config.status
config.sub
configure
+libsoup-2.2.pc
libtool
ltconfig
ltmain.sh
Makefile
Makefile.in
-soup-2.0.pc
stamp-h*
stamp.h
stamp-h.in
+2003-08-12 Dan Winship <danw@ximian.com>
+
+ * configure.in: Bump API version to 2.2 and package version to
+ 2.1.0. Remove NSS and OpenSSL checks and proxy-related config. Use
+ libgnutls-config to find GNUTLS.
+
+ * libsoup-2.2.pc.in: Update, and rename from soup-2.0.pc
+
+ * libsoup/Makefile.am: s/2.0/2.2/ everywhere. Remove NSS, OpenSSL,
+ and libsoup-ssl-proxy stuff.
+
+ * libsoup/soup-ssl-proxy.c
+ * libsoup/soup-nss.[ch]
+ * libsoup/soup-openssl.[ch]: gone
+
+ * libsoup/soup-ssl.c: remove NSS and OpenSSL bits
+
+ * tests/Makefile.am (get_LDADD, timeserver_LDADD,
+ auth_test_LDADD): Update libsoup version
+
2003-08-07 Dan Winship <danw@ximian.com>
* libsoup/soup-auth.c (soup_auth_lookup, soup_auth_set_context,
dnl *** Initialize automake and set version ***
dnl *******************************************
-AC_INIT(libsoup/soup.h)
+AC_PREREQ(2.53)
+AC_INIT(libsoup, 2.1.0)
+AC_CONFIG_SRCDIR(libsoup-2.2.pc.in)
+AM_INIT_AUTOMAKE(AC_PACKAGE_NAME, AC_PACKAGE_VERSION)
-AM_INIT_AUTOMAKE(libsoup, 1.99.25)
AM_CONFIG_HEADER(config.h)
AM_MAINTAINER_MODE
AC_PROG_MAKE_SET
+SOUP_API_VERSION=2.2
+AC_SUBST(SOUP_API_VERSION)
+
# Increment on interface addition. Reset on removal.
SOUP_AGE=0
;;
esac
-dnl ************************************************************
-dnl *** SSL Library checks (GnuTLS, Mozilla NSS, or OpenSSL) ***
-dnl ************************************************************
+dnl **********************************
+dnl *** SSL Library check (GnuTLS) ***
+dnl **********************************
AC_ARG_ENABLE(ssl,
[ --enable-ssl Turn on Secure Sockets Layer support [default=yes]],,
enable_ssl=yes)
-dnl NSS AC_ARG_WITH(nspr-includes,
-dnl NSS [ --with-nspr-includes Specify location of Netscape Portable Runtime headers],
-dnl NSS [nspr_inc_prefix=-I$withval])
-dnl NSS
-dnl NSS AC_ARG_WITH(nspr-libs,
-dnl NSS [ --with-nspr-libs Specify location of Netscape Portable Runtime libs],
-dnl NSS [nspr_prefix=$withval],
-dnl NSS [nspr_prefix=$libdir])
-dnl NSS
-dnl NSS AC_ARG_WITH(nss-includes,
-dnl NSS [ --with-nss-includes Specify location of NSS header files],
-dnl NSS [nss_inc_prefix=-I$withval])
-dnl NSS
-dnl NSS AC_ARG_WITH(nss-libs,
-dnl NSS [ --with-nss-libs Specify location of NSS libs],
-dnl NSS [nss_prefix=$withval],
-dnl NSS [nss_prefix=$libdir])
-
-
-AC_ARG_WITH(openssl-includes,
- [ --with-openssl-includes Specify location of OpenSSL header files],
- [openssl_inc_prefix=-I$withval])
-
-AC_ARG_WITH(openssl-libs,
- [ --with-openssl-libs Specify location of OpenSSL libs],
- [openssl_prefix=$withval],
- [openssl_prefix=$libdir])
-
-AC_ARG_WITH(gnutls-includes,
- [ --with-gnutls-includes Specify location of GnuTLS header files],
- [gnutls_inc_prefix=-I$withval])
-
-AC_ARG_WITH(gnutls-libs,
- [ --with-gnutls-libs Specify location of GnuTLS libs],
- [gnutls_prefix=$withval],
- [gnutls_prefix=$libdir])
-
-###
-### Allow for a custom SSL proxy name
-###
-SSL_PROXY_NAME=libsoup-ssl-proxy
-AC_ARG_WITH(ssl-proxy-name,
- [ --with-ssl-proxy-name Custom name for ssl proxy executable [default=libsoup-ssl-proxy]],
- [SSL_PROXY_NAME=$withval],
- [SSL_PROXY_NAME=libsoup-ssl-proxy])
-
-AC_DEFINE_UNQUOTED(SSL_PROXY_NAME, "${SSL_PROXY_NAME}",
- [The name to use for the SSL proxy binary. Defaults to libsoup-ssl-proxy])
-AC_SUBST(SSL_PROXY_NAME)
-
-###
-### Try to link statically with the SSL library
-###
AC_ARG_ENABLE(ssl-link-static,
[ --enable-static-ssl Link with SSL library statically [default=no]],
[enable_static_ssl=yes])
-enable_gnutls="no"
-enable_openssl="no"
-dnl NSS enable_nss="no"
-
-if test "x$enable_ssl" = xyes; then
- found_ssl=
-
- ###
- ### Check for GnuTLS
- ###
- save_CPPFLAGS=$CPPFLAGS
- CPPFLAGS="$CPPFLAGS $gnutls_inc_prefix"
- AC_CHECK_HEADERS(gnutls/gnutls.h,
- [enable_gnutls="yes"],
- [enable_gnutls="no"; break])
-
- if test "x$enable_gnutls" = xyes; then
- if test "x$enable_static_ssl" = "xyes"; then
- GNUTLS_LIBS="$gnutls_prefix/libgnutls.a $gnutls_prefix/libgcrypt.a"
- else
- GNUTLS_LIBS="-L$gnutls_prefix -lgnutls -lgcrypt"
- fi
- GNUTLS_CFLAGS=$CPPFLAGS
- AC_DEFINE(HAVE_GNUTLS, 1,
- [Defined if you are using GnuTLS for SSL support])
- found_ssl=yes
- else
- GNUTLS_LIBS=
- GNUTLS_CFLAGS=
- fi
+case $enable_ssl in
+yes)
+ AC_PATH_PROG(LIBGNUTLS_CONFIG, libgnutls-config, no)
+ case $LIBGNUTLS_CONFIG in
+ no)
+ AC_MSG_WARN(Disabling SSL support)
+ enable_ssl=no
+ break 2
+ ;;
+ esac
+
+ GNUTLS_CFLAGS=`$LIBGNUTLS_CONFIG --cflags | sed -e 's:-I/usr/include::'`
+ GNUTLS_LIBS=`$LIBGNUTLS_CONFIG --libs | sed -e 's:-L/usr/lib *::'`
+
+ save_CPPFLAGS="$CPPFLAGS"
+ CPPFLAGS="$CPPFLAGS $GNUTLS_CFLAGS"
+ AC_CHECK_HEADERS(gnutls/gnutls.h,,
+ [AC_MSG_WARN(Disabling SSL support)
+ enable_ssl=no
+ break])
+ CPPFLAGS="$save_CPPFLAGS"
+
+ case $enable_static_ssl in
+ yes)
+ gnutls_libdir=`$LIBGNUTLS_CONFIG --exec-prefix`/lib
+ GNUTLS_LIBS="$gnutls_libdir/libgnutls.a $gnutls_libdir/libgcrypt.a"
+ ;;
+ esac
+
+ AC_DEFINE(HAVE_SSL, 1, [Defined if you have SSL support])
+ ;;
+esac
- AC_SUBST(GNUTLS_CFLAGS)
- AC_SUBST(GNUTLS_LIBS)
- CPPFLAGS=$save_CPPFLAGS
-
- AM_CONDITIONAL(BUILD_PROXY, false)
-
- ###
- ### Check for OpenSSL
- ###
