From 93b29c67671549e46ebe2c6296fdae7a4abe6ffd Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Thu, 1 May 2014 15:08:53 -0400
Subject: [PATCH] Add tls-interaction property to
Soup{Connection,Session,Socket}
This can be used by applications to do client-side certificates via
the new g_tls_interaction_request_certificate(). Will be used by
OSTree at least.
https://bugzilla.gnome.org/show_bug.cgi?id=334021
---
libsoup/soup-connection.c | 17 +++++++++++++++++
libsoup/soup-connection.h | 1 +
libsoup/soup-session.c | 33 +++++++++++++++++++++++++++++++++
libsoup/soup-session.h | 1 +
libsoup/soup-socket.c | 22 ++++++++++++++++++++++
libsoup/soup-socket.h | 1 +
6 files changed, 75 insertions(+)
diff --git a/libsoup/soup-connection.c b/libsoup/soup-connection.c
index fce589f..8b40cb8 100644
--- a/libsoup/soup-connection.c
+++ b/libsoup/soup-connection.c
@@ -20,6 +20,7 @@ typedef struct {
SoupAddress *local_addr;
SoupURI *remote_uri, *proxy_uri;
GProxyResolver *proxy_resolver;
+ GTlsInteraction *tls_interaction;
GTlsDatabase *tlsdb;
gboolean ssl, ssl_strict, ssl_fallback;
@@ -49,6 +50,7 @@ enum {
PROP_0,
PROP_LOCAL_ADDRESS,
+ PROP_TLS_INTERACTION,
PROP_REMOTE_URI,
PROP_PROXY_RESOLVER,
PROP_SSL,
@@ -84,6 +86,7 @@ soup_connection_finalize (GObject *object)
g_clear_pointer (&priv->remote_uri, soup_uri_free);
g_clear_pointer (&priv->proxy_uri, soup_uri_free);
g_clear_object (&priv->tlsdb);
+ g_clear_object (&priv->tls_interaction);
g_clear_object (&priv->proxy_resolver);
g_clear_object (&priv->local_addr);
g_clear_pointer (&priv->async_context, g_main_context_unref);
@@ -117,6 +120,9 @@ soup_connection_set_property (GObject *object, guint prop_id,
case PROP_LOCAL_ADDRESS:
priv->local_addr = g_value_dup_object (value);
break;
+ case PROP_TLS_INTERACTION:
+ priv->tls_interaction = g_value_dup_object (value);
+ break;
case PROP_REMOTE_URI:
priv->remote_uri = g_value_dup_boxed (value);
break;
@@ -170,6 +176,9 @@ soup_connection_get_property (GObject *object, guint prop_id,
case PROP_LOCAL_ADDRESS:
g_value_set_object (value, priv->local_addr);
break;
+ case PROP_TLS_INTERACTION:
+ g_value_set_object (value, priv->tls_interaction);
+ break;
case PROP_REMOTE_URI:
g_value_set_boxed (value, priv->remote_uri);
break;
@@ -248,6 +257,13 @@ soup_connection_class_init (SoupConnectionClass *connection_class)
SOUP_TYPE_ADDRESS,
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
g_object_class_install_property (
+ object_class, PROP_TLS_INTERACTION,
+ g_param_spec_object (SOUP_CONNECTION_TLS_INTERACTION,
+ "TLS interaction",
+ "TLS interaction",
+ G_TYPE_TLS_INTERACTION,
+ G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
+ g_object_class_install_property (
object_class, PROP_REMOTE_URI,
g_param_spec_boxed (SOUP_CONNECTION_REMOTE_URI,
"Remote URI",
@@ -551,6 +567,7 @@ soup_connection_connect_async (SoupConnection *conn,
