1 /* GIO - GLib Input, Output and Streaming Library
3 * Copyright © 2010 Red Hat, Inc
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General
16 * Public License along with this library; if not, write to the
17 * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
18 * Boston, MA 02111-1307, USA.
25 #include <gnutls/gnutls.h>
26 #include <gnutls/x509.h>
28 #include "gtlsserverconnection-gnutls.h"
29 #include "gtlscertificate-gnutls.h"
30 #include <glib/gi18n-lib.h>
35 PROP_AUTHENTICATION_MODE
38 static void g_tls_server_connection_gnutls_get_property (GObject *object,
42 static void g_tls_server_connection_gnutls_set_property (GObject *object,
47 static void g_tls_server_connection_gnutls_begin_handshake (GTlsConnectionGnutls *conn);
48 static gboolean g_tls_server_connection_gnutls_verify_peer (GTlsConnectionGnutls *gnutls,
49 GTlsCertificate *peer_certificate,
50 GTlsCertificateFlags *errors);
51 static void g_tls_server_connection_gnutls_finish_handshake (GTlsConnectionGnutls *conn,
52 GError **inout_error);
54 static void g_tls_server_connection_gnutls_server_connection_interface_init (GTlsServerConnectionInterface *iface);
56 static int g_tls_server_connection_gnutls_retrieve_function (gnutls_session_t session,
59 G_DEFINE_TYPE_WITH_CODE (GTlsServerConnectionGnutls, g_tls_server_connection_gnutls, G_TYPE_TLS_CONNECTION_GNUTLS,
60 G_IMPLEMENT_INTERFACE (G_TYPE_TLS_SERVER_CONNECTION,
61 g_tls_server_connection_gnutls_server_connection_interface_init))
63 struct _GTlsServerConnectionGnutlsPrivate
65 GTlsAuthenticationMode authentication_mode;
69 g_tls_server_connection_gnutls_class_init (GTlsServerConnectionGnutlsClass *klass)
71 GObjectClass *gobject_class = G_OBJECT_CLASS (klass);
72 GTlsConnectionGnutlsClass *connection_gnutls_class = G_TLS_CONNECTION_GNUTLS_CLASS (klass);
74 g_type_class_add_private (klass, sizeof (GTlsServerConnectionGnutlsPrivate));
76 gobject_class->get_property = g_tls_server_connection_gnutls_get_property;
77 gobject_class->set_property = g_tls_server_connection_gnutls_set_property;
79 connection_gnutls_class->begin_handshake = g_tls_server_connection_gnutls_begin_handshake;
80 connection_gnutls_class->verify_peer = g_tls_server_connection_gnutls_verify_peer;
81 connection_gnutls_class->finish_handshake = g_tls_server_connection_gnutls_finish_handshake;
83 g_object_class_override_property (gobject_class, PROP_AUTHENTICATION_MODE, "authentication-mode");
87 g_tls_server_connection_gnutls_server_connection_interface_init (GTlsServerConnectionInterface *iface)
92 g_tls_server_connection_gnutls_init (GTlsServerConnectionGnutls *gnutls)
94 gnutls_certificate_credentials_t creds;
96 gnutls->priv = G_TYPE_INSTANCE_GET_PRIVATE (gnutls, G_TYPE_TLS_SERVER_CONNECTION_GNUTLS, GTlsServerConnectionGnutlsPrivate);
98 creds = g_tls_connection_gnutls_get_credentials (G_TLS_CONNECTION_GNUTLS (gnutls));
99 gnutls_certificate_server_set_retrieve_function (creds, g_tls_server_connection_gnutls_retrieve_function);
103 g_tls_server_connection_gnutls_get_property (GObject *object,
108 GTlsServerConnectionGnutls *gnutls = G_TLS_SERVER_CONNECTION_GNUTLS (object);
112 case PROP_AUTHENTICATION_MODE:
113 g_value_set_enum (value, gnutls->priv->authentication_mode);
117 G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
122 g_tls_server_connection_gnutls_set_property (GObject *object,
127 GTlsServerConnectionGnutls *gnutls = G_TLS_SERVER_CONNECTION_GNUTLS (object);
131 case PROP_AUTHENTICATION_MODE:
132 gnutls->priv->authentication_mode = g_value_get_enum (value);
136 G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
141 g_tls_server_connection_gnutls_retrieve_function (gnutls_session_t session,
144 g_tls_connection_gnutls_get_certificate (gnutls_transport_get_ptr (session), st);
149 g_tls_server_connection_gnutls_begin_handshake (GTlsConnectionGnutls *conn)
151 GTlsServerConnectionGnutls *gnutls = G_TLS_SERVER_CONNECTION_GNUTLS (conn);
152 gnutls_session_t session;
153 gnutls_certificate_request_t req_mode;
155 switch (gnutls->priv->authentication_mode)
157 case G_TLS_AUTHENTICATION_REQUESTED:
158 req_mode = GNUTLS_CERT_REQUEST;
160 case G_TLS_AUTHENTICATION_REQUIRED:
161 req_mode = GNUTLS_CERT_REQUIRE;
164 req_mode = GNUTLS_CERT_IGNORE;
168 session = g_tls_connection_gnutls_get_session (conn);
169 gnutls_certificate_server_set_request (session, req_mode);
173 g_tls_server_connection_gnutls_verify_peer (GTlsConnectionGnutls *gnutls,
174 GTlsCertificate *peer_certificate,
175 GTlsCertificateFlags *errors)
177 return g_tls_connection_emit_accept_certificate (G_TLS_CONNECTION (gnutls),
178 peer_certificate, *errors);
182 g_tls_server_connection_gnutls_finish_handshake (GTlsConnectionGnutls *gnutls,
183 GError **inout_error)