- if test "x$found_ssl" != "xyes"; then
- PKG_CHECK_MODULES(OPENSSL, openssl, enable_openssl=yes, [
- save_CPPFLAGS=$CPPFLAGS
- CPPFLAGS="$CPPFLAGS $openssl_inc_prefix"
- AC_CHECK_LIB(dl, dlopen, DL_LDFLAGS="-ldl", DL_LDFLAGS="")
- AC_CHECK_HEADERS(openssl/ssl.h openssl/err.h,
- [enable_openssl="yes"],
- [enable_openssl="no"; break])
-
- if test "x$enable_openssl" = xyes; then
- if test "x$enable_static_ssl" = "xyes"; then
- OPENSSL_LIBS="$openssl_prefix/libssl.a $openssl_prefix/libcrypto.a"
- else
- OPENSSL_LIBS="-L$openssl_prefix -lssl -lcrypto $DL_LDFLAGS"
- fi
- OPENSSL_CFLAGS=$CPPFLAGS
- else
- OPENSSL_LIBS=
- OPENSSL_CFLAGS=
- fi
- CPPFLAGS=$save_CPPFLAGS
- ])
-
- if test "x$enable_openssl" = xyes; then
- AC_DEFINE(HAVE_OPENSSL, 1,
- [Defined if you are using OpenSSL for SSL support])
- found_ssl=yes
- AM_CONDITIONAL(BUILD_PROXY, true)
- fi
-
- AC_SUBST(OPENSSL_CFLAGS)
- AC_SUBST(OPENSSL_LIBS)
- fi
-
-dnl NSS ###
-dnl NSS ### Check for Mozilla NSS
-dnl NSS ###
-dnl NSS if test "x$found_ssl" != "xyes"; then
-dnl NSS save_CPPFLAGS=$CPPFLAGS
-dnl NSS CPPFLAGS="$CPPFLAGS $nspr_inc_prefix $nss_inc_prefix"
-dnl NSS AC_CHECK_HEADERS(nss.h ssl.h pk11func.h,
-dnl NSS [enable_nss="yes"],
-dnl NSS [enable_nss="no"; break])
-dnl NSS
-dnl NSS if test "x$enable_nss" = xyes; then
-dnl NSS if test "x$enable_static_ssl" = "xyes"; then
-dnl NSS NSS_LIBS="-lpthread $nspr_prefix/libnspr4.a $nspr_prefix/libplc4.a $nspr_prefix/libplds4.a $nss_prefix/libnssb.a"
-dnl NSS else
-dnl NSS NSS_LIBS="-lpthread -L$nspr_prefix -lnspr4 -lplc4 -lplds4 $nss_prefix -lnss3 -lssl3"
-dnl NSS fi
-dnl NSS NSS_CFLAGS=$CPPFLAGS
-dnl NSS AC_DEFINE(HAVE_NSS, 1,
-dnl NSS [Defined if you are using Mozilla NSS for SSL support])
-dnl NSS found_ssl=yes
-dnl NSS else
-dnl NSS NSS_LIBS=
-dnl NSS NSS_CFLAGS=
-dnl NSS fi
-dnl NSS
-dnl NSS AC_SUBST(NSS_CFLAGS)
-dnl NSS AC_SUBST(NSS_LIBS)
-dnl NSS CPPFLAGS=$save_CPPFLAGS
-dnl NSS fi
-fi
+AC_SUBST(GNUTLS_CFLAGS)
+AC_SUBST(GNUTLS_LIBS)
dnl *********************************************
-Wmissing-prototypes -Wnested-externs -Wpointer-arith"
fi
-# Use reentrant functions
+# Use reentrant functions (FIXME!)
CFLAGS="$CFLAGS -D_REENTRANT"
-dnl *****************************
-dnl *** link proxy statically ***
-dnl *****************************
-AC_ARG_ENABLE(static-proxy,
- [ --enable-static-proxy Build ${SSL_PROXY_NAME} statically ])
-
-if test x"$enable_static_proxy" = xyes; then
- LINK_STATIC="-Wl,-Bstatic"
- LINK_DYNAMIC="-Wl,-Bdynamic"
- FORCE_SHLIBS="dl resolv rt nsl"
- for lib in $FORCE_SHLIBS; do
- OPENSSL_LIBS=`echo $OPENSSL_LIBS | sed "s/-l$lib/-Wl,-Bdynamic -l$lib -Wl,-Bstatic/"`
- GMODULE_LIBS=`echo $GMODULE_LIBS | sed "s/-l$lib/-Wl,-Bdynamic -l$lib -Wl,-Bstatic/"`
- done
-else
- LINK_STATIC=
- LINK_DYNAMIC=
-fi
-
-AC_SUBST(LINK_STATIC)
-AC_SUBST(LINK_DYNAMIC)
-
dnl *************************
dnl *** Output Everything ***
dnl *************************
AC_OUTPUT([
- soup-2.0.pc
+ libsoup-2.2.pc
Makefile
libsoup/Makefile
tests/Makefile
Compiler: ${CC}
Build flags: ${CFLAGS} ${SOUP_DEBUG_FLAGS}
- GnuTLS support: ${enable_gnutls}
- OpenSSL support: ${enable_openssl}
- Static SSL Proxy: ${enable_static_proxy:-no}
- SSL Proxy Name: ${SSL_PROXY_NAME}
-
+ SSL support: ${enable_ssl}
"
exec_prefix=@exec_prefix@
libdir=@libdir@
includedir=@includedir@
+SOUP_API_VERSION=@SOUP_API_VERSION@
Name: libsoup
Description: a glib-based HTTP library
Version: @VERSION@
Requires: glib-2.0
-Libs: -L${libdir} -lsoup-2.0 @GNUTLS_LIBS@
-Cflags: -I${includedir}/soup-2.0
+Libs: -L${libdir} -lsoup-${SOUP_API_VERSION} @GNUTLS_LIBS@
+Cflags: -I${includedir}/libsoup-${SOUP_API_VERSION}
-I$(top_srcdir) \
$(SOUP_DEBUG_FLAGS) \
$(GLIB_CFLAGS) \
- $(GNUTLS_CFLAGS) \
- $(OPENSSL_CFLAGS)
+ $(GNUTLS_CFLAGS)
-EXTRA_DIST = \
- soup-openssl.c \
- soup-openssl.h \
- soup-ssl-proxy.c
-
-libsoupincludedir = $(includedir)/soup-2.0/libsoup
+libsoupincludedir = $(includedir)/libsoup-2.2/libsoup
libsoupinclude_HEADERS = \
soup.h \
soup-socket.h \
soup-uri.h
-lib_LTLIBRARIES = libsoup-2.0.la
+lib_LTLIBRARIES = libsoup-2.2.la
-libsoup_2_0_la_LDFLAGS = \
+libsoup_2_2_la_LDFLAGS = \
-version-info $(SOUP_CURRENT):$(SOUP_REVISION):$(SOUP_AGE)
-libsoup_2_0_la_LIBADD = \
+libsoup_2_2_la_LIBADD = \
$(GLIB_LIBS) \
$(GNUTLS_LIBS)
-libsoup_2_0_la_SOURCES = \
+libsoup_2_2_la_SOURCES = \
md5-utils.h \
md5-utils.c \
soup-address.c \
soup-transfer.h \
soup-transfer.c \
soup-uri.c
-
-if BUILD_PROXY
-noinst_PROGRAMS = libsoup-ssl-proxy
-
-# workaround for libtool flag re-ordering
-libsoup-ssl-proxy$(EXEEXT): $(libsoup_ssl_proxy_OBJECTS) $(libsoup_ssl_proxy_DEPENDENCIES)
- @rm -f libsoup-ssl-proxy$(EXEEXT)
- $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ $(libsoup_ssl_proxy_LDFLAGS) $(libsoup_ssl_proxy_OBJECTS) $(libsoup_ssl_proxy_LDADD) $(LIBS)
-
-libsoup_ssl_proxy_LDADD = \
- $(LINK_STATIC) \
- $(OPENSSL_LIBS) \
- $(GLIB_LIBS) \
- $(LINK_DYNAMIC)
-
-libsoup_ssl_proxy_SOURCES = \
- soup-openssl.h \
- soup-openssl.c \
- soup-ssl-proxy.c
-
-install-exec-hook:
- $(mkinstalldirs) $(DESTDIR)$(libexecdir)
- $(INSTALL_PROGRAM) libsoup-ssl-proxy $(DESTDIR)$(libexecdir)/$(SSL_PROXY_NAME)
-else
-install-exec-hook:
-endif
+++ /dev/null
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
-/*
- * soup-nss.c: Asyncronous Callback-based HTTP Request Queue.
