summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--tests/wocky-test-connector-server.c9
-rw-r--r--tests/wocky-tls-test.c24
-rw-r--r--wocky/wocky-tls-connector.c9
-rw-r--r--wocky/wocky-tls.c245
-rw-r--r--wocky/wocky-tls.h11
5 files changed, 105 insertions, 193 deletions
diff --git a/tests/wocky-test-connector-server.c b/tests/wocky-test-connector-server.c
index acf9a88..1d512bc 100644
--- a/tests/wocky-test-connector-server.c
+++ b/tests/wocky-test-connector-server.c
@@ -1066,12 +1066,12 @@ handshake_cb (GObject *source,
{
TestConnectorServer *self = TEST_CONNECTOR_SERVER (user_data);
TestConnectorServerPrivate *priv = self->priv;
- WockyTLSConnection *tls_conn;
+ gboolean success;
GError *error = NULL;
DEBUG ("TLS/SSL handshake finished");
- tls_conn = wocky_tls_session_handshake_finish (
+ success = wocky_tls_session_handshake_finish (
WOCKY_TLS_SESSION (source),
result,
&error);
@@ -1079,7 +1079,7 @@ handshake_cb (GObject *source,
if (server_dec_outstanding (self))
goto out;
- if (tls_conn == NULL)
+ if (!success)
{
DEBUG ("SSL or TLS Server Setup failed: %s", error->message);
g_io_stream_close (priv->stream, NULL, NULL);
@@ -1090,8 +1090,7 @@ handshake_cb (GObject *source,
g_object_unref (priv->conn);
priv->state = SERVER_STATE_START;
- priv->conn = wocky_xmpp_connection_new (G_IO_STREAM (tls_conn));
- g_object_unref (tls_conn);
+ priv->conn = wocky_xmpp_connection_new (G_IO_STREAM (source));
priv->tls_started = TRUE;
xmpp_init (NULL,NULL,self);
diff --git a/tests/wocky-tls-test.c b/tests/wocky-tls-test.c
index 455c4a2..f20887c 100644
--- a/tests/wocky-tls-test.c
+++ b/tests/wocky-tls-test.c
@@ -27,8 +27,8 @@ typedef struct {
gsize cli_send_len;
gsize cli_sent;
- WockyTLSConnection *client;
- WockyTLSConnection *server;
+ WockyTLSSession *client;
+ WockyTLSSession *server;
GString *cli_data;
GString *srv_data;
guint read_op_count;
@@ -135,8 +135,10 @@ client_handshake_cb (GObject *source,
GInputStream *input;
WockyTLSSession *session = WOCKY_TLS_SESSION (source);
ssl_test_t *ssl_test = data;
+ GError *error = NULL;
- ssl_test->client = wocky_tls_session_handshake_finish (session, result, NULL);
+ wocky_tls_session_handshake_finish (session, result, &error);
+ g_assert_no_error (error);
input = g_io_stream_get_input_stream (G_IO_STREAM (ssl_test->client));
ssl_test->in_read = TRUE;
@@ -211,11 +213,9 @@ server_handshake_cb (GObject *source,
ssl_test_t *ssl_test = data;
GError *error = NULL;
- ssl_test->server = wocky_tls_session_handshake_finish (session,
- result, &error);
+ wocky_tls_session_handshake_finish (session, result, &error);
g_assert_no_error (error);
- g_assert (ssl_test->server != NULL);
output = g_io_stream_get_output_stream (G_IO_STREAM (ssl_test->server));
@@ -261,9 +261,6 @@ test_tls_handshake_rw (void)
{
ssl_test_t ssl_test = { NULL, } ;
test_data_t *test = setup_test ();
- WockyTLSSession *client = wocky_tls_session_new (test->stream->stream0, NULL);
- WockyTLSSession *server = wocky_tls_session_server_new (
- test->stream->stream1, 1024, TLS_SERVER_KEY_FILE, TLS_SERVER_CRT_FILE);
gsize expected = TEST_SSL_DATA_LEN * 5;
gchar *target =
