Fix bug in do_writes; use x.509 credentials

author: Søren Sandmann <sandmann@redhat.com> 2007-07-30 07:42:44 -0400
committer: Søren Sandmann <sandmann@redhat.com> 2007-07-30 07:42:44 -0400
commit: 8ff30a75f2535a505fd690cefffd00d160208de9 (patch)
tree: ea0675480d9616a99daee3ee3acdab2ab6bdf656
parent: 368a7df9bc400edbe9226838ebfde4ac98a8321c (diff)
3 files changed, 61 insertions, 27 deletions
diff --git a/src/lac.h b/src/lac.h
index 74925bf..92e05b1 100644
--- a/src/lac.h
+++ b/src/lac.h
@@ -283,7 +283,7 @@ typedef struct {
     gpointer _lac_reserved0;
     gpointer _lac_reserved1;
     LacByteQueue *byte_queue;
-    const guint8 *data;
+    const gchar *data;
     guint len;
 } LacConnectionReadEvent;
 
@@ -315,7 +315,7 @@ LacConnection *            lac_connection_new            (const LacAddress  *add
                                                           gpointer           data);
 gpointer                   lac_connection_get_data       (LacConnection     *connection);
 void                       lac_connection_write          (LacConnection     *connection,
-                                                          const guint8      *data,
+                                                          const gchar       *data,
                                                           guint              len);
 void                       lac_connection_write_cstr     (LacConnection     *connection,
                                                           const gchar       *data);
diff --git a/src/lacconnection.c b/src/lacconnection.c
index ef265ee..50ed238 100644
--- a/src/lacconnection.c
+++ b/src/lacconnection.c
@@ -185,7 +185,7 @@ lac_connection_do_reads (gpointer data)
     {
         GError *err = NULL;
         LacByteQueue *queue = lac_byte_queue_new ();
-        guint8 *buf = (guint8 *)lac_byte_queue_alloc_tail (queue, BUF_SIZE);
+        gchar *buf = lac_byte_queue_alloc_tail (queue, BUF_SIZE);
         
         len = lac_recv (connection->fd, buf, BUF_SIZE, &err);
 
@@ -236,7 +236,7 @@ lac_connection_do_writes (LacConnection *connection)
     while (lac_byte_queue_get_length (connection->unwritten) > 0)
     {
         GError       *err = NULL;
-        const guint8 *unwritten;
+        const gchar  *unwritten;
         gsize         len, sent;
         
         unwritten = lac_byte_queue_peek (connection->unwritten, &len);
@@ -431,7 +431,7 @@ lac_connection_get_data (LacConnection     *connection)
 
 void
 lac_connection_write (LacConnection     *connection,
-                      const guint8      *data,
+                      const gchar       *data,
                       guint              len)
 {
     gboolean do_writes;
@@ -468,7 +468,7 @@ lac_connection_write_cstr (LacConnection     *connection,
     len = strlen (data);
     
     if (len > 0)
-        lac_connection_write (connection, (const guint8 *)data, len);
+        lac_connection_write (connection, data, len);
 }
 
 void
diff --git a/src/lactlsconnection.c b/src/lactlsconnection.c
index 3fe235f..08177f9 100644
--- a/src/lactlsconnection.c
+++ b/src/lactlsconnection.c
@@ -34,6 +34,7 @@ struct _LacTlsConnection
     LacByteQueue *	 unwritten;
     
     gnutls_anon_client_credentials_t    anoncred;
+    gnutls_certificate_credentials_t    xcred;
     gnutls_session_t                    session;
     
     gboolean             need_handshake;
@@ -71,13 +72,17 @@ do_handshake (LacTlsConnection *tls)
     if (!tls->need_handshake)
 	return;
     
+#if 0
     g_print ("handshaking\n");
+#endif
     
     int res = gnutls_handshake (tls->session);
     
     if (res == 0)
     {
+#if 0
 	g_print ("  handshake complete\n");
+#endif
 	
 	tls->need_handshake = FALSE;
 	/* FIXME: emit handshake event */
@@ -106,7 +111,9 @@ do_handshake (LacTlsConnection *tls)
                 lac_connection_close (tls->tcp_connection);
             }
 	    else
-		g_print ("  not fatal\n");
+            {
+                g_print ("  not fatal\n");
+            }
 	}
 	else
 	{
@@ -122,8 +129,6 @@ do_handshake (LacTlsConnection *tls)
 static void
 do_writes (LacTlsConnection *connection)
 {
-    gsize n_available;
-    const gchar *buffer;
     gsize n_written;
     GError *err = NULL;
 