- *
- * Authors:
- * Alex Graveley (alex@ximian.com)
- *
- * Copyright (C) 2001-2002, Ximian, Inc.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#ifdef HAVE_NSS
-
-#include <errno.h>
-#include <sys/stat.h>
-#include <unistd.h>
-
-#include <glib.h>
-
-#include "nss.h"
-#include <ssl.h>
-#include <pk11func.h>
-
-#include "soup-nss.h"
-
-/* NSPR Private function */
-extern PRFileDesc *PR_ImportTCPSocket (int fd);
-
-typedef struct {
- GIOChannel channel;
- GIOChannel *real_sock;
- PRFileDesc *fdesc;
- gboolean handshake_done;
-} SoupNSSChannel;
-
-static inline GIOError
-translate_nss_error (int code)
-{
- switch (code) {
- case PR_INVALID_ARGUMENT_ERROR:
- return G_IO_ERROR_INVAL;
- case PR_IO_TIMEOUT_ERROR:
- case PR_WOULD_BLOCK_ERROR:
- return G_IO_ERROR_AGAIN;
- case PR_IO_ERROR:
- default:
- return G_IO_ERROR_UNKNOWN;
- }
-}
-
-static GIOError
-soup_nss_read (GIOChannel *channel,
- gchar *buf,
- guint count,
- guint *bytes_read)
-{
- SoupNSSChannel *chan = (SoupNSSChannel *) channel;
- gint result;
- PRPollDesc pd;
-
- pd.fd = chan->fdesc;
- pd.in_flags = PR_POLL_READ;
-
- /*
- * FIXME: This seems to avoid blocking zero reads.
- * Not sure why these aren't filtered out in soup_nss_check.
- */
- if (PR_Poll (&pd, 1, PR_INTERVAL_NO_WAIT) != 1)
- return G_IO_ERROR_AGAIN;
-
- do {
- result = PR_Read (chan->fdesc, buf, count);
- } while (result < 0 && PR_GetError () == PR_PENDING_INTERRUPT_ERROR);
-
- if (result < 0) {
- *bytes_read = 0;
- return translate_nss_error (PR_GetError ());
- } else {
- *bytes_read = result;
- return G_IO_ERROR_NONE;
- }
-}
-
-static GIOError
-soup_nss_write (GIOChannel *channel,
- gchar *buf,
- guint count,
- guint *bytes_written)
-{
- SoupNSSChannel *chan = (SoupNSSChannel *) channel;
- gint result;
-
- do {
- result = PR_Write (chan->fdesc, buf, count);
- } while (result < 0 && PR_GetError () == PR_PENDING_INTERRUPT_ERROR);
-
- if (result < 0) {
- *bytes_written = 0;
- return translate_nss_error (PR_GetError ());
- } else {
- *bytes_written = result;
- return G_IO_ERROR_NONE;
- }
-}
-
-static GIOError
-soup_nss_seek (GIOChannel *channel, gint offset, GSeekType type)
-{
- SoupNSSChannel *chan = (SoupNSSChannel *) channel;
- int whence;
- off_t result;
-
- switch (type) {
- case G_SEEK_SET:
- whence = PR_SEEK_SET;
- break;
- case G_SEEK_CUR:
- whence = PR_SEEK_CUR;
- break;
- case G_SEEK_END:
- whence = PR_SEEK_END;
- break;
- default:
- g_warning ("soup_nss_seek: unknown seek type");
- return G_IO_ERROR_UNKNOWN;
- }
-
- result = PR_Seek (chan->fdesc, offset, whence);
-
- if (result < 0)
- return translate_nss_error (PR_GetError ());
- else
- return G_IO_ERROR_NONE;
-}
-
-static void
-soup_nss_close (GIOChannel *channel)
-{
- SoupNSSChannel *chan = (SoupNSSChannel *) channel;
- PR_Close (chan->fdesc);
- g_io_channel_close (chan->real_sock);
-}
-
-static void
-soup_nss_free (GIOChannel *channel)
-{
- SoupNSSChannel *chan = (SoupNSSChannel *) channel;
- g_io_channel_unref (chan->real_sock);
- g_free (chan);
-}
-
-typedef struct {
- SoupNSSChannel *channel;
- gint16 events;
- gint16 last_event;
- GIOFunc callback;
-} SoupNSSWatchData;
-
-static gboolean
-soup_nss_prepare (gpointer source_data,
- GTimeVal *current_time,
- gint *timeout,
- gpointer user_data)
-{
- *timeout = 0;
- return FALSE;
-}
-
-static gboolean
-soup_nss_check (gpointer source_data,
- GTimeVal *current_time,
- gpointer user_data)
-{
- SoupNSSWatchData *data = source_data;
- SoupNSSChannel *chan = data->channel;
- PRPollDesc pd;
-
- /*
- * We must ensure the SSL handshake is completed before performing real
- * IO otherwise NSS behaves erratically. Unfortunately
- * SSL_ForceHandshake blocks until handshaking is complete.
