Blob Blame History Raw
From 93b29c67671549e46ebe2c6296fdae7a4abe6ffd Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Thu, 1 May 2014 15:08:53 -0400
Subject: [PATCH] Add tls-interaction property to
 Soup{Connection,Session,Socket}

This can be used by applications to do client-side certificates via
the new g_tls_interaction_request_certificate().  Will be used by
OSTree at least.

https://bugzilla.gnome.org/show_bug.cgi?id=334021
---
 libsoup/soup-connection.c | 17 +++++++++++++++++
 libsoup/soup-connection.h |  1 +
 libsoup/soup-session.c    | 33 +++++++++++++++++++++++++++++++++
 libsoup/soup-session.h    |  1 +
 libsoup/soup-socket.c     | 22 ++++++++++++++++++++++
 libsoup/soup-socket.h     |  1 +
 6 files changed, 75 insertions(+)

diff --git a/libsoup/soup-connection.c b/libsoup/soup-connection.c
index fce589f..8b40cb8 100644
--- a/libsoup/soup-connection.c
+++ b/libsoup/soup-connection.c
@@ -20,6 +20,7 @@ typedef struct {
 	SoupAddress *local_addr;
 	SoupURI *remote_uri, *proxy_uri;
 	GProxyResolver *proxy_resolver;
+	GTlsInteraction *tls_interaction;
 	GTlsDatabase *tlsdb;
 	gboolean ssl, ssl_strict, ssl_fallback;
 
@@ -49,6 +50,7 @@ enum {
 	PROP_0,
 
 	PROP_LOCAL_ADDRESS,
+	PROP_TLS_INTERACTION,
 	PROP_REMOTE_URI,
 	PROP_PROXY_RESOLVER,
 	PROP_SSL,
@@ -84,6 +86,7 @@ soup_connection_finalize (GObject *object)
 	g_clear_pointer (&priv->remote_uri, soup_uri_free);
 	g_clear_pointer (&priv->proxy_uri, soup_uri_free);
 	g_clear_object (&priv->tlsdb);
+	g_clear_object (&priv->tls_interaction);
 	g_clear_object (&priv->proxy_resolver);
 	g_clear_object (&priv->local_addr);
 	g_clear_pointer (&priv->async_context, g_main_context_unref);
@@ -117,6 +120,9 @@ soup_connection_set_property (GObject *object, guint prop_id,
 	case PROP_LOCAL_ADDRESS:
 		priv->local_addr = g_value_dup_object (value);
 		break;
+	case PROP_TLS_INTERACTION:
+		priv->tls_interaction = g_value_dup_object (value);
+		break;
 	case PROP_REMOTE_URI:
 		priv->remote_uri = g_value_dup_boxed (value);
 		break;
@@ -170,6 +176,9 @@ soup_connection_get_property (GObject *object, guint prop_id,
 	case PROP_LOCAL_ADDRESS:
 		g_value_set_object (value, priv->local_addr);
 		break;
+	case PROP_TLS_INTERACTION:
+		g_value_set_object (value, priv->tls_interaction);
+		break;
 	case PROP_REMOTE_URI:
 		g_value_set_boxed (value, priv->remote_uri);
 		break;
@@ -248,6 +257,13 @@ soup_connection_class_init (SoupConnectionClass *connection_class)
 				     SOUP_TYPE_ADDRESS,
 				     G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
 	g_object_class_install_property (
+		object_class, PROP_TLS_INTERACTION,
+		g_param_spec_object (SOUP_CONNECTION_TLS_INTERACTION,
+				     "TLS interaction",
+				     "TLS interaction",
+				     G_TYPE_TLS_INTERACTION,
+				     G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
+	g_object_class_install_property (
 		object_class, PROP_REMOTE_URI,
 		g_param_spec_boxed (SOUP_CONNECTION_REMOTE_URI,
 				    "Remote URI",
@@ -551,6 +567,7 @@ soup_connection_connect_async (SoupConnection      *conn,
 				 SOUP_SOCKET_TIMEOUT, priv->io_timeout,
 				 SOUP_SOCKET_CLEAN_DISPOSE, TRUE,
 				 SOUP_SOCKET_LOCAL_ADDRESS, priv->local_addr,
+				 SOUP_SOCKET_TLS_INTERACTION, priv->tls_interaction,
 				 NULL);
 	g_object_unref (remote_addr);
 
diff --git a/libsoup/soup-connection.h b/libsoup/soup-connection.h
index b70a8a3..3e934af 100644
--- a/libsoup/soup-connection.h
+++ b/libsoup/soup-connection.h
@@ -36,6 +36,7 @@ GType soup_connection_get_type (void);
 