SOUP_SOCKET_TIMEOUT, priv->io_timeout,
SOUP_SOCKET_CLEAN_DISPOSE, TRUE,
SOUP_SOCKET_LOCAL_ADDRESS, priv->local_addr,
+ SOUP_SOCKET_TLS_INTERACTION, priv->tls_interaction,
NULL);
g_object_unref (remote_addr);
diff --git a/libsoup/soup-connection.h b/libsoup/soup-connection.h
index b70a8a3..3e934af 100644
--- a/libsoup/soup-connection.h
+++ b/libsoup/soup-connection.h
@@ -36,6 +36,7 @@ GType soup_connection_get_type (void);
#define SOUP_CONNECTION_LOCAL_ADDRESS "local-address"
+#define SOUP_CONNECTION_TLS_INTERACTION "tls-interaction"
#define SOUP_CONNECTION_REMOTE_URI "remote-uri"
#define SOUP_CONNECTION_PROXY_RESOLVER "proxy-resolver"
#define SOUP_CONNECTION_SSL "ssl"
diff --git a/libsoup/soup-session.c b/libsoup/soup-session.c
index 132554d..0984a9f 100644
--- a/libsoup/soup-session.c
+++ b/libsoup/soup-session.c
@@ -86,6 +86,7 @@ typedef struct {
gboolean disposed;
GTlsDatabase *tlsdb;
+ GTlsDatabase *tls_interaction;
char *ssl_ca_file;
gboolean ssl_strict;
gboolean tlsdb_use_default;
@@ -197,6 +198,7 @@ enum {
PROP_HTTP_ALIASES,
PROP_HTTPS_ALIASES,
PROP_LOCAL_ADDRESS,
+ PROP_TLS_INTERACTION,
LAST_PROP
};
@@ -334,6 +336,7 @@ soup_session_finalize (GObject *object)
g_free (priv->accept_language);
g_clear_object (&priv->tlsdb);
+ g_clear_object (&priv->tls_interaction);
g_free (priv->ssl_ca_file);
g_clear_pointer (&priv->async_context, g_main_context_unref);
@@ -640,6 +643,9 @@ soup_session_set_property (GObject *object, guint prop_id,
case PROP_TLS_DATABASE:
set_tlsdb (session, g_value_get_object (value));
break;
+ case PROP_TLS_INTERACTION:
+ priv->tls_interaction = g_value_dup_object (value);
+ break;
case PROP_SSL_STRICT:
priv->ssl_strict = g_value_get_boolean (value);
break;
@@ -788,6 +794,9 @@ soup_session_get_property (GObject *object, guint prop_id,
case PROP_TLS_DATABASE:
g_value_set_object (value, get_tls_database (session));
break;
+ case PROP_TLS_INTERACTION:
+ g_value_set_object (value, priv->tls_interaction);
+ break;
case PROP_SSL_STRICT:
g_value_set_boolean (value, priv->ssl_strict);
break;
@@ -1783,6 +1792,7 @@ get_connection_for_host (SoupSession *session,
SOUP_CONNECTION_IDLE_TIMEOUT, priv->idle_timeout,
SOUP_CONNECTION_SSL_FALLBACK, host->ssl_fallback,
SOUP_CONNECTION_LOCAL_ADDRESS, priv->local_addr,
+ SOUP_CONNECTION_TLS_INTERACTION, priv->tls_interaction,
NULL);
g_signal_connect (conn, "disconnected",
G_CALLBACK (connection_disconnected),
@@ -3711,6 +3721,25 @@ soup_session_class_init (SoupSessionClass *session_class)
"Address of local end of socket",
SOUP_TYPE_ADDRESS,
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
+
+ /**
+ * SOUP_SESSION_TLS_INTERACTION:
+ *
+ * Alias for the #SoupSession:tls-interaction property, qv.
+ **/
+ /**
+ * SoupSession:tls-interaction:
+ *
+ * Set this property to allow interacting with the underlying
+ * #GTlsConnection.
