Mercurial > pidgin
annotate plugins/ssl/ssl-nss.c @ 13849:8d1c55309e3c
[gaim-migrate @ 16306]
Keep track of the Yahoo! IMVironment specified by the people we're
IMing with. When we reply to their IMs, we now send the same IMVironment
instead of always sending an empty IMVironment because sending an
empty IMVironment would reset their IMVironment back to nothing.
This shouldn't negatively affect the Doodle stuff... but it didn't
work for me when I tested it, so it's hard to tell.
This is a change I made while at Meebo
committer: Tailor Script <tailor@pidgin.im>
| author | Mark Doliner <mark@kingant.net> |
|---|---|
| date | Thu, 22 Jun 2006 06:26:38 +0000 |
| parents | 43268b823440 |
| children | c8ebbc0110f4 |
| rev | line source |
|---|---|
| 7016 | 1 /** |
| 2 * @file ssl-nss.c Mozilla NSS SSL plugin. | |
| 3 * | |
| 4 * gaim | |
| 5 * | |
| 6 * Copyright (C) 2003 Christian Hammond <chipx86@gnupdate.org> | |
| 7 * | |
| 8 * This program is free software; you can redistribute it and/or modify | |
| 9 * it under the terms of the GNU General Public License as published by | |
| 10 * the Free Software Foundation; either version 2 of the License, or | |
| 11 * (at your option) any later version. | |
| 12 * | |
| 13 * This program is distributed in the hope that it will be useful, | |
| 14 * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 16 * GNU General Public License for more details. | |
| 17 * | |
| 18 * You should have received a copy of the GNU General Public License | |
| 19 * along with this program; if not, write to the Free Software | |
| 20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
| 21 */ | |
| 22 #include "internal.h" | |
|
7051
e885d4963a68
[gaim-migrate @ 7614]
Christian Hammond <chipx86@chipx86.com>
parents:
7050
diff
changeset
|
23 #include "debug.h" |
| 7016 | 24 #include "plugin.h" |
|
7051
e885d4963a68
[gaim-migrate @ 7614]
Christian Hammond <chipx86@chipx86.com>
parents:
7050
diff
changeset
|
25 #include "sslconn.h" |
| 9943 | 26 #include "version.h" |
| 7016 | 27 |
|
7029
b80c7a4dfae7
[gaim-migrate @ 7592]
Christian Hammond <chipx86@chipx86.com>
parents:
7028
diff
changeset
|
28 #define SSL_NSS_PLUGIN_ID "ssl-nss" |
| 7016 | 29 |
| 30 #ifdef HAVE_NSS | |
| 31 | |
|
9582
fec83fb0b6a9
[gaim-migrate @ 10425]
Christian Hammond <chipx86@chipx86.com>
parents:
8749
diff
changeset
|
32 #undef HAVE_LONG_LONG /* Make Mozilla less angry. If angry, Mozilla SMASH! */ |
|
fec83fb0b6a9
[gaim-migrate @ 10425]
Christian Hammond <chipx86@chipx86.com>
parents:
8749
diff
changeset
|
33 |
| 7016 | 34 #include <nspr.h> |
| 35 #include <private/pprio.h> | |
| 36 #include <nss.h> | |
| 37 #include <pk11func.h> | |
| 38 #include <prio.h> | |
| 39 #include <secerr.h> | |
| 40 #include <secmod.h> | |
| 41 #include <ssl.h> | |
| 42 #include <sslerr.h> | |
| 43 #include <sslproto.h> | |
| 44 | |
| 45 typedef struct | |
| 46 { | |
| 47 PRFileDesc *fd; | |
| 48 PRFileDesc *in; | |
|
13200
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
49 guint handshake_handler; |
| 7016 | 50 |
| 51 } GaimSslNssData; | |
| 52 | |
| 53 #define GAIM_SSL_NSS_DATA(gsc) ((GaimSslNssData *)gsc->private_data) | |
| 54 | |
| 55 static const PRIOMethods *_nss_methods = NULL; | |
| 56 static PRDescIdentity _identity; | |
| 57 | |
|
13200
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
58 /* Thank you, Evolution */ |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
59 static void |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
60 set_errno(int code) |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
61 { |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
62 /* FIXME: this should handle more. */ |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
63 switch (code) { |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
64 case PR_INVALID_ARGUMENT_ERROR: |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
65 errno = EINVAL; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
66 break; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
67 case PR_PENDING_INTERRUPT_ERROR: |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
68 errno = EINTR; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
69 break; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
70 case PR_IO_PENDING_ERROR: |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
