diff options
author | Søren Sandmann <sandmann@redhat.com> | 2007-07-30 07:42:44 -0400 |
---|---|---|
committer | Søren Sandmann <sandmann@redhat.com> | 2007-07-30 07:42:44 -0400 |
commit | 8ff30a75f2535a505fd690cefffd00d160208de9 (patch) | |
tree | ea0675480d9616a99daee3ee3acdab2ab6bdf656 | |
parent | 368a7df9bc400edbe9226838ebfde4ac98a8321c (diff) |
Fix bug in do_writes; use x.509 credentials
-rw-r--r-- | src/lac.h | 4 | ||||
-rw-r--r-- | src/lacconnection.c | 8 | ||||
-rw-r--r-- | src/lactlsconnection.c | 76 |
3 files changed, 61 insertions, 27 deletions
@@ -283,7 +283,7 @@ typedef struct { gpointer _lac_reserved0; gpointer _lac_reserved1; LacByteQueue *byte_queue; - const guint8 *data; + const gchar *data; guint len; } LacConnectionReadEvent; @@ -315,7 +315,7 @@ LacConnection * lac_connection_new (const LacAddress *add gpointer data); gpointer lac_connection_get_data (LacConnection *connection); void lac_connection_write (LacConnection *connection, - const guint8 *data, + const gchar *data, guint len); void lac_connection_write_cstr (LacConnection *connection, const gchar *data); diff --git a/src/lacconnection.c b/src/lacconnection.c index ef265ee..50ed238 100644 --- a/src/lacconnection.c +++ b/src/lacconnection.c @@ -185,7 +185,7 @@ lac_connection_do_reads (gpointer data) { GError *err = NULL; LacByteQueue *queue = lac_byte_queue_new (); - guint8 *buf = (guint8 *)lac_byte_queue_alloc_tail (queue, BUF_SIZE); + gchar *buf = lac_byte_queue_alloc_tail (queue, BUF_SIZE); len = lac_recv (connection->fd, buf, BUF_SIZE, &err); @@ -236,7 +236,7 @@ lac_connection_do_writes (LacConnection *connection) while (lac_byte_queue_get_length (connection->unwritten) > 0) { GError *err = NULL; - const guint8 *unwritten; + const gchar *unwritten; gsize len, sent; unwritten = lac_byte_queue_peek (connection->unwritten, &len); @@ -431,7 +431,7 @@ lac_connection_get_data (LacConnection *connection) void lac_connection_write (LacConnection *connection, - const guint8 *data, + const gchar *data, guint len) { gboolean do_writes; @@ -468,7 +468,7 @@ lac_connection_write_cstr (LacConnection *connection, len = strlen (data); if (len > 0) - lac_connection_write (connection, (const guint8 *)data, len); + lac_connection_write (connection, data, len); } void diff --git a/src/lactlsconnection.c b/src/lactlsconnection.c index 3fe235f..08177f9 100644 --- a/src/lactlsconnection.c +++ b/src/lactlsconnection.c @@ -34,6 +34,7 @@ struct _LacTlsConnection LacByteQueue * unwritten; gnutls_anon_client_credentials_t anoncred; + gnutls_certificate_credentials_t xcred; gnutls_session_t session; gboolean need_handshake; @@ -71,13 +72,17 @@ do_handshake (LacTlsConnection *tls) if (!tls->need_handshake) return; +#if 0 g_print ("handshaking\n"); +#endif int res = gnutls_handshake (tls->session); if (res == 0) { +#if 0 g_print (" handshake complete\n"); +#endif tls->need_handshake = FALSE; /* FIXME: emit handshake event */ @@ -106,7 +111,9 @@ do_handshake (LacTlsConnection *tls) lac_connection_close (tls->tcp_connection); } else - g_print (" not fatal\n"); + { + g_print (" not fatal\n"); + } } else { @@ -122,8 +129,6 @@ do_handshake (LacTlsConnection *tls) static void do_writes (LacTlsConnection *connection) { - gsize n_available; - const gchar *buffer; gsize n_written; GError *err = NULL; @@ -133,23 +138,33 @@ do_writes (LacTlsConnection *connection) if (connection->need_handshake) return; - buffer = lac_byte_queue_peek (connection->unwritten, &n_available); do { - n_written = gnutls_record_send (connection->session, - buffer, n_available); - if (n_written < 0) - { - if (n_written != GNUTLS_E_INTERRUPTED && - n_written != GNUTLS_E_AGAIN) - { - err = (GError *)0x01; /* FIXME - make a new error */ - } - - n_written = 0; - } - - lac_byte_queue_delete_head (connection->unwritten, n_written); + gsize n_available; + const gchar *buffer; + + n_written = 0; + + buffer = lac_byte_queue_peek (connection->unwritten, &n_available); + + if (n_available > 0) + { + n_written = gnutls_record_send (connection->session, + buffer, n_available); + } + + if (n_written < 0) + { + if (n_written != GNUTLS_E_INTERRUPTED && + n_written != GNUTLS_E_AGAIN) + { + err = (GError *)0x01; /* FIXME - make a new error */ + } + + n_written = 0; + } + + lac_byte_queue_delete_head (connection->unwritten, n_written); } while (n_written > 0); @@ -263,12 +278,13 @@ tcp_callback (LacConnection *connection, static ssize_t tls_push (gnutls_transport_ptr_t tptr, - const char *data, + const void *data, size_t n_bytes) { LacTlsConnection *tls = (LacTlsConnection *)tptr; g_print ("pushing some data (%d bytes)\n", n_bytes); +#if 0 g_print ("bytes pushed: bytes: %x %x %x %x %x %x %x\n", data[0], @@ -278,6 +294,7 @@ tls_push (gnutls_transport_ptr_t tptr, data[4], data[5], data[6]); +#endif lac_connection_write (tls->tcp_connection, data, n_bytes); @@ -286,7 +303,7 @@ tls_push (gnutls_transport_ptr_t tptr, static ssize_t tls_pull (gnutls_transport_ptr_t tptr, - char *data, + void *data, size_t n_bytes) { LacTlsConnection *tls = (LacTlsConnection *)tptr; @@ -333,11 +350,27 @@ lac_tls_connection_new (const LacAddress *address, gnutls_global_init (); gnutls_anon_allocate_client_credentials (&tls->anoncred); + + /* sets the trusted cas file + */ + gnutls_certificate_allocate_credentials (&tls->xcred); +#if 0 + g_print ("result: %d\n", gnutls_certificate_set_x509_trust_file ( + tls->xcred, + "/home/ssp/verisign/VeriSign_Roots/C1_PCA_G3v2.cer", + GNUTLS_X509_FMT_PEM)); +#endif + gnutls_init (&tls->session, GNUTLS_CLIENT); gnutls_set_default_priority (tls->session); +#if 0 gnutls_kx_set_priority (tls->session, kx_prio); +#endif + gnutls_credentials_set (tls->session, GNUTLS_CRD_CERTIFICATE, tls->xcred); +#if 0 gnutls_credentials_set (tls->session, GNUTLS_CRD_ANON, tls->anoncred); +#endif gnutls_transport_set_ptr (tls->session, (gnutls_transport_ptr_t)tls); gnutls_transport_set_push_function (tls->session, tls_push); @@ -351,9 +384,10 @@ lac_tls_connection_write (LacTlsConnection *tls, const gchar *data, guint len) { + g_print ("len: %d\n", len); lac_byte_queue_append (tls->unwritten, data, len); - g_print (" USER writes\n"); + g_print ("user write: %s\n", data); do_writes (tls); } |