- */
- if (!chan->handshake_done) {
- if (SSL_ForceHandshake (chan->fdesc) == PR_FAILURE) {
- g_warning ("SSL handshake failed.");
- PR_Close (chan->fdesc);
- return FALSE;
- }
- chan->handshake_done = TRUE;
- }
-
- pd.fd = chan->fdesc;
- pd.in_flags = data->events;
-
- if (PR_Poll (&pd, 1, PR_INTERVAL_NO_WAIT) == 1) {
- data->last_event = pd.out_flags;
- return TRUE;
- }
-
- data->last_event = 0;
- return FALSE;
-}
-
-static gboolean
-soup_nss_dispatch (gpointer source_data,
- GTimeVal *current_time,
- gpointer user_data)
-
-{
- SoupNSSWatchData *data = source_data;
- GIOCondition cond = 0;
-
- if (data->last_event & PR_POLL_READ) cond |= G_IO_IN;
- if (data->last_event & PR_POLL_WRITE) cond |= G_IO_OUT;
- if (data->last_event & PR_POLL_ERR) cond |= G_IO_ERR;
- if (data->last_event & PR_POLL_NVAL) cond |= G_IO_NVAL;
- if (data->last_event & PR_POLL_HUP) cond |= G_IO_HUP;
- if (data->last_event & PR_POLL_EXCEPT) cond |= G_IO_PRI;
-
- return (*data->callback) ((GIOChannel *) data->channel,
- cond,
- user_data);
-}
-
-static void
-soup_nss_destroy (gpointer source_data)
-{
- SoupNSSWatchData *data = source_data;
-
- g_io_channel_unref ((GIOChannel *) data->channel);
- g_free (data);
-}
-
-GSourceFuncs soup_nss_watch_funcs = {
- soup_nss_prepare,
- soup_nss_check,
- soup_nss_dispatch,
- soup_nss_destroy
-};
-
-static guint
-soup_nss_add_watch (GIOChannel *channel,
- gint priority,
- GIOCondition condition,
- GIOFunc func,
- gpointer user_data,
- GDestroyNotify notify)
-{
- SoupNSSWatchData *watch = g_new0 (SoupNSSWatchData, 1);
- SoupNSSChannel *chan = (SoupNSSChannel *) channel;
-
- watch->channel = chan;
- g_io_channel_ref (channel);
-
- watch->callback = func;
-
- if (condition & G_IO_IN)
- watch->events |= PR_POLL_READ;
-
- if (condition & G_IO_OUT)
- watch->events |= PR_POLL_WRITE;
-
- if (condition & G_IO_PRI ||
- condition & G_IO_ERR ||
- condition & G_IO_NVAL ||
- condition & G_IO_HUP)
- watch->events |= PR_POLL_EXCEPT;
-
- return g_source_add (priority,
- TRUE,
- &soup_nss_watch_funcs,
- watch,
- user_data,
- notify);
-}
-
-GIOFuncs soup_nss_channel_funcs = {
- soup_nss_read,
- soup_nss_write,
- soup_nss_seek,
- soup_nss_close,
- soup_nss_add_watch,
- soup_nss_free,
-};
-
-static gboolean nss_initialized = FALSE;
-
-static SECStatus
-soup_nss_bad_cert (void *data, PRFileDesc *fd)
-{
- return SECSuccess;
-}
-
-GIOChannel *
-soup_nss_get_iochannel (GIOChannel *sock, SoupSSLType type)
-{
- SoupNSSChannel *chan;
- GIOChannel *gchan;
- PRFileDesc *fdesc;
- int sockfd;
-
- g_return_val_if_fail (sock != NULL, NULL);
-
- if (!nss_initialized && !soup_nss_init ()) goto THROW_CREATE_ERROR;
-
- sockfd = g_io_channel_unix_get_fd (sock);
- if (!sockfd) goto THROW_CREATE_ERROR;
-
- fdesc = PR_ImportTCPSocket (sockfd);
- if (!fdesc) {
- g_warning ("SSL socket creation failure.\n");
- goto THROW_CREATE_ERROR;
- }
-
- fdesc = SSL_ImportFD (NULL, fdesc);
- if (!fdesc) {
- g_warning ("SSL object creation failure.\n");
- goto THROW_CREATE_ERROR;
- }
-
- SSL_OptionSet (fdesc, SSL_SECURITY, PR_TRUE);
- if (type == SOUP_SSL_TYPE_CLIENT)
- SSL_OptionSet (fdesc, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE);
- else
- SSL_OptionSet (fdesc, SSL_HANDSHAKE_AS_SERVER, PR_TRUE);
- SSL_BadCertHook (fdesc, soup_nss_bad_cert, NULL);
-
- if (SSL_ResetHandshake (fdesc, PR_FALSE) == PR_FAILURE) {
- g_warning ("SSL handshake failure.\n");
- PR_Close (fdesc);
- return NULL;
- }
-
- chan = g_new0 (SoupNSSChannel, 1);
- chan->real_sock = sock;
- chan->fdesc = fdesc;
- chan->handshake_done = FALSE;
-
- g_io_channel_ref (sock);
-
- gchan = (GIOChannel *) chan;
- gchan->funcs = &soup_nss_channel_funcs;
- g_io_channel_init (gchan);
-
- return gchan;
-
- THROW_CREATE_ERROR:
- return NULL;
-}
-
-gboolean
-soup_nss_init (void)
-{
- gchar *nss_dir;
- struct stat confstat;
-
- nss_dir = g_strconcat (g_get_home_dir (),
- G_DIR_SEPARATOR_S,
- ".soup",
- NULL);
-
- if (stat (nss_dir, &confstat) != 0) {
- if (errno == ENOENT) {
- if (mkdir (nss_dir, S_IRWXU) != 0) {
- g_warning ("Unable to create private "
- "configuration directory \"%s\".",
- nss_dir);
- goto INIT_ERROR;
- }
- } else {
- g_warning ("Error accessing configuration directory "
- "\"%s\": %s.",
- nss_dir,
- strerror (errno));
- goto INIT_ERROR;
- }
- } else if (!S_ISDIR (confstat.st_mode)) {
- g_warning ("Expecting \"%s\" to be a directory.", nss_dir);
- goto INIT_ERROR;
- }
-
- if (NSS_InitReadWrite (nss_dir) != SECSuccess) {
- if (NSS_NoDB_Init (nss_dir) == SECFailure) {
- g_warning ("Unable to initialize NSS SSL Library.");
- goto INIT_ERROR;
- }
- }
-
- NSS_SetDomesticPolicy ();
-
- SSL_OptionSetDefault (SSL_ENABLE_SSL2, PR_TRUE);
- SSL_OptionSetDefault (SSL_ENABLE_SSL3, PR_TRUE);
- SSL_OptionSetDefault (SSL_ENABLE_TLS, PR_TRUE);
- SSL_OptionSetDefault (SSL_V2_COMPATIBLE_HELLO, PR_TRUE);
-
- g_free (nss_dir);
-
- nss_initialized = TRUE;
- return TRUE;
-
- INIT_ERROR:
- g_free (nss_dir);
- return FALSE;
-}
-
-void
-soup_nss_set_security_policy (SoupSecurityPolicy policy)
-{
- switch (policy) {
- case SOUP_SECURITY_DOMESTIC:
- NSS_SetDomesticPolicy ();
- break;
- case SOUP_SECURITY_EXPORT:
- NSS_SetExportPolicy ();
- break;
- case SOUP_SECURITY_FRANCE:
- NSS_SetFrancePolicy ();
- break;
- }
-
- SSL_ClearSessionCache ();
-}
-
-#endif /*HAVE_NSS*/
-
+++ /dev/null
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
-/*
- * soup-nss.h: Asyncronous Callback-based HTTP Request Queue.