TEST_SSL_DATA_A "\0" TEST_SSL_DATA_B "\0"
@@ -279,12 +276,15 @@ test_tls_handshake_rw (void)
}
setup_ssl_test (&ssl_test, test);
+ ssl_test.client = wocky_tls_session_new (test->stream->stream0, "weasel-juice.org");
+ ssl_test.server = wocky_tls_session_server_new (
+ test->stream->stream1, 1024, TLS_SERVER_KEY_FILE, TLS_SERVER_CRT_FILE);
- wocky_tls_session_handshake_async (client, G_PRIORITY_DEFAULT,
+ wocky_tls_session_handshake_async (ssl_test.client, G_PRIORITY_DEFAULT,
test->cancellable, client_handshake_cb, &ssl_test);
test->outstanding += 1;
- wocky_tls_session_handshake_async (server, G_PRIORITY_DEFAULT,
+ wocky_tls_session_handshake_async (ssl_test.server, G_PRIORITY_DEFAULT,
test->cancellable, server_handshake_cb, &ssl_test);
test->outstanding += 1;
@@ -299,8 +299,6 @@ test_tls_handshake_rw (void)
teardown_test (test);
teardown_ssl_test (&ssl_test);
- g_object_unref (client);
- g_object_unref (server);
}
diff --git a/wocky/wocky-tls-connector.c b/wocky/wocky-tls-connector.c
index 58e1cb6..46c8ade 100644
--- a/wocky/wocky-tls-connector.c
+++ b/wocky/wocky-tls-connector.c
@@ -314,15 +314,15 @@ session_handshake_cb (GObject *source,
gpointer user_data)
{
GError *error = NULL;
- WockyTLSConnection *tls_conn;
+ gboolean success;
WockyTLSConnector *self = user_data;
const gchar *tls_type;
tls_type = self->priv->legacy_ssl ? "SSL" : "TLS";
- tls_conn = wocky_tls_session_handshake_finish (self->priv->session,
+ success = wocky_tls_session_handshake_finish (self->priv->session,
res, &error);
- if (tls_conn == NULL)
+ if (!success)
{
report_error_in_idle (self, WOCKY_CONNECTOR_ERROR_TLS_SESSION_FAILED,
"%s handshake error: %s", tls_type, error->message);
@@ -334,8 +334,7 @@ session_handshake_cb (GObject *source,
DEBUG ("Completed %s handshake", tls_type);
self->priv->tls_connection = wocky_xmpp_connection_new (
- G_IO_STREAM (tls_conn));
- g_object_unref (tls_conn);
+ G_IO_STREAM (source));
wocky_tls_handler_verify_async (self->priv->handler,
self->priv->session,
diff --git a/wocky/wocky-tls.c b/wocky/wocky-tls.c
index ef9a6fe..cc3a385 100644
--- a/wocky/wocky-tls.c
+++ b/wocky/wocky-tls.c
@@ -113,12 +113,6 @@ enum
enum
{
- PROP_C_NONE,
- PROP_C_SESSION,
-};
-
-enum
-{
PROP_O_NONE,
PROP_O_SESSION
};
@@ -186,8 +180,7 @@ typedef struct
GError *error;
} WockyTLSOp;
-typedef GIOStreamClass WockyTLSConnectionClass;
-typedef GObjectClass WockyTLSSessionClass;
+typedef GIOStreamClass WockyTLSSessionClass;
typedef GInputStreamClass WockyTLSInputStreamClass;
typedef GOutputStreamClass WockyTLSOutputStreamClass;
@@ -197,9 +190,12 @@ static gnutls_dh_params_t dh_2048 = NULL;
static gnutls_dh_params_t dh_3072 = NULL;
static gnutls_dh_params_t dh_4096 = NULL;
+typedef struct _WockyTLSInputStream WockyTLSInputStream;
+typedef struct _WockyTLSInputStream WockyTLSOutputStream;
+
struct _WockyTLSSession
{
- GObject parent;
+ GIOStream parent;
GIOStream *stream;
GCancellable *cancellable;
@@ -228,35 +224,28 @@ struct _WockyTLSSession
gnutls_session_t session;
gnutls_certificate_credentials_t gnutls_cert_cred;
+
+ WockyTLSInputStream *input;
+ WockyTLSOutputStream *output;
};
-typedef struct
