[glib-networking/mcatanzaro/base-rebase: 18/33] gtlsfiledatabase-openssl: use G_DECLARE_FINAL_TYPE
- From: Michael Catanzaro <mcatanzaro src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking/mcatanzaro/base-rebase: 18/33] gtlsfiledatabase-openssl: use G_DECLARE_FINAL_TYPE
- Date: Fri, 19 Apr 2019 22:32:37 +0000 (UTC)
commit cc174ba63d16f2455ee29dc6ba00da91e6ef44b7
Author: Michael Catanzaro <mcatanzaro igalia com>
Date: Fri Apr 5 15:28:57 2019 -0500
gtlsfiledatabase-openssl: use G_DECLARE_FINAL_TYPE
tls/openssl/gtlsfiledatabase-openssl.c | 140 ++++++++++++---------------------
tls/openssl/gtlsfiledatabase-openssl.h | 22 +-----
2 files changed, 54 insertions(+), 108 deletions(-)
---
diff --git a/tls/openssl/gtlsfiledatabase-openssl.c b/tls/openssl/gtlsfiledatabase-openssl.c
index 137e83f..c5bb096 100644
--- a/tls/openssl/gtlsfiledatabase-openssl.c
+++ b/tls/openssl/gtlsfiledatabase-openssl.c
@@ -31,8 +31,10 @@
#include <glib/gi18n-lib.h>
#include "openssl-include.h"
-typedef struct _GTlsFileDatabaseOpensslPrivate
+struct _GTlsFileDatabaseOpenssl
{
+ GTlsDatabaseOpenssl parent_instance;
+
/* read-only after construct */
gchar *anchor_filename;
STACK_OF(X509) *trusted;
@@ -58,7 +60,7 @@ typedef struct _GTlsFileDatabaseOpensslPrivate
* This is a table of gchar * -> GTlsCertificate.
*/
GHashTable *certs_by_handle;
-} GTlsFileDatabaseOpensslPrivate;
+};
enum {
STATUS_FAILURE,
@@ -79,7 +81,6 @@ static void g_tls_file_database_openssl_file_database_interface_init (GTlsFileDa
static void g_tls_file_database_openssl_initable_interface_init (GInitableIface *iface);
G_DEFINE_TYPE_WITH_CODE (GTlsFileDatabaseOpenssl, g_tls_file_database_openssl, G_TYPE_TLS_DATABASE_OPENSSL,
- G_ADD_PRIVATE (GTlsFileDatabaseOpenssl)
G_IMPLEMENT_INTERFACE (G_TYPE_TLS_FILE_DATABASE,
g_tls_file_database_openssl_file_database_interface_init)
G_IMPLEMENT_INTERFACE (G_TYPE_INITABLE,
@@ -180,15 +181,12 @@ load_anchor_file (GTlsFileDatabaseOpenssl *file_database,
GHashTable *certs_by_handle,
GError **error)
{
- GTlsFileDatabaseOpensslPrivate *priv;
GList *list;
GList *l;
GBytes *der;
gchar *handle;
GError *my_error = NULL;
- priv = g_tls_file_database_openssl_get_instance_private (file_database);
-
list = g_tls_certificate_list_new_from_file (filename, &my_error);
if (my_error)
{
@@ -215,7 +213,7 @@ load_anchor_file (GTlsFileDatabaseOpenssl *file_database,
bytes_multi_table_insert (subjects, subject, der);
bytes_multi_table_insert (issuers, issuer, der);
- handle = create_handle_for_certificate (priv->anchor_filename, der);
+ handle = create_handle_for_certificate (file_database->anchor_filename, der);
g_hash_table_insert (certs_by_handle, handle, g_object_ref (l->data));
g_bytes_unref (der);
@@ -231,22 +229,19 @@ static void
g_tls_file_database_openssl_finalize (GObject *object)
{
GTlsFileDatabaseOpenssl *file_database = G_TLS_FILE_DATABASE_OPENSSL (object);
- GTlsFileDatabaseOpensslPrivate *priv;
-
- priv = g_tls_file_database_openssl_get_instance_private (file_database);
- g_clear_pointer (&priv->subjects, g_hash_table_destroy);
- g_clear_pointer (&priv->issuers, g_hash_table_destroy);
