*) Netlib_GetTlsUnique(HNETLIBCONN nlc, int &cbLen, int &tlsVer) char buf[1000]; auto *pszVersion = SSL_get_version(nlc->hSsl->session); - if (!mir_strcmp(pszVersion, "TLSv1.3")) { + if (tlsVer && !mir_strcmp(pszVersion, "TLSv1.3")) { int res = SSL_export_keying_material(nlc->hSsl->session, (uint8_t *)buf, 32, TLS13_Label, sizeof(TLS13_Label) - 1, 0, 0, 0); if (res == 1) { |