[glib-networking/tls-database] Integrate gnutls-pkcs11 backend as a proper extension.
- From: Stefan Walter <stefw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking/tls-database] Integrate gnutls-pkcs11 backend as a proper extension.
- Date: Tue, 18 Jan 2011 20:18:35 +0000 (UTC)
commit efce4f20e57953f143d5afb57461d81bcde3b3bf
Author: Stef Walter <stefw collabora co uk>
Date: Tue Jan 18 14:17:43 2011 -0600
Integrate gnutls-pkcs11 backend as a proper extension.
Use GIO_USE_TLS=gnutls-pkcs11 environment variable to enable
the gnutls-pkcs11 backend.
tls/gnutls/Makefile.am | 2 +
tls/gnutls/gnutls-module.c | 2 +
tls/gnutls/gtlsbackend-gnutls-pkcs11.c | 73 ++++++++++++++++++++++++++++++++
tls/gnutls/gtlsbackend-gnutls-pkcs11.h | 51 ++++++++++++++++++++++
tls/gnutls/gtlsbackend-gnutls.c | 20 +++++++--
tls/gnutls/gtlsbackend-gnutls.h | 3 +
tls/gnutls/gtlspkcs11database-gnutls.c | 9 ++++-
tls/gnutls/gtlspkcs11database-gnutls.h | 2 +-
tls/pkcs11/gpkcs11slot.c | 6 +--
9 files changed, 157 insertions(+), 11 deletions(-)
---
diff --git a/tls/gnutls/Makefile.am b/tls/gnutls/Makefile.am
index 268fc0b..8d6aa60 100644
--- a/tls/gnutls/Makefile.am
+++ b/tls/gnutls/Makefile.am
@@ -22,6 +22,8 @@ libgiognutls_la_SOURCES = \
gnutls-marshal.h \
gtlsbackend-gnutls.c \
gtlsbackend-gnutls.h \
+ gtlsbackend-gnutls-pkcs11.c \
+ gtlsbackend-gnutls-pkcs11.h \
gtlscertificate-gnutls.c \
gtlscertificate-gnutls.h \
gtlsclientconnection-gnutls.c \
diff --git a/tls/gnutls/gnutls-module.c b/tls/gnutls/gnutls-module.c
index 393757f..b243850 100644
--- a/tls/gnutls/gnutls-module.c
+++ b/tls/gnutls/gnutls-module.c
@@ -23,12 +23,14 @@
#include <gio/gio.h>
#include "gtlsbackend-gnutls.h"
+#include "gtlsbackend-gnutls-pkcs11.h"
void
g_io_module_load (GIOModule *module)
{
g_tls_backend_gnutls_register (module);
+ g_tls_backend_gnutls_pkcs11_register (module);
}
void
diff --git a/tls/gnutls/gtlsbackend-gnutls-pkcs11.c b/tls/gnutls/gtlsbackend-gnutls-pkcs11.c
new file mode 100644
index 0000000..ee2214b
--- /dev/null
+++ b/tls/gnutls/gtlsbackend-gnutls-pkcs11.c
@@ -0,0 +1,73 @@
+/* GIO - GLib Input, Output and Streaming Library
+ *
+ * Copyright © 2011 Collabora, Ltd.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General
+ * Public License along with this library; if not, write to the
+ * Free Software Foundation, Inc., 59 Temple Place, Suite 330,
+ * Boston, MA 02111-1307, USA.
+ *
+ * Author: Stef Walter <stef collabora co uk>
+ */
+
+#include "config.h"
+#include "glib.h"
+
+#include <errno.h>
+
+#include <gnutls/gnutls.h>
+#include <gcrypt.h>
+#ifndef G_OS_WIN32
+#include <pthread.h>
+#endif
+
+#include "gtlsbackend-gnutls-pkcs11.h"
+#include "gtlspkcs11database-gnutls.h"
+
+G_DEFINE_DYNAMIC_TYPE (GTlsBackendGnutlsPkcs11, g_tls_backend_gnutls_pkcs11, G_TYPE_TLS_BACKEND_GNUTLS);
+
+static void
+g_tls_backend_gnutls_pkcs11_init (GTlsBackendGnutlsPkcs11 *backend)
+{
+
+}
+
+static GTlsDatabase*
+g_tls_backend_gnutls_pkcs11_create_database (GTlsBackendGnutls *backend,
+ GError **error)
+{
+ return g_tls_pkcs11_database_gnutls_new (error);
+}
+
+static void
+g_tls_backend_gnutls_pkcs11_class_init (GTlsBackendGnutlsPkcs11Class *backend_class)
+{
+ GTlsBackendGnutlsClass *gnutls_class = G_TLS_BACKEND_GNUTLS_CLASS (backend_class);
+ gnutls_class->create_database = g_tls_backend_gnutls_pkcs11_create_database;
+}
+
+static void
+g_tls_backend_gnutls_pkcs11_class_finalize (GTlsBackendGnutlsPkcs11Class *backend_class)
+{
+
+}
+
+void
+g_tls_backend_gnutls_pkcs11_register (GIOModule *module)
+{
+ g_tls_backend_gnutls_pkcs11_register_type (G_TYPE_MODULE (module));
+ g_io_extension_point_implement (G_TLS_BACKEND_EXTENSION_POINT_NAME,
+ g_tls_backend_gnutls_pkcs11_get_type(),
+ "gnutls-pkcs11",
+ -5);
+}
diff --git a/tls/gnutls/gtlsbackend-gnutls-pkcs11.h b/tls/gnutls/gtlsbackend-gnutls-pkcs11.h
new file mode 100644
index 0000000..219a74c
--- /dev/null
+++ b/tls/gnutls/gtlsbackend-gnutls-pkcs11.h
@@ -0,0 +1,51 @@
+/* GIO - GLib Backend, Output and Gnutlsing Library
+ *
+ * Copyright © 2011 Collabora, Ltd.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published
+ * by the Free Software Foundation; either version 2 of the licence or (at
+ * your option) any later version.