+struct _WockyTLSInputStream
{
GInputStream parent;
WockyTLSSession *session;
-} WockyTLSInputStream;
+};
-typedef struct
+struct _WockyTLSOutputStream
{
GOutputStream parent;
WockyTLSSession *session;
-} WockyTLSOutputStream;
-
-struct _WockyTLSConnection
-{
- GIOStream parent;
-
- WockyTLSSession *session;
- WockyTLSInputStream *input;
- WockyTLSOutputStream *output;
};
static guint tls_debug_level = 0;
static GType wocky_tls_input_stream_get_type (void);
static GType wocky_tls_output_stream_get_type (void);
-G_DEFINE_TYPE (WockyTLSConnection, wocky_tls_connection, G_TYPE_IO_STREAM);
-G_DEFINE_TYPE (WockyTLSSession, wocky_tls_session, G_TYPE_OBJECT);
+G_DEFINE_TYPE (WockyTLSSession, wocky_tls_session, G_TYPE_IO_STREAM);
G_DEFINE_TYPE (WockyTLSInputStream, wocky_tls_input_stream, G_TYPE_INPUT_STREAM);
G_DEFINE_TYPE (WockyTLSOutputStream, wocky_tls_output_stream, G_TYPE_OUTPUT_STREAM);
#define WOCKY_TYPE_TLS_INPUT_STREAM (wocky_tls_input_stream_get_type ())
@@ -491,7 +480,7 @@ wocky_tls_job_start (WockyTLSJob *job,
job->active = TRUE;
}
-WockyTLSConnection *
+gboolean
wocky_tls_session_handshake (WockyTLSSession *session,
GCancellable *cancellable,
GError **error)
@@ -515,12 +504,12 @@ wocky_tls_session_handshake (WockyTLSSession *session,
result == GNUTLS_E_PUSH_ERROR);
g_propagate_error (error, session->error);
- return NULL;
+ return FALSE;
}
else if (wocky_tls_set_error (error, result))
- return NULL;
+ return FALSE;
- return g_object_new (WOCKY_TYPE_TLS_CONNECTION, "session", session, NULL);
+ return TRUE;
}
/* ************************************************************************* */
@@ -643,7 +632,7 @@ wocky_tls_session_handshake_async (WockyTLSSession *session,
wocky_tls_session_try_operation (session, 0);
}
-WockyTLSConnection *
+gboolean
wocky_tls_session_handshake_finish (WockyTLSSession *session,
GAsyncResult *result,
GError **error)
@@ -655,17 +644,17 @@ wocky_tls_session_handshake_finish (WockyTLSSession *session,
source_object = g_async_result_get_source_object (result);
g_object_unref (source_object);
- g_return_val_if_fail (G_OBJECT (session) == source_object, NULL);
+ g_return_val_if_fail (G_OBJECT (session) == source_object, FALSE);
}
g_return_val_if_fail (wocky_tls_session_handshake_async ==
- g_simple_async_result_get_source_tag (simple), NULL);
+ g_simple_async_result_get_source_tag (simple), FALSE);
if (g_simple_async_result_propagate_error (simple, error))
- return NULL;
+ return FALSE;
DEBUG ("connection OK");
- return g_object_new (WOCKY_TYPE_TLS_CONNECTION, "session", session, NULL);
+ return TRUE;
}
GPtrArray *
@@ -1164,7 +1153,7 @@ wocky_tls_output_stream_set_property (GObject *object, guint prop_id,
switch (prop_id)
{
- case PROP_C_SESSION:
+ case PROP_O_SESSION:
stream->session = g_value_dup_object (value);
break;
@@ -1220,7 +1209,7 @@ wocky_tls_input_stream_set_property (GObject *object, guint prop_id,
switch (prop_id)
{
- case PROP_C_SESSION:
+ case PROP_I_SESSION:
stream->session = g_value_dup_object (value);
break;
@@ -1269,11 +1258,6 @@ wocky_tls_input_stream_class_init (GInputStreamClass *class)
}
static void