 
 #define SOUP_CONNECTION_LOCAL_ADDRESS   "local-address"
+#define SOUP_CONNECTION_TLS_INTERACTION "tls-interaction"
 #define SOUP_CONNECTION_REMOTE_URI      "remote-uri"
 #define SOUP_CONNECTION_PROXY_RESOLVER  "proxy-resolver"
 #define SOUP_CONNECTION_SSL             "ssl"
diff --git a/libsoup/soup-session.c b/libsoup/soup-session.c
index 132554d..0984a9f 100644
--- a/libsoup/soup-session.c
+++ b/libsoup/soup-session.c
@@ -86,6 +86,7 @@ typedef struct {
 	gboolean disposed;
 
 	GTlsDatabase *tlsdb;
+	GTlsDatabase *tls_interaction;
 	char *ssl_ca_file;
 	gboolean ssl_strict;
 	gboolean tlsdb_use_default;
@@ -197,6 +198,7 @@ enum {
 	PROP_HTTP_ALIASES,
 	PROP_HTTPS_ALIASES,
 	PROP_LOCAL_ADDRESS,
+	PROP_TLS_INTERACTION,
 
 	LAST_PROP
 };
@@ -334,6 +336,7 @@ soup_session_finalize (GObject *object)
 	g_free (priv->accept_language);
 
 	g_clear_object (&priv->tlsdb);
+	g_clear_object (&priv->tls_interaction);
 	g_free (priv->ssl_ca_file);
 
 	g_clear_pointer (&priv->async_context, g_main_context_unref);
@@ -640,6 +643,9 @@ soup_session_set_property (GObject *object, guint prop_id,
 	case PROP_TLS_DATABASE:
 		set_tlsdb (session, g_value_get_object (value));
 		break;
+	case PROP_TLS_INTERACTION:
+		priv->tls_interaction = g_value_dup_object (value);
+		break;
 	case PROP_SSL_STRICT:
 		priv->ssl_strict = g_value_get_boolean (value);
 		break;
@@ -788,6 +794,9 @@ soup_session_get_property (GObject *object, guint prop_id,
 	case PROP_TLS_DATABASE:
 		g_value_set_object (value, get_tls_database (session));
 		break;
+	case PROP_TLS_INTERACTION:
+		g_value_set_object (value, priv->tls_interaction);
+		break;
 	case PROP_SSL_STRICT:
 		g_value_set_boolean (value, priv->ssl_strict);
 		break;
@@ -1783,6 +1792,7 @@ get_connection_for_host (SoupSession *session,
 		SOUP_CONNECTION_IDLE_TIMEOUT, priv->idle_timeout,
 		SOUP_CONNECTION_SSL_FALLBACK, host->ssl_fallback,
 		SOUP_CONNECTION_LOCAL_ADDRESS, priv->local_addr,
+		SOUP_CONNECTION_TLS_INTERACTION, priv->tls_interaction,
 		NULL);
 	g_signal_connect (conn, "disconnected",
 			  G_CALLBACK (connection_disconnected),
@@ -3711,6 +3721,29 @@ soup_session_class_init (SoupSessionClass *session_class)
 				     "Address of local end of socket",
 				     SOUP_TYPE_ADDRESS,
 				     G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
+
+	/**
+	 * SOUP_SESSION_TLS_INTERACTION:
+	 *
+	 * Alias for the #SoupSession:tls-interaction property, qv.
+	 *
+	 * Since: 2.42
+	 **/
+	/**
+	 * SoupSession:tls-interaction:
+	 *
+	 * Set this property to allow interacting with the underlying
+	 * #GTlsConnection.
+	 *
+	 * Since: 2.42
+	 **/
+	g_object_class_install_property (
+		object_class, PROP_TLS_INTERACTION,
+		g_param_spec_object (SOUP_SESSION_TLS_INTERACTION,
+				     "TLS Interaction",
+				     "TLS interaction to use",
+				     G_TYPE_TLS_INTERACTION,
+				     G_PARAM_READWRITE));
 }
 
