pidgin/pidgin

closing merged branch
port-changes-from-branch-2.x.y-to-default
16 months ago, Gary Kramlich
2f836435c33c
closing merged branch
/* purple
*
* Purple is the legal property of its developers, whose names are too numerous
* to list here. Please refer to the COPYRIGHT file distributed with this
* source distribution.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02111-1301 USA
*/
#include "internal.h"
#include "debug.h"
#include "plugins.h"
#include "request.h"
#include "sslconn.h"
#define CONNECTION_CLOSE_TIMEOUT 15
static void
emit_error(PurpleSslConnection *gsc, int error_code)
{
if (gsc->error_cb != NULL)
gsc->error_cb(gsc, error_code, gsc->connect_cb_data);
}
static void
tls_handshake_cb(GObject *source, GAsyncResult *res, gpointer user_data)
{
PurpleSslConnection *gsc = user_data;
GError *error = NULL;
if (!g_tls_connection_handshake_finish(G_TLS_CONNECTION(source), res,
&error)) {
if (g_error_matches(error, G_IO_ERROR, G_IO_ERROR_CANCELLED)) {
/* Connection already closed/freed. Escape. */
return;
} else if (g_error_matches(error, G_TLS_ERROR,
G_TLS_ERROR_HANDSHAKE)) {
/* In Gio, a handshake error is because of the cert */
emit_error(gsc, PURPLE_SSL_CERTIFICATE_INVALID);
} else {
/* Report any other errors as handshake failing */
emit_error(gsc, PURPLE_SSL_HANDSHAKE_FAILED);
}
purple_ssl_close(gsc);
return;
}
gsc->connect_cb(gsc->connect_cb_data, gsc, PURPLE_INPUT_READ);
}
static gboolean
tls_connect(PurpleSslConnection *gsc)
{
GSocket *socket;
GSocketConnection *conn;
GSocketConnectable *identity;
GIOStream *tls_conn;
GError *error = NULL;
g_return_val_if_fail(gsc->conn == NULL, FALSE);
socket = g_socket_new_from_fd(gsc->fd, &error);
if (socket == NULL) {
purple_debug_warning("sslconn",
"Error creating socket from fd (%u): %s",
gsc->fd, error->message);
g_clear_error(&error);
return FALSE;
}
conn = g_socket_connection_factory_create_connection(socket);
g_object_unref(socket);
identity = g_network_address_new(gsc->host, gsc->port);
tls_conn = g_tls_client_connection_new(G_IO_STREAM(conn), identity,
&error);
g_object_unref(identity);
g_object_unref(conn);
if (tls_conn == NULL) {
purple_debug_warning("sslconn",
"Error creating TLS client connection: %s",
error->message);
g_clear_error(&error);
return FALSE;
}
gsc->conn = G_TLS_CONNECTION(tls_conn);
gsc->cancellable = g_cancellable_new();
g_tls_connection_handshake_async(gsc->conn, G_PRIORITY_DEFAULT,
gsc->cancellable, tls_handshake_cb, gsc);
return TRUE;
}
static void
purple_ssl_connect_cb(gpointer data, gint source, const gchar *error_message)
{
PurpleSslConnection *gsc;
gsc = data;
gsc->connect_data = NULL;
if (source < 0)
{
emit_error(gsc, PURPLE_SSL_CONNECT_FAILED);
purple_ssl_close(gsc);
return;
}
gsc->fd = source;
if (!tls_connect(gsc)) {
emit_error(gsc, PURPLE_SSL_CONNECT_FAILED);
purple_ssl_close(gsc);
}
}
PurpleSslConnection *
purple_ssl_connect(PurpleAccount *account, const char *host, int port,
