From eb6bcb6cb8ac0c8711c1639687acfee4fea8e004 Mon Sep 17 00:00:00 2001
From: Jeffrey Stedfast <fejj@ximian.com>
Date: Mon, 15 Jan 2001 06:25:23 +0000
Subject: [PATCH] Uses an SSL socket now although there's still a few things
 missing (like

2001-01-15  Jeffrey Stedfast  <fejj@ximian.com>

	* camel-tcp-stream-ssl.c (stream_connect): Uses an SSL socket now
	although there's still a few things missing (like certificate
	handling and such).

	* camel.c (camel_ssl_init): A replacement function for
	camel_init() that also initializes SSL.
---
 camel/ChangeLog              |  9 +++++++++
 camel/camel-tcp-stream-ssl.c | 20 +++++++-------------
 camel/camel.c                | 39 +++++++++++++++++++++++++++++++++++++++
 3 files changed, 55 insertions(+), 13 deletions(-)

diff --git a/camel/ChangeLog b/camel/ChangeLog
index 53ca70a..9ab195b 100644
--- a/camel/ChangeLog
+++ b/camel/ChangeLog
@@ -1,3 +1,12 @@
+2001-01-15  Jeffrey Stedfast  <fejj@ximian.com>
+
+	* camel-tcp-stream-ssl.c (stream_connect): Uses an SSL socket now
+	although there's still a few things missing (like certificate
+	handling and such).
+
+	* camel.c (camel_ssl_init): A replacement function for
+	camel_init() that also initializes SSL.
+
 2001-01-14  Jeffrey Stedfast  <fejj@ximian.com>
 
 	* camel-tcp-stream-ssl.c (stream_getsockopt): Implemented.
diff --git a/camel/camel-tcp-stream-ssl.c b/camel/camel-tcp-stream-ssl.c
index 93b2e9d..b346a02 100644
--- a/camel/camel-tcp-stream-ssl.c
+++ b/camel/camel-tcp-stream-ssl.c
@@ -160,7 +160,7 @@ stream_flush (CamelStream *stream)
 static int
 stream_close (CamelStream *stream)
 {
-	g_warning ("CamelTcpStreamSSL::close: Better to call ::disconnect.\n");
+	g_warning ("CamelTcpStreamSSL::close called on a stream where ::disconnect is preferred\n");
 	return PR_Close (((CamelTcpStreamSSL *)stream)->sockfd);
 }
 
@@ -171,7 +171,7 @@ stream_connect (CamelTcpStream *stream, struct hostent *host, int port)
 	CamelTcpStreamSSL *ssl = CAMEL_TCP_STREAM_SSL (stream);
 	PRIntervalTime timeout;
 	PRNetAddr netaddr;
-	PRFileDesc *fd;
+	PRFileDesc *fd, *ssl_fd;
 	
 	g_return_val_if_fail (host != NULL, -1);
 	
@@ -182,15 +182,16 @@ stream_connect (CamelTcpStream *stream, struct hostent *host, int port)
 		return -1;
 	
 	fd = PR_OpenTCPSocket (host->h_addrtype);
+	ssl_fd = SSL_ImportFD (NULL, fd);
 	
-	if (fd == NULL || PR_Connect (fd, &netaddr, timeout) == PR_FAILURE) {
-		if (fd != NULL)
-			PR_Close (fd);
+	if (ssl_fd == NULL || PR_Connect (ssl_fd, &netaddr, timeout) == PR_FAILURE) {
+		if (ssl_fd != NULL)
+			PR_Close (ssl_fd);
 		
 		return -1;
 	}
 	
-	ssl->sockfd = fd;
+	ssl->sockfd = ssl_fd;
 	
 	return 0;
 }
@@ -198,13 +199,6 @@ stream_connect (CamelTcpStream *stream, struct hostent *host, int port)
 static int
 stream_disconnect (CamelTcpStream *stream)
 {
-	PRStatus status;
-	
-	status = PR_Shutdown (((CamelTcpStreamSSL *)stream)->sockfd, PR_SHUTDOWN_BOTH);
-	
-	if (status == PR_FAILURE)
-		return -1;
-	
 	return PR_Close (((CamelTcpStreamSSL *)stream)->sockfd);
 }
 
diff --git a/camel/camel.c b/camel/camel.c
index 2d22720..5383c4d 100644
--- a/camel/camel.c
+++ b/camel/camel.c
@@ -47,3 +47,42 @@ camel_init(void)
 
 	return 0;
 }
+
+#ifdef U_CANT_TOUCH_THIS
+#include <ssl.h>
+#include <nss.h>
+
+gint
+camel_ssl_init (char *configdir, gboolean nss_init)
+{
+#ifdef ENABLE_THREADS
+#ifdef G_THREADS_ENABLED	
+	/*g_thread_init (NULL);*/
+#else  /* G_THREADS_ENABLED */
+	printf ("Threads are not supported by your version of glib\n");
+#endif /* G_THREADS_ENABLED */
+#endif /* ENABLE_THREADS */
+	
+	if (getenv ("CAMEL_VERBOSE_DEBUG"))
+		camel_verbose_debug = TRUE;
+	
+	unicode_init ();
+	
+	if (nss_init) {
+		PR_init ();
+		
+		if (NSS_init (configdir) == SECFailure)
+			return -1;
+		
+		/* FIXME: Erm, use appropriate policy? */
+		NSS_SetDomesticPolicy ();
+	}
+	
+	SSL_OptionSetDefault (SSL_ENABLE_SSL2, PR_TRUE);
+	SSL_OptionSetDefault (SSL_ENABLE_SSL3, PR_TRUE);
+	SSL_OptionSetDefault (SSL_ENABLE_TLS, PR_TRUE);
+	SSL_OptionSetDefault (SSL_V2_COMPATIBLE_HELLO, PR_TRUE /* maybe? */);
+	
+	return 0;
+}
+#endif
-- 
2.7.4