|
|
ccc523 |
From 93b29c67671549e46ebe2c6296fdae7a4abe6ffd Mon Sep 17 00:00:00 2001
|
|
|
ccc523 |
From: Colin Walters <walters@verbum.org>
|
|
|
ccc523 |
Date: Thu, 1 May 2014 15:08:53 -0400
|
|
|
ccc523 |
Subject: [PATCH] Add tls-interaction property to
|
|
|
ccc523 |
Soup{Connection,Session,Socket}
|
|
|
ccc523 |
|
|
|
ccc523 |
This can be used by applications to do client-side certificates via
|
|
|
ccc523 |
the new g_tls_interaction_request_certificate(). Will be used by
|
|
|
ccc523 |
OSTree at least.
|
|
|
ccc523 |
|
|
|
ccc523 |
https://bugzilla.gnome.org/show_bug.cgi?id=334021
|
|
|
ccc523 |
---
|
|
|
ccc523 |
libsoup/soup-connection.c | 17 +++++++++++++++++
|
|
|
ccc523 |
libsoup/soup-connection.h | 1 +
|
|
|
ccc523 |
libsoup/soup-session.c | 33 +++++++++++++++++++++++++++++++++
|
|
|
ccc523 |
libsoup/soup-session.h | 1 +
|
|
|
ccc523 |
libsoup/soup-socket.c | 22 ++++++++++++++++++++++
|
|
|
ccc523 |
libsoup/soup-socket.h | 1 +
|
|
|
ccc523 |
6 files changed, 75 insertions(+)
|
|
|
ccc523 |
|
|
|
ccc523 |
diff --git a/libsoup/soup-connection.c b/libsoup/soup-connection.c
|
|
|
ccc523 |
index fce589f..8b40cb8 100644
|
|
|
ccc523 |
--- a/libsoup/soup-connection.c
|
|
|
ccc523 |
+++ b/libsoup/soup-connection.c
|
|
|
ccc523 |
@@ -20,6 +20,7 @@ typedef struct {
|
|
|
ccc523 |
SoupAddress *local_addr;
|
|
|
ccc523 |
SoupURI *remote_uri, *proxy_uri;
|
|
|
ccc523 |
GProxyResolver *proxy_resolver;
|
|
|
ccc523 |
+ GTlsInteraction *tls_interaction;
|
|
|
ccc523 |
GTlsDatabase *tlsdb;
|
|
|
ccc523 |
gboolean ssl, ssl_strict, ssl_fallback;
|
|
|
ccc523 |
|
|
|
ccc523 |
@@ -49,6 +50,7 @@ enum {
|
|
|
ccc523 |
PROP_0,
|
|
|
ccc523 |
|
|
|
ccc523 |
PROP_LOCAL_ADDRESS,
|
|
|
ccc523 |
+ PROP_TLS_INTERACTION,
|
|
|
ccc523 |
PROP_REMOTE_URI,
|
|
|
ccc523 |
PROP_PROXY_RESOLVER,
|
|
|
ccc523 |
PROP_SSL,
|
|
|
ccc523 |
@@ -84,6 +86,7 @@ soup_connection_finalize (GObject *object)
|
|
|
ccc523 |
g_clear_pointer (&priv->remote_uri, soup_uri_free);
|
|
|
ccc523 |
g_clear_pointer (&priv->proxy_uri, soup_uri_free);
|
|
|
ccc523 |
g_clear_object (&priv->tlsdb);
|
|
|
ccc523 |
+ g_clear_object (&priv->tls_interaction);
|
|
|
ccc523 |
g_clear_object (&priv->proxy_resolver);
|
|
|
ccc523 |
g_clear_object (&priv->local_addr);
|
|
|
ccc523 |
g_clear_pointer (&priv->async_context, g_main_context_unref);
|
|
|
ccc523 |
@@ -117,6 +120,9 @@ soup_connection_set_property (GObject *object, guint prop_id,
|
|
|
ccc523 |
case PROP_LOCAL_ADDRESS:
|
|
|
ccc523 |
priv->local_addr = g_value_dup_object (value);
|
|
|
ccc523 |
break;
|
|
|
ccc523 |
+ case PROP_TLS_INTERACTION:
|
|
|
ccc523 |
+ priv->tls_interaction = g_value_dup_object (value);
|
|
|
ccc523 |
+ break;
|
|
|
ccc523 |
case PROP_REMOTE_URI:
|
|
|
ccc523 |
priv->remote_uri = g_value_dup_boxed (value);
|
|
|