-wocky_tls_connection_init (WockyTLSConnection *connection)
-{
-}
-
-static void
wocky_tls_session_read_ready (GObject *object,
GAsyncResult *result,
gpointer user_data)
@@ -1713,6 +1697,12 @@ wocky_tls_session_finalize (GObject *object)
{
WockyTLSSession *session = WOCKY_TLS_SESSION (object);
+ if (session->input != NULL)
+ g_object_unref (session->input);
+
+ if (session->output != NULL)
+ g_object_unref (session->output);
+
gnutls_deinit (session->session);
gnutls_certificate_free_credentials (session->gnutls_cert_cred);
g_object_unref (session->stream);
@@ -1741,51 +1731,94 @@ wocky_tls_session_dispose (GObject *object)
G_OBJECT_CLASS (wocky_tls_session_parent_class)->dispose (object);
}
+static gboolean
+wocky_tls_session_close (GIOStream *stream,
+ GCancellable *cancellable,
+ GError **error)
+{
+ WockyTLSSession *session = WOCKY_TLS_SESSION (stream);
+
+ return g_io_stream_close (session->stream, cancellable, error);
+}
+
+static GInputStream *
+wocky_tls_session_get_input_stream (GIOStream *io_stream)
+{
+ WockyTLSSession *session = WOCKY_TLS_SESSION (io_stream);
+
+ if (session->input == NULL)
+ session->input = g_object_new (WOCKY_TYPE_TLS_INPUT_STREAM,
+ "session", session,
+ NULL);
+
+ return (GInputStream *)session->input;
+}
+
+static GOutputStream *
+wocky_tls_session_get_output_stream (GIOStream *io_stream)
+{
+ WockyTLSSession *session = WOCKY_TLS_SESSION (io_stream);
+
+ if (session->output == NULL)
+ session->output = g_object_new (WOCKY_TYPE_TLS_OUTPUT_STREAM,
+ "session", session,
+ NULL);
+
+ return (GOutputStream *)session->output;
+}
+
static void
-wocky_tls_session_class_init (GObjectClass *class)
+wocky_tls_session_class_init (WockyTLSSessionClass *class)
{
- class->get_property = wocky_tls_session_get_property;
- class->set_property = wocky_tls_session_set_property;
- class->constructed = wocky_tls_session_constructed;
- class->finalize = wocky_tls_session_finalize;
- class->dispose = wocky_tls_session_dispose;
+ GObjectClass *object_class = G_OBJECT_CLASS (class);
+ GIOStreamClass *stream_class = G_IO_STREAM_CLASS (class);
+
+ object_class->get_property = wocky_tls_session_get_property;
+ object_class->set_property = wocky_tls_session_set_property;
+ object_class->constructed = wocky_tls_session_constructed;
+ object_class->finalize = wocky_tls_session_finalize;
+ object_class->dispose = wocky_tls_session_dispose;
+
+ stream_class->get_input_stream = wocky_tls_session_get_input_stream;
+ stream_class->get_output_stream = wocky_tls_session_get_output_stream;
+ stream_class->close_fn = wocky_tls_session_close;
- g_object_class_install_property (class, PROP_S_STREAM,
+ g_object_class_install_property (object_class, PROP_S_STREAM,
g_param_spec_object ("base-stream", "base stream",
"the stream that TLS communicates over",
G_TYPE_IO_STREAM, G_PARAM_WRITABLE |
G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_NAME |
G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB));
- g_object_class_install_property (class, PROP_S_PEERNAME,
+ g_object_class_install_property (object_class, PROP_S_PEERNAME,
g_param_spec_string ("peername", "peer name",