PurpleSslInputFunction func, PurpleSslErrorFunction error_func,
void *data)
{
return purple_ssl_connect_with_ssl_cn(account, host, port, func, error_func,
NULL, data);
}
PurpleSslConnection *
purple_ssl_connect_with_ssl_cn(PurpleAccount *account, const char *host, int port,
PurpleSslInputFunction func, PurpleSslErrorFunction error_func,
const char *ssl_cn, void *data)
{
PurpleSslConnection *gsc;
g_return_val_if_fail(host != NULL, NULL);
g_return_val_if_fail(port != 0 && port != -1, NULL);
g_return_val_if_fail(func != NULL, NULL);
gsc = g_new0(PurpleSslConnection, 1);
gsc->fd = -1;
gsc->host = ssl_cn ? g_strdup(ssl_cn) : g_strdup(host);
gsc->port = port;
gsc->connect_cb_data = data;
gsc->connect_cb = func;
gsc->error_cb = error_func;
gsc->connect_data = purple_proxy_connect(NULL, account, host, port, purple_ssl_connect_cb, gsc);
if (gsc->connect_data == NULL)
{
g_free(gsc->host);
g_free(gsc);
return NULL;
}
return (PurpleSslConnection *)gsc;
}
static gboolean
recv_cb(GObject *source, gpointer data)
{
PurpleSslConnection *gsc = data;
gsc->recv_cb(gsc->recv_cb_data, gsc, PURPLE_INPUT_READ);
return TRUE;
}
void
purple_ssl_input_add(PurpleSslConnection *gsc, PurpleSslInputFunction func,
void *data)
{
GInputStream *input;
GSource *source;
g_return_if_fail(func != NULL);
g_return_if_fail(gsc->conn != NULL);
purple_ssl_input_remove(gsc);
gsc->recv_cb_data = data;
gsc->recv_cb = func;
input = g_io_stream_get_input_stream(G_IO_STREAM(gsc->conn));
/* Pass NULL for cancellable as we don't want it notified on cancel */
source = g_pollable_input_stream_create_source(
G_POLLABLE_INPUT_STREAM(input), NULL);
g_source_set_callback(source, (GSourceFunc)recv_cb, gsc, NULL);
gsc->inpa = g_source_attach(source, NULL);
g_source_unref(source);
}
void
purple_ssl_input_remove(PurpleSslConnection *gsc)
{
if (gsc->inpa > 0) {
g_source_remove(gsc->inpa);
gsc->inpa = 0;
}
}
const gchar *
purple_ssl_strerror(PurpleSslErrorType error)
{
switch(error) {
case PURPLE_SSL_CONNECT_FAILED:
return _("SSL Connection Failed");
case PURPLE_SSL_HANDSHAKE_FAILED:
return _("SSL Handshake Failed");
case PURPLE_SSL_CERTIFICATE_INVALID:
return _("SSL peer presented an invalid certificate");
default:
purple_debug_warning("sslconn", "Unknown SSL error code %d\n", error);
return _("Unknown SSL error");
}
}
PurpleSslConnection *
purple_ssl_connect_with_host_fd(PurpleAccount *account, int fd,
PurpleSslInputFunction func,
PurpleSslErrorFunction error_func,
const char *host,
void *data)
{
PurpleSslConnection *gsc;
g_return_val_if_fail(fd != -1, NULL);
g_return_val_if_fail(func != NULL, NULL);
gsc = g_new0(PurpleSslConnection, 1);
gsc->connect_cb_data = data;
gsc->connect_cb = func;
gsc->error_cb = error_func;
gsc->fd = fd;
gsc->host = g_strdup(host);
gsc->cancellable = g_cancellable_new();
if (!tls_connect(gsc)) {
emit_error(gsc, PURPLE_SSL_CONNECT_FAILED);
g_clear_pointer(&gsc, purple_ssl_close);
}
return (PurpleSslConnection *)gsc;
}
static void
connection_closed_cb(GObject *stream, GAsyncResult *result,
