+2001-01-15 Jeffrey Stedfast <fejj@ximian.com>
+
+ * camel-tcp-stream-ssl.c (stream_connect): Uses an SSL socket now
+ although there's still a few things missing (like certificate
+ handling and such).
+
+ * camel.c (camel_ssl_init): A replacement function for
+ camel_init() that also initializes SSL.
+
2001-01-14 Jeffrey Stedfast <fejj@ximian.com>
* camel-tcp-stream-ssl.c (stream_getsockopt): Implemented.
static int
stream_close (CamelStream *stream)
{
- g_warning ("CamelTcpStreamSSL::close: Better to call ::disconnect.\n");
+ g_warning ("CamelTcpStreamSSL::close called on a stream where ::disconnect is preferred\n");
return PR_Close (((CamelTcpStreamSSL *)stream)->sockfd);
}
CamelTcpStreamSSL *ssl = CAMEL_TCP_STREAM_SSL (stream);
PRIntervalTime timeout;
PRNetAddr netaddr;
- PRFileDesc *fd;
+ PRFileDesc *fd, *ssl_fd;
g_return_val_if_fail (host != NULL, -1);
return -1;
fd = PR_OpenTCPSocket (host->h_addrtype);
+ ssl_fd = SSL_ImportFD (NULL, fd);
- if (fd == NULL || PR_Connect (fd, &netaddr, timeout) == PR_FAILURE) {
- if (fd != NULL)
- PR_Close (fd);
+ if (ssl_fd == NULL || PR_Connect (ssl_fd, &netaddr, timeout) == PR_FAILURE) {
+ if (ssl_fd != NULL)
+ PR_Close (ssl_fd);
return -1;
}
- ssl->sockfd = fd;
+ ssl->sockfd = ssl_fd;
return 0;
}
static int
stream_disconnect (CamelTcpStream *stream)
{
- PRStatus status;
-
- status = PR_Shutdown (((CamelTcpStreamSSL *)stream)->sockfd, PR_SHUTDOWN_BOTH);
-
- if (status == PR_FAILURE)
- return -1;
-
return PR_Close (((CamelTcpStreamSSL *)stream)->sockfd);
}
return 0;
}
+
+#ifdef U_CANT_TOUCH_THIS
+#include <ssl.h>
+#include <nss.h>
+
+gint
+camel_ssl_init (char *configdir, gboolean nss_init)
+{
+#ifdef ENABLE_THREADS
+#ifdef G_THREADS_ENABLED
+ /*g_thread_init (NULL);*/
+#else /* G_THREADS_ENABLED */
+ printf ("Threads are not supported by your version of glib\n");
+#endif /* G_THREADS_ENABLED */
+#endif /* ENABLE_THREADS */
+
+ if (getenv ("CAMEL_VERBOSE_DEBUG"))
+ camel_verbose_debug = TRUE;
+
+ unicode_init ();
+
+ if (nss_init) {
+ PR_init ();
+
+ if (NSS_init (configdir) == SECFailure)
+ return -1;
+
+ /* FIXME: Erm, use appropriate policy? */
+ NSS_SetDomesticPolicy ();
+ }
+
+ SSL_OptionSetDefault (SSL_ENABLE_SSL2, PR_TRUE);
+ SSL_OptionSetDefault (SSL_ENABLE_SSL3, PR_TRUE);
+ SSL_OptionSetDefault (SSL_ENABLE_TLS, PR_TRUE);
+ SSL_OptionSetDefault (SSL_V2_COMPATIBLE_HELLO, PR_TRUE /* maybe? */);
+
+ return 0;
+}
+#endif