ccc523 |
break;
|
|
|
ccc523 |
@@ -170,6 +176,9 @@ soup_connection_get_property (GObject *object, guint prop_id,
|
|
|
ccc523 |
case PROP_LOCAL_ADDRESS:
|
|
|
ccc523 |
g_value_set_object (value, priv->local_addr);
|
|
|
ccc523 |
break;
|
|
|
ccc523 |
+ case PROP_TLS_INTERACTION:
|
|
|
ccc523 |
+ g_value_set_object (value, priv->tls_interaction);
|
|
|
ccc523 |
+ break;
|
|
|
ccc523 |
case PROP_REMOTE_URI:
|
|
|
ccc523 |
g_value_set_boxed (value, priv->remote_uri);
|
|
|
ccc523 |
break;
|
|
|
ccc523 |
@@ -248,6 +257,13 @@ soup_connection_class_init (SoupConnectionClass *connection_class)
|
|
|
ccc523 |
SOUP_TYPE_ADDRESS,
|
|
|
ccc523 |
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
|
|
|
ccc523 |
g_object_class_install_property (
|
|
|
ccc523 |
+ object_class, PROP_TLS_INTERACTION,
|
|
|
ccc523 |
+ g_param_spec_object (SOUP_CONNECTION_TLS_INTERACTION,
|
|
|
ccc523 |
+ "TLS interaction",
|
|
|
ccc523 |
+ "TLS interaction",
|
|
|
ccc523 |
+ G_TYPE_TLS_INTERACTION,
|
|
|
ccc523 |
+ G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
|
|
|
ccc523 |
+ g_object_class_install_property (
|
|
|
ccc523 |
object_class, PROP_REMOTE_URI,
|
|
|
ccc523 |
g_param_spec_boxed (SOUP_CONNECTION_REMOTE_URI,
|
|
|
ccc523 |
"Remote URI",
|
|
|
ccc523 |
@@ -551,6 +567,7 @@ soup_connection_connect_async (SoupConnection *conn,
|
|
|
ccc523 |
SOUP_SOCKET_TIMEOUT, priv->io_timeout,
|
|
|
ccc523 |
SOUP_SOCKET_CLEAN_DISPOSE, TRUE,
|
|
|
ccc523 |
SOUP_SOCKET_LOCAL_ADDRESS, priv->local_addr,
|
|
|
ccc523 |
+ SOUP_SOCKET_TLS_INTERACTION, priv->tls_interaction,
|
|
|
ccc523 |
NULL);
|
|
|
ccc523 |
g_object_unref (remote_addr);
|
|
|
ccc523 |
|
|
|
ccc523 |
diff --git a/libsoup/soup-connection.h b/libsoup/soup-connection.h
|
|
|
ccc523 |
index b70a8a3..3e934af 100644
|
|
|
ccc523 |
--- a/libsoup/soup-connection.h
|
|
|
ccc523 |
+++ b/libsoup/soup-connection.h
|
|
|
ccc523 |
@@ -36,6 +36,7 @@ GType soup_connection_get_type (void);
|
|
|
ccc523 |
|
|
|
ccc523 |
|
|
|
ccc523 |
#define SOUP_CONNECTION_LOCAL_ADDRESS "local-address"
|
|
|
ccc523 |
+#define SOUP_CONNECTION_TLS_INTERACTION "tls-interaction"
|
|
|
ccc523 |
#define SOUP_CONNECTION_REMOTE_URI "remote-uri"
|
|
|
ccc523 |
#define SOUP_CONNECTION_PROXY_RESOLVER "proxy-resolver"
|
|
|
ccc523 |
#define SOUP_CONNECTION_SSL "ssl"
|
|
|
ccc523 |
diff --git a/libsoup/soup-session.c b/libsoup/soup-session.c
|
|
|
ccc523 |
index 132554d..0984a9f 100644
|
|
|
ccc523 |
--- a/libsoup/soup-session.c
|
|
|
ccc523 |
+++ b/libsoup/soup-session.c
|
|
|
ccc523 |
@@ -86,6 +86,7 @@ typedef struct {
|
|
|
ccc523 |
gboolean disposed;
|
|
|
ccc523 |
|
|
|
ccc523 |
GTlsDatabase *tlsdb;
|
|
|
ccc523 |
+ GTlsDatabase *tls_interaction;
|
|
|
ccc523 |
char *ssl_ca_file;
|
|
|
ccc523 |
gboolean ssl_strict;
|
|
|
ccc523 |