+ *
+ * See the included COPYING file for more information.
+ *
+ * Author: Stef Walter <stef collabora co uk>
+ */
+
+#ifndef __G_TLS_BACKEND_GNUTLS_PKCS11_H__
+#define __G_TLS_BACKEND_GNUTLS_PKCS11_H__
+
+#include <gio/gio.h>
+#include <gnutls/gnutls.h>
+
+#include "gtlsbackend-gnutls.h"
+
+G_BEGIN_DECLS
+
+#define G_TYPE_TLS_BACKEND_GNUTLS_PKCS11 (g_tls_backend_gnutls_pkcs11get_type ())
+#define G_TLS_BACKEND_GNUTLS_PKCS11(inst) (G_TYPE_CHECK_INSTANCE_CAST ((inst), G_TYPE_TLS_BACKEND_GNUTLS_PKCS11, GTlsBackendGnutlsPkcs11))
+#define G_TLS_BACKEND_GNUTLS_PKCS11_CLASS(class) (G_TYPE_CHECK_CLASS_CAST ((class), G_TYPE_TLS_BACKEND_GNUTLS_PKCS11, GTlsBackendGnutlsPkcs11Class))
+#define G_IS_TLS_BACKEND_GNUTLS_PKCS11(inst) (G_TYPE_CHECK_INSTANCE_TYPE ((inst), G_TYPE_TLS_BACKEND_GNUTLS_PKCS11))
+#define G_IS_TLS_BACKEND_GNUTLS_PKCS11_CLASS(class) (G_TYPE_CHECK_CLASS_TYPE ((class), G_TYPE_TLS_BACKEND_GNUTLS_PKCS11))
+#define G_TLS_BACKEND_GNUTLS_PKCS11_GET_CLASS(inst) (G_TYPE_INSTANCE_GET_CLASS ((inst), G_TYPE_TLS_BACKEND_GNUTLS_PKCS11, GTlsBackendGnutlsPkcs11Class))
+
+typedef struct _GTlsBackendGnutlsPkcs11 GTlsBackendGnutlsPkcs11;
+typedef struct _GTlsBackendGnutlsPkcs11Class GTlsBackendGnutlsPkcs11Class;
+
+struct _GTlsBackendGnutlsPkcs11Class
+{
+ GTlsBackendGnutlsClass parent_class;
+};
+
+struct _GTlsBackendGnutlsPkcs11
+{
+ GTlsBackendGnutls parent_instance;
+};
+
+GType g_tls_backend_gnutls_pkcs11_get_type (void) G_GNUC_CONST;
+
+void g_tls_backend_gnutls_pkcs11_register (GIOModule *module);
+
+G_END_DECLS
+
+#endif /* __G_TLS_BACKEND_GNUTLS_H___ */
diff --git a/tls/gnutls/gtlsbackend-gnutls.c b/tls/gnutls/gtlsbackend-gnutls.c
index 75b3e93..be7cd16 100644
--- a/tls/gnutls/gtlsbackend-gnutls.c
+++ b/tls/gnutls/gtlsbackend-gnutls.c
@@ -144,11 +144,23 @@ g_tls_backend_gnutls_finalize (GObject *object)
G_OBJECT_CLASS (g_tls_backend_gnutls_parent_class)->finalize (object);
}
+static GTlsDatabase*
+g_tls_backend_gnutls_real_create_database (GTlsBackendGnutls *self,
+ GError **error)
+{
+ const gchar *anchor_file = NULL;
+#ifdef GTLS_SYSTEM_CA_FILE
+ anchor_file = GTLS_SYSTEM_CA_FILE;
+#endif
+ return g_tls_file_database_new (anchor_file, error);
+}
+
static void
g_tls_backend_gnutls_class_init (GTlsBackendGnutlsClass *backend_class)
{
GObjectClass *gobject_class = G_OBJECT_CLASS (backend_class);
gobject_class->finalize = g_tls_backend_gnutls_finalize;
+ backend_class->create_database = g_tls_backend_gnutls_real_create_database;
g_type_class_add_private (backend_class, sizeof (GTlsBackendGnutlsPrivate));
}
@@ -161,7 +173,6 @@ static GTlsDatabase*
g_tls_backend_gnutls_get_default_database (GTlsBackend *backend)
{
GTlsBackendGnutls *self = G_TLS_BACKEND_GNUTLS (backend);
- const gchar *anchor_file = NULL;
GTlsDatabase *result;
GError *error = NULL;
@@ -173,10 +184,8 @@ g_tls_backend_gnutls_get_default_database (GTlsBackend *backend)
}
else
{
-#ifdef GTLS_SYSTEM_CA_FILE
- anchor_file = GTLS_SYSTEM_CA_FILE;
-#endif
- result = g_tls_file_database_new (anchor_file, &error);
+ g_assert (G_TLS_BACKEND_GNUTLS_GET_CLASS (self)->create_database);
+ result = G_TLS_BACKEND_GNUTLS_GET_CLASS (self)->create_database (self, &error);
if (error)
{
g_warning ("couldn't load TLS file database: %s",
@@ -185,6 +194,7 @@ g_tls_backend_gnutls_get_default_database (GTlsBackend *backend)
}
else
{
+ g_assert (result);
self->priv->default_database = g_object_ref (result);
}
}
diff --git a/tls/gnutls/gtlsbackend-gnutls.h b/tls/gnutls/gtlsbackend-gnutls.h
index 6ab0344..f597a50 100644
--- a/tls/gnutls/gtlsbackend-gnutls.h
+++ b/tls/gnutls/gtlsbackend-gnutls.h
@@ -32,6 +32,9 @@ typedef struct _GTlsBackendGnutlsPrivate GTlsBackendGnutlsPrivate;
struct _GTlsBackendGnutlsClass
{
GObjectClass parent_class;
+
+ GTlsDatabase* (*create_database) (GTlsBackendGnutls *self,
+ GError **error);
};
struct _GTlsBackendGnutls
diff --git a/tls/gnutls/gtlspkcs11database-gnutls.c b/tls/gnutls/gtlspkcs11database-gnutls.c
index 9181a02..3c5135b 100644
--- a/tls/gnutls/gtlspkcs11database-gnutls.c
+++ b/tls/gnutls/gtlspkcs11database-gnutls.c
@@ -299,7 +299,7 @@ load_and_setup_all_modules (GTlsPkcs11DatabaseGnutls *self,
}
g_strfreev (paths);
- return any_failure && !any_success;
+ return !(any_failure && !any_success);
}
static void
@@ -617,3 +617,10 @@ g_tls_pkcs11_database_gnutls_initable_iface_init (GInitableIface *iface)
{
iface->init = g_tls_pkcs11_database_gnutls_initable_init;
}
+
+GTlsDatabase*
+g_tls_pkcs11_database_gnutls_new (GError **error)
+{
+ g_return_val_if_fail (!error || !*error, NULL);
+ return g_initable_new (G_TYPE_TLS_PKCS11_DATABASE_GNUTLS, NULL, error, NULL);
+}
diff --git a/tls/gnutls/gtlspkcs11database-gnutls.h b/tls/gnutls/gtlspkcs11database-gnutls.h
index bc3771c..f10e93a 100644
--- a/tls/gnutls/gtlspkcs11database-gnutls.h
+++ b/tls/gnutls/gtlspkcs11database-gnutls.h
@@ -45,7 +45,7 @@ struct _GTlsPkcs11DatabaseGnutls
GType g_tls_pkcs11_database_gnutls_get_type (void) G_GNUC_CONST;
-GTlsDatabase* g_tls_pkcs11_database_gnutls_new (void);
+GTlsDatabase* g_tls_pkcs11_database_gnutls_new (GError **error);
G_END_DECLS
diff --git a/tls/pkcs11/gpkcs11slot.c b/tls/pkcs11/gpkcs11slot.c
index bd6cf69..8d8ba33 100644
--- a/tls/pkcs11/gpkcs11slot.c
+++ b/tls/pkcs11/gpkcs11slot.c
@@ -63,7 +63,7 @@ session_checkout_or_open (GPkcs11Slot *self,
self->priv->last_session = 0;
}
- g_mutex_lock (self->priv->mutex);
+ g_mutex_unlock (self->priv->mutex);
if (session)
return session;
@@ -107,7 +107,7 @@ session_checkin_or_close (GPkcs11Slot *self,
session = 0;
}
- g_mutex_lock (self->priv->mutex);
+ g_mutex_unlock (self->priv->mutex);
if (session != 0)
session_close (self, session);
@@ -271,8 +271,6 @@ g_pkcs11_slot_class_init (GPkcs11SlotClass *klass)
gobject_class->dispose = g_pkcs11_slot_dispose;
gobject_class->finalize = g_pkcs11_slot_finalize;
- g_type_class_add_private (klass, sizeof (GPkcs11SlotPrivate));
-
g_object_class_install_property (gobject_class, PROP_MODULE,
g_param_spec_pointer ("module",
N_("Module"),
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