+ **/
+ g_object_class_install_property (
+ object_class, PROP_TLS_INTERACTION,
+ g_param_spec_object (SOUP_SESSION_TLS_INTERACTION,
+ "TLS Interaction",
+ "TLS interaction to use",
+ G_TYPE_TLS_INTERACTION,
+ G_PARAM_READWRITE));
}
diff --git a/libsoup/soup-session.h b/libsoup/soup-session.h
index 67a59ea..eed392d 100644
--- a/libsoup/soup-session.h
+++ b/libsoup/soup-session.h
@@ -70,6 +70,7 @@ GType soup_session_get_type (void);
#define SOUP_SESSION_SSL_USE_SYSTEM_CA_FILE "ssl-use-system-ca-file"
#define SOUP_SESSION_TLS_DATABASE "tls-database"
#define SOUP_SESSION_SSL_STRICT "ssl-strict"
+#define SOUP_SESSION_TLS_INTERACTION "tls-interaction"
#define SOUP_SESSION_ASYNC_CONTEXT "async-context"
#define SOUP_SESSION_USE_THREAD_CONTEXT "use-thread-context"
#define SOUP_SESSION_TIMEOUT "timeout"
diff --git a/libsoup/soup-socket.c b/libsoup/soup-socket.c
index b9f1dfc..f3c24db 100644
--- a/libsoup/soup-socket.c
+++ b/libsoup/soup-socket.c
@@ -59,6 +59,7 @@ enum {
PROP_CLEAN_DISPOSE,
PROP_TLS_CERTIFICATE,
PROP_TLS_ERRORS,
+ PROP_TLS_INTERACTION,
PROP_PROXY_RESOLVER,
LAST_PROP
@@ -71,6 +72,7 @@ typedef struct {
GInputStream *istream;
GOutputStream *ostream;
GTlsCertificateFlags tls_errors;
+ GTlsInteraction *tls_interaction;
GProxyResolver *proxy_resolver;
guint non_blocking:1;
@@ -150,6 +152,7 @@ soup_socket_finalize (GObject *object)
g_clear_object (&priv->local_addr);
g_clear_object (&priv->remote_addr);
+ g_clear_object (&priv->tls_interaction);
g_clear_object (&priv->proxy_resolver);
if (priv->watch_src) {
@@ -210,6 +213,9 @@ soup_socket_set_property (GObject *object, guint prop_id,
case PROP_SSL_FALLBACK:
priv->ssl_fallback = g_value_get_boolean (value);
break;
+ case PROP_TLS_INTERACTION:
+ priv->tls_interaction = g_value_dup_object (value);
+ break;
case PROP_ASYNC_CONTEXT:
priv->async_context = g_value_get_pointer (value);
if (priv->async_context)
@@ -263,6 +269,9 @@ soup_socket_get_property (GObject *object, guint prop_id,
case PROP_SSL_FALLBACK:
g_value_set_boolean (value, priv->ssl_fallback);
break;
+ case PROP_TLS_INTERACTION:
+ g_value_set_object (value, priv->tls_interaction);
+ break;
case PROP_TRUSTED_CERTIFICATE:
g_value_set_boolean (value, priv->tls_errors == 0);
break;
@@ -517,6 +526,18 @@ soup_socket_class_init (SoupSocketClass *socket_class)
FALSE,
G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
/**
+ * SOUP_SOCKET_TLS_INTERACTION:
+ *
+ * Alias for the #SoupSocket:tls-interaction property.
+ **/
+ g_object_class_install_property (
+ object_class, PROP_TLS_INTERACTION,
+ g_param_spec_object (SOUP_SOCKET_TLS_INTERACTION,
+ "TLS Interaction",
+ "TLS Interaction",
+ G_TYPE_TLS_INTERACTION,
+ G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY));
+ /**
* SOUP_SOCKET_TRUSTED_CERTIFICATE:
*
* Alias for the #SoupSocket:trusted-certificate
@@ -1134,6 +1155,7 @@ soup_socket_setup_ssl (SoupSocket *sock,
"database", priv->ssl_creds,
"require-close-notify", FALSE,
"use-ssl3", priv->ssl_fallback,
+ "interaction", priv->tls_interaction,
NULL);
g_object_unref (identity);
diff --git a/libsoup/soup-socket.h b/libsoup/soup-socket.h
index 5c1264f..6d9ee61 100644
--- a/libsoup/soup-socket.h
+++ b/libsoup/soup-socket.h
@@ -51,6 +51,7 @@ typedef struct {
#define SOUP_SOCKET_USE_THREAD_CONTEXT "use-thread-context"
#define SOUP_SOCKET_TIMEOUT "timeout"
#define SOUP_SOCKET_TLS_CERTIFICATE "tls-certificate"
+#define SOUP_SOCKET_TLS_INTERACTION "tls-interaction"
#define SOUP_SOCKET_TLS_ERRORS "tls-errors"
typedef void (*SoupSocketCallback) (SoupSocket *sock,
--
1.8.3.1