- g_clear_pointer (&priv->complete, g_hash_table_destroy);
- g_clear_pointer (&priv->certs_by_handle, g_hash_table_destroy);
+ g_clear_pointer (&file_database->subjects, g_hash_table_destroy);
+ g_clear_pointer (&file_database->issuers, g_hash_table_destroy);
+ g_clear_pointer (&file_database->complete, g_hash_table_destroy);
+ g_clear_pointer (&file_database->certs_by_handle, g_hash_table_destroy);
- g_free (priv->anchor_filename);
- priv->anchor_filename = NULL;
+ g_free (file_database->anchor_filename);
+ file_database->anchor_filename = NULL;
- if (priv->trusted != NULL)
- sk_X509_pop_free (priv->trusted, X509_free);
+ if (file_database->trusted != NULL)
+ sk_X509_pop_free (file_database->trusted, X509_free);
- g_mutex_clear (&priv->mutex);
+ g_mutex_clear (&file_database->mutex);
G_OBJECT_CLASS (g_tls_file_database_openssl_parent_class)->finalize (object);
}
@@ -258,14 +253,11 @@ g_tls_file_database_openssl_get_property (GObject *object,
GParamSpec *pspec)
{
GTlsFileDatabaseOpenssl *file_database = G_TLS_FILE_DATABASE_OPENSSL (object);
- GTlsFileDatabaseOpensslPrivate *priv;
-
- priv = g_tls_file_database_openssl_get_instance_private (file_database);
switch (prop_id)
{
case PROP_ANCHORS:
- g_value_set_string (value, priv->anchor_filename);
+ g_value_set_string (value, file_database->anchor_filename);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
@@ -327,11 +319,8 @@ g_tls_file_database_openssl_set_property (GObject *object,
GParamSpec *pspec)
{
GTlsFileDatabaseOpenssl *file_database = G_TLS_FILE_DATABASE_OPENSSL (object);
- GTlsFileDatabaseOpensslPrivate *priv;
const gchar *anchor_path;
- priv = g_tls_file_database_openssl_get_instance_private (file_database);
-
switch (prop_id)
{
case PROP_ANCHORS:
@@ -343,15 +332,15 @@ g_tls_file_database_openssl_set_property (GObject *object,
return;
}
- if (priv->anchor_filename)
+ if (file_database->anchor_filename)
{
- g_free (priv->anchor_filename);
- if (priv->trusted != NULL)
- sk_X509_pop_free (priv->trusted, X509_free);
+ g_free (file_database->anchor_filename);
+ if (file_database->trusted != NULL)
+ sk_X509_pop_free (file_database->trusted, X509_free);
}
- priv->anchor_filename = g_strdup (anchor_path);
- priv->trusted = load_certs (anchor_path);
+ file_database->anchor_filename = g_strdup (anchor_path);
+ file_database->trusted = load_certs (anchor_path);
break;
default:
G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec);
@@ -361,11 +350,7 @@ g_tls_file_database_openssl_set_property (GObject *object,
static void
g_tls_file_database_openssl_init (GTlsFileDatabaseOpenssl *file_database)
{
- GTlsFileDatabaseOpensslPrivate *priv;
-
- priv = g_tls_file_database_openssl_get_instance_private (file_database);
-
- g_mutex_init (&priv->mutex);
+ g_mutex_init (&file_database->mutex);
}
static gchar *
@@ -373,26 +358,23 @@ g_tls_file_database_openssl_create_certificate_handle (GTlsDatabase *database
GTlsCertificate *certificate)
{
GTlsFileDatabaseOpenssl *file_database = G_TLS_FILE_DATABASE_OPENSSL (database);
- GTlsFileDatabaseOpensslPrivate *priv;
GBytes *der;