"Peer host/domain name",
NULL, G_PARAM_READWRITE |
G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_NAME |
G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB));
- g_object_class_install_property (class, PROP_S_SERVER,
+ g_object_class_install_property (object_class, PROP_S_SERVER,
g_param_spec_boolean ("server", "server",
"whether this is a server",
FALSE, G_PARAM_WRITABLE |
G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_NAME |
G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB));
- g_object_class_install_property (class, PROP_S_DHBITS,
+ g_object_class_install_property (object_class, PROP_S_DHBITS,
g_param_spec_uint ("dh-bits", "Diffie-Hellman bits",
"Diffie-Hellmann bits: 768, 1024, 2048, 3072 0r 4096",
768, 4096, 1024, G_PARAM_WRITABLE |
G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_NAME |
G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB));
- g_object_class_install_property (class, PROP_S_KEYFILE,
+ g_object_class_install_property (object_class, PROP_S_KEYFILE,
g_param_spec_string ("x509-key", "x509 key",
"x509 PEM key file",
NULL, G_PARAM_WRITABLE |
G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_NAME |
G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB));
- g_object_class_install_property (class, PROP_S_CERTFILE,
+ g_object_class_install_property (object_class, PROP_S_CERTFILE,
g_param_spec_string ("x509-cert", "x509 certificate",
"x509 PEM certificate file",
NULL, G_PARAM_WRITABLE |
@@ -1793,116 +1826,6 @@ wocky_tls_session_class_init (GObjectClass *class)
G_PARAM_STATIC_NICK | G_PARAM_STATIC_BLURB));
}
-static void
-wocky_tls_connection_set_property (GObject *object, guint prop_id,
- const GValue *value, GParamSpec *pspec)
-{
- WockyTLSConnection *connection = WOCKY_TLS_CONNECTION (object);
-
- switch (prop_id)
- {
- case PROP_C_SESSION:
- connection->session = g_value_dup_object (value);
- break;
-
- default:
- g_assert_not_reached ();
- }
-}
-
-static gboolean
-wocky_tls_connection_close (GIOStream *stream,
- GCancellable *cancellable,
- GError **error)
-{
- WockyTLSConnection *connection = WOCKY_TLS_CONNECTION (stream);
-
- return g_io_stream_close (connection->session->stream, cancellable, error);
-}
-
-static GInputStream *
-wocky_tls_connection_get_input_stream (GIOStream *io_stream)
-{
- WockyTLSConnection *connection = WOCKY_TLS_CONNECTION (io_stream);
-
- if (connection->input == NULL)
- connection->input = g_object_new (WOCKY_TYPE_TLS_INPUT_STREAM,
- "session", connection->session,
- NULL);
-
- return (GInputStream *)connection->input;
-}
-
-static GOutputStream *
-wocky_tls_connection_get_output_stream (GIOStream *io_stream)
-{
- WockyTLSConnection *connection = WOCKY_TLS_CONNECTION (io_stream);
-
- if (connection->output == NULL)
- connection->output = g_object_new (WOCKY_TYPE_TLS_OUTPUT_STREAM,
- "session", connection->session,
- NULL);
-
- return (GOutputStream *)connection->output;
-}
-
-static void
-wocky_tls_connection_get_property (GObject *object, guint prop_id,
- GValue *value, GParamSpec *pspec)
-{
- switch (prop_id)
- {
- default:
- g_assert_not_reached ();
- }
-}
-
-static void
