From 0d6cda99149d470c4968b1993a204b1b4f894339 Mon Sep 17 00:00:00 2001
From: "Ruslan N. Marchenko" <me@ruff.mobi>
Date: Sat, 5 Sep 2020 15:10:04 +0200
Subject: Add experimental SASL TLS channel binding type Exporter

    tls-unique binding type does not work properly with TLSv1.3 thus
    new bindign type tls-exporter is proposed as a new default binding
    type for TLSv1.3. As of Sept 2020 it is not yet adopted as a draft
    standard therefore it is not yet publicly available in Glib API.
    This commit uses hidden experimental tls-exporter tls binding type
    in glib-networking.
---
 wocky/wocky-auth-registry.h |  1 +
 wocky/wocky-sasl-auth.c     | 10 +++++++++-
 wocky/wocky-sasl-scram.c    |  4 ++++
 3 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/wocky/wocky-auth-registry.h b/wocky/wocky-auth-registry.h
index 433d408..28e89a5 100644
--- a/wocky/wocky-auth-registry.h
+++ b/wocky/wocky-auth-registry.h
@@ -85,6 +85,7 @@ typedef enum
   WOCKY_TLS_BINDING_NONE,
   WOCKY_TLS_BINDING_TLS_UNIQUE,
   WOCKY_TLS_BINDING_TLS_SERVER_END_POINT,
+  WOCKY_TLS_BINDING_TLS_EXPORTER,
   WOCKY_TLS_BINDING_INVALID_TYPE
 } WockyTLSBindingType;
 
diff --git a/wocky/wocky-sasl-auth.c b/wocky/wocky-sasl-auth.c
index 84c166f..ce7d294 100644
--- a/wocky/wocky-sasl-auth.c
+++ b/wocky/wocky-sasl-auth.c
@@ -690,7 +690,12 @@ wocky_tls_get_cb_data (WockyXmppConnection *conn, WockyTLSBindingType type)
   tc = G_TLS_CONNECTION (ios);
   g_object_unref (ios);
 
-#if GLIB_VERSION_CUR_STABLE >= G_ENCODE_VERSION(2,66)
+  /* Unfortunatelly backend didn'make it into 2.66 so we need next minor */
+#if G_ENCODE_VERSION (GLIB_MAJOR_VERSION, GLIB_MINOR_VERSION) > G_ENCODE_VERSION(2,66)
+  /* We need this conversion and cast until Exporter is adopted by IETF and
+   * gets officially into public API. So far it is hidden experimental type.
+   * Once adopted we can simpy typedef WockyTLSBindingType to
+   * GTlsChannelBindingType */
   switch (type)
     {
     case WOCKY_TLS_BINDING_TLS_UNIQUE:
@@ -699,6 +704,9 @@ wocky_tls_get_cb_data (WockyXmppConnection *conn, WockyTLSBindingType type)
     case WOCKY_TLS_BINDING_TLS_SERVER_END_POINT:
       g_tls_cb_t = G_TLS_CHANNEL_BINDING_TLS_SERVER_END_POINT;
       break;
+    case WOCKY_TLS_BINDING_TLS_EXPORTER:
+      g_tls_cb_t = 100500;
+      break;
     default:
       DEBUG ("TLS channel binding is disabled or not supported[%d]", type);
       return NULL;
diff --git a/wocky/wocky-sasl-scram.c b/wocky/wocky-sasl-scram.c
index 1db29b1..9ed2859 100644
--- a/wocky/wocky-sasl-scram.c
+++ b/wocky/wocky-sasl-scram.c
@@ -315,6 +315,10 @@ scram_initial_response (WockyAuthHandler *handler,
         priv->gs2_flag = "p=tls-server-end-point,,";
         g_assert (priv->cb_data != NULL);
         break;
+      case WOCKY_TLS_BINDING_TLS_EXPORTER:
+        priv->gs2_flag = "p=tls-exporter,,";
+        g_assert (priv->cb_data != NULL);
+        break;
       default:
         g_assert_not_reached ();
     }
-- 
cgit v1.2.3