* libsoup/soup-misc.h: declare soup_ssl_supported.
* libsoup/soup-gnutls.c: add soup_ssl_supported declaration.
* libsoup/soup-nossl.c: Not an SSL implementation, built if
HAVE_SSL is not defined.
* libsoup/Makefile.am (libsoup_2_2_la_SOURCES): add soup-nossl.c
* libsoup/soup-socket.c (soup_socket_start_ssl): Return success or
failure.
(listen_watch): Deal with soup_socket_start_ssl failing.
* libsoup/soup-connection.c (tunnel_connect_finished,
socket_connect_result, soup_connection_connect_sync): Deal with
the soup_socket_start_ssl failing.
* libsoup/soup-server.c (soup_server_new): Deal with
soup_ssl_get_server_credentials failing
+2003-11-18 Dan Winship <danw@ximian.com>
+
+ * libsoup/soup-misc.h: declare soup_ssl_supported.
+
+ * libsoup/soup-gnutls.c: add soup_ssl_supported declaration.
+
+ * libsoup/soup-nossl.c: Not an SSL implementation, built if
+ HAVE_SSL is not defined.
+
+ * libsoup/Makefile.am (libsoup_2_2_la_SOURCES): add soup-nossl.c
+
+ * libsoup/soup-socket.c (soup_socket_start_ssl): Return success or
+ failure.
+ (listen_watch): Deal with soup_socket_start_ssl failing.
+
+ * libsoup/soup-connection.c (tunnel_connect_finished,
+ socket_connect_result, soup_connection_connect_sync): Deal with
+ the soup_socket_start_ssl failing.
+
+ * libsoup/soup-server.c (soup_server_new): Deal with
+ soup_ssl_get_server_credentials failing
+
2003-11-18 Rodrigo Moya <rodrigo@ximian.com>
* libsoup/soup-soap-message.[ch] (soup_soap_message_start_fault,
soup-message-server-io.c \
soup-method.c \
soup-misc.c \
+ soup-nossl.c \
soup-server.c \
soup-server-auth.c \
soup-server-message.c \
tunnel_connect_finished (SoupMessage *msg, gpointer user_data)
{
SoupConnection *conn = user_data;
+ guint status = msg->status_code;
- if (SOUP_STATUS_IS_SUCCESSFUL (msg->status_code))
- soup_socket_start_ssl (conn->priv->socket);
+ if (SOUP_STATUS_IS_SUCCESSFUL (status)) {
+ if (!soup_socket_start_ssl (conn->priv->socket))
+ status = SOUP_STATUS_SSL_FAILED;
+ }
g_signal_emit (conn, signals[CONNECT_RESULT], 0,
- proxified_status (conn, msg->status_code));
+ proxified_status (conn, status));
g_object_unref (msg);
}
{
SoupConnection *conn = user_data;
- if (!SOUP_STATUS_IS_SUCCESSFUL (status)) {
- g_signal_emit (conn, signals[CONNECT_RESULT], 0,
- proxified_status (conn, status));
- return;
- }
+ if (!SOUP_STATUS_IS_SUCCESSFUL (status))
+ goto done;
- if (conn->priv->conn_uri->protocol == SOUP_PROTOCOL_HTTPS)
- soup_socket_start_ssl (sock);
+ if (conn->priv->conn_uri->protocol == SOUP_PROTOCOL_HTTPS) {
+ if (!soup_socket_start_ssl (sock)) {
+ status = SOUP_STATUS_SSL_FAILED;
+ goto done;
+ }
+ }
/* See if we need to tunnel */
if (conn->priv->proxy_uri && conn->priv->origin_uri) {
return;
}
- g_signal_emit (conn, signals[CONNECT_RESULT], 0, status);
+ done:
+ g_signal_emit (conn, signals[CONNECT_RESULT], 0,
+ proxified_status (conn, status));
}
/**
if (!SOUP_STATUS_IS_SUCCESSFUL (status))
goto fail;
- if (conn->priv->conn_uri->protocol == SOUP_PROTOCOL_HTTPS)
- soup_socket_start_ssl (conn->priv->socket);
