Mercurial > pidgin.yaz

annotate src/ssl-nss.c @ 6837:f098765ac919

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
[gaim-migrate @ 7382] The pounces subsystem now registers signal callbacks for all the pounce types. The calls to pounce code in server.c, and therefore in all the rest of gaim, have been removed. The pounce code is now more like its own separate island. committer: Tailor Script <tailor@pidgin.im>
author Christian Hammond <chipx86@chipx86.com>
date Sun, 14 Sep 2003 21:05:11 +0000
parents 40ba19133882
children 1f39a46b1dd4
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
6738
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
1 /**
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
2 * @file ssl-nss.c SSL Operations for Mozilla NSS
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
3 * @ingroup core
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
4 *
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
5 * gaim
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
6 *
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
7 * Copyright (C) 2003 Christian Hammond <chipx86@gnupdate.org>
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
8 *
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
9 * This program is free software; you can redistribute it and/or modify
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
10 * it under the terms of the GNU General Public License as published by
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
11 * the Free Software Foundation; either version 2 of the License, or
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
12 * (at your option) any later version.
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
13 *
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
14 * This program is distributed in the hope that it will be useful,
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
17 * GNU General Public License for more details.
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
18 *
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
19 * You should have received a copy of the GNU General Public License
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
20 * along with this program; if not, write to the Free Software
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
22 */
6747
82348b5ab87e [gaim-migrate @ 7279]
Christian Hammond <chipx86@chipx86.com>
parents: 6738
diff changeset
23 #include "internal.h"
82348b5ab87e [gaim-migrate @ 7279]
Christian Hammond <chipx86@chipx86.com>
parents: 6738
diff changeset
24
82348b5ab87e [gaim-migrate @ 7279]
Christian Hammond <chipx86@chipx86.com>
parents: 6738
diff changeset
25 #ifdef HAVE_NSS
82348b5ab87e [gaim-migrate @ 7279]
Christian Hammond <chipx86@chipx86.com>
parents: 6738
diff changeset
26
6738
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
27 #include "debug.h"
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
28 #include "sslconn.h"
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
29
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
30 #include <nspr.h>
6770
efef00de3f09 [gaim-migrate @ 7307]
Christian Hammond <chipx86@chipx86.com>
parents: 6764
diff changeset
31 #include <private/pprio.h>
6738
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
32 #include <nss.h>
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
33 #include <pk11func.h>
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
34 #include <prio.h>
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
35 #include <secerr.h>
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
36 #include <secmod.h>
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
37 #include <ssl.h>
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
38 #include <sslerr.h>
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
39 #include <sslproto.h>
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
40
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
41 typedef struct
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
42 {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
43 PRFileDesc *fd;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
44 PRFileDesc *in;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
45
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
46 } GaimSslNssData;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
47
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
48 #define GAIM_SSL_NSS_DATA(gsc) ((GaimSslNssData *)gsc->private_data)
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
49
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
50 static const PRIOMethods *_nss_methods = NULL;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
51 static PRDescIdentity _identity;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
52
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
53 static SECStatus
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
54 ssl_auth_cert(void *arg, PRFileDesc *socket, PRBool checksig,
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
55 PRBool is_server)
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
56 {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
57 return SECSuccess;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
58
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
59 #if 0
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
60 CERTCertificate *cert;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
61 void *pinArg;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
62 SECStatus status;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
63
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
64 cert = SSL_PeerCertificate(socket);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
65 pinArg = SSL_RevealPinArg(socket);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
66
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
67 status = CERT_VerifyCertNow((CERTCertDBHandle *)arg, cert, checksig,
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
68 certUsageSSLClient, pinArg);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
69
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
70 if (status != SECSuccess) {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
71 gaim_debug_error("nss", "CERT_VerifyCertNow failed\n");
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
72 CERT_DestroyCertificate(cert);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
73 return status;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
74 }
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
75
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
76 CERT_DestroyCertificate(cert);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
77 return SECSuccess;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
78 #endif
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
79 }
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
80
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
81 SECStatus
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