gboolean tlsdb_use_default;
|
|
|
ccc523 |
@@ -197,6 +198,7 @@ enum {
|
|
|
ccc523 |
PROP_HTTP_ALIASES,
|
|
|
ccc523 |
PROP_HTTPS_ALIASES,
|
|
|
ccc523 |
PROP_LOCAL_ADDRESS,
|
|
|
ccc523 |
+ PROP_TLS_INTERACTION,
|
|
|
ccc523 |
|
|
|
ccc523 |
LAST_PROP
|
|
|
ccc523 |
};
|
|
|
ccc523 |
@@ -334,6 +336,7 @@ soup_session_finalize (GObject *object)
|
|
|
ccc523 |
g_free (priv->accept_language);
|
|
|
ccc523 |
|
|
|
ccc523 |
g_clear_object (&priv->tlsdb);
|
|
|
ccc523 |
+ g_clear_object (&priv->tls_interaction);
|
|
|
ccc523 |
g_free (priv->ssl_ca_file);
|
|
|
ccc523 |
|
|
|
ccc523 |
g_clear_pointer (&priv->async_context, g_main_context_unref);
|
|
|
ccc523 |
@@ -640,6 +643,9 @@ soup_session_set_property (GObject *object, guint prop_id,
|
|
|
ccc523 |
case PROP_TLS_DATABASE:
|
|
|
ccc523 |
set_tlsdb (session, g_value_get_object (value));
|
|
|
ccc523 |
break;
|
|
|
ccc523 |
+ case PROP_TLS_INTERACTION:
|
|
|
ccc523 |
+ priv->tls_interaction = g_value_dup_object (value);
|
|
|
ccc523 |
+ break;
|
|
|
ccc523 |
case PROP_SSL_STRICT:
|
|
|
ccc523 |
priv->ssl_strict = g_value_get_boolean (value);
|
|
|
ccc523 |
break;
|
|
|
ccc523 |
@@ -788,6 +794,9 @@ soup_session_get_property (GObject *object, guint prop_id,
|
|
|
ccc523 |
case PROP_TLS_DATABASE:
|
|
|
ccc523 |
g_value_set_object (value, get_tls_database (session));
|
|
|
ccc523 |
break;
|
|
|
ccc523 |
+ case PROP_TLS_INTERACTION:
|
|
|
ccc523 |
+ g_value_set_object (value, priv->tls_interaction);
|
|
|
ccc523 |
+ break;
|
|
|
ccc523 |
case PROP_SSL_STRICT:
|
|
|
ccc523 |
g_value_set_boolean (value, priv->ssl_strict);
|
|
|
ccc523 |
break;
|
|
|
ccc523 |
@@ -1783,6 +1792,7 @@ get_connection_for_host (SoupSession *session,
|
|
|
ccc523 |
SOUP_CONNECTION_IDLE_TIMEOUT, priv->idle_timeout,
|
|
|
ccc523 |
SOUP_CONNECTION_SSL_FALLBACK, host->ssl_fallback,
|
|
|
ccc523 |
SOUP_CONNECTION_LOCAL_ADDRESS, priv->local_addr,
|
|
|
ccc523 |
+ SOUP_CONNECTION_TLS_INTERACTION, priv->tls_interaction,
|
|
|
ccc523 |
NULL);
|
|
|
ccc523 |
g_signal_connect (conn, "disconnected",
|
|
|
ccc523 |
G_CALLBACK (connection_disconnected),
|
|
|
ccc523 |
@@ -3711,6 +3721,29 @@ soup_session_class_init (SoupSessionClass *session_class)
|
|
|
ccc523 |
"Address of local end of socket",
|
|
|
ccc523 |
SOUP_TYPE_ADDRESS,
|
|
|
ccc523 |
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
|
|
|
ccc523 |
+
|
|
|
ccc523 |
+ /**
|
|
|
ccc523 |
+ * SOUP_SESSION_TLS_INTERACTION:
|
|
|
ccc523 |
+ *
|
|
|
ccc523 |
+ * Alias for the #SoupSession:tls-interaction property, qv.
|
|
|
ccc523 |
+ *
|
|
|
ccc523 |
+ * Since: 2.42
|
|
|
ccc523 |
+ **/
|
|
|
ccc523 |
+ /**
|
|
|
ccc523 |
+ * SoupSession:tls-interaction:
|
|
|
ccc523 |
+ *
|
|
|
ccc523 |
+ * Set this property to allow interacting with the underlying
|
|
|
ccc523 |
+ * #GTlsConnection.
