tls/base/gtlsconnection-base.h

   1 /* GIO - GLib Input, Output and Streaming Library
   2  *
   3  * Copyright 2009-2011 Red Hat, Inc.
   4  *
   5  * This program is free software: you can redistribute it and/or modify
   6  * it under the terms of the GNU Lesser General Public License as published
   7  * by the Free Software Foundation; either version 2 of the licence or (at
   8  * your option) any later version.
   9  *
  10  * See the included COPYING file for more information.
  11  *
  12  * In addition, when the library is used with OpenSSL, a special
  13  * exception applies. Refer to the LICENSE_EXCEPTION file for details.
  14  */
  15
  16 #ifndef __G_TLS_CONNECTION_BASE_H__
  17 #define __G_TLS_CONNECTION_BASE_H__
  18
  19 #include <gio/gio.h>
  20
  21 G_BEGIN_DECLS
  22
  23 #define G_TYPE_TLS_CONNECTION_BASE            (g_tls_connection_base_get_type ())
  24 #define G_TLS_CONNECTION_BASE(inst)           (G_TYPE_CHECK_INSTANCE_CAST ((inst), G_TYPE_TLS_CONNECTION_BASE, GTlsConnectionBase))
  25 #define G_TLS_CONNECTION_BASE_CLASS(class)    (G_TYPE_CHECK_CLASS_CAST ((class), G_TYPE_TLS_CONNECTION_BASE, GTlsConnectionBaseClass))
  26 #define G_IS_TLS_CONNECTION_BASE(inst)        (G_TYPE_CHECK_INSTANCE_TYPE ((inst), G_TYPE_TLS_CONNECTION_BASE))
  27 #define G_IS_TLS_CONNECTION_BASE_CLASS(class) (G_TYPE_CHECK_CLASS_TYPE ((class), G_TYPE_TLS_CONNECTION_BASE))
  28 #define G_TLS_CONNECTION_BASE_GET_CLASS(inst) (G_TYPE_INSTANCE_GET_CLASS ((inst), G_TYPE_TLS_CONNECTION_BASE, GTlsConnectionBaseClass))
  29
  30 typedef struct _GTlsConnectionBasePrivate                   GTlsConnectionBasePrivate;
  31 typedef struct _GTlsConnectionBaseClass                     GTlsConnectionBaseClass;
  32 typedef struct _GTlsConnectionBase                          GTlsConnectionBase;
  33
  34 typedef enum {
  35   G_TLS_CONNECTION_BASE_OK,
  36   G_TLS_CONNECTION_BASE_WOULD_BLOCK,
  37   G_TLS_CONNECTION_BASE_TIMED_OUT,
  38   G_TLS_CONNECTION_BASE_REHANDSHAKE,
  39   G_TLS_CONNECTION_BASE_TRY_AGAIN,
  40   G_TLS_CONNECTION_BASE_ERROR,
  41 } GTlsConnectionBaseStatus;
  42
  43 struct _GTlsConnectionBaseClass
  44 {
  45   GTlsConnectionClass parent_class;
  46
  47   GTlsConnectionBaseStatus (*request_rehandshake)  (GTlsConnectionBase  *tls,
  48                                                     GCancellable        *cancellable,
  49                                                     GError             **error);
  50   GTlsConnectionBaseStatus (*handshake)            (GTlsConnectionBase  *tls,
  51                                                     GCancellable        *cancellable,
  52                                                     GError             **error);
  53   GTlsConnectionBaseStatus (*complete_handshake)   (GTlsConnectionBase  *tls,
  54                                                     GError             **error);
  55
  56   void                     (*push_io)              (GTlsConnectionBase  *tls,
  57                                                     GIOCondition         direction,
  58                                                     gboolean             blocking,
  59                                                     GCancellable        *cancellable);
  60   GTlsConnectionBaseStatus (*pop_io)               (GTlsConnectionBase  *tls,
  61                                                     GIOCondition         direction,
  62                                                     gboolean             success,
  63                                                     GError             **error);
  64
  65   GTlsConnectionBaseStatus (*read_fn)              (GTlsConnectionBase  *tls,
  66                                                     void                *buffer,
  67                                                     gsize                count,
  68                                                     gboolean             blocking,
  69                                                     gssize              *nread,
  70                                                     GCancellable        *cancellable,
  71                                                     GError             **error);
  72   GTlsConnectionBaseStatus (*write_fn)             (GTlsConnectionBase  *tls,
  73                                                     const void          *buffer,
  74                                                     gsize                count,
  75                                                     gboolean             blocking,
  76                                                     gssize              *nwrote,
  77                                                     GCancellable        *cancellable,
  78                                                     GError             **error);
  79
  80   GTlsConnectionBaseStatus (*close_fn)             (GTlsConnectionBase  *tls,
  81                                                     GCancellable        *cancellable,
  82                                                     GError             **error);
  83 };
  84
  85 struct _GTlsConnectionBase
  86 {
  87   GTlsConnection         parent_instance;
  88
  89   GIOStream             *base_io_stream;
  90   GPollableInputStream  *base_istream;
  91   GPollableOutputStream *base_ostream;
  92
  93   GTlsDatabase          *database;
  94   GTlsInteraction       *interaction;
  95
  96   GTlsCertificate       *certificate;
  97   gboolean               certificate_requested;
  98   GError                *certificate_error;
  99   GTlsCertificate       *peer_certificate;
 100   GTlsCertificateFlags   peer_certificate_errors;
 101
 102   gboolean               require_close_notify;
 103   GTlsRehandshakeMode    rehandshake_mode;
 104
 105   /* need_handshake means the next claim_op() will get diverted into
 106    * an implicit handshake (unless it's an OP_HANDSHAKE or OP_CLOSE*).
