Mercurial > pidgin.yaz
view plugins/ssl/ssl-gnutls.c @ 13914:3ae8a3935406
[gaim-migrate @ 16414]
First stab at trying to fix the MSN http connect method. It still
doesn't work, and I'm not sure why, but it gets a lot farther in
the signon process now.
For those unfamiliar with the issue, the MSN http connect method
stopped working after all the non-blocking I/O changes. The http
connect method is apparently used by lots of people behind silly
firewalls and stuff, and therefore we really shouldn't release
Gaim 2.0.0 without it working, because people will complain.
The two main problems were
1. The outgoing message queue was removed in favor of buffering all
data to one large buffer. This sounds good in theory... but apparently
each message sent to and from the server has a "SessionID" in the
HTTP header. Every message we send should use the same SessionID as
the last packet we received from the server. So basically you can't
put two messages into the outgoing buffer at the same time because
you don't have the correct SessionID to use for the second message.
You have to wait until you get the reply from the server.
2. There were some strange buffer problems with using the wrong
variable when trying to combine the header+body into one buffer
before sending the message.
I also fixed a small memleak or two, added some comments, and
tried to clean up the code a little.
committer: Tailor Script <tailor@pidgin.im>
| author | Mark Doliner <mark@kingant.net> |
|---|---|
| date | Mon, 03 Jul 2006 20:39:04 +0000 |
| parents | 33bef17125c2 |
| children | 7d513e44201b |
line wrap: on
line source
/** * @file ssl-gnutls.c GNUTLS SSL plugin. * * gaim * * Copyright (C) 2003 Christian Hammond <chipx86@gnupdate.org> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ #include "internal.h" #include "debug.h" #include "plugin.h" #include "sslconn.h" #include "version.h" #define SSL_GNUTLS_PLUGIN_ID "ssl-gnutls" #ifdef HAVE_GNUTLS #include <gnutls/gnutls.h> typedef struct { gnutls_session session; guint handshake_handler; } GaimSslGnutlsData; #define GAIM_SSL_GNUTLS_DATA(gsc) ((GaimSslGnutlsData *)gsc->private_data) static gnutls_certificate_client_credentials xcred; static void ssl_gnutls_init_gnutls(void) { gnutls_global_init(); gnutls_certificate_allocate_credentials(&xcred); gnutls_certificate_set_x509_trust_file(xcred, "ca.pem", GNUTLS_X509_FMT_PEM); } static gboolean ssl_gnutls_init(void) { return TRUE; } static void ssl_gnutls_uninit(void) { gnutls_global_deinit(); gnutls_certificate_free_credentials(xcred); } static void ssl_gnutls_handshake_cb(gpointer data, gint source, GaimInputCondition cond) { GaimSslConnection *gsc = data; GaimSslGnutlsData *gnutls_data = GAIM_SSL_GNUTLS_DATA(gsc); ssize_t ret; gaim_debug_info("gnutls", "Handshaking\n"); ret = gnutls_handshake(gnutls_data->session); if(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED) return; gaim_input_remove(gnutls_data->handshake_handler); gnutls_data->handshake_handler = 0; if(ret != 0) { gaim_debug_error("gnutls", "Handshake failed. Error %d\n", ret); if(gsc->error_cb != NULL) gsc->error_cb(gsc, GAIM_SSL_HANDSHAKE_FAILED, gsc->connect_cb_data); gaim_ssl_close(gsc); } else { gaim_debug_info("gnutls", "Handshake complete\n"); gsc->connect_cb(gsc->connect_cb_data, gsc, cond); } } static void ssl_gnutls_connect_cb(gpointer data, gint source, GaimInputCondition cond) { GaimSslConnection *gsc = (GaimSslConnection *)data; GaimSslGnutlsData *gnutls_data; static const int cert_type_priority[2] = { GNUTLS_CRT_X509, 0 }; if(source < 0) { if(gsc->error_cb != NULL) gsc->error_cb(gsc, GAIM_SSL_CONNECT_FAILED, gsc->connect_cb_data); gaim_ssl_close(gsc); return; } gsc->fd = source; gnutls_data = g_new0(GaimSslGnutlsData, 1); gsc->private_data = gnutls_data; gnutls_init(&gnutls_data->session, GNUTLS_CLIENT); gnutls_set_default_priority(gnutls_data->session); gnutls_certificate_type_set_priority(gnutls_data->session, cert_type_priority); gnutls_credentials_set(gnutls_data->session, GNUTLS_CRD_CERTIFICATE, xcred); gnutls_transport_set_ptr(gnutls_data->session, GINT_TO_POINTER(source)); gnutls_data->handshake_handler = gaim_input_add(gsc->fd, GAIM_INPUT_READ, ssl_gnutls_handshake_cb, gsc); ssl_gnutls_handshake_cb(gsc, gsc->fd, GAIM_INPUT_READ); } static void ssl_gnutls_close(GaimSslConnection *gsc) { GaimSslGnutlsData *gnutls_data = GAIM_SSL_GNUTLS_DATA(gsc); if(!gnutls_data) return; if(gnutls_data->handshake_handler) gaim_input_remove(gnutls_data->handshake_handler); gnutls_bye(gnutls_data->session, GNUTLS_SHUT_RDWR); gnutls_deinit(gnutls_data->session); g_free(gnutls_data); gsc->private_data = NULL; } static size_t ssl_gnutls_read(GaimSslConnection *gsc, void *data, size_t len) { GaimSslGnutlsData *gnutls_data = GAIM_SSL_GNUTLS_DATA(gsc); ssize_t s; s = gnutls_record_recv(gnutls_data->session, data, len); if(s == GNUTLS_E_AGAIN || s == GNUTLS_E_INTERRUPTED) { s = -1; errno = EAGAIN; } else if(s < 0) { gaim_debug_error("gnutls", "receive failed: %d\n", s); s = 0; } return s; } static size_t ssl_gnutls_write(GaimSslConnection *gsc, const void *data, size_t len) { GaimSslGnutlsData *gnutls_data = GAIM_SSL_GNUTLS_DATA(gsc); ssize_t s = 0; /* XXX: when will gnutls_data be NULL? */ if(gnutls_data) s = gnutls_record_send(gnutls_data->session, data, len); if(s == GNUTLS_E_AGAIN || s == GNUTLS_E_INTERRUPTED) { s = -1; errno = EAGAIN; } else if(s < 0) { gaim_debug_error("gnutls", "send failed: %d\n", s); s = 0; } return s; } static GaimSslOps ssl_ops = { ssl_gnutls_init, ssl_gnutls_uninit, ssl_gnutls_connect_cb, ssl_gnutls_close, ssl_gnutls_read, ssl_gnutls_write }; #endif /* HAVE_GNUTLS */ static gboolean plugin_load(GaimPlugin *plugin) { #ifdef HAVE_GNUTLS if(!gaim_ssl_get_ops()) { gaim_ssl_set_ops(&ssl_ops); } /* Init GNUTLS now so others can use it even if sslconn never does */ ssl_gnutls_init_gnutls(); return TRUE; #else return FALSE; #endif } static gboolean plugin_unload(GaimPlugin *plugin) { #ifdef HAVE_GNUTLS if(gaim_ssl_get_ops() == &ssl_ops) { gaim_ssl_set_ops(NULL); } #endif return TRUE; } static GaimPluginInfo info = { GAIM_PLUGIN_MAGIC, GAIM_MAJOR_VERSION, GAIM_MINOR_VERSION, GAIM_PLUGIN_STANDARD, /**< type */ NULL, /**< ui_requirement */ GAIM_PLUGIN_FLAG_INVISIBLE, /**< flags */ NULL, /**< dependencies */ GAIM_PRIORITY_DEFAULT, /**< priority */ SSL_GNUTLS_PLUGIN_ID, /**< id */ N_("GNUTLS"), /**< name */ VERSION, /**< version */ /** summary */ N_("Provides SSL support through GNUTLS."), /** description */ N_("Provides SSL support through GNUTLS."), "Christian Hammond <chipx86@gnupdate.org>", GAIM_WEBSITE, /**< homepage */ plugin_load, /**< load */ plugin_unload, /**< unload */ NULL, /**< destroy */ NULL, /**< ui_info */ NULL, /**< extra_info */ NULL, /**< prefs_info */ NULL /**< actions */ }; static void init_plugin(GaimPlugin *plugin) { } GAIM_INIT_PLUGIN(ssl_gnutls, init_plugin, info)