|
|
|
ccc523 |
+ *
|
|
|
ccc523 |
+ * Since: 2.42
|
|
|
ccc523 |
+ **/
|
|
|
ccc523 |
+ g_object_class_install_property (
|
|
|
ccc523 |
+ object_class, PROP_TLS_INTERACTION,
|
|
|
ccc523 |
+ g_param_spec_object (SOUP_SESSION_TLS_INTERACTION,
|
|
|
ccc523 |
+ "TLS Interaction",
|
|
|
ccc523 |
+ "TLS interaction to use",
|
|
|
ccc523 |
+ G_TYPE_TLS_INTERACTION,
|
|
|
ccc523 |
+ G_PARAM_READWRITE));
|
|
|
ccc523 |
}
|
|
|
ccc523 |
|
|
|
ccc523 |
|
|
|
ccc523 |
diff --git a/libsoup/soup-session.h b/libsoup/soup-session.h
|
|
|
ccc523 |
index 67a59ea..eed392d 100644
|
|
|
ccc523 |
--- a/libsoup/soup-session.h
|
|
|
ccc523 |
+++ b/libsoup/soup-session.h
|
|
|
ccc523 |
@@ -70,6 +70,7 @@ GType soup_session_get_type (void);
|
|
|
ccc523 |
#define SOUP_SESSION_SSL_USE_SYSTEM_CA_FILE "ssl-use-system-ca-file"
|
|
|
ccc523 |
#define SOUP_SESSION_TLS_DATABASE "tls-database"
|
|
|
ccc523 |
#define SOUP_SESSION_SSL_STRICT "ssl-strict"
|
|
|
ccc523 |
+#define SOUP_SESSION_TLS_INTERACTION "tls-interaction"
|
|
|
ccc523 |
#define SOUP_SESSION_ASYNC_CONTEXT "async-context"
|
|
|
ccc523 |
#define SOUP_SESSION_USE_THREAD_CONTEXT "use-thread-context"
|
|
|
ccc523 |
#define SOUP_SESSION_TIMEOUT "timeout"
|
|
|
ccc523 |
diff --git a/libsoup/soup-socket.c b/libsoup/soup-socket.c
|
|
|
ccc523 |
index b9f1dfc..f3c24db 100644
|
|
|
ccc523 |
--- a/libsoup/soup-socket.c
|
|
|
ccc523 |
+++ b/libsoup/soup-socket.c
|
|
|
ccc523 |
@@ -59,6 +59,7 @@ enum {
|
|
|
ccc523 |
PROP_CLEAN_DISPOSE,
|
|
|
ccc523 |
PROP_TLS_CERTIFICATE,
|
|
|
ccc523 |
PROP_TLS_ERRORS,
|
|
|
ccc523 |
+ PROP_TLS_INTERACTION,
|
|
|
ccc523 |
PROP_PROXY_RESOLVER,
|
|
|
ccc523 |
|
|
|
ccc523 |
LAST_PROP
|
|
|
ccc523 |
@@ -71,6 +72,7 @@ typedef struct {
|
|
|
ccc523 |
GInputStream *istream;
|
|
|
ccc523 |
GOutputStream *ostream;
|
|
|
ccc523 |
GTlsCertificateFlags tls_errors;
|
|
|
ccc523 |
+ GTlsInteraction *tls_interaction;
|
|
|
ccc523 |
GProxyResolver *proxy_resolver;
|
|
|
ccc523 |
|
|
|
ccc523 |
guint non_blocking:1;
|
|
|
ccc523 |
@@ -150,6 +152,7 @@ soup_socket_finalize (GObject *object)
|
|
|
ccc523 |
g_clear_object (&priv->local_addr);
|
|
|
ccc523 |
g_clear_object (&priv->remote_addr);
|
|
|
ccc523 |
|
|
|
ccc523 |
+ g_clear_object (&priv->tls_interaction);
|
|
|
ccc523 |
g_clear_object (&priv->proxy_resolver);
|
|
|
ccc523 |
|
|
|
ccc523 |
if (priv->watch_src) {
|
|
|
ccc523 |
@@ -210,6 +213,9 @@ soup_socket_set_property (GObject *object, guint prop_id,
|
|
|
ccc523 |
case PROP_SSL_FALLBACK:
|
|
|
ccc523 |
priv->ssl_fallback = g_value_get_boolean (value);
|
|
|
ccc523 |
break;
|
|
|
ccc523 |
+ case PROP_TLS_INTERACTION:
|
|
|
ccc523 |