82 ssl_bad_cert(void *arg, PRFileDesc *socket)
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
83 {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
84 SECStatus status = SECFailure;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
85 PRErrorCode err;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
86
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
87 if (arg == NULL)
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
88 return status;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
89
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
90 *(PRErrorCode *)arg = err = PORT_GetError();
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
91
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
92 switch (err)
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
93 {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
94 case SEC_ERROR_INVALID_AVA:
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
95 case SEC_ERROR_INVALID_TIME:
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
96 case SEC_ERROR_BAD_SIGNATURE:
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
97 case SEC_ERROR_EXPIRED_CERTIFICATE:
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
98 case SEC_ERROR_UNKNOWN_ISSUER:
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
99 case SEC_ERROR_UNTRUSTED_CERT:
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
100 case SEC_ERROR_CERT_VALID:
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
101 case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE:
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
102 case SEC_ERROR_CRL_EXPIRED:
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
103 case SEC_ERROR_CRL_BAD_SIGNATURE:
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
104 case SEC_ERROR_EXTENSION_VALUE_INVALID:
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
105 case SEC_ERROR_CA_CERT_INVALID:
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
106 case SEC_ERROR_CERT_USAGES_INVALID:
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
107 case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION:
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
108 status = SECSuccess;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
109 break;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
110
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
111 default:
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
112 status = SECFailure;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
113 break;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
114 }
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
115
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
116 gaim_debug_error("nss", "Bad certificate: %d\n");
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
117
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
118 return status;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
119 }
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
120
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
121 static gboolean
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
122 ssl_nss_init(void)
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
123 {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
124 PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
125 NSS_NoDB_Init(NULL);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
126
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
127 /* TODO: Fix this so autoconf does the work trying to find this lib. */
6795
40ba19133882 [gaim-migrate @ 7334]
Herman Bloggs <hermanator12002@yahoo.com>
parents: 6783
diff changeset
128 SECMOD_AddNewModule("Builtins",
40ba19133882 [gaim-migrate @ 7334]
Herman Bloggs <hermanator12002@yahoo.com>
parents: 6783
diff changeset
129 #ifndef _WIN32
40ba19133882 [gaim-migrate @ 7334]
Herman Bloggs <hermanator12002@yahoo.com>
parents: 6783
diff changeset
130 LIBDIR "/libnssckbi.so",
40ba19133882 [gaim-migrate @ 7334]
Herman Bloggs <hermanator12002@yahoo.com>
parents: 6783
diff changeset
131 #else
40ba19133882 [gaim-migrate @ 7334]
Herman Bloggs <hermanator12002@yahoo.com>
parents: 6783
diff changeset
132 "nssckbi.dll",
40ba19133882 [gaim-migrate @ 7334]
Herman Bloggs <hermanator12002@yahoo.com>
parents: 6783
diff changeset
133 #endif
40ba19133882 [gaim-migrate @ 7334]
Herman Bloggs <hermanator12002@yahoo.com>
parents: 6783
diff changeset
134 0, 0);
6738
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
135 NSS_SetDomesticPolicy();
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
136
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
137 _identity = PR_GetUniqueIdentity("Gaim");
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
138 _nss_methods = PR_GetDefaultIOMethods();
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
139
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
140 return TRUE;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
141 }
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
142
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
143 static void
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
144 ssl_nss_uninit(void)
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
145 {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
146 PR_Cleanup();
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
147
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
148 _nss_methods = NULL;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
149 }
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
150
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
151 static void
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
152 ssl_nss_connect_cb(gpointer data, gint source, GaimInputCondition cond)
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
153 {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
154 GaimSslConnection *gsc = (GaimSslConnection *)data;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
155 GaimSslNssData *nss_data = g_new0(GaimSslNssData, 1);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
156 PRSocketOptionData socket_opt;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
157
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
158 gsc->private_data = nss_data;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
159
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
160 gsc->fd = source;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
161
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
162 nss_data->fd = PR_ImportTCPSocket(gsc->fd);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
163
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
164 if (nss_data->fd == NULL)
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
165 {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
166 gaim_debug_error("nss", "nss_data->fd == NULL!\n");
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
167
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
168 gaim_ssl_close((GaimSslConnection *)gsc);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
