From 536dcc4868b1395f15a41834e21d80dc94611077 Mon Sep 17 00:00:00 2001
From: Dan Winship <danw@src.gnome.org>
Date: Tue, 18 Nov 2003 16:00:21 +0000
Subject: [PATCH] declare soup_ssl_supported.

	* libsoup/soup-misc.h: declare soup_ssl_supported.

	* libsoup/soup-gnutls.c: add soup_ssl_supported declaration.

	* libsoup/soup-nossl.c: Not an SSL implementation, built if
	HAVE_SSL is not defined.

	* libsoup/Makefile.am (libsoup_2_2_la_SOURCES): add soup-nossl.c

	* libsoup/soup-socket.c (soup_socket_start_ssl): Return success or
	failure.
	(listen_watch): Deal with soup_socket_start_ssl failing.

	* libsoup/soup-connection.c (tunnel_connect_finished,
	socket_connect_result, soup_connection_connect_sync): Deal with
	the soup_socket_start_ssl failing.

	* libsoup/soup-server.c (soup_server_new): Deal with
	soup_ssl_get_server_credentials failing
---
 ChangeLog                 | 22 +++++++++++++++++++++
 libsoup/Makefile.am       |  1 +
 libsoup/soup-connection.c | 36 ++++++++++++++++++++++------------
 libsoup/soup-gnutls.c     |  4 +++-
 libsoup/soup-misc.h       |  4 ++++
 libsoup/soup-nossl.c      | 50 +++++++++++++++++++++++++++++++++++++++++++++++
 libsoup/soup-server.c     |  4 ++++
 libsoup/soup-socket.c     | 25 +++++++++++++++++-------
 libsoup/soup-socket.h     |  2 +-
 9 files changed, 126 insertions(+), 22 deletions(-)
 create mode 100644 libsoup/soup-nossl.c

diff --git a/ChangeLog b/ChangeLog
index d44200f..65ce315 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,25 @@
+2003-11-18  Dan Winship  <danw@ximian.com>
+
+	* libsoup/soup-misc.h: declare soup_ssl_supported.
+
+	* libsoup/soup-gnutls.c: add soup_ssl_supported declaration.
+
+	* libsoup/soup-nossl.c: Not an SSL implementation, built if
+	HAVE_SSL is not defined.
+
+	* libsoup/Makefile.am (libsoup_2_2_la_SOURCES): add soup-nossl.c
+
+	* libsoup/soup-socket.c (soup_socket_start_ssl): Return success or
+	failure.
+	(listen_watch): Deal with soup_socket_start_ssl failing.
+
+	* libsoup/soup-connection.c (tunnel_connect_finished,
+	socket_connect_result, soup_connection_connect_sync): Deal with
+	the soup_socket_start_ssl failing.
+
+	* libsoup/soup-server.c (soup_server_new): Deal with
+	soup_ssl_get_server_credentials failing
+
 2003-11-18  Rodrigo Moya <rodrigo@ximian.com>
 
 	* libsoup/soup-soap-message.[ch] (soup_soap_message_start_fault,
diff --git a/libsoup/Makefile.am b/libsoup/Makefile.am
index e3f8560..63787cf 100644
--- a/libsoup/Makefile.am
+++ b/libsoup/Makefile.am
@@ -84,6 +84,7 @@ libsoup_2_2_la_SOURCES =		\
 	soup-message-server-io.c	\
 	soup-method.c			\
 	soup-misc.c     		\
+	soup-nossl.c     		\
 	soup-server.c			\
 	soup-server-auth.c		\
 	soup-server-message.c		\
diff --git a/libsoup/soup-connection.c b/libsoup/soup-connection.c
index 93d6a91..846169c 100644
--- a/libsoup/soup-connection.c
+++ b/libsoup/soup-connection.c
@@ -307,12 +307,15 @@ static void
 tunnel_connect_finished (SoupMessage *msg, gpointer user_data)
 {
 	SoupConnection *conn = user_data;
+	guint status = msg->status_code;
 