@@ -133,23 +138,33 @@ do_writes (LacTlsConnection *connection)
     if (connection->need_handshake)
 	return;
     
-    buffer = lac_byte_queue_peek (connection->unwritten, &n_available);
     do
     {
-	n_written = gnutls_record_send (connection->session,
-					buffer, n_available);
-	if (n_written < 0)
-	{
-	    if (n_written != GNUTLS_E_INTERRUPTED &&
-		n_written != GNUTLS_E_AGAIN)
-	    {
-		err = (GError *)0x01; /* FIXME - make a new error */
-	    }
-	    
-	    n_written = 0;
-	}
-	
-	lac_byte_queue_delete_head (connection->unwritten, n_written);
+        gsize n_available;
+        const gchar *buffer;
+    
+        n_written = 0;
+
+        buffer = lac_byte_queue_peek (connection->unwritten, &n_available);
+
+        if (n_available > 0)
+        {
+            n_written = gnutls_record_send (connection->session,
+                                            buffer, n_available);
+        }
+        
+        if (n_written < 0)
+        {
+            if (n_written != GNUTLS_E_INTERRUPTED &&
+                n_written != GNUTLS_E_AGAIN)
+            {
+                err = (GError *)0x01; /* FIXME - make a new error */
+            }
+            
+            n_written = 0;
+        }
+        
+        lac_byte_queue_delete_head (connection->unwritten, n_written);
     }
     while (n_written > 0);
     
@@ -263,12 +278,13 @@ tcp_callback (LacConnection *connection,
 
 static ssize_t
 tls_push (gnutls_transport_ptr_t  tptr,
-	  const char             *data,
+	  const void             *data,
 	  size_t		  n_bytes)
 {
     LacTlsConnection *tls = (LacTlsConnection *)tptr;
 
     g_print ("pushing some data (%d bytes)\n", n_bytes);
+#if 0
     
     g_print ("bytes pushed: bytes: %x %x %x %x %x %x %x\n",
              data[0],
@@ -278,6 +294,7 @@ tls_push (gnutls_transport_ptr_t  tptr,
              data[4],
              data[5],
              data[6]);
+#endif
         
     lac_connection_write (tls->tcp_connection, data, n_bytes);
     
@@ -286,7 +303,7 @@ tls_push (gnutls_transport_ptr_t  tptr,
 
 static ssize_t
 tls_pull (gnutls_transport_ptr_t  tptr,
-	  char			 *data,
+	  void			 *data,
 	  size_t		  n_bytes)
 {
     LacTlsConnection *tls = (LacTlsConnection *)tptr;
@@ -333,11 +350,27 @@ lac_tls_connection_new (const LacAddress       *address,
     
     gnutls_global_init ();
     gnutls_anon_allocate_client_credentials (&tls->anoncred);
+
+    /* sets the trusted cas file
+     */
+    gnutls_certificate_allocate_credentials (&tls->xcred);
+#if 0
+    g_print ("result: %d\n", gnutls_certificate_set_x509_trust_file (
+                 tls->xcred,
+                 "/home/ssp/verisign/VeriSign_Roots/C1_PCA_G3v2.cer",
+                 GNUTLS_X509_FMT_PEM));
+#endif
+    
     gnutls_init (&tls->session, GNUTLS_CLIENT);
     gnutls_set_default_priority (tls->session);
+#if 0
     gnutls_kx_set_priority (tls->session, kx_prio);
+#endif
+    gnutls_credentials_set (tls->session, GNUTLS_CRD_CERTIFICATE, tls->xcred);
+#if 0
     gnutls_credentials_set (tls->session,
                             GNUTLS_CRD_ANON, tls->anoncred);
+#endif
 
     gnutls_transport_set_ptr (tls->session, (gnutls_transport_ptr_t)tls);
     gnutls_transport_set_push_function (tls->session, tls_push);
@@ -351,9 +384,10 @@ lac_tls_connection_write (LacTlsConnection *tls,
 			  const gchar      *data,
 			  guint             len)
 {
+    g_print ("len: %d\n", len);
     lac_byte_queue_append (tls->unwritten, data, len);
 
-    g_print ("  USER writes\n");
+    g_print ("user write: %s\n", data);
     
     do_writes (tls);
 }
author	Søren Sandmann <sandmann@redhat.com>	2007-07-30 07:42:44 -0400
committer	Søren Sandmann <sandmann@redhat.com>	2007-07-30 07:42:44 -0400
commit	8ff30a75f2535a505fd690cefffd00d160208de9 (patch)
tree	ea0675480d9616a99daee3ee3acdab2ab6bdf656
parent	368a7df9bc400edbe9226838ebfde4ac98a8321c (diff)