gnutls: Fix regression where begin_handshake() is not called

The begin_handshake() virtual method is no longer called. This results
in stuff like the GTlsServerConnection authentication-mode not being
passed to gnutls.

Fix issue, and add tests which a future regression in this area
should fall over.

https://bugzilla.gnome.org/show_bug.cgi?id=689259

diff --git a/tls/gnutls/gtlsconnection-gnutls.c b/tls/gnutls/gtlsconnection-gnutls.c
index 1cda0d2..f3602f2 100644 (file)
--- a/tls/gnutls/gtlsconnection-gnutls.c
+++ b/tls/gnutls/gtlsconnection-gnutls.c
@@ -1187,6 +1187,12 @@ accept_peer_certificate (GTlsConnectionGnutls *gnutls,
   return accepted;
 }
 
+static void
+begin_handshake (GTlsConnectionGnutls *gnutls)
+{
+  G_TLS_CONNECTION_GNUTLS_GET_CLASS (gnutls)->begin_handshake (gnutls);
+}
+
 static gboolean
 finish_handshake (GTlsConnectionGnutls  *gnutls,
                  GTask                 *task,
@@ -1243,6 +1249,7 @@ g_tls_connection_gnutls_handshake (GTlsConnection   *conn,
   GError *my_error = NULL;
 
   task = g_task_new (conn, cancellable, NULL, NULL);
+  begin_handshake (gnutls);
   g_task_run_in_thread_sync (task, handshake_thread);
   success = finish_handshake (gnutls, task, &my_error);
   g_object_unref (task);
@@ -1291,6 +1298,8 @@ g_tls_connection_gnutls_handshake_async (GTlsConnection       *conn,
   caller_task = g_task_new (conn, cancellable, callback, user_data);
   g_task_set_priority (caller_task, io_priority);
 
+  begin_handshake (G_TLS_CONNECTION_GNUTLS (conn));
+
   thread_task = g_task_new (conn, cancellable,
                            handshake_thread_completed, caller_task);
   g_task_set_priority (thread_task, io_priority);
@@ -1334,6 +1343,8 @@ do_implicit_handshake (GTlsConnectionGnutls  *gnutls,
                                                 implicit_handshake_completed,
                                                 NULL);
 
+  begin_handshake (gnutls);
+
   if (blocking)
     {
       GError *my_error = NULL;

diff --git a/tls/tests/connection.c b/tls/tests/connection.c
index fc2a486..611e04d 100644 (file)
--- a/tls/tests/connection.c
+++ b/tls/tests/connection.c
@@ -422,12 +422,24 @@ test_verified_connection (TestConnection *test,
 }
 
 static void
+on_notify_accepted_cas (GObject *obj,
+                        GParamSpec *spec,
+                        gpointer user_data)
+{
+  gboolean *changed = user_data;
+  g_assert (*changed == FALSE);
+  *changed = TRUE;
+}
+
+static void
 test_client_auth_connection (TestConnection *test,
                              gconstpointer   data)
 {
   GIOStream *connection;
   GError *error = NULL;
   GTlsCertificate *cert;
+  GTlsCertificate *peer;
+  gboolean cas_changed;
 
   test->database = g_tls_file_database_new (TEST_FILE ("ca-roots.pem"), &error);
   g_assert_no_error (error);
@@ -445,15 +457,25 @@ test_client_auth_connection (TestConnection *test,
   g_assert_no_error (error);
 
   g_tls_connection_set_certificate (G_TLS_CONNECTION (test->client_connection), cert);
-  g_object_unref (cert);
 
   /* All validation in this test */
   g_tls_client_connection_set_validation_flags (G_TLS_CLIENT_CONNECTION (test->client_connection),
                                                 G_TLS_CERTIFICATE_VALIDATE_ALL);
 
+  cas_changed = FALSE;
+  g_signal_connect (test->client_connection, "notify::accepted-cas",
+                    G_CALLBACK (on_notify_accepted_cas), &cas_changed);
+
   read_test_data_async (test);
   g_main_loop_run (test->loop);
   g_assert_no_error (test->read_error);
+
+  peer = g_tls_connection_get_peer_certificate (G_TLS_CONNECTION (test->server_connection));
+  g_assert (peer != NULL);
+  g_assert (g_tls_certificate_is_same (peer, cert));
+  g_assert (cas_changed == TRUE);
+
+  g_object_unref (cert);
 }
 
 static void