-	if (SOUP_STATUS_IS_SUCCESSFUL (msg->status_code))
-		soup_socket_start_ssl (conn->priv->socket);
+	if (SOUP_STATUS_IS_SUCCESSFUL (status)) {
+		if (!soup_socket_start_ssl (conn->priv->socket))
+			status = SOUP_STATUS_SSL_FAILED;
+	}
 
 	g_signal_emit (conn, signals[CONNECT_RESULT], 0,
-		       proxified_status (conn, msg->status_code));
+		       proxified_status (conn, status));
 	g_object_unref (msg);
 }
 
@@ -321,14 +324,15 @@ socket_connect_result (SoupSocket *sock, guint status, gpointer user_data)
 {
 	SoupConnection *conn = user_data;
 
-	if (!SOUP_STATUS_IS_SUCCESSFUL (status)) {
-		g_signal_emit (conn, signals[CONNECT_RESULT], 0,
-			       proxified_status (conn, status));
-		return;
-	}
+	if (!SOUP_STATUS_IS_SUCCESSFUL (status))
+		goto done;
 
-	if (conn->priv->conn_uri->protocol == SOUP_PROTOCOL_HTTPS)
-		soup_socket_start_ssl (sock);
+	if (conn->priv->conn_uri->protocol == SOUP_PROTOCOL_HTTPS) {
+		if (!soup_socket_start_ssl (sock)) {
+			status = SOUP_STATUS_SSL_FAILED;
+			goto done;
+		}
+	}
 
 	/* See if we need to tunnel */
 	if (conn->priv->proxy_uri && conn->priv->origin_uri) {
@@ -343,7 +347,9 @@ socket_connect_result (SoupSocket *sock, guint status, gpointer user_data)
 		return;
 	}
 
-	g_signal_emit (conn, signals[CONNECT_RESULT], 0, status);
+ done:
+	g_signal_emit (conn, signals[CONNECT_RESULT], 0,
+		       proxified_status (conn, status));
 }
 
 /**
@@ -402,8 +408,12 @@ soup_connection_connect_sync (SoupConnection *conn)
 	if (!SOUP_STATUS_IS_SUCCESSFUL (status))
 		goto fail;
 
-	if (conn->priv->conn_uri->protocol == SOUP_PROTOCOL_HTTPS)
-		soup_socket_start_ssl (conn->priv->socket);
+	if (conn->priv->conn_uri->protocol == SOUP_PROTOCOL_HTTPS) {
+		if (!soup_socket_start_ssl (conn->priv->socket)) {
+			status = SOUP_STATUS_SSL_FAILED;
+			goto fail;
+		}
+	}
 
 	if (conn->priv->proxy_uri && conn->priv->origin_uri) {
 		SoupMessage *connect_msg;
diff --git a/libsoup/soup-gnutls.c b/libsoup/soup-gnutls.c
index 30b5ca8..2561d99 100644
--- a/libsoup/soup-gnutls.c
+++ b/libsoup/soup-gnutls.c
@@ -24,6 +24,8 @@
 #include "soup-ssl.h"
 #include "soup-misc.h"
 
+gboolean soup_ssl_supported = TRUE;
+
 #define DH_BITS 1024
 
 typedef struct {
@@ -368,7 +370,7 @@ soup_ssl_wrap_iochannel (GIOChannel *sock, SoupSSLType type,
 	if (type == SOUP_SSL_TYPE_SERVER)
 		gnutls_dh_set_prime_bits (session, DH_BITS);
 
-	gnutls_transport_set_ptr (session, sockfd);
+	gnutls_transport_set_ptr (session, GINT_TO_POINTER (sockfd));
 
 	chan->fd = sockfd;
 	chan->real_sock = sock;
diff --git a/libsoup/soup-misc.h b/libsoup/soup-misc.h
index 0a9afef..718bac1 100644
--- a/libsoup/soup-misc.h
+++ b/libsoup/soup-misc.h
@@ -47,4 +47,8 @@ guint              soup_str_case_hash        (gconstpointer key);
 gboolean           soup_str_case_equal       (gconstpointer v1,
 					      gconstpointer v2);
 