71 errno = EAGAIN; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
72 break; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
73 case PR_WOULD_BLOCK_ERROR: |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
74 errno = EAGAIN; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
75 /*errno = EWOULDBLOCK; */ |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
76 break; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
77 case PR_IN_PROGRESS_ERROR: |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
78 errno = EINPROGRESS; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
79 break; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
80 case PR_ALREADY_INITIATED_ERROR: |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
81 errno = EALREADY; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
82 break; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
83 case PR_NETWORK_UNREACHABLE_ERROR: |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
84 errno = EHOSTUNREACH; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
85 break; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
86 case PR_CONNECT_REFUSED_ERROR: |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
87 errno = ECONNREFUSED; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
88 break; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
89 case PR_CONNECT_TIMEOUT_ERROR: |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
90 case PR_IO_TIMEOUT_ERROR: |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
91 errno = ETIMEDOUT; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
92 break; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
93 case PR_NOT_CONNECTED_ERROR: |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
94 errno = ENOTCONN; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
95 break; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
96 case PR_CONNECT_RESET_ERROR: |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
97 errno = ECONNRESET; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
98 break; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
99 case PR_IO_ERROR: |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
100 default: |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
101 errno = EIO; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
102 break; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
103 } |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
104 } |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
105 |
|
7993
495d3dbb4e84
[gaim-migrate @ 8670]
Christian Hammond <chipx86@chipx86.com>
parents:
7862
diff
changeset
|
106 static void |
| 7862 | 107 ssl_nss_init_nss(void) |
| 108 { | |
| 10519 | 109 char *lib; |
| 7862 | 110 PR_Init(PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1); |
| 111 NSS_NoDB_Init(NULL); | |
| 112 | |
| 113 /* TODO: Fix this so autoconf does the work trying to find this lib. */ | |
| 114 #ifndef _WIN32 | |
| 10519 | 115 lib = g_strdup(BR_LIBDIR("/libnssckbi.so")); |
| 7862 | 116 #else |
| 10519 | 117 lib = g_strdup("nssckbi.dll"); |
| 7862 | 118 #endif |
| 10519 | 119 SECMOD_AddNewModule("Builtins", lib, 0, 0); |
| 120 g_free(lib); | |
| 7862 | 121 NSS_SetDomesticPolicy(); |
| 122 | |
| 123 _identity = PR_GetUniqueIdentity("Gaim"); | |
| 124 _nss_methods = PR_GetDefaultIOMethods(); | |
| 125 } | |
| 126 | |
| 7016 | 127 static SECStatus |
| 128 ssl_auth_cert(void *arg, PRFileDesc *socket, PRBool checksig, | |
| 129 PRBool is_server) | |
| 130 { | |
| 131 return SECSuccess; | |
| 132 | |
| 133 #if 0 | |
| 134 CERTCertificate *cert; | |
| 135 void *pinArg; | |
| 136 SECStatus status; | |
| 137 | |
| 138 cert = SSL_PeerCertificate(socket); | |
| 139 pinArg = SSL_RevealPinArg(socket); | |
| 140 | |
| 141 status = CERT_VerifyCertNow((CERTCertDBHandle *)arg, cert, checksig, | |
| 142 certUsageSSLClient, pinArg); | |
| 143 | |
| 144 if (status != SECSuccess) { | |
| 145 gaim_debug_error("nss", "CERT_VerifyCertNow failed\n"); | |
| 146 CERT_DestroyCertificate(cert); | |
| 147 return status; | |
| 148 } | |
| 149 | |
| 150 CERT_DestroyCertificate(cert); | |
| 151 return SECSuccess; | |
| 152 #endif | |
| 153 } | |
| 154 | |
| 155 static SECStatus | |
| 156 ssl_bad_cert(void *arg, PRFileDesc *socket) | |