+ if (conn->priv->conn_uri->protocol == SOUP_PROTOCOL_HTTPS) {
+ if (!soup_socket_start_ssl (conn->priv->socket)) {
+ status = SOUP_STATUS_SSL_FAILED;
+ goto fail;
+ }
+ }
if (conn->priv->proxy_uri && conn->priv->origin_uri) {
SoupMessage *connect_msg;
#include "soup-ssl.h"
#include "soup-misc.h"
+gboolean soup_ssl_supported = TRUE;
+
#define DH_BITS 1024
typedef struct {
if (type == SOUP_SSL_TYPE_SERVER)
gnutls_dh_set_prime_bits (session, DH_BITS);
- gnutls_transport_set_ptr (session, sockfd);
+ gnutls_transport_set_ptr (session, GINT_TO_POINTER (sockfd));
chan->fd = sockfd;
chan->real_sock = sock;
gboolean soup_str_case_equal (gconstpointer v1,
gconstpointer v2);
+/* SSL support */
+
+extern gboolean soup_ssl_supported;
+
#endif /* SOUP_MISC_H */
--- /dev/null
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
+/*
+ * soup-nossl.c
+ *
+ * Copyright (C) 2003, Ximian, Inc.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#ifndef HAVE_SSL
+
+#include "soup-ssl.h"
+#include "soup-misc.h"
+
+gboolean soup_ssl_supported = FALSE;
+
+GIOChannel *
+soup_ssl_wrap_iochannel (GIOChannel *sock, SoupSSLType type,
+ const char *hostname, gpointer cred_pointer)
+{
+ return NULL;
+}
+
+gpointer
+soup_ssl_get_client_credentials (const char *ca_file)
+{
+ return NULL;
+}
+
+void
+soup_ssl_free_client_credentials (gpointer client_creds)
+{
+ ;
+}
+
+gpointer
+soup_ssl_get_server_credentials (const char *cert_file, const char *key_file)
+{
+ return NULL;
+}
+
+void
+soup_ssl_free_server_credentials (gpointer server_creds)
+{
+ ;
+}
+
+#endif /* ! HAVE_SSL */
server->priv->ssl_creds = soup_ssl_get_server_credentials (
server->priv->ssl_cert_file,
server->priv->ssl_key_file);
+ if (!server->priv->ssl_creds) {
+ g_object_unref (server);
+ return NULL;
+ }
}
server->priv->listen_sock =
new->priv->remote_addr = soup_address_new_from_sockaddr ((struct sockaddr *)&sa, sa_len);
- if (new->priv->ssl_creds)
- soup_socket_start_ssl (new);
- else
+ if (new->priv->ssl_creds) {
+ if (!soup_socket_start_ssl (new)) {
+ g_object_unref (new);
+ return TRUE;
+ }
+ } else
get_iochannel (new);
g_signal_emit (sock, signals[NEW_CONNECTION], 0, new);
* @socket: the socket
*
* Starts using SSL on @socket.
+ *
+ * Return value: success or failure
**/
-void
+gboolean
soup_socket_start_ssl (SoupSocket *sock)
{
- GIOChannel *chan;
+ GIOChannel *ssl_chan;
- chan = get_iochannel (sock);
- sock->priv->iochannel = soup_ssl_wrap_iochannel (
+ get_iochannel (sock);
+ ssl_chan = soup_ssl_wrap_iochannel (
sock->priv->iochannel, sock->priv->is_server ?
SOUP_SSL_TYPE_SERVER : SOUP_SSL_TYPE_CLIENT,
soup_address_get_name (sock->priv->remote_addr),
sock->priv->ssl_creds);
+
+ if (!ssl_chan)
+ return FALSE;
+
+ sock->priv->iochannel = ssl_chan;
+ return TRUE;
}
SoupAddress *rem_addr);
gboolean soup_socket_listen (SoupSocket *sock,
SoupAddress *local_addr);
-void soup_socket_start_ssl (SoupSocket *sock);
+gboolean soup_socket_start_ssl (SoupSocket *sock);
void soup_socket_disconnect (SoupSocket *sock);
gboolean soup_socket_is_connected (SoupSocket *sock);