-wocky_tls_connection_constructed (GObject *object)
-{
- WockyTLSConnection *connection = WOCKY_TLS_CONNECTION (object);
-
- g_assert (connection->session);
-}
-
-static void
-wocky_tls_connection_finalize (GObject *object)
-{
- WockyTLSConnection *connection = WOCKY_TLS_CONNECTION (object);
-
- g_object_unref (connection->session);
-
- if (connection->input != NULL)
- g_object_unref (connection->input);
-
- if (connection->output != NULL)
- g_object_unref (connection->output);
-
- G_OBJECT_CLASS (wocky_tls_connection_parent_class)
- ->finalize (object);
-}
-
-static void
-wocky_tls_connection_class_init (WockyTLSConnectionClass *class)
-{
- GObjectClass *gobject_class = G_OBJECT_CLASS (class);
- GIOStreamClass *stream_class = G_IO_STREAM_CLASS (class);
-
- gobject_class->get_property = wocky_tls_connection_get_property;
- gobject_class->set_property = wocky_tls_connection_set_property;
- gobject_class->constructed = wocky_tls_connection_constructed;
- gobject_class->finalize = wocky_tls_connection_finalize;
-
- g_object_class_install_property (gobject_class, PROP_C_SESSION,
- g_param_spec_object ("session", "TLS session",
- "the TLS session object for this connection",
- WOCKY_TYPE_TLS_SESSION, G_PARAM_WRITABLE |
- G_PARAM_CONSTRUCT_ONLY | G_PARAM_STATIC_STRINGS));
- stream_class->get_input_stream = wocky_tls_connection_get_input_stream;
- stream_class->get_output_stream = wocky_tls_connection_get_output_stream;
- stream_class->close_fn = wocky_tls_connection_close;
-}
-
WockyTLSSession *
wocky_tls_session_new (GIOStream *stream,
const gchar *peername)
diff --git a/wocky/wocky-tls.h b/wocky/wocky-tls.h
index 8df3b58..753582b 100644
--- a/wocky/wocky-tls.h
+++ b/wocky/wocky-tls.h
@@ -33,16 +33,10 @@
#include "wocky-enumtypes.h"
-#define WOCKY_TYPE_TLS_CONNECTION (wocky_tls_connection_get_type ())
#define WOCKY_TYPE_TLS_SESSION (wocky_tls_session_get_type ())
#define WOCKY_TLS_SESSION(inst) (G_TYPE_CHECK_INSTANCE_CAST ((inst), \
WOCKY_TYPE_TLS_SESSION, WockyTLSSession))
-#define WOCKY_TLS_CONNECTION(inst)(G_TYPE_CHECK_INSTANCE_CAST ((inst), \
- WOCKY_TYPE_TLS_CONNECTION, \
- WockyTLSConnection))
-
-typedef struct _WockyTLSConnection WockyTLSConnection;
typedef struct _WockyTLSSession WockyTLSSession;
typedef enum
@@ -82,7 +76,6 @@ typedef enum
WOCKY_TLS_CERT_TYPE_OPENPGP,
} WockyTLSCertType;
-GType wocky_tls_connection_get_type (void);
GType wocky_tls_session_get_type (void);
int wocky_tls_session_verify_peer (WockyTLSSession *session,
@@ -92,7 +85,7 @@ int wocky_tls_session_verify_peer (WockyTLSSession *session,
GPtrArray *wocky_tls_session_get_peers_certificate (WockyTLSSession *session,
WockyTLSCertType *type);
-WockyTLSConnection *wocky_tls_session_handshake (WockyTLSSession *session,
+gboolean wocky_tls_session_handshake (WockyTLSSession *session,
GCancellable *cancellable,
GError **error);
void
@@ -101,7 +94,7 @@ wocky_tls_session_handshake_async (WockyTLSSession *session,
GCancellable *cancellable,
GAsyncReadyCallback callback,
gpointer user_data);
-WockyTLSConnection *
+gboolean
wocky_tls_session_handshake_finish (WockyTLSSession *session,
GAsyncResult *result,
GError **error);