| 157 { | |
| 158 SECStatus status = SECFailure; | |
| 159 PRErrorCode err; | |
| 160 | |
| 161 if (arg == NULL) | |
| 162 return status; | |
| 163 | |
| 164 *(PRErrorCode *)arg = err = PORT_GetError(); | |
| 165 | |
| 166 switch (err) | |
| 167 { | |
| 168 case SEC_ERROR_INVALID_AVA: | |
| 169 case SEC_ERROR_INVALID_TIME: | |
| 170 case SEC_ERROR_BAD_SIGNATURE: | |
| 171 case SEC_ERROR_EXPIRED_CERTIFICATE: | |
| 172 case SEC_ERROR_UNKNOWN_ISSUER: | |
| 173 case SEC_ERROR_UNTRUSTED_CERT: | |
| 174 case SEC_ERROR_CERT_VALID: | |
| 175 case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE: | |
| 176 case SEC_ERROR_CRL_EXPIRED: | |
| 177 case SEC_ERROR_CRL_BAD_SIGNATURE: | |
| 178 case SEC_ERROR_EXTENSION_VALUE_INVALID: | |
| 179 case SEC_ERROR_CA_CERT_INVALID: | |
| 180 case SEC_ERROR_CERT_USAGES_INVALID: | |
| 181 case SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION: | |
| 182 status = SECSuccess; | |
| 183 break; | |
| 184 | |
| 185 default: | |
| 186 status = SECFailure; | |
| 187 break; | |
| 188 } | |
| 189 | |
| 12209 | 190 gaim_debug_error("nss", "Bad certificate: %d\n", err); |
| 7016 | 191 |
| 192 return status; | |
| 193 } | |
| 194 | |
| 195 static gboolean | |
| 196 ssl_nss_init(void) | |
| 197 { | |
| 7862 | 198 return TRUE; |
| 7016 | 199 } |
| 200 | |
| 201 static void | |
| 202 ssl_nss_uninit(void) | |
| 203 { | |
| 204 PR_Cleanup(); | |
| 205 | |
| 206 _nss_methods = NULL; | |
| 207 } | |
| 208 | |
| 209 static void | |
|
13200
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
210 ssl_nss_handshake_cb(gpointer data, int fd, GaimInputCondition cond) |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
211 { |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
212 GaimSslConnection *gsc = (GaimSslConnection *)data; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
213 GaimSslNssData *nss_data = gsc->private_data; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
214 |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
215 /* I don't think this the best way to do this... |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
216 * It seems to work because it'll eventually use the cached value |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
217 */ |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
218 if(SSL_ForceHandshake(nss_data->in) != SECSuccess) { |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
219 set_errno(PR_GetError()); |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
220 if (errno == EAGAIN || errno == EWOULDBLOCK) |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
221 return; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
222 |
|
13529
43268b823440
[gaim-migrate @ 15906]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
13263
diff
changeset
|
223 gaim_debug_error("nss", "Handshake failed %d\n", PR_GetError()); |
|
13200
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
224 |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
225 if (gsc->error_cb != NULL) |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
226 gsc->error_cb(gsc, GAIM_SSL_HANDSHAKE_FAILED, gsc->connect_cb_data); |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
227 |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
228 gaim_ssl_close(gsc); |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
229 |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
230 return; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
231 } |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
232 |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
233 gaim_input_remove(nss_data->handshake_handler); |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
234 nss_data->handshake_handler = 0; |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
235 |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
236 gsc->connect_cb(gsc->connect_cb_data, gsc, cond); |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
237 } |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
238 |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
239 static void |
| 7016 | 240 ssl_nss_connect_cb(gpointer data, gint source, GaimInputCondition cond) |
| 241 { | |
| 242 GaimSslConnection *gsc = (GaimSslConnection *)data; | |
| 243 GaimSslNssData *nss_data = g_new0(GaimSslNssData, 1); | |