169
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
170 return;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
171 }
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
172
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
173 socket_opt.option = PR_SockOpt_Nonblocking;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
174 socket_opt.value.non_blocking = PR_FALSE;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
175
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
176 PR_SetSocketOption(nss_data->fd, &socket_opt);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
177
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
178 nss_data->in = SSL_ImportFD(NULL, nss_data->fd);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
179
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
180 if (nss_data->in == NULL)
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
181 {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
182 gaim_debug_error("nss", "nss_data->in == NUL!\n");
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
183
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
184 gaim_ssl_close((GaimSslConnection *)gsc);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
185
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
186 return;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
187 }
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
188
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
189 SSL_OptionSet(nss_data->in, SSL_SECURITY, PR_TRUE);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
190 SSL_OptionSet(nss_data->in, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
191
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
192 SSL_AuthCertificateHook(nss_data->in,
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
193 (SSLAuthCertificate)ssl_auth_cert,
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
194 (void *)CERT_GetDefaultCertDB());
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
195 SSL_BadCertHook(nss_data->in, (SSLBadCertHandler)ssl_bad_cert, NULL);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
196
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
197 SSL_SetURL(nss_data->in, gsc->host);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
198
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
199 SSL_ResetHandshake(nss_data->in, PR_FALSE);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
200
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
201 if (SSL_ForceHandshake(nss_data->in))
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
202 {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
203 gaim_debug_error("nss", "Handshake failed\n");
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
204
6759
f9efcba2d02f [gaim-migrate @ 7291]
Christian Hammond <chipx86@chipx86.com>
parents: 6747
diff changeset
205 gaim_ssl_close(gsc);
6738
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
206
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
207 return;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
208 }
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
209
6764
6d0d4e9149b9 [gaim-migrate @ 7296]
Nathan Walp <nwalp@pidgin.im>
parents: 6759
diff changeset
210 gsc->connect_cb(gsc->connect_cb_data, gsc, cond);
6d0d4e9149b9 [gaim-migrate @ 7296]
Nathan Walp <nwalp@pidgin.im>
parents: 6759
diff changeset
211 }
6d0d4e9149b9 [gaim-migrate @ 7296]
Nathan Walp <nwalp@pidgin.im>
parents: 6759
diff changeset
212
6d0d4e9149b9 [gaim-migrate @ 7296]
Nathan Walp <nwalp@pidgin.im>
parents: 6759
diff changeset
213 static void
6738
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
214 ssl_nss_close(GaimSslConnection *gsc)
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
215 {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
216 GaimSslNssData *nss_data = GAIM_SSL_NSS_DATA(gsc);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
217
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
218 if (nss_data->in) PR_Close(nss_data->in);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
219 if (nss_data->fd) PR_Close(nss_data->fd);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
220
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
221 g_free(nss_data);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
222 }
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
223
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
224 static size_t
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
225 ssl_nss_read(GaimSslConnection *gsc, void *data, size_t len)
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
226 {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
227 GaimSslNssData *nss_data = GAIM_SSL_NSS_DATA(gsc);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
228
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
229 return PR_Read(nss_data->in, data, len);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
230 }
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
231
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
232 static size_t
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
233 ssl_nss_write(GaimSslConnection *gsc, const void *data, size_t len)
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
234 {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
235 GaimSslNssData *nss_data = GAIM_SSL_NSS_DATA(gsc);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
236
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
237 return PR_Write(nss_data->in, data, len);
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
238 }
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
239
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
240 static GaimSslOps ssl_ops =
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
241 {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
242 ssl_nss_init,
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
243 ssl_nss_uninit,
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
244 ssl_nss_connect_cb,
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
245 ssl_nss_close,
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
246 ssl_nss_read,
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
247 ssl_nss_write
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
248 };
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
249
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
250 GaimSslOps *
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
251 gaim_ssl_nss_get_ops()
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
252 {
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
253 return &ssl_ops;
6c95f01aaf49 [gaim-migrate @ 7270]
Christian Hammond <chipx86@chipx86.com>
parents:
diff changeset
254 }
6747
82348b5ab87e [gaim-migrate @ 7279]
Christian Hammond <chipx86@chipx86.com>
parents: 6738
diff changeset
255
82348b5ab87e [gaim-migrate @ 7279]
Christian Hammond <chipx86@chipx86.com>
parents: 6738
diff changeset
256 #endif /* HAVE_NSS */