gboolean contains;
gchar *handle = NULL;
- priv = g_tls_file_database_openssl_get_instance_private (file_database);
-
der = g_tls_certificate_openssl_get_bytes (G_TLS_CERTIFICATE_OPENSSL (certificate));
g_return_val_if_fail (der != NULL, FALSE);
- g_mutex_lock (&priv->mutex);
+ g_mutex_lock (&file_database->mutex);
/* At the same time look up whether this certificate is in list */
- contains = g_hash_table_lookup (priv->complete, der) ? TRUE : FALSE;
+ contains = g_hash_table_lookup (file_database->complete, der) ? TRUE : FALSE;
- g_mutex_unlock (&priv->mutex);
+ g_mutex_unlock (&file_database->mutex);
/* Certificate is in the database */
if (contains)
- handle = create_handle_for_certificate (priv->anchor_filename, der);
+ handle = create_handle_for_certificate (file_database->anchor_filename, der);
g_bytes_unref (der);
return handle;
@@ -407,22 +389,19 @@ g_tls_file_database_openssl_lookup_certificate_for_handle (GTlsDatabase
GError **error)
{
GTlsFileDatabaseOpenssl *file_database = G_TLS_FILE_DATABASE_OPENSSL (database);
- GTlsFileDatabaseOpensslPrivate *priv;
GTlsCertificate *cert;
- priv = g_tls_file_database_openssl_get_instance_private (file_database);
-
if (g_cancellable_set_error_if_cancelled (cancellable, error))
return NULL;
if (!handle)
return NULL;
- g_mutex_lock (&priv->mutex);
+ g_mutex_lock (&file_database->mutex);
- cert = g_hash_table_lookup (priv->certs_by_handle, handle);
+ cert = g_hash_table_lookup (file_database->certs_by_handle, handle);
- g_mutex_unlock (&priv->mutex);
+ g_mutex_unlock (&file_database->mutex);
return cert ? g_object_ref (cert) : NULL;
}
@@ -436,14 +415,11 @@ g_tls_file_database_openssl_lookup_certificate_issuer (GTlsDatabase
GError **error)
{
GTlsFileDatabaseOpenssl *file_database = G_TLS_FILE_DATABASE_OPENSSL (database);
- GTlsFileDatabaseOpensslPrivate *priv;
X509 *x;
unsigned long issuer_hash;
GBytes *der;
GTlsCertificate *issuer = NULL;
- priv = g_tls_file_database_openssl_get_instance_private (file_database);
-
g_return_val_if_fail (G_IS_TLS_CERTIFICATE_OPENSSL (certificate), NULL);
if (g_cancellable_set_error_if_cancelled (cancellable, error))
@@ -456,9 +432,9 @@ g_tls_file_database_openssl_lookup_certificate_issuer (GTlsDatabase
x = g_tls_certificate_openssl_get_cert (G_TLS_CERTIFICATE_OPENSSL (certificate));
issuer_hash = X509_issuer_name_hash (x);
- g_mutex_lock (&priv->mutex);
- der = bytes_multi_table_lookup_ref_one (priv->subjects, issuer_hash);
- g_mutex_unlock (&priv->mutex);
+ g_mutex_lock (&file_database->mutex);
+ der = bytes_multi_table_lookup_ref_one (file_database->subjects, issuer_hash);
+ g_mutex_unlock (&file_database->mutex);
if (g_cancellable_set_error_if_cancelled (cancellable, error))
issuer = NULL;
@@ -481,13 +457,10 @@ g_tls_file_database_openssl_lookup_certificates_issued_by (GTlsDatabase
GError **error)
{
GTlsFileDatabaseOpenssl *file_database = G_TLS_FILE_DATABASE_OPENSSL (database);
- GTlsFileDatabaseOpensslPrivate *priv;
X509_NAME *x_name;
const unsigned char *in;
GList *issued = NULL;
- priv = g_tls_file_database_openssl_get_instance_private (file_database);