gpointer timeout_id)
{
GError *error = NULL;
g_source_remove(GPOINTER_TO_UINT(timeout_id));
g_io_stream_close_finish(G_IO_STREAM(stream), result, &error);
if (error) {
purple_debug_info("sslconn", "Connection close error: %s",
error->message);
g_clear_error(&error);
} else {
purple_debug_info("sslconn", "Connection closed.");
}
}
static void
cleanup_cancellable_cb(gpointer data, GObject *where_the_object_was)
{
g_object_unref(G_CANCELLABLE(data));
}
void
purple_ssl_close(PurpleSslConnection *gsc)
{
g_return_if_fail(gsc != NULL);
purple_request_close_with_handle(gsc);
purple_notify_close_with_handle(gsc);
if (gsc->connect_data != NULL)
purple_proxy_connect_cancel(gsc->connect_data);
if (gsc->inpa > 0)
purple_input_remove(gsc->inpa);
/* Stop any pending operations */
if (G_IS_CANCELLABLE(gsc->cancellable)) {
g_cancellable_cancel(gsc->cancellable);
g_clear_object(&gsc->cancellable);
}
if (gsc->conn != NULL) {
GCancellable *cancellable;
guint timer_id;
cancellable = g_cancellable_new();
g_object_weak_ref(G_OBJECT(gsc->conn), cleanup_cancellable_cb,
cancellable);
timer_id = g_timeout_add_seconds(CONNECTION_CLOSE_TIMEOUT,
(GSourceFunc)g_cancellable_cancel, cancellable);
g_io_stream_close_async(G_IO_STREAM(gsc->conn),
G_PRIORITY_DEFAULT, cancellable,
connection_closed_cb,
GUINT_TO_POINTER(timer_id));
g_clear_object(&gsc->conn);
}
g_free(gsc->host);
g_free(gsc);
}
size_t
purple_ssl_read(PurpleSslConnection *gsc, void *data, size_t len)
{
GInputStream *input;
gssize outlen;
GError *error = NULL;
g_return_val_if_fail(gsc != NULL, 0);
g_return_val_if_fail(data != NULL, 0);
g_return_val_if_fail(len > 0, 0);
g_return_val_if_fail(gsc->conn != NULL, 0);
input = g_io_stream_get_input_stream(G_IO_STREAM(gsc->conn));
outlen = g_pollable_input_stream_read_nonblocking(
G_POLLABLE_INPUT_STREAM(input), data, len,
gsc->cancellable, &error);
if (outlen < 0) {
if (g_error_matches(error, G_IO_ERROR,
G_IO_ERROR_WOULD_BLOCK)) {
errno = EAGAIN;
}
g_clear_error(&error);
}
return outlen;
}
size_t
purple_ssl_write(PurpleSslConnection *gsc, const void *data, size_t len)
{
GOutputStream *output;
gssize outlen;
GError *error = NULL;
g_return_val_if_fail(gsc != NULL, 0);
g_return_val_if_fail(data != NULL, 0);
g_return_val_if_fail(len > 0, 0);
g_return_val_if_fail(gsc->conn != NULL, 0);
output = g_io_stream_get_output_stream(G_IO_STREAM(gsc->conn));
outlen = g_pollable_output_stream_write_nonblocking(
G_POLLABLE_OUTPUT_STREAM(output), data, len,
gsc->cancellable, &error);
if (outlen < 0) {
if (g_error_matches(error, G_IO_ERROR,
G_IO_ERROR_WOULD_BLOCK)) {
errno = EAGAIN;
}
g_clear_error(&error);
}
return outlen;
}
GList *
purple_ssl_get_peer_certificates(PurpleSslConnection *gsc)
{
GTlsCertificate *certificate;
g_return_val_if_fail(gsc != NULL, NULL);
g_return_val_if_fail(gsc->conn != NULL, NULL);
certificate = g_tls_connection_get_peer_certificate(gsc->conn);
return certificate != NULL ? g_list_append(NULL, certificate) : NULL;
}