 107    * need_finish_handshake means the next claim_op() will get diverted
 108    * into finish_handshake() (unless it's an OP_CLOSE*).
 109    *
 110    * handshaking is TRUE as soon as a handshake thread is queued. For
 111    * a sync handshake it becomes FALSE after finish_handshake()
 112    * completes in the calling thread, but for an async implicit
 113    * handshake, it becomes FALSE (and need_finish_handshake becomes
 114    * TRUE) at the end of the handshaking thread (and then the next
 115    * non-close op will call finish_handshake()). We can't just wait
 116    * for handshake_thread_completed() to run, because it's possible
 117    * that its main loop is being blocked by a synchronous op which is
 118    * waiting for handshaking to become FALSE...
 119    *
 120    * started_handshake indicates that the current handshake attempt
 121    * got at least as far as sending the first handshake packet (and so
 122    * any error should be copied to handshake_error and returned on all
 123    * future operations). ever_handshaked indicates that TLS has been
 124    * successfully negotiated at some point.
 125    */
 126   gboolean       need_handshake;
 127   gboolean       need_finish_handshake;
 128   gboolean       started_handshake;
 129   gboolean       handshaking;
 130   gboolean       ever_handshaked;
 131   GTask         *implicit_handshake;
 132   GError        *handshake_error;
 133   GByteArray    *app_data_buf;
 134
 135   /* read_closed means the read direction has closed; write_closed similarly.
 136    * If (and only if) both are set, the entire GTlsConnection is closed. */
 137   gboolean       read_closing, read_closed;
 138   gboolean       write_closing, write_closed;
 139
 140   gboolean       reading;
 141   gboolean       read_blocking;
 142   GError        *read_error;
 143   GCancellable  *read_cancellable;
 144
 145   gboolean       writing;
 146   gboolean       write_blocking;
 147   GError        *write_error;
 148   GCancellable  *write_cancellable;
 149
 150   /*< private >*/
 151   gboolean       is_system_certdb;
 152   gboolean       database_is_unset;
 153
 154   GInputStream  *tls_istream;
 155   GOutputStream *tls_ostream;
 156
 157   GMutex         op_mutex;
 158   GCancellable  *waiting_for_op;
 159 };
 160
 161 GType g_tls_connection_base_get_type (void) G_GNUC_CONST;
 162
 163 gboolean g_tls_connection_base_accept_peer_certificate (GTlsConnectionBase   *tls,
 164                                                         GTlsCertificate      *peer_certificate,
 165                                                         GTlsCertificateFlags  peer_certificate_errors);
 166
 167 void g_tls_connection_base_set_peer_certificate (GTlsConnectionBase   *tls,
 168                                                  GTlsCertificate      *peer_certificate,
 169                                                  GTlsCertificateFlags  peer_certificate_errors);
 170
 171 void     g_tls_connection_base_push_io       (GTlsConnectionBase *tls,
 172                                               GIOCondition        direction,
 173                                               gboolean            blocking,
 174                                               GCancellable       *cancellable);
 175 GTlsConnectionBaseStatus
 176          g_tls_connection_base_pop_io        (GTlsConnectionBase  *tls,
 177                                               GIOCondition         direction,
 178                                               gboolean             success,
 179                                               GError             **error);
 180
 181 gssize   g_tls_connection_base_read          (GTlsConnectionBase  *tls,
 182                                               void                *buffer,
 183                                               gsize                size,
 184                                               gboolean             blocking,
 185                                               GCancellable        *cancellable,
 186                                               GError             **error);
 187 gssize   g_tls_connection_base_write         (GTlsConnectionBase  *tls,
 188                                               const void          *buffer,
 189                                               gsize                size,
 190                                               gboolean             blocking,
 191                                               GCancellable        *cancellable,
 192                                               GError             **error);
 193
 194 gboolean g_tls_connection_base_check         (GTlsConnectionBase  *tls,
 195                                               GIOCondition         condition);
 196 GSource *g_tls_connection_base_create_source (GTlsConnectionBase  *tls,
 197                                               GIOCondition         condition,
 198                                               GCancellable        *cancellable);
 199
 200 typedef enum {
 201         G_TLS_DIRECTION_NONE = 0,
 202         G_TLS_DIRECTION_READ = 1 << 0,
 203         G_TLS_DIRECTION_WRITE = 1 << 1,
 204 } GTlsDirection;
 205
 206 #define G_TLS_DIRECTION_BOTH (G_TLS_DIRECTION_READ | G_TLS_DIRECTION_WRITE)
 207
 208 gboolean g_tls_connection_base_close_internal (GIOStream     *stream,
 209                                                GTlsDirection  direction,
 210                                                GCancellable  *cancellable,
 211                                                GError       **error);
 212
 213 G_END_DECLS
 214
 215 #endif /* __G_TLS_CONNECTION_BASE_H___ */