- *
- * Authors:
- * Alex Graveley (alex@ximian.com)
- *
- * Copyright (C) 2001-2002, Ximian, Inc.
- */
-
-#ifndef SOUP_NSS_H
-#define SOUP_NSS_H 1
-
-#include <glib.h>
-#include <libsoup/soup-misc.h>
-#include <libsoup/soup-ssl.h>
-
-GIOChannel *soup_nss_get_iochannel (GIOChannel *sock, SoupSSLType type);
-
-void soup_nss_set_security_policy (SoupSecurityPolicy policy);
-
-gboolean soup_nss_init (void);
-
-#endif /* SOUP_NSS_H */
+++ /dev/null
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
-/*
- * soup-openssl.c: Asyncronous Callback-based SOAP Request Queue.
- *
- * Authors:
- * Alex Graveley (alex@ximian.com)
- *
- * Copyright (C) 2001-2002, Ximian, Inc.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#ifdef HAVE_OPENSSL
-
-#include <unistd.h>
-#include <glib.h>
-#include <sys/time.h>
-
-#include <openssl/ssl.h>
-#include <openssl/rand.h>
-#include <openssl/err.h>
-
-#include "soup-openssl.h"
-
-static gboolean server_mode = FALSE;
-
-typedef struct {
- GIOChannel channel;
- gint fd;
- GIOChannel *real_sock;
- SSL *ssl;
-} SoupOpenSSLChannel;
-
-static void
-soup_openssl_free (GIOChannel *channel)
-{
- SoupOpenSSLChannel *chan = (SoupOpenSSLChannel *) channel;
- g_io_channel_unref (chan->real_sock);
- SSL_free (chan->ssl);
- g_free (chan);
-}
-
-static GIOStatus
-soup_openssl_read (GIOChannel *channel,
- gchar *buf,
- gsize count,
- gsize *bytes_read,
- GError **err)
-{
- SoupOpenSSLChannel *chan = (SoupOpenSSLChannel *) channel;
- gint result;
-
- result = SSL_read (chan->ssl, buf, count);
-
- if (result < 0) {
- /* This occurs when a re-handshake is required */
- *bytes_read = 0;
- if (SSL_get_error (chan->ssl, result) == SSL_ERROR_WANT_READ)
- return G_IO_STATUS_AGAIN;
- switch (errno) {
- case EAGAIN:
- case EINTR:
- return G_IO_STATUS_AGAIN;
- default:
- g_set_error (err, G_IO_CHANNEL_ERROR,
- g_io_channel_error_from_errno (errno),
- g_strerror (errno));
- return G_IO_STATUS_ERROR;
- }
- } else {
- *bytes_read = result;
- return G_IO_STATUS_NORMAL;
- }
-}
-
-static GIOStatus
-soup_openssl_write (GIOChannel *channel,
- const gchar *buf,
- gsize count,
- gsize *bytes_written,
- GError **err)
-{
- SoupOpenSSLChannel *chan = (SoupOpenSSLChannel *) channel;
- gint result;
-
- result = SSL_write (chan->ssl, buf, count);
-
- if (result < 0) {
- *bytes_written = 0;
- if (SSL_get_error (chan->ssl, result) == SSL_ERROR_WANT_WRITE)
- return G_IO_STATUS_AGAIN;
- switch (errno) {
- case EAGAIN:
- case EINTR:
- return G_IO_STATUS_AGAIN;
- default:
- g_set_error (err, G_IO_CHANNEL_ERROR,
- g_io_channel_error_from_errno (errno),
- g_strerror (errno));
- return G_IO_STATUS_ERROR;
- }
- } else {
- *bytes_written = result;
-
- return (result > 0) ? G_IO_STATUS_NORMAL : G_IO_STATUS_EOF;
- }
-}
-
-static GIOStatus
-soup_openssl_seek (GIOChannel *channel,
- gint64 offset,
- GSeekType type,
- GError **err)
-{
- SoupOpenSSLChannel *chan = (SoupOpenSSLChannel *) channel;
- GIOError e;
-
- e = g_io_channel_seek (chan->real_sock, offset, type);
-
- if (e != G_IO_ERROR_NONE)
- return G_IO_STATUS_ERROR;
- else
- return G_IO_STATUS_NORMAL;
-}
-
-static GIOStatus
-soup_openssl_close (GIOChannel *channel,
- GError **err)
-{
- SoupOpenSSLChannel *chan = (SoupOpenSSLChannel *) channel;
- SSL_shutdown (chan->ssl);
- g_io_channel_close (chan->real_sock);
-
- return G_IO_STATUS_NORMAL;
-}
-
-typedef struct {
- GSource source;
- GPollFD pollfd;
- GIOChannel *channel;
- GIOCondition condition;
-} SoupOpenSSLWatch;
-
-static gboolean
-soup_openssl_prepare (GSource *source,
- gint *timeout)
-{
- SoupOpenSSLWatch *watch = (SoupOpenSSLWatch *) source;
- GIOCondition buffer_condition = g_io_channel_get_buffer_condition (
- watch->channel);
-
- *timeout = -1;
-
- /* Only return TRUE here if _all_ bits in watch->condition will be set
- */
- return ((watch->condition & buffer_condition) == watch->condition);
-}
-
-static gboolean
-soup_openssl_check (GSource *source)
-{
- SoupOpenSSLWatch *watch = (SoupOpenSSLWatch *) source;
- GIOCondition buffer_condition = g_io_channel_get_buffer_condition (
- watch->channel);
- GIOCondition poll_condition = watch->pollfd.revents;
-
- return ((poll_condition | buffer_condition) & watch->condition);
-}
-
-static gboolean
-soup_openssl_dispatch (GSource *source,
- GSourceFunc callback,
- gpointer user_data)
-{
- GIOFunc func = (GIOFunc) callback;
- SoupOpenSSLWatch *watch = (SoupOpenSSLWatch *) source;
- SoupOpenSSLChannel *chan = (SoupOpenSSLChannel *) watch->channel;
- GIOCondition buffer_condition = g_io_channel_get_buffer_condition (
- watch->channel);
- GIOCondition cond;
-
- if (!func) {
- g_warning ("IO watch dispatched without callback\n"
- "You must call g_source_connect().");
- return FALSE;
- }
-
- cond = (watch->pollfd.revents | buffer_condition) & watch->condition;
-
- if (cond & G_IO_IN) {
- do {
- if (!(*func) (watch->channel, cond, user_data))
- return FALSE;
- } while (SSL_pending (chan->ssl));
-
- return TRUE;
- } else
- return (*func) (watch->channel, cond, user_data);
-}
-
-static void
-soup_openssl_finalize (GSource *source)
-{
- SoupOpenSSLWatch *watch = (SoupOpenSSLWatch *) source;
-
- g_io_channel_unref (watch->channel);
-}
-
-/* All of these functions were basically cut-and-pasted from glib */
-GSourceFuncs soup_openssl_watch_funcs = {
- soup_openssl_prepare,
- soup_openssl_check,
- soup_openssl_dispatch,
- soup_openssl_finalize
-};
-
-static GSource *
-soup_openssl_create_watch (GIOChannel *channel,
- GIOCondition condition)
-{
- SoupOpenSSLChannel *chan = (SoupOpenSSLChannel *) channel;
-
- if (condition & G_IO_IN) {
- GSource *source;
- SoupOpenSSLWatch *watch;
-
- source = g_source_new (&soup_openssl_watch_funcs,
- sizeof (SoupOpenSSLWatch));
- watch = (SoupOpenSSLWatch *) source;
-
- watch->channel = channel;
- g_io_channel_ref (channel);
-
- watch->condition = condition;
-
- watch->pollfd.fd = chan->fd;
- watch->pollfd.events = condition;
-
- g_source_add_poll (source, &watch->pollfd);
-
- return source;
- }
- else {
- return chan->real_sock->funcs->io_create_watch (channel,
- condition);
- }
-}
-
-static GIOStatus