+ priv->tls_interaction = g_value_dup_object (value);
|
|
|
ccc523 |
+ break;
|
|
|
ccc523 |
case PROP_ASYNC_CONTEXT:
|
|
|
ccc523 |
priv->async_context = g_value_get_pointer (value);
|
|
|
ccc523 |
if (priv->async_context)
|
|
|
ccc523 |
@@ -263,6 +269,9 @@ soup_socket_get_property (GObject *object, guint prop_id,
|
|
|
ccc523 |
case PROP_SSL_FALLBACK:
|
|
|
ccc523 |
g_value_set_boolean (value, priv->ssl_fallback);
|
|
|
ccc523 |
break;
|
|
|
ccc523 |
+ case PROP_TLS_INTERACTION:
|
|
|
ccc523 |
+ g_value_set_object (value, priv->tls_interaction);
|
|
|
ccc523 |
+ break;
|
|
|
ccc523 |
case PROP_TRUSTED_CERTIFICATE:
|
|
|
ccc523 |
g_value_set_boolean (value, priv->tls_errors == 0);
|
|
|
ccc523 |
break;
|
|
|
ccc523 |
@@ -517,6 +526,18 @@ soup_socket_class_init (SoupSocketClass *socket_class)
|
|
|
ccc523 |
FALSE,
|
|
|
ccc523 |
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
|
|
|
ccc523 |
/**
|
|
|
ccc523 |
+ * SOUP_SOCKET_TLS_INTERACTION:
|
|
|
ccc523 |
+ *
|
|
|
ccc523 |
+ * Alias for the #SoupSocket:tls-interaction property.
|
|
|
ccc523 |
+ **/
|
|
|
ccc523 |
+ g_object_class_install_property (
|
|
|
ccc523 |
+ object_class, PROP_TLS_INTERACTION,
|
|
|
ccc523 |
+ g_param_spec_object (SOUP_SOCKET_TLS_INTERACTION,
|
|
|
ccc523 |
+ "TLS Interaction",
|
|
|
ccc523 |
+ "TLS Interaction",
|
|
|
ccc523 |
+ G_TYPE_TLS_INTERACTION,
|
|
|
ccc523 |
+ G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
|
|
|
ccc523 |
+ /**
|
|
|
ccc523 |
* SOUP_SOCKET_TRUSTED_CERTIFICATE:
|
|
|
ccc523 |
*
|
|
|
ccc523 |
* Alias for the #SoupSocket:trusted-certificate
|
|
|
ccc523 |
@@ -1134,6 +1155,7 @@ soup_socket_setup_ssl (SoupSocket *sock,
|
|
|
ccc523 |
"database", priv->ssl_creds,
|
|
|
ccc523 |
"require-close-notify", FALSE,
|
|
|
ccc523 |
"use-ssl3", priv->ssl_fallback,
|
|
|
ccc523 |
+ "interaction", priv->tls_interaction,
|
|
|
ccc523 |
NULL);
|
|
|
ccc523 |
g_object_unref (identity);
|
|
|
ccc523 |
|
|
|
ccc523 |
diff --git a/libsoup/soup-socket.h b/libsoup/soup-socket.h
|
|
|
ccc523 |
index 5c1264f..6d9ee61 100644
|
|
|
ccc523 |
--- a/libsoup/soup-socket.h
|
|
|
ccc523 |
+++ b/libsoup/soup-socket.h
|
|
|
ccc523 |
@@ -51,6 +51,7 @@ typedef struct {
|
|
|
ccc523 |
#define SOUP_SOCKET_USE_THREAD_CONTEXT "use-thread-context"
|
|
|
ccc523 |
#define SOUP_SOCKET_TIMEOUT "timeout"
|
|
|
ccc523 |
#define SOUP_SOCKET_TLS_CERTIFICATE "tls-certificate"
|
|
|
ccc523 |
+#define SOUP_SOCKET_TLS_INTERACTION "tls-interaction"
|
|
|
ccc523 |
#define SOUP_SOCKET_TLS_ERRORS "tls-errors"
|
|
|
ccc523 |
|
|
|
ccc523 |
typedef void (*SoupSocketCallback) (SoupSocket *sock,
|
|
|
ccc523 |
--
|
|
|
ccc523 |
1.8.3.1
|
|
|
ccc523 |
|