From 667b7c68d4b244378ab2363e2dc6e1ce4a9fafe4 Mon Sep 17 00:00:00 2001 From: Alex Graveley Date: Fri, 2 Mar 2001 10:31:26 +0000 Subject: [PATCH] remove gmodule dependency. Fix OPENSSL_LIBS and NSS_LIBS to include the 2001-03-02 Alex Graveley * configure.in: remove gmodule dependency. Fix OPENSSL_LIBS and NSS_LIBS to include the library name and not only the path. * src/soup-core/soup-ssl-proxy.c (soup_ssl_proxy_init): remove call to g_module_supported(). * src/soup-core/soup-nss.c: remove GModule NSS loading, link conventionally instead. * src/soup-core/soup-openssl.c: remove GModule OpenSSL loading, link conventionally instead. --- ChangeLog | 14 +++++ configure.in | 24 ++++----- libsoup/soup-openssl.c | 130 ++++++++++++++--------------------------------- libsoup/soup-ssl-proxy.c | 4 +- 4 files changed, 64 insertions(+), 108 deletions(-) diff --git a/ChangeLog b/ChangeLog index 97e09b6..511132f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,19 @@ 2001-03-02 Alex Graveley + * configure.in: remove gmodule dependency. Fix OPENSSL_LIBS and + NSS_LIBS to include the library name and not only the path. + + * src/soup-core/soup-ssl-proxy.c (soup_ssl_proxy_init): remove + call to g_module_supported(). + + * src/soup-core/soup-nss.c: remove GModule NSS loading, + link conventionally instead. + + * src/soup-core/soup-openssl.c: remove GModule OpenSSL loading, + link conventionally instead. + +2001-03-02 Alex Graveley + * src/soup-core/soup-ssl-proxy.c: oops. should have been added yesterday. diff --git a/configure.in b/configure.in index 2c5c79c..1f76f41 100644 --- a/configure.in +++ b/configure.in @@ -116,11 +116,10 @@ AM_PROG_LIBTOOL # Need GLIB AM_PATH_GLIB(1.2.0,, - AC_MSG_ERROR([Cannot find GLIB: Is glib-config in path?]), - gmodule) + AC_MSG_ERROR([Cannot find GLIB: Is glib-config in path?])) -GLIB_CFLAGS=`glib-config --cflags glib gmodule` -GLIB_LIBS=`glib-config --libs glib gmodule` +GLIB_CFLAGS=`glib-config --cflags glib` +GLIB_LIBS=`glib-config --libs glib` AC_SUBST(GLIB_CFLAGS) AC_SUBST(GLIB_LIBS) @@ -211,21 +210,20 @@ openssl_prefix=-L$withval if test "x$enable_ssl" = xyes; then save_CPPFLAGS=$CPPFLAGS CPPFLAGS="$openssl_inc_prefix" - AC_CHECK_HEADERS(openssl/ssl.h) - AC_CHECK_HEADERS(openssl/err.h) - OPENSSL_CFLAGS=$CPPFLAGS - OPENSSL_LIBS="$openssl_prefix" + AC_CHECK_HEADERS(openssl/ssl.h openssl/err.h, + [OPENSSL_CFLAGS="$CPPFLAGS" + OPENSSL_LIBS="$openssl_prefix -lssl -lcrypto"], + [OPENSSL_CFLAGS="" OPENSSL_LIBS=""; break;]) AC_SUBST(OPENSSL_CFLAGS) AC_SUBST(OPENSSL_LIBS) CPPFLAGS=$save_CPPFLAGS save_CPPFLAGS=$CPPFLAGS CPPFLAGS="$nspr_inc_prefix $nss_inc_prefix" - AC_CHECK_HEADERS(prthread.h) - AC_CHECK_HEADERS(security/ssl.h) - AC_CHECK_HEADERS(security/pk11func.h) - NSS_CFLAGS=$CPPFLAGS - NSS_LIBS="$nspr_prefix $nss_prefix" + AC_CHECK_HEADERS(prthread.h security/ssl.h security/pk11func.h, + [NSS_CFLAGS="$CPPFLAGS" + NSS_LIBS="$nspr_prefix -lnspr4 $nss_prefix -lnss3"], + [NSS_CFLAGS="" NSS_LIBS=""; break;]) AC_SUBST(NSS_CFLAGS) AC_SUBST(NSS_LIBS) CPPFLAGS=$save_CPPFLAGS diff --git a/libsoup/soup-openssl.c b/libsoup/soup-openssl.c index 35ba24e..30d1365 100644 --- a/libsoup/soup-openssl.c +++ b/libsoup/soup-openssl.c @@ -12,32 +12,12 @@ #ifdef HAVE_OPENSSL_SSL_H -#include +#include #include #include #include "soup-openssl.h" -int (*my_SSL_library_init) (void); -void (*my_SSL_load_error_strings) (void); -SSL_CTX * (*my_SSL_CTX_new) (SSL_METHOD *meth); -SSL_METHOD * (*my_SSLv23_client_method) (void); -int (*my_SSL_CTX_set_default_verify_paths) (SSL_CTX *ctx); -SSL * (*my_SSL_new) (SSL_CTX *ctx); -int (*my_SSL_set_fd) (SSL *s, int fd); -int (*my_SSL_connect) (SSL *ssl); -int (*my_SSL_CIPHER_get_bits) (SSL_CIPHER *c, int *alg_bits); -SSL_CIPHER * (*my_SSL_get_current_cipher) (SSL *s); -X509 * (*my_SSL_get_peer_certificate) (SSL *s); -int (*my_SSL_read) (SSL *ssl, char *buf, int num); -int (*my_SSL_write) (SSL *ssl, char *buf, int num); -int (*my_SSL_pending) (SSL *ssl); -void (*my_SSL_free) (SSL *ssl); -void (*my_X509_free) (X509 *a); - -#define my_SSL_get_cipher_bits(s,np) \ - my_SSL_CIPHER_get_bits(my_SSL_get_current_cipher(s),np) - typedef struct { GIOChannel channel; gint fd; @@ -54,7 +34,7 @@ soup_openssl_read (GIOChannel *channel, SoupOpenSSLChannel *chan = (SoupOpenSSLChannel *) channel; gint result; - result = my_SSL_read (chan->ssl, buf, count); + result = SSL_read (chan->ssl, buf, count); if (result < 0) { *bytes_read = 0; @@ -82,7 +62,7 @@ soup_openssl_write (GIOChannel *channel, SoupOpenSSLChannel *chan = (SoupOpenSSLChannel *) channel; gint result; - result = my_SSL_write (chan->ssl, buf, count); + result = SSL_write (chan->ssl, buf, count); if (result < 0) { *bytes_written = 0; @@ -120,10 +100,14 @@ soup_openssl_free (GIOChannel *channel) { SoupOpenSSLChannel *chan = (SoupOpenSSLChannel *) channel; g_io_channel_unref (chan->real_sock); - my_SSL_free (chan->ssl); + SSL_free (chan->ssl); g_free (chan); } +#if 0 + +/* Commented out until we can figure out why SSL_pending always fails */ + typedef struct { GIOFunc func; gpointer user_data; @@ -138,7 +122,7 @@ soup_openssl_read_cb (GIOChannel *channel, SoupOpenSSLReadData *data = user_data; if (condition & G_IO_IN) { - if (//my_SSL_pending (chan->ssl) && + if (SSL_pending (chan->ssl) && !(*data->func) (channel, condition, data->user_data)) { g_free (data); return FALSE; @@ -176,6 +160,25 @@ soup_openssl_add_watch (GIOChannel *channel, notify); } +#endif /* 0 */ + +static guint +soup_openssl_add_watch (GIOChannel *channel, + gint priority, + GIOCondition condition, + GIOFunc func, + gpointer user_data, + GDestroyNotify notify) +{ + SoupOpenSSLChannel *chan = (SoupOpenSSLChannel *) channel; + return chan->real_sock->funcs->io_add_watch (channel, + priority, + condition, + func, + user_data, + notify); +} + GIOFuncs soup_openssl_channel_funcs = { soup_openssl_read, soup_openssl_write, @@ -203,36 +206,36 @@ soup_openssl_get_iochannel (GIOChannel *sock) sockfd = g_io_channel_unix_get_fd (sock); if (!sockfd) goto THROW_CREATE_ERROR; - ssl = my_SSL_new (ssl_context); + ssl = SSL_new (ssl_context); if (!ssl) { g_warning ("SSL object creation failure."); goto THROW_CREATE_ERROR; } - err = my_SSL_set_fd (ssl, sockfd); + err = SSL_set_fd (ssl, sockfd); if (err == 0) { g_warning ("Unable to set SSL file descriptor."); goto THROW_CREATE_ERROR; } - my_SSL_connect (ssl); + SSL_connect (ssl); if (err == 0) { g_warning ("Secure connection could not be established."); goto THROW_CREATE_ERROR; } - bits = my_SSL_get_cipher_bits (ssl, &alg_bits); + bits = SSL_get_cipher_bits (ssl, &alg_bits); if (bits == 0) { g_warning ("Server requested unsecure tranfer."); goto THROW_CREATE_ERROR; } - cert = my_SSL_get_peer_certificate (ssl); + cert = SSL_get_peer_certificate (ssl); if (!cert) { g_warning ("Server certificate unavailable"); goto THROW_CREATE_ERROR; } - my_X509_free (cert); + X509_free (cert); chan = g_new0 (SoupOpenSSLChannel, 1); chan->fd = sockfd; @@ -253,73 +256,16 @@ soup_openssl_get_iochannel (GIOChannel *sock) gboolean soup_openssl_init (void) { - gchar *mod_path = NULL; - GModule *ssl_mod; - GModule *crypto_mod; - - mod_path = g_module_build_path (NULL, "crypto"); - crypto_mod = g_module_open (mod_path, 0); - g_free (mod_path); - - if (!crypto_mod) - return FALSE; - - mod_path = g_module_build_path (NULL, "ssl"); - ssl_mod = g_module_open (mod_path, 0); - g_free (mod_path); - - if (!ssl_mod) { - g_module_close (crypto_mod); - return FALSE; - } + SSL_library_init (); + SSL_load_error_strings (); - g_module_make_resident (ssl_mod); - g_module_make_resident (crypto_mod); - - g_module_symbol (ssl_mod, - "SSL_library_init", - (gpointer *) &my_SSL_library_init); - g_module_symbol (ssl_mod, - "SSL_load_error_strings", - (gpointer *) &my_SSL_load_error_strings); - g_module_symbol (ssl_mod, - "SSL_CTX_new", - (gpointer *) &my_SSL_CTX_new); - g_module_symbol (ssl_mod, - "SSLv23_client_method", - (gpointer *) &my_SSLv23_client_method); - g_module_symbol (ssl_mod, - "SSL_CTX_set_default_verify_paths", - (gpointer *) &my_SSL_CTX_set_default_verify_paths); - g_module_symbol (ssl_mod, "SSL_new", (gpointer *) &my_SSL_new); - g_module_symbol (ssl_mod, "SSL_set_fd", (gpointer *) &my_SSL_set_fd); - g_module_symbol (ssl_mod, "SSL_connect", (gpointer *) &my_SSL_connect); - g_module_symbol (ssl_mod, - "SSL_CIPHER_get_bits", - (gpointer *) &my_SSL_CIPHER_get_bits); - g_module_symbol (ssl_mod, - "SSL_get_current_cipher", - (gpointer *) &my_SSL_get_current_cipher); - g_module_symbol (ssl_mod, - "SSL_get_peer_certificate", - (gpointer *) &my_SSL_get_peer_certificate); - g_module_symbol (ssl_mod, "SSL_read", (gpointer *) &my_SSL_read); - g_module_symbol (ssl_mod, "SSL_write", (gpointer *) &my_SSL_write); - g_module_symbol (ssl_mod, "SSL_pending", (gpointer *) &my_SSL_pending); - g_module_symbol (ssl_mod, "SSL_free", (gpointer *) &my_SSL_free); - - g_module_symbol (crypto_mod, "X509_free", (gpointer *) &my_X509_free); - - my_SSL_library_init (); - my_SSL_load_error_strings (); - - ssl_context = my_SSL_CTX_new (my_SSLv23_client_method ()); + ssl_context = SSL_CTX_new (SSLv23_client_method ()); if (!ssl_context) { g_warning ("Unable to initialize OpenSSL library"); return FALSE; } - my_SSL_CTX_set_default_verify_paths (ssl_context); + SSL_CTX_set_default_verify_paths (ssl_context); return TRUE; } diff --git a/libsoup/soup-ssl-proxy.c b/libsoup/soup-ssl-proxy.c index c451771..72ed8af 100644 --- a/libsoup/soup-ssl-proxy.c +++ b/libsoup/soup-ssl-proxy.c @@ -9,7 +9,7 @@ */ #include -#include +#include #include #include #include @@ -61,8 +61,6 @@ soup_ssl_proxy_init (void) { ssl_library = -1; - if (!g_module_supported ()) return; - #ifdef HAVE_SECURITY_SSL_H if (ssl_library == -1) ssl_library = soup_nss_init () ? 1 : -1; #endif -- 2.7.4