| 244 PRSocketOptionData socket_opt; | |
| 245 | |
| 246 gsc->private_data = nss_data; | |
| 247 | |
| 248 gsc->fd = source; | |
| 249 | |
| 250 nss_data->fd = PR_ImportTCPSocket(gsc->fd); | |
| 251 | |
| 252 if (nss_data->fd == NULL) | |
| 253 { | |
| 254 gaim_debug_error("nss", "nss_data->fd == NULL!\n"); | |
| 255 | |
| 8362 | 256 if (gsc->error_cb != NULL) |
| 257 gsc->error_cb(gsc, GAIM_SSL_CONNECT_FAILED, gsc->connect_cb_data); | |
| 258 | |
| 7016 | 259 gaim_ssl_close((GaimSslConnection *)gsc); |
| 260 | |
| 261 return; | |
| 262 } | |
| 263 | |
| 264 socket_opt.option = PR_SockOpt_Nonblocking; | |
|
13200
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
265 socket_opt.value.non_blocking = PR_TRUE; |
| 7016 | 266 |
|
13200
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
267 if (PR_SetSocketOption(nss_data->fd, &socket_opt) != PR_SUCCESS) |
|
13529
43268b823440
[gaim-migrate @ 15906]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
13263
diff
changeset
|
268 gaim_debug_warning("nss", "unable to set socket into non-blocking mode: %d\n", PR_GetError()); |
| 7016 | 269 |
| 270 nss_data->in = SSL_ImportFD(NULL, nss_data->fd); | |
| 271 | |
| 272 if (nss_data->in == NULL) | |
| 273 { | |
| 274 gaim_debug_error("nss", "nss_data->in == NUL!\n"); | |
| 275 | |
| 8362 | 276 if (gsc->error_cb != NULL) |
| 277 gsc->error_cb(gsc, GAIM_SSL_CONNECT_FAILED, gsc->connect_cb_data); | |
| 278 | |
| 7016 | 279 gaim_ssl_close((GaimSslConnection *)gsc); |
| 280 | |
| 281 return; | |
| 282 } | |
| 283 | |
| 284 SSL_OptionSet(nss_data->in, SSL_SECURITY, PR_TRUE); | |
| 285 SSL_OptionSet(nss_data->in, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE); | |
| 286 | |
| 287 SSL_AuthCertificateHook(nss_data->in, | |
| 288 (SSLAuthCertificate)ssl_auth_cert, | |
| 289 (void *)CERT_GetDefaultCertDB()); | |
| 290 SSL_BadCertHook(nss_data->in, (SSLBadCertHandler)ssl_bad_cert, NULL); | |
| 291 | |
| 7157 | 292 if(gsc->host) |
| 293 SSL_SetURL(nss_data->in, gsc->host); | |
| 7016 | 294 |
|
13263
a587a6c6149c
[gaim-migrate @ 15629]
Richard Laager <rlaager@wiktel.com>
parents:
13200
diff
changeset
|
295 #if 0 |
|
a587a6c6149c
[gaim-migrate @ 15629]
Richard Laager <rlaager@wiktel.com>
parents:
13200
diff
changeset
|
296 /* This seems like it'd the be the correct way to implement the |
|
a587a6c6149c
[gaim-migrate @ 15629]
Richard Laager <rlaager@wiktel.com>
parents:
13200
diff
changeset
|
297 nonblocking stuff, but it doesn't seem to work */ |
|
13200
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
298 SSL_HandshakeCallback(nss_data->in, |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
299 (SSLHandshakeCallback) ssl_nss_handshake_cb, gsc); |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
300 #endif |
| 7016 | 301 SSL_ResetHandshake(nss_data->in, PR_FALSE); |
| 302 | |
|
13200
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
303 nss_data->handshake_handler = gaim_input_add(gsc->fd, |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
304 GAIM_INPUT_READ, ssl_nss_handshake_cb, gsc); |
|
7274
448e39ace278
[gaim-migrate @ 7851]
Christian Hammond <chipx86@chipx86.com>
parents:
7157
diff
changeset
|
305 |
|
13200
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
306 ssl_nss_handshake_cb(gsc, gsc->fd, GAIM_INPUT_READ); |
| 7016 | 307 } |
| 308 | |
| 309 static void | |
| 310 ssl_nss_close(GaimSslConnection *gsc) | |
| 311 { | |
| 312 GaimSslNssData *nss_data = GAIM_SSL_NSS_DATA(gsc); | |
| 313 | |
| 7467 | 314 if(!nss_data) |
| 315 return; | |
| 316 | |
| 7016 | 317 if (nss_data->in) PR_Close(nss_data->in); |
| 318 /* if (nss_data->fd) PR_Close(nss_data->fd); */ | |
| 319 | |
|
13200
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
320 if (nss_data->handshake_handler) |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
321 gaim_input_remove(nss_data->handshake_handler); |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
322 |
| 7016 | 323 g_free(nss_data); |
|
13200
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
324 gsc->private_data = NULL; |
| 7016 | 325 } |
| 326 | |
| 327 static size_t | |
| 328 ssl_nss_read(GaimSslConnection *gsc, void *data, size_t len) | |
| 329 { | |
|
13200
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
330 ssize_t ret; |