-soup_openssl_set_flags (GIOChannel *channel,
- GIOFlags flags,
- GError **err)
-{
- SoupOpenSSLChannel *chan = (SoupOpenSSLChannel *) channel;
-
- return chan->real_sock->funcs->io_set_flags (channel, flags, err);
-}
-
-static GIOFlags
-soup_openssl_get_flags (GIOChannel *channel)
-{
- SoupOpenSSLChannel *chan = (SoupOpenSSLChannel *) channel;
-
- return chan->real_sock->funcs->io_get_flags (channel);
-}
-
-GIOFuncs soup_openssl_channel_funcs = {
- soup_openssl_read,
- soup_openssl_write,
- soup_openssl_seek,
- soup_openssl_close,
- soup_openssl_create_watch,
- soup_openssl_free,
- soup_openssl_set_flags,
- soup_openssl_get_flags
-};
-
-static SSL_CTX *ssl_context = NULL;
-
-#if SSL_LIBRARY_VERSION >= 0x00905100
-# define CHECK_OPENSSL_SEEDED RAND_status()
-# define CHECK_OPENSSL_SEEDED_FINAL RAND_status()
-#else
-# define CHECK_OPENSSL_SEEDED FALSE
-# define CHECK_OPENSSL_SEEDED_FINAL TRUE
-#endif
-
-static gboolean
-soup_openssl_seed (void)
-{
- pid_t pid;
- struct timeval tv;
- guchar stack [1024], *heap;
-
- if (!CHECK_OPENSSL_SEEDED) {
- /* Seed with pid */
- pid = getpid ();
- RAND_seed ((guchar *) &pid, sizeof (pid_t));
-
- /* Seed with current time */
- if (gettimeofday (&tv, NULL) == 0)
- RAND_seed ((guchar *) &tv, sizeof (struct timeval));
-
- /* Seed with untouched stack (1024) */
- RAND_seed (stack, sizeof (stack));
-
- /* Quit now if we are adequately seeded */
- if (CHECK_OPENSSL_SEEDED)
- return TRUE;
-
- /* Seed with untouched heap (1024) */
- heap = g_malloc (1024);
- if (heap)
- RAND_seed (heap, 1024);
- g_free (heap);
-
- return CHECK_OPENSSL_SEEDED_FINAL;
- } else
- return TRUE;
-}
-
-GIOChannel *
-soup_openssl_get_iochannel (GIOChannel *sock)
-{
- SoupOpenSSLChannel *chan;
- GIOChannel *gchan;
- int bits, alg_bits, err, sockfd;
- SSL *ssl;
- X509 *cert;
- gchar *ccert_file, *ckey_file;
-
- g_return_val_if_fail (sock != NULL, NULL);
-
- if (!ssl_context && !soup_openssl_init (server_mode))
- goto THROW_CREATE_ERROR;
-
- if (!soup_openssl_seed ())
- g_warning ("SSL random number seed failed.");
-
- sockfd = g_io_channel_unix_get_fd (sock);
- if (!sockfd)
- goto THROW_CREATE_ERROR;
-
- ssl = SSL_new (ssl_context);
- if (!ssl) {
- g_warning ("SSL object creation failure.");
- goto THROW_CREATE_ERROR;
- }
-
- ccert_file = getenv ("HTTPS_CERT_FILE");
- ckey_file = getenv ("HTTPS_KEY_FILE");
-
- if (ccert_file) {
- if (!ckey_file) {
- g_warning ("SSL key file not specified.");
- goto THROW_CREATE_ERROR;
- }
-
- if (!SSL_use_RSAPrivateKey_file (ssl, ckey_file, SSL_FILETYPE_PEM)) {
- g_warning ("Unable to use private key file.");
- ERR_print_errors_fp(stderr);
- goto THROW_CREATE_ERROR;
- }
-
- if (!SSL_use_certificate_file (ssl, ccert_file, SSL_FILETYPE_PEM)) {
- g_warning ("Unable to use certificate file.");
- goto THROW_CREATE_ERROR;
- }
-
- if (!SSL_check_private_key (ssl)) {
- g_warning ("Can't verify correct private key.");
- goto THROW_CREATE_ERROR;
- }
- } else if (ckey_file) {
- g_warning ("SSL certificate file not specified.");
- }
-
- err = SSL_set_fd (ssl, sockfd);
- if (err == 0) {
- g_warning ("Unable to set SSL file descriptor.");
- goto THROW_CREATE_ERROR;
- }
-
- do {
- fd_set ssl_fdset;
- struct timeval tv;
-
- tv.tv_sec = 10;
- tv.tv_usec = 0;
-
- if (server_mode)
- err = SSL_accept (ssl);
- else
- err = SSL_connect (ssl);
-
- err = SSL_get_error (ssl, err);
-
- if (err == SSL_ERROR_WANT_READ) {
- FD_ZERO (&ssl_fdset);
- FD_SET (sockfd, &ssl_fdset);
- select (sockfd + 1, &ssl_fdset, NULL, NULL, &tv);
- }
- else if (err == SSL_ERROR_WANT_WRITE) {
- FD_ZERO (&ssl_fdset);
- FD_SET (sockfd, &ssl_fdset);
- select (sockfd + 1, NULL, &ssl_fdset, NULL, &tv);
- }
- else if (err != SSL_ERROR_NONE) {
- unsigned long e;
-
- e = ERR_get_error();
-
- ERR_load_crypto_strings(), SSL_load_error_strings();
- g_warning ("Could not establish secure connection: %s",
- ERR_error_string (e, NULL));
- goto THROW_CREATE_ERROR;
- }
- } while (err != SSL_ERROR_NONE);
-
- bits = SSL_get_cipher_bits (ssl, &alg_bits);
- if (bits == 0) {
- g_warning ("Server requested unsecure tranfer.");
- goto THROW_CREATE_ERROR;
- }
-
- if (!server_mode) {
- cert = SSL_get_peer_certificate (ssl);
- if (!cert) {
- g_warning ("Server certificate unavailable");
- goto THROW_CREATE_ERROR;
- }
- else
- X509_free (cert);
- }
-
- chan = g_new0 (SoupOpenSSLChannel, 1);
- chan->fd = sockfd;
- chan->real_sock = sock;
- chan->ssl = ssl;
- g_io_channel_ref (sock);
-
- gchan = (GIOChannel *) chan;
- gchan->funcs = &soup_openssl_channel_funcs;
- g_io_channel_init (gchan);
-
- return gchan;
-
- THROW_CREATE_ERROR:
- return NULL;
-}
-
-static int
-verify_cb (int verified, X509_STORE_CTX *x509_ctx)
-{
- if (!verified) {
- int err;
-
- err = X509_STORE_CTX_get_error(x509_ctx);
- ERR_load_crypto_strings(), SSL_load_error_strings();
- g_warning ("Unable to verify server's CA: %s (%d)",
- X509_verify_cert_error_string(err), err);
- }
-
- return verified;
-}
-
-gboolean
-soup_openssl_init (gboolean server)
-{
- static gchar *ssl_ca_file = NULL;
- static gchar *ssl_ca_dir = NULL;
-
- SSL_library_init ();
- SSL_load_error_strings ();
-
- server_mode = server;
-
- if (server_mode)
- ssl_context = SSL_CTX_new (SSLv23_server_method ());
- else
- ssl_context = SSL_CTX_new (SSLv23_client_method ());
-
- if (!ssl_context) {
- g_warning ("Unable to initialize OpenSSL library");
- return FALSE;
- }
-
- ssl_ca_file = getenv ("HTTPS_CA_FILE");
- ssl_ca_dir = getenv ("HTTPS_CA_DIR");
-
- SSL_CTX_set_default_verify_paths (ssl_context);
-
- if (ssl_ca_file || ssl_ca_dir) {
- SSL_CTX_load_verify_locations (ssl_context,
- ssl_ca_file,
- ssl_ca_dir);
- SSL_CTX_set_verify (ssl_context, SSL_VERIFY_PEER, verify_cb);
- }
-
- return TRUE;
-}
-
-void
-soup_openssl_set_security_policy (SoupSecurityPolicy policy)
-{
- switch (policy) {
- case SOUP_SECURITY_DOMESTIC:
- break;
- case SOUP_SECURITY_EXPORT:
- break;
- case SOUP_SECURITY_FRANCE:
- break;
- }
-}
-
-#endif /*HAVE_OPENSSL*/
+++ /dev/null
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
-/*
- * soup-openssl.h: Asyncronous Callback-based SOAP Request Queue.