+/* SSL support */
+
+extern gboolean soup_ssl_supported;
+
 #endif /* SOUP_MISC_H */
diff --git a/libsoup/soup-nossl.c b/libsoup/soup-nossl.c
new file mode 100644
index 0000000..a8ad808
--- /dev/null
+++ b/libsoup/soup-nossl.c
@@ -0,0 +1,50 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: t; c-basic-offset: 8 -*- */
+/*
+ * soup-nossl.c
+ *
+ * Copyright (C) 2003, Ximian, Inc.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#ifndef HAVE_SSL
+
+#include "soup-ssl.h"
+#include "soup-misc.h"
+
+gboolean soup_ssl_supported = FALSE;
+
+GIOChannel *
+soup_ssl_wrap_iochannel (GIOChannel *sock, SoupSSLType type,
+			 const char *hostname, gpointer cred_pointer)
+{
+	return NULL;
+}
+
+gpointer
+soup_ssl_get_client_credentials (const char *ca_file)
+{
+	return NULL;
+}
+
+void
+soup_ssl_free_client_credentials (gpointer client_creds)
+{
+	;
+}
+
+gpointer
+soup_ssl_get_server_credentials (const char *cert_file, const char *key_file)
+{
+	return NULL;
+}
+
+void
+soup_ssl_free_server_credentials (gpointer server_creds)
+{
+	;
+}
+
+#endif /* ! HAVE_SSL */
diff --git a/libsoup/soup-server.c b/libsoup/soup-server.c
index 83bc6de..9097300 100644
--- a/libsoup/soup-server.c
+++ b/libsoup/soup-server.c
@@ -251,6 +251,10 @@ soup_server_new (const char *optname1, ...)
 		server->priv->ssl_creds = soup_ssl_get_server_credentials (
 			server->priv->ssl_cert_file,
 			server->priv->ssl_key_file);
+		if (!server->priv->ssl_creds) {
+			g_object_unref (server);
+			return NULL;
+		}
 	}
 
 	server->priv->listen_sock =
diff --git a/libsoup/soup-socket.c b/libsoup/soup-socket.c
index a942c5d..f390601 100644
--- a/libsoup/soup-socket.c
+++ b/libsoup/soup-socket.c
@@ -503,9 +503,12 @@ listen_watch (GIOChannel* iochannel, GIOCondition condition, gpointer data)
 
 	new->priv->remote_addr = soup_address_new_from_sockaddr ((struct sockaddr *)&sa, sa_len);
 
-	if (new->priv->ssl_creds)
-		soup_socket_start_ssl (new);
-	else
+	if (new->priv->ssl_creds) {
+		if (!soup_socket_start_ssl (new)) {
+			g_object_unref (new);
+			return TRUE;
+		}
+	} else
 		get_iochannel (new);
 
 	g_signal_emit (sock, signals[NEW_CONNECTION], 0, new);
@@ -578,18 +581,26 @@ soup_socket_listen (SoupSocket *sock, SoupAddress *local_addr)
  * @socket: the socket
  *
  * Starts using SSL on @socket.
+ *
+ * Return value: success or failure
  **/
-void
+gboolean
 soup_socket_start_ssl (SoupSocket *sock)
 {
-	GIOChannel *chan;
+	GIOChannel *ssl_chan;
 
-	chan = get_iochannel (sock);
-	sock->priv->iochannel = soup_ssl_wrap_iochannel (
+	get_iochannel (sock);
+	ssl_chan = soup_ssl_wrap_iochannel (
 		sock->priv->iochannel, sock->priv->is_server ?
 		SOUP_SSL_TYPE_SERVER : SOUP_SSL_TYPE_CLIENT,
 		soup_address_get_name (sock->priv->remote_addr),
 		sock->priv->ssl_creds);
+
+	if (!ssl_chan)
+		return FALSE;
+
+	sock->priv->iochannel = ssl_chan;
+	return TRUE;
 }
 	
 
diff --git a/libsoup/soup-socket.h b/libsoup/soup-socket.h
index 56a9c45..afefde5 100644
--- a/libsoup/soup-socket.h
+++ b/libsoup/soup-socket.h
@@ -50,7 +50,7 @@ guint          soup_socket_connect            (SoupSocket         *sock,
 					       SoupAddress        *rem_addr);
 gboolean       soup_socket_listen             (SoupSocket         *sock,
 					       SoupAddress        *local_addr);
-void           soup_socket_start_ssl          (SoupSocket         *sock);
+gboolean       soup_socket_start_ssl          (SoupSocket         *sock);
 
 void           soup_socket_disconnect         (SoupSocket         *sock);
 gboolean       soup_socket_is_connected       (SoupSocket         *sock);
-- 
2.7.4