-
if (g_cancellable_set_error_if_cancelled (cancellable, error))
return NULL;
@@ -505,9 +478,9 @@ g_tls_file_database_openssl_lookup_certificates_issued_by (GTlsDatabase
issuer_hash = X509_NAME_hash (x_name);
/* Find the full DER value of the certificate */
- g_mutex_lock (&priv->mutex);
- ders = bytes_multi_table_lookup_ref_all (priv->issuers, issuer_hash);
- g_mutex_unlock (&priv->mutex);
+ g_mutex_lock (&file_database->mutex);
+ ders = bytes_multi_table_lookup_ref_all (file_database->issuers, issuer_hash);
+ g_mutex_unlock (&file_database->mutex);
for (l = ders; l != NULL; l = g_list_next (l))
{
@@ -581,7 +554,6 @@ g_tls_file_database_openssl_verify_chain (GTlsDatabase *database,
GError **error)
{
GTlsFileDatabaseOpenssl *file_database;
- GTlsFileDatabaseOpensslPrivate *priv;
STACK_OF(X509) *certs;
X509_STORE *store;
X509_STORE_CTX *csc;
@@ -593,8 +565,6 @@ g_tls_file_database_openssl_verify_chain (GTlsDatabase *database,
file_database = G_TLS_FILE_DATABASE_OPENSSL (database);
- priv = g_tls_file_database_openssl_get_instance_private (file_database);
-
if (g_cancellable_set_error_if_cancelled (cancellable, error))
return G_TLS_CERTIFICATE_GENERIC_ERROR;
@@ -612,9 +582,9 @@ g_tls_file_database_openssl_verify_chain (GTlsDatabase *database,
return G_TLS_CERTIFICATE_GENERIC_ERROR;
}
- if (priv->trusted)
+ if (file_database->trusted)
{
- X509_STORE_CTX_trusted_stack (csc, priv->trusted);
+ X509_STORE_CTX_trusted_stack (csc, file_database->trusted);
}
if (X509_verify_cert (csc) <= 0)
@@ -669,12 +639,9 @@ g_tls_file_database_openssl_initable_init (GInitable *initable,
GError **error)
{
GTlsFileDatabaseOpenssl *file_database = G_TLS_FILE_DATABASE_OPENSSL (initable);
- GTlsFileDatabaseOpensslPrivate *priv;
GHashTable *subjects, *issuers, *complete, *certs_by_handle;
gboolean result;
- priv = g_tls_file_database_openssl_get_instance_private (file_database);
-
if (g_cancellable_set_error_if_cancelled (cancellable, error))
return FALSE;
@@ -689,9 +656,9 @@ g_tls_file_database_openssl_initable_init (GInitable *initable,
(GDestroyNotify)g_free,
(GDestroyNotify)g_object_unref);
- if (priv->anchor_filename)
+ if (file_database->anchor_filename)
result = load_anchor_file (file_database,
- priv->anchor_filename,
+ file_database->anchor_filename,
subjects, issuers, complete,
certs_by_handle,
error);
@@ -703,28 +670,28 @@ g_tls_file_database_openssl_initable_init (GInitable *initable,
if (result)
{
- g_mutex_lock (&priv->mutex);
- if (!priv->subjects)
+ g_mutex_lock (&file_database->mutex);
+ if (!file_database->subjects)
{
- priv->subjects = subjects;
+ file_database->subjects = subjects;
subjects = NULL;
}
- if (!priv->issuers)
+ if (!file_database->issuers)
{
- priv->issuers = issuers;
+ file_database->issuers = issuers;
issuers = NULL;
}
- if (!priv->complete)
+ if (!file_database->complete)
{
- priv->complete = complete;
+ file_database->complete = complete;
complete = NULL;
}
- if (!priv->certs_by_handle)
+ if (!file_database->certs_by_handle)
{
- priv->certs_by_handle = certs_by_handle;
+ file_database->certs_by_handle = certs_by_handle;