- *
- * Authors:
- * Alex Graveley (alex@ximian.com)
- *
- * Copyright (C) 2001-2002, Ximian, Inc.
- */
-
-#ifndef SOUP_OPENSSL_H
-#define SOUP_OPENSSL_H 1
-
-#include <glib.h>
-#include <libsoup/soup-misc.h>
-
-GIOChannel *soup_openssl_get_iochannel (GIOChannel *sock);
-
-void soup_openssl_set_security_policy (SoupSecurityPolicy policy);
-
-gboolean soup_openssl_init (gboolean server_mode);
-
-#endif /* SOUP_OPENSSL_H */
+++ /dev/null
-/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
-/*
- * soup-queue.c: Asyncronous Callback-based SOAP Request Queue.
- *
- * Authors:
- * Alex Graveley (alex@ximian.com)
- *
- * Copyright (C) 2001-2002, Ximian, Inc.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <unistd.h>
-#include <fcntl.h>
-#include <stdlib.h>
-#include <errno.h>
-#include <glib.h>
-
-#include <libsoup/soup-misc.h>
-#include <libsoup/soup-private.h>
-
-#ifdef HAVE_OPENSSL
-#include "soup-openssl.h"
-#endif
-
-static gint ssl_library = 0; /* -1 = fail,
- 0 = first time,
- 1 = openssl */
-static SoupSecurityPolicy ssl_security_level = SOUP_SECURITY_DOMESTIC;
-
-static gboolean server_mode = FALSE;
-
-static GMainLoop *loop;
-
-static void
-soup_ssl_proxy_set_security_policy (SoupSecurityPolicy policy)
-{
- ssl_security_level = policy;
-
- switch (ssl_library) {
- case -1:
- case 0:
- break;
-#ifdef HAVE_OPENSSL
- case 1:
- soup_openssl_set_security_policy (policy);
- break;
-#endif
- }
-}
-
-static void
-soup_ssl_proxy_init (void)
-{
- ssl_library = -1;
-
-#ifdef HAVE_OPENSSL
- if (ssl_library == -1)
- ssl_library = soup_openssl_init (server_mode) ? 1 : -1;
-#endif
-
- if (ssl_library == -1) return;
-
- soup_ssl_proxy_set_security_policy (ssl_security_level);
-}
-
-static GIOChannel *
-soup_ssl_proxy_get_iochannel (GIOChannel *sock)
-{
- switch (ssl_library) {
- case -1:
- g_warning ("SSL Not Supported.");
- return NULL;
- case 0:
- default:
- soup_ssl_proxy_init ();
- return soup_ssl_proxy_get_iochannel (sock);
-#ifdef HAVE_OPENSSL
- case 1:
- return soup_openssl_get_iochannel (sock);
-#endif
- }
-}
-
-static gboolean
-soup_ssl_proxy_readwrite (GIOChannel *iochannel,
- GIOCondition condition,
- GIOChannel *dest)
-{
- gchar read_buf [RESPONSE_BLOCK_SIZE];
- gsize bytes_read = 0, bytes_written = 0, write_total = 0;
- GIOError error;
-
- error = g_io_channel_read (iochannel,
- read_buf,
- sizeof (read_buf),
- &bytes_read);
-
- if (error == G_IO_ERROR_AGAIN) return TRUE;
-
- if (error != G_IO_ERROR_NONE || bytes_read == 0) goto FINISH;
-
- errno = 0;
-
- while (write_total != bytes_read) {
- WRITE_AGAIN:
-
- error = g_io_channel_write (dest,
- &read_buf [write_total],
- bytes_read - write_total,
- &bytes_written);
-
- if (error == G_IO_ERROR_AGAIN)
- goto WRITE_AGAIN;
-
- if (error != G_IO_ERROR_NONE || errno != 0) goto FINISH;
-
- write_total += bytes_written;
- }
-
- if (condition & G_IO_ERR)
- goto FINISH;
-
- return TRUE;
-
- FINISH:
- g_main_quit (loop);
- return FALSE;
-}
-
-int
-main (int argc, char** argv)
-{
- gchar *env;
- GIOChannel *read_chan, *write_chan, *sock_chan;
- int sockfd, secpol;
-
- if (getenv ("SOUP_PROXY_DELAY")) {
- g_warning ("Proxy delay set: sleeping for 20 seconds");
- sleep (20);
- }
-
- loop = g_main_new (FALSE);
-
- env = getenv ("SOCKFD");
- if (!env)
- g_error ("SOCKFD environment not set.");
-
- sockfd = atoi (env);
- if (sockfd <= 0)
- g_error ("Invalid SOCKFD environment set.");
-
- env = getenv ("SECURITY_POLICY");
- if (!env)
- g_error ("SECURITY_POLICY environment not set.");
-
- secpol = atoi (env);
- soup_ssl_proxy_set_security_policy (secpol);
-
- env = getenv ("IS_SERVER");
- if (env)
- server_mode = TRUE;
-
- read_chan = g_io_channel_unix_new (STDIN_FILENO);
- if (!read_chan)
- g_error ("Unable to open STDIN");
-
- write_chan = g_io_channel_unix_new (STDOUT_FILENO);
- if (!write_chan)
- g_error ("Unable to open STDOUT");
-
- sock_chan = g_io_channel_unix_new (sockfd);
- sock_chan = soup_ssl_proxy_get_iochannel (sock_chan);
- if (!sock_chan)
- g_error ("Unable to establish SSL connection");
-
- g_io_add_watch (read_chan,
- G_IO_IN | G_IO_PRI | G_IO_ERR,
- (GIOFunc) soup_ssl_proxy_readwrite,
- sock_chan);
-
- g_io_add_watch (sock_chan,
- G_IO_IN | G_IO_PRI | G_IO_ERR,
- (GIOFunc) soup_ssl_proxy_readwrite,
- write_chan);
-
- g_main_run (loop);
-
- g_io_channel_close (read_chan);
