From e9af72e9444fe5657581f2eb99ae1982f6752da4 Mon Sep 17 00:00:00 2001
From: Zhenchao Li <cockneykevin@gmail.com>
Date: Tue, 27 Jul 2010 13:02:44 +0800
Subject: [PATCH] add jingle_xtls.py, get_context helper function

---
 src/common/jingle_ft.py   |  1 +
 src/common/jingle_xtls.py | 43 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 44 insertions(+)
 create mode 100644 src/common/jingle_xtls.py

diff --git a/src/common/jingle_ft.py b/src/common/jingle_ft.py
index 4bf8e6c05..9e3ec53a2 100644
--- a/src/common/jingle_ft.py
+++ b/src/common/jingle_ft.py
@@ -93,6 +93,7 @@ class JingleFileTransfer(JingleContent):
         file_props['session-type'] = 'jingle'
 
         self.use_security = bool(content.getTag('security'))
+        # TODO: extract fingerprint element, encryption method element for later use
         
         file_tag = content.getTag('description').getTag('offer').getTag('file')
         for attribute in file_tag.getAttrs():
diff --git a/src/common/jingle_xtls.py b/src/common/jingle_xtls.py
new file mode 100644
index 000000000..cc5ea3945
--- /dev/null
+++ b/src/common/jingle_xtls.py
@@ -0,0 +1,43 @@
+# -*- coding:utf-8 -*-
+## src/common/jingle_xtls.py
+##
+## This file is part of Gajim.
+##
+## Gajim is free software; you can redistribute it and/or modify
+## it under the terms of the GNU General Public License as published
+## by the Free Software Foundation; version 3 only.
+##
+## Gajim is distributed in the hope that it will be useful,
+## but WITHOUT ANY WARRANTY; without even the implied warranty of
+## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+## GNU General Public License for more details.
+##
+## You should have received a copy of the GNU General Public License
+## along with Gajim. If not, see <http://www.gnu.org/licenses/>.
+##
+
+import logging
+log = logging.getLogger('gajim.c.jingle_xtls')
+
+PYOPENSSL_PRESENT = False
+
+try:
+    import OpenSSL
+    PYOPENSSL_PRESENT = True
+    from OpenSSL import SSL, Context
+except ImportError:
+    log.info("PyOpenSSL not available")
+
+def default_callback(connection, certificate, error_num, depth, return_code):
+    log.info("certificate: %s" % certificate)
+    return return_code
+
+def get_context(fingerprint, verify_cb=None):
+    """
+    constructs and returns the context objects
+    """
+    ctx = SSL.Context(TLSv1_METHOD)
+    ctx.set_verify(SSL.VERIFY_PEER|SSL.VERIFY_FAIL_IF_NO_PEER_CERT, verify_cb or default_callback)
+    # TODO: set private key, set certificate, set verification path
+    return ctx
+