| 7016 | 331 GaimSslNssData *nss_data = GAIM_SSL_NSS_DATA(gsc); |
| 332 | |
|
13200
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
333 ret = PR_Read(nss_data->in, data, len); |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
334 |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
335 if (ret == -1) |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
336 set_errno(PR_GetError()); |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
337 |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
338 return ret; |
| 7016 | 339 } |
| 340 | |
| 341 static size_t | |
| 342 ssl_nss_write(GaimSslConnection *gsc, const void *data, size_t len) | |
| 343 { | |
|
13200
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
344 ssize_t ret; |
| 7016 | 345 GaimSslNssData *nss_data = GAIM_SSL_NSS_DATA(gsc); |
| 346 | |
| 7467 | 347 if(!nss_data) |
| 348 return 0; | |
| 349 | |
|
13200
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
350 ret = PR_Write(nss_data->in, data, len); |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
351 |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
352 if (ret == -1) |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
353 set_errno(PR_GetError()); |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
354 |
|
33bef17125c2
[gaim-migrate @ 15563]
Daniel Atallah <daniel.atallah@gmail.com>
parents:
12209
diff
changeset
|
355 return ret; |
| 7016 | 356 } |
| 357 | |
| 358 static GaimSslOps ssl_ops = | |
| 359 { | |
| 360 ssl_nss_init, | |
| 361 ssl_nss_uninit, | |
| 362 ssl_nss_connect_cb, | |
| 363 ssl_nss_close, | |
| 364 ssl_nss_read, | |
| 365 ssl_nss_write | |
| 366 }; | |
| 367 | |
| 368 #endif /* HAVE_NSS */ | |
| 369 | |
| 370 | |
| 371 static gboolean | |
| 372 plugin_load(GaimPlugin *plugin) | |
| 373 { | |
| 374 #ifdef HAVE_NSS | |
| 7862 | 375 if (!gaim_ssl_get_ops()) { |
| 376 gaim_ssl_set_ops(&ssl_ops); | |
| 377 } | |
| 7016 | 378 |
|
11033
50224ac8184d
[gaim-migrate @ 12919]
Etan Reisner <pidgin@unreliablesource.net>
parents:
10519
diff
changeset
|
379 /* Init NSS now, so others can use it even if sslconn never does */ |
|
50224ac8184d
[gaim-migrate @ 12919]
Etan Reisner <pidgin@unreliablesource.net>
parents:
10519
diff
changeset
|
380 ssl_nss_init_nss(); |
|
50224ac8184d
[gaim-migrate @ 12919]
Etan Reisner <pidgin@unreliablesource.net>
parents:
10519
diff
changeset
|
381 |
| 7016 | 382 return TRUE; |
| 383 #else | |
| 384 return FALSE; | |
| 385 #endif | |
| 386 } | |
| 387 | |
| 388 static gboolean | |
| 389 plugin_unload(GaimPlugin *plugin) | |
| 390 { | |
| 7053 | 391 #ifdef HAVE_NSS |
| 7862 | 392 if (gaim_ssl_get_ops() == &ssl_ops) { |
| 393 gaim_ssl_set_ops(NULL); | |
| 394 } | |
|
7050
e8cd8827fb25
[gaim-migrate @ 7613]
Christian Hammond <chipx86@chipx86.com>
parents:
7029
diff
changeset
|
395 #endif |
|
e8cd8827fb25
[gaim-migrate @ 7613]
Christian Hammond <chipx86@chipx86.com>
parents:
7029
diff
changeset
|
396 |
| 7016 | 397 return TRUE; |
| 398 } | |
| 399 | |
| 400 static GaimPluginInfo info = | |
| 401 { | |
| 9943 | 402 GAIM_PLUGIN_MAGIC, |
| 403 GAIM_MAJOR_VERSION, | |
| 404 GAIM_MINOR_VERSION, | |
| 7016 | 405 GAIM_PLUGIN_STANDARD, /**< type */ |
| 406 NULL, /**< ui_requirement */ | |
| 407 GAIM_PLUGIN_FLAG_INVISIBLE, /**< flags */ | |
| 408 NULL, /**< dependencies */ | |
| 409 GAIM_PRIORITY_DEFAULT, /**< priority */ | |
| 410 | |
|
7029
b80c7a4dfae7
[gaim-migrate @ 7592]
Christian Hammond <chipx86@chipx86.com>
parents:
7028
diff
changeset
|
411 SSL_NSS_PLUGIN_ID, /**< id */ |
| 7016 | 412 N_("NSS"), /**< name */ |
| 413 VERSION, /**< version */ | |
| 414 /** summary */ | |
| 415 N_("Provides SSL support through Mozilla NSS."), | |
| 416 /** description */ | |
| 417 N_("Provides SSL support through Mozilla NSS."), | |
| 418 "Christian Hammond <chipx86@gnupdate.org>", | |
| 419 GAIM_WEBSITE, /**< homepage */ | |
| 420 | |
| 421 plugin_load, /**< load */ | |
| 422 plugin_unload, /**< unload */ | |
| 423 NULL, /**< destroy */ | |
| 424 | |
| 425 NULL, /**< ui_info */ | |
| 11513 | 426 NULL, /**< extra_info */ |
| 427 NULL, /**< prefs_info */ | |
| 428 NULL /**< actions */ | |
| 7016 | 429 }; |
| 430 | |
| 431 static void | |
| 432 init_plugin(GaimPlugin *plugin) | |
| 433 { | |
| 434 } | |
| 435 | |
| 436 GAIM_INIT_PLUGIN(ssl_nss, init_plugin, info) |