- g_io_channel_close (write_chan);
- g_io_channel_close (sock_chan);
-
- exit (0);
-}
#include <config.h>
#endif
-#include <unistd.h>
-#include <sys/types.h>
-#include <sys/wait.h>
-#include <sys/socket.h>
-#include <stdlib.h>
-#include <stdio.h>
-#include <errno.h>
-#include <fcntl.h>
-
#include "soup-gnutls.h"
#include "soup-ssl.h"
-#include "soup-misc.h"
-
-#ifdef HAVE_GNUTLS
-
-GIOChannel *
-soup_ssl_get_iochannel_real (GIOChannel *sock, SoupSSLType type)
-{
- g_return_val_if_fail (sock != NULL, NULL);
-
- return soup_gnutls_get_iochannel (sock, type);
-}
-
-#else /* HAVE_GNUTLS */
-#ifdef HAVE_NSS
-
-GIOChannel *
-soup_ssl_get_iochannel_real (GIOChannel *sock, SoupSSLType type)
-{
- g_return_val_if_fail (sock != NULL, NULL);
-
- return soup_nss_get_iochannel (sock, type);
-}
-
-#else /* HAVE_NSS */
-
-typedef struct {
- int ppid;
- GIOChannel *real_sock;
-} SoupSSLInfo;
-
-static gboolean
-soup_ssl_hup_waitpid (GIOChannel *source, GIOCondition condition, gpointer user_data)
-{
- SoupSSLInfo *ssl_info = user_data;
-
- while (waitpid (ssl_info->ppid, NULL, 0) == -1 && errno == EINTR)
- ;
-
- g_io_channel_unref (ssl_info->real_sock);
- g_free (ssl_info);
-
- return FALSE;
-}
-
-static GIOChannel *
-soup_ssl_get_iochannel_real (GIOChannel *sock, SoupSSLType type)
-{
- GIOChannel *new_chan;
- int sock_fd;
- int pid;
- int pair[2], flags;
- const char *cert_file, *key_file;
- SoupSSLInfo *ssl_info;
-
- g_return_val_if_fail (sock != NULL, NULL);
-
- g_io_channel_ref (sock);
- if (!(sock_fd = g_io_channel_unix_get_fd (sock))) goto ERROR_ARGS;
- flags = fcntl(sock_fd, F_GETFD, 0);
- fcntl (sock_fd, F_SETFD, flags & ~FD_CLOEXEC);
-
- if (socketpair (PF_UNIX, SOCK_STREAM, 0, pair) != 0) goto ERROR_ARGS;
-
- fflush (stdin);
- fflush (stdout);
-
- pid = fork ();
-
- switch (pid) {
- case -1:
- goto ERROR;
- case 0:
- close (pair [1]);
-
- dup2 (pair [0], STDIN_FILENO);
- dup2 (pair [0], STDOUT_FILENO);
-
- close (pair [0]);
-
- putenv (g_strdup_printf ("SOCKFD=%d", sock_fd));
- putenv (g_strdup_printf ("SECURITY_POLICY=%d",
- soup_get_security_policy ()));
-
- if (type == SOUP_SSL_TYPE_SERVER)
- putenv ("IS_SERVER=1");
-
- if (soup_get_ssl_ca_file ()) {
- putenv (g_strdup_printf ("HTTPS_CA_FILE=%s",
- soup_get_ssl_ca_file ()));
- }
-
- if (soup_get_ssl_ca_dir ()) {
- putenv (g_strdup_printf ("HTTPS_CA_DIR=%s",
- soup_get_ssl_ca_dir ()));
- }
-
- soup_get_ssl_cert_files (&cert_file, &key_file);
-
- if (cert_file) {
- putenv (g_strdup_printf ("HTTPS_CERT_FILE=%s",
- cert_file));
- }
-
- if (key_file) {
- putenv (g_strdup_printf ("HTTPS_KEY_FILE=%s",
- key_file));
- }
-
- execl (LIBEXECDIR G_DIR_SEPARATOR_S SSL_PROXY_NAME,
- LIBEXECDIR G_DIR_SEPARATOR_S SSL_PROXY_NAME,
- NULL);
-
- execlp (SSL_PROXY_NAME, SSL_PROXY_NAME, NULL);
-
- g_error ("Error executing SSL Proxy\n");
- }
-
- close (pair [0]);
-
- flags = fcntl(pair [1], F_GETFL, 0);
- fcntl (pair [1], F_SETFL, flags | O_NONBLOCK);
-
- ssl_info = g_new0 (SoupSSLInfo, 1);
- ssl_info->ppid = pid;
- ssl_info->real_sock = sock;
-
- new_chan = g_io_channel_unix_new (pair [1]);
- g_io_channel_set_close_on_unref (new_chan, TRUE);
- g_io_add_watch (new_chan, G_IO_HUP | G_IO_ERR | G_IO_NVAL,
- soup_ssl_hup_waitpid, ssl_info);
-
- return new_chan;
-
- ERROR:
- close (pair [0]);
- close (pair [1]);
- ERROR_ARGS:
- g_io_channel_unref (sock);
- return NULL;
-}
-
-#endif /* HAVE_NSS */
-#endif /* HAVE_GNUTLS */
+#ifdef HAVE_SSL
GIOChannel *
soup_ssl_get_iochannel (GIOChannel *sock)
{
- return soup_ssl_get_iochannel_real (sock, SOUP_SSL_TYPE_CLIENT);
+ return soup_gnutls_get_iochannel (sock, SOUP_SSL_TYPE_CLIENT);
}
GIOChannel *
soup_ssl_get_server_iochannel (GIOChannel *sock)
{
- return soup_ssl_get_iochannel_real (sock, SOUP_SSL_TYPE_SERVER);
+ return soup_gnutls_get_iochannel (sock, SOUP_SSL_TYPE_SERVER);
}
+#endif /* HAVE_SSL */
get_SOURCES = get.c
-get_LDADD = $(top_builddir)/libsoup/libsoup-2.0.la
+get_LDADD = $(top_builddir)/libsoup/libsoup-$(SOUP_API_VERSION).la
timeserver_SOURCES = timeserver.c
-timeserver_LDADD = $(top_builddir)/libsoup/libsoup-2.0.la
+timeserver_LDADD = $(top_builddir)/libsoup/libsoup-$(SOUP_API_VERSION).la
check_PROGRAMS = auth-test
auth_test_SOURCES = auth-test.c
-auth_test_LDADD = $(top_builddir)/libsoup/libsoup-2.0.la
+auth_test_LDADD = $(top_builddir)/libsoup/libsoup-$(SOUP_API_VERSION).la