 
diff --git a/libsoup/soup-session.h b/libsoup/soup-session.h
index 67a59ea..eed392d 100644
--- a/libsoup/soup-session.h
+++ b/libsoup/soup-session.h
@@ -70,6 +70,7 @@ GType soup_session_get_type (void);
 #define SOUP_SESSION_SSL_USE_SYSTEM_CA_FILE "ssl-use-system-ca-file"
 #define SOUP_SESSION_TLS_DATABASE           "tls-database"
 #define SOUP_SESSION_SSL_STRICT             "ssl-strict"
+#define SOUP_SESSION_TLS_INTERACTION        "tls-interaction"
 #define SOUP_SESSION_ASYNC_CONTEXT          "async-context"
 #define SOUP_SESSION_USE_THREAD_CONTEXT     "use-thread-context"
 #define SOUP_SESSION_TIMEOUT                "timeout"
diff --git a/libsoup/soup-socket.c b/libsoup/soup-socket.c
index b9f1dfc..f3c24db 100644
--- a/libsoup/soup-socket.c
+++ b/libsoup/soup-socket.c
@@ -59,6 +59,7 @@ enum {
 	PROP_CLEAN_DISPOSE,
 	PROP_TLS_CERTIFICATE,
 	PROP_TLS_ERRORS,
+	PROP_TLS_INTERACTION,
 	PROP_PROXY_RESOLVER,
 
 	LAST_PROP
@@ -71,6 +72,7 @@ typedef struct {
 	GInputStream *istream;
 	GOutputStream *ostream;
 	GTlsCertificateFlags tls_errors;
+	GTlsInteraction *tls_interaction;
 	GProxyResolver *proxy_resolver;
 
 	guint non_blocking:1;
@@ -150,6 +152,7 @@ soup_socket_finalize (GObject *object)
 	g_clear_object (&priv->local_addr);
 	g_clear_object (&priv->remote_addr);
 
+	g_clear_object (&priv->tls_interaction);
 	g_clear_object (&priv->proxy_resolver);
 
 	if (priv->watch_src) {
@@ -210,6 +213,9 @@ soup_socket_set_property (GObject *object, guint prop_id,
 	case PROP_SSL_FALLBACK:
 		priv->ssl_fallback = g_value_get_boolean (value);
 		break;
+	case PROP_TLS_INTERACTION:
+		priv->tls_interaction = g_value_dup_object (value);
+		break;
 	case PROP_ASYNC_CONTEXT:
 		priv->async_context = g_value_get_pointer (value);
 		if (priv->async_context)
@@ -263,6 +269,9 @@ soup_socket_get_property (GObject *object, guint prop_id,
 	case PROP_SSL_FALLBACK:
 		g_value_set_boolean (value, priv->ssl_fallback);
 		break;
+	case PROP_TLS_INTERACTION:
+		g_value_set_object (value, priv->tls_interaction);
+		break;
 	case PROP_TRUSTED_CERTIFICATE:
 		g_value_set_boolean (value, priv->tls_errors == 0);
 		break;
@@ -517,6 +526,18 @@ soup_socket_class_init (SoupSocketClass *socket_class)
 				      FALSE,
 				      G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
 	/**
+	 * SOUP_SOCKET_TLS_INTERACTION:
+	 *
+	 * Alias for the #SoupSocket:tls-interaction property.
+	 **/
+	g_object_class_install_property (
+		object_class, PROP_TLS_INTERACTION,
+		g_param_spec_object (SOUP_SOCKET_TLS_INTERACTION,
+				     "TLS Interaction",
+				     "TLS Interaction",
+				     G_TYPE_TLS_INTERACTION,
+				     G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
+	/**
 	 * SOUP_SOCKET_TRUSTED_CERTIFICATE:
 	 *
 	 * Alias for the #SoupSocket:trusted-certificate
@@ -1134,6 +1155,7 @@ soup_socket_setup_ssl (SoupSocket    *sock,
 				       "database", priv->ssl_creds,
 				       "require-close-notify", FALSE,
 				       "use-ssl3", priv->ssl_fallback,
+				       "interaction", priv->tls_interaction,
 				       NULL);
 		g_object_unref (identity);
 
diff --git a/libsoup/soup-socket.h b/libsoup/soup-socket.h
index 5c1264f..6d9ee61 100644
--- a/libsoup/soup-socket.h
+++ b/libsoup/soup-socket.h
@@ -51,6 +51,7 @@ typedef struct {
 #define SOUP_SOCKET_USE_THREAD_CONTEXT  "use-thread-context"
 #define SOUP_SOCKET_TIMEOUT             "timeout"
 #define SOUP_SOCKET_TLS_CERTIFICATE     "tls-certificate"
+#define SOUP_SOCKET_TLS_INTERACTION     "tls-interaction"
 #define SOUP_SOCKET_TLS_ERRORS          "tls-errors"
 
 typedef void (*SoupSocketCallback)            (SoupSocket         *sock,
-- 
1.8.3.1