certs_by_handle = NULL;
}
- g_mutex_unlock (&priv->mutex);
+ g_mutex_unlock (&file_database->mutex);
}
if (subjects != NULL)
@@ -753,7 +720,6 @@ g_tls_file_database_openssl_verify_ocsp_response (GTlsDatabase *database,
#if (OPENSSL_VERSION_NUMBER >= 0x0090808fL) && !defined(OPENSSL_NO_TLSEXT) && \
!defined(OPENSSL_NO_OCSP)
GTlsFileDatabaseOpenssl *file_database;
- GTlsFileDatabaseOpensslPrivate *priv;
STACK_OF(X509) *chain_openssl = NULL;
X509_STORE *store = NULL;
OCSP_BASICRESP *basic_resp = NULL;
@@ -776,21 +742,19 @@ g_tls_file_database_openssl_verify_ocsp_response (GTlsDatabase *database,
chain_openssl = convert_certificate_chain_to_openssl (G_TLS_CERTIFICATE_OPENSSL (chain));
file_database = G_TLS_FILE_DATABASE_OPENSSL (database);
- priv = g_tls_file_database_openssl_get_instance_private (file_database);
store = X509_STORE_new ();
if ((chain_openssl == NULL) ||
(file_database == NULL) ||
- (priv == NULL) ||
- (priv->trusted == NULL) ||
+ (file_database->trusted == NULL) ||
(store == NULL))
{
errors = G_TLS_CERTIFICATE_GENERIC_ERROR;
goto end;
}
- for (i = 0; i < sk_X509_num (priv->trusted); i++)
+ for (i = 0; i < sk_X509_num (file_database->trusted); i++)
{
- X509_STORE_add_cert (store, sk_X509_value (priv->trusted, i));
+ X509_STORE_add_cert (store, sk_X509_value (file_database->trusted, i));
}
if (OCSP_basic_verify (basic_resp, chain_openssl, store, 0) <= 0)
diff --git a/tls/openssl/gtlsfiledatabase-openssl.h b/tls/openssl/gtlsfiledatabase-openssl.h
index 818b13d..6b6aece 100644
--- a/tls/openssl/gtlsfiledatabase-openssl.h
+++ b/tls/openssl/gtlsfiledatabase-openssl.h
@@ -33,26 +33,8 @@
G_BEGIN_DECLS
#define G_TYPE_TLS_FILE_DATABASE_OPENSSL (g_tls_file_database_openssl_get_type ())
-#define G_TLS_FILE_DATABASE_OPENSSL(inst) (G_TYPE_CHECK_INSTANCE_CAST ((inst),
G_TYPE_TLS_FILE_DATABASE_OPENSSL, GTlsFileDatabaseOpenssl))
-#define G_TLS_FILE_DATABASE_OPENSSL_CLASS(class) (G_TYPE_CHECK_CLASS_CAST ((class),
G_TYPE_TLS_FILE_DATABASE_OPENSSL, GTlsFileDatabaseOpensslClass))
-#define G_IS_TLS_FILE_DATABASE_OPENSSL(inst) (G_TYPE_CHECK_INSTANCE_TYPE ((inst),
G_TYPE_TLS_FILE_DATABASE_OPENSSL))
-#define G_IS_TLS_FILE_DATABASE_OPENSSL_CLASS(class) (G_TYPE_CHECK_CLASS_TYPE ((class),
G_TYPE_TLS_FILE_DATABASE_OPENSSL))
-#define G_TLS_FILE_DATABASE_OPENSSL_GET_CLASS(inst) (G_TYPE_INSTANCE_GET_CLASS ((inst),
G_TYPE_TLS_FILE_DATABASE_OPENSSL, GTlsFileDatabaseOpensslClass))
-
-typedef struct _GTlsFileDatabaseOpensslClass GTlsFileDatabaseOpensslClass;
-typedef struct _GTlsFileDatabaseOpenssl GTlsFileDatabaseOpenssl;
-
-struct _GTlsFileDatabaseOpensslClass
-{
- GTlsDatabaseOpensslClass parent_class;
-};
-
-struct _GTlsFileDatabaseOpenssl
-{
- GTlsDatabaseOpenssl parent_instance;
-};
-
-GType g_tls_file_database_openssl_get_type (void) G_GNUC_CONST;
+
+G_DECLARE_FINAL_TYPE (GTlsFileDatabaseOpenssl, g_tls_file_database_openssl, G, TLS_FILE_DATABASE_OPENSSL,
GTlsDatabaseOpenssl)
GTlsCertificateFlags g_tls_file_database_openssl_verify_ocsp_response (GTlsDatabase *database